Vulnerability CVE-2012-3544 - CERT Civis.Net

Vulnerability Name:

CVE-2012-3544 (CCN-84952)

Assigned:

2012-08-29

Published:

2012-08-29

Updated:

2019-04-15

Summary:

Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: BUGTRAQ
Type: UNKNOWN
20130510 [SECURITY] CVE-2012-3544 Chunked transfer encoding extension size is not limited

Source: MITRE
Type: CNA
CVE-2012-3544

Source: CCN
Type: RHSA-2013-1011
Moderate: Red Hat JBoss Web Server 2.0.1 update

Source: CCN
Type: RHSA-2013-1012
Moderate: Red Hat JBoss Web Server 2.0.1 update

Source: FULLDISC
Type: UNKNOWN
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities

Source: CONFIRM
Type: Patch
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java?r1=1476592&r2=1476591&pathrev=1476592

Source: CCN
Type: Apache SVN Repository
Revision 1378702

Source: CONFIRM
Type: Patch
http://svn.apache.org/viewvc?view=revision&revision=1378702

Source: CONFIRM
Type: Patch
http://svn.apache.org/viewvc?view=revision&revision=1378921

Source: CONFIRM
Type: Patch
http://svn.apache.org/viewvc?view=revision&revision=1476592

Source: CONFIRM
Type: Vendor Advisory
http://tomcat.apache.org/security-6.html

Source: CONFIRM
Type: Vendor Advisory
http://tomcat.apache.org/security-7.html

Source: DEBIAN
Type: DSA-2725
tomcat6 -- several vulnerabilities

Source: CCN
Type: Oracle Web site
Oracle Critical Patch Update Advisory - January 2014

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

Source: CCN
Type: Oracle Critical Patch Update Advisory - July 2014
Oracle Critical Patch Update Advisory - July 2014

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Source: BUGTRAQ
Type: UNKNOWN
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities

Source: BID
Type: UNKNOWN
59797

Source: CCN
Type: BID-59797
Apache Tomcat CVE-2012-3544 Denial of Service Vulnerability

Source: BID
Type: UNKNOWN
64758

Source: CCN
Type: BID-64758
RETIRED: Oracle January 2014 Critical Patch Update Multiple Vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-1841-1

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/security/advisories/VMSA-2014-0012.html

Source: XF
Type: UNKNOWN
apache-tomcat-cve20123544-dos(84952)

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/

Source: CCN
Type: IBM Security Bulletin 6496741 (Sterling B2B Integrator)
Apache Log4j Vulnerabilities Affect IBM Sterling B2B Integrator

Source: CCN
Type: IBM Security Bulletin 6595755 (Disconnected Log Collector)
IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2012-3544

Vulnerable Configuration:

Configuration 1:

cpe:/a:apache:tomcat:6.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.1:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.2:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.3:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.4:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.5:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.7:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.8:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.9:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.10:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.11:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.12:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.13:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.14:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.15:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.16:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.17:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.18:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.19:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.20:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.24:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.26:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.27:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.28:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.29:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.30:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.31:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.32:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.33:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.35:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.36:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:apache:tomcat:7.0.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.1:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.2:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.3:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.4:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.5:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.7:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.8:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.9:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.10:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.11:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.12:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.13:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.14:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.15:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.16:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.17:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.18:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.19:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.20:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.21:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.22:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.23:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.25:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.28:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:apache:tomcat:6.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.1:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.10:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.11:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.12:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.13:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.14:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.15:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.2:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.3:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.4:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.5:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.7:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.8:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.9:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.16:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.18:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.17:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.20:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.19:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.24:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.26:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.27:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.28:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.29:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.1:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.2:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.3:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.4:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.8:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.5:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.7:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.9:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.10:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.11:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.12:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.13:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.30:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.31:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.32:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.16:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.21:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.33:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.14:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.15:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.17:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.18:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.19:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.20:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.22:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.23:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.25:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.35:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.28:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.36:*:*:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:5.2.0.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20123544	V	CVE-2012-3544	2022-05-20
oval:org.opensuse.security:def:34607	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:34600	P	Security update for openexr (Moderate)	2021-12-01
oval:org.opensuse.security:def:32232	P	Security update for webkit2gtk3 (Important)	2021-12-01
oval:org.opensuse.security:def:29442	P	Security update for binutils (Moderate)	2021-11-09
oval:org.opensuse.security:def:33990	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:30132	P	Security update for libqt5-qtbase (Important)	2021-09-30
oval:org.opensuse.security:def:30125	P	Security update for transfig (Moderate)	2021-09-16
oval:org.opensuse.security:def:30121	P	Security update for openexr (Important)	2021-09-02
oval:org.opensuse.security:def:30120	P	Security update for bind (Moderate)	2021-08-30
oval:org.opensuse.security:def:34517	P	Security update for openssl-1_1 (Important)	2021-08-24
oval:org.opensuse.security:def:30114	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:30113	P	Security update for fetchmail (Moderate)	2021-08-18
oval:org.opensuse.security:def:34510	P	Security update for spice-vdagent (Moderate)	2021-08-17
oval:org.opensuse.security:def:33946	P	Security update for systemd (Important)	2021-07-21
oval:org.opensuse.security:def:32145	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:34460	P	Security update for the Linux Kernel (Important)	2021-06-09
oval:org.opensuse.security:def:33922	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:42719	P	tomcat6-6.0.41-0.43.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:30206	P	Security update for MozillaFirefox (Important)	2021-06-08
oval:org.opensuse.security:def:34453	P	Security update for shim (Important)	2021-06-08
oval:org.opensuse.security:def:36312	P	tomcat6-6.0.41-0.43.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:26065	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:30199	P	Security update for djvulibre (Important)	2021-05-31
oval:org.opensuse.security:def:32088	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:29356	P	Security update for samba (Important)	2021-04-29
oval:org.opensuse.security:def:31609	P	Security update for sudo (Important)	2021-04-20
oval:org.opensuse.security:def:34668	P	Security update for opensc (Moderate)	2021-03-31
oval:org.opensuse.security:def:33777	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:26203	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:34628	P	Security update for screen (Important)	2021-02-17
oval:org.opensuse.security:def:26146	P	Security update for python3 (Important)	2021-02-08
oval:org.opensuse.security:def:33883	P	Security update for MozillaFirefox (Critical)	2020-12-21
oval:org.opensuse.security:def:33620	P	Security update for xen (Important)	2020-12-07
oval:org.opensuse.security:def:35613	P	mono-core-2.0.1-1.19.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35654	P	xpdf-tools-3.02-138.26.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35620	P	openssh-5.1p1-41.31.36 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35661	P	OpenEXR-1.6.1-83.17.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:30427	P	Security update for xorg-x11-libs (Moderate)	2020-12-01
oval:org.opensuse.security:def:30781	P	Security update for bind	2020-12-01
oval:org.opensuse.security:def:30933	P	Recommended update for ghostscript-library (Important)	2020-12-01
oval:org.opensuse.security:def:31778	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31996	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:32388	P	Security update for tomcat6 (Important)	2020-12-01
oval:org.opensuse.security:def:32554	P	libltdl7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33245	P	python-pywbem on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34135	P	Security update for ntp (Moderate)	2020-12-01
oval:org.opensuse.security:def:34866	P	Security update for cloud-init (Moderate)	2020-12-01
oval:org.opensuse.security:def:34131	P	Security update for ntp (Important)	2020-12-01
oval:org.opensuse.security:def:34824	P	Security update for augeas (Moderate)	2020-12-01
oval:org.opensuse.security:def:34982	P	Security update for ghostscript-library (Moderate)	2020-12-01
oval:org.opensuse.security:def:25862	P	Recommended update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:26491	P	Security update for nextcloud (Moderate)	2020-12-01
oval:org.opensuse.security:def:26637	P	ruby on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29144	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:29737	P	Security update for freetype2	2020-12-01
oval:org.opensuse.security:def:29897	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30564	P	Security update for poppler	2020-12-01
oval:org.opensuse.security:def:30862	P	Security update for ed (Low)	2020-12-01
oval:org.opensuse.security:def:31602	P	Security update for tomcat6	2020-12-01
oval:org.opensuse.security:def:30484	P	Security update for clamav	2020-12-01
oval:org.opensuse.security:def:30830	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:31571	P	Security update for strongswan (Moderate)	2020-12-01
oval:org.opensuse.security:def:31779	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32444	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:32598	P	python on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33154	P	libgtop on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33380	P	Security update for compat-openssl097g (Moderate)	2020-12-01
oval:org.opensuse.security:def:34219	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34905	P	Security update for djvulibre (Low)	2020-12-01
oval:org.opensuse.security:def:34142	P	Security update for openldap2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34873	P	Security update for CUPS	2020-12-01
oval:org.opensuse.security:def:25873	P	Security update for libcares2 (Low)	2020-12-01
oval:org.opensuse.security:def:26540	P	enscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27275	P	pure-ftpd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29145	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:29791	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29941	P	Security update for openLDAP	2020-12-01
oval:org.opensuse.security:def:30331	P	Security update for tomcat6 (Important)	2020-12-01
oval:org.opensuse.security:def:30719	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:30882	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:30571	P	Security update for libxslt	2020-12-01
oval:org.opensuse.security:def:30869	P	Security update for evolution-data-server	2020-12-01
oval:org.opensuse.security:def:31790	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:32493	P	bzip2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33236	P	ppc64-diag on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33155	P	libicu-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33475	P	Security update for Mozilla	2020-12-01
oval:org.opensuse.security:def:33834	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:34123	P	Security update for net-snmp (Moderate)	2020-12-01
oval:org.opensuse.security:def:34355	P	Security update for sudo (Important)	2020-12-01
oval:org.opensuse.security:def:34759	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:34931	P	Security update for fetchmail (Moderate)	2020-12-01
oval:org.opensuse.security:def:34226	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34912	P	Security update for e2fsprogs (Moderate)	2020-12-01
oval:org.opensuse.security:def:25937	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26287	P	Security update for zeromq (Moderate)	2020-12-01
oval:org.opensuse.security:def:26579	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27310	P	tomcat6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29156	P	Security update for libtirpc, rpcbind (Important)	2020-12-01
oval:org.opensuse.security:def:29499	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:29840	P	Security update for Linux kernel	2020-12-01
oval:org.opensuse.security:def:30579	P	Security update for mozilla-nspr, mozilla-nss	2020-12-01
oval:org.opensuse.security:def:30420	P	Security update for xorg-x11-libXpm (Moderate)	2020-12-01
oval:org.opensuse.security:def:30774	P	Security update for avahi (Moderate)	2020-12-01
oval:org.opensuse.security:def:30926	P	Security update for ghostscript-library (Moderate)	2020-12-01
oval:org.opensuse.security:def:30338	P	Security update for transfig (Low)	2020-12-01
oval:org.opensuse.security:def:30726	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:30889	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:31864	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:32532	P	java-1_4_2-ibm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33275	P	tomcat6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33166	P	libnetpbm10 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33532	P	Security update for xpdf	2020-12-01
oval:org.opensuse.security:def:34124	P	Security update for netpbm (Moderate)	2020-12-01
oval:org.opensuse.security:def:34817	P	Security update for apport (Moderate)	2020-12-01
oval:org.opensuse.security:def:34975	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:34130	P	Security update for ntp (Important)	2020-12-01
oval:org.opensuse.security:def:34362	P	Security update for tcpdump	2020-12-01
oval:org.opensuse.security:def:34766	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:34938	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:25861	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26438	P	Security update for ansible (Moderate)	2020-12-01
oval:org.opensuse.security:def:26593	P	libnetpbm10 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29225	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:29584	P	Security update for Apache2	2020-12-01
oval:org.opensuse.security:def:29879	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:30616	P	Security update for tomcat6	2020-12-01
oval:org.opensuse.security:def:30477	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:30823	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:31564	P	Security update for squid3 (Moderate)	2020-12-01
oval:org.mitre.oval:def:26443	P	SUSE-SU-2014:1015-1 -- Security update for tomcat6	2014-10-27
oval:org.mitre.oval:def:26507	V	Allows remote attackers to cause a denial of service by streaming data.	2014-10-20
oval:org.mitre.oval:def:25819	P	SUSE-SU-2013:1374-1 -- Security update for tomcat6	2014-09-08
oval:org.mitre.oval:def:18192	P	USN-1841-1 -- tomcat6, tomcat7 vulnerabilities	2014-06-30
oval:org.mitre.oval:def:18605	P	DSA-2725-1 tomcat6 - several	2014-06-23
oval:com.ubuntu.precise:def:20123544000	V	CVE-2012-3544 on Ubuntu 12.04 LTS (precise) - medium.	2013-06-01
oval:com.ubuntu.trusty:def:20123544000	V	CVE-2012-3544 on Ubuntu 14.04 LTS (trusty) - medium.	2013-06-01
oval:com.ubuntu.xenial:def:201235440000000	V	CVE-2012-3544 on Ubuntu 16.04 LTS (xenial) - medium.	2013-06-01
oval:com.ubuntu.xenial:def:20123544000	V	CVE-2012-3544 on Ubuntu 16.04 LTS (xenial) - medium.	2013-06-01