Vulnerability Name:

CVE-2013-5372 (CCN-86662)

Assigned:2013-10-17
Published:2013-10-17
Updated:2017-08-29
Summary:The XML4J parser in IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.7, and 8.0 before 8.0.0.4 and IBM Integration Bus 9.0 before 9.0.0.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document that triggers expansion for many entities.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-399
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2013-5372

Source: SUSE
Type: UNKNOWN
SUSE-SU-2013:1677

Source: CCN
Type: RHSA-2013-1507
Critical: java-1.7.0-ibm security update

Source: REDHAT
Type: UNKNOWN
RHSA-2013:1507

Source: CCN
Type: RHSA-2013-1508
Critical: java-1.6.0-ibm security update

Source: REDHAT
Type: UNKNOWN
RHSA-2013:1508

Source: CCN
Type: RHSA-2013-1509
Important: java-1.5.0-ibm security update

Source: REDHAT
Type: UNKNOWN
RHSA-2013:1509

Source: CCN
Type: RHSA-2013-1793
Low: Red Hat Network Satellite server IBM Java Runtime security update

Source: REDHAT
Type: UNKNOWN
RHSA-2013:1793

Source: CCN
Type: SA55367
IBM WebSphere Message Broker / Integration Bus Entity Expansion Denial of Service Vulnerability

Source: CCN
Type: SA55591
IBM Enterprise Content Management Widgets Entity Expansion Denial of Service Vulnerability

Source: CCN
Type: SA56338
IBM Smart Analytics System Series Java Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
56338

Source: CCN
Type: SA56339
IBM WebSphere Partner Gateway Java Multiple Vulnerabilities

Source: AIXAPAR
Type: UNKNOWN
IC96473

Source: CCN
Type: IBM Security Bulletin 1652590
IBM Cognos Business Intelligence (CVE-2013-3030, CVE-2013-4002, CVE-2013-2407, CVE-2013-2450, CVE-2013-4034, CVE-2013-5372)

Source: CCN
Type: IBM Security Bulletin 1653087
IBM WebSphere Message Broker and IBM Integration Bus Security Vulnerability: XML4J denial of service attack (CVE-2013-5372)

Source: CONFIRM
Type: Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21653087

Source: CCN
Type: IBM Security Bulletin 1653815
Potential XML parser denial of service attack affecting all CLM applications (CVE-2013-4002, CVE-2013-5372)

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21655201

Source: CCN
Type: IBM Security Bulletin 1655202
Multiple vulnerabilities in IBM WebSphere Real Time

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21655202

Source: CCN
Type: IBM Security Bulletin 1659217
Multiple vulnerabilities in usage of IBM Java SDK in IBM Content Analytics with Enterprise Search and IBM OmniFind Enterprise Edition (CVE-2013-5802, CVE-2013-4002, CVE-2013-5825, CVE-2013-5372)

Source: CCN
Type: IBM Security Bulletin 1659530
IBM Smart Analytics System 5600 is affected by multiple vulnerabilities in the IBM Java SDK

Source: CCN
Type: IBM Security Bulletin 1659892
Security Bulletin: Information regarding security vulnerability in IBM SDK for Java that is shipped with IBM WebSphere Application Server and addressed by Oracle CPU October 2013

Source: CCN
Type: IBM Security Bulletin 1659951
Tivoli Multiple vulnerabilities in Tivoli Business Service Manager (CVE-2013-5802,CVE-2013-5825,CVE-2013-5372)

Source: CCN
Type: IBM Security Bulletin 1659954
Tivoli Multiple vulnerabilities in Netcool/Impact (CVE-2013-5802,,CVE-2013-5825,CVE-2013-5372)

Source: CCN
Type: IBM Security Bulletin 1660143
Information regarding security vulnerability in IBM SDK for Java that is shipped with IBM WebSphere Application Server and addressed by Oracle CPU October 2013

Source: CCN
Type: IBM Security Bulletin 1660145
Security Bulletin: Information regarding security vulnerability in IBM SDK for Java that is shipped with IBM WebSphere Application Server and addressed by Oracle CPU October 2013

Source: CCN
Type: IBM Security Bulletin 1660149
Information regarding security vulnerability in IBM SDK for Java that is shipped with IBM WebSphere Application Server and addressed by Oracle CPU October 2013

Source: CCN
Type: IBM security Bulletin 1660218
Vulnerabilities in IBM FileNet Content Manager due to security vulnerabilities in Oracle Java Development Kits

Source: CCN
Type: IBM Security Bulletin 1660279
IBM Integration Bus and IBM WebSphere Message Broker: Multiple security vulnerabilities in IBM JREs 6 & 7

Source: CCN
Type: IBM Security Bulletin 1660461
IBM Rational Engineering Lifecycle Manager can be affected by vulnerabilities in the IBM Java JRE/SDK (CVE-2013-5802, CVE-2013-4002, CVE-2013-5825, CVE-2013-5372)

Source: CCN
Type: IBM Security Bulletin 1660500
IBM Tivoli Security Policy Manager can be affected by multiple vulnerabilities in the IBM Java SDK (CVE-2013-4002, CVE-2013-5825, CVE-2013-5802, CVE-2013-5372)

Source: CCN
Type: IBM Security Bulletin 1661213
IBM Operational Decision Manager and WebSphere ILOG JRules: Multiple security vulnerabilities in IBM JRE

Source: CCN
Type: IBM Security Bulletin 1662315
Tivoli Netcool/Webtop can be affected by multiple vulnerabilities in current IBM SDK for Java for WebSphere Application Server October 2013 CPU

Source: CCN
Type: IBM Security Bulletin 1662705
Security Flash: Multiple vulnerabilities in IBM's Java 5 and Java 6 JREs used by Web Experience Factory development components

Source: CCN
Type: IBM Security Bulletin 1662870
Multiple security vulnerabilities exist in WebSphere Transformation Extender (CVE-2013-5802 CVE-2013-4002 CVE-2013-5825 CVE-2013-5372 CVE-2013-0599 CVE-2013-0464 CVE-2013-0467 CVE-2013-2962 CVE-2013-2415

Source: CCN
Type: IBM Security Bulletin 1663096
Security Bulletin: Java Vulnerability in Rational Automation Framework (CVE-2013-4002, CVE-2013-5825, CVE-2013-5372)

Source: CCN
Type: IBM Security Bulletin 1663944
IBM Tivoli System Automation Application Manager 3.2.2, 3.2.1, 3.2.0, 3.1

Source: CCN
Type: IBM Security Bulletin 1664268
IBM FileNet Business Process Manager – IBM Java Quarterly CPU (JRE) – Oct 2013 (CVE-2013-5372, CVE-2013-5802, CVE2013-5825)

Source: CCN
Type: IBM Security Bulletin 1664777
IBM InfoSphere Optim Performance Manager is affected by multiple vulnerabilities in IBM Java Runtime Environment (CVE-2013-5372, CVE-2013-5803, CVE-2013-5825)

Source: CCN
Type: IBM Security Bulletin 1666275
Security Bulletin: Multiple vulnerabilities exist in the SOAP Gateway component of IMS Enterprise Suite (CVE-2013-4002, CVE-2013-5825, CVE-2013-5372, CVE-2014-0416, CVE-2014-0411)

Source: CCN
Type: IBM developerWorks
IBM Security Update November 2013

Source: CCN
Type: IBM Security Bulletin 1655201
Multiple vulnerabilities in current releases of the IBM SDK, Java Technology Edition

Source: CCN
Type: IBM Security Bulletin 1659761
Multiple IBM SDK Java Technology Edition, Version 6 security vulnerabilities addressed in Tivoli Endpoint Manager for Remote Control

Source: CCN
Type: IBM Security Bulletin 1663960
Multiple vulnerabilities in IBM SPSS Modeler (CVE-2013-6739, CVE-2013-5372, CVE-2013-5825)

Source: CCN
Type: IBM Security Bulletin 1667716
Multiple IBM SDK Java Technology Edition, Version 6 security vulnerabilities addressed in Tivoli Remote Control

Source: CCN
Type: IBM Security Bulletin 1677352
Tivoli Workload Scheduler Distributed Potential multiple Security vulnerabilities with IBM WebSphere Application Server (CVE-2013-0443 and others)

Source: CCN
Type: OSVDB ID: 98716
IBM WebSphere Message Broker / Integration Bus Security XML External Entity (XXE) Expansion Remote DoS

Source: CCN
Type: BID-63224
IBM Integration Bus XML4J Parser Entity Expansion Denial of Service Vulnerability

Source: XF
Type: UNKNOWN
ibm-xml4j-cve20135372-dos(86662)

Source: XF
Type: UNKNOWN
ibm-xml4j-cve20135372-dos(86662)

Source: CONFIRM
Type: UNKNOWN
https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013

Vulnerable Configuration:Configuration 1:
  • cpe:/a:ibm:websphere_message_broker:6.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:6.1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:6.1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:6.1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:6.1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:6.1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:6.1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:6.1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:6.1.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:6.1.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:6.1.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:6.1.0.11:*:*:*:*:*:*:*

  • Configuration 2:
  • cpe:/a:ibm:websphere_message_broker:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:8.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:8.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:8.0.0.3:*:*:*:*:*:*:*

  • Configuration 3:
  • cpe:/a:ibm:websphere_message_broker:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:7.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:7.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:7.0.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:7.0.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:7.0.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:7.0.0.6:*:*:*:*:*:*:*

  • Configuration RedHat 1:
  • cpe:/a:redhat:rhel_extras:6:*:*:*:*:*:*:*

  • Configuration RedHat 2:
  • cpe:/a:redhat:rhel_extras:5:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:ibm:websphere_message_broker:6.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:java_sdk:6.0.16.7:*:*:*:technology:*:*:*
  • OR cpe:/a:ibm:java_sdk:7.0.9.10:*:*:*:technology:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_message_broker:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:integration_bus:9.0:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_process_server:6.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_process_server:6.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:omnifind:9.1:-:enterprise:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence:8.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:omnifind:8.5:-:enterprise:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_remote_control:5.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spss_modeler:14.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spss_modeler:14.1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spss_modeler:14.2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spss_modeler:15.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence:10.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence:10.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence:10.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_business_service_manager:4.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_business_service_manager:4.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_business_service_manager:6.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_engineering_lifecycle_manager:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_engineering_lifecycle_manager:1.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:business_process_manager:8.0::~~advanced~~~:*:*:*:*:*
  • OR cpe:/a:ibm:operational_decision_manager:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_process_server:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:operational_decision_manager:8.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence:10.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_quality_manager:2.0.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_quality_manager:3.0.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:business_process_manager:7.5::~~advanced~~~:*:*:*:*:*
  • OR cpe:/a:ibm:rational_engineering_lifecycle_manager:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_engineering_lifecycle_manager:4.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_engineering_lifecycle_manager:4.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:filenet_content_manager:5.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:business_process_manager:8.5::~~advanced~~~:*:*:*:*:*
  • OR cpe:/a:ibm:web_experience_factory:6.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_dashboard_framework:-:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_widget_factory:-:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_ilog_jrules:7.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:filenet_content_manager:5.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:ims_enterprise_suite:2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_endpoint_manager:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_workload_scheduler:8.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:ims_enterprise_suite:2.1:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:7707
    P
    libykcs11-1-1.6.2-4.30 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:7729
    P
    p7zip-16.02-150200.14.9.2 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:20135372
    V
    CVE-2013-5372
    2022-05-20
    oval:org.opensuse.security:def:33795
    P
    Security update for apache2 (Important)
    2022-01-12
    oval:org.opensuse.security:def:29496
    P
    Security update for libsndfile (Important)
    2022-01-05
    oval:org.opensuse.security:def:33066
    P
    Security update for chrony (Moderate)
    2021-12-22
    oval:org.opensuse.security:def:33067
    P
    Security update for libqt4 (Important)
    2021-12-22
    oval:org.opensuse.security:def:7005
    P
    Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP1) (Important)
    2021-12-14
    oval:org.opensuse.security:def:33753
    P
    Security update for MozillaFirefox (Important)
    2021-12-12
    oval:org.opensuse.security:def:26179
    P
    Security update for gmp (Moderate)
    2021-12-02
    oval:org.opensuse.security:def:26178
    P
    Security update for the Linux Kernel (Important)
    2021-12-02
    oval:org.opensuse.security:def:26177
    P
    Security update for webkit2gtk3 (Important)
    2021-12-01
    oval:org.opensuse.security:def:33746
    P
    Security update for ruby2.1 (Important)
    2021-12-01
    oval:org.opensuse.security:def:34587
    P
    Security update for samba (Important)
    2021-11-10
    oval:org.opensuse.security:def:6980
    P
    Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP1) (Important)
    2021-10-14
    oval:org.opensuse.security:def:34547
    P
    Security update for the Linux Kernel (Important)
    2021-09-23
    oval:org.opensuse.security:def:34540
    P
    Security update for transfig (Moderate)
    2021-09-16
    oval:org.opensuse.security:def:29418
    P
    Security update for file (Important)
    2021-09-02
    oval:org.opensuse.security:def:29411
    P
    Security update for cpio (Important)
    2021-08-23
    oval:org.opensuse.security:def:33696
    P
    Security update for mariadb (Important)
    2021-08-06
    oval:org.opensuse.security:def:33689
    P
    Security update for curl (Moderate)
    2021-07-21
    oval:org.opensuse.security:def:36495
    P
    libtirpc-devel-0.2.1-1.7.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36537
    P
    perl-base-32bit-5.10.0-64.72.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:6905
    P
    Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP1) (Important)
    2021-05-25
    oval:org.opensuse.security:def:33909
    P
    Security update for xen (Important)
    2021-05-19
    oval:org.opensuse.security:def:29361
    P
    Security update for the Linux Kernel (Important)
    2021-05-17
    oval:org.opensuse.security:def:33902
    P
    Security update for bind (Important)
    2021-05-04
    oval:org.opensuse.security:def:13238
    P
    java-1_6_0-ibm-1.6.0_sr16.1-5.9 on GA media (Moderate)
    2021-04-29
    oval:org.opensuse.security:def:46358
    P
    java-1_6_0-ibm-1.6.0_sr16.1-5.9 on GA media (Moderate)
    2021-04-29
    oval:org.opensuse.security:def:29354
    P
    Security update for tomcat (Important)
    2021-04-29
    oval:org.opensuse.security:def:6886
    P
    Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP1) (Important)
    2021-04-28
    oval:org.opensuse.security:def:6871
    P
    Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP1) (Important)
    2021-04-07
    oval:org.opensuse.security:def:7069
    P
    Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP2) (Important)
    2021-04-07
    oval:org.opensuse.security:def:33085
    P
    Security update for postgresql-jdbc (Moderate)
    2021-02-25
    oval:org.opensuse.security:def:33078
    P
    Security update for krb5-appl (Important)
    2021-02-19
    oval:org.opensuse.security:def:33074
    P
    Security update for jasper (Important)
    2021-02-16
    oval:org.opensuse.security:def:33073
    P
    Security update for wpa_supplicant (Important)
    2021-02-15
    oval:org.opensuse.security:def:26189
    P
    Security update for subversion (Important)
    2021-02-10
    oval:org.opensuse.security:def:26190
    P
    Security update for MozillaFirefox (Low)
    2021-02-10
    oval:org.opensuse.security:def:34580
    P
    Security update for the Linux Kernel (Important)
    2021-02-09
    oval:org.opensuse.security:def:7056
    P
    Security update for the Linux Kernel (Important)
    2020-12-10
    oval:org.opensuse.security:def:35638
    P
    squid-2.7.STABLE5-2.4.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35813
    P
    python-sssd-config-1.5.11-0.9.96 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35697
    P
    findutils-4.4.0-38.26.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35857
    P
    PackageKit-0.3.14-2.28.46 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35746
    P
    libfreebl3-3.13.1-0.2.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35785
    P
    mono-core-2.6.7-0.7.19 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:33394
    P
    Security update for SUSE Manager Client Tools (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:35230
    P
    Security update for libmspack (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26381
    P
    Security update for ffmpeg (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26754
    P
    libneon27 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26909
    P
    gpg2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26254
    P
    Security update for dia (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26604
    P
    libsoup-2_4-1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26896
    P
    foomatic-filters on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27627
    P
    Security update for IBM Java 7
    2020-12-01
    oval:org.opensuse.security:def:29068
    P
    Security update for clamav (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29752
    P
    Security update for gd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30491
    P
    Security update for fastjar
    2020-12-01
    oval:org.opensuse.security:def:29057
    P
    Security update for bind (Important)
    2020-12-01
    oval:org.opensuse.security:def:29710
    P
    Security update for Mozilla Firefox
    2020-12-01
    oval:org.opensuse.security:def:29860
    P
    Security update for the Linux Kernel
    2020-12-01
    oval:org.opensuse.security:def:29056
    P
    Security update for bind (Important)
    2020-12-01
    oval:org.opensuse.security:def:6824
    P
    python-libxml2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33157
    P
    libksba on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33532
    P
    Security update for xpdf
    2020-12-01
    oval:org.opensuse.security:def:33834
    P
    Security update for gnutls (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33451
    P
    Security update for GNOME screensaver
    2020-12-01
    oval:org.opensuse.security:def:33802
    P
    Security update for gd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34999
    P
    Security update for glibc (Important)
    2020-12-01
    oval:org.opensuse.security:def:35331
    P
    Security update for minicom (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26462
    P
    Security update for Mozilla Thunderbird (Important)
    2020-12-01
    oval:org.opensuse.security:def:26807
    P
    perl-spamassassin on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26953
    P
    libicu-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26382
    P
    Security update for ffmpeg (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26755
    P
    libnetpbm10 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26910
    P
    gstreamer-0_10-plugins-base on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29137
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:29791
    P
    Security update for gtk2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30528
    P
    Security update for IBM Java 6
    2020-12-01
    oval:org.opensuse.security:def:29075
    P
    Security update for cups (Important)
    2020-12-01
    oval:org.opensuse.security:def:29759
    P
    Security update for ghostscript-library (Important)
    2020-12-01
    oval:org.opensuse.security:def:30498
    P
    Security update for Mozilla Firefox
    2020-12-01
    oval:org.opensuse.security:def:29064
    P
    Security update for bzip2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:29063
    P
    Security update for bzip2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:33292
    P
    xorg-x11 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33858
    P
    Security update for ipsec-tools (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33164
    P
    libmysqlclient15-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33539
    P
    Security update for ImageMagick (Important)
    2020-12-01
    oval:org.opensuse.security:def:33841
    P
    Security update for gtk2
    2020-12-01
    oval:org.opensuse.security:def:35010
    P
    Security update for gnutls (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:35388
    P
    Security update for openldap2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26519
    P
    PackageKit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26856
    P
    PackageKit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27591
    P
    yast2-core-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34998
    P
    Security update for glibc (Important)
    2020-12-01
    oval:org.opensuse.security:def:26463
    P
    Security update for enigmail (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26808
    P
    postgresql on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26954
    P
    libltdl7 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29268
    P
    Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:29649
    P
    Security update for curl (Important)
    2020-12-01
    oval:org.opensuse.security:def:29809
    P
    Security update for jakarta-commons-fileupload (Important)
    2020-12-01
    oval:org.opensuse.security:def:29144
    P
    Security update for kvm (Important)
    2020-12-01
    oval:org.opensuse.security:def:29503
    P
    Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29798
    P
    Security update for icu
    2020-12-01
    oval:org.opensuse.security:def:30535
    P
    Security update for IBM Java 7
    2020-12-01
    oval:org.opensuse.security:def:6756
    P
    libsndfile1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:7038
    P
    libgadu3 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33387
    P
    Security update for compat-openssl097g (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6748
    P
    libqt4-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33299
    P
    xorg-x11-libXt-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33865
    P
    Security update for jasper (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:35094
    P
    Security update for Linux kernel
    2020-12-01
    oval:org.opensuse.security:def:35478
    P
    Security update for php53 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26253
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26603
    P
    libsnmp15-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26895
    P
    findutils on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27626
    P
    Security update for IBM Java 6
    2020-12-01
    oval:org.opensuse.security:def:26520
    P
    PolicyKit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26857
    P
    PolicyKit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27592
    P
    yast2-devel-doc on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29703
    P
    Security update for Mozilla Firefox
    2020-12-01
    oval:org.opensuse.security:def:29853
    P
    Security update for Linux Kernel
    2020-12-01
    oval:org.opensuse.security:def:29275
    P
    Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:29656
    P
    Security update for curl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29816
    P
    Security update for jasper (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:6778
    P
    libvte9 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:7047
    P
    libhogweed2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33444
    P
    Security update for pidgin
    2020-12-01
    oval:org.mitre.oval:def:21240
    P
    RHSA-2013:1508: java-1.6.0-ibm security update (Critical)
    2015-03-09
    oval:org.mitre.oval:def:21151
    P
    RHSA-2013:1507: java-1.7.0-ibm security update (Critical)
    2015-03-09
    oval:org.mitre.oval:def:25287
    P
    SUSE-SU-2013:1669-1 -- Security update for IBM Java 5
    2014-09-08
    oval:org.mitre.oval:def:23813
    P
    ELSA-2013:1507: java-1.7.0-ibm security update (Critical)
    2014-05-26
    oval:org.mitre.oval:def:24011
    P
    ELSA-2013:1508: java-1.6.0-ibm security update (Critical)
    2014-05-26
    oval:com.redhat.rhsa:def:20131507
    P
    RHSA-2013:1507: java-1.7.0-ibm security update (Critical)
    2013-11-07
    oval:com.redhat.rhsa:def:20131508
    P
    RHSA-2013:1508: java-1.6.0-ibm security update (Critical)
    2013-11-07
    oval:com.redhat.rhsa:def:20131509
    P
    RHSA-2013:1509: java-1.5.0-ibm security update (Important)
    2013-11-07
    BACK
    ibm websphere message broker 6.1
    ibm websphere message broker 6.1.0.1
    ibm websphere message broker 6.1.0.2
    ibm websphere message broker 6.1.0.3
    ibm websphere message broker 6.1.0.4
    ibm websphere message broker 6.1.0.5
    ibm websphere message broker 6.1.0.6
    ibm websphere message broker 6.1.0.7
    ibm websphere message broker 6.1.0.8
    ibm websphere message broker 6.1.0.9
    ibm websphere message broker 6.1.0.10
    ibm websphere message broker 6.1.0.11
    ibm websphere message broker 8.0
    ibm websphere message broker 8.0.0.1
    ibm websphere message broker 8.0.0.2
    ibm websphere message broker 8.0.0.3
    ibm websphere message broker 7.0.
    ibm websphere message broker 7.0.0.1
    ibm websphere message broker 7.0.0.2
    ibm websphere message broker 7.0.0.3
    ibm websphere message broker 7.0.0.4
    ibm websphere message broker 7.0.0.5
    ibm websphere message broker 7.0.0.6
    ibm websphere message broker 6.1
    ibm java sdk 6.0.16.7
    ibm java sdk 7.0.9.10
    ibm websphere message broker 7.0
    ibm websphere message broker 8.0
    ibm integration bus 9.0
    redhat enterprise linux 5
    ibm websphere process server 6.1.2
    ibm websphere process server 6.2
    ibm omnifind 9.1 -
    ibm cognos business intelligence 8.4.1
    ibm omnifind 8.5 -
    ibm tivoli remote control 5.1.2
    ibm spss modeler 14.0.0.0
    ibm spss modeler 14.1.0.0
    ibm spss modeler 14.2.0.0
    ibm spss modeler 15.0.0.0
    ibm cognos business intelligence 10.1
    ibm cognos business intelligence 10.1.1
    ibm cognos business intelligence 10.2
    ibm tivoli business service manager 4.2
    ibm tivoli business service manager 4.2.1
    ibm tivoli business service manager 6.1.1
    ibm rational engineering lifecycle manager 1.0
    ibm rational engineering lifecycle manager 1.0.0.1
    ibm business process manager 8.0
    ibm operational decision manager 8.0
    ibm websphere process server 7.0
    ibm operational decision manager 8.5
    ibm cognos business intelligence 10.2.1
    ibm rational quality manager 2.0.1.1
    ibm rational quality manager 3.0.1.6
    ibm rational quality manager 4.0.4
    ibm business process manager 7.5
    ibm rational engineering lifecycle manager 4.0.3
    ibm rational engineering lifecycle manager 4.0.4
    ibm rational engineering lifecycle manager 4.0.5
    ibm filenet content manager 5.1.0
    ibm business process manager 8.5
    ibm web experience factory 6.1.5
    ibm websphere dashboard framework -
    ibm lotus widget factory -
    ibm websphere ilog jrules 7.1
    ibm filenet content manager 5.2.0
    ibm ims enterprise suite 2.2
    ibm tivoli endpoint manager 8.0
    ibm tivoli workload scheduler 8.6
    ibm ims enterprise suite 2.1