Vulnerability CVE-2016-4073 - CERT Civis.Net

Vulnerability Name:

CVE-2016-4073 (CCN-113581)

Assigned:

2016-04-23

Published:

2016-04-23

Updated:

2018-01-05

Summary:

Multiple integer overflows in the mbfl_strcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted mb_strcut call.

CVSS v3 Severity:

9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2016-4073

Source: APPLE
Type: UNKNOWN
APPLE-SA-2016-05-16-4

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2016:1274

Source: SUSE
Type: UNKNOWN
SUSE-SU-2016:1277

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2016:1373

Source: CCN
Type: RHSA-2016-2750
Moderate: rh-php56 security, bug fix, and enhancement update

Source: REDHAT
Type: UNKNOWN
RHSA-2016:2750

Source: DEBIAN
Type: UNKNOWN
DSA-3560

Source: CCN
Type: oss-sec Mailing List, Sat, 23 Apr 2016 23:55:25 -0400 (EDT)
Re: CVE request: PHP issues fixed in 7.0.5, 5.6.20 and 5.5.34 releases

Source: MLIST
Type: UNKNOWN
[oss-security] 20160423 Re: CVE request: PHP issues fixed in 7.0.5, 5.6.20 and 5.5.34 releases

Source: CONFIRM
Type: UNKNOWN
http://www.php.net/ChangeLog-5.php

Source: CONFIRM
Type: UNKNOWN
http://www.php.net/ChangeLog-7.php

Source: BID
Type: UNKNOWN
85991

Source: CCN
Type: BID-85991
PHP 'libmbfl/mbfl/mbfilter.c' Function Denial of Service Vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-2952-1

Source: UBUNTU
Type: UNKNOWN
USN-2952-2

Source: CCN
Type: PHP Web site
Invalid memory write in phar on filename with \0 in name

Source: CONFIRM
Type: Exploit
https://bugs.php.net/bug.php?id=71906

Source: XF
Type: UNKNOWN
php-cve20164073-overflow(113581)

Source: CONFIRM
Type: UNKNOWN
https://gist.github.com/smalyshev/d8355c96a657cc5dba70

Source: CONFIRM
Type: UNKNOWN
https://git.php.net/?p=php-src.git;a=commit;h=64f42c73efc58e88671ad76b6b6bc8e2b62713e1

Source: CONFIRM
Type: UNKNOWN
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731

Source: GENTOO
Type: UNKNOWN
GLSA-201611-22

Source: CONFIRM
Type: UNKNOWN
https://support.apple.com/HT206567

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2016-4073

Vulnerable Configuration:

Configuration 1:

cpe:/a:php:php:5.5.0:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha1:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha2:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha3:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha4:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha5:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha6:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:beta1:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:beta2:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:beta3:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:beta4:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:rc1:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:rc2:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.1:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.2:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.3:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.4:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.5:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.6:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.7:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.8:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.9:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.10:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.11:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.12:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.13:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.14:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.18:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.19:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.20:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.21:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.22:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.23:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.24:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.25:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.26:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.27:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.29:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.30:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.32:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.33:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.0:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.0:alpha1:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.0:alpha2:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.0:alpha3:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.0:alpha4:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.0:alpha5:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.0:beta1:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.0:beta2:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.0:beta3:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.0:beta4:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.1:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.2:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.3:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.4:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.5:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.6:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.7:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.8:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.9:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.10:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.11:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.12:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.13:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.14:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.15:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.16:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.17:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.18:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.19:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.0:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.1:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.2:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.3:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.4:-:*:*:*:*:*:*

Configuration 2:

cpe:/o:apple:mac_os_x:*:*:*:*:*:*:*:* (Version <= 10.11.3)

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20164073	V	CVE-2016-4073	2023-06-22
oval:org.opensuse.security:def:31372	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:9680	P	Security update for libsndfile (Important)	2022-01-11
oval:org.opensuse.security:def:31375	P	Security update for libvirt (Important)	2022-01-10
oval:org.opensuse.security:def:34677	P	Security update for libvirt (Important)	2022-01-05
oval:org.opensuse.security:def:30290	P	Security update for net-snmp (Important)	2022-01-05
oval:org.opensuse.security:def:34678	P	Security update for libsndfile (Important)	2022-01-05
oval:org.opensuse.security:def:31374	P	Security update for libsndfile (Important)	2022-01-05
oval:org.opensuse.security:def:30291	P	Security update for libsndfile (Important)	2022-01-05
oval:org.opensuse.security:def:10438	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:31371	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:9884	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:33758	P	Security update for xorg-x11-server (Important)	2021-12-20
oval:org.opensuse.security:def:9634	P	Security update for log4j (Important)	2021-12-17
oval:org.opensuse.security:def:34609	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:10371	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:10175	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:32218	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:32219	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:30145	P	Security update for pcre (Moderate)	2021-11-10
oval:org.opensuse.security:def:9612	P	Security update for MozillaFirefox (Important)	2021-11-10
oval:org.opensuse.security:def:30144	P	Security update for binutils (Moderate)	2021-11-09
oval:org.opensuse.security:def:10169	P	Security update for Salt (Moderate)	2021-10-27
oval:org.opensuse.security:def:9604	P	Security update for dnsmasq (Moderate)	2021-10-27
oval:org.opensuse.security:def:34570	P	Security update for postgresql10 (Important)	2021-10-20
oval:org.opensuse.security:def:34571	P	Security update for git (Low)	2021-10-20
oval:org.opensuse.security:def:10162	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:29423	P	Security update for openssl (Low)	2021-09-20
oval:org.opensuse.security:def:10153	P	Security update for openssl-1_0_0 (Low)	2021-09-09
oval:org.opensuse.security:def:33971	P	Security update for openssl-1_0_0 (Low)	2021-09-09
oval:org.opensuse.security:def:10147	P	Security update for xerces-c (Important)	2021-09-02
oval:org.opensuse.security:def:11120	P	Security update for libspf2 (Critical)	2021-08-25
oval:org.opensuse.security:def:10139	P	Security update for djvulibre (Important)	2021-08-20
oval:org.opensuse.security:def:30234	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:30233	P	Security update for fetchmail (Moderate)	2021-08-18
oval:org.opensuse.security:def:13923	P	libldb1-1.1.26-10.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14061	P	xen-4.7.0_12-23.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14191	P	libXRes1-1.0.7-3.53 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14284	P	libraptor2-0-2.0.10-3.63 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13945	P	libpoppler44-0.24.4-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14079	P	ant-1.9.4-1.31 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13915	P	libjavascriptcoregtk-3_0-0-2.4.11-23.20 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14216	P	libcares2-1.9.1-5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14260	P	libmysqlclient18-10.0.30-28.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14922	P	hplip-3.16.11-1.33 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14013	P	procmail-3.22-267.12 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14098	P	bzip2-1.0.6-29.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14271	P	libpcsclite1-1.8.10-6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14944	P	libHX28-3.18-1.18 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:9761	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:33949	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:33948	P	Security update for linuxptp (Important)	2021-07-21
oval:org.opensuse.security:def:11098	P	Security update for claws-mail (Moderate)	2021-07-16
oval:org.opensuse.security:def:10296	P	Security update for go1.15 (Important)	2021-06-30
oval:org.opensuse.security:def:38712	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:33937	P	Security update for libgcrypt (Important)	2021-06-24
oval:org.opensuse.security:def:10111	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:31215	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:33938	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:33936	P	Security update for ovmf (Important)	2021-06-24
oval:org.opensuse.security:def:9742	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:10277	P	Security update for spice-gtk (Moderate)	2021-06-10
oval:org.opensuse.security:def:9727	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:33927	P	Security update for caribou (Important)	2021-06-10
oval:org.opensuse.security:def:16634	P	php5-devel-5.5.14-109.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16999	P	empathy-3.10.3-1.131 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17177	P	lcms-1.19-17.31 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17234	P	gd-32bit-2.1.0-24.9.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17045	P	cyrus-sasl-digestmd5-32bit-2.1.26-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36267	P	perl-Tk-804.028-50.24 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124640	P	php5-devel-5.5.14-109.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16591	P	libtiff-devel-4.0.9-44.24.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17035	P	raptor-2.0.10-3.67 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17246	P	kernel-default-extra-4.12.14-94.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16098	P	php5-devel-5.5.14-73.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17067	P	libjavascriptcoregtk-1_0-0-2.4.8-16.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36268	P	perl-libwww-perl-5.816-2.23.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36309	P	tcpdump-3.9.8-1.27.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16348	P	php5-devel-5.5.14-108.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16625	P	obs-service-source_validator-0.7-9.3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17145	P	python-devel-2.7.9-24.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17268	P	libosip2-3.5.0-20.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16583	P	libssh-devel-0.6.3-12.6.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17033	P	pulseaudio-module-bluetooth-5.0-2.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36310	P	tftp-0.48-101.31.27 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:35252	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:10086	P	Security update for dhcp (Important)	2021-06-02
oval:org.opensuse.security:def:10262	P	Security update for curl (Moderate)	2021-05-31
oval:org.opensuse.security:def:33903	P	Security update for samba (Important)	2021-05-04
oval:org.opensuse.security:def:34412	P	Security update for ImageMagick (Moderate)	2021-04-20
oval:org.opensuse.security:def:38257	P	Security update for openldap2 (Important)	2021-04-16
oval:org.opensuse.security:def:9862	P	Security update for openssl-1_1 (Moderate)	2021-03-09
oval:org.opensuse.security:def:9861	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:34649	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:29480	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:10215	P	Security update for python-cryptography (Important)	2021-03-03
oval:org.opensuse.security:def:9854	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:34033	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:34032	P	Security update for MozillaFirefox (Important)	2021-03-01
oval:org.opensuse.security:def:10396	P	Security update for php7 (Important)	2021-02-24
oval:org.opensuse.security:def:34629	P	Security update for bind (Important)	2021-02-18
oval:org.opensuse.security:def:34628	P	Security update for screen (Important)	2021-02-17
oval:org.opensuse.security:def:32258	P	Security update for screen (Important)	2021-02-17
oval:org.opensuse.security:def:32257	P	Security update for jasper (Important)	2021-02-16
oval:org.opensuse.security:def:9836	P	Security update for subversion (Important)	2021-02-10
oval:org.opensuse.security:def:30012	P	Security update for openvswitch (Important)	2021-02-03
oval:org.opensuse.security:def:31216	P	Security update for postgresql, postgresql12, postgresql13 (Important)	2021-01-26
oval:org.opensuse.security:def:34413	P	Security update for openldap2 (Moderate)	2021-01-14
oval:org.opensuse.security:def:30013	P	Security update for java-1_8_0-ibm (Moderate)	2021-01-05
oval:org.opensuse.security:def:35251	P	Security update for flac (Moderate)	2021-01-04
oval:org.opensuse.security:def:10585	P	Security update for the Linux Kernel (Important)	2020-12-09
oval:org.opensuse.security:def:34324	P	Security update for python-cryptography (Moderate)	2020-12-04
oval:org.opensuse.security:def:16826	P	libid3tag-devel-0.15.1b-184.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16784	P	libXtst-devel-1.2.2-7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16710	P	dbus-1-glib-devel-0.100.2-3.58 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16834	P	libjpeg62-devel-62.2.0-31.14.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35520	P	PolicyKit-0.9-14.34.9 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35630	P	perl-spamassassin-3.2.5-26.22.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35558	P	gnutls-2.4.1-24.19.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16911	P	libvpx-devel-1.3.0-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16767	P	libQt5Bootstrap-devel-static-5.6.2-6.15.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16944	P	osc-0.162.1-15.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35559	P	gpg2-2.0.9-25.25.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35585	P	libexif-0.6.17-2.12 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:34323	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:16792	P	libarchive-devel-3.1.2-26.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16968	P	sane-backends-devel-1.0.24-3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16798	P	libbz2-devel-1.0.6-30.8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16976	P	typelib-1_0-WebKit2WebExtension-4_0-2.24.4-2.47.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35586	P	libexiv2-4-0.17.1-31.20 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35519	P	PackageKit-0.3.14-2.12.105 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35629	P	perl-Tk-804.028-50.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:26961	P	libopenssl0_9_8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34168	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:9992	P	squid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29718	P	Security update for MozillaFirefox	2020-12-01
oval:org.opensuse.security:def:34717	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:10460	P	lhasa-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31412	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:33147	P	libexif on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27227	P	libwsman1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29922	P	Security update for libexif (Moderate)	2020-12-01
oval:org.opensuse.security:def:35424	P	Security update for openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:26885	P	e2fsprogs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30774	P	Security update for avahi (Moderate)	2020-12-01
oval:org.opensuse.security:def:27088	P	automake on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33456	P	Security update for icu	2020-12-01
oval:org.opensuse.security:def:27515	P	mercurial on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27603	P	Security update for Mono	2020-12-01
oval:org.opensuse.security:def:34741	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:10813	P	libxml2-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37923	P	libncurses5-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31072	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27310	P	tomcat6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33864	P	Security update for jasper	2020-12-01
oval:org.opensuse.security:def:9912	P	libqt4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28299	P	Security update for netatalk (Important)	2020-12-01
oval:org.opensuse.security:def:35464	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26886	P	ecryptfs-utils-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30847	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:38155	P	crash on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27563	P	rubygem-rdoc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27616	P	Security update for freeradius	2020-12-01
oval:org.opensuse.security:def:34784	P	Security update for OpenEXR (Moderate)	2020-12-01
oval:org.opensuse.security:def:31128	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:38405	P	libxslt-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31581	P	Security update for tar (Moderate)	2020-12-01
oval:org.opensuse.security:def:28333	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30761	P	Security update for php53	2020-12-01
oval:org.opensuse.security:def:35105	P	Security update for the Linux Kernel (Moderate)	2020-12-01
oval:org.opensuse.security:def:31427	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31515	P	Security update for quagga (Low)	2020-12-01
oval:org.opensuse.security:def:38740	P	libvdpau1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17906	P	Security update for git (Important)	2020-12-01
oval:org.opensuse.security:def:29938	P	Security update for libksba	2020-12-01
oval:org.opensuse.security:def:34867	P	Security update for coreutils (Important)	2020-12-01
oval:org.opensuse.security:def:30377	P	Security update for xalan-j2	2020-12-01
oval:org.opensuse.security:def:35412	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:39464	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:33136	P	libQtWebKit4-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35161	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:30635	P	Security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:30693	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:17731	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:34771	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:29206	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:34169	P	Security update for openssl (Important)	2020-12-01
oval:org.opensuse.security:def:30530	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:35470	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31413	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:9930	P	libupsclient1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30736	P	Security update for SDL (Moderate)	2020-12-01
oval:org.opensuse.security:def:29125	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27089	P	avahi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34266	P	Security update for ppp (Important)	2020-12-01
oval:org.opensuse.security:def:10011	P	vsftpd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29772	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:29860	P	Security update for the Linux Kernel	2020-12-01
oval:org.opensuse.security:def:34742	P	Security update for Mesa (Moderate)	2020-12-01
oval:org.opensuse.security:def:26896	P	foomatic-filters on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33226	P	pcsc-ccid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27311	P	unixODBC_23 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30560	P	Security update for OpenSSL	2020-12-01
oval:org.opensuse.security:def:35465	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:29126	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:30848	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:27169	P	libFLAC++6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33513	P	Security update for perl-HTML-Parser	2020-12-01
oval:org.opensuse.security:def:27564	P	rubygem-sprockets-2_2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27617	P	Security update for freetype2	2020-12-01
oval:org.opensuse.security:def:34785	P	Security update for OpenEXR (Moderate)	2020-12-01
oval:org.opensuse.security:def:10835	P	php5-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33135	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37934	P	libospf0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31129	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:27461	P	libmspack-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33815	P	Security update for glib2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:9925	P	libtasn1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28334	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:30762	P	Security update for apache2-mod_security2	2020-12-01
oval:org.opensuse.security:def:30979	P	Security update for hunspell (Low)	2020-12-01
oval:org.opensuse.security:def:31428	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31516	P	Security update for quagga (Moderate)	2020-12-01
oval:org.opensuse.security:def:27660	P	Security update for rubygem-rack	2020-12-01
oval:org.opensuse.security:def:29939	P	Security update for libksba (Moderate)	2020-12-01
oval:org.opensuse.security:def:34868	P	Security update for coreutils (Moderate)	2020-12-01
oval:org.opensuse.security:def:38565	P	cpp48 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38673	P	libgoa-1_0-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35162	P	Security update for krb5	2020-12-01
oval:org.opensuse.security:def:31476	P	Security update for puppet	2020-12-01
oval:org.opensuse.security:def:31536	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:38784	P	python-pyOpenSSL on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17932	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:34772	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:35003	P	Security update for gnome-session (Moderate)	2020-12-01
oval:org.opensuse.security:def:30531	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:35471	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:30737	P	Security update for SDL (Moderate)	2020-12-01
oval:org.opensuse.security:def:29926	P	Security update for libgcrypt (Moderate)	2020-12-01
oval:org.opensuse.security:def:29337	P	Security update for spacewalk	2020-12-01
oval:org.opensuse.security:def:34267	P	Security update for procmail	2020-12-01
oval:org.opensuse.security:def:30585	P	Security update for OpenSSH	2020-12-01
oval:org.opensuse.security:def:30673	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26897	P	freeradius-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9977	P	python-pywbem on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29565	P	Security update for OpenEXR (Moderate)	2020-12-01
oval:org.opensuse.security:def:10447	P	gnome-settings-daemon-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29928	P	Security update for libgcrypt (Low)	2020-12-01
oval:org.opensuse.security:def:27170	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29821	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:29878	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:34786	P	Security update for OpenEXR (Moderate)	2020-12-01
oval:org.opensuse.security:def:26960	P	libopensc2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33361	P	Security update for openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27462	P	libmusicbrainz-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34716	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:30597	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:30980	P	Security update for icu	2020-12-01
oval:org.opensuse.security:def:27226	P	libvorbis on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33601	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:9903	P	libpng15-15 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27661	P	Security update for ruby	2020-12-01
oval:org.opensuse.security:def:35423	P	Security update for openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:26884	P	dhcpcd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30773	P	Security update for automake	2020-12-01
oval:org.opensuse.security:def:38018	P	pam_krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27514	P	memcached on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27602	P	Security update for bind	2020-12-01
oval:org.opensuse.security:def:10563	P	libxcb-composite0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34773	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:31071	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:38315	P	libksba8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31477	P	Security update for puppet (Moderate)	2020-12-01
oval:org.opensuse.security:def:31537	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:28298	P	Security update for net-snmp (Moderate)	2020-12-01
oval:org.opensuse.security:def:37922	P	libmysqlclient18 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35004	P	Security update for gnuplot (Moderate)	2020-12-01
oval:org.opensuse.security:def:38624	P	jakarta-commons-fileupload on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34783	P	Recommended update for NetworkManager-kde4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31580	P	Security update for syslog-ng (Moderate)	2020-12-01
oval:org.opensuse.security:def:39422	P	Security update for python-Jinja2 (Important)	2020-12-01
oval:org.opensuse.security:def:29927	P	Security update for libgcrypt (Moderate)	2020-12-01
oval:org.opensuse.security:def:35104	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:30586	P	Security update for openssh (Moderate)	2020-12-01
oval:org.opensuse.security:def:30674	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:17705	P	Security update for libotr (Moderate)	2020-12-01
oval:org.opensuse.security:def:29137	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:30376	P	Security update for wpa_supplicant	2020-12-01
oval:org.opensuse.security:def:35411	P	Security update for openssl (Important)	2020-12-01
oval:org.opensuse.security:def:30763	P	Security update for apport (Moderate)	2020-12-01
oval:org.opensuse.security:def:30634	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:30692	P	Security update for MozillaFirefox (Critical)	2020-12-01
oval:org.cisecurity:def:557	P	DSA-3560-1 -- php5 -- security update	2016-07-01
oval:com.ubuntu.precise:def:20164073000	V	CVE-2016-4073 on Ubuntu 12.04 LTS (precise) - medium.	2016-05-20
oval:com.ubuntu.trusty:def:20164073000	V	CVE-2016-4073 on Ubuntu 14.04 LTS (trusty) - medium.	2016-05-20
oval:com.ubuntu.xenial:def:201640730000000	V	CVE-2016-4073 on Ubuntu 16.04 LTS (xenial) - medium.	2016-05-20
oval:com.ubuntu.xenial:def:20164073000	V	CVE-2016-4073 on Ubuntu 16.04 LTS (xenial) - medium.	2016-05-20