ID

VAR-201206-0031


CVE

CVE-2011-1477


TITLE

Fujitsu Accela BizSearch Unknown Cross-Site Scripting Vulnerability

Trust: 0.8

sources: IVD: 1edccd3a-1f91-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-2492

DESCRIPTION

Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users to cause a denial of service (heap memory corruption) or possibly gain privileges by leveraging write access to /dev/sequencer. The standard search page of Accela BizSearch contains a cross-site scripting vulnerability.By setting up a fraudulent website that exploits an XSS vulnerability of the Accela BizSearch's standard search page (the "targeted website") via the Internet, a remote attacker could execute arbitrary code on the computer of the visitors (the "victims") who have accessed the website. Fujitsu Accela BizSearch has an input validation vulnerability that allows attackers to perform cross-site scripting attacks. The attacker can construct a malicious WEB page, entice the user to parse, obtain sensitive information or hijack the user session. Linux kernel is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts will cause a denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2264-1 security@debian.org http://www.debian.org/security/ dann frazier June 18, 2011 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux-2.6 Vulnerability : privilege escalation/denial of service/information leak Problem type : local/remote Debian-specific: no CVE Id(s) : CVE-2010-2524 CVE-2010-3875 CVE-2010-4075 CVE-2010-4655 CVE-2011-0695 CVE-2011-0710 CVE-2011-0711 CVE-2011-0726 CVE-2011-1010 CVE-2011-1012 CVE-2011-1017 CVE-2011-1078 CVE-2011-1079 CVE-2011-1080 CVE-2011-1090 CVE-2011-1093 CVE-2011-1160 CVE-2011-1163 CVE-2011-1170 CVE-2011-1171 CVE-2011-1172 CVE-2011-1173 CVE-2011-1180 CVE-2011-1182 CVE-2011-1477 CVE-2011-1493 CVE-2011-1577 CVE-2011-1593 CVE-2011-1598 CVE-2011-1745 CVE-2011-1746 CVE-2011-1748 CVE-2011-1759 CVE-2011-1767 CVE-2011-1768 CVE-2011-1776 CVE-2011-2022 CVE-2011-2182 Debian Bug : 618485 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-2524 David Howells reported an issue in the Common Internet File System (CIFS). Local users could cause arbitrary CIFS shares to be mounted by introducing malicious redirects. CVE-2010-3875 Vasiliy Kulikov discovered an issue in the Linux implementation of the Amateur Radio AX.25 Level 2 protocol. Local users may obtain access to sensitive kernel memory. CVE-2010-4075 Dan Rosenberg reported an issue in the tty layer that may allow local users to obtain access to sensitive kernel memory. CVE-2011-0695 Jens Kuehnel reported an issue in the InfiniBand stack. Remote attackers can exploit a race condition to cause a denial of service (kernel panic). CVE-2011-0710 Al Viro reported an issue in the /proc/<pid>/status interface on the s390 architecture. Local users could gain access to sensitive memory in processes they do not own via the task_show_regs entry. CVE-2011-0711 Dan Rosenberg reported an issue in the XFS filesystem. Local users may obtain access to sensitive kernel memory. CVE-2011-0726 Kees Cook reported an issue in the /proc/pid/stat implementation. Local users could learn the text location of a process, defeating protections provided by address space layout randomization (ASLR). CVE-2011-1010 Timo Warns reported an issue in the Linux support for Mac partition tables. CVE-2011-1012 Timo Warns reported an issue in the Linux support for Mac partition tables. CVE-2011-1017 Timo Warns reported an issue in the Linux support for LDM partition tables. Users with physical access can gain access to sensitive kernel memory or gain elevated privileges by adding a storage device with a specially crafted LDM partition. CVE-2011-1078 Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users can obtain access to sensitive kernel memory. CVE-2011-1079 Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. CVE-2011-1080 Vasiliy Kulikov discovered an issue in the Netfilter subsystem. Local users can obtain access to sensitive kernel memory. CVE-2011-1090 Neil Horman discovered a memory leak in the setacl() call on NFSv4 filesystems. Local users can exploit this to cause a denial of service (Oops). CVE-2011-1093 Johan Hovold reported an issue in the Datagram Congestion Control Protocol (DCCP) implementation. Remote users could cause a denial of service by sending data after closing a socket. CVE-2011-1160 Peter Huewe reported an issue in the Linux kernel's support for TPM security chips. CVE-2011-1163 Timo Warns reported an issue in the kernel support for Alpha OSF format disk partitions. Users with physical access can gain access to sensitive kernel memory by adding a storage device with a specially crafted OSF partition. CVE-2011-1170 Vasiliy Kulikov reported an issue in the Netfilter arp table implementation. CVE-2011-1171 Vasiliy Kulikov reported an issue in the Netfilter IP table implementation. CVE-2011-1172 Vasiliy Kulikov reported an issue in the Netfilter IP6 table implementation. CVE-2011-1173 Vasiliy Kulikov reported an issue in the Acorn Econet protocol implementation. Local users can obtain access to sensitive kernel memory on systems that use this rare hardware. CVE-2011-1180 Dan Rosenberg reported a buffer overflow in the Information Access Service of the IrDA protocol, used for Infrared devices. Remote attackers within IR device range can cause a denial of service or possibly gain elevated privileges. CVE-2011-1182 Julien Tinnes reported an issue in the rt_sigqueueinfo interface. Local users can generate signals with falsified source pid and uid information. CVE-2011-1477 Dan Rosenberg reported issues in the Open Sound System driver for cards that include a Yamaha FM synthesizer chip. This issue does not affect official Debian Linux image packages as they no longer provide support for OSS. However, custom kernels built from Debians linux-source-2.6.32 may have enabled this configuration and would therefore be vulnerable. CVE-2011-1493 Dan Rosenburg reported two issues in the Linux implementation of the Amateur Radio X.25 PLP (Rose) protocol. A remote user can cause a denial of service by providing specially crafted facilities fields. CVE-2011-1577 Timo Warns reported an issue in the Linux support for GPT partition tables. Local users with physical access could cause a denial of service (Oops) by adding a storage device with a malicious partition table header. CVE-2011-1593 Robert Swiecki reported a signednes issue in the next_pidmap() function, which can be exploited my local users to cause a denial of service. CVE-2011-1598 Dave Jones reported an issue in the Broadcast Manager Controller Area Network (CAN/BCM) protocol that may allow local users to cause a NULL pointer dereference, resulting in a denial of service. CVE-2011-1745 Vasiliy Kulikov reported an issue in the Linux support for AGP devices. On default Debian installations, this is exploitable only by users in the video group. CVE-2011-1746 Vasiliy Kulikov reported an issue in the Linux support for AGP devices. On default Debian installations, this is exploitable only by users in the video group. CVE-2011-1748 Oliver Kartkopp reported an issue in the Controller Area Network (CAN) raw socket implementation which permits ocal users to cause a NULL pointer dereference, resulting in a denial of service. CVE-2011-1759 Dan Rosenberg reported an issue in the support for executing "old ABI" binaries on ARM processors. Local users can obtain elevated privileges due to insufficient bounds checking in the semtimedop system call. CVE-2011-1767 Alexecy Dobriyan reported an issue in the GRE over IP implementation. Remote users can cause a denial of service by sending a packet during module initialization. CVE-2011-1768 Alexecy Dobriyan reported an issue in the IP tunnels implementation. Remote users can cause a denial of service by sending a packet during module initialization. CVE-2011-1776 Timo Warns reported an issue in the Linux implementation for GUID partitions. Users with physical access can gain access to sensitive kernel memory by adding a storage device with a specially crafted corrupted invalid partition table. CVE-2011-2022 Vasiliy Kulikov reported an issue in the Linux support for AGP devices. On default Debian installations, this is exploitable only by users in the video group. CVE-2011-2182 Ben Hutchings reported an issue with the fix for CVE-2011-1017 (see above) that made it insufficient to resolve the issue. For the oldstable distribution (lenny), this problem has been fixed in version 2.6.26-26lenny3. Updates for arm and hppa are not yet available, but will be released as soon as possible. The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update: Debian 5.0 (lenny) user-mode-linux 2.6.26-1um-2+26lenny3 We recommend that you upgrade your linux-2.6 and user-mode-linux packages. These updates will not become active until after your system is rebooted. Note: Debian carefully tracks all known security issues across every linux kernel package in all releases under active security support. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, updates for lower priority issues will normally not be released for all kernels at the same time. Rather, they will be released in a staggered or "leap-frog" fashion. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBAgAGBQJN/Uv8AAoJEBv4PF5U/IZAp7QQAJmbSplvSgno69C0IFRzRgGI FS3B6uq5zNcvucQ4O2u5Zj/rPRef/M2Lxj4Vx/9FQ+4SlV/Ryazu3iknLL2iyc8a 3zZBbo6S/OvhK0Prfd88ItCxXviYJchY91qp7Pm5TOkE1rM43XLhDAi1T1W507tY 2rgqUfWkmN0Xq4Ykh3uySsIH6VkLqC5Ay7n5jXapdf3wJkyl1pg/iu0ndTnHaRTC ByQehIMbj4OOivOcy06lS89Aro+KkgPRaA0lp5enegxUZTs5S5AIo7h6v9U078xr bcUcfrOsiTpVuTRND1L7kQQhPjmIv+UlzFjYuGPbHQxfZRVnVIlB4Ny3jIyN1aBx DMqxGR+novsYIuXAZWlsF17UYQXW5CFe+7aeS06bdaWWemJGkV0Mkfb72fwa3uLz sXlLp6fju2N5RQW7WVfjx89X7SAjKmYwQnCMbo0mwdRfujBNgbkm2xCrDy+QIE23 5BnAY18kXpqaRbXPJB0sy8V99Wnl1ZSRRzX0kOZVecrhKAoCUGPJS2X+bDEtIzhB OWzxcC7P94hega5JYzteSZcyBkGRUj4604NCzD38OdPqqWvR3oWtwDRAKIR7gZ/L PRoDZucqfYV+BhXy/ib55qTo/va5gjmnlUFMP2G/TVQk9XQ/q8TxxefmnQc+Qy3A P/Hlaop/HijmZLuNpJB4 =dXCB -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Accela / eAccela BizSearch Search Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45105 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45105/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45105 RELEASE DATE: 2011-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/45105/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45105/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45105 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Accela / eAccela BizSearch, which can be exploited by malicious people to conduct cross-site scripting attacks. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Please see the vendor's advisory for the list of affected versions. SOLUTION: Contact the vendor for patches. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Fujitsu (Japanese): http://software.fujitsu.com/jp/security/products-fujitsu/solution/bizsearch201103.html JVN (English): http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-002807.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . Software Description: - linux-ti-omap4: Linux kernel for OMAP4 Details: Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. (CVE-2010-4250) An error was discovered in the kernel's handling of CUSE (Character device in Userspace). (CVE-2010-4650) A flaw was found in the kernel's Integrity Measurement Architecture (IMA). Changes made by an attacker might not be discovered by IMA, if SELinux was disabled, and a new IMA rule was loaded. (CVE-2011-0006) A flaw was found in the Linux Ethernet bridge's handling of IGMP (Internet Group Management Protocol) packets. (CVE-2011-1759) Ben Hutchings reported a flaw in the kernel's handling of corrupt LDM partitions. (CVE-2011-2182) A flaw was discovered in the Linux kernel's AppArmor security interface when invalid information was written to it. (CVE-2011-3619) It was discovered that some import kernel threads can be blocked by a user level process. (CVE-2012-0038) Chen Haogang discovered an integer overflow that could result in memory corruption. A local unprivileged user could use this to crash the system. (CVE-2012-0044) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.10: linux-image-2.6.35-903-omap4 2.6.35-903.32 After a standard system update you need to reboot your computer to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1394-1 CVE-2010-4250, CVE-2010-4650, CVE-2011-0006, CVE-2011-0716, CVE-2011-1476, CVE-2011-1477, CVE-2011-1759, CVE-2011-1927, CVE-2011-2182, CVE-2011-3619, CVE-2011-4621, CVE-2012-0038, CVE-2012-0044 Package Information: https://launchpad.net/ubuntu/+source/linux-ti-omap4/2.6.35-903.32 . CVE-2011-1016 Marek Olšák discovered an issue in the driver for ATI/AMD Radeon video chips. This update also includes changes queued for the next point release of Debian 6.0, which also fix various non-security issues. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well

Trust: 3.78

sources: NVD: CVE-2011-1477 // JVNDB: JVNDB-2010-002807 // JVNDB: JVNDB-2012-002832 // CNVD: CNVD-2011-2492 // BID: 47009 // IVD: 1edccd3a-1f91-11e6-abef-000c29c66e3d // PACKETSTORM: 102430 // PACKETSTORM: 102644 // PACKETSTORM: 110534 // PACKETSTORM: 101680 // PACKETSTORM: 110495

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 1edccd3a-1f91-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-2492

AFFECTED PRODUCTS

vendor:linuxmodel:kernelscope:lteversion:2.6.38.8

Trust: 1.0

vendor:susemodel:linux enterprise desktopscope:eqversion:10

Trust: 1.0

vendor:fujitsumodel:accela bizsearchscope:eqversion:3.1/3.0

Trust: 0.8

vendor:accelamodel:bizsearchscope:eqversion:enterprise edition v3.0l10

Trust: 0.8

vendor:accelamodel:bizsearchscope:eqversion:enterprise edition v3.0l10a

Trust: 0.8

vendor:accelamodel:bizsearchscope:eqversion:enterprise edition v3.0l12

Trust: 0.8

vendor:accelamodel:bizsearchscope:eqversion:enterprise edition v3.1l10

Trust: 0.8

vendor:accelamodel:bizsearchscope:eqversion:enterprise edition v3.2l10v

Trust: 0.8

vendor:accelamodel:bizsearchscope:eqversion:standard edition v3.0l10

Trust: 0.8

vendor:accelamodel:bizsearchscope:eqversion:standard edition v3.0l10a

Trust: 0.8

vendor:accelamodel:bizsearchscope:eqversion:standard edition v3.0l12

Trust: 0.8

vendor:accelamodel:bizsearchscope:eqversion:standard edition v3.1l10

Trust: 0.8

vendor:accelamodel:bizsearchscope:eqversion:standard edition v3.2l10

Trust: 0.8

vendor:accelamodel:bizsearchscope:eqversion:workgroup edition v3.0l10

Trust: 0.8

vendor:accelamodel:bizsearchscope:eqversion:workgroup edition v3.0l10a

Trust: 0.8

vendor:accelamodel:bizsearchscope:eqversion:workgroup edition v3.0l12

Trust: 0.8

vendor:accelamodel:bizsearchscope:eqversion:workgroup edition v3.1l10

Trust: 0.8

vendor:accelamodel:bizsearchscope:eqversion:workgroup edition v3.2l10

Trust: 0.8

vendor:accelamodel:eaccela bizsearchscope:eqversion:enterprise edition v1.0

Trust: 0.8

vendor:accelamodel:eaccela bizsearchscope:eqversion:enterprise edition v2.0

Trust: 0.8

vendor:accelamodel:eaccela bizsearchscope:eqversion:enterprise edition v2.0a

Trust: 0.8

vendor:accelamodel:eaccela bizsearchscope:eqversion:enterprise edition v2.1

Trust: 0.8

vendor:accelamodel:eaccela bizsearchscope:eqversion:enterprise edition v2.1l12

Trust: 0.8

vendor:accelamodel:eaccela bizsearchscope:eqversion:standard edition v1.0

Trust: 0.8

vendor:accelamodel:eaccela bizsearchscope:eqversion:standard edition v2.0

Trust: 0.8

vendor:accelamodel:eaccela bizsearchscope:eqversion:standard edition v2.0a

Trust: 0.8

vendor:accelamodel:eaccela bizsearchscope:eqversion:standard edition v2.1

Trust: 0.8

vendor:accelamodel:eaccela bizsearchscope:eqversion:standard edition v2.1a

Trust: 0.8

vendor:accelamodel:eaccela bizsearchscope:eqversion:standard edition v2.1l12

Trust: 0.8

vendor:accelamodel:eaccela bizsearchscope:eqversion:workgroup edition v1.0

Trust: 0.8

vendor:accelamodel:eaccela bizsearchscope:eqversion:workgroup edition v2.0

Trust: 0.8

vendor:accelamodel:eaccela bizsearchscope:eqversion:workgroup edition v2.0a

Trust: 0.8

vendor:accelamodel:eaccela bizsearchscope:eqversion:workgroup edition v2.1

Trust: 0.8

vendor:accelamodel:eaccela bizsearchscope:eqversion:workgroup edition v2.1a

Trust: 0.8

vendor:accelamodel:eaccela bizsearchscope:eqversion:workgroup edition v2.1l12

Trust: 0.8

vendor:linuxmodel:kernelscope:ltversion:2.6.39

Trust: 0.8

vendor:fujitsumodel:eaccela bizsearchscope:eqversion:2.1/2.0/1.0

Trust: 0.6

vendor:linuxmodel:kernelscope:eqversion:2.6.38.8

Trust: 0.6

vendor:linuxmodel:kernelscope:eqversion:2.6.17.7

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.12

Trust: 0.3

vendor:debianmodel:linux armelscope:eqversion:5.0

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.2

Trust: 0.3

vendor:linuxmodel:kernel 2.6.33-rc4scope: - version: -

Trust: 0.3

vendor:debianmodel:linux hppascope:eqversion:5.0

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:5.0

Trust: 0.3

vendor:linuxmodel:kernel 2.6.33-rc7scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.18.7

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.11.10

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.17.13

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.34.2

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.14.2

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.15.3

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.8

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.14.6

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32.15

Trust: 0.3

vendor:linuxmodel:kernel 2.6.36-rc8scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernel 2.6.35-rc5scope: - version: -

Trust: 0.3

vendor:susemodel:linux enterprise high availability extension sp1scope:eqversion:11

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.3

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.14.4

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32.5

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32.16

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.36

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.13.3

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.13.1

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.34

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.23.4

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.12.2

Trust: 0.3

vendor:ubuntumodel:linux lts amd64scope:eqversion:8.04

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.17.9

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:10.10

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.17.11

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.5

Trust: 0.3

vendor:ubuntumodel:linux lts powerpcscope:eqversion:8.04

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.23.7

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.11.2

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.16.8

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.12.5

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32.4

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.15.5

Trust: 0.3

vendor:linuxmodel:kernel -rc5scope:eqversion:2.6.24

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.18.6

Trust: 0.3

vendor:linuxmodel:kernel 2.6.33-rc6-git5scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernel 2.6.36-rc6scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.33.1

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.18.2

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:5.0

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.15.2

Trust: 0.3

vendor:susemodel:linux enterprise sdk sp4scope:eqversion:10

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.34.1

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.17

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.13.2

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.16.6

Trust: 0.3

vendor:linuxmodel:kernel 2.6.34-rc6scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.11.5

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.11.9

Trust: 0.3

vendor:linuxmodel:kernel 2.6.34-rc2scope: - version: -

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.4

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32.2

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.35

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.17.5

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.11

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32.1

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.17.3

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.11.8

Trust: 0.3

vendor:ubuntumodel:linux lts sparcscope:eqversion:8.04

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.17.1

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:10.10

Trust: 0.3

vendor:ubuntumodel:linux lts i386scope:eqversion:8.04

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32.13

Trust: 0.3

vendor:linuxmodel:kernel 2.6.36-rc4scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.17.2

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.14.3

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32.18

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32.11

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.22

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp1scope:eqversion:11

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.17.8

Trust: 0.3

vendor:linuxmodel:kernel 2.6.35-rc1scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.18.4

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.23.6

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:10.10

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.16.5

Trust: 0.3

vendor:linuxmodel:kernel 2.6.35-rc5-git5scope: - version: -

Trust: 0.3

vendor:debianmodel:linuxscope:eqversion:5.0

Trust: 0.3

vendor:susemodel:linux enterprise server sp1scope:eqversion:11

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.11.3

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.15.4

Trust: 0.3

vendor:linuxmodel:kernel 2.6.36-rc5scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.17.4

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.22.7

Trust: 0.3

vendor:susemodel:linux enterprise server sp4scope:eqversion:10

Trust: 0.3

vendor:linuxmodel:kernel rc3scope:eqversion:2.6.24

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:10.10

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.11.12

Trust: 0.3

vendor:linuxmodel:kernel 2.6.34-rc1scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.35.1

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.11.6

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32.10

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.18.8

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.13.5

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.4

Trust: 0.3

vendor:linuxmodel:kernel 2.6.24-rc1scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.12.1

Trust: 0.3

vendor:redhatmodel:enterprise mrg for red hat enterprise linux versionscope:eqversion:v15

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.14.5

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.15.6

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.17.10

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.11.11

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32.3

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.9

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.15

Trust: 0.3

vendor:debianmodel:linux alphascope:eqversion:5.0

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.18.1

Trust: 0.3

vendor:susemodel:linux enterprise server sp3scope:eqversion:10

Trust: 0.3

vendor:ubuntumodel:linux lts lpiascope:eqversion:8.04

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.11.1

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.12.4

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.6

Trust: 0.3

vendor:linuxmodel:kernel 2.6.33-rc6scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.22.2

Trust: 0.3

vendor:linuxmodel:kernel rc2scope:eqversion:2.6.24

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.7

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.10

Trust: 0.3

vendor:linuxmodel:kernel -rc4scope:eqversion:2.6.24

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.17.6

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.13

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.3

Trust: 0.3

vendor:linuxmodel:kernel 2.6.34-rc5scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32.14

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.14.7

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.11.7

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.35.4

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.33.7

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:5.0

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.15.7

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.22.3

Trust: 0.3

vendor:linuxmodel:kernel 2.6.36-rc1scope: - version: -

Trust: 0.3

vendor:susemodel:linux enterprise sdk sp3scope:eqversion:10

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32.9

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32.7

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.11.4

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.8.1

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.15.1

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.16.7

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:5.0

Trust: 0.3

vendor:linuxmodel:kernel 2.6.35-rc4scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.17.14

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32.8

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.33

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.23

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.23.3

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.14.1

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.14

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32.6

Trust: 0.3

vendor:linuxmodel:kernel 2.6.33-rc8scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32.17

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp4scope:eqversion:10

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.32.12

Trust: 0.3

vendor:susemodel:linux enterprise real time sp1scope:eqversion:11

Trust: 0.3

vendor:linuxmodel:kernel 2.6.35-rc6scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.27.51

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.0

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.22.4

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.2

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.22.5

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.18.5

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.18.3

Trust: 0.3

vendor:linuxmodel:kernel 2.6.34-rc4scope: - version: -

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:5.0

Trust: 0.3

vendor:debianmodel:linux mipselscope:eqversion:5.0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:5.0

Trust: 0.3

vendor:linuxmodel:kernel 2.6.33-rc5scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.12.3

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.12.6

Trust: 0.3

vendor:linuxmodel:kernel rc2scope:eqversion:2.6.23

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.35.5

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.13.4

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.23.2

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.34.3

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.17.12

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.16.9

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.22.6

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.23.1

Trust: 0.3

vendor:debianmodel:linux m68kscope:eqversion:5.0

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:5.0

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.23.5

Trust: 0.3

vendor:linuxmodel:kernel 2.6.34-rc2-git1scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.6.16.4

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:5.0

Trust: 0.3

vendor:fujitsumodel:eaccela bizsearchscope:eqversion:2.1/2.0/1.0*

Trust: 0.2

sources: IVD: 1edccd3a-1f91-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-2492 // BID: 47009 // JVNDB: JVNDB-2010-002807 // JVNDB: JVNDB-2012-002832 // CNNVD: CNNVD-201106-382 // NVD: CVE-2011-1477

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-1477
value: HIGH

Trust: 1.0

IPA: JVNDB-2010-002807
value: MEDIUM

Trust: 0.8

NVD: CVE-2011-1477
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201106-382
value: LOW

Trust: 0.6

IVD: 1edccd3a-1f91-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

nvd@nist.gov: CVE-2011-1477
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2010-002807
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

NVD: CVE-2011-1477
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

IVD: 1edccd3a-1f91-11e6-abef-000c29c66e3d
severity: NONE
baseScore: NONE
vectorString: NONE
accessVector: NONE
accessComplexity: NONE
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: UNKNOWN

Trust: 0.2

sources: IVD: 1edccd3a-1f91-11e6-abef-000c29c66e3d // JVNDB: JVNDB-2010-002807 // JVNDB: JVNDB-2012-002832 // CNNVD: CNNVD-201106-382 // NVD: CVE-2011-1477

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.0

problemtype:CWE-264

Trust: 1.0

problemtype:CWE-79

Trust: 0.8

problemtype:CWE-Other

Trust: 0.8

sources: JVNDB: JVNDB-2010-002807 // JVNDB: JVNDB-2012-002832 // NVD: CVE-2011-1477

THREAT TYPE

local

Trust: 1.0

sources: BID: 47009 // PACKETSTORM: 110495 // CNNVD: CNNVD-201106-382

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201106-382

CONFIGURATIONS

sources: JVNDB: JVNDB-2010-002807

PATCH

title:Top Pageurl:http://www.accelatech.com

Trust: 0.8

title:bizsearch201103url:http://software.fujitsu.com/jp/security/products-fujitsu/solution/bizsearch201103.html

Trust: 0.8

title:ChangeLog-2.6.39url:http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39

Trust: 0.8

title:sound/oss/opl3: validate voice and channel indexesurl:https://github.com/torvalds/linux/commit/4d00135a680727f6c3be78f8befaac009030e4df

Trust: 0.8

title:linux/kernel/git/torvalds/linux-2.6.git / commiturl:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4d00135a680727f6c3be78f8befaac009030e4df

Trust: 0.8

title:Linux Kernel Archivesurl:http://www.kernel.org

Trust: 0.8

title:Fujitsu Accela BizSearch patch for unclear cross-site scripting vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/4290

Trust: 0.6

title:linux-3.4.4url:http://123.124.177.30/web/xxk/bdxqById.tag?id=43488

Trust: 0.6

sources: CNVD: CNVD-2011-2492 // JVNDB: JVNDB-2010-002807 // JVNDB: JVNDB-2012-002832 // CNNVD: CNNVD-201106-382

EXTERNAL IDS

db:NVDid:CVE-2011-1477

Trust: 3.1

db:OPENWALLid:OSS-SECURITY/2011/03/25/1

Trust: 1.6

db:JVNDBid:JVNDB-2010-002807

Trust: 1.5

db:CNVDid:CNVD-2011-2492

Trust: 0.8

db:JVNDBid:JVNDB-2012-002832

Trust: 0.8

db:BIDid:48497

Trust: 0.6

db:CNNVDid:CNNVD-201106-382

Trust: 0.6

db:BIDid:47009

Trust: 0.3

db:IVDid:1EDCCD3A-1F91-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:SECUNIAid:45105

Trust: 0.2

db:PACKETSTORMid:102430

Trust: 0.1

db:PACKETSTORMid:102644

Trust: 0.1

db:PACKETSTORMid:110534

Trust: 0.1

db:PACKETSTORMid:101680

Trust: 0.1

db:PACKETSTORMid:110495

Trust: 0.1

sources: IVD: 1edccd3a-1f91-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-2492 // BID: 47009 // JVNDB: JVNDB-2010-002807 // JVNDB: JVNDB-2012-002832 // PACKETSTORM: 102430 // PACKETSTORM: 102644 // PACKETSTORM: 110534 // PACKETSTORM: 101680 // PACKETSTORM: 110495 // CNNVD: CNNVD-201106-382 // NVD: CVE-2011-1477

REFERENCES

url:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html

Trust: 1.6

url:http://ftp.osuosl.org/pub/linux/kernel/v2.6/changelog-2.6.39

Trust: 1.6

url:https://github.com/torvalds/linux/commit/4d00135a680727f6c3be78f8befaac009030e4df

Trust: 1.6

url:http://www.openwall.com/lists/oss-security/2011/03/25/1

Trust: 1.6

url:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3ba=commit%3bh=4d00135a680727f6c3be78f8befaac009030e4df

Trust: 1.6

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1477

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1477

Trust: 0.8

url:http://jvndb.jvn.jp/en/contents/2010/jvndb-2010-002807.html

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2011-1477

Trust: 0.4

url:http://www.linux.org/

Trust: 0.3

url:http://marc.info/?l=linux-kernel&m=130089499728386&w=2

Trust: 0.3

url:http://permalink.gmane.org/gmane.comp.security.oss.general/4609

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-1476

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-0711

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-1172

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-0726

Trust: 0.2

url:http://www.debian.org/security/faq

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-1593

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-1163

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-1182

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-1090

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-1173

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-1170

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-1078

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-1493

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-1080

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-1160

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-0695

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2010-3875

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-1171

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-1079

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-1180

Trust: 0.2

url:http://www.debian.org/security/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-2182

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2010-4075

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0710

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1577

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1010

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-4655

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1017

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1093

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2524

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1012

Trust: 0.1

url:http://secunia.com/products/corporate/vim/fs_request_2011/

Trust: 0.1

url:http://secunia.com/advisories/45105/#comments

Trust: 0.1

url:http://secunia.com/advisories/45105/

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=45105

Trust: 0.1

url:http://secunia.com/vulnerability_intelligence/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://software.fujitsu.com/jp/security/products-fujitsu/solution/bizsearch201103.html

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-4650

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1927

Trust: 0.1

url:http://www.ubuntu.com/usn/usn-1394-1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0716

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3619

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0044

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0038

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0006

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-4250

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-4621

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1759

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-ti-omap4/2.6.35-903.32

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1598

Trust: 0.1

url:http://secunia.com/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1585

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1745

Trust: 0.1

url:http://lists.grok.org.uk/full-disclosure-charter.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1495

Trust: 0.1

url:http://packages.debian.org/changelogs/pool/main/l/linux-2.6/linux-2.6_2.6.32-34/changelog

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1494

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1478

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1016

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1746

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux/2.6.24-31.99

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-4324

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0028

Trust: 0.1

url:http://www.ubuntu.com/usn/usn-1390-1

Trust: 0.1

sources: CNVD: CNVD-2011-2492 // BID: 47009 // JVNDB: JVNDB-2012-002832 // PACKETSTORM: 102430 // PACKETSTORM: 102644 // PACKETSTORM: 110534 // PACKETSTORM: 101680 // PACKETSTORM: 110495 // CNNVD: CNNVD-201106-382 // NVD: CVE-2011-1477

CREDITS

Dan Rosenberg

Trust: 0.3

sources: BID: 47009

SOURCES

db:IVDid:1edccd3a-1f91-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2011-2492
db:BIDid:47009
db:JVNDBid:JVNDB-2010-002807
db:JVNDBid:JVNDB-2012-002832
db:PACKETSTORMid:102430
db:PACKETSTORMid:102644
db:PACKETSTORMid:110534
db:PACKETSTORMid:101680
db:PACKETSTORMid:110495
db:CNNVDid:CNNVD-201106-382
db:NVDid:CVE-2011-1477

LAST UPDATE DATE

2024-11-23T20:27:33.056000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2011-2492date:2011-06-30T00:00:00
db:BIDid:47009date:2015-03-19T08:31:00
db:JVNDBid:JVNDB-2010-002807date:2011-06-29T00:00:00
db:JVNDBid:JVNDB-2012-002832date:2012-06-25T00:00:00
db:CNNVDid:CNNVD-201106-382date:2023-02-14T00:00:00
db:NVDid:CVE-2011-1477date:2024-11-21T01:26:24.367

SOURCES RELEASE DATE

db:IVDid:1edccd3a-1f91-11e6-abef-000c29c66e3ddate:2011-06-30T00:00:00
db:CNVDid:CNVD-2011-2492date:2011-06-30T00:00:00
db:BIDid:47009date:2011-03-23T00:00:00
db:JVNDBid:JVNDB-2010-002807date:2011-06-29T00:00:00
db:JVNDBid:JVNDB-2012-002832date:2012-06-25T00:00:00
db:PACKETSTORMid:102430date:2011-06-19T20:36:32
db:PACKETSTORMid:102644date:2011-06-29T09:00:20
db:PACKETSTORMid:110534date:2012-03-07T23:14:40
db:PACKETSTORMid:101680date:2011-05-25T14:08:37
db:PACKETSTORMid:110495date:2012-03-07T00:01:40
db:CNNVDid:CNNVD-201106-382date:1900-01-01T00:00:00
db:NVDid:CVE-2011-1477date:2012-06-21T23:55:02.240