ID

VAR-201503-0050


CVE

CVE-2015-0228


TITLE

Apache HTTP Server of mod_lua Service disruption in modules (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-001673

DESCRIPTION

The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function. Oracle has released advance notification regarding the July 2016 Critical Patch Update (CPU) to be released on July 19, 2016. The update addresses 276 vulnerabilities affecting the following software: Oracle Application Express Oracle Database Server Oracle Access Manager Oracle BI Publisher Oracle Business Intelligence Enterprise Edition Oracle Directory Server Enterprise Edition Oracle Exalogic Infrastructure Oracle Fusion Middleware Oracle GlassFish Server Oracle HTTP Server Oracle JDeveloper Oracle Portal Oracle WebCenter Sites Oracle WebLogic Server Outside In Technology Hyperion Financial Reporting Enterprise Manager Base Platform Enterprise Manager for Fusion Middleware Enterprise Manager Ops Center Oracle E-Business Suite Oracle Agile Engineering Data Management Oracle Agile PLM Oracle Demand Planning Oracle Engineering Data Management Oracle Transportation Management PeopleSoft Enterprise FSCM PeopleSoft Enterprise PeopleTools JD Edwards EnterpriseOne Tools Siebel Applications Oracle Fusion Applications Oracle Communications ASAP Oracle Communications Core Session Manager Oracle Communications EAGLE Application Processor Oracle Communications Messaging Server Oracle Communications Network Charging and Control Oracle Communications Operations Monitor Oracle Communications Policy Management Oracle Communications Session Border Controller Oracle Communications Unified Session Manager Oracle Enterprise Communications Broker Oracle Banking Platform Oracle Financial Services Lending and Leasing Oracle FLEXCUBE Direct Banking Oracle Health Sciences Clinical Development Center Oracle Health Sciences Information Manager Oracle Healthcare Analytics Data Integration Oracle Healthcare Master Person Index Oracle Documaker Oracle Insurance Calculation Engine Oracle Insurance Policy Administration J2EE Oracle Insurance Rules Palette MICROS Retail XBRi Loss Prevention Oracle Retail Central Oracle Back Office Oracle Returns Management Oracle Retail Integration Bus Oracle Retail Order Broker Oracle Retail Service Backbone Oracle Retail Store Inventory Management Oracle Utilities Framework Oracle Utilities Network Management System Oracle Utilities Work and Asset Management Oracle In-Memory Policy Analytics Oracle Policy Automation Oracle Policy Automation Connector for Siebel Oracle Policy Automation for Mobile Devices Primavera Contract Management Primavera P6 Enterprise Project Portfolio Management Oracle Java SE Oracle Java SE Embedded Oracle JRockit 40G 10G 72/64 Ethernet Switch Fujitsu M10-1 Servers Fujitsu M10-4 Servers Fujitsu M10-4S Servers ILOM Oracle Switch ES1-24 Solaris Solaris Cluster SPARC Enterprise M3000 Servers SPARC Enterprise M4000 Servers SPARC Enterprise M5000 Servers SPARC Enterprise M8000 Servers SPARC Enterprise M9000 Servers Sun Blade 6000 Ethernet Switched NEM 24P 10GE Sun Data Center InfiniBand Switch 36 Sun Network 10GE Switch 72p Sun Network QDR InfiniBand Gateway Switch Oracle Secure Global Desktop Oracle VM VirtualBox MySQL Server Exploiting the most severe of these vulnerabilities may potentially compromise the database server or the host operating system. Apache HTTP Server is prone to a remote denial-of-service vulnerability. A remote attacker may exploit this issue to trigger denial-of-service conditions. Versions prior to Apache HTTP Server 2.4.13 are vulnerable. The server is fast, reliable and extensible through a simple API. ============================================================================ Ubuntu Security Notice USN-2523-1 March 10, 2015 apache2 vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS - Ubuntu 10.04 LTS Summary: Several security issues were fixed in the Apache HTTP Server. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2014-3581) Teguh P. Alko discovered that the mod_proxy_fcgi module incorrectly handled long response headers. This issue only affected Ubuntu 14.10. (CVE-2014-3583) It was discovered that the mod_lua module incorrectly handled different arguments within different contexts. This issue only affected Ubuntu 14.10. (CVE-2014-8109) Guido Vranken discovered that the mod_lua module incorrectly handled a specially crafted websocket PING in certain circumstances. This issue only affected Ubuntu 14.10. (CVE-2015-0228) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.10: apache2.2-bin 2.4.10-1ubuntu1.1 Ubuntu 14.04 LTS: apache2.2-bin 2.4.7-1ubuntu4.4 Ubuntu 12.04 LTS: apache2.2-bin 2.2.22-1ubuntu1.8 Ubuntu 10.04 LTS: apache2.2-bin 2.2.14-5ubuntu8.15 In general, a standard system update will make all the necessary changes. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. mod_lua.c in the mod_lua module in the Apache HTTP Server through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging multiple Require directives, as demonstrated by a configuration that specifies authorization for one group to access a certain directory, and authorization for a second group to access a second directory (CVE-2014-8109). A malicious client could use Trailer headers to set additional HTTP headers after header processing was performed by other modules. This could, for example, lead to a bypass of header restrictions defined with mod_headers (CVE-2013-5704). Note: With this update, httpd has been modified to not merge HTTP Trailer headers with other HTTP request headers. A newly introduced configuration directive MergeTrailers can be used to re-enable the old method of processing Trailer headers, which also re-introduces the aforementioned flaw. This update also fixes the following bug: Prior to this update, the mod_proxy_wstunnel module failed to set up an SSL connection when configured to use a back end server using the wss: URL scheme, causing proxied connections to fail. In these updated packages, SSL is used when proxying to wss: back end servers (rhbz#1141950). The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFVFnRImqjQ0CJFipgRAhbAAKDF22tbaWSxzaiqvhq0t6uM1bwWvgCfVNIJ 7XU6s8wMPlxQucpKSIVIKYI= =4uS5 -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: httpd24-httpd security update Advisory ID: RHSA-2015:1666-01 Product: Red Hat Software Collections Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1666.html Issue date: 2015-08-24 CVE Names: CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185 ===================================================================== 1. Summary: Updated httpd24-httpd packages that fix multiple security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. (CVE-2015-3183) It was discovered that in httpd 2.4, the internal API function ap_some_auth_required() could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied. (CVE-2015-3185) Note: This update introduces new a new API function, ap_some_authn_required(), which correctly indicates if a request is authenticated. External httpd modules using the old API function should be modified to use the new one to completely resolve this issue. A denial of service flaw was found in the way the mod_lua httpd module processed certain WebSocket Ping requests. (CVE-2015-0228) A NULL pointer dereference flaw was found in the way httpd generated certain error responses. A remote attacker could possibly use this flaw to crash the httpd child process using a request that triggers a certain HTTP error. (CVE-2015-0253) All httpd24-httpd users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd24-httpd service will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1202988 - CVE-2015-0228 httpd: Possible mod_lua crash due to websocket bug 1243887 - CVE-2015-3183 httpd: HTTP request smuggling attack against chunked request parser 1243888 - CVE-2015-3185 httpd: ap_some_auth_required() does not properly indicate authenticated request in 2.4 1243891 - CVE-2015-0253 httpd: NULL pointer dereference crash with ErrorDocument 400 pointing to a local URL-path 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: httpd24-httpd-2.4.12-4.el6.2.src.rpm noarch: httpd24-httpd-manual-2.4.12-4.el6.2.noarch.rpm x86_64: httpd24-httpd-2.4.12-4.el6.2.x86_64.rpm httpd24-httpd-debuginfo-2.4.12-4.el6.2.x86_64.rpm httpd24-httpd-devel-2.4.12-4.el6.2.x86_64.rpm httpd24-httpd-tools-2.4.12-4.el6.2.x86_64.rpm httpd24-mod_ldap-2.4.12-4.el6.2.x86_64.rpm httpd24-mod_proxy_html-2.4.12-4.el6.2.x86_64.rpm httpd24-mod_session-2.4.12-4.el6.2.x86_64.rpm httpd24-mod_ssl-2.4.12-4.el6.2.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5): Source: httpd24-httpd-2.4.12-4.el6.2.src.rpm noarch: httpd24-httpd-manual-2.4.12-4.el6.2.noarch.rpm x86_64: httpd24-httpd-2.4.12-4.el6.2.x86_64.rpm httpd24-httpd-debuginfo-2.4.12-4.el6.2.x86_64.rpm httpd24-httpd-devel-2.4.12-4.el6.2.x86_64.rpm httpd24-httpd-tools-2.4.12-4.el6.2.x86_64.rpm httpd24-mod_ldap-2.4.12-4.el6.2.x86_64.rpm httpd24-mod_proxy_html-2.4.12-4.el6.2.x86_64.rpm httpd24-mod_session-2.4.12-4.el6.2.x86_64.rpm httpd24-mod_ssl-2.4.12-4.el6.2.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6): Source: httpd24-httpd-2.4.12-4.el6.2.src.rpm noarch: httpd24-httpd-manual-2.4.12-4.el6.2.noarch.rpm x86_64: httpd24-httpd-2.4.12-4.el6.2.x86_64.rpm httpd24-httpd-debuginfo-2.4.12-4.el6.2.x86_64.rpm httpd24-httpd-devel-2.4.12-4.el6.2.x86_64.rpm httpd24-httpd-tools-2.4.12-4.el6.2.x86_64.rpm httpd24-mod_ldap-2.4.12-4.el6.2.x86_64.rpm httpd24-mod_proxy_html-2.4.12-4.el6.2.x86_64.rpm httpd24-mod_session-2.4.12-4.el6.2.x86_64.rpm httpd24-mod_ssl-2.4.12-4.el6.2.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: httpd24-httpd-2.4.12-4.el6.2.src.rpm noarch: httpd24-httpd-manual-2.4.12-4.el6.2.noarch.rpm x86_64: httpd24-httpd-2.4.12-4.el6.2.x86_64.rpm httpd24-httpd-debuginfo-2.4.12-4.el6.2.x86_64.rpm httpd24-httpd-devel-2.4.12-4.el6.2.x86_64.rpm httpd24-httpd-tools-2.4.12-4.el6.2.x86_64.rpm httpd24-mod_ldap-2.4.12-4.el6.2.x86_64.rpm httpd24-mod_proxy_html-2.4.12-4.el6.2.x86_64.rpm httpd24-mod_session-2.4.12-4.el6.2.x86_64.rpm httpd24-mod_ssl-2.4.12-4.el6.2.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: httpd24-httpd-2.4.12-6.el7.1.src.rpm noarch: httpd24-httpd-manual-2.4.12-6.el7.1.noarch.rpm x86_64: httpd24-httpd-2.4.12-6.el7.1.x86_64.rpm httpd24-httpd-debuginfo-2.4.12-6.el7.1.x86_64.rpm httpd24-httpd-devel-2.4.12-6.el7.1.x86_64.rpm httpd24-httpd-tools-2.4.12-6.el7.1.x86_64.rpm httpd24-mod_ldap-2.4.12-6.el7.1.x86_64.rpm httpd24-mod_proxy_html-2.4.12-6.el7.1.x86_64.rpm httpd24-mod_session-2.4.12-6.el7.1.x86_64.rpm httpd24-mod_ssl-2.4.12-6.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1): Source: httpd24-httpd-2.4.12-6.el7.1.src.rpm noarch: httpd24-httpd-manual-2.4.12-6.el7.1.noarch.rpm x86_64: httpd24-httpd-2.4.12-6.el7.1.x86_64.rpm httpd24-httpd-debuginfo-2.4.12-6.el7.1.x86_64.rpm httpd24-httpd-devel-2.4.12-6.el7.1.x86_64.rpm httpd24-httpd-tools-2.4.12-6.el7.1.x86_64.rpm httpd24-mod_ldap-2.4.12-6.el7.1.x86_64.rpm httpd24-mod_proxy_html-2.4.12-6.el7.1.x86_64.rpm httpd24-mod_session-2.4.12-6.el7.1.x86_64.rpm httpd24-mod_ssl-2.4.12-6.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: httpd24-httpd-2.4.12-6.el7.1.src.rpm noarch: httpd24-httpd-manual-2.4.12-6.el7.1.noarch.rpm x86_64: httpd24-httpd-2.4.12-6.el7.1.x86_64.rpm httpd24-httpd-debuginfo-2.4.12-6.el7.1.x86_64.rpm httpd24-httpd-devel-2.4.12-6.el7.1.x86_64.rpm httpd24-httpd-tools-2.4.12-6.el7.1.x86_64.rpm httpd24-mod_ldap-2.4.12-6.el7.1.x86_64.rpm httpd24-mod_proxy_html-2.4.12-6.el7.1.x86_64.rpm httpd24-mod_session-2.4.12-6.el7.1.x86_64.rpm httpd24-mod_ssl-2.4.12-6.el7.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-0228 https://access.redhat.com/security/cve/CVE-2015-0253 https://access.redhat.com/security/cve/CVE-2015-3183 https://access.redhat.com/security/cve/CVE-2015-3185 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFV22bPXlSAg2UNWIIRAmm2AKCI6AByn1Zlj/2R8aLKFD4hZno5VgCfcx8H y5DWl0MjeqKeAOHiddwyDdU= =yzQP -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . These issues were addressed by updating Apache to version 2.4.16. CVE-ID CVE-2013-5704 CVE-2014-3581 CVE-2014-3583 CVE-2014-8109 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185 BIND Available for: OS X Yosemite v10.10.4 or later Impact: Multiple vulnerabilities in BIND, the most severe of which may allow a remote attacker to cause a denial of service Description: Multiple vulnerabilities existed in BIND versions prior to 9.9.7. These issues were addressed by updating BIND to version 9.9.7. CVE-ID CVE-2014-8500 CVE-2015-1349 PostgreSQL Available for: OS X Yosemite v10.10.4 or later Impact: Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution Description: Multiple vulnerabilities existed in PostgreSQL versions prior to 9.3.9. These issues were addressed by updating PostgreSQL to version 9.3.9. CVE-ID CVE-2014-0067 CVE-2014-8161 CVE-2015-0241 CVE-2015-0242 CVE-2015-0243 CVE-2015-0244 CVE-2015-3165 CVE-2015-3166 CVE-2015-3167 Wiki Server Available for: OS X Yosemite v10.10.4 or later Impact: Multiple XML security issues in Wiki Server Description: Multiple XML vulnerabilities existed in Wiki Server based on Twisted. This issue was addressed by removing Twisted. CVE-ID CVE-2015-5911 : Zachary Jones of WhiteHat Security Threat Research Center OS X Server 5.0.3 may be obtained from the Mac App Store. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/httpd-2.4.16-i486-1_slack14.1.txz: Upgraded. This update fixes the following security issues: * CVE-2015-0253: Fix a crash with ErrorDocument 400 pointing to a local URL-path with the INCLUDES filter active, introduced in 2.4.11. * CVE-2015-3183: core: Fix chunk header parsing defect. Remove apr_brigade_flatten(), buffering and duplicated code from the HTTP_IN filter, parse chunks in a single pass with zero copy. Limit accepted chunk-size to 2^63-1 and be strict about chunk-ext authorized characters. * CVE-2015-3185: Replacement of ap_some_auth_required (unusable in Apache httpd 2.4) with new ap_some_authn_required and ap_force_authn hook. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0228 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0253 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/httpd-2.4.16-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/httpd-2.4.16-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/httpd-2.4.16-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/httpd-2.4.16-x86_64-1_slack14.1.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/httpd-2.4.16-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/httpd-2.4.16-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.0 package: d78c9925e69ba6ce14d67fb67245981b httpd-2.4.16-i486-1_slack14.0.txz Slackware x86_64 14.0 package: 1370e3c7e135bf07b65e73049099a942 httpd-2.4.16-x86_64-1_slack14.0.txz Slackware 14.1 package: ea116c45bba8c80f59cfe0394a8f87fa httpd-2.4.16-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 8b5b1caa1fa203b07b529f77834fac16 httpd-2.4.16-x86_64-1_slack14.1.txz Slackware -current package: 01ccb961f17bd14c1d157892af4c9f1d n/httpd-2.4.16-i586-1.txz Slackware x86_64 -current package: 70a6644de3585007861e57cf08608843 n/httpd-2.4.16-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg httpd-2.4.16-i486-1_slack14.1.txz Then, restart Apache httpd: # /etc/rc.d/rc.httpd stop # /etc/rc.d/rc.httpd start +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address

Trust: 2.79

sources: NVD: CVE-2015-0228 // JVNDB: JVNDB-2015-001673 // BID: 91787 // BID: 73041 // VULHUB: VHN-78174 // VULMON: CVE-2015-0228 // PACKETSTORM: 130735 // PACKETSTORM: 131098 // PACKETSTORM: 133281 // PACKETSTORM: 133619 // PACKETSTORM: 132743

AFFECTED PRODUCTS

vendor:apachemodel:http serverscope:lteversion:2.4.12

Trust: 1.8

vendor:applemodel:mac os x serverscope:eqversion:5.0.3

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.10.4

Trust: 1.6

vendor:oraclemodel:enterprise manager ops centerscope:eqversion:12.3.2

Trust: 1.4

vendor:oraclemodel:enterprise manager ops centerscope:eqversion:12.2.2

Trust: 1.4

vendor:oraclemodel:enterprise manager ops centerscope:eqversion:12.1.4

Trust: 1.4

vendor:canonicalmodel:ubuntu linuxscope:eqversion:12.04

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.10

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:10.04

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.04

Trust: 1.0

vendor:opensusemodel:opensusescope:eqversion:13.2

Trust: 1.0

vendor:oraclemodel:jre updatescope:eqversion:1.8.092

Trust: 0.9

vendor:oraclemodel:jre updatescope:eqversion:1.8.091

Trust: 0.9

vendor:oraclemodel:jre updatescope:eqversion:1.7.0101

Trust: 0.9

vendor:oraclemodel:jre updatescope:eqversion:1.6.0115

Trust: 0.9

vendor:oraclemodel:jdk updatescope:eqversion:1.8.092

Trust: 0.9

vendor:oraclemodel:jdk updatescope:eqversion:1.8.091

Trust: 0.9

vendor:oraclemodel:jdk updatescope:eqversion:1.7.0101

Trust: 0.9

vendor:oraclemodel:jdk updatescope:eqversion:1.6.0115

Trust: 0.9

vendor:applemodel:mac os xscope:eqversion:10.10 to 10.10.4

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.9.5

Trust: 0.8

vendor:applemodel:macos serverscope:ltversion:5.0.3 (os x yosemite v10.10.5 or later )

Trust: 0.8

vendor:novellmodel:opensusescope:eqversion:13.2

Trust: 0.6

vendor:oraclemodel:weblogic serverscope:eqversion:12.2.1

Trust: 0.3

vendor:oraclemodel:weblogic serverscope:eqversion:10.3.60

Trust: 0.3

vendor:oraclemodel:weblogic serverscope:eqversion:12.1.3.0

Trust: 0.3

vendor:oraclemodel:webcenter sitesscope:eqversion:11.1.18.0

Trust: 0.3

vendor:oraclemodel:webcenter sitesscope:eqversion:12.2.1.0

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.16

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.14

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.13

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.12

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.11

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.10

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.9

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.8

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.18

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0

Trust: 0.3

vendor:oraclemodel:utilities work and asset managementscope:eqversion:1.9.1.2.8

Trust: 0.3

vendor:oraclemodel:utilities network management systemscope:eqversion:1.12.0.3.5

Trust: 0.3

vendor:oraclemodel:utilities network management systemscope:eqversion:1.12.0.2.12

Trust: 0.3

vendor:oraclemodel:utilities network management systemscope:eqversion:1.12.0.1.16

Trust: 0.3

vendor:oraclemodel:utilities network management systemscope:eqversion:1.11.0.5.4

Trust: 0.3

vendor:oraclemodel:utilities network management systemscope:eqversion:1.11.0.4.41

Trust: 0.3

vendor:oraclemodel:utilities network management systemscope:eqversion:1.10.0.6.27

Trust: 0.3

vendor:oraclemodel:utilities frameworkscope:eqversion:4.3.0.2.0

Trust: 0.3

vendor:oraclemodel:utilities frameworkscope:eqversion:4.3.0.1.0

Trust: 0.3

vendor:oraclemodel:utilities frameworkscope:eqversion:4.2.0.3.0

Trust: 0.3

vendor:oraclemodel:utilities frameworkscope:eqversion:4.2.0.2.0

Trust: 0.3

vendor:oraclemodel:utilities frameworkscope:eqversion:4.2.0.1.0

Trust: 0.3

vendor:oraclemodel:utilities frameworkscope:eqversion:4.1.0.2.0

Trust: 0.3

vendor:oraclemodel:utilities frameworkscope:eqversion:4.1.0.1.0

Trust: 0.3

vendor:oraclemodel:utilities frameworkscope:eqversion:2.2.0.0.0

Trust: 0.3

vendor:oraclemodel:transportation managementscope:eqversion:6.4.1

Trust: 0.3

vendor:oraclemodel:transportation managementscope:eqversion:6.4

Trust: 0.3

vendor:oraclemodel:transportation managementscope:eqversion:6.3.5

Trust: 0.3

vendor:oraclemodel:transportation managementscope:eqversion:6.3.4

Trust: 0.3

vendor:oraclemodel:transportation managementscope:eqversion:6.3.3

Trust: 0.3

vendor:oraclemodel:transportation managementscope:eqversion:6.3.2

Trust: 0.3

vendor:oraclemodel:transportation managementscope:eqversion:6.3.1

Trust: 0.3

vendor:oraclemodel:transportation managementscope:eqversion:6.3.7

Trust: 0.3

vendor:oraclemodel:transportation managementscope:eqversion:6.3.6

Trust: 0.3

vendor:oraclemodel:transportation managementscope:eqversion:6.3

Trust: 0.3

vendor:oraclemodel:switch es1-24scope:eqversion:1.3

Trust: 0.3

vendor:oraclemodel:sun network qdr infiniband gateway switchscope:eqversion:0

Trust: 0.3

vendor:oraclemodel:sun network 10ge switch 72pscope:eqversion:1.2

Trust: 0.3

vendor:oraclemodel:sun data center infiniband switchscope:eqversion:362.2.2

Trust: 0.3

vendor:oraclemodel:sun blade ethernet switched nem 24p 10gescope:eqversion:60001.2

Trust: 0.3

vendor:oraclemodel:sparc enterprise m9000 xcpscope:eqversion:1118

Trust: 0.3

vendor:oraclemodel:sparc enterprise m9000 xcpscope:eqversion:1117

Trust: 0.3

vendor:oraclemodel:sparc enterprise m8000 xcpscope:eqversion:1118

Trust: 0.3

vendor:oraclemodel:sparc enterprise m8000 xcpscope:eqversion:1117

Trust: 0.3

vendor:oraclemodel:sparc enterprise m5000 xcpscope:eqversion:1118

Trust: 0.3

vendor:oraclemodel:sparc enterprise m5000 xcpscope:eqversion:1117

Trust: 0.3

vendor:oraclemodel:sparc enterprise m4000 xcpscope:eqversion:1118

Trust: 0.3

vendor:oraclemodel:sparc enterprise m4000 xcpscope:eqversion:1117

Trust: 0.3

vendor:oraclemodel:sparc enterprise m3000 xcpscope:eqversion:1118

Trust: 0.3

vendor:oraclemodel:sparc enterprise m3000 xcpscope:eqversion:1117

Trust: 0.3

vendor:oraclemodel:solaris clusterscope:eqversion:4.3

Trust: 0.3

vendor:oraclemodel:solaris clusterscope:eqversion:3.3

Trust: 0.3

vendor:oraclemodel:solarisscope:eqversion:11.3

Trust: 0.3

vendor:oraclemodel:solarisscope:eqversion:10

Trust: 0.3

vendor:oraclemodel:siebel applicationsscope:eqversion:8.2.2

Trust: 0.3

vendor:oraclemodel:siebel applications ip2016scope: - version: -

Trust: 0.3

vendor:oraclemodel:siebel applications ip2015scope: - version: -

Trust: 0.3

vendor:oraclemodel:siebel applications ip2014scope: - version: -

Trust: 0.3

vendor:oraclemodel:siebel applicationsscope:eqversion:8.5

Trust: 0.3

vendor:oraclemodel:siebel applicationsscope:eqversion:8.1.1

Trust: 0.3

vendor:oraclemodel:secure global desktopscope:eqversion:5.2

Trust: 0.3

vendor:oraclemodel:secure global desktopscope:eqversion:4.71

Trust: 0.3

vendor:oraclemodel:secure global desktopscope:eqversion:4.63

Trust: 0.3

vendor:oraclemodel:retail store inventory managementscope:eqversion:14.1

Trust: 0.3

vendor:oraclemodel:retail store inventory managementscope:eqversion:14.0

Trust: 0.3

vendor:oraclemodel:retail store inventory managementscope:eqversion:13.2

Trust: 0.3

vendor:oraclemodel:retail store inventory managementscope:eqversion:13.1

Trust: 0.3

vendor:oraclemodel:retail store inventory managementscope:eqversion:13.0

Trust: 0.3

vendor:oraclemodel:retail store inventory managementscope:eqversion:12.0

Trust: 0.3

vendor:oraclemodel:retail service backbonescope:eqversion:15.0

Trust: 0.3

vendor:oraclemodel:retail service backbonescope:eqversion:14.1

Trust: 0.3

vendor:oraclemodel:retail service backbonescope:eqversion:14.0

Trust: 0.3

vendor:oraclemodel:retail service backbonescope:eqversion:13.2

Trust: 0.3

vendor:oraclemodel:retail service backbonescope:eqversion:13.1

Trust: 0.3

vendor:oraclemodel:retail service backbonescope:eqversion:13.0

Trust: 0.3

vendor:oraclemodel:retail returns managementscope:eqversion:14.1

Trust: 0.3

vendor:oraclemodel:retail returns managementscope:eqversion:14.0

Trust: 0.3

vendor:oraclemodel:retail returns managementscope:eqversion:13.4

Trust: 0.3

vendor:oraclemodel:retail returns managementscope:eqversion:13.3

Trust: 0.3

vendor:oraclemodel:retail returns managementscope:eqversion:13.2

Trust: 0.3

vendor:oraclemodel:retail returns managementscope:eqversion:13.1

Trust: 0.3

vendor:oraclemodel:retail returns managementscope:eqversion:13.0

Trust: 0.3

vendor:oraclemodel:retail returns managementscope:eqversion:12.0

Trust: 0.3

vendor:oraclemodel:retail order brokerscope:eqversion:5.2

Trust: 0.3

vendor:oraclemodel:retail order brokerscope:eqversion:5.1

Trust: 0.3

vendor:oraclemodel:retail order brokerscope:eqversion:4.1

Trust: 0.3

vendor:oraclemodel:retail order brokerscope:eqversion:15.0

Trust: 0.3

vendor:oraclemodel:retail integration busscope:eqversion:15.0

Trust: 0.3

vendor:oraclemodel:retail integration busscope:eqversion:14.1

Trust: 0.3

vendor:oraclemodel:retail integration busscope:eqversion:14.0

Trust: 0.3

vendor:oraclemodel:retail integration busscope:eqversion:13.2

Trust: 0.3

vendor:oraclemodel:retail integration busscope:eqversion:13.1

Trust: 0.3

vendor:oraclemodel:retail integration busscope:eqversion:13.0

Trust: 0.3

vendor:oraclemodel:retail central officescope:eqversion:14.1

Trust: 0.3

vendor:oraclemodel:retail central officescope:eqversion:14.0

Trust: 0.3

vendor:oraclemodel:retail central officescope:eqversion:13.4

Trust: 0.3

vendor:oraclemodel:retail central officescope:eqversion:13.3

Trust: 0.3

vendor:oraclemodel:retail central officescope:eqversion:13.2

Trust: 0.3

vendor:oraclemodel:retail central officescope:eqversion:13.1

Trust: 0.3

vendor:oraclemodel:retail central officescope:eqversion:13.0

Trust: 0.3

vendor:oraclemodel:retail central officescope:eqversion:12.0

Trust: 0.3

vendor:oraclemodel:retail back officescope:eqversion:14.1

Trust: 0.3

vendor:oraclemodel:retail back officescope:eqversion:14.0

Trust: 0.3

vendor:oraclemodel:retail back officescope:eqversion:13.4

Trust: 0.3

vendor:oraclemodel:retail back officescope:eqversion:13.3

Trust: 0.3

vendor:oraclemodel:retail back officescope:eqversion:13.2

Trust: 0.3

vendor:oraclemodel:retail back officescope:eqversion:13.1

Trust: 0.3

vendor:oraclemodel:retail back officescope:eqversion:13.0

Trust: 0.3

vendor:oraclemodel:retail back officescope:eqversion:12.0

Trust: 0.3

vendor:oraclemodel:primavera p6 enterprise project portfolio managementscope:eqversion:8.4

Trust: 0.3

vendor:oraclemodel:primavera p6 enterprise project portfolio managementscope:eqversion:8.3

Trust: 0.3

vendor:oraclemodel:primavera p6 enterprise project portfolio managementscope:eqversion:16.1

Trust: 0.3

vendor:oraclemodel:primavera p6 enterprise project portfolio managementscope:eqversion:15.2

Trust: 0.3

vendor:oraclemodel:primavera p6 enterprise project portfolio managementscope:eqversion:15.1

Trust: 0.3

vendor:oraclemodel:primavera contract managementscope:eqversion:14.2

Trust: 0.3

vendor:oraclemodel:portalscope:eqversion:11.1.16.0

Trust: 0.3

vendor:oraclemodel:policy automation for mobile devicesscope:eqversion:12.1.1

Trust: 0.3

vendor:oraclemodel:policy automation connector for siebelscope:eqversion:10.4.6

Trust: 0.3

vendor:oraclemodel:policy automation connector for siebelscope:eqversion:10.4.5

Trust: 0.3

vendor:oraclemodel:policy automation connector for siebelscope:eqversion:10.4.4

Trust: 0.3

vendor:oraclemodel:policy automation connector for siebelscope:eqversion:10.4.3

Trust: 0.3

vendor:oraclemodel:policy automation connector for siebelscope:eqversion:10.4.2

Trust: 0.3

vendor:oraclemodel:policy automation connector for siebelscope:eqversion:10.4.1

Trust: 0.3

vendor:oraclemodel:policy automation connector for siebelscope:eqversion:10.4

Trust: 0.3

vendor:oraclemodel:policy automation connector for siebelscope:eqversion:10.3

Trust: 0.3

vendor:oraclemodel:policy automationscope:eqversion:12.1.1

Trust: 0.3

vendor:oraclemodel:policy automationscope:eqversion:12.1

Trust: 0.3

vendor:oraclemodel:policy automationscope:eqversion:10.4.6

Trust: 0.3

vendor:oraclemodel:policy automationscope:eqversion:10.4.5

Trust: 0.3

vendor:oraclemodel:policy automationscope:eqversion:10.4.4

Trust: 0.3

vendor:oraclemodel:policy automationscope:eqversion:10.4.3

Trust: 0.3

vendor:oraclemodel:policy automationscope:eqversion:10.4.2

Trust: 0.3

vendor:oraclemodel:policy automationscope:eqversion:10.4.1

Trust: 0.3

vendor:oraclemodel:policy automationscope:eqversion:10.4

Trust: 0.3

vendor:oraclemodel:policy automationscope:eqversion:10.3.1

Trust: 0.3

vendor:oraclemodel:policy automationscope:eqversion:10.3

Trust: 0.3

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.55

Trust: 0.3

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.54

Trust: 0.3

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.53

Trust: 0.3

vendor:oraclemodel:peoplesoft enterprise fscmscope:eqversion:9.2

Trust: 0.3

vendor:oraclemodel:peoplesoft enterprise fscmscope:eqversion:9.1

Trust: 0.3

vendor:oraclemodel:outside in technologyscope:eqversion:8.5.2

Trust: 0.3

vendor:oraclemodel:outside in technologyscope:eqversion:8.5.1

Trust: 0.3

vendor:oraclemodel:outside in technologyscope:eqversion:8.5.0

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.7

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.29

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.28

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.27

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.26

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.23

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.22

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.21

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.5.48

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.5.47

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.5.46

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.5.45

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.5.42

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.5.41

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.5.40

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.25

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.24

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.20

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.16

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.15

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.5.44

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.5.43

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.5.36

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.5.35

Trust: 0.3

vendor:oraclemodel:mysqlscope:eqversion:5.7.12

Trust: 0.3

vendor:oraclemodel:mysqlscope:eqversion:5.6.30

Trust: 0.3

vendor:oraclemodel:mysqlscope:eqversion:5.5.49

Trust: 0.3

vendor:oraclemodel:micros retail xbri loss preventionscope:eqversion:10.8.1

Trust: 0.3

vendor:oraclemodel:micros retail xbri loss preventionscope:eqversion:10.8

Trust: 0.3

vendor:oraclemodel:micros retail xbri loss preventionscope:eqversion:10.7

Trust: 0.3

vendor:oraclemodel:micros retail xbri loss preventionscope:eqversion:10.6

Trust: 0.3

vendor:oraclemodel:micros retail xbri loss preventionscope:eqversion:10.5

Trust: 0.3

vendor:oraclemodel:micros retail xbri loss preventionscope:eqversion:10.0.1

Trust: 0.3

vendor:oraclemodel:jrockit r28.3.10scope: - version: -

Trust: 0.3

vendor:oraclemodel:jdeveloperscope:eqversion:12.1.30

Trust: 0.3

vendor:oraclemodel:jdeveloperscope:eqversion:11.1.24.0

Trust: 0.3

vendor:oraclemodel:jdeveloperscope:eqversion:11.1.17.0

Trust: 0.3

vendor:oraclemodel:jdeveloperscope:eqversion:12.2.1.0.0

Trust: 0.3

vendor:oraclemodel:jdeveloperscope:eqversion:11.1.1.9.0

Trust: 0.3

vendor:oraclemodel:jd edwards enterpriseone toolsscope:eqversion:9.2.0.5

Trust: 0.3

vendor:oraclemodel:integrated lights out managerscope:eqversion:3.2

Trust: 0.3

vendor:oraclemodel:integrated lights out managerscope:eqversion:3.1

Trust: 0.3

vendor:oraclemodel:integrated lights out managerscope:eqversion:3.0

Trust: 0.3

vendor:oraclemodel:insurance rules palettescope:eqversion:9.7.1

Trust: 0.3

vendor:oraclemodel:insurance rules palettescope:eqversion:9.6.1

Trust: 0.3

vendor:oraclemodel:insurance rules palettescope:eqversion:10.2.2

Trust: 0.3

vendor:oraclemodel:insurance rules palettescope:eqversion:10.2.0

Trust: 0.3

vendor:oraclemodel:insurance rules palettescope:eqversion:10.1.2

Trust: 0.3

vendor:oraclemodel:insurance rules palettescope:eqversion:10.0.1

Trust: 0.3

vendor:oraclemodel:insurance policy administration j2eescope:eqversion:9.7.1

Trust: 0.3

vendor:oraclemodel:insurance policy administration j2eescope:eqversion:9.6.1

Trust: 0.3

vendor:oraclemodel:insurance policy administration j2eescope:eqversion:10.2.2

Trust: 0.3

vendor:oraclemodel:insurance policy administration j2eescope:eqversion:10.2.0

Trust: 0.3

vendor:oraclemodel:insurance policy administration j2eescope:eqversion:10.1.2

Trust: 0.3

vendor:oraclemodel:insurance policy administration j2eescope:eqversion:10.0.1

Trust: 0.3

vendor:oraclemodel:insurance calculation enginescope:eqversion:9.7.1

Trust: 0.3

vendor:oraclemodel:insurance calculation enginescope:eqversion:10.2.2

Trust: 0.3

vendor:oraclemodel:insurance calculation enginescope:eqversion:10.1.2

Trust: 0.3

vendor:oraclemodel:in-memory policy analyticsscope:eqversion:12.0.1

Trust: 0.3

vendor:oraclemodel:hyperion financial reportingscope:eqversion:11.1.2.4

Trust: 0.3

vendor:oraclemodel:http server 12cscope:eqversion:12.1.3.0

Trust: 0.3

vendor:oraclemodel:http server 11gscope:eqversion:11.1.1.9

Trust: 0.3

vendor:oraclemodel:healthcare master person indexscope:eqversion:4.0.1

Trust: 0.3

vendor:oraclemodel:healthcare master person indexscope:eqversion:3.0.0

Trust: 0.3

vendor:oraclemodel:healthcare master person indexscope:eqversion:2.0.12

Trust: 0.3

vendor:oraclemodel:healthcare analytics data integrationscope:eqversion:3.1.0.0.0

Trust: 0.3

vendor:oraclemodel:health sciences information managerscope:eqversion:3.0.1.0

Trust: 0.3

vendor:oraclemodel:health sciences information managerscope:eqversion:2.0.2.3

Trust: 0.3

vendor:oraclemodel:health sciences information managerscope:eqversion:1.2.8.3

Trust: 0.3

vendor:oraclemodel:health sciences clinical development centerscope:eqversion:3.1.2.0

Trust: 0.3

vendor:oraclemodel:health sciences clinical development centerscope:eqversion:3.1.1.0

Trust: 0.3

vendor:oraclemodel:glassfish serverscope:eqversion:3.1.2

Trust: 0.3

vendor:oraclemodel:glassfish serverscope:eqversion:3.0.1

Trust: 0.3

vendor:oraclemodel:glassfish serverscope:eqversion:2.1.1

Trust: 0.3

vendor:oraclemodel:fusion middlewarescope:eqversion:11.1.23.0

Trust: 0.3

vendor:oraclemodel:fusion middlewarescope:eqversion:11.1.22.0

Trust: 0.3

vendor:oraclemodel:fusion middlewarescope:eqversion:11.1.18.0

Trust: 0.3

vendor:oraclemodel:fusion middlewarescope:eqversion:11.1.17.0

Trust: 0.3

vendor:oraclemodel:fusion middlewarescope:eqversion:12.2.1.0

Trust: 0.3

vendor:oraclemodel:fusion middlewarescope:eqversion:12.1.3.0.0

Trust: 0.3

vendor:oraclemodel:fusion middlewarescope:eqversion:11.1.1.9

Trust: 0.3

vendor:oraclemodel:fusion applicationsscope:eqversion:11.1.10

Trust: 0.3

vendor:oraclemodel:fusion applicationsscope:eqversion:11.1.9

Trust: 0.3

vendor:oraclemodel:fusion applicationsscope:eqversion:11.1.8

Trust: 0.3

vendor:oraclemodel:fusion applicationsscope:eqversion:11.1.7

Trust: 0.3

vendor:oraclemodel:fusion applicationsscope:eqversion:11.1.6

Trust: 0.3

vendor:oraclemodel:fusion applicationsscope:eqversion:11.1.5

Trust: 0.3

vendor:oraclemodel:fusion applicationsscope:eqversion:11.1.4

Trust: 0.3

vendor:oraclemodel:fusion applicationsscope:eqversion:11.1.3

Trust: 0.3

vendor:oraclemodel:fusion applicationsscope:eqversion:11.1.2

Trust: 0.3

vendor:oraclemodel:fujitsu m10-4s server xcpscope:eqversion:2290

Trust: 0.3

vendor:oraclemodel:fujitsu m10-4s server xcpscope:eqversion:2271

Trust: 0.3

vendor:oraclemodel:fujitsu m10-4s server xcpscope:eqversion:2230

Trust: 0.3

vendor:oraclemodel:fujitsu m10-4 server xcpscope:eqversion:2290

Trust: 0.3

vendor:oraclemodel:fujitsu m10-4 server xcpscope:eqversion:2271

Trust: 0.3

vendor:oraclemodel:fujitsu m10-4 server xcpscope:eqversion:2230

Trust: 0.3

vendor:oraclemodel:fujitsu m10-1 server xcpscope:eqversion:2290

Trust: 0.3

vendor:oraclemodel:fujitsu m10-1 server xcpscope:eqversion:2271

Trust: 0.3

vendor:oraclemodel:fujitsu m10-1 server xcpscope:eqversion:2230

Trust: 0.3

vendor:oraclemodel:flexcube direct bankingscope:eqversion:12.0.1

Trust: 0.3

vendor:oraclemodel:flexcube direct bankingscope:eqversion:12.0.3

Trust: 0.3

vendor:oraclemodel:flexcube direct bankingscope:eqversion:12.0.2

Trust: 0.3

vendor:oraclemodel:financial services lending and leasingscope:eqversion:14.2

Trust: 0.3

vendor:oraclemodel:financial services lending and leasingscope:eqversion:14.1

Trust: 0.3

vendor:oraclemodel:exalogic infrastructurescope:eqversion:2.0

Trust: 0.3

vendor:oraclemodel:exalogic infrastructurescope:eqversion:1.0

Trust: 0.3

vendor:oraclemodel:enterprise manager for fusion middlewarescope:eqversion:11.1.1.9

Trust: 0.3

vendor:oraclemodel:enterprise manager for fusion middlewarescope:eqversion:11.1.1.7

Trust: 0.3

vendor:oraclemodel:enterprise manager base platformscope:eqversion:13.1.0.0

Trust: 0.3

vendor:oraclemodel:enterprise manager base platformscope:eqversion:12.1.0.5

Trust: 0.3

vendor:oraclemodel:enterprise communications brokerscope:eqversion:0

Trust: 0.3

vendor:oraclemodel:engineering data managementscope:eqversion:6.2.0.0

Trust: 0.3

vendor:oraclemodel:engineering data managementscope:eqversion:6.1.3.0

Trust: 0.3

vendor:oraclemodel:e-business suitescope:eqversion:12.2.3

Trust: 0.3

vendor:oraclemodel:e-business suitescope:eqversion:12.1.2

Trust: 0.3

vendor:oraclemodel:e-business suitescope:eqversion:12.1.1

Trust: 0.3

vendor:oraclemodel:e-business suitescope:eqversion:12.2.5

Trust: 0.3

vendor:oraclemodel:e-business suitescope:eqversion:12.2.4

Trust: 0.3

vendor:oraclemodel:e-business suitescope:eqversion:12.1.3

Trust: 0.3

vendor:oraclemodel:documakerscope:eqversion:0

Trust: 0.3

vendor:oraclemodel:directory server enterprise editionscope:eqversion:7.0

Trust: 0.3

vendor:oraclemodel:directory server enterprise editionscope:eqversion:11.1.1.7

Trust: 0.3

vendor:oraclemodel:demand planningscope:eqversion:12.2

Trust: 0.3

vendor:oraclemodel:demand planningscope:eqversion:12.1

Trust: 0.3

vendor:oraclemodel:database 12c releasescope:eqversion:112.12

Trust: 0.3

vendor:oraclemodel:database 12c releasescope:eqversion:112.11

Trust: 0.3

vendor:oraclemodel:database 11g releasescope:eqversion:211.2.0.4

Trust: 0.3

vendor:oraclemodel:communications unified session managerscope:eqversion:7.3.5

Trust: 0.3

vendor:oraclemodel:communications unified session managerscope:eqversion:7.2.5

Trust: 0.3

vendor:oraclemodel:communications session border controllerscope:eqversion:7.3.0

Trust: 0.3

vendor:oraclemodel:communications session border controllerscope:eqversion:7.2.0

Trust: 0.3

vendor:oraclemodel:communications policy managementscope:eqversion:9.9

Trust: 0.3

vendor:oraclemodel:communications operations monitorscope:eqversion:0

Trust: 0.3

vendor:oraclemodel:communications network charging and controlscope:eqversion:5.0.2.0.0

Trust: 0.3

vendor:oraclemodel:communications network charging and controlscope:eqversion:5.0.1.0.0

Trust: 0.3

vendor:oraclemodel:communications network charging and controlscope:eqversion:5.0.0.2.0

Trust: 0.3

vendor:oraclemodel:communications network charging and controlscope:eqversion:5.0.0.1.0

Trust: 0.3

vendor:oraclemodel:communications network charging and controlscope:eqversion:4.4.1.5.0

Trust: 0.3

vendor:oraclemodel:communications messaging serverscope:eqversion:7.0.530.0

Trust: 0.3

vendor:oraclemodel:communications messaging serverscope:eqversion:7.0.529.0

Trust: 0.3

vendor:oraclemodel:communications messaging serverscope:eqversion:8.0

Trust: 0.3

vendor:oraclemodel:communications messaging serverscope:eqversion:7.0.5.33.0

Trust: 0.3

vendor:oraclemodel:communications messaging serverscope:eqversion:7.0.5

Trust: 0.3

vendor:oraclemodel:communications messaging serverscope:eqversion:7.0

Trust: 0.3

vendor:oraclemodel:communications messaging serverscope:eqversion:6.3

Trust: 0.3

vendor:oraclemodel:communications eagle application processorscope:eqversion:16.0

Trust: 0.3

vendor:oraclemodel:communications core session managerscope:eqversion:7.3.5

Trust: 0.3

vendor:oraclemodel:communications core session managerscope:eqversion:7.2.5

Trust: 0.3

vendor:oraclemodel:communications asapscope:eqversion:7.3

Trust: 0.3

vendor:oraclemodel:communications asapscope:eqversion:7.2

Trust: 0.3

vendor:oraclemodel:communications asapscope:eqversion:7.0

Trust: 0.3

vendor:oraclemodel:business intelligence enterprise editionscope:eqversion:11.2.1.0.0

Trust: 0.3

vendor:oraclemodel:business intelligence enterprise editionscope:eqversion:11.1.1.9.0

Trust: 0.3

vendor:oraclemodel:business intelligence enterprise editionscope:eqversion:11.1.1.7.0

Trust: 0.3

vendor:oraclemodel:bi publisherscope:eqversion:12.2.1.0.0

Trust: 0.3

vendor:oraclemodel:bi publisherscope:eqversion:11.1.1.9.0

Trust: 0.3

vendor:oraclemodel:bi publisherscope:eqversion:11.1.1.7.0

Trust: 0.3

vendor:oraclemodel:banking platformscope:eqversion:2.5.0

Trust: 0.3

vendor:oraclemodel:banking platformscope:eqversion:2.4.1

Trust: 0.3

vendor:oraclemodel:banking platformscope:eqversion:2.4.0

Trust: 0.3

vendor:oraclemodel:banking platformscope:eqversion:2.3.0

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:5.0.3

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:5.0.2

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:5.0.1

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:4.2.6

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:4.2.1

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:3.2.1.00.10

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:2.2.1

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:1.1.3

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:1.1.2

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:1.1.1

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:5.0

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:4.2.3.00.08

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:4.2

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:4.1

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:4.0

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:3.2.0.00.27

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:3.2

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:2.2

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:2.1

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:2.0

Trust: 0.3

vendor:oraclemodel:application expressscope:eqversion:1.5

Trust: 0.3

vendor:oraclemodel:agile plmscope:eqversion:9.3.5

Trust: 0.3

vendor:oraclemodel:agile plmscope:eqversion:9.3.4

Trust: 0.3

vendor:oraclemodel:agile engineering data managementscope:eqversion:6.2.0.0

Trust: 0.3

vendor:oraclemodel:agile engineering data managementscope:eqversion:6.1.3.0

Trust: 0.3

vendor:oraclemodel:access managerscope:eqversion:10.1.43

Trust: 0.3

vendor:oraclemodel:access managerscope:eqversion:10.1.4.2

Trust: 0.3

vendor:oraclemodel:access managerscope:eqversion:10.1.4

Trust: 0.3

vendor:oraclemodel:access managerscope:eqversion:11.1.2.0.0

Trust: 0.3

vendor:oraclemodel:access managerscope:eqversion:11.1.1.7.0

Trust: 0.3

vendor:ibmmodel:websphere application serverscope:eqversion:9.0

Trust: 0.3

vendor:ibmmodel:websphere application server liberty prscope:eqversion:8.5.5.0-

Trust: 0.3

vendor:ibmmodel:websphere application server full profilescope:eqversion:8.5.5

Trust: 0.3

vendor:ibmmodel:websphere application server liberty profilescope:eqversion:8.5

Trust: 0.3

vendor:ibmmodel:websphere application server full profilescope:eqversion:8.5

Trust: 0.3

vendor:ibmmodel:db2scope:eqversion:9.8

Trust: 0.3

vendor:ibmmodel:db2scope:eqversion:9.7

Trust: 0.3

vendor:ibmmodel:db2scope:eqversion:11.1

Trust: 0.3

vendor:ibmmodel:db2scope:eqversion:10.5

Trust: 0.3

vendor:ibmmodel:db2scope:eqversion:10.1

Trust: 0.3

vendor:citrixmodel:netscaler t1scope:eqversion:0

Trust: 0.3

vendor:citrixmodel:netscaler service delivery appliancescope:eqversion:0

Trust: 0.3

vendor:citrixmodel:netscaler gatewayscope:eqversion:0

Trust: 0.3

vendor:citrixmodel:netscaler application delivery controllerscope:eqversion:0

Trust: 0.3

vendor:citrixmodel:command center appliancescope:eqversion:0

Trust: 0.3

vendor:citrixmodel:cloudbridgescope:eqversion:0

Trust: 0.3

vendor:ubuntumodel:linuxscope:eqversion:14.10

Trust: 0.3

vendor:ubuntumodel:linux ltsscope:eqversion:14.04

Trust: 0.3

vendor:ubuntumodel:linux lts i386scope:eqversion:12.04

Trust: 0.3

vendor:ubuntumodel:linux lts amd64scope:eqversion:12.04

Trust: 0.3

vendor:ubuntumodel:linux sparcscope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:10.04

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:14.1

Trust: 0.3

vendor:slackwaremodel:linux x86 64 -currentscope: - version: -

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:14.1

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:14.0

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:14.0

Trust: 0.3

vendor:slackwaremodel:linux -currentscope: - version: -

Trust: 0.3

vendor:oraclemodel:linuxscope:eqversion:7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x4.1.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x3.2.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x3.2.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x3.1.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x4.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x4.0

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x3.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x3.0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.10.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.9.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.10.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.10.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.10.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.10.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.10

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.4.12

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.4.11

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.4.10

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.4.4

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.4.9

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.4.8

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.4.7

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.4.6

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.4.3

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.4.2

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.4.1

Trust: 0.3

vendor:applemodel:mac os serverscope:neversion:x5.0.3

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.10.5

Trust: 0.3

vendor:apachemodel:apachescope:neversion:2.4.13

Trust: 0.3

sources: BID: 91787 // BID: 73041 // JVNDB: JVNDB-2015-001673 // CNNVD: CNNVD-201503-136 // NVD: CVE-2015-0228

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-0228
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-0228
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201503-136
value: MEDIUM

Trust: 0.6

VULHUB: VHN-78174
value: MEDIUM

Trust: 0.1

VULMON: CVE-2015-0228
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-0228
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-78174
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-78174 // VULMON: CVE-2015-0228 // JVNDB: JVNDB-2015-001673 // CNNVD: CNNVD-201503-136 // NVD: CVE-2015-0228

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-78174 // JVNDB: JVNDB-2015-001673 // NVD: CVE-2015-0228

THREAT TYPE

remote

Trust: 0.8

sources: PACKETSTORM: 130735 // PACKETSTORM: 133281 // CNNVD: CNNVD-201503-136

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201503-136

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-001673

PATCH

title:APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006url:http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

Trust: 0.8

title:APPLE-SA-2015-09-16-4 OS X Server 5.0.3url:http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html

Trust: 0.8

title:HT205219url:https://support.apple.com/en-us/HT205219

Trust: 0.8

title:HT205031url:http://support.apple.com/en-us/HT205031

Trust: 0.8

title:HT205219url:http://support.apple.com/ja-jp/HT205219

Trust: 0.8

title:HT205031url:http://support.apple.com/ja-jp/HT205031

Trust: 0.8

title:Apache 2.4.13url:http://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/CHANGES

Trust: 0.8

title:*) SECURITY: CVE-2015-0228 (cve.mitre.org)url:https://github.com/apache/httpd/commit/643f0fcf3b8ab09a68f0ecd2aa37aafeda3e63ef

Trust: 0.8

title:Oracle Critical Patch Update Advisory - July 2016url:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

Trust: 0.8

title:Text Form of Oracle Critical Patch Update - July 2016 Risk Matricesurl:http://www.oracle.com/technetwork/topics/security/cpujul2016verbose-2881721.html

Trust: 0.8

title:Oracle Solaris Third Party Bulletin - October 2015url:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

Trust: 0.8

title:July 2016 Critical Patch Update Releasedurl:http://blogs.oracle.com/security/entry/july_2016_critical_patch_update

Trust: 0.8

title:modules-lua-lua_request.curl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54055

Trust: 0.6

title:Red Hat: CVE-2015-0228url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2015-0228

Trust: 0.1

title:Amazon Linux AMI: ALAS-2015-579url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2015-579

Trust: 0.1

title:Ubuntu Security Notice: apache2 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-2523-1

Trust: 0.1

title:DC-2: Vulnhub Walkthroughurl:https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough

Trust: 0.1

title:Requirements vulnsearch-cve Usage vulnsearch Usage Test Sampleurl:https://github.com/kasem545/vulnsearch

Trust: 0.1

title:Shodan Search Scripturl:https://github.com/firatesatoglu/shodanSearch

Trust: 0.1

sources: VULMON: CVE-2015-0228 // JVNDB: JVNDB-2015-001673 // CNNVD: CNNVD-201503-136

EXTERNAL IDS

db:NVDid:CVE-2015-0228

Trust: 3.4

db:BIDid:91787

Trust: 2.1

db:BIDid:73041

Trust: 2.1

db:SECTRACKid:1032967

Trust: 1.8

db:JVNid:JVNVU99970459

Trust: 0.8

db:JVNDBid:JVNDB-2015-001673

Trust: 0.8

db:CNNVDid:CNNVD-201503-136

Trust: 0.7

db:PACKETSTORMid:133281

Trust: 0.2

db:PACKETSTORMid:132743

Trust: 0.2

db:VULHUBid:VHN-78174

Trust: 0.1

db:VULMONid:CVE-2015-0228

Trust: 0.1

db:PACKETSTORMid:130735

Trust: 0.1

db:PACKETSTORMid:131098

Trust: 0.1

db:PACKETSTORMid:133619

Trust: 0.1

sources: VULHUB: VHN-78174 // VULMON: CVE-2015-0228 // BID: 91787 // BID: 73041 // JVNDB: JVNDB-2015-001673 // PACKETSTORM: 130735 // PACKETSTORM: 131098 // PACKETSTORM: 133281 // PACKETSTORM: 133619 // PACKETSTORM: 132743 // CNNVD: CNNVD-201503-136 // NVD: CVE-2015-0228

REFERENCES

url:http://advisories.mageia.org/mgasa-2015-0099.html

Trust: 2.7

url:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

Trust: 2.4

url:http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

Trust: 2.1

url:http://rhn.redhat.com/errata/rhsa-2015-1666.html

Trust: 1.9

url:http://www.ubuntu.com/usn/usn-2523-1

Trust: 1.9

url:http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html

Trust: 1.8

url:http://lists.apple.com/archives/security-announce/2015/sep/msg00004.html

Trust: 1.8

url:http://www.securityfocus.com/bid/73041

Trust: 1.8

url:http://www.securityfocus.com/bid/91787

Trust: 1.8

url:https://support.apple.com/ht205219

Trust: 1.8

url:https://support.apple.com/kb/ht205031

Trust: 1.8

url:http://www.securitytracker.com/id/1032967

Trust: 1.8

url:http://lists.opensuse.org/opensuse-updates/2015-03/msg00006.html

Trust: 1.8

url:http://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/changes

Trust: 1.2

url:https://github.com/apache/httpd/commit/643f0fcf3b8ab09a68f0ecd2aa37aafeda3e63ef

Trust: 1.2

url:https://github.com/apache/httpd/commit/78eb3b9235515652ed141353d98c239237030410

Trust: 1.2

url:https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3ccvs.httpd.apache.org%3e

Trust: 1.1

url:https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3ccvs.httpd.apache.org%3e

Trust: 1.1

url:https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3ccvs.httpd.apache.org%3e

Trust: 1.1

url:https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3ccvs.httpd.apache.org%3e

Trust: 1.1

url:https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e

Trust: 1.1

url:https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3ccvs.httpd.apache.org%3e

Trust: 1.1

url:https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3ccvs.httpd.apache.org%3e

Trust: 1.1

url:https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3ccvs.httpd.apache.org%3e

Trust: 1.1

url:https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e

Trust: 1.1

url:https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3ccvs.httpd.apache.org%3e

Trust: 1.1

url:https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3ccvs.httpd.apache.org%3e

Trust: 1.1

url:https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3ccvs.httpd.apache.org%3e

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0228

Trust: 1.0

url:http://jvn.jp/vu/jvnvu99970459/index.html

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0228

Trust: 0.8

url:httpd.apache.org%3e

Trust: 0.6

url:https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3ccvs.

Trust: 0.6

url:httpd/commit/643f0fcf3b8ab09a68f0ecd2aa37aafeda3e63ef

Trust: 0.6

url:https://github.com/apache/

Trust: 0.6

url:https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3ccvs.

Trust: 0.6

url:httpd/branches/2.4.x/changes

Trust: 0.6

url:http://svn.apache.org/repos/asf/

Trust: 0.6

url:httpd/commit/78eb3b9235515652ed141353d98c239237030410

Trust: 0.6

url:https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4@%3ccvs.

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2015-0228

Trust: 0.5

url:http://www.oracle.com

Trust: 0.3

url:http://support.citrix.com/article/ctx216642

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21984819

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21988710

Trust: 0.3

url:http://httpd.apache.org/

Trust: 0.3

url:svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/changes

Trust: 0.3

url:http://prod.lists.apple.com/archives/security-announce/2015/aug/msg00001.html

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2014-8109

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2014-3581

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-3183

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-3185

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-0253

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2015-0228

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2014-3583

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2013-5704

Trust: 0.2

url:https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://cwe.mitre.org/data/definitions/20.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://usn.ubuntu.com/2523-1/

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/apache2/2.4.10-1ubuntu1.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/apache2/2.2.22-1ubuntu1.8

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/apache2/2.4.7-1ubuntu4.4

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/apache2/2.2.14-5ubuntu8.15

Trust: 0.1

url:http://advisories.mageia.org/mgasa-2014-0305.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-6438

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-0118

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-0226

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0231

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-5704

Trust: 0.1

url:http://advisories.mageia.org/mgasa-2014-0527.html

Trust: 0.1

url:http://www.mandriva.com/en/support/security/

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5704

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0118

Trust: 0.1

url:http://advisories.mageia.org/mgasa-2014-0135.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-0098

Trust: 0.1

url:http://www.mandriva.com/en/support/security/advisories/

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8109

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-0117

Trust: 0.1

url:http://advisories.mageia.org/mgasa-2015-0011.html

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6438

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0098

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0226

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-0231

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3581

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0117

Trust: 0.1

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2015-3185

Trust: 0.1

url:https://access.redhat.com/security/team/contact/

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2015-3183

Trust: 0.1

url:https://bugzilla.redhat.com/):

Trust: 0.1

url:https://access.redhat.com/security/team/key/

Trust: 0.1

url:https://access.redhat.com/articles/11258

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2015-0253

Trust: 0.1

url:https://support.apple.com/kb/ht201222

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-8161

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-8500

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-0242

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-0241

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-0243

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-1349

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-5911

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-3166

Trust: 0.1

url:https://www.apple.com/support/security/pgp/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-3165

Trust: 0.1

url:http://gpgtools.org

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-0067

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-3167

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-0244

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3183

Trust: 0.1

url:http://slackware.com

Trust: 0.1

url:http://osuosl.org)

Trust: 0.1

url:http://slackware.com/gpg-key

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0253

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3185

Trust: 0.1

sources: VULHUB: VHN-78174 // VULMON: CVE-2015-0228 // BID: 91787 // BID: 73041 // JVNDB: JVNDB-2015-001673 // PACKETSTORM: 130735 // PACKETSTORM: 131098 // PACKETSTORM: 133281 // PACKETSTORM: 133619 // PACKETSTORM: 132743 // CNNVD: CNNVD-201503-136 // NVD: CVE-2015-0228

CREDITS

Oracle

Trust: 0.3

sources: BID: 91787

SOURCES

db:VULHUBid:VHN-78174
db:VULMONid:CVE-2015-0228
db:BIDid:91787
db:BIDid:73041
db:JVNDBid:JVNDB-2015-001673
db:PACKETSTORMid:130735
db:PACKETSTORMid:131098
db:PACKETSTORMid:133281
db:PACKETSTORMid:133619
db:PACKETSTORMid:132743
db:CNNVDid:CNNVD-201503-136
db:NVDid:CVE-2015-0228

LAST UPDATE DATE

2024-11-23T19:29:26.462000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-78174date:2020-10-27T00:00:00
db:VULMONid:CVE-2015-0228date:2023-11-07T00:00:00
db:BIDid:91787date:2018-10-15T09:00:00
db:BIDid:73041date:2016-07-20T12:03:00
db:JVNDBid:JVNDB-2015-001673date:2016-07-27T00:00:00
db:CNNVDid:CNNVD-201503-136date:2021-06-07T00:00:00
db:NVDid:CVE-2015-0228date:2024-11-21T02:22:35.930

SOURCES RELEASE DATE

db:VULHUBid:VHN-78174date:2015-03-08T00:00:00
db:VULMONid:CVE-2015-0228date:2015-03-08T00:00:00
db:BIDid:91787date:2016-07-15T00:00:00
db:BIDid:73041date:2015-03-11T00:00:00
db:JVNDBid:JVNDB-2015-001673date:2015-03-10T00:00:00
db:PACKETSTORMid:130735date:2015-03-10T16:02:55
db:PACKETSTORMid:131098date:2015-03-30T21:25:14
db:PACKETSTORMid:133281date:2015-08-24T22:06:47
db:PACKETSTORMid:133619date:2015-09-19T15:37:27
db:PACKETSTORMid:132743date:2015-07-20T15:45:36
db:CNNVDid:CNNVD-201503-136date:2015-03-09T00:00:00
db:NVDid:CVE-2015-0228date:2015-03-08T02:59:00.073