ID

VAR-201508-0365


CVE

CVE-2015-1819


TITLE

libxml2 of xmlreader Denial of service in Japan (DoS) Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2015-004119

DESCRIPTION

The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. Libxml2 is prone to a denial-of-service vulnerability. It supports multiple encoding formats, XPath analysis, Well-formed and valid verification, etc. xmlreader is one of the components used to read XML. A security vulnerability exists in libxml's xmlreader component. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201701-37 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: libxml2: Multiple vulnerabilities Date: January 16, 2017 Bugs: #564776, #566374, #572878, #573820, #577998, #582538, #582540, #583888, #589816, #597112, #597114, #597116 ID: 201701-37 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in libxml2, the worst of which could lead to the execution of arbitrary code. Background ========== libxml2 is the XML (eXtended Markup Language) C parser and toolkit initially developed for the Gnome project. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/libxml2 < 2.9.4-r1 >= 2.9.4-r1 Description =========== Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could entice a user or automated system to process a specially crafted XML document, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround ========== There is no known workaround at this time. Resolution ========== All libxml2 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.9.4-r1" References ========== [ 1 ] CVE-2015-1819 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1819 [ 2 ] CVE-2015-5312 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5312 [ 3 ] CVE-2015-7497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7497 [ 4 ] CVE-2015-7498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7498 [ 5 ] CVE-2015-7499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7499 [ 6 ] CVE-2015-7500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7500 [ 7 ] CVE-2015-7941 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7941 [ 8 ] CVE-2015-7942 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7942 [ 9 ] CVE-2015-8035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8035 [ 10 ] CVE-2015-8242 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8242 [ 11 ] CVE-2015-8806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8806 [ 12 ] CVE-2016-1836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1836 [ 13 ] CVE-2016-1838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1838 [ 14 ] CVE-2016-1839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1839 [ 15 ] CVE-2016-1840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1840 [ 16 ] CVE-2016-2073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2073 [ 17 ] CVE-2016-3627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3627 [ 18 ] CVE-2016-3705 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3705 [ 19 ] CVE-2016-4483 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4483 [ 20 ] CVE-2016-4658 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4658 [ 21 ] CVE-2016-5131 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5131 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201701-37 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . CVE-ID CVE-2016-1722 : Joshua J. For the oldstable distribution (wheezy), these problems have been fixed in version 2.8.0+dfsg1-7+wheezy5. For the stable distribution (jessie), these problems have been fixed in version 2.9.1+dfsg1-5+deb8u1. For the testing distribution (stretch), these problems have been fixed in version 2.9.3+dfsg1-1 or earlier versions. For the unstable distribution (sid), these problems have been fixed in version 2.9.3+dfsg1-1 or earlier versions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: libxml2 security and bug fix update Advisory ID: RHSA-2015:1419-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1419.html Issue date: 2015-07-22 Updated on: 2015-03-16 CVE Names: CVE-2015-1819 ===================================================================== 1. Summary: Updated libxml2 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The libxml2 library is a development toolbox providing the implementation of various XML standards. (CVE-2015-1819) This issue was discovered by Florian Weimer of Red Hat Product Security. This update also fixes the following bug: This update fixes an error that occurred when running a test case for the serialization of HTML documents. (BZ#1004513) Users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect. 4. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: libxml2-2.7.6-20.el6.src.rpm i386: libxml2-2.7.6-20.el6.i686.rpm libxml2-debuginfo-2.7.6-20.el6.i686.rpm libxml2-python-2.7.6-20.el6.i686.rpm x86_64: libxml2-2.7.6-20.el6.i686.rpm libxml2-2.7.6-20.el6.x86_64.rpm libxml2-debuginfo-2.7.6-20.el6.i686.rpm libxml2-debuginfo-2.7.6-20.el6.x86_64.rpm libxml2-python-2.7.6-20.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: libxml2-debuginfo-2.7.6-20.el6.i686.rpm libxml2-devel-2.7.6-20.el6.i686.rpm libxml2-static-2.7.6-20.el6.i686.rpm x86_64: libxml2-debuginfo-2.7.6-20.el6.i686.rpm libxml2-debuginfo-2.7.6-20.el6.x86_64.rpm libxml2-devel-2.7.6-20.el6.i686.rpm libxml2-devel-2.7.6-20.el6.x86_64.rpm libxml2-static-2.7.6-20.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: libxml2-2.7.6-20.el6.src.rpm x86_64: libxml2-2.7.6-20.el6.i686.rpm libxml2-2.7.6-20.el6.x86_64.rpm libxml2-debuginfo-2.7.6-20.el6.i686.rpm libxml2-debuginfo-2.7.6-20.el6.x86_64.rpm libxml2-python-2.7.6-20.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: libxml2-debuginfo-2.7.6-20.el6.i686.rpm libxml2-debuginfo-2.7.6-20.el6.x86_64.rpm libxml2-devel-2.7.6-20.el6.i686.rpm libxml2-devel-2.7.6-20.el6.x86_64.rpm libxml2-static-2.7.6-20.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: libxml2-2.7.6-20.el6.src.rpm i386: libxml2-2.7.6-20.el6.i686.rpm libxml2-debuginfo-2.7.6-20.el6.i686.rpm libxml2-devel-2.7.6-20.el6.i686.rpm libxml2-python-2.7.6-20.el6.i686.rpm ppc64: libxml2-2.7.6-20.el6.ppc.rpm libxml2-2.7.6-20.el6.ppc64.rpm libxml2-debuginfo-2.7.6-20.el6.ppc.rpm libxml2-debuginfo-2.7.6-20.el6.ppc64.rpm libxml2-devel-2.7.6-20.el6.ppc.rpm libxml2-devel-2.7.6-20.el6.ppc64.rpm libxml2-python-2.7.6-20.el6.ppc64.rpm s390x: libxml2-2.7.6-20.el6.s390.rpm libxml2-2.7.6-20.el6.s390x.rpm libxml2-debuginfo-2.7.6-20.el6.s390.rpm libxml2-debuginfo-2.7.6-20.el6.s390x.rpm libxml2-devel-2.7.6-20.el6.s390.rpm libxml2-devel-2.7.6-20.el6.s390x.rpm libxml2-python-2.7.6-20.el6.s390x.rpm x86_64: libxml2-2.7.6-20.el6.i686.rpm libxml2-2.7.6-20.el6.x86_64.rpm libxml2-debuginfo-2.7.6-20.el6.i686.rpm libxml2-debuginfo-2.7.6-20.el6.x86_64.rpm libxml2-devel-2.7.6-20.el6.i686.rpm libxml2-devel-2.7.6-20.el6.x86_64.rpm libxml2-python-2.7.6-20.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: libxml2-debuginfo-2.7.6-20.el6.i686.rpm libxml2-static-2.7.6-20.el6.i686.rpm ppc64: libxml2-debuginfo-2.7.6-20.el6.ppc64.rpm libxml2-static-2.7.6-20.el6.ppc64.rpm s390x: libxml2-debuginfo-2.7.6-20.el6.s390x.rpm libxml2-static-2.7.6-20.el6.s390x.rpm x86_64: libxml2-debuginfo-2.7.6-20.el6.x86_64.rpm libxml2-static-2.7.6-20.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: libxml2-2.7.6-20.el6.src.rpm i386: libxml2-2.7.6-20.el6.i686.rpm libxml2-debuginfo-2.7.6-20.el6.i686.rpm libxml2-devel-2.7.6-20.el6.i686.rpm libxml2-python-2.7.6-20.el6.i686.rpm x86_64: libxml2-2.7.6-20.el6.i686.rpm libxml2-2.7.6-20.el6.x86_64.rpm libxml2-debuginfo-2.7.6-20.el6.i686.rpm libxml2-debuginfo-2.7.6-20.el6.x86_64.rpm libxml2-devel-2.7.6-20.el6.i686.rpm libxml2-devel-2.7.6-20.el6.x86_64.rpm libxml2-python-2.7.6-20.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: libxml2-debuginfo-2.7.6-20.el6.i686.rpm libxml2-static-2.7.6-20.el6.i686.rpm x86_64: libxml2-debuginfo-2.7.6-20.el6.x86_64.rpm libxml2-static-2.7.6-20.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-1819 https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVrza1XlSAg2UNWIIRAu9TAJ9Y3uufrIqNlOFBc+SyHf6XIW3q1ACgh4l1 ADax77dyxndjDZjV8ad5zHk= =kHjR -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-03-21-1 iOS 9.3 iOS 9.3 is now available and addresses the following: AppleUSBNetworking Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the parsing of data from USB devices. This issue was addressed through improved input validation. CVE-ID CVE-2016-1734 : Andrea Barisani and Andrej Rosano of Inverse Path FontParser Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling. CVE-ID CVE-2016-1740 : HappilyCoded (ant4g0nist and r3dsm0k3) working with Trend Micro's Zero Day Initiative (ZDI) HTTPProtocol Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple vulnerabilities existed in nghttp2 versions prior to 1.6.0, the most serious of which may have led to remote code execution. These were addressed by updating nghttp2 to version 1.6.0. CVE-ID CVE-2015-8659 IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to determine kernel memory layout Description: A memory corruption issue was addressed through improved memory handling. CVE-ID CVE-2016-1748 : Brandon Azad Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to cause a denial of service Description: A denial of service issue was addressed through improved validation. CVE-ID CVE-2016-1752 : CESG Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed through improved memory management. CVE-ID CVE-2016-1750 : CESG Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple integer overflows were addressed through improved input validation. CVE-ID CVE-2016-1753 : Juwei Lin Trend Micro working with Trend Micro's Zero Day Initiative (ZDI) Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to bypass code signing Description: A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed through improved permission validation. CVE-ID CVE-2016-1751 : Eric Monti of Square Mobile Security Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A race condition existed during the creation of new processes. This was addressed through improved state handling. CVE-ID CVE-2016-1757 : Ian Beer of Google Project Zero and Pedro Vilaça Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-ID CVE-2016-1756 : Lufeng Li of Qihoo 360 Vulcan Team Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1754 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2016-1755 : Ian Beer of Google Project Zero Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to determine kernel memory layout Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation. CVE-ID CVE-2016-1758 : Brandon Azad LaunchServices Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to modify events from other applications Description: An event handler validation issue existed in the XPC Services API. This issue was addressed through improved message validation. CVE-ID CVE-2016-1760 : Proteas of Qihoo 360 Nirvan Team libxml2 Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2015-1819 CVE-2015-5312 : David Drysdale of Google CVE-2015-7499 CVE-2015-7500 : Kostya Serebryany of Google CVE-2015-7942 : Kostya Serebryany of Google CVE-2015-8035 : gustavo.grieco CVE-2015-8242 : Hugh Davenport CVE-2016-1761 : wol0xff working with Trend Micro's Zero Day Initiative (ZDI) CVE-2016-1762 Messages Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may auto-fill text into other Message threads Description: An issue existed in the parsing of SMS URLs. This issue was addressed through improved URL validation. CVE-ID CVE-2016-1763 : CityTog Messages Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker who is able to bypass Apple's certificate pinning, intercept TLS connections, inject messages, and record encrypted attachment-type messages may be able to read attachments Description: A cryptographic issue was addressed by rejecting duplicate messages on the client. CVE-ID CVE-2016-1788 : Christina Garman, Matthew Green, Gabriel Kaptchuk, Ian Miers, and Michael Rushanan of Johns Hopkins University Profiles Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An untrusted MDM profile may be incorrectly displayed as verified Description: A certificate validation issue existed in MDM profiles. This was addressed through additional checks. CVE-ID CVE-2016-1766 : Taylor Boyko working with Trend Micro's Zero Day Initiative (ZDI) Security Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: A memory corruption issue existed in the ASN.1 decoder. This issue was addressed through improved input validation. CVE-ID CVE-2016-1950 : Francis Gabriel of Quarkslab TrueTypeScaler Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2016-1775 : 0x1byte working with Trend Micro's Zero Day Initiative (ZDI) WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1778 : 0x1byte working with Trend Micro's Zero Day Initiative (ZDI) CVE-2016-1783 : Mihai Parparita of Google WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A website may be able to track sensitive user information Description: An issue existed in the handling of attachment URLs. This issue was addressed through improved URL handling. CVE-ID CVE-2016-1781 : Devdatta Akhawe of Dropbox, Inc. WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A website may be able to track sensitive user information Description: A hidden web page may be able to access device- orientation and device-motion data. This issue was addressed by suspending the availability of this data when the web view is hidden. CVE-ID CVE-2016-1780 : Maryam Mehrnezhad, Ehsan Toreini, Siamak F. Shahandashti, and Feng Hao of the School of Computing Science, Newcastle University, UK WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may reveal a user's current location Description: An issue existed in the parsing of geolocation requests. This was addressed through improved validation of the security origin for geolocation requests. CVE-ID CVE-2016-1779 : xisigr of Tencent's Xuanwu Lab (http://www.tencent.com) WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious website may be able to access restricted ports on arbitrary servers Description: A port redirection issue was addressed through additional port validation. CVE-ID CVE-2016-1782 : Muneaki Nishimura (nishimunea) of Recruit Technologies Co.,Ltd. WebKit History Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A resource exhaustion issue was addressed through improved input validation. CVE-ID CVE-2016-1784 : Moony Li and Jack Tang of TrendMicro and 李普君 of 无声信息技术PKAV Team (PKAV.net) WebKit Page Loading Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: Redirect responses may have allowed a malicious website to display an arbitrary URL and read cached contents of the destination origin. This issue was addressed through improved URL display logic. CVE-ID CVE-2016-1786 : ma.la of LINE Corporation WebKit Page Loading Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious website may exfiltrate data cross-origin Description: A caching issue existed with character encoding. This was addressed through additional request checking. CVE-ID CVE-2016-1785 : an anonymous researcher Wi-Fi Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may be able to execute arbitrary code Description: A frame validation and memory corruption issue existed for a given ethertype. This issue was addressed through additional ethertype validation and improved memory handling. CVE-ID CVE-2016-0801 : an anonymous researcher CVE-2016-0802 : an anonymous researcher Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "9.3 ". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJW8JPyAAoJEBcWfLTuOo7tWzQP/i8AwdkoE9uvhfe5X5p1yDxr YVcAkvHAgWzNee9Tvc6ERa2KWdOkmbVRGzySyG62lhGnrUTSMtlCs0/Bp/Ui5p65 FF2viREhDJNA83WZcsFP0ELZVJ5VwUv6BJR0L0ERn7QSfaftAwVSFmyHHURA7rGj IRQWnwD6IOblI0veLXjJjN8nPY2ueAzVvyv5mD8c4MdCxwxZNi2X9ugtIBBbZr6Y arjAVh/wfB0m+f50feDaPvo/8mZDn1UwrDu0YPtGDmGebgX17TE39q0YgOFf0uXv HzA0S1+mDURGR3h+7wpyO25+uOPHyGkeIA1GVISA2O7pmHKTcY5pvWC4zyIsDfRC ziI4AIml9ySY7nIltuUWeUdO81nHrjvEtXyWZ6VBH4Dah4yne80B04UGgLIzD1ON hTlTySVnMBJ8+N0g+e3ldGTuf49ISEKh9s6u+ABtBi9+sDSiWxGIkvNuZN37522O dK4MsAZIffxbKo2DuJxiWrfIzhAOO3rZbRD8oFkOtKh5QHlS1eOBlN29U9S1Cq+P jZ/sffscri8q9m8KUx4a+1HG3N6TDIJtIz7/jJyTld2Aw+1JAlU4DG41t1lkEs6S 41wah3j9YrqXCp2uc3JmcI6k2XW2pj73T9Mqqz5e/xk2sfwnJ299dAK7vXkGR3ix Fg29LzTb0eQ9Ub1Mkn5E =Ouex -----END PGP SIGNATURE-----

Trust: 2.52

sources: NVD: CVE-2015-1819 // JVNDB: JVNDB-2015-004119 // BID: 75570 // VULHUB: VHN-79780 // PACKETSTORM: 136344 // PACKETSTORM: 140533 // PACKETSTORM: 136343 // PACKETSTORM: 135045 // PACKETSTORM: 132774 // PACKETSTORM: 136342

AFFECTED PRODUCTS

vendor:fedoraprojectmodel:fedorascope:eqversion:23

Trust: 1.6

vendor:fedoraprojectmodel:fedorascope:eqversion:22

Trust: 1.6

vendor:opensusemodel:opensusescope:eqversion:13.1

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:lteversion:5.0

Trust: 1.0

vendor:xmlsoftmodel:libxmlscope:eqversion:*

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:8.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:15.04

Trust: 1.0

vendor:applemodel:iphone osscope:lteversion:9.2.1

Trust: 1.0

vendor:oraclemodel:linuxscope:eqversion:7

Trust: 1.0

vendor:opensusemodel:opensusescope:eqversion:13.2

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:12.04

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:7.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.04

Trust: 1.0

vendor:applemodel:mac os xscope:lteversion:10.11.3

Trust: 1.0

vendor:applemodel:watchosscope:lteversion:2.1

Trust: 1.0

vendor:applemodel:tvosscope:lteversion:9.1

Trust: 1.0

vendor:oraclemodel:solarisscope:eqversion:11.3

Trust: 1.0

vendor:xmlsoftmodel:libxml2scope: - version: -

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.10.5

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.11 to 10.11.3

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.9.5

Trust: 0.8

vendor:applemodel:iosscope:ltversion:9.3 (ipad 2 or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:9.3 (iphone 4s or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:9.3 (ipod touch no. 5 after generation )

Trust: 0.8

vendor:applemodel:tvosscope:ltversion:9.2 (apple tv no. 4 generation )

Trust: 0.8

vendor:applemodel:watchosscope:ltversion:2.2 (apple watch edition)

Trust: 0.8

vendor:applemodel:watchosscope:ltversion:2.2 (apple watch hermes)

Trust: 0.8

vendor:applemodel:watchosscope:ltversion:2.2 (apple watch sport)

Trust: 0.8

vendor:applemodel:watchosscope:ltversion:2.2 (apple watch)

Trust: 0.8

vendor:xmlsoftmodel:libxml2scope:eqversion:2.3.10

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:1.7.2

Trust: 0.3

vendor:ibmmodel:informix generoscope:eqversion:2.32

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.6

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.0.1

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:6

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.4

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11

Trust: 0.3

vendor:ibmmodel:informix generoscope:eqversion:2.41

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.13

Trust: 0.3

vendor:ibmmodel:connections docsscope:eqversion:1.0.2

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.2.6

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.0.4

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.32

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.18

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.1

Trust: 0.3

vendor:ibmmodel:powerkvmscope:eqversion:3.1

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.1

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:1.7.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.4

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.14

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1.3

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.3

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.1.0

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.0.1

Trust: 0.3

vendor:ibmmodel:powerkvm sp3scope:eqversion:2.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.10

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.0

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.1.1

Trust: 0.3

vendor:ibmmodel:powerkvm buildscope:neversion:2.1.165.6

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:1.7.1

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.25

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.4.0

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.30

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.3.12

Trust: 0.3

vendor:applemodel:iosscope:neversion:9.3

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:1.8.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.1.1

Trust: 0.3

vendor:pexipmodel:infinityscope:eqversion:5.0

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.3.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.1

Trust: 0.3

vendor:ibmmodel:powerkvm buildscope:eqversion:2.1.157

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.5.0

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:1.0.1

Trust: 0.3

vendor:pexipmodel:infinityscope:eqversion:2.0

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.18

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.2.1

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:2.0

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:3.2.1.2

Trust: 0.3

vendor:ibmmodel:connections docsscope:eqversion:1.0.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.1

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:4.1.1.0

Trust: 0.3

vendor:applemodel:watchosscope:neversion:2.2

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:1.7

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:eqversion:4.13

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.2.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.3

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.28

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.9

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.17

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.12

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:3.0.0.5

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:eqversion:4.12

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:3.1.0.3

Trust: 0.3

vendor:ibmmodel:sametime media serverscope:eqversion:9.0

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.14

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.24

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.7

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.1

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.2.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.2

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.03

Trust: 0.3

vendor:ibmmodel:connections docs ifixscope:neversion:1.0.6003

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1.1

Trust: 0.3

vendor:ibmmodel:connections docs ifixscope:neversion:2.0002

Trust: 0.3

vendor:ibmmodel:rational systems testerscope:eqversion:3.3.0.3

Trust: 0.3

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:2.0.0.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.0.2

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.1

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:1.2.1.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.6

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.3.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.1

Trust: 0.3

vendor:pexipmodel:infinityscope:eqversion:8.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:30

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8

Trust: 0.3

vendor:applemodel:watchscope:eqversion:0

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.5.8

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.16

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:neversion:5.1

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.9

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.29

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:powerkvmscope:eqversion:2.1

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.7.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.7

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:1.8.16

Trust: 0.3

vendor:ibmmodel:rational systems testerscope:eqversion:3.3.0.4

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.20

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:3.2.1.4

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.3

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.2.10

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.3.14

Trust: 0.3

vendor:pexipmodel:infinityscope:eqversion:1.0

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.21

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.2.7

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:3.0.0.4

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.25

Trust: 0.3

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:3.2.1.3

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:1.8.1

Trust: 0.3

vendor:applemodel:ios betascope:eqversion:8.1.1

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.5.4

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:1.8.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.1

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:3.1.0.7

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.8

Trust: 0.3

vendor:pexipmodel:infinityscope:neversion:10.1

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:4.0.1.0

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.2.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.0

Trust: 0.3

vendor:ibmmodel:rational systems tester interim fixscope:neversion:3.3.0.7

Trust: 0.3

vendor:ibmmodel:cognos business intelligencescope:eqversion:10.2.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.5

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.28

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.0.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:50

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.3.5

Trust: 0.3

vendor:ibmmodel:powerkvm buildscope:eqversion:3.12

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.8

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:3.1.0.6

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:4.0.1.1

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.1.3

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.1.2

Trust: 0.3

vendor:ibmmodel:datapower gatewaysscope:eqversion:7.2.0.1

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.26

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.9.2

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.10

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.5.1

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.10

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.3.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.1

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.26

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.18

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.15

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.1.1

Trust: 0.3

vendor:ibmmodel:informix generoscope:eqversion:2.30

Trust: 0.3

vendor:ibmmodel:cognos business intelligencescope:eqversion:10.2.1.1

Trust: 0.3

vendor:applemodel:tvosscope:neversion:9.2

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.14

Trust: 0.3

vendor:applemodel:ios for developerscope:eqversion:6

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.7.6

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:eqversion:4.12.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.0.1

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.17

Trust: 0.3

vendor:ibmmodel:powerkvm buildscope:neversion:3.13

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.0.0

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.22

Trust: 0.3

vendor:ibmmodel:connections docsscope:eqversion:1.0.4

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.1

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:3.0.0.1

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.3.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.1

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:3.1.0.0

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.20

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.5.10

Trust: 0.3

vendor:pexipmodel:infinityscope:eqversion:4.0

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:3.1.0.1

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.13

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:1.8.7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.5

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.2.8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.2

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.7.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7

Trust: 0.3

vendor:ibmmodel:security access managerscope:eqversion:9.0.0.1

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:3.2

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.7

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.9

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node optionalscope:eqversion:6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.11.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.20

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.21

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:1.8.14

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.2.5

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:1.8.9

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.2

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.7

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.1

Trust: 0.3

vendor:ibmmodel:rational systems testerscope:eqversion:3.3.0.1

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.3

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.1.0

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.13

Trust: 0.3

vendor:pexipmodel:infinityscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:rational systems testerscope:eqversion:3.3.0.7

Trust: 0.3

vendor:applemodel:ios betascope:eqversion:64

Trust: 0.3

vendor:ibmmodel:cognos business intelligencescope:eqversion:10.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.1

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.5.7

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:4.1

Trust: 0.3

vendor:pexipmodel:infinityscope:eqversion:3.0

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.1.1

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation optionalscope:eqversion:6

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:1.8.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1.3

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:1.8.10

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.19

Trust: 0.3

vendor:ibmmodel:connections docs ifixscope:neversion:1.0.7006

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.30

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.23

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.2.1

Trust: 0.3

vendor:ibmmodel:security access manager for web fp19scope:eqversion:7.0

Trust: 0.3

vendor:ibmmodel:informix generoscope:eqversion:2.50

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:1.8.3

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:eqversion:4.15.1

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:eqversion:4.15.2

Trust: 0.3

vendor:ibmmodel:security identity governance and intelligencescope:eqversion:5.2

Trust: 0.3

vendor:applemodel:tvscope:eqversion:0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.1.2

Trust: 0.3

vendor:ibmmodel:connections docsscope:eqversion:2.0

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.29

Trust: 0.3

vendor:ibmmodel:cognos business intelligencescope:eqversion:10.2.1

Trust: 0.3

vendor:applemodel:mac os security updatescope:neversion:x2016-0020

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.22

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.11

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.7.8

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.31

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.11

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.27

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.5

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.7.1

Trust: 0.3

vendor:ibmmodel:cognos business intelligencescope:eqversion:8.4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1.1

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:eqversion:5.0.4

Trust: 0.3

vendor:ibmmodel:cognos business intelligencescope:eqversion:10.1

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.11

Trust: 0.3

vendor:ibmmodel:cognos business intelligencescope:eqversion:10.2

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.27

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.2

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.7.3

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:0

Trust: 0.3

vendor:pexipmodel:infinityscope:eqversion:9.0

Trust: 0.3

vendor:xmlsoftmodel:libxml2 rc1scope:eqversion:2.9

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.3.3

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.19

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.7.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1.6

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.1.2

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.3

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.24

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.10.5

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:1.8.13

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.2.9

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.1.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.8

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.15

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.02

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.9.1

Trust: 0.3

vendor:ibmmodel:connections docs ifixscope:neversion:1.0.5002

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.6

Trust: 0.3

vendor:redhatmodel:enterprise linux server optionalscope:eqversion:6

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.2.0

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.0

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:eqversion:4.14

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:3.1.0.4

Trust: 0.3

vendor:ibmmodel:connections docsscope:eqversion:1.0.5.1

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.16

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1.2

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.23

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.0.0

Trust: 0.3

vendor:ibmmodel:rational systems testerscope:eqversion:3.3.0.5

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.8

Trust: 0.3

vendor:ibmmodel:powerkvm buildscope:eqversion:2.1.165.4

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.5

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.3.11

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.16

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.20

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.9.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:40

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.3

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.3.1

Trust: 0.3

vendor:ibmmodel:informix generoscope:eqversion:2.40

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:eqversion:4.15

Trust: 0.3

vendor:ibmmodel:powerkvm buildscope:eqversion:2.1.165.1

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.12

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.2

Trust: 0.3

vendor:ibmmodel:security access managerscope:eqversion:9.0

Trust: 0.3

vendor:ibmmodel:connections docsscope:eqversion:1.0.6

Trust: 0.3

vendor:ibmmodel:connections docsscope:eqversion:1.0.7

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0.0.2

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.4.1

Trust: 0.3

vendor:ibmmodel:rational systems tester interim fixscope:eqversion:3.3.0.7

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop optionalscope:eqversion:6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.0

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.15

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1.4

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:ibmmodel:powerkvm buildscope:eqversion:2.1.165.5

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:6

Trust: 0.3

vendor:applemodel:ios betascope:eqversion:4.2

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.1

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.3.13

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:3.1.0.5

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.12

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.5

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:0

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.3.2

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:1.7.4

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.17

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.5.11

Trust: 0.3

vendor:ibmmodel:sametime media serverscope:neversion:9.0.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:1.0

Trust: 0.3

vendor:xmlsoftmodel:libxml2 betascope:eqversion:2.2

Trust: 0.3

vendor:ibmmodel:datapower gatewaysscope:eqversion:7.2.0.0

Trust: 0.3

vendor:oraclemodel:linuxscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:3.2.1.1

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.3.0

Trust: 0.3

vendor:ibmmodel:connections docsscope:eqversion:1.0.5

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:eqversion:5.0

Trust: 0.3

vendor:ibmmodel:datapower gatewaysscope:eqversion:7.2.0.2

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.4.7

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.3.7

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.7.7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.2.11

Trust: 0.3

vendor:ibmmodel:rational systems testerscope:eqversion:3.3.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.2

Trust: 0.3

vendor:pexipmodel:infinityscope:eqversion:7.0

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.1.1

Trust: 0.3

vendor:ibmmodel:infosphere streamsscope:eqversion:4.0.1

Trust: 0.3

vendor:ibmmodel:powerkvm buildscope:eqversion:2.1.158

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.4

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.0

Trust: 0.3

vendor:xmlsoftmodel:libxml2scope:eqversion:2.6.1

Trust: 0.3

sources: BID: 75570 // JVNDB: JVNDB-2015-004119 // CNNVD: CNNVD-201507-170 // NVD: CVE-2015-1819

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-1819
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-1819
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201507-170
value: MEDIUM

Trust: 0.6

VULHUB: VHN-79780
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-1819
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-79780
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-79780 // JVNDB: JVNDB-2015-004119 // CNNVD: CNNVD-201507-170 // NVD: CVE-2015-1819

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

sources: VULHUB: VHN-79780 // JVNDB: JVNDB-2015-004119 // NVD: CVE-2015-1819

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 135045 // CNNVD: CNNVD-201507-170

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201507-170

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-004119

PATCH

title:APPLE-SA-2016-03-21-1 iOS 9.3url:http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html

Trust: 0.8

title:APPLE-SA-2016-03-21-2 watchOS 2.2url:http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html

Trust: 0.8

title:APPLE-SA-2016-03-21-3 tvOS 9.2url:http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html

Trust: 0.8

title:APPLE-SA-2016-03-21-5 OS X El Capitan 10.11.4 and Security Update 2016-002url:http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html

Trust: 0.8

title:HT206167url:https://support.apple.com/en-us/HT206167

Trust: 0.8

title:HT206168url:https://support.apple.com/en-us/HT206168

Trust: 0.8

title:HT206169url:https://support.apple.com/en-us/HT206169

Trust: 0.8

title:HT206166url:https://support.apple.com/en-us/HT206166

Trust: 0.8

title:HT206166url:https://support.apple.com/ja-jp/HT206166

Trust: 0.8

title:HT206167url:https://support.apple.com/ja-jp/HT206167

Trust: 0.8

title:HT206168url:https://support.apple.com/ja-jp/HT206168

Trust: 0.8

title:HT206169url:https://support.apple.com/ja-jp/HT206169

Trust: 0.8

title:CVE-2015-1819 Enforce the reader to run in constant memoryurl:https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9

Trust: 0.8

title:Oracle Solaris Third Party Bulletin - October 2015url:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

Trust: 0.8

title:RHSA-2015:2550url:https://rhn.redhat.com/errata/RHSA-2015-2550.html

Trust: 0.8

title:RHSA-2015:1419url:https://rhn.redhat.com/errata/RHSA-2015-1419.html

Trust: 0.8

title:v2.9.3: Nov 20 2015url:http://xmlsoft.org/news.html

Trust: 0.8

title:8985cde70901c62d3f0f04da225e73b7344a52d7..213f1fe0d76d30eaed6e5853057defc43e6df2c9url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=57376

Trust: 0.6

sources: JVNDB: JVNDB-2015-004119 // CNNVD: CNNVD-201507-170

EXTERNAL IDS

db:NVDid:CVE-2015-1819

Trust: 3.4

db:BIDid:75570

Trust: 2.0

db:SECTRACKid:1034243

Trust: 1.7

db:JVNid:JVNVU97668313

Trust: 0.8

db:JVNDBid:JVNDB-2015-004119

Trust: 0.8

db:CNNVDid:CNNVD-201507-170

Trust: 0.7

db:PACKETSTORMid:135045

Trust: 0.2

db:PACKETSTORMid:136344

Trust: 0.2

db:PACKETSTORMid:132774

Trust: 0.2

db:PACKETSTORMid:136343

Trust: 0.2

db:PACKETSTORMid:140533

Trust: 0.2

db:PACKETSTORMid:136342

Trust: 0.2

db:PACKETSTORMid:134655

Trust: 0.1

db:PACKETSTORMid:134383

Trust: 0.1

db:PACKETSTORMid:132559

Trust: 0.1

db:VULHUBid:VHN-79780

Trust: 0.1

sources: VULHUB: VHN-79780 // BID: 75570 // JVNDB: JVNDB-2015-004119 // PACKETSTORM: 136344 // PACKETSTORM: 140533 // PACKETSTORM: 136343 // PACKETSTORM: 135045 // PACKETSTORM: 132774 // PACKETSTORM: 136342 // CNNVD: CNNVD-201507-170 // NVD: CVE-2015-1819

REFERENCES

url:http://www.securityfocus.com/bid/75570

Trust: 2.3

url:http://www.debian.org/security/2015/dsa-3430

Trust: 2.3

url:http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

Trust: 2.0

url:https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9

Trust: 2.0

url:https://security.gentoo.org/glsa/201701-37

Trust: 1.8

url:http://rhn.redhat.com/errata/rhsa-2015-1419.html

Trust: 1.8

url:http://www.securitytracker.com/id/1034243

Trust: 1.7

url:http://lists.apple.com/archives/security-announce/2016/mar/msg00000.html

Trust: 1.7

url:http://lists.apple.com/archives/security-announce/2016/mar/msg00001.html

Trust: 1.7

url:http://lists.apple.com/archives/security-announce/2016/mar/msg00002.html

Trust: 1.7

url:http://lists.apple.com/archives/security-announce/2016/mar/msg00004.html

Trust: 1.7

url:http://lists.fedoraproject.org/pipermail/package-announce/2015-november/172943.html

Trust: 1.7

url:http://lists.fedoraproject.org/pipermail/package-announce/2015-november/172710.html

Trust: 1.7

url:https://security.gentoo.org/glsa/201507-08

Trust: 1.7

url:http://rhn.redhat.com/errata/rhsa-2015-2550.html

Trust: 1.7

url:http://www.ubuntu.com/usn/usn-2812-1

Trust: 1.7

url:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

Trust: 1.7

url:http://xmlsoft.org/news.html

Trust: 1.7

url:https://support.apple.com/ht206166

Trust: 1.7

url:https://support.apple.com/ht206167

Trust: 1.7

url:https://support.apple.com/ht206168

Trust: 1.7

url:https://support.apple.com/ht206169

Trust: 1.7

url:http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html

Trust: 1.7

url:http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1819

Trust: 0.8

url:http://jvn.jp/vu/jvnvu97668313/index.html

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1819

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2015-1819

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2015-8035

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2015-7499

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2015-5312

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2015-7942

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2015-7500

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2015-8242

Trust: 0.4

url:https://bugzilla.redhat.com/show_bug.cgi?id=1211278

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1023350

Trust: 0.3

url:http://www.pexip.com/sites/pexip/files/pexip_security_bulletin_2015-08-21.pdf

Trust: 0.3

url:https://www.alienvault.com/forums/discussion/5706/security-advisory-alienvault-v5-1-addresses-6-vulnerabilities

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1023983

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21972720

Trust: 0.3

url:https://www-304.ibm.com/support/docview.wss?rs=630&uid=swg21973201

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21974737

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21975341

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21975975

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21976393

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21977121

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21979767

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21981066

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21985337

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2016-1751

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-8659

Trust: 0.3

url:https://gpgtools.org

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2016-1753

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2016-1750

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2016-0801

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2016-1740

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2016-1752

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2016-1754

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2016-0802

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2016-1748

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2016-1755

Trust: 0.2

url:https://www.apple.com/support/security/pgp/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-1762

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-1775

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7498

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7941

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7497

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-1784

Trust: 0.1

url:https://support.apple.com/kb/ht1222

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1950

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1783

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5131

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-3705

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1840

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4483

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-3705

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1836

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1838

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-3627

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4483

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7942

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1839

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2073

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7499

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1836

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1839

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-8806

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2073

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8806

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-3627

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8035

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-5131

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5312

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7498

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7500

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1838

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7941

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1819

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4658

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8242

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4658

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1840

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7497

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7995

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1725

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1727

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1720

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1726

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1724

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1721

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1723

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1722

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1717

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1719

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-8241

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-8317

Trust: 0.1

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.1

url:https://access.redhat.com/articles/11258

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#low

Trust: 0.1

url:https://bugzilla.redhat.com/):

Trust: 0.1

url:https://access.redhat.com/security/team/key/

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2015-1819

Trust: 0.1

url:https://access.redhat.com/security/team/contact/

Trust: 0.1

url:https://www.apple.com/itunes/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1756

Trust: 0.1

url:https://support.apple.com/kb/ht201222

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1757

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1760

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1766

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1761

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1758

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1734

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1763

Trust: 0.1

url:http://www.tencent.com)

Trust: 0.1

sources: VULHUB: VHN-79780 // BID: 75570 // JVNDB: JVNDB-2015-004119 // PACKETSTORM: 136344 // PACKETSTORM: 140533 // PACKETSTORM: 136343 // PACKETSTORM: 135045 // PACKETSTORM: 132774 // PACKETSTORM: 136342 // CNNVD: CNNVD-201507-170 // NVD: CVE-2015-1819

CREDITS

Florian Weimer

Trust: 0.9

sources: BID: 75570 // CNNVD: CNNVD-201507-170

SOURCES

db:VULHUBid:VHN-79780
db:BIDid:75570
db:JVNDBid:JVNDB-2015-004119
db:PACKETSTORMid:136344
db:PACKETSTORMid:140533
db:PACKETSTORMid:136343
db:PACKETSTORMid:135045
db:PACKETSTORMid:132774
db:PACKETSTORMid:136342
db:CNNVDid:CNNVD-201507-170
db:NVDid:CVE-2015-1819

LAST UPDATE DATE

2024-11-07T21:03:36.365000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-79780date:2019-12-27T00:00:00
db:BIDid:75570date:2016-07-22T17:00:00
db:JVNDBid:JVNDB-2015-004119date:2016-03-29T00:00:00
db:CNNVDid:CNNVD-201507-170date:2019-12-30T00:00:00
db:NVDid:CVE-2015-1819date:2019-12-27T16:08:55.810

SOURCES RELEASE DATE

db:VULHUBid:VHN-79780date:2015-08-14T00:00:00
db:BIDid:75570date:2015-07-07T00:00:00
db:JVNDBid:JVNDB-2015-004119date:2015-08-18T00:00:00
db:PACKETSTORMid:136344date:2016-03-22T15:12:44
db:PACKETSTORMid:140533date:2017-01-17T02:26:10
db:PACKETSTORMid:136343date:2016-03-22T15:09:54
db:PACKETSTORMid:135045date:2015-12-24T17:31:30
db:PACKETSTORMid:132774date:2015-07-22T17:54:21
db:PACKETSTORMid:136342date:2016-03-22T15:05:15
db:CNNVDid:CNNVD-201507-170date:2015-07-08T00:00:00
db:NVDid:CVE-2015-1819date:2015-08-14T18:59:03.987