ID

VAR-201902-0855


CVE

CVE-2019-7317


TITLE

libpng  Vulnerability in using free memory in

Trust: 0.8

sources: JVNDB: JVNDB-2019-001545

DESCRIPTION

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. libpng Exists in a vulnerability related to the use of freed memory.Service operation interruption (DoS) It may be in a state. libpng is prone to a denial-of-service vulnerability. An attacker may exploit this issue to crash the affected application, resulting in a denial-of-service condition. libpng version 1.6.36 is vulnerable; other versions may also be affected. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 (CVE-2019-9800) * Mozilla: Cross-origin theft of images with createImageBitmap (CVE-2019-9797) * Mozilla: Type confusion with object groups and UnboxedObjects (CVE-2019-9816) * Mozilla: Stealing of cross-domain images using canvas (CVE-2019-9817) * Mozilla: Compartment mismatch with fetch API (CVE-2019-9819) * Mozilla: Use-after-free of ChromeEventHandler by DocShell (CVE-2019-9820) * Mozilla: Use-after-free in XMLHttpRequest (CVE-2019-11691) * Mozilla: Use-after-free removing listeners in the event listener manager (CVE-2019-11692) * Mozilla: Buffer overflow in WebGL bufferdata on Linux (CVE-2019-11693) * mozilla: Cross-origin theft of images with ImageBitmapRenderingContext (CVE-2018-18511) * chromium-browser: Out of bounds read in Skia (CVE-2019-5798) * Mozilla: Theft of user history data through drag and drop of hyperlinks to and from bookmarks (CVE-2019-11698) * libpng: use-after-free in png_image_free in png.c (CVE-2019-7317) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bugs fixed (https://bugzilla.redhat.com/): 1672409 - CVE-2019-7317 libpng: use-after-free in png_image_free in png.c 1676997 - CVE-2018-18511 mozilla: Cross-origin theft of images with ImageBitmapRenderingContext 1688200 - CVE-2019-5798 chromium-browser: Out of bounds read in Skia 1712617 - CVE-2019-11691 Mozilla: Use-after-free in XMLHttpRequest 1712618 - CVE-2019-11692 Mozilla: Use-after-free removing listeners in the event listener manager 1712619 - CVE-2019-11693 Mozilla: Buffer overflow in WebGL bufferdata on Linux 1712621 - CVE-2019-11698 Mozilla: Theft of user history data through drag and drop of hyperlinks to and from bookmarks 1712622 - CVE-2019-9797 Mozilla: Cross-origin theft of images with createImageBitmap 1712623 - CVE-2019-9800 Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 1712625 - CVE-2019-9816 Mozilla: Type confusion with object groups and UnboxedObjects 1712626 - CVE-2019-9817 Mozilla: Stealing of cross-domain images using canvas 1712628 - CVE-2019-9819 Mozilla: Compartment mismatch with fetch API 1712629 - CVE-2019-9820 Mozilla: Use-after-free of ChromeEventHandler by DocShell 6. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: java-1.7.1-ibm security update Advisory ID: RHSA-2019:2495-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://access.redhat.com/errata/RHSA-2019:2495 Issue date: 2019-08-15 CVE Names: CVE-2019-2762 CVE-2019-2769 CVE-2019-2816 CVE-2019-7317 CVE-2019-11775 ===================================================================== 1. Summary: An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client Supplementary (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Supplementary (v. 7) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 7) - x86_64 3. Description: IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP50. Security Fix(es): * IBM JDK: Failure to privatize a value pulled out of the loop by versioning (CVE-2019-11775) * OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) (CVE-2019-2762) * OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) (CVE-2019-2769) * OpenJDK: Missing URL format validation (Networking, 8221518) (CVE-2019-2816) * libpng: use-after-free in png_image_free in png.c (CVE-2019-7317) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of IBM Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1672409 - CVE-2019-7317 libpng: use-after-free in png_image_free in png.c 1730056 - CVE-2019-2769 OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) 1730099 - CVE-2019-2816 OpenJDK: Missing URL format validation (Networking, 8221518) 1730415 - CVE-2019-2762 OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) 1738549 - CVE-2019-11775 IBM JDK: Failure to privatize a value pulled out of the loop by versioning 6. Package List: Red Hat Enterprise Linux Client Supplementary (v. 7): x86_64: java-1.7.1-ibm-1.7.1.4.50-1jpp.1.el7.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.50-1jpp.1.el7.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.50-1jpp.1.el7.x86_64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.50-1jpp.1.el7.x86_64.rpm java-1.7.1-ibm-plugin-1.7.1.4.50-1jpp.1.el7.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.50-1jpp.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Supplementary (v. 7): x86_64: java-1.7.1-ibm-1.7.1.4.50-1jpp.1.el7.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.50-1jpp.1.el7.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.50-1jpp.1.el7.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.50-1jpp.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 7): ppc64: java-1.7.1-ibm-1.7.1.4.50-1jpp.1.el7.ppc64.rpm java-1.7.1-ibm-demo-1.7.1.4.50-1jpp.1.el7.ppc64.rpm java-1.7.1-ibm-devel-1.7.1.4.50-1jpp.1.el7.ppc64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.50-1jpp.1.el7.ppc64.rpm java-1.7.1-ibm-src-1.7.1.4.50-1jpp.1.el7.ppc64.rpm ppc64le: java-1.7.1-ibm-1.7.1.4.50-1jpp.1.el7.ppc64le.rpm java-1.7.1-ibm-demo-1.7.1.4.50-1jpp.1.el7.ppc64le.rpm java-1.7.1-ibm-devel-1.7.1.4.50-1jpp.1.el7.ppc64le.rpm java-1.7.1-ibm-jdbc-1.7.1.4.50-1jpp.1.el7.ppc64le.rpm java-1.7.1-ibm-src-1.7.1.4.50-1jpp.1.el7.ppc64le.rpm s390x: java-1.7.1-ibm-1.7.1.4.50-1jpp.1.el7.s390x.rpm java-1.7.1-ibm-demo-1.7.1.4.50-1jpp.1.el7.s390x.rpm java-1.7.1-ibm-devel-1.7.1.4.50-1jpp.1.el7.s390x.rpm java-1.7.1-ibm-jdbc-1.7.1.4.50-1jpp.1.el7.s390x.rpm java-1.7.1-ibm-src-1.7.1.4.50-1jpp.1.el7.s390x.rpm x86_64: java-1.7.1-ibm-1.7.1.4.50-1jpp.1.el7.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.50-1jpp.1.el7.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.50-1jpp.1.el7.x86_64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.50-1jpp.1.el7.x86_64.rpm java-1.7.1-ibm-plugin-1.7.1.4.50-1jpp.1.el7.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.50-1jpp.1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 7): x86_64: java-1.7.1-ibm-1.7.1.4.50-1jpp.1.el7.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.50-1jpp.1.el7.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.50-1jpp.1.el7.x86_64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.50-1jpp.1.el7.x86_64.rpm java-1.7.1-ibm-plugin-1.7.1.4.50-1jpp.1.el7.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.50-1jpp.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-2762 https://access.redhat.com/security/cve/CVE-2019-2769 https://access.redhat.com/security/cve/CVE-2019-2816 https://access.redhat.com/security/cve/CVE-2019-7317 https://access.redhat.com/security/cve/CVE-2019-11775 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXVUfj9zjgjWX9erEAQgHKg/+JGYAGvI9M07jVnyx/aVilNzoHRbbyA9k ZOdfkTRvXD3Einlrwpe0NV6UPygQ6kiLGE1YdlO3LluoLJupasBXpgCKCeSee/bN Ie1mLvXswfzOzGLIHGTeY7bSTGgjP99+7GzTrpKSbf3wl8LGAdx42EJ0ecIMUIyQ E0YpbV9h6M77ItWpeI88aIy6n74xu40kkZA3GupPQxBVfFJlkMJgwOdE4Nwi1b50 48f0UjQkxZ6bl0imx+rUoboCbgH2iohf45GmLqF0OgwDUeq0MkXYARXkqzaA7NOU ADwFxOFcj0SJ7LJXjFRQa9i+D2KKRHbXTmn/PaXnM6J6BEycsFfwLXnqVqdrTUtb RJ00k4yPMjADkmTuwdS0GNL9wa0YWtBja1By2n+S49AbA36CysmuVAAMfq5JYnHB 5F2IqlnQvu6EZl84psq692WWKZPiBzgvSVTfi0+VNPyN9Omsn85/sw2wkXMvPMJZ DAeRLKKgoWMv8bNzOAd9rvO/z6DO6fYKSygFsMN6f2vfG61KuHnD/n2uot929/G8 4vPqxTcVMvUjXjPNqZtMXJpmqV/m0OjzzfbEFzLNlHnMNvkzLiMH3MJxZ+SaL0uU Y8uI6vVttVB37hjkZAA/+cK753smTsFa+Ol54Wl8ULei4tRGdHc7hGII/9nL5OTr 7J6ryPGM2HA= =nXZW -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================= Ubuntu Security Notice USN-4080-1 July 31, 2019 openjdk-8 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Several security issues were fixed in OpenJDK. Software Description: - openjdk-8: Open Source Java implementation Details: Keegan Ryan discovered that the ECC implementation in OpenJDK was not sufficiently resilient to side-channel attacks. An attacker could possibly use this to expose sensitive information. (CVE-2019-2745) It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. (CVE-2019-2762) It was discovered that in some situations OpenJDK did not properly bound the amount of memory allocated during object deserialization. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service (excessive memory consumption). (CVE-2019-2769) It was discovered that OpenJDK did not properly restrict privileges in certain situations. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2019-2786) Jonathan Birch discovered that the Networking component of OpenJDK did not properly validate URLs in some situations. An attacker could use this to bypass restrictions on characters in URLs. (CVE-2019-2816) Nati Nimni discovered that the Java Cryptography Extension component in OpenJDK did not properly perform array bounds checking in some situations. An attacker could use this to cause a denial of service. (CVE-2019-2842) It was discovered that OpenJDK incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted PNG file, a remote attacker could use this issue to cause OpenJDK to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-7317) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: openjdk-8-jdk 8u222-b10-1ubuntu1~16.04.1 openjdk-8-jdk-headless 8u222-b10-1ubuntu1~16.04.1 openjdk-8-jre 8u222-b10-1ubuntu1~16.04.1 openjdk-8-jre-headless 8u222-b10-1ubuntu1~16.04.1 openjdk-8-jre-jamvm 8u222-b10-1ubuntu1~16.04.1 openjdk-8-jre-zero 8u222-b10-1ubuntu1~16.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4435-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 27, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libpng1.6 CVE ID : CVE-2019-7317 Debian Bug : 921355 A use-after-free vulnerability was discovered in the png_image_free() function in the libpng PNG library, which could lead to denial of service or potentially the execution of arbitrary code if a malformed image is processed. For the stable distribution (stretch), this problem has been fixed in version 1.6.28-1+deb9u1. We recommend that you upgrade your libpng1.6 packages. For the detailed security status of libpng1.6 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libpng1.6 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlzECBJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Txww//aZy+AZ6sloDpGd6f8r2C5/9DsbwGLdpNsJSVaA7jX6OWKWfb+UMb7vwz fz8jUhFZFrjD8DtF1fyrhO5yzbnFGMGSd8HpfOP7aNfBQBnud0jwnVlmTRiB4idq bKC5SEhjjU7SlGBNZ7vfrM2AbaPEp+ge08O6Pd7YpeV7JbwSHEEDLpLaPLFkLyik h2zb7efpHRew0QmVfi6HcIf5jAKBz2G4JTIKD9tHrfWcVBOpehmCGV8VJ9Hx0ean J+VkhDn1ix1M686spf+OuG8GGgdmWaR5IA3Mp9Arz52Mxq83660G4ji1cMcltZa/ Hlb9pntp8Mlz8uQ71FUcy/RZmZiqDXy49SHCA1Dt+EnE5vcHi1LXLopnOHdqo14B xjW88ME7gzAtHTyup2UFOS93mVmklGytmPUixXEiWo8GMazJvlPvvFqoAmB1igeY BD2wa1exgZgS6UpmOXmsKYfOeFjRYY3muqtF5zme4Az0OYxr5UzB5kvDuUm3SHhA WXysaVYyq7eFuhXT95gSQgKfUVZIC6AeOZ/jSJ7HcEex8oj71KyHjbbHFr5Lfx3g fsLeD59kj8ovTrx02/e2LcSpuXqZDLcbipJlhAiUItSQf0vJK+DUbgZ0r6GjdInO 78W1KDDUpmXk4uGEWae/bR/HuoAZV26Y5VX8Pd6TaU59oif8/sQ= =jInk -----END PGP SIGNATURE-----

Trust: 2.52

sources: NVD: CVE-2019-7317 // JVNDB: JVNDB-2019-001545 // BID: 108098 // VULMON: CVE-2019-7317 // PACKETSTORM: 154288 // PACKETSTORM: 153067 // PACKETSTORM: 154068 // PACKETSTORM: 153836 // PACKETSTORM: 154282 // PACKETSTORM: 152664

AFFECTED PRODUCTS

vendor:opensusemodel:package hubscope:eqversion: -

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:19.04

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:6.0

Trust: 1.0

vendor:redhatmodel:enterprise linux for scientific computingscope:eqversion:6.0

Trust: 1.0

vendor:redhatmodel:satellitescope:eqversion:5.8

Trust: 1.0

vendor:redhatmodel:enterprise linux for power big endianscope:eqversion:6.0

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux for scientific computingscope:eqversion:7.0

Trust: 1.0

vendor:oraclemodel:hyperion infrastructure technologyscope:eqversion:11.2.6.0

Trust: 1.0

vendor:hpemodel:xp7 command view advanced edition suitescope:ltversion:8.7.0-00

Trust: 1.0

vendor:netappmodel:snapmanagerscope:eqversion:3.4.2

Trust: 1.0

vendor:oraclemodel:java sescope:eqversion:8u212

Trust: 1.0

vendor:netappmodel:active iq unified managerscope:ltversion:9.6

Trust: 1.0

vendor:netappmodel:e-series santricity storage managerscope:ltversion:11.53

Trust: 1.0

vendor:libpngmodel:libpngscope:ltversion:1.6.37

Trust: 1.0

vendor:netappmodel:e-series santricity managementscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux for power big endianscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6.0

Trust: 1.0

vendor:netappmodel:steelstorescope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:7.0

Trust: 1.0

vendor:libpngmodel:libpngscope:gteversion:1.6.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:8.0

Trust: 1.0

vendor:netappmodel:oncommand insightscope:ltversion:7.3.9

Trust: 1.0

vendor:netappmodel:cloud backupscope:eqversion: -

Trust: 1.0

vendor:oraclemodel:mysqlscope:ltversion:8.0.23

Trust: 1.0

vendor:oraclemodel:jdkscope:eqversion:12.0.1

Trust: 1.0

vendor:redhatmodel:enterprise linux for ibm z systemsscope:eqversion:8.0

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6.0

Trust: 1.0

vendor:opensusemodel:leapscope:eqversion:42.3

Trust: 1.0

vendor:redhatmodel:enterprise linux for power little endianscope:eqversion:8.0

Trust: 1.0

vendor:netappmodel:active iq unified managerscope:eqversion:9.6

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:7.0

Trust: 1.0

vendor:mozillamodel:thunderbirdscope:eqversion: -

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:18.04

Trust: 1.0

vendor:opensusemodel:leapscope:eqversion:15.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:16.04

Trust: 1.0

vendor:netappmodel:oncommand workflow automationscope:ltversion:5.1

Trust: 1.0

vendor:oraclemodel:jdkscope:eqversion:11.0.3

Trust: 1.0

vendor:mozillamodel:firefoxscope:eqversion: -

Trust: 1.0

vendor:netappmodel:e-series santricity web servicesscope:ltversion:4.0

Trust: 1.0

vendor:redhatmodel:enterprise linux for ibm z systemsscope:eqversion:6.0

Trust: 1.0

vendor:netappmodel:snapmanagerscope:ltversion:3.4.2

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:8.0

Trust: 1.0

vendor:netappmodel:e-series santricity unified managerscope:ltversion:3.2

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:18.10

Trust: 1.0

vendor:oraclemodel:java sescope:eqversion:7u221

Trust: 1.0

vendor:redhatmodel:enterprise linux for ibm z systemsscope:eqversion:7.0

Trust: 1.0

vendor:netappmodel:plug-in for symantec netbackupscope:eqversion: -

Trust: 1.0

vendor:opensusemodel:leapscope:eqversion:15.1

Trust: 1.0

vendor:hpmodel:xp7 command viewscope:ltversion:8.7.0-00

Trust: 1.0

vendor:redhatmodel:enterprise linux for power little endianscope:eqversion:7.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:日立model:ucosminexus clientscope: - version: -

Trust: 0.8

vendor:日立model:ucosminexus service platformscope: - version: -

Trust: 0.8

vendor:日立model:hitachi application serverscope: - version: -

Trust: 0.8

vendor:日立model:日立アドバンストサーバ ha8000v シリーズscope: - version: -

Trust: 0.8

vendor:日立model:hitachi infrastructure analytics advisorscope: - version: -

Trust: 0.8

vendor:日立model:ucosminexus application serverscope: - version: -

Trust: 0.8

vendor:日立model:hitachi developer's kit for javascope: - version: -

Trust: 0.8

vendor:日立model:ucosminexus service architectscope: - version: -

Trust: 0.8

vendor:日立model:hitachi configuration managerscope: - version: -

Trust: 0.8

vendor:日立model:hitachi replication managerscope: - version: -

Trust: 0.8

vendor:日立model:ucosminexus developerscope: - version: -

Trust: 0.8

vendor:日立model:hitachi global link managerscope: - version: -

Trust: 0.8

vendor:日立model:hitachi tiered storage managerscope: - version: -

Trust: 0.8

vendor:日立model:hitachi dynamic link managerscope: - version: -

Trust: 0.8

vendor:日立model:hitachi compute systems managerscope: - version: -

Trust: 0.8

vendor:日立model:cosminexus developer's kit for javascope: - version: -

Trust: 0.8

vendor:日立model:hitachi tuning managerscope: - version: -

Trust: 0.8

vendor:png groupmodel:libpngscope: - version: -

Trust: 0.8

vendor:日立model:hitachi device managerscope: - version: -

Trust: 0.8

vendor:日立model:hitachi automation directorscope: - version: -

Trust: 0.8

vendor:libpngmodel:libpngscope:eqversion:1.6.36

Trust: 0.3

vendor:libpngmodel:libpngscope:neversion:1.6.37

Trust: 0.3

sources: BID: 108098 // JVNDB: JVNDB-2019-001545 // NVD: CVE-2019-7317

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-7317
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-7317
value: MEDIUM

Trust: 0.8

VULMON: CVE-2019-7317
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2019-7317
severity: LOW
baseScore: 2.6
vectorString: AV:N/AC:H/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 4.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2019-7317
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.6
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-7317
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2019-7317 // JVNDB: JVNDB-2019-001545 // NVD: CVE-2019-7317

PROBLEMTYPE DATA

problemtype:CWE-416

Trust: 1.0

problemtype:Use of freed memory (CWE-416) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2019-001545 // NVD: CVE-2019-7317

THREAT TYPE

network

Trust: 0.3

sources: BID: 108098

TYPE

Design Error

Trust: 0.3

sources: BID: 108098

PATCH

title:hitachi-sec-2019-116 Software product security informationurl:https://github.com/glennrp/libpng/issues/275

Trust: 0.8

title:Debian CVElist Bug Report Logs: libpng1.6: CVE-2019-7317: use-after-free in png_image_free in png.curl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=ef2bbc82329f4e3dd9e23c0137af2a7b

Trust: 0.1

title:Ubuntu Security Notice: libpng1.6 vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3962-1

Trust: 0.1

title:Debian Security Advisories: DSA-4435-1 libpng1.6 -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=d60ba88361ab9afdcad18ca2a106ac3b

Trust: 0.1

title:Red Hat: Important: java-1.7.1-ibm security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20192494 - Security Advisory

Trust: 0.1

title:Red Hat: Important: java-1.7.1-ibm security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20192495 - Security Advisory

Trust: 0.1

title:Arch Linux Advisories: [ASA-201904-10] libpng: denial of serviceurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201904-10

Trust: 0.1

title:Red Hat: Important: java-1.8.0-ibm security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20192737 - Security Advisory

Trust: 0.1

title:Red Hat: CVE-2019-7317url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2019-7317

Trust: 0.1

title:Red Hat: Important: java-1.8.0-ibm security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20192585 - Security Advisory

Trust: 0.1

title:Red Hat: Important: java-1.8.0-ibm security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20192590 - Security Advisory

Trust: 0.1

title:Red Hat: Important: java-1.8.0-ibm security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20192592 - Security Advisory

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2019-7317

Trust: 0.1

title:Red Hat: Important: thunderbird security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20191308 - Security Advisory

Trust: 0.1

title:Red Hat: Important: thunderbird security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20191310 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: firefox security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20191265 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: firefox security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20191269 - Security Advisory

Trust: 0.1

title:Red Hat: Important: thunderbird security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20191309 - Security Advisory

Trust: 0.1

title:Ubuntu Security Notice: openjdk-lts vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4083-1

Trust: 0.1

title:Red Hat: Critical: firefox security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20191267 - Security Advisory

Trust: 0.1

title:Ubuntu Security Notice: openjdk-8 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4080-1

Trust: 0.1

title:Ubuntu Security Notice: thunderbird vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3997-1

Trust: 0.1

title:Debian Security Advisories: DSA-4451-1 thunderbird -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=1cf7f39c2c474666174a69cf97b06740

Trust: 0.1

title:Ubuntu Security Notice: firefox regressionurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3991-3

Trust: 0.1

title:IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIXurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=61e62f4d9c861153c6391afc0ec560a4

Trust: 0.1

title:Debian Security Advisories: DSA-4448-1 firefox-esr -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=e2d9ccf571c31c1011ad31af2798140f

Trust: 0.1

title:Ubuntu Security Notice: firefox regressionurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3991-2

Trust: 0.1

title:Ubuntu Security Notice: firefox vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3991-1

Trust: 0.1

title:Arch Linux Advisories: [ASA-201905-8] thunderbird: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201905-8

Trust: 0.1

title:Amazon Linux 2: ALAS2-2019-1246url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2019-1246

Trust: 0.1

title:Mozilla: Mozilla Foundation Security Advisory 2019-14url:https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories&qid=2019-14

Trust: 0.1

title:IBM: IBM Security Bulletin: Multiple Mozilla Firefox vulnerability in IBM SONASurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=4a8e20a238934bc47ca332a3c76cc9c3

Trust: 0.1

title:Hitachi Security Advisories: Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager and Hitachi Infrastructure Analytics Advisorurl:https://vulmon.com/vendoradvisory?qidtp=hitachi_security_advisories&qid=hitachi-sec-2019-117

Trust: 0.1

title:IBM: Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage Systems (January 2020v2)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=acad3ac1b2767940a01b72ed1b51586b

Trust: 0.1

title:Arch Linux Advisories: [ASA-201905-9] firefox: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201905-9

Trust: 0.1

title:Hitachi Security Advisories: Multiple Vulnerabilities in Cosminexusurl:https://vulmon.com/vendoradvisory?qidtp=hitachi_security_advisories&qid=hitachi-sec-2019-116

Trust: 0.1

title:Amazon Linux 2: ALAS2-2019-1229url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2019-1229

Trust: 0.1

title:Mozilla: Security vulnerabilities fixed in Firefox ESR 60.7url:https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories&qid=554d832b08166d6d04a53f3c421e7f9b

Trust: 0.1

title:IBM: IBM Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU – Jul 2019 – Includes Oracle Jul 2019 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Timeurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=de7b9859dff396513e72da22ffc4ab3e

Trust: 0.1

title:Mozilla: Mozilla Foundation Security Advisory 2019-15url:https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories&qid=2019-15

Trust: 0.1

title:Mozilla: Security vulnerabilities fixed in Thunderbird 60.7url:https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories&qid=198e3a670ab8c803584e801da3919e61

Trust: 0.1

title:IBM: IBM Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Editionurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=836b059f33e614408bd51705b325caaf

Trust: 0.1

title:IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterpriseurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=b352b6737bfbf2a62b0a2201928e8963

Trust: 0.1

title:IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Cloud Manager with OpenStackurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=1ad5c6091de269fb79e0c4d1c06b0846

Trust: 0.1

title:Mozilla: Security vulnerabilities fixed in Firefox 67url:https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories&qid=730fce689efe63b7de803de0d8794796

Trust: 0.1

title:Mozilla: Mozilla Foundation Security Advisory 2019-13url:https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories&qid=2019-13

Trust: 0.1

title:IBM: IBM Security Bulletin: Vyatta 5600 vRouter Software Patches – Release 1801-zurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=4ef3e54cc5cdc194f0526779f9480f89

Trust: 0.1

sources: VULMON: CVE-2019-7317 // JVNDB: JVNDB-2019-001545

EXTERNAL IDS

db:NVDid:CVE-2019-7317

Trust: 3.6

db:BIDid:108098

Trust: 1.4

db:PACKETSTORMid:152561

Trust: 1.1

db:JVNDBid:JVNDB-2019-001545

Trust: 0.8

db:VULMONid:CVE-2019-7317

Trust: 0.1

db:PACKETSTORMid:154288

Trust: 0.1

db:PACKETSTORMid:153067

Trust: 0.1

db:PACKETSTORMid:154068

Trust: 0.1

db:PACKETSTORMid:153836

Trust: 0.1

db:PACKETSTORMid:154282

Trust: 0.1

db:PACKETSTORMid:152664

Trust: 0.1

sources: VULMON: CVE-2019-7317 // BID: 108098 // JVNDB: JVNDB-2019-001545 // PACKETSTORM: 154288 // PACKETSTORM: 153067 // PACKETSTORM: 154068 // PACKETSTORM: 153836 // PACKETSTORM: 154282 // PACKETSTORM: 152664 // NVD: CVE-2019-7317

REFERENCES

url:https://github.com/glennrp/libpng/issues/275

Trust: 1.4

url:https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803

Trust: 1.4

url:https://www.debian.org/security/2019/dsa-4435

Trust: 1.4

url:https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Trust: 1.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-7317

Trust: 1.4

url:https://usn.ubuntu.com/3962-1/

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2019:1269

Trust: 1.2

url:http://www.securityfocus.com/bid/108098

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2019:2495

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2019:2585

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2019:2590

Trust: 1.2

url:https://seclists.org/bugtraq/2019/apr/30

Trust: 1.1

url:http://packetstormsecurity.com/files/152561/slackware-security-advisory-libpng-updates.html

Trust: 1.1

url:https://seclists.org/bugtraq/2019/apr/36

Trust: 1.1

url:https://usn.ubuntu.com/3991-1/

Trust: 1.1

url:https://seclists.org/bugtraq/2019/may/56

Trust: 1.1

url:https://seclists.org/bugtraq/2019/may/59

Trust: 1.1

url:https://www.debian.org/security/2019/dsa-4448

Trust: 1.1

url:https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2019:1265

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2019:1267

Trust: 1.1

url:https://www.debian.org/security/2019/dsa-4451

Trust: 1.1

url:https://seclists.org/bugtraq/2019/may/67

Trust: 1.1

url:https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html

Trust: 1.1

url:https://usn.ubuntu.com/3997-1/

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2019:1310

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2019:1309

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2019:1308

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html

Trust: 1.1

url:https://security.netapp.com/advisory/ntap-20190719-0005/

Trust: 1.1

url:https://usn.ubuntu.com/4080-1/

Trust: 1.1

url:https://usn.ubuntu.com/4083-1/

Trust: 1.1

url:https://security.gentoo.org/glsa/201908-02

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2019:2494

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2019:2592

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2019:2737

Trust: 1.1

url:https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us&docid=emr_na-hpesbst03977en_us

Trust: 1.1

url:https://www.oracle.com/security-alerts/cpuapr2021.html

Trust: 1.1

url:https://www.oracle.com/security-alerts/cpuoct2021.html

Trust: 1.1

url:https://access.redhat.com/security/cve/cve-2019-7317

Trust: 0.7

url:https://access.redhat.com/articles/11258

Trust: 0.4

url:https://access.redhat.com/security/team/contact/

Trust: 0.4

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.4

url:https://bugzilla.redhat.com/):

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-2769

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-2816

Trust: 0.4

url:https://access.redhat.com/security/team/key/

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-2762

Trust: 0.4

url:https://bugzilla.redhat.com/show_bug.cgi?id=1672409

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-11775

Trust: 0.3

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-2786

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-2762

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-2769

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-11775

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-2816

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-11772

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-11772

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-2786

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/416.html

Trust: 0.1

url:https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921355

Trust: 0.1

url:https://tools.cisco.com/security/center/viewalert.x?alertid=59551

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-9816

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-9817

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#critical

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-18511

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-9820

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11698

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-11698

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-9797

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11691

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-9819

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-11692

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-9800

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-9817

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-9797

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-11693

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-5798

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11693

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-9819

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-18511

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-9816

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-9820

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11692

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-9800

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-11691

Trust: 0.1

url:https://www.mozilla.org/en-us/security/advisories/mfsa2019-14/

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-5798

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-2745

Trust: 0.1

url:https://usn.ubuntu.com/4080-1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-2842

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openjdk-8/8u222-b10-1ubuntu1~16.04.1

Trust: 0.1

url:https://security-tracker.debian.org/tracker/libpng1.6

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

sources: VULMON: CVE-2019-7317 // BID: 108098 // JVNDB: JVNDB-2019-001545 // PACKETSTORM: 154288 // PACKETSTORM: 153067 // PACKETSTORM: 154068 // PACKETSTORM: 153836 // PACKETSTORM: 154282 // PACKETSTORM: 152664 // NVD: CVE-2019-7317

CREDITS

Red Hat

Trust: 0.4

sources: PACKETSTORM: 154288 // PACKETSTORM: 153067 // PACKETSTORM: 154068 // PACKETSTORM: 154282

SOURCES

db:VULMONid:CVE-2019-7317
db:BIDid:108098
db:JVNDBid:JVNDB-2019-001545
db:PACKETSTORMid:154288
db:PACKETSTORMid:153067
db:PACKETSTORMid:154068
db:PACKETSTORMid:153836
db:PACKETSTORMid:154282
db:PACKETSTORMid:152664
db:NVDid:CVE-2019-7317

LAST UPDATE DATE

2024-12-25T23:01:24.460000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2019-7317date:2022-05-23T00:00:00
db:BIDid:108098date:2019-01-25T00:00:00
db:JVNDBid:JVNDB-2019-001545date:2022-07-05T03:02:00
db:NVDid:CVE-2019-7317date:2024-11-21T04:48:00.033

SOURCES RELEASE DATE

db:VULMONid:CVE-2019-7317date:2019-02-04T00:00:00
db:BIDid:108098date:2019-01-25T00:00:00
db:JVNDBid:JVNDB-2019-001545date:2019-03-14T00:00:00
db:PACKETSTORMid:154288date:2019-09-02T17:45:20
db:PACKETSTORMid:153067date:2019-05-23T16:56:40
db:PACKETSTORMid:154068date:2019-08-15T20:14:24
db:PACKETSTORMid:153836date:2019-07-31T14:59:30
db:PACKETSTORMid:154282date:2019-09-02T17:37:20
db:PACKETSTORMid:152664date:2019-04-29T17:22:22
db:NVDid:CVE-2019-7317date:2019-02-04T08:29:00.447