English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 61204 CVE descriptions
and 32582 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.63307
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-712-1 (vim)
Summary:Ubuntu USN-712-1 (vim)
Description:The remote host is missing an update to vim
announced via advisory USN-712-1.

Details follow:

Jan Minar discovered that Vim did not properly sanitize inputs before invoking
the execute or system functions inside Vim scripts. If a user were tricked
into running Vim scripts with a specially crafted input, an attacker could
execute arbitrary code with the privileges of the user invoking the program.
(CVE-2008-2712)

Ben Schmidt discovered that Vim did not properly escape characters when
performing keyword or tag lookups. If a user were tricked into running specially
crafted commands, an attacker could execute arbitrary code with the privileges
of the user invoking the program. (CVE-2008-4101)

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
vim 1:6.4-006+2ubuntu6.2
vim-runtime 1:6.4-006+2ubuntu6.2

Ubuntu 7.10:
vim 1:7.1-056+2ubuntu2.1
vim-runtime 1:7.1-056+2ubuntu2.1

Ubuntu 8.04 LTS:
vim 1:7.1-138+1ubuntu3.1
vim-runtime 1:7.1-138+1ubuntu3.1

Ubuntu 8.10:
vim 1:7.1.314-3ubuntu3.1
vim-runtime 1:7.1.314-3ubuntu3.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-712-1
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-2712
Bugtraq: 20080613 Collection of Vulnerabilities in Fully Patched Vim 7.1 (Google Search)
http://www.securityfocus.com/archive/1/archive/1/493352/100/0/threaded
Bugtraq: 20080701 Re: Collection of Vulnerabilities in Fully Patched Vim 7.1 (Google Search)
http://www.securityfocus.com/archive/1/archive/1/493353/100/0/threaded
Bugtraq: 20080811 rPSA-2008-0247-1 gvim vim vim-minimal (Google Search)
http://www.securityfocus.com/archive/1/archive/1/495319/100/0/threaded
http://marc.info/?l=bugtraq&m=121494431426308&w=2
Bugtraq: 20090401 VMSA-2009-0004 ESX Service Console updates for openssl, bind, and vim (Google Search)
http://www.securityfocus.com/archive/1/archive/1/502322/100/0/threaded
http://www.rdancer.org/vulnerablevim.html
http://www.openwall.com/lists/oss-security/2008/06/16/2
http://www.openwall.com/lists/oss-security/2008/10/15/1
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
http://www.mandriva.com/security/advisories?name=MDVSA-2008:236
http://www.redhat.com/support/errata/RHSA-2008-0617.html
http://www.redhat.com/support/errata/RHSA-2008-0580.html
http://www.redhat.com/support/errata/RHSA-2008-0618.html
SuSE Security Announcement: SUSE-SR:2009:007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html
http://www.ubuntu.com/usn/USN-712-1
BugTraq ID: 29715
http://www.securityfocus.com/bid/29715
BugTraq ID: 31681
http://www.securityfocus.com/bid/31681
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11109
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6238
http://secunia.com/advisories/34418
http://secunia.com/advisories/32858
http://secunia.com/advisories/32864
http://www.vupen.com/english/advisories/2008/1851/references
http://www.vupen.com/english/advisories/2008/2780
http://www.vupen.com/english/advisories/2009/0033
http://www.securitytracker.com/id?1020293
http://secunia.com/advisories/30731
http://secunia.com/advisories/32222
http://secunia.com/advisories/33410
http://securityreason.com/securityalert/3951
http://www.vupen.com/english/advisories/2009/0904
XForce ISS Database: vim-scripts-command-execution(43083)
http://xforce.iss.net/xforce/xfdb/43083
Common Vulnerability Exposure (CVE) ID: CVE-2008-4101
Bugtraq: 20080822 Vim: Arbitrary Code Execution in Commands: K, Control-], g] (Google Search)
http://www.securityfocus.com/archive/1/495662
Bugtraq: 20080825 RE: Arbitrary Code Execution in Commands: K, Control-], g] (Google Search)
http://www.securityfocus.com/archive/1/495703
http://www.openwall.com/lists/oss-security/2008/09/11/4
http://www.openwall.com/lists/oss-security/2008/09/11/3
http://www.openwall.com/lists/oss-security/2008/09/16/5
http://www.openwall.com/lists/oss-security/2008/09/16/6
http://ftp.vim.org/pub/vim/patches/7.2/7.2.010
http://groups.google.com/group/vim_dev/msg/9290f26f9bc11b33
http://groups.google.com/group/vim_dev/attach/9290f26f9bc11b33/K-arbitrary-command-execution.patch.v3?part=2
http://groups.google.com/group/vim_dev/attach/dd32ad3a84f36bb2/K-arbitrary-command-execution.patch?part=2
http://groups.google.com/group/vim_dev/browse_thread/thread/1434d0812b5c817e/6ad2d5b50a96668e
http://www.rdancer.org/vulnerablevim-K.html
BugTraq ID: 30795
http://www.securityfocus.com/bid/30795
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10894
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5812
http://secunia.com/advisories/31592
XForce ISS Database: vim-normal-command-execution(44626)
http://xforce.iss.net/xforce/xfdb/44626
Common Vulnerability Exposure (CVE) ID: CVE-2005-2090
Bugtraq: 20050606 A new whitepaper by Watchfire - HTTP Request Smuggling (Google Search)
http://seclists.org/lists/bugtraq/2005/Jun/0025.html
Bugtraq: 20080108 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1 (Google Search)
http://www.securityfocus.com/archive/1/archive/1/485938/100/0/threaded
Bugtraq: 20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1) (Google Search)
http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded
Bugtraq: 20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/archive/1/500396/100/0/threaded
http://lists.vmware.com/pipermail/security-announce/2008/000003.html
http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf
http://www.securiteam.com/securityreviews/5GP0220G0U.html
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
HPdes Security Advisory: HPSBUX02262
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
HPdes Security Advisory: SSRT071447
http://www.redhat.com/support/errata/RHSA-2007-0327.html
http://www.redhat.com/support/errata/RHSA-2007-0360.html
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
SuSE Security Announcement: SUSE-SR:2008:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
BugTraq ID: 25159
http://www.securityfocus.com/bid/25159
BugTraq ID: 13873
http://www.securityfocus.com/bid/13873
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10499
http://www.vupen.com/english/advisories/2007/2732
http://www.vupen.com/english/advisories/2007/3087
http://www.vupen.com/english/advisories/2007/3386
http://www.vupen.com/english/advisories/2008/0065
http://www.vupen.com/english/advisories/2008/1979/references
http://www.vupen.com/english/advisories/2009/0233
http://securitytracker.com/id?1014365
http://secunia.com/advisories/26235
http://secunia.com/advisories/26660
http://secunia.com/advisories/27037
http://secunia.com/advisories/28365
http://secunia.com/advisories/29242
http://secunia.com/advisories/30908
http://secunia.com/advisories/30899
http://secunia.com/advisories/33668
Common Vulnerability Exposure (CVE) ID: CVE-2005-3510
Bugtraq: 20051104 Apache Tomcat 5.5.x remote Denial Of Service (Google Search)
http://www.securityfocus.com/archive/1/archive/1/415782/30/0/threaded
http://www.redhat.com/support/errata/RHSA-2006-0161.html
BugTraq ID: 15325
http://www.securityfocus.com/bid/15325
http://www.osvdb.org/20439
http://securitytracker.com/id?1015147
http://secunia.com/advisories/17416
Common Vulnerability Exposure (CVE) ID: CVE-2006-3835
Bugtraq: 20070509 SEC Consult SA-20070509-0 :: Multiple vulnerabilites in Nokia Intellisync Mobile Suite & Wireless Email Express (Google Search)
http://www.securityfocus.com/archive/1/archive/1/468048/100/0/threaded
Bugtraq: 20091107 ToutVirtual VirtualIQ Multiple Vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/archive/1/507729/100/0/threaded
http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0467.html
http://www.sec-consult.com/289.html
http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt
SuSE Security Announcement: SUSE-SR:2009:004 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
BugTraq ID: 19106
http://www.securityfocus.com/bid/19106
http://secunia.com/advisories/37297
http://www.vupen.com/english/advisories/2007/1727
http://securitytracker.com/id?1016576
http://secunia.com/advisories/25212
XForce ISS Database: apache-tomcat-url-information-disclosure(27902)
http://xforce.iss.net/xforce/xfdb/27902
XForce ISS Database: nokia-tomcat-source-code-disclosure(34183)
http://xforce.iss.net/xforce/xfdb/34183
Common Vulnerability Exposure (CVE) ID: CVE-2006-7195
BugTraq ID: 28481
http://www.securityfocus.com/bid/28481
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10514
http://www.vupen.com/english/advisories/2007/1729
Common Vulnerability Exposure (CVE) ID: CVE-2006-7196
Bugtraq: 20070904 Apache tomcat calendar example cross site scripting and cross site request forgery vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/478491/100/0/threaded
Bugtraq: 20070905 Re: Apache tomcat calendar example cross site scripting and cross site request forgery vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/478609/100/0/threaded
BugTraq ID: 25531
http://www.securityfocus.com/bid/25531
http://osvdb.org/34888
Common Vulnerability Exposure (CVE) ID: CVE-2007-0450
http://security.gentoo.org/glsa/glsa-200705-03.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:241
SuSE Security Announcement: SUSE-SR:2007:005 (Google Search)
http://www.novell.com/linux/security/advisories/2007_5_sr.html
SuSE Security Announcement: SUSE-SR:2007:015 (Google Search)
http://www.novell.com/linux/security/advisories/2007_15_sr.html
BugTraq ID: 22960
http://www.securityfocus.com/bid/22960
Bugtraq: 20070314 SEC Consult SA-20070314-0 :: Apache HTTP Server / Tomcat directory traversal (Google Search)
http://www.securityfocus.com/archive/1/archive/1/462791/100/0/threaded
http://www.sec-consult.com/287.html
http://www.sec-consult.com/fileadmin/Advisories/20070314-0-apache_tomcat_directory_traversal.txt
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10643
http://www.vupen.com/english/advisories/2007/0975
http://secunia.com/advisories/24732
http://secunia.com/advisories/25106
http://secunia.com/advisories/25280
http://securityreason.com/securityalert/2446
XForce ISS Database: tomcat-proxy-directory-traversal(32988)
http://xforce.iss.net/xforce/xfdb/32988
Common Vulnerability Exposure (CVE) ID: CVE-2007-1355
Bugtraq: 20070519 [CVE-2007-1355] Tomcat documentation XSS vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/archive/1/469067/100/0/threaded
http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
RedHat Security Advisories: RHSA-2008:0630
http://rhn.redhat.com/errata/RHSA-2008-0630.html
BugTraq ID: 24058
http://www.securityfocus.com/bid/24058
http://osvdb.org/34875
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6111
http://www.vupen.com/english/advisories/2008/1981/references
http://secunia.com/advisories/27727
http://secunia.com/advisories/30802
http://secunia.com/advisories/31493
http://securityreason.com/securityalert/2722
XForce ISS Database: tomcat-hello-xss(34377)
http://xforce.iss.net/xforce/xfdb/34377
Common Vulnerability Exposure (CVE) ID: CVE-2007-1358
Bugtraq: 20070618 [CVE-2007-1358] Apache Tomcat XSS vulnerability in Accept-Language header processing (Google Search)
http://www.securityfocus.com/archive/1/archive/1/471719/100/0/threaded
http://jvn.jp/jp/JVN%2316535199/index.html
BugTraq ID: 24524
http://www.securityfocus.com/bid/24524
http://osvdb.org/34881
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10679
http://www.securitytracker.com/id?1018269
http://secunia.com/advisories/25721
Common Vulnerability Exposure (CVE) ID: CVE-2007-1858
SuSE Security Announcement: SUSE-SR:2008:007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html
BugTraq ID: 28482
http://www.securityfocus.com/bid/28482
http://secunia.com/advisories/44183
http://osvdb.org/34882
http://secunia.com/advisories/29392
XForce ISS Database: tomcat-ssl-security-bypass(34212)
http://xforce.iss.net/xforce/xfdb/34212
Common Vulnerability Exposure (CVE) ID: CVE-2007-2449
Bugtraq: 20070614 [CVE-2007-2449] Apache Tomcat XSS vulnerabilities in the JSP examples (Google Search)
http://www.securityfocus.com/archive/1/archive/1/471351/100/0/threaded
http://www.redhat.com/support/errata/RHSA-2007-0569.html
BugTraq ID: 24476
http://www.securityfocus.com/bid/24476
http://osvdb.org/36080
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10578
http://www.vupen.com/english/advisories/2007/2213
http://www.securitytracker.com/id?1018245
http://secunia.com/advisories/26076
http://securityreason.com/securityalert/2804
XForce ISS Database: tomcat-example-xss(34869)
http://xforce.iss.net/xforce/xfdb/34869
Common Vulnerability Exposure (CVE) ID: CVE-2007-2450
Bugtraq: 20070614 [CVE-2007-2450]: Apache Tomcat XSS vulnerability in Manager (Google Search)
http://www.securityfocus.com/archive/1/archive/1/471357/100/0/threaded
Debian Security Information: DSA-1468 (Google Search)
http://www.debian.org/security/2008/dsa-1468
http://jvn.jp/jp/JVN%2307100457/index.html
BugTraq ID: 24475
http://www.securityfocus.com/bid/24475
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11287
http://www.osvdb.org/36079
http://secunia.com/advisories/25678
http://secunia.com/advisories/28549
http://securityreason.com/securityalert/2813
XForce ISS Database: tomcat-hostmanager-xss(34868)
http://xforce.iss.net/xforce/xfdb/34868
Common Vulnerability Exposure (CVE) ID: CVE-2007-3382
Bugtraq: 20070814 CVE-2007-3382: Handling of cookies containing a ' character (Google Search)
http://www.securityfocus.com/archive/1/archive/1/476442/100/0/threaded
Bugtraq: 20070814 Re: CVE-2007-3382: Handling of cookies containing a ' character (Google Search)
http://www.securityfocus.com/archive/1/archive/1/476466/100/0/threaded
AIX APAR: IZ55562
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ55562
Debian Security Information: DSA-1447 (Google Search)
http://www.debian.org/security/2008/dsa-1447
Debian Security Information: DSA-1453 (Google Search)
http://www.debian.org/security/2008/dsa-1453
HPdes Security Advisory: HPSBTU02276
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01192554
HPdes Security Advisory: SSRT071472
http://www.redhat.com/support/errata/RHSA-2007-0871.html
http://www.redhat.com/support/errata/RHSA-2007-0950.html
http://www.redhat.com/support/errata/RHSA-2008-0195.html
CERT/CC vulnerability note: VU#993544
http://www.kb.cert.org/vuls/id/993544
BugTraq ID: 25316
http://www.securityfocus.com/bid/25316
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11269
http://secunia.com/advisories/36486
http://www.vupen.com/english/advisories/2007/2902
http://www.vupen.com/english/advisories/2007/3527
http://securitytracker.com/id?1018556
http://secunia.com/advisories/26466
http://secunia.com/advisories/26898
http://secunia.com/advisories/27267
http://secunia.com/advisories/28317
http://secunia.com/advisories/28361
XForce ISS Database: tomcat-quotecookie-information-disclosure(36006)
http://xforce.iss.net/xforce/xfdb/36006
Common Vulnerability Exposure (CVE) ID: CVE-2007-3385
Bugtraq: 20070814 CVE-2007-3385: Handling of \" in cookies (Google Search)
http://www.securityfocus.com/archive/1/archive/1/476444/100/0/threaded
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9549
http://securitytracker.com/id?1018557
http://securityreason.com/securityalert/3011
XForce ISS Database: tomcat-slashcookie-information-disclosure(35999)
http://xforce.iss.net/xforce/xfdb/35999
Common Vulnerability Exposure (CVE) ID: CVE-2007-3386
Bugtraq: 20070814 CVE-2007-3386: XSS in Host Manager (Google Search)
http://www.securityfocus.com/archive/1/archive/1/476448/100/0/threaded
http://jvn.jp/jp/JVN%2359851336/index.html
BugTraq ID: 25314
http://www.securityfocus.com/bid/25314
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10077
http://www.vupen.com/english/advisories/2007/2880
http://osvdb.org/36417
http://securitytracker.com/id?1018558
http://secunia.com/advisories/26465
http://securityreason.com/securityalert/3010
XForce ISS Database: tomcat-hostmanager-alias-xss(36001)
http://xforce.iss.net/xforce/xfdb/36001
Common Vulnerability Exposure (CVE) ID: CVE-2008-0128
BugTraq ID: 27365
http://www.securityfocus.com/bid/27365
http://www.vupen.com/english/advisories/2008/0192
http://secunia.com/advisories/28552
XForce ISS Database: apache-singlesignon-information-disclosure(39804)
http://xforce.iss.net/xforce/xfdb/39804
Common Vulnerability Exposure (CVE) ID: CVE-2008-3358
Bugtraq: 20090127 SAP NetWeaver XSS Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/500415/100/0/threaded
http://service.sap.com/sap/support/notes/1235253
http://www.csnc.ch/misc/files/advisories/CVE-2008-3358.txt
BugTraq ID: 33465
http://www.securityfocus.com/bid/33465
http://www.vupen.com/english/advisories/2009/0255
http://osvdb.org/51627
http://www.securitytracker.com/id?1021638
http://secunia.com/advisories/33685
XForce ISS Database: netweaver-unspecified-xss(48237)
http://xforce.iss.net/xforce/xfdb/48237
Common Vulnerability Exposure (CVE) ID: CVE-2009-0042
Bugtraq: 20090127 CA20090126-01: CA Anti-Virus Engine Detection Evasion Multiple Vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/archive/1/500417/100/0/threaded
BugTraq ID: 33464
http://www.securityfocus.com/bid/33464
http://www.vupen.com/english/advisories/2009/0270
http://www.securitytracker.com/id?1021639
XForce ISS Database: ca-antivirus-engine-security-bypass(48261)
http://xforce.iss.net/xforce/xfdb/48261
Common Vulnerability Exposure (CVE) ID: CVE-2009-0135
Bugtraq: 20090111 [TKADV2009-002] Amarok Integer Overflow and Unchecked Allocation Vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/archive/1/499984/100/0/threaded
http://openwall.com/lists/oss-security/2009/01/14/2
http://trapkit.de/advisories/TKADV2009-002.txt
Debian Security Information: DSA-1706 (Google Search)
http://www.debian.org/security/2009/dsa-1706
https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00708.html
http://security.gentoo.org/glsa/glsa-200903-34.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:030
SuSE Security Announcement: SUSE-SR:2009:003 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html
http://www.ubuntu.com/usn/USN-739-1
BugTraq ID: 33210
http://www.securityfocus.com/bid/33210
http://secunia.com/advisories/34315
http://secunia.com/advisories/34407
http://www.vupen.com/english/advisories/2009/0100
http://www.securitytracker.com/id?1021558
http://secunia.com/advisories/33505
http://secunia.com/advisories/33522
http://secunia.com/advisories/33640
http://secunia.com/advisories/33819
http://securityreason.com/securityalert/4915
Common Vulnerability Exposure (CVE) ID: CVE-2009-0136
Common Vulnerability Exposure (CVE) ID: CVE-2008-5347
http://security.gentoo.org/glsa/glsa-200911-02.xml
HPdes Security Advisory: HPSBUX02411
http://marc.info/?l=bugtraq&m=123678756409861&w=2
HPdes Security Advisory: SSRT080111
RedHat Security Advisories: RHSA-2008:1018
http://rhn.redhat.com/errata/RHSA-2008-1018.html
http://www.redhat.com/support/errata/RHSA-2009-0015.html
http://sunsolve.sun.com/search/document.do?assetkey=1-26-246366-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019798.1-1
SuSE Security Announcement: SUSE-SR:2009:006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html
Cert/CC Advisory: TA08-340A
http://www.us-cert.gov/cas/techalerts/TA08-340A.html
BugTraq ID: 32608
http://www.securityfocus.com/bid/32608
http://osvdb.org/50506
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5633
http://secunia.com/advisories/34233
http://secunia.com/advisories/34259
http://secunia.com/advisories/37386
http://secunia.com/advisories/38539
http://www.vupen.com/english/advisories/2008/3339
http://www.securitytracker.com/id?1021307
http://secunia.com/advisories/32991
http://secunia.com/advisories/33015
http://secunia.com/advisories/33709
http://secunia.com/advisories/33528
http://www.vupen.com/english/advisories/2009/0672
XForce ISS Database: jre-jaxws-jaxb-privilege-escalation(47068)
http://xforce.iss.net/xforce/xfdb/47068
Common Vulnerability Exposure (CVE) ID: CVE-2008-5348
RedHat Security Advisories: RHSA-2008:1025
http://rhn.redhat.com/errata/RHSA-2008-1025.html
http://www.redhat.com/support/errata/RHSA-2009-0016.html
http://www.redhat.com/support/errata/RHSA-2009-0445.html
RedHat Security Advisories: RHSA-2009:0466
https://rhn.redhat.com/errata/RHSA-2009-0466.html
http://sunsolve.sun.com/search/document.do?assetkey=1-26-246346-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019797.1-1
SuSE Security Announcement: SUSE-SA:2009:007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html
SuSE Security Announcement: SUSE-SA:2009:018 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00004.html
SuSE Security Announcement: SUSE-SR:2009:010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
http://osvdb.org/50505
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6549
http://secunia.com/advisories/33710
http://secunia.com/advisories/34605
http://secunia.com/advisories/34889
http://secunia.com/advisories/35065
http://secunia.com/advisories/34972
Common Vulnerability Exposure (CVE) ID: CVE-2008-5349
HPdes Security Advisory: HPSBMA02429
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133
HPdes Security Advisory: SSRT090058
HPdes Security Advisory: HPSBUX02429
http://www.securityfocus.com/archive/1/archive/1/504010/100/0/threaded
http://sunsolve.sun.com/search/document.do?assetkey=1-26-246286-1
SuSE Security Announcement: SUSE-SR:2009:016 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
SuSE Security Announcement: SUSE-SR:2009:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
http://osvdb.org/50504
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5843
http://secunia.com/advisories/35255
http://www.securitytracker.com/id?1021309
http://www.vupen.com/english/advisories/2009/1426
XForce ISS Database: sun-jre-rsa-dos(47064)
http://xforce.iss.net/xforce/xfdb/47064
Common Vulnerability Exposure (CVE) ID: CVE-2008-5350
http://sunsolve.sun.com/search/document.do?assetkey=1-26-246266-1
http://osvdb.org/50503
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6424
http://www.securitytracker.com/id?1021310
Common Vulnerability Exposure (CVE) ID: CVE-2008-5351
http://www.redhat.com/support/errata/RHSA-2009-0369.html
http://sunsolve.sun.com/search/document.do?assetkey=1-26-245246-1
http://osvdb.org/50502
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6212
http://www.securitytracker.com/id?1021311
http://secunia.com/advisories/34447
Common Vulnerability Exposure (CVE) ID: CVE-2008-5352
http://sunsolve.sun.com/search/document.do?assetkey=1-26-244992-1
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=759
http://osvdb.org/50501
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6383
http://www.securitytracker.com/id?1021312
Common Vulnerability Exposure (CVE) ID: CVE-2008-5353
Bugtraq: 20090524 Hardening OSX against CVE-2008-5353 (Google Search)
http://www.securityfocus.com/archive/1/archive/1/503797/100/0/threaded
http://blog.cr0.org/2009/05/write-once-own-everyone.html
http://landonf.bikemonkey.org/code/macosx/CVE-2008-5353.20090519.html
http://sunsolve.sun.com/search/document.do?assetkey=1-26-244991-1
http://osvdb.org/50500
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6511
http://www.securitytracker.com/id?1021313
http://secunia.com/advisories/35118
http://www.vupen.com/english/advisories/2009/1391
Common Vulnerability Exposure (CVE) ID: CVE-2008-5354
http://www.ximido.de/research/advisories/SM_Java-BO_200811.txt
http://sunsolve.sun.com/search/document.do?assetkey=1-26-244990-1
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6537
XForce ISS Database: jre-commandline-privilege-escalation(47060)
http://xforce.iss.net/xforce/xfdb/47060
Common Vulnerability Exposure (CVE) ID: CVE-2008-5358
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=758
http://sunsolve.sun.com/search/document.do?assetkey=1-26-244987-1
http://osvdb.org/50515
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6319
http://secunia.com/advisories/33187
XForce ISS Database: jre-gif-images-privilege-escalation(47049)
http://xforce.iss.net/xforce/xfdb/47049
Common Vulnerability Exposure (CVE) ID: CVE-2008-5359
http://www.zerodayinitiative.com/advisories/ZDI-08-080/
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5841
XForce ISS Database: jre-image-processing-privilege-escalation(47048)
http://xforce.iss.net/xforce/xfdb/47048
Common Vulnerability Exposure (CVE) ID: CVE-2008-5360
http://sunsolve.sun.com/search/document.do?assetkey=1-26-244986-1
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6596
http://www.securitytracker.com/id?1021316
XForce ISS Database: jre-guessable-file-unauth-access(47045)
http://xforce.iss.net/xforce/xfdb/47045
CopyrightCopyright (c) 2009 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.