OVAL Definitions - Class: Vulnerability

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly si... oval:org.mitre.oval:def:11541 Vulnerability unix
SSL and TLS Protocols Vulnerability oval:org.mitre.oval:def:14752 Vulnerability windows
SSL connection infinite loop oval:org.apache.httpd:def:20040748 Vulnerability
SSL Server X.509 Certificate Spoofing Vulnerability in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbir... oval:org.mitre.oval:def:12254 Vulnerability windows
SSL spoofing vulnerability using a crafted web site in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13 and SeaMonk... oval:org.mitre.oval:def:12512 Vulnerability windows
ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and... oval:org.mitre.oval:def:11179 Vulnerability unix
SSLCipherSuite bypass oval:org.apache.httpd:def:20040885 Vulnerability
SSLVerifyClient bypass oval:org.apache.httpd:def:20052700 Vulnerability
ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configura... oval:org.mitre.oval:def:10416 Vulnerability unix
Stack based buffer overflow vulnerability in Novell File Reporter (NFR) before 1.0.2 oval:org.mitre.oval:def:12064 Vulnerability windows
Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context... oval:org.mitre.oval:def:10129 Vulnerability unix
Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Saf... oval:org.mitre.oval:def:14301 Vulnerability windows
Stack consumption vulnerability in the ChildProcessSecurityPolicy::CanRequestURL function in browser/child_process_secur... oval:org.mitre.oval:def:14097 Vulnerability windows
Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark 1.2.x through 1.2.1... oval:org.mitre.oval:def:14724 Vulnerability windows
Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector... oval:org.mitre.oval:def:14607 Vulnerability windows
Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other v... oval:org.mitre.oval:def:9996 Vulnerability unix
Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, whe... oval:org.mitre.oval:def:9939 Vulnerability unix
Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcu... oval:org.mitre.oval:def:9810 Vulnerability unix
Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote N... oval:org.mitre.oval:def:9634 Vulnerability unix
Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attacke... oval:org.mitre.oval:def:9557 Vulnerability unix
Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library... oval:org.mitre.oval:def:9379 Vulnerability unix
Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, ... oval:org.mitre.oval:def:9348 Vulnerability unix
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbit... oval:org.mitre.oval:def:9257 Vulnerability unix
Stack-based buffer overflow in filter\starcalc\scflt.cxx in the StarCalc parser in OpenOffice.org (OOo) Office Suite bef... oval:org.mitre.oval:def:8968 Vulnerability unix
Stack-based buffer overflow in UltraPlayer Media Player 2.112 oval:org.mitre.oval:def:7438 Vulnerability windows
Stack-based buffer overflow in muxatmd. oval:org.mitre.oval:def:6402 Vulnerability unix
Stack-based buffer overflow in the TEA decoding algorithm in Rhino Software Serv-U oval:org.mitre.oval:def:6142 Vulnerability windows
Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to execute arbitrary code via a long -o co... oval:org.mitre.oval:def:11722 Vulnerability unix
Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.... oval:org.mitre.oval:def:11579 Vulnerability unix
Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logon... oval:org.mitre.oval:def:11572 Vulnerability unix

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html