OVAL Definitions - Family: unix

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
The install function in Firefox 1.0.3 allows remote web sites on the browser's whitelist, such as update.mozilla.org or ... oval:org.mitre.oval:def:9231 Vulnerability unix
The installation confirmation dialog in Firefox before 1.0.1, Thunderbird before 1.0.1, and Mozilla before 1.7.6 allows ... oval:org.mitre.oval:def:10010 Vulnerability unix
The InstallTrigger.install method in Firefox before 1.0.5 and Mozilla before 1.7.9 allows remote attackers to execute a ... oval:org.mitre.oval:def:11629 Vulnerability unix
The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attacker... oval:org.mitre.oval:def:9650 Vulnerability unix
The Internationalized Domain Names (IDN) blacklist in Mozilla Firefox 3.0.6 and other versions before 3.0.9; Thunderbird... oval:org.mitre.oval:def:11396 Vulnerability unix
The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attacker... oval:org.mitre.oval:def:11229 Vulnerability unix
The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and ... oval:org.mitre.oval:def:10824 Vulnerability unix
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership rep... oval:org.mitre.oval:def:10736 Vulnerability unix
The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when ru... oval:org.mitre.oval:def:9857 Vulnerability unix
The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows remote attackers to cause a denial of s... oval:org.mitre.oval:def:11732 Vulnerability unix
The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-depen... oval:org.mitre.oval:def:9930 Vulnerability unix
The ip6_dst_lookup_tail function in net/ipv6/ip6_output.c in the Linux kernel before 2.6.27 does not properly handle cer... oval:org.mitre.oval:def:10061 Vulnerability unix
The IPP listener should be enabled or disabled as appropriate. oval:gov.irs.sol10:def:48 Compliance unix
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request ... oval:org.mitre.oval:def:9631 Vulnerability unix
The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a ... oval:org.mitre.oval:def:10549 Vulnerability unix
The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitr... oval:org.mitre.oval:def:10078 Vulnerability unix
The ipt_recent kernel module (ipt_recent.c) in Linux kernel 2.6.12 and earlier does not properly perform certain time te... oval:org.mitre.oval:def:9838 Vulnerability unix
The ipt_recent kernel module (ipt_recent.c) in Linux kernel before 2.6.12, when running on 64-bit processors such as AMD... oval:org.mitre.oval:def:11394 Vulnerability unix
The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the... oval:org.mitre.oval:def:9903 Vulnerability unix
The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR... oval:org.mitre.oval:def:9574 Vulnerability unix
The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a de... oval:org.mitre.oval:def:11380 Vulnerability unix
The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users t... oval:org.mitre.oval:def:10015 Vulnerability unix
The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-b... oval:org.mitre.oval:def:11083 Vulnerability unix
The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST... oval:org.mitre.oval:def:10317 Vulnerability unix
The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Ga... oval:org.mitre.oval:def:9185 Vulnerability unix
The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers to cause a denial of service (infinite loop). oval:org.mitre.oval:def:10616 Vulnerability unix
The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on ... oval:org.mitre.oval:def:9698 Vulnerability unix
The isakmp_info_recv function in src/racoon/isakmp_inf.c in racoon in Ipsec-tools before 0.6.7 allows remote attackers t... oval:org.mitre.oval:def:10504 Vulnerability unix
The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a cr... oval:org.mitre.oval:def:10971 Vulnerability unix
The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a den... oval:org.mitre.oval:def:10159 Vulnerability unix

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html