OVAL Definitions - Family: unix

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
The xinetd package should not be installed oval:org.fedoraproject.f13:def:130 Compliance unix
The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requ... oval:org.mitre.oval:def:10372 Vulnerability unix
The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity refere... oval:org.mitre.oval:def:9847 Vulnerability unix
The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (in... oval:org.mitre.oval:def:11594 Vulnerability unix
The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and Sea... oval:org.mitre.oval:def:9375 Vulnerability unix
The XMLRPC server in utils.rb for the ruby library (libruby) 1.8 sets an invalid default value that prevents "security p... oval:org.mitre.oval:def:10819 Vulnerability unix
The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attem... oval:org.mitre.oval:def:11223 Vulnerability unix
The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the... oval:org.mitre.oval:def:9669 Vulnerability unix
The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMon... oval:org.mitre.oval:def:9679 Vulnerability unix
The XPConnect component in Mozilla Firefox before 2.0.0.17 allows remote attackers to "pollute XPCNativeWrappers" and ex... oval:org.mitre.oval:def:9529 Vulnerability unix
The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x be... oval:org.mitre.oval:def:9789 Vulnerability unix
The XPInstall installer in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 ... oval:org.mitre.oval:def:11668 Vulnerability unix
The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application cr... oval:org.mitre.oval:def:10327 Vulnerability unix
The Xserver was built incorrectly for HP-UX 11.22. oval:org.mitre.oval:def:5765 Vulnerability unix
The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attr... oval:org.mitre.oval:def:11803 Vulnerability unix
The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a de... oval:org.mitre.oval:def:11667 Vulnerability unix
The ypserv package should not be installed oval:gov.irs.rhel5:def:138 Compliance unix
The ypserv package should not be installed oval:org.fedoraproject.f13:def:138 Compliance unix
The z90crypt_unlocked_ioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perform a capability chec... oval:org.mitre.oval:def:9513 Vulnerability unix
The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (sta... oval:org.mitre.oval:def:11017 Vulnerability unix
The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows cont... oval:org.mitre.oval:def:11092 Vulnerability unix
The zlib_inflate function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via a malformed ... oval:org.mitre.oval:def:10588 Vulnerability unix
The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) in D-Bus (aka DBus) before 1.2.14 uses incor... oval:org.mitre.oval:def:10308 Vulnerability unix
The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not pro... oval:org.mitre.oval:def:11199 Vulnerability unix
The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 contin... oval:org.mitre.oval:def:9519 Vulnerability unix
The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4... oval:org.mitre.oval:def:10935 Vulnerability unix
The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate... oval:org.mitre.oval:def:11650 Vulnerability unix
The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the... oval:org.mitre.oval:def:10365 Vulnerability unix
The __block_prepare_write function in fs/buffer.c for Linux kernel 2.6.x before 2.6.13 does not properly clear buffers d... oval:org.mitre.oval:def:11701 Vulnerability unix
The __qdisc_run function in net/sched/sch_generic.c in the Linux kernel before 2.6.25 on SMP machines allows local users... oval:org.mitre.oval:def:9385 Vulnerability unix

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html