OVAL Definitions - Source: Mitre

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service (infinite recursion) via an i... oval:org.mitre.oval:def:9420 Vulnerability unix
libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' character in a domain name in the subject's (1) Common ... oval:org.mitre.oval:def:10778 Vulnerability unix
libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexis... oval:org.mitre.oval:def:11172 Vulnerability unix
liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service (program termination) via ... oval:org.mitre.oval:def:10662 Vulnerability unix
libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attacker... oval:org.mitre.oval:def:10326 Vulnerability unix
libpng buffer overflow oval:org.mitre.oval:def:7709 Vulnerability windows
Libpng Library Uninitialized Pointer Arrays Memory Corruption Vulnerability oval:org.mitre.oval:def:6458 Vulnerability unix
libpng Malformed PNG Image Vulnerability oval:org.mitre.oval:def:971 Vulnerability unix
libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not properly parse nick... oval:org.mitre.oval:def:11485 Vulnerability unix
libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not properly parse nick... oval:org.mitre.oval:def:18230 Vulnerability windows
libpurple in Pidgin before 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's bu... oval:org.mitre.oval:def:18261 Vulnerability windows
libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML logging, allows remote attackers to cause a denial of service (... oval:org.mitre.oval:def:18357 Vulnerability windows
libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which... oval:org.mitre.oval:def:18506 Vulnerability windows
libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers ... oval:org.mitre.oval:def:11379 Vulnerability unix
libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly ... oval:org.mitre.oval:def:11178 Vulnerability unix
Library-loading vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 oval:org.mitre.oval:def:12262 Vulnerability windows
Library-loading vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 oval:org.mitre.oval:def:12555 Vulnerability windows
LibreOffice is installed oval:org.mitre.oval:def:27910 Inventory windows
LibTIFF 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability oval:org.mitre.oval:def:7049 Vulnerability windows
LibTIFF Buffer Underflow in Decoding LZW Data Lets Remote Users Execute Arbitrary Code oval:org.mitre.oval:def:5514 Vulnerability unix
libtiff Directory Entry Count Integer Overflow Vulnerability oval:org.mitre.oval:def:100117 Vulnerability unix
libtiff Malloc Error Denial of Service oval:org.mitre.oval:def:100116 Vulnerability unix
libtiff RLE Decoder Buffer Overflow Vulnerabilities oval:org.mitre.oval:def:100114 Vulnerability unix
libtiff tif_dirread divide-by-zero Denial of Service oval:org.mitre.oval:def:100115 Vulnerability unix
libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null ... oval:org.mitre.oval:def:10994 Vulnerability unix
libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF f... oval:org.mitre.oval:def:9314 Vulnerability unix
libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of servi... oval:org.mitre.oval:def:10570 Vulnerability unix
libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 and other products, allows context-dependent atta... oval:org.mitre.oval:def:9506 Vulnerability unix
libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allow... oval:org.mitre.oval:def:9812 Vulnerability unix
Libxml2 Heap Overflow in xmlParseAttValueComplex() Lets Remote Users Execute Arbitrary Code oval:org.mitre.oval:def:6103 Vulnerability unix

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html