OVAL Definitions - Family: unix

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and S... oval:org.mitre.oval:def:9763 Vulnerability unix
The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly ot... oval:org.mitre.oval:def:10996 Vulnerability unix
The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x before 2.0.0.4, and possibly earlier version... oval:org.mitre.oval:def:11208 Vulnerability unix
The Form Fill feature in Firefox before 1.0.1 allows remote attackers to steal potentially sensitive information via an ... oval:org.mitre.oval:def:10825 Vulnerability unix
The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a... oval:org.mitre.oval:def:9020 Vulnerability unix
The Free Software Foundation (FSF) Berkeley DB NSS module (aka libnss-db) 2.2.3pre1 reads the DB_CONFIG file in the curr... oval:org.mitre.oval:def:10727 Vulnerability unix
The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows loca... oval:org.mitre.oval:def:10265 Vulnerability unix
The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and 2.x before 2.0.0.3 allows remote attackers to for... oval:org.mitre.oval:def:11431 Vulnerability unix
The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers... oval:org.mitre.oval:def:10646 Vulnerability unix
The FTP service should be enabled or disabled as appropriate. oval:gov.irs.sol10:def:40 Compliance unix
The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel before 2.6.32-rc7 might allow at... oval:org.mitre.oval:def:10516 Vulnerability unix
The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a den... oval:org.mitre.oval:def:11292 Vulnerability unix
The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey befor... oval:org.mitre.oval:def:11080 Vulnerability unix
The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash)... oval:org.mitre.oval:def:9728 Vulnerability unix
The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to ... oval:org.mitre.oval:def:11806 Vulnerability unix
The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to ... oval:org.mitre.oval:def:10325 Vulnerability unix
The GDM daemon in GNOME Display Manager (GDM) before 2.14.13, 2.16.x before 2.16.7, 2.18.x before 2.18.4, and 2.19.x bef... oval:org.mitre.oval:def:10887 Vulnerability unix
The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption)... oval:org.mitre.oval:def:10779 Vulnerability unix
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multipl... oval:org.mitre.oval:def:10844 Vulnerability unix
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 32-bit systems, performs a multipl... oval:org.mitre.oval:def:10644 Vulnerability unix
The Generic Security Service daemons should be enabled or disabled as appropriate oval:gov.irs.sol10:def:18 Compliance unix
The generic_file_splice_write function in fs/splice.c in the Linux kernel before 2.6.19 does not properly strip setuid a... oval:org.mitre.oval:def:9980 Vulnerability unix
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending... oval:org.mitre.oval:def:11337 Vulnerability unix
The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote a... oval:org.mitre.oval:def:9474 Vulnerability unix
The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random nu... oval:org.mitre.oval:def:11168 Vulnerability unix
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier ... oval:org.mitre.oval:def:10207 Vulnerability unix
The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kerne... oval:org.mitre.oval:def:11392 Vulnerability unix
The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application cr... oval:org.mitre.oval:def:10883 Vulnerability unix
The GNOME automounter (gnome-volume-manager) should be enabled or disabled as appropriate oval:gov.irs.rhel5:def:14 Compliance unix
The GNOME logon service should be enabled or disabled as appropriate oval:gov.irs.sol10:def:3 Compliance unix

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html