OVAL Definitions - Family: unix

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
The tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, allows remote attackers to cause... oval:org.mitre.oval:def:9816 Vulnerability unix
The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (crash) via a crafted TI... oval:org.mitre.oval:def:11184 Vulnerability unix
The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafte... oval:org.mitre.oval:def:9572 Vulnerability unix
The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote a... oval:org.mitre.oval:def:9111 Vulnerability unix
The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote a... oval:org.mitre.oval:def:11686 Vulnerability unix
The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote a... oval:org.mitre.oval:def:11377 Vulnerability unix
The time_out_leases function in locks.c for Linux kernel before 2.6.15-rc3 allows local users to cause a denial of servi... oval:org.mitre.oval:def:9727 Vulnerability unix
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS... oval:org.mitre.oval:def:10088 Vulnerability unix
The tooltalk service should be enabled or disabled as appropriate oval:gov.irs.sol10:def:1 Compliance unix
the top(1) command has a security defect. oval:org.mitre.oval:def:5194 Vulnerability unix
The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly... oval:org.mitre.oval:def:9832 Vulnerability unix
The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) snb_ru_init, (4) spe... oval:org.mitre.oval:def:9343 Vulnerability unix
The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows r... oval:org.mitre.oval:def:11372 Vulnerability unix
The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel befo... oval:org.mitre.oval:def:9142 Vulnerability unix
The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a d... oval:org.mitre.oval:def:10041 Vulnerability unix
The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvb_net.c in dvb-core in Linux kernel 2.6.33 and earli... oval:org.mitre.oval:def:10569 Vulnerability unix
The Unidirectional Lightweight Encapsulation (ULE) decapsulation component in dvb-core/dvb_net.c in the dvb driver in th... oval:org.mitre.oval:def:9775 Vulnerability unix
The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denia... oval:org.mitre.oval:def:10796 Vulnerability unix
The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and o... oval:org.mitre.oval:def:11019 Vulnerability unix
The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and o... oval:org.mitre.oval:def:10676 Vulnerability unix
The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and o... oval:org.mitre.oval:def:10671 Vulnerability unix
The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of ... oval:org.mitre.oval:def:9076 Vulnerability unix
The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the ... oval:org.mitre.oval:def:11510 Vulnerability unix
The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service (system h... oval:org.mitre.oval:def:9447 Vulnerability unix
The vacation program erroneously passes parameters to sendmail. oval:org.mitre.oval:def:5931 Vulnerability unix
The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the "localhost.local... oval:org.mitre.oval:def:11499 Vulnerability unix
The VFAT compat ioctls in the Linux kernel before 2.6.21.2, when run on a 64-bit system, allow local users to corrupt a ... oval:org.mitre.oval:def:11674 Vulnerability unix
The Vicam USB driver in Linux before 2.4.25 does not use the copy_from_user function when copying data from userspace to... oval:org.mitre.oval:def:9948 Vulnerability unix
The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implem... oval:org.mitre.oval:def:10972 Vulnerability unix
The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL... oval:org.mitre.oval:def:10940 Vulnerability unix

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html