SCAP Feed Release: 04-May-2016

  • Post author:
  • Reading time:48 mins read

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update.

oval:org.secpod.oval:def:34188 CVE-2016-2807, Memory corruption vulnerability in Mozilla Firefox and Firefox ESR via unknown vectors – CVE-2016-2807
oval:org.secpod.oval:def:34198 CVE-2016-2814,
MFSA2016-44,
Heap buffer overflow vulnerability in Mozilla Firefox and Firefox ESR – MFSA2016-44
oval:org.secpod.oval:def:34199 CVE-2016-2816, Cross-site scripting (XSS) vulnerability in Mozilla Firefox via web content – CVE-2016-2816
oval:org.secpod.oval:def:34200 CVE-2016-2816,
MFSA2016-45,
Cross-site scripting (XSS) vulnerability in Mozilla Firefox via web content – MFSA2016-45
oval:org.secpod.oval:def:34201 CVE-2016-2817, Cross-site scripting (XSS) vulnerability in Mozilla Firefox via a malicious web extension – CVE-2016-2817
oval:org.secpod.oval:def:34202 CVE-2016-2817,
MFSA2016-46,
Cross-site scripting (XSS) vulnerability in Mozilla Firefox via a malicious web extension – MFSA2016-46
oval:org.secpod.oval:def:34189 cpe:/a:mozilla:firefox_esr:::x64, Mozilla Firefox ESR (64 bit) is installed
oval:org.secpod.oval:def:34203 CVE-2016-2808, Arbitrary code execution vulnerability in Mozilla Firefox and Firefox ESR via a malicious page – CVE-2016-2808
oval:org.secpod.oval:def:34204 CVE-2016-2808,
MFSA2016-47,
Arbitrary code execution vulnerability in Mozilla Firefox and Firefox ESR via a malicious page – MFSA2016-47
oval:org.secpod.oval:def:34205 CVE-2016-2820, Cross-site scripting (XSS) vulnerability in Mozilla Firefox via a malicious web extension – CVE-2016-2820
oval:org.secpod.oval:def:34206 CVE-2016-2820,
MFSA2016-48,
Cross-site scripting (XSS) vulnerability in Mozilla Firefox via a malicious web extension – MFSA2016-48
oval:org.secpod.oval:def:34190 CVE-2016-2806, Memory corruption vulnerability in Mozilla Firefox and Firefox ESR via unknown vectors – CVE-2016-2806
oval:org.secpod.oval:def:34191 CVE-2016-2804, Memory corruption vulnerability in Mozilla Firefox via unknown vectors – CVE-2016-2804
oval:org.secpod.oval:def:34192 CVE-2016-2805, Memory corruption vulnerability in Mozilla Firefox ESR via unknown vectors – CVE-2016-2805
oval:org.secpod.oval:def:34193 CVE-2016-2804,
CVE-2016-2805,
CVE-2016-2806,
CVE-2016-2807,
MFSA2016-39,
Multiple memory corruption vulnerabilities in Mozilla Firefox and Firefox ESR – MFSA2016-39
oval:org.secpod.oval:def:34194 CVE-2016-2811, Use-after-free vulnerability in Mozilla Firefox via unknown vectors – CVE-2016-2811
oval:org.secpod.oval:def:34195 CVE-2016-2812, Buffer overflow vulnerability in Mozilla Firefox via unknown vectors – CVE-2016-2812
oval:org.secpod.oval:def:34196 CVE-2016-2811,
CVE-2016-2812,
MFSA2016-42,
Multiple vulnerabilities in Mozilla Firefox via unknown vectors – MFSA2016-42
oval:org.secpod.oval:def:34197 CVE-2016-2814, Heap buffer overflow vulnerability in Mozilla Firefox and Firefox ESR via web content – CVE-2016-2814
oval:org.secpod.oval:def:34209 CVE-2016-1111, Double free vulnerability in Adobe Acrobat and Reader products via a crafted Graphics State dictionary (Mac OS X)
oval:org.secpod.oval:def:34210 CVE-2016-1111, Double free vulnerability in Adobe Acrobat and Reader products via a crafted Graphics State dictionary
oval:org.secpod.oval:def:34212 CVE-2016-4415, Denial of service vulnerability in the Ixia IxVeriWave file parser in Wireshark via a crafted file
oval:org.secpod.oval:def:34213 CVE-2016-4416, Denial of service vulnerability in the IEEE 802.11 dissector in Wireshark via a crafted packet
oval:org.secpod.oval:def:34211 CVE-2016-4417, Denial of service vulnerability in the GSM A-bis OML dissector in Wireshark via a crafted packet
oval:org.secpod.oval:def:34214 CVE-2016-4418, Denial of service vulnerability in the ASN.1 BER dissector in Wireshark via a crafted packet
oval:org.secpod.oval:def:34215 CVE-2016-4419, Denial of service vulnerability in the SPICE dissector in Wireshark via a crafted packet
oval:org.secpod.oval:def:34216 CVE-2016-4420, Denial of service vulnerability in the NFS dissector in Wireshark via a crafted packet
oval:org.secpod.oval:def:34217 CVE-2016-4421, Denial of service vulnerability in the ASN.1 BER dissector in Wireshark via a packet that specifies deeply nested data
oval:org.secpod.oval:def:34219 CVE-2016-4415, Denial of service vulnerability in the Ixia IxVeriWave file parser in Wireshark via a crafted file (Mac)
oval:org.secpod.oval:def:34220 CVE-2016-4416, Denial of service vulnerability in the IEEE 802.11 dissector in Wireshark via a crafted packet (Mac)
oval:org.secpod.oval:def:34218 CVE-2016-4417, Denial of service vulnerability in the GSM A-bis OML dissector in Wireshark via a crafted packet (Mac)
oval:org.secpod.oval:def:34221 CVE-2016-4418, Denial of service vulnerability in the ASN.1 BER dissector in Wireshark via a crafted packet (Mac)
oval:org.secpod.oval:def:34222 CVE-2016-4419, Denial of service vulnerability in the SPICE dissector in Wireshark via a crafted packet (Mac)
oval:org.secpod.oval:def:34223 CVE-2016-4420, Denial of service vulnerability in the NFS dissector in Wireshark via a crafted packet (Mac)
oval:org.secpod.oval:def:34224 CVE-2016-4421, Denial of service vulnerability in the ASN.1 BER dissector in Wireshark via a packet that specifies deeply nested data (Mac)
oval:org.secpod.oval:def:34225 CVE-2016-2807, Memory corruption vulnerability in Mozilla Firefox and Firefox ESR via unknown vectors – CVE-2016-2807 (Mac OS X)
oval:org.secpod.oval:def:34234 CVE-2016-2814,
MFSA2016-44,
Heap buffer overflow vulnerability in Mozilla Firefox and Firefox ESR – MFSA2016-44 (Mac OS X)
oval:org.secpod.oval:def:34235 CVE-2016-2816, Cross-site scripting (XSS) vulnerability in Mozilla Firefox via the multipart/x-mixed-replace content type (Mac OS X)
oval:org.secpod.oval:def:34236 CVE-2016-2816,
MFSA2016-45,
Cross-site scripting (XSS) vulnerability in Mozilla Firefox via web content – MFSA2016-45 (Mac OS X)
oval:org.secpod.oval:def:34237 CVE-2016-2817, Universal cross-site scripting (XSS) vulnerability in Mozilla Firefox via a crafted extension that accesses a javascript: or data: URL (Mac OS X)
oval:org.secpod.oval:def:34238 CVE-2016-2817,
MFSA2016-46,
Universal cross-site scripting (XSS) vulnerability in Mozilla Firefox – MFSA2016-46 (Mac OS X)
oval:org.secpod.oval:def:34239 CVE-2016-2808, Arbitrary code execution vulnerability in Mozilla Firefox and Firefox ESR via a crafted web site – CVE-2016-2808 (Mac OS X)
oval:org.secpod.oval:def:34240 CVE-2016-2808,
MFSA2016-47,
Arbitrary code execution vulnerability in Mozilla Firefox and Firefox ESR via a crafted web site – MFSA2016-47 (Mac OS X)
oval:org.secpod.oval:def:34241 CVE-2016-2820, Cross-site scripting (XSS) vulnerability in Mozilla Firefox by leveraging access to the remote-report IFRAME element – CVE-2016-2820 (Mac OS X)
oval:org.secpod.oval:def:34242 CVE-2016-2820,
MFSA2016-48,
Cross-site scripting (XSS) vulnerability in Mozilla Firefox by leveraging access to the remote-report IFRAME element – MFSA2016-48 (Mac OS X)
oval:org.secpod.oval:def:34226 CVE-2016-2806, Memory corruption vulnerability in Mozilla Firefox and Firefox ESR via unknown vectors – CVE-2016-2806 (Mac OS X)
oval:org.secpod.oval:def:34227 CVE-2016-2804, Memory corruption vulnerability in Mozilla Firefox via unknown vectors – CVE-2016-2804 (Mac OS X)
oval:org.secpod.oval:def:34228 CVE-2016-2805, Memory corruption vulnerability in Mozilla Firefox ESR via unknown vectors – CVE-2016-2805 (Mac OS X)
oval:org.secpod.oval:def:34229 CVE-2016-2804,
CVE-2016-2805,
CVE-2016-2806,
CVE-2016-2807,
MFSA2016-39,
Multiple memory corruption vulnerabilities in Mozilla Firefox and Firefox ESR – MFSA2016-39 (Mac OS X)
oval:org.secpod.oval:def:34230 CVE-2016-2811, Use-after-free vulnerability in Mozilla Firefox via vectors related to the BeginReading method – CVE-2016-2811 (Mac OS X)
oval:org.secpod.oval:def:34231 CVE-2016-2812, Buffer overflow vulnerability in Mozilla Firefox via a crafted web site – CVE-2016-2812 (Mac OS X)
oval:org.secpod.oval:def:34232 CVE-2016-2811,
CVE-2016-2812,
MFSA2016-42,
Multiple vulnerabilities in Mozilla Firefox via unknown vectors – MFSA2016-42 (Mac OS X)
oval:org.secpod.oval:def:34233 CVE-2016-2814, Heap buffer overflow vulnerability in Mozilla Firefox and Firefox ESR via crafted CENC offsets that lead to mismanagement of the sizes table (Mac OS X)
oval:org.secpod.oval:def:34245 CVE-2016-1660, Out-of-bounds vulnerability in the Blink in Google Chrome via unspecified vectors – CVE-2016-1660 (rpm)
oval:org.secpod.oval:def:34246 CVE-2016-1660, Out-of-bounds vulnerability in the Blink in Google Chrome via unspecified vectors – CVE-2016-1660 (dpkg)
oval:org.secpod.oval:def:34247 CVE-2016-1661, Memory corruption vulnerability in the cross-process frames in Google Chrome via unspecified vectors – CVE-2016-1661(rpm)
oval:org.secpod.oval:def:34248 CVE-2016-1661, Memory corruption vulnerability in the cross-process frames in Google Chrome via unspecified vectors – CVE-2016-1661 (dpkg)
oval:org.secpod.oval:def:34249 CVE-2016-1662, Use-after-free vulnerability in the extensions in Google Chrome via unspecified vectors – CVE-2016-1662 (rpm)
oval:org.secpod.oval:def:34250 CVE-2016-1662, Use-after-free vulnerability in the extensions in Google Chrome via unspecified vectors – CVE-2016-1662 (dpkg)
oval:org.secpod.oval:def:34253 CVE-2016-1664, Address bar spoofing vulnerability in Google Chrome via unspecified vectors – CVE-2016-1664 (rpm)
oval:org.secpod.oval:def:34254 CVE-2016-1664, Address bar spoofing vulnerability in Google Chrome via unspecified vectors – CVE-2016-1664 (dpkg)
oval:org.secpod.oval:def:34255 CVE-2016-1665, Information disclosure vulnerability in the V8 in Google Chrome via unspecified vectors – CVE-2016-1665 (rpm)
oval:org.secpod.oval:def:34256 CVE-2016-1665, Information disclosure vulnerability in the V8 in Google Chrome via unspecified vectors – CVE-2016-1665 (dpkg)
oval:org.secpod.oval:def:34257 CVE-2016-1666, Multiple vulnerabilities in Google Chrome via unspecified vectors – CVE-2016-1666 (rpm)
oval:org.secpod.oval:def:34258 CVE-2016-1666, Multiple vulnerabilities in Google Chrome via unspecified vectors – CVE-2016-1666 (dpkg)
oval:org.secpod.oval:def:34259 CVE-2016-1660,
CVE-2016-1661,
CVE-2016-1662,
CVE-2016-1663,
CVE-2016-1664,
CVE-2016-1665,
CVE-2016-1666,
VENDORLINK,
Multiple vulnerabilities in Google Chrome via unspecified vectors (rpm)
oval:org.secpod.oval:def:34260 CVE-2016-1660,
CVE-2016-1661,
CVE-2016-1662,
CVE-2016-1663,
CVE-2016-1664,
CVE-2016-1665,
CVE-2016-1666,
VENDORLINK,
Multiple vulnerabilities in Google Chrome via unspecified vectors (dpkg)
oval:org.secpod.devel.oval:def:1 CVE-2016-1660, Out-of-bounds vulnerability in the Blink in Google Chrome via unspecified vectors – CVE-2016-1660
oval:org.secpod.devel.oval:def:2 CVE-2016-1661, Memory corruption vulnerability in the cross-process frames in Google Chrome via unspecified vectors – CVE-2016-1661
oval:org.secpod.devel.oval:def:3 CVE-2016-1662, Use-after-free vulnerability in the extensions in Google Chrome via unspecified vectors – CVE-2016-1662
oval:org.secpod.devel.oval:def:5 CVE-2016-1664, Address bar spoofing vulnerability in Google Chrome via unspecified vectors – CVE-2016-1664
oval:org.secpod.devel.oval:def:6 CVE-2016-1665, Information disclosure vulnerability in the V8 in Google Chrome via unspecified vectors – CVE-2016-1665
oval:org.secpod.devel.oval:def:7 CVE-2016-1666, Multiple vulnerabilities in Google Chrome via unspecified vectors – CVE-2016-1666
oval:org.secpod.devel.oval:def:9 CVE-2016-1660,
CVE-2016-1661,
CVE-2016-1662,
CVE-2016-1663,
CVE-2016-1664,
CVE-2016-1665,
CVE-2016-1666,
VENDORLINK,
Multiple vulnerabilities in Google Chrome via unspecified vectors
oval:org.secpod.oval:def:34243 CVE-2015-8325, Privilege escalation vulnerability in OpenSSH by triggering a crafted environment for the /bin/login program
oval:org.secpod.oval:def:703057 CVE-2016-0639,
CVE-2016-0640,
CVE-2016-0641,
CVE-2016-0642,
CVE-2016-0643,
CVE-2016-0644,
CVE-2016-0646,
CVE-2016-0647,
CVE-2016-0648,
CVE-2016-0649,
CVE-2016-0650,
CVE-2016-0655,
CVE-2016-0661,
CVE-2016-0665,
CVE-2016-0666,
CVE-2016-0668,
CVE-2016-2047,
USN-2953-1,
USN-2953-1 — mysql vulnerabilities
oval:org.secpod.oval:def:703058 CVE-2014-9767,
CVE-2015-8835,
CVE-2015-8838,
CVE-2016-2554,
CVE-2016-3141,
CVE-2016-3142,
CVE-2016-3185,
USN-2952-1,
USN-2952-1 — php vulnerabilities
oval:org.secpod.oval:def:703059 CVE-2016-0639,
CVE-2016-0642,
CVE-2016-0643,
CVE-2016-0647,
CVE-2016-0648,
CVE-2016-0655,
CVE-2016-0657,
CVE-2016-0659,
CVE-2016-0662,
CVE-2016-0666,
CVE-2016-0667,
CVE-2016-2047,
USN-2954-1,
USN-2954-1 — mysql vulnerabilities
oval:org.secpod.oval:def:110438 CVE-2016-1926,
FEDORA-2016-afdedc8da9,
FEDORA-2016-afdedc8da9 — Fedora 23 openvas-cli-1.4.4-1.fc23
oval:org.secpod.oval:def:110439 FEDORA-2016-c3d9a9c0c4, FEDORA-2016-c3d9a9c0c4 — Fedora 23 rpm-4.13.0-0.rc1.13.fc23
oval:org.secpod.oval:def:110440 CVE-2016-3096,
FEDORA-2016-cd3cf8e7d0,
FEDORA-2016-cd3cf8e7d0 — Fedora 23 ansible-2.0.2.0-1.fc23
oval:org.secpod.oval:def:110441 CVE-2016-3955,
CVE-2016-3961,
FEDORA-2016-8a1f49149e,
FEDORA-2016-8a1f49149e — Fedora 23 kernel-4.4.8-300.fc23
oval:org.secpod.oval:def:110442 CVE-2016-3960,
CVE-2016-4001,
CVE-2016-4002,
CVE-2016-4037,
FEDORA-2016-35d7b09908,
FEDORA-2016-35d7b09908 — Fedora 23 xen-4.5.3-2.fc23
oval:org.secpod.oval:def:110443 CVE-2016-1926,
FEDORA-2016-afdedc8da9,
FEDORA-2016-afdedc8da9 — Fedora 23 openvas-scanner-5.0.5-3.fc23
oval:org.secpod.oval:def:110444 CVE-2016-1926,
FEDORA-2016-afdedc8da9,
FEDORA-2016-afdedc8da9 — Fedora 23 openvas-libraries-8.0.7-2.fc23
oval:org.secpod.oval:def:110445 CVE-2016-3096,
FEDORA-2016-ab154c56dd,
FEDORA-2016-ab154c56dd — Fedora 22 ansible-2.0.2.0-1.fc22
oval:org.secpod.oval:def:110446 CVE-2015-2181,
CVE-2015-8864,
CVE-2016-4068,
CVE-2016-4069,
FEDORA-2016-69eb7f9fb2,
FEDORA-2016-69eb7f9fb2 — Fedora 23 roundcubemail-1.1.5-1.fc23
oval:org.secpod.oval:def:110447 CVE-2016-3960,
CVE-2016-4001,
CVE-2016-4002,
CVE-2016-4037,
FEDORA-2016-75063477ca,
FEDORA-2016-75063477ca — Fedora 22 xen-4.5.3-2.fc22
oval:org.secpod.oval:def:110448 CVE-2015-2181,
CVE-2015-8864,
CVE-2016-4068,
CVE-2016-4069,
FEDORA-2016-a9c8f9dcff,
FEDORA-2016-a9c8f9dcff — Fedora 22 roundcubemail-1.1.5-1.fc22
oval:org.secpod.oval:def:110449 FEDORA-2016-fcfe4c73b0, FEDORA-2016-fcfe4c73b0 — Fedora 23 i7z-0.27.2-16.20150629gitec09c4f.fc23
oval:org.secpod.oval:def:110451 FEDORA-2016-07a8331093, FEDORA-2016-07a8331093 — Fedora 23 firefox-46.0-4.fc23
oval:org.secpod.oval:def:110452 CVE-2016-3674,
FEDORA-2016-250042b8a6,
FEDORA-2016-250042b8a6 — Fedora 22 xstream-1.4.9-1.fc22
oval:org.secpod.oval:def:110453 CVE-2016-4008,
FEDORA-2016-96bfd9e873,
FEDORA-2016-96bfd9e873 — Fedora 22 libtasn1-4.8-1.fc22
oval:org.secpod.oval:def:110454 CVE-2016-3074,
FEDORA-2016-5f91f43826,
FEDORA-2016-5f91f43826 — Fedora 23 gd-2.1.1-5.fc23
oval:org.secpod.oval:def:110455 CVE-2016-1926,
FEDORA-2016-afdedc8da9,
FEDORA-2016-afdedc8da9 — Fedora 23 openvas-manager-6.0.8-2.fc23
oval:org.secpod.oval:def:110456 CVE-2016-3674,
FEDORA-2016-de909cc333,
FEDORA-2016-de909cc333 — Fedora 23 xstream-1.4.9-1.fc23
oval:org.secpod.oval:def:110457 CVE-2016-1926,
FEDORA-2016-afdedc8da9,
FEDORA-2016-afdedc8da9 — Fedora 23 openvas-gsa-6.0.10-3.fc23
Share this article