SCAP Feed Release Update: 17-Dec-2014

  • Post author:
  • Reading time:38 mins read

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. This is a list of vulnerabilities detected using a vulnerability management solution.

Also, a patch management tool can patch these vulnerabilities.

oval:org.secpod.oval:def:22206 CVE-2014-0580, Security bypass vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-0580
oval:org.secpod.oval:def:22207 CVE-2014-0587, Denial of service vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-0587
oval:org.secpod.oval:def:22208 CVE-2014-9164, Denial of service vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-9164
oval:org.secpod.oval:def:22209 CVE-2014-8443, Use after free vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-8443
oval:org.secpod.oval:def:22210 CVE-2014-9162, Information disclosure vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-9162
oval:org.secpod.oval:def:22211 CVE-2014-9163, Stack-based buffer overflow vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-9163
oval:org.secpod.oval:def:22212 APSB14-27,
CVE-2014-0580,
CVE-2014-0587,
CVE-2014-8443,
CVE-2014-9162,
CVE-2014-9163,
CVE-2014-9164,
Multiple vulnerabilities in Adobe Flash Player via unspecified vectors – APSB14-27
oval:org.secpod.oval:def:702324 CVE-2014-9029,
USN-2434-1,
USN-2434-1 — jasper vulnerability
oval:org.secpod.oval:def:702325 CVE-2014-9029,
USN-2434-2,
USN-2434-2 — ghostscript vulnerability
oval:org.secpod.oval:def:702326 CVE-2014-9157,
USN-2435-1,
USN-2435-1 — graphviz vulnerability
oval:org.secpod.oval:def:601860 CVE-2014-7273,
CVE-2014-7274,
CVE-2014-7275,
DSA-3091-1,
DSA-3091-1 getmail4 — getmail4
oval:org.secpod.oval:def:601861 CVE-2014-8500,
DSA-3094-1,
DSA-3094-1 bind9 — bind9
oval:org.secpod.oval:def:601862 CVE-2014-7841,
CVE-2014-8369,
CVE-2014-8884,
CVE-2014-9090,
DSA-3093-1,
DSA-3093-1 linux — linux
oval:org.secpod.oval:def:601863 CVE-2014-1587,
CVE-2014-1590,
CVE-2014-1592,
CVE-2014-1593,
CVE-2014-1594,
DSA-3092-1,
DSA-3092-1 icedove — icedove
oval:org.secpod.oval:def:108004 CVE-2014-9087,
FEDORA-2014-15847,
FEDORA-2014-15847 — Fedora 20 libksba-1.3.2-1.fc20
oval:org.secpod.oval:def:108006 CVE-2014-2913,
FEDORA-2014-5896,
FEDORA-2014-5896 — Fedora 19 nrpe-2.15-2.fc19
oval:org.secpod.oval:def:108009 FEDORA-2014-15833, FEDORA-2014-15833 — Fedora 19 hivex-1.3.8-2.fc19
oval:org.secpod.oval:def:108011 FEDORA-2014-16242, FEDORA-2014-16242 — Fedora 19 thunderbird-31.3.0-1.fc19
oval:org.secpod.oval:def:108012 CVE-2014-8485,
CVE-2014-8501,
CVE-2014-8502,
CVE-2014-8503,
CVE-2014-8504,
CVE-2014-8737,
CVE-2014-8738,
FEDORA-2014-14833,
FEDORA-2014-14833 — Fedora 20 Update: arm-none-eabi-binutils-cs-2014.05.28-3.fc20
oval:org.secpod.oval:def:108014 FEDORA-2014-7496, FEDORA-2014-7496 — Fedora 19 readline-6.2-8.fc19
oval:org.secpod.oval:def:108015 CVE-2014-0978,
CVE-2014-1235,
CVE-2014-1236,
CVE-2014-9157,
FEDORA-2014-15811,
FEDORA-2014-15811 — Fedora 19 graphviz-2.30.1-13.fc19
oval:org.secpod.oval:def:108016 CVE-2014-0978,
CVE-2014-1235,
CVE-2014-1236,
CVE-2014-9157,
FEDORA-2014-15812,
FEDORA-2014-15812 — Fedora 20 graphviz-2.34.0-10.fc20
oval:org.secpod.oval:def:108017 FEDORA-2014-15841, FEDORA-2014-15841 — Fedora 20 hivex-1.3.8-4.fc20
oval:org.secpod.oval:def:108018 CVE-2014-9087,
FEDORA-2014-15838,
FEDORA-2014-15838 — Fedora 19 libksba-1.3.2-1.fc19
oval:org.secpod.oval:def:108019 FEDORA-2014-16242, FEDORA-2014-16242 — Fedora 19 firefox-34.0-1.fc19
oval:org.secpod.oval:def:108020 CVE-2014-8485,
CVE-2014-8501,
CVE-2014-8502,
CVE-2014-8503,
CVE-2014-8504,
CVE-2014-8737,
CVE-2014-8738,
FEDORA-2014-14874,
FEDORA-2014-14874 — Fedora 19 Update: arm-none-eabi-binutils-cs-2014.05.28-3.fc19
oval:org.secpod.oval:def:108021 CVE-2014-8485,
CVE-2014-8501,
CVE-2014-8502,
CVE-2014-8503,
CVE-2014-8504,
CVE-2014-8737,
CVE-2014-8738,
FEDORA-2014-14838,
FEDORA-2014-14838 — Fedora 19 avr-binutils-2.24-3.fc19
oval:org.secpod.oval:def:108023 CVE-2014-8962,
CVE-2014-9028,
FEDORA-2014-16258,
FEDORA-2014-16258 — Fedora 20 flac-1.3.1-1.fc20
oval:org.secpod.oval:def:108025 CVE-2014-8485,
CVE-2014-8501,
CVE-2014-8502,
CVE-2014-8503,
CVE-2014-8504,
CVE-2014-8737,
CVE-2014-8738,
FEDORA-2014-14963,
FEDORA-2014-14963 — Fedora 20 avr-binutils-2.24-3.fc20
oval:org.secpod.oval:def:108026 CVE-2014-8600,
FEDORA-2014-15130,
FEDORA-2014-15130 — Fedora 20 kwebkitpart-1.3.4-5.fc20
oval:org.secpod.oval:def:22213 CVE-2014-0580, Security bypass vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-0580 (Mac OS X)
oval:org.secpod.oval:def:22214 CVE-2014-0587, Denial of service vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-0587 (Mac OS X)
oval:org.secpod.oval:def:22215 CVE-2014-9164, Denial of service vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-9164 (Mac OS X)
oval:org.secpod.oval:def:22216 CVE-2014-8443, Use after free vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-8443 (Mac OS X)
oval:org.secpod.oval:def:22217 CVE-2014-9162, Information disclosure vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-9162 (Mac OS X)
oval:org.secpod.oval:def:22218 CVE-2014-9163, Stack-based buffer overflow vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-9163 (Mac OS X)
oval:org.secpod.oval:def:22219 APSB14-27,
CVE-2014-0580,
CVE-2014-0587,
CVE-2014-8443,
CVE-2014-9162,
CVE-2014-9163,
CVE-2014-9164,
Multiple vulnerabilities in Adobe Flash Player via unspecified vectors – APSB14-27 (Mac OS X)
oval:org.secpod.oval:def:203511 CESA-2014:1983,
CVE-2014-8091,
CVE-2014-8092,
CVE-2014-8093,
CVE-2014-8094,
CVE-2014-8095,
CVE-2014-8096,
CVE-2014-8097,
CVE-2014-8098,
CVE-2014-8099,
CVE-2014-8100,
CVE-2014-8101,
CVE-2014-8102,
CVE-2014-8103,
CESA-2014:1983 — centos 6 xorg-x11-server
oval:org.secpod.oval:def:203512 CESA-2014:1984,
CVE-2014-8500,
CESA-2014:1984 — centos 7 bind
oval:org.secpod.oval:def:203513 CESA-2014:1982,
CVE-2014-8091,
CVE-2014-8092,
CVE-2014-8093,
CVE-2014-8095,
CVE-2014-8096,
CVE-2014-8097,
CVE-2014-8098,
CVE-2014-8099,
CVE-2014-8100,
CVE-2014-8101,
CVE-2014-8102,
CESA-2014:1982 — centos 5 xorg-x11-server
oval:org.secpod.oval:def:203514 CESA-2014:1985,
CVE-2014-8500,
CESA-2014:1985 — centos 5 bind97
oval:org.secpod.oval:def:203515 CESA-2014:1983,
CVE-2014-8091,
CVE-2014-8092,
CVE-2014-8093,
CVE-2014-8094,
CVE-2014-8095,
CVE-2014-8096,
CVE-2014-8097,
CVE-2014-8098,
CVE-2014-8099,
CVE-2014-8100,
CVE-2014-8101,
CVE-2014-8102,
CVE-2014-8103,
CESA-2014:1983 — centos 7 xorg-x11-server
oval:org.secpod.oval:def:203516 CESA-2014:1984,
CVE-2014-8500,
CESA-2014:1984 — centos 5 bind
oval:org.secpod.oval:def:203517 CESA-2014:1984,
CVE-2014-8500,
CESA-2014:1984 — centos 6 bind
oval:org.secpod.oval:def:22220 CVE-2014-0580, Security bypass vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-0580 (rpm)
oval:org.secpod.oval:def:22221 CVE-2014-0580, Security bypass vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-0580 (dpkg)
oval:org.secpod.oval:def:22222 CVE-2014-0587, Denial of service vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-0587 (rpm)
oval:org.secpod.oval:def:22223 CVE-2014-0587, Denial of service vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-0587 (dpkg)
oval:org.secpod.oval:def:22224 CVE-2014-9164, Denial of service vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-9164 (rpm)
oval:org.secpod.oval:def:22225 CVE-2014-9164, Denial of service vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-9164 (dpkg)
oval:org.secpod.oval:def:22226 CVE-2014-8443, Use after free vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-8443 (rpm)
oval:org.secpod.oval:def:22227 CVE-2014-8443, Use after free vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-8443 (dpkg)
oval:org.secpod.oval:def:22228 CVE-2014-9162, Information disclosure vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-9162 (rpm)
oval:org.secpod.oval:def:22229 CVE-2014-9162, Information disclosure vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-9162 (dpkg)
oval:org.secpod.oval:def:22230 CVE-2014-9163, Stack-based buffer overflow vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-9163 (rpm)
oval:org.secpod.oval:def:22231 CVE-2014-9163, Stack-based buffer overflow vulnerability in Adobe Flash Player via unspecified vectors – CVE-2014-9163 (dpkg)
oval:org.secpod.oval:def:22232 APSB14-27,
CVE-2014-0580,
CVE-2014-0587,
CVE-2014-8443,
CVE-2014-9162,
CVE-2014-9163,
CVE-2014-9164,
Multiple vulnerabilities in Adobe Flash Player via unspecified vectors – APSB14-27 (rpm)
oval:org.secpod.oval:def:22233 APSB14-27,
CVE-2014-0580,
CVE-2014-0587,
CVE-2014-8443,
CVE-2014-9162,
CVE-2014-9163,
CVE-2014-9164,
Multiple vulnerabilities in Adobe Flash Player via unspecified vectors – APSB14-27 (dpkg)
oval:org.secpod.oval:def:22234 APPLE-SA-2014-12-11-1, Multiple memory corruption vulnerabilities in Apple Safari – APPLE-SA-2014-12-11-1
oval:org.secpod.oval:def:501470 CVE-2014-8091,
CVE-2014-8092,
CVE-2014-8093,
CVE-2014-8095,
CVE-2014-8096,
CVE-2014-8097,
CVE-2014-8098,
CVE-2014-8099,
CVE-2014-8100,
CVE-2014-8101,
CVE-2014-8102,
RHSA-2014:1982-01,
RHSA-2014:1982-01 — Redhat xorg-x11-server
oval:org.secpod.oval:def:501471 CVE-2014-8500,
RHSA-2014:1984-01,
RHSA-2014:1984-01 — Redhat bind
oval:org.secpod.oval:def:501472 CVE-2014-8091,
CVE-2014-8092,
CVE-2014-8093,
CVE-2014-8094,
CVE-2014-8095,
CVE-2014-8096,
CVE-2014-8097,
CVE-2014-8098,
CVE-2014-8099,
CVE-2014-8100,
CVE-2014-8101,
CVE-2014-8102,
CVE-2014-8103,
RHSA-2014:1983-01,
RHSA-2014:1983-01 — Redhat xorg-x11-server
oval:org.secpod.oval:def:501473 CVE-2014-8500,
RHSA-2014:1985-01,
RHSA-2014:1985-01 — Redhat bind97
Share this article