SCAP Feed Release Update: 08-Jul-2015

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update.

oval:org.secpod.oval:def:25321 VENDORLINK, Critical unknown vulnerability in OpenSSL
oval:org.secpod.oval:def:25313 CVE-2015-5119, Security bypass vulnerability in Adobe Flash Player – CVE-2015-5119
oval:org.secpod.oval:def:25314 APSA15-03,
CVE-2015-5119,
Security bypass vulnerability in Adobe Flash Player – APSA15-03
oval:org.secpod.oval:def:25315 CVE-2015-5119, Security bypass vulnerability in Adobe Flash Player – CVE-2015-5119 (Mac OS X)
oval:org.secpod.oval:def:25316 APSA15-03,
CVE-2015-5119,
Security bypass vulnerability in Adobe Flash Player – APSA15-03 (Mac OS X)
oval:org.secpod.oval:def:25317 CVE-2015-5119, Security bypass vulnerability in Adobe Flash Player – CVE-2015-5119 (rpm)
oval:org.secpod.oval:def:25318 APSA15-03,
CVE-2015-5119,
Security bypass vulnerability in Adobe Flash Player – APSA15-03 (rpm)
oval:org.secpod.oval:def:25319 CVE-2015-5119, Security bypass vulnerability in Adobe Flash Player – CVE-2015-5119 (dpkg)
oval:org.secpod.oval:def:25320 APSA15-03,
CVE-2015-5119,
Security bypass vulnerability in Adobe Flash Player – APSA15-03 (dpkg)
oval:org.secpod.oval:def:602157 CVE-2015-3281,
DSA-3301-1,
DSA-3301-1 haproxy — haproxy
oval:org.secpod.oval:def:602158 CVE-2015-3644,
DSA-3299-1,
DSA-3299-1 stunnel4 — stunnel4
oval:org.secpod.oval:def:602159 CVE-2015-1833,
DSA-3298-1,
DSA-3298-1 libjackrabbit-java — libjackrabbit-java
oval:org.secpod.oval:def:602160 CVE-2015-2724,
CVE-2015-2728,
CVE-2015-2731,
CVE-2015-2734,
CVE-2015-2735,
CVE-2015-2736,
CVE-2015-2737,
CVE-2015-2738,
CVE-2015-2739,
CVE-2015-2740,
CVE-2015-2743,
CVE-2015-4000,
DSA-3300-1,
DSA-3300-1 iceweasel — iceweasel
oval:org.secpod.oval:def:602161 CVE-2015-0848,
CVE-2015-4588,
CVE-2015-4695,
CVE-2015-4696,
DSA-3302-1,
DSA-3302-1 libwmf0.2-7 — libwmf0.2-7
oval:org.secpod.oval:def:25225 CVE-2015-3661, Denial of service vulnerability in QT Media Foundation in Apple QuickTime via a crafted file – CVE-2015-3661
oval:org.secpod.oval:def:25234 APPLE-SA-2015-06-30-5,
CVE-2015-3661,
CVE-2015-3662,
CVE-2015-3663,
CVE-2015-3664,
CVE-2015-3665,
CVE-2015-3666,
CVE-2015-3667,
CVE-2015-3668,
CVE-2015-3669,
Denial of service vulnerability in QT Media Foundation in Apple QuickTime via a crafted file – APPLE-SA-2015-06-30-5
oval:org.secpod.oval:def:25226 CVE-2015-3662, Denial of service vulnerability in QT Media Foundation in Apple QuickTime via a crafted file – CVE-2015-3662
oval:org.secpod.oval:def:25227 CVE-2015-3663, Denial of service vulnerability in QT Media Foundation in Apple QuickTime via a crafted file – CVE-2015-3663
oval:org.secpod.oval:def:25228 CVE-2015-3666, Denial of service vulnerability in QT Media Foundation in Apple QuickTime via a crafted file – CVE-2015-3666
oval:org.secpod.oval:def:25229 CVE-2015-3667, Denial of service vulnerability in QT Media Foundation in Apple QuickTime via a crafted file – CVE-2015-3667
oval:org.secpod.oval:def:25230 CVE-2015-3668, Denial of service vulnerability in QT Media Foundation in Apple QuickTime via a crafted file – CVE-2015-3668
oval:org.secpod.oval:def:25231 CVE-2015-3664, Denial of service vulnerability in QT Media Foundation in Apple QuickTime via a crafted file – CVE-2015-3664
oval:org.secpod.oval:def:25232 CVE-2015-3665, Denial of service vulnerability in QT Media Foundation in Apple QuickTime via a crafted file – CVE-2015-3665
oval:org.secpod.oval:def:25233 CVE-2015-3669, Denial of service vulnerability in QT Media Foundation in Apple QuickTime via a crafted file – CVE-2015-3669
oval:org.secpod.oval:def:25235 CVE-2015-3677, Information disclosure vulnerability in the AppleFSCompression in Apple OS X via a crafted app
oval:org.secpod.oval:def:25244 CVE-2015-3690, Information disclosure vulnerability in the DiskImages in Apple OS X via a crafted app – CVE-2015-3690
oval:org.secpod.oval:def:25245 CVE-2015-3692, Security bypass vulnerability in EFI in Apple OS X by leveraging root privileges
oval:org.secpod.oval:def:25246 CVE-2015-3693, Security bypass vulnerability in EFI in Apple OS X by increasing memory refresh rates
oval:org.secpod.oval:def:25247 CVE-2015-3695, Buffer overflow vulnerability in the Intel Graphics Driver in Apple OS X via unspecified vectors – CVE-2015-3695
oval:org.secpod.oval:def:25248 CVE-2015-3696, Buffer overflow vulnerability in the Intel Graphics Driver in Apple OS X via unspecified vectors – CVE-2015-3696
oval:org.secpod.oval:def:25249 CVE-2015-3697, Buffer overflow vulnerability in the Intel Graphics Driver in Apple OS X via unspecified vectors – CVE-2015-3697
oval:org.secpod.oval:def:25250 CVE-2015-3698, Buffer overflow vulnerability in the Intel Graphics Driver in Apple OS X via unspecified vectors – CVE-2015-3698
oval:org.secpod.oval:def:25251 CVE-2015-3699, Buffer overflow vulnerability in the Intel Graphics Driver in Apple OS X via unspecified vectors – CVE-2015-3699
oval:org.secpod.oval:def:25252 CVE-2015-3700, Buffer overflow vulnerability in the Intel Graphics Driver in Apple OS X via unspecified vectors – CVE-2015-3700
oval:org.secpod.oval:def:25253 CVE-2015-3701, Buffer overflow vulnerability in the Intel Graphics Driver in Apple OS X via unspecified vectors – CVE-2015-3701
oval:org.secpod.oval:def:25236 CVE-2015-3683, Denial of service vulnerability in the Bluetooth HCI interface implementation in Apple OS X via a crafted app
oval:org.secpod.oval:def:25254 CVE-2015-3702, Buffer overflow vulnerability in the Intel Graphics Driver in Apple OS X via unspecified vectors – CVE-2015-3702
oval:org.secpod.oval:def:25255 CVE-2014-8127, Arbitrary code execution vulnerability in the ImageIO in Apple OS X via unspecified vectors – CVE-2014-8127
oval:org.secpod.oval:def:25256 CVE-2014-8128, Arbitrary code execution vulnerability in the ImageIO in Apple OS X via unspecified vectors – CVE-2014-8128
oval:org.secpod.oval:def:25257 CVE-2014-8129, Arbitrary code execution vulnerability in the ImageIO in Apple OS X via unspecified vectors – CVE-2014-8129
oval:org.secpod.oval:def:25258 CVE-2014-8130, Arbitrary code execution vulnerability in the ImageIO in Apple OS X via unspecified vectors – CVE-2014-8130
oval:org.secpod.oval:def:25259 CVE-2015-3703, Arbitrary code execution vulnerability in the ImageIO in Apple OS X via a crafted TIFF image – CVE-2015-3703
oval:org.secpod.oval:def:25260 CVE-2015-3704, Arbitrary code execution vulnerability in the Install Framework Legacy in Apple OS X via a crafted app
oval:org.secpod.oval:def:25261 CVE-2015-3711, Information disclosure vulnerability in the NTFS in Apple OS X via a crafted app – CVE-2015-3711
oval:org.secpod.oval:def:25262 CVE-2015-1798, Denial of service vulnerability in the NTP in Apple OS X by omitting the MAC – CVE-2015-1798
oval:org.secpod.oval:def:25263 CVE-2015-1799, Denial of service vulnerability in the NTP in Apple OS X by omitting the MAC – CVE-2015-1799
oval:org.secpod.oval:def:25264 CVE-2015-3661, Arbitrary code execution vulnerability in the QuickTime in Apple OS X via a crafted file – CVE-2015-3661
oval:org.secpod.oval:def:25237 CVE-2015-3684, Denial of service vulnerability in the HTTPAuthentication implementation in CFNetwork in Apple OS X via crafted credentials in a URL
oval:org.secpod.oval:def:25265 CVE-2015-3662, Arbitrary code execution vulnerability in the QuickTime in Apple OS X via a crafted file – CVE-2015-3662
oval:org.secpod.oval:def:25266 CVE-2015-3663, Arbitrary code execution vulnerability in the QuickTime in Apple OS X via a crafted file – CVE-2015-3663
oval:org.secpod.oval:def:25267 CVE-2015-3666, Arbitrary code execution vulnerability in the QuickTime in Apple OS X via a crafted file – CVE-2015-3666
oval:org.secpod.oval:def:25268 CVE-2015-3667, Arbitrary code execution vulnerability in the QuickTime in Apple OS X via a crafted file – CVE-2015-3667
oval:org.secpod.oval:def:25269 CVE-2015-3668, Arbitrary code execution vulnerability in the QuickTime in Apple OS X via a crafted file – CVE-2015-3668
oval:org.secpod.oval:def:25270 CVE-2015-3713, Arbitrary code execution vulnerability in the QuickTime in Apple OS X via a crafted file – CVE-2015-3713
oval:org.secpod.oval:def:25271 CVE-2013-1741, Integer overflow vulnerability in the Security framework in Apple OS X via a large size value – CVE-2013-1741
oval:org.secpod.oval:def:25272 CVE-2015-3714, Security bypass vulnerability in the Security framework in Apple OS X via a modified app – CVE-2015-3714
oval:org.secpod.oval:def:25273 CVE-2015-3715, Security bypass vulnerability in the code-signing implementation in Apple OS X via a crafted library – CVE-2015-3715
oval:org.secpod.oval:def:25274 CVE-2015-3716, Arbitrary commands execution vulnerability in Spotlight in Apple OS X via a crafted name of a photo file – CVE-2015-3716
oval:org.secpod.oval:def:25238 CVE-2015-3685, Denial of service vulnerability in CoreText in Apple OS X via a crafted text file – CVE-2015-3685
oval:org.secpod.oval:def:25275 CVE-2015-3671, Security bypass vulnerability in Admin Framework in Apple OS X via unspecified vectors – CVE-2015-3671
oval:org.secpod.oval:def:25276 CVE-2015-3672, Security bypass vulnerability in Admin Framework in Apple OS X via unspecified vectors – CVE-2015-3672
oval:org.secpod.oval:def:25277 CVE-2015-0235, Heap-based buffer overflow vulnerability in php in Apple OS X via unspecified vectors – CVE-2015-0235
oval:org.secpod.oval:def:25278 CVE-2015-0273, Heap-based buffer overflow vulnerability in php in Apple OS X via unspecified vectors – CVE-2015-0273
oval:org.secpod.oval:def:25279 CVE-2015-3673, Security bypass vulnerability in Admin Framework in Apple OS X – CVE-2015-3673
oval:org.secpod.oval:def:25280 CVE-2015-3674, Arbitrary code execution vulnerability in AFP server in Apple OS X – CVE-2015-3674
oval:org.secpod.oval:def:25281 CVE-2015-3675, Security bypass vulnerability in the Apache HTTP Server in Apple OS X via a crafted URL – CVE-2015-3675
oval:org.secpod.oval:def:25282 CVE-2015-3676, Information disclosure vulnerability in AppleGraphicsControl in Apple OS X via a crafted app – CVE-2015-3676
oval:org.secpod.oval:def:25283 CVE-2015-3678, Denial of service vulnerability in AppleThunderboltEDMService in Apple OS X via unspecified Thunderbolt commands – CVE-2015-3678
oval:org.secpod.oval:def:25284 CVE-2015-3679, Denial of service vulnerability in Apple Type Services (ATS) in Apple OS X via a crafted font file – CVE-2015-3679
oval:org.secpod.oval:def:25239 CVE-2015-1157, Denial of service vulnerability in CoreText in Apple OS X via a crafted text file – CVE-2015-1157
oval:org.secpod.oval:def:25285 CVE-2015-3680, Denial of service vulnerability in Apple Type Services (ATS) in Apple OS X via a crafted font file – CVE-2015-3680
oval:org.secpod.oval:def:25286 CVE-2015-3681, Denial of service vulnerability in Apple Type Services (ATS) in Apple OS X via a crafted font file – CVE-2015-3681
oval:org.secpod.oval:def:25287 CVE-2015-3682, Denial of service vulnerability in Apple Type Services (ATS) in Apple OS X via a crafted font file – CVE-2015-3682
oval:org.secpod.oval:def:25288 CVE-2015-4000, Cipher-downgrade vulnerability in coreTLS in Apple OS X by rewriting a ClientHello with DHE – CVE-2015-4000
oval:org.secpod.oval:def:25289 CVE-2015-3691, Arbitrary code execution vulnerability in Display Drivers in Apple OS X via a crafted app – CVE-2015-3691
oval:org.secpod.oval:def:25290 CVE-2015-3694, Arbitrary code execution vulnerability in FontParser in Apple OS X via a crafted font file – CVE-2015-3694
oval:org.secpod.oval:def:25291 CVE-2015-3712, Arbitrary code execution vulnerability in NVIDIA graphics driver in Apple OS X via a crafted app – CVE-2015-3712
oval:org.secpod.oval:def:25292 CVE-2015-3705, Arbitrary code execution vulnerability in IOAcceleratorFamily in Apple OS X via a crafted app – CVE-2015-3705
oval:org.secpod.oval:def:25293 CVE-2015-3706, Arbitrary code execution vulnerability in IOAcceleratorFamily in Apple OS X via a crafted app – CVE-2015-3706
oval:org.secpod.oval:def:25294 CVE-2015-3707, Arbitrary code execution vulnerability in IOFireWireFamily in Apple OS X via a crafted app – CVE-2015-3707
oval:org.secpod.oval:def:25240 CVE-2015-3686, Denial of service vulnerability in CoreText in Apple OS X via a crafted text file – CVE-2015-3686
oval:org.secpod.oval:def:25295 CVE-2015-3720, Information disclosure vulnerability in the kernel in Apple OS X via a crafted app – CVE-2015-3720
oval:org.secpod.oval:def:25296 CVE-2015-3721, Information disclosure vulnerability in the kernel in Apple OS X via a crafted app – CVE-2015-3721
oval:org.secpod.oval:def:25297 CVE-2015-3708, Symlink attack vulnerability in kext tools in Apple OS X via a crafted app – CVE-2015-3708
oval:org.secpod.oval:def:25298 CVE-2015-3709, Security bypass vulnerability in kext tools in Apple OS X by leveraging improper pathname validation – CVE-2015-3709
oval:org.secpod.oval:def:25299 CVE-2015-3710, Security bypass vulnerability in Mail in Apple OS X via a crafted HTML e-mail message – CVE-2015-3710
oval:org.secpod.oval:def:25300 CVE-2015-0209, Use-after-free vulnerability in OpenSSL in Apple OS X via malformed Elliptic Curve (EC) private-key file
oval:org.secpod.oval:def:25301 CVE-2015-0286, Denial of service vulnerability in OpenSSL in Apple OS X via a crafted X.509 certificate
oval:org.secpod.oval:def:25302 CVE-2015-0287, Denial of service vulnerability in OpenSSL in Apple OS X by leveraging an application that relies on ASN.1 structure reuse
oval:org.secpod.oval:def:25303 CVE-2015-0288, Denial of service vulnerability in OpenSSL in Apple OS X via an invalid certificate key
oval:org.secpod.oval:def:25304 CVE-2015-0289, Denial of service vulnerability in OpenSSL in Apple OS X by leveraging an application that processes arbitrary PKCS#7 data
oval:org.secpod.oval:def:25241 CVE-2015-3687, Denial of service vulnerability in CoreText in Apple OS X via a crafted text file – CVE-2015-3687
oval:org.secpod.oval:def:25305 CVE-2015-0293, Denial of service vulnerability in OpenSSL in Apple OS X via a crafted CLIENT-MASTER-KEY message
oval:org.secpod.oval:def:25306 CVE-2015-3717, Denial of service vulnerability in SQLite in Apple OS X via unspecified vectors – CVE-2015-3717
oval:org.secpod.oval:def:25307 CVE-2015-3718, Arbitrary code execution vulnerability in the System Stats subsystem in Apple OS X via a crafted app – CVE-2015-3718
oval:org.secpod.oval:def:25308 CVE-2015-3719, Arbitrary code execution vulnerability in FontParser in Apple OS X via a crafted font file – CVE-2015-3719
oval:org.secpod.oval:def:25309 CVE-2014-8139, Arbitrary code execution vulnerability in zip in Apple OS X via a maliciously crafted zip file – CVE-2014-8139
oval:org.secpod.oval:def:25310 CVE-2014-8140, Arbitrary code execution vulnerability in zip in Apple OS X via a maliciously crafted zip file – CVE-2014-8140
oval:org.secpod.oval:def:25311 CVE-2014-8141, Arbitrary code execution vulnerability in zip in Apple OS X via a maliciously crafted zip file – CVE-2014-8141
oval:org.secpod.oval:def:25312 APPLE-SA-2015-06-30-2,
CVE-2013-1741,
CVE-2014-8127,
CVE-2014-8128,
CVE-2014-8129,
CVE-2014-8130,
CVE-2014-8139,
CVE-2014-8140,
CVE-2014-8141,
CVE-2015-0209,
CVE-2015-0235,
CVE-2015-0273,
CVE-2015-0286,
CVE-2015-0287,
CVE-2015-0288,
CVE-2015-0289,
CVE-2015-0293,
CVE-2015-1157,
CVE-2015-1798,
CVE-2015-1799,
CVE-2015-3661,
CVE-2015-3662,
CVE-2015-3663,
CVE-2015-3666,
CVE-2015-3667,
CVE-2015-3668,
CVE-2015-3671,
CVE-2015-3672,
CVE-2015-3673,
CVE-2015-3674,
CVE-2015-3675,
CVE-2015-3676,
CVE-2015-3677,
CVE-2015-3678,
CVE-2015-3679,
CVE-2015-3680,
CVE-2015-3681,
CVE-2015-3682,
CVE-2015-3683,
CVE-2015-3684,
CVE-2015-3685,
CVE-2015-3686,
CVE-2015-3687,
CVE-2015-3688,
CVE-2015-3689,
CVE-2015-3690,
CVE-2015-3691,
CVE-2015-3692,
CVE-2015-3693,
CVE-2015-3694,
CVE-2015-3695,
CVE-2015-3696,
CVE-2015-3697,
CVE-2015-3698,
CVE-2015-3699,
CVE-2015-3700,
CVE-2015-3701,
CVE-2015-3702,
CVE-2015-3703,
CVE-2015-3704,
CVE-2015-3705,
CVE-2015-3706,
CVE-2015-3707,
CVE-2015-3708,
CVE-2015-3709,
CVE-2015-3710,
CVE-2015-3711,
CVE-2015-3712,
CVE-2015-3713,
CVE-2015-3714,
CVE-2015-3715,
CVE-2015-3716,
CVE-2015-3717,
CVE-2015-3718,
CVE-2015-3719,
CVE-2015-3720,
CVE-2015-3721,
CVE-2015-4000,
Multiple vulnerabilities in Apple OS X – APPLE-SA-2015-06-30-2
oval:org.secpod.oval:def:25242 CVE-2015-3688, Denial of service vulnerability in CoreText in Apple OS X via a crafted text file – CVE-2015-3688
oval:org.secpod.oval:def:25243 CVE-2015-3689, Denial of service vulnerability in CoreText in Apple OS X via a crafted text file – CVE-2015-3689
oval:org.secpod.oval:def:203660 CESA-2015:1207,
CVE-2015-2722,
CVE-2015-2724,
CVE-2015-2725,
CVE-2015-2727,
CVE-2015-2728,
CVE-2015-2729,
CVE-2015-2731,
CVE-2015-2733,
CVE-2015-2734,
CVE-2015-2735,
CVE-2015-2736,
CVE-2015-2737,
CVE-2015-2738,
CVE-2015-2739,
CVE-2015-2740,
CVE-2015-2741,
CVE-2015-2743,
CESA-2015:1207 — centos 5 firefox
oval:org.secpod.oval:def:203661 CESA-2015:1207,
CVE-2015-2722,
CVE-2015-2724,
CVE-2015-2725,
CVE-2015-2727,
CVE-2015-2728,
CVE-2015-2729,
CVE-2015-2731,
CVE-2015-2733,
CVE-2015-2734,
CVE-2015-2735,
CVE-2015-2736,
CVE-2015-2737,
CVE-2015-2738,
CVE-2015-2739,
CVE-2015-2740,
CVE-2015-2741,
CVE-2015-2743,
CESA-2015:1207 — centos 7 firefox
oval:org.secpod.oval:def:203662 CESA-2015:1197,
CVE-2015-1789,
CVE-2015-1790,
CVE-2015-4000,
CESA-2015:1197 — centos 5 openssl
oval:org.secpod.oval:def:203663 CESA-2015:1207,
CVE-2015-2722,
CVE-2015-2724,
CVE-2015-2725,
CVE-2015-2727,
CVE-2015-2728,
CVE-2015-2729,
CVE-2015-2731,
CVE-2015-2733,
CVE-2015-2734,
CVE-2015-2735,
CVE-2015-2736,
CVE-2015-2737,
CVE-2015-2738,
CVE-2015-2739,
CVE-2015-2740,
CVE-2015-2741,
CVE-2015-2743,
CESA-2015:1207 — centos 6 firefox
oval:org.secpod.oval:def:501588 CVE-2015-2722,
CVE-2015-2724,
CVE-2015-2725,
CVE-2015-2727,
CVE-2015-2728,
CVE-2015-2729,
CVE-2015-2731,
CVE-2015-2733,
CVE-2015-2734,
CVE-2015-2735,
CVE-2015-2736,
CVE-2015-2737,
CVE-2015-2738,
CVE-2015-2739,
CVE-2015-2740,
CVE-2015-2741,
CVE-2015-2743,
RHSA-2015:1207-01,
RHSA-2015:1207-01 — Redhat firefox

Subscribe For More Posts Like This

Get the latest research, best practices, industry trends and cybersecurity blogs from SecPod security experts

Invalid email address
We promise not to spam you. You can unsubscribe at any time.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments