ALT-BU-2016-2638-1
Branch sisyphus update bulletin.
Closed bugs
Не собирается WINE64
Package transmission updated to version 2.92-alt2 for branch sisyphus in task 161189.
Closed bugs
Не создаётся лог файл
Неверная подсказка в /etc/init.d/transmission-daemon
Package transmission updated to version 2.92-alt3 for branch sisyphus in task 161193.
Closed bugs
Downloads/ is not accessible for anyone because the containing dir is not traversable
Closed bugs
Необходимо убрать проверку на C++ ABI
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-10156
A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. This is fixed in v229.
- 95790
- 95790
- 1037686
- 1037686
- https://bugzilla.suse.com/show_bug.cgi?id=1020601
- https://bugzilla.suse.com/show_bug.cgi?id=1020601
- https://github.com/systemd/systemd/commit/06eeacb6fe029804f296b065b3ce91e796e1cd0e
- https://github.com/systemd/systemd/commit/06eeacb6fe029804f296b065b3ce91e796e1cd0e
- https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f
- https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f
- 41171
- 41171
Package adobe-flash-player updated to version 11-alt60 for branch sisyphus in task 161196.
Closed vulnerabilities
BDU:2016-00778
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код
BDU:2016-00782
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00783
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00784
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код
BDU:2016-00785
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код
BDU:2016-00786
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код
BDU:2016-00787
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код
BDU:2016-00788
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код
BDU:2016-00789
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код
BDU:2016-00790
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код
BDU:2016-00791
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код
BDU:2016-00792
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код
BDU:2016-00793
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00794
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код
BDU:2016-00795
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код
BDU:2016-00796
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00797
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код
BDU:2016-00798
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код
BDU:2016-00799
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00800
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код
BDU:2016-00801
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00802
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00803
Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Modified: 2024-11-21
CVE-2016-0960
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84311
- 84311
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
Modified: 2024-11-21
CVE-2016-0961
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84311
- 84311
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
Modified: 2024-11-21
CVE-2016-0962
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84311
- 84311
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
Modified: 2024-11-21
CVE-2016-0963
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0993 and CVE-2016-1010.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84308
- 84308
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
Modified: 2024-11-21
CVE-2016-0986
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84311
- 84311
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
Modified: 2024-11-21
CVE-2016-0987
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84312
- 84312
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
Modified: 2024-11-21
CVE-2016-0988
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84312
- 84312
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
Modified: 2024-11-21
CVE-2016-0989
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84311
- 84311
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
Modified: 2024-11-21
CVE-2016-0990
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84312
- 84312
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
Modified: 2024-11-21
CVE-2016-0991
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84312
- 84312
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
Modified: 2024-11-21
CVE-2016-0992
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84311
- 84311
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
Modified: 2024-11-21
CVE-2016-0993
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84308
- 84308
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
Modified: 2024-11-21
CVE-2016-0994
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84312
- 84312
- 1035251
- 1035251
- http://www.zerodayinitiative.com/advisories/ZDI-16-194/
- http://www.zerodayinitiative.com/advisories/ZDI-16-194/
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
Modified: 2024-11-21
CVE-2016-0995
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84312
- 84312
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
Modified: 2024-11-21
CVE-2016-0996
Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84312
- 84312
- 1035251
- 1035251
- http://www.zerodayinitiative.com/advisories/ZDI-16-193/
- http://www.zerodayinitiative.com/advisories/ZDI-16-193/
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
Modified: 2024-11-21
CVE-2016-0997
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84312
- 84312
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
- 39613
- 39613
Modified: 2024-11-21
CVE-2016-0998
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84312
- 84312
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
- 39612
- 39612
- 39631
- 39631
Modified: 2024-11-21
CVE-2016-0999
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84312
- 84312
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
- 39611
- 39611
Modified: 2024-11-21
CVE-2016-1000
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- RHSA-2016:1582
- RHSA-2016:1582
- RHSA-2016:1583
- RHSA-2016:1583
- 84312
- 84312
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
- 39610
- 39610
Modified: 2024-11-21
CVE-2016-1001
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
- 39609
- 39609
Modified: 2024-11-21
CVE-2016-1002
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1005.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84311
- 84311
- 1035251
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
- 39608
- 39608
Modified: 2024-11-21
CVE-2016-1005
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0734
- 84311
- 84311
- 1035251
- 1035251
- http://www.zerodayinitiative.com/advisories/ZDI-16-192/
- http://www.zerodayinitiative.com/advisories/ZDI-16-192/
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- GLSA-201603-07
Modified: 2025-02-14
CVE-2016-1010
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993.
- SUSE-SU-2016:0715
- SUSE-SU-2016:0716
- openSUSE-SU-2016:0719
- openSUSE-SU-2016:0734
- 84308
- 1035251
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- GLSA-201603-07
- SUSE-SU-2016:0715
- GLSA-201603-07
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- 1035251
- 84308
- openSUSE-SU-2016:0734
- openSUSE-SU-2016:0719
- SUSE-SU-2016:0716
Closed vulnerabilities
BDU:2019-03985
Уязвимость программы-медиапроигрывателя VideoLAN VLC, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2015-5949
VideoLAN VLC media player 2.2.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP file, which triggers the freeing of arbitrary pointers.
- openSUSE-SU-2016:0476
- openSUSE-SU-2016:0476
- http://packetstormsecurity.com/files/133266/VLC-2.2.1-Arbitrary-Pointer-Dereference.html
- http://packetstormsecurity.com/files/133266/VLC-2.2.1-Arbitrary-Pointer-Dereference.html
- DSA-3342
- DSA-3342
- [oss-security] 20150820 [oCERT-2015-009] VLC arbitrary pointer dereference
- [oss-security] 20150820 [oCERT-2015-009] VLC arbitrary pointer dereference
- [oss-security] 20150820 Re: [oCERT-2015-009] VLC arbitrary pointer dereference
- [oss-security] 20150820 Re: [oCERT-2015-009] VLC arbitrary pointer dereference
- 20150820 [oCERT-2015-009] VLC arbitrary pointer dereference
- 20150820 [oCERT-2015-009] VLC arbitrary pointer dereference
- https://git.videolan.org/?p=vlc/vlc-2.2.git%3Ba=commitdiff%3Bh=ce91452460a75d7424b165c4dc8db98114c3cbd9%3Bhp=9e12195d3e4316278af1fa4bcb6a705ff27456fd
- https://git.videolan.org/?p=vlc/vlc-2.2.git%3Ba=commitdiff%3Bh=ce91452460a75d7424b165c4dc8db98114c3cbd9%3Bhp=9e12195d3e4316278af1fa4bcb6a705ff27456fd
- GLSA-201603-08
- GLSA-201603-08
- https://www.ocert.org/advisories/ocert-2015-009.html
- https://www.ocert.org/advisories/ocert-2015-009.html
Closed vulnerabilities
BDU:2018-01270
Уязвимость функций xmlParserEntityCheck и xmlParseAttValueComplex библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2018-01271
Уязвимость функции xmlStringGetNodeList библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2018-01272
Уязвимость функции xmlStringLenDecodeEntities (parser.c) библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании или раскрыть защищаемую информацию
BDU:2018-01273
Уязвимость функции LIBXML_ATTR_FORMAT библиотеки libxml2, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
BDU:2018-01274
Уязвимость функции xmlParseElementDecl (parser.c) библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2016-3627
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.
- openSUSE-SU-2016:1298
- openSUSE-SU-2016:1298
- openSUSE-SU-2016:1446
- openSUSE-SU-2016:1446
- RHSA-2016:2957
- RHSA-2016:2957
- 20160503 CVE-2016-3627 CVE-2016-3705: libxml2: stack overflow in xml validator (parser)
- 20160503 CVE-2016-3627 CVE-2016-3705: libxml2: stack overflow in xml validator (parser)
- [oss-security] 20160321 CVE request: Stack exhaustion in libxml2 parsing xml files in recover mode
- [oss-security] 20160321 CVE request: Stack exhaustion in libxml2 parsing xml files in recover mode
- [oss-security] 20160321 Re: CVE request: Stack exhaustion in libxml2 parsing xml files in recover mode
- [oss-security] 20160321 Re: CVE request: Stack exhaustion in libxml2 parsing xml files in recover mode
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- 84992
- 84992
- 1035335
- 1035335
- USN-2994-1
- USN-2994-1
- RHSA-2016:1292
- RHSA-2016:1292
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- GLSA-201701-37
- GLSA-201701-37
- DSA-3593
- DSA-3593
- https://www.tenable.com/security/tns-2016-18
- https://www.tenable.com/security/tns-2016-18
Modified: 2024-11-21
CVE-2016-3705
The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.
- openSUSE-SU-2016:1298
- openSUSE-SU-2016:1298
- openSUSE-SU-2016:1446
- openSUSE-SU-2016:1446
- RHSA-2016:2957
- RHSA-2016:2957
- 20160503 CVE-2016-3627 CVE-2016-3705: libxml2: stack overflow in xml validator (parser)
- 20160503 CVE-2016-3627 CVE-2016-3705: libxml2: stack overflow in xml validator (parser)
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- 89854
- 89854
- USN-2994-1
- USN-2994-1
- RHSA-2016:1292
- RHSA-2016:1292
- https://bugzilla.gnome.org/show_bug.cgi?id=765207
- https://bugzilla.gnome.org/show_bug.cgi?id=765207
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- GLSA-201701-37
- GLSA-201701-37
- DSA-3593
- DSA-3593
- https://www.tenable.com/security/tns-2016-18
- https://www.tenable.com/security/tns-2016-18
Modified: 2024-11-21
CVE-2016-4447
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
- APPLE-SA-2016-07-18-1
- APPLE-SA-2016-07-18-1
- APPLE-SA-2016-07-18-2
- APPLE-SA-2016-07-18-2
- APPLE-SA-2016-07-18-3
- APPLE-SA-2016-07-18-3
- APPLE-SA-2016-07-18-4
- APPLE-SA-2016-07-18-4
- APPLE-SA-2016-07-18-6
- APPLE-SA-2016-07-18-6
- RHSA-2016:2957
- RHSA-2016:2957
- [oss-security] 20160525 3 libxml2 issues
- [oss-security] 20160525 3 libxml2 issues
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- 90864
- 90864
- 1036348
- 1036348
- SSA:2016-148-01
- SSA:2016-148-01
- USN-2994-1
- USN-2994-1
- http://xmlsoft.org/news.html
- http://xmlsoft.org/news.html
- RHSA-2016:1292
- RHSA-2016:1292
- https://git.gnome.org/browse/libxml2/commit/?id=00906759053986b8079985644172085f74331f83
- https://git.gnome.org/browse/libxml2/commit/?id=00906759053986b8079985644172085f74331f83
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://support.apple.com/HT206899
- https://support.apple.com/HT206899
- https://support.apple.com/HT206901
- https://support.apple.com/HT206901
- https://support.apple.com/HT206902
- https://support.apple.com/HT206902
- https://support.apple.com/HT206903
- https://support.apple.com/HT206903
- https://support.apple.com/HT206904
- https://support.apple.com/HT206904
- https://support.apple.com/HT206905
- https://support.apple.com/HT206905
- DSA-3593
- DSA-3593
- https://www.tenable.com/security/tns-2016-18
- https://www.tenable.com/security/tns-2016-18
Modified: 2024-11-21
CVE-2016-4448
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
- APPLE-SA-2016-07-18-1
- APPLE-SA-2016-07-18-1
- APPLE-SA-2016-07-18-2
- APPLE-SA-2016-07-18-2
- APPLE-SA-2016-07-18-3
- APPLE-SA-2016-07-18-3
- APPLE-SA-2016-07-18-4
- APPLE-SA-2016-07-18-4
- APPLE-SA-2016-07-18-6
- APPLE-SA-2016-07-18-6
- RHSA-2016:2957
- RHSA-2016:2957
- [oss-security] 20160525 3 libxml2 issues
- [oss-security] 20160525 3 libxml2 issues
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- 90856
- 90856
- 1036348
- 1036348
- SSA:2016-148-01
- SSA:2016-148-01
- http://xmlsoft.org/news.html
- http://xmlsoft.org/news.html
- RHSA-2016:1292
- RHSA-2016:1292
- https://bugzilla.redhat.com/show_bug.cgi?id=1338700
- https://bugzilla.redhat.com/show_bug.cgi?id=1338700
- https://git.gnome.org/browse/libxml2/commit/?id=4472c3a5a5b516aaf59b89be602fbce52756c3e9
- https://git.gnome.org/browse/libxml2/commit/?id=4472c3a5a5b516aaf59b89be602fbce52756c3e9
- https://git.gnome.org/browse/libxml2/commit/?id=502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b
- https://git.gnome.org/browse/libxml2/commit/?id=502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://support.apple.com/HT206899
- https://support.apple.com/HT206899
- https://support.apple.com/HT206901
- https://support.apple.com/HT206901
- https://support.apple.com/HT206902
- https://support.apple.com/HT206902
- https://support.apple.com/HT206903
- https://support.apple.com/HT206903
- https://support.apple.com/HT206904
- https://support.apple.com/HT206904
- https://support.apple.com/HT206905
- https://support.apple.com/HT206905
- https://www.tenable.com/security/tns-2016-18
- https://www.tenable.com/security/tns-2016-18
Modified: 2024-11-21
CVE-2016-4449
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.
- JVN#17535578
- JVN#17535578
- JVNDB-2017-000066
- JVNDB-2017-000066
- APPLE-SA-2016-07-18-1
- APPLE-SA-2016-07-18-1
- APPLE-SA-2016-07-18-2
- APPLE-SA-2016-07-18-2
- APPLE-SA-2016-07-18-3
- APPLE-SA-2016-07-18-3
- APPLE-SA-2016-07-18-4
- APPLE-SA-2016-07-18-4
- APPLE-SA-2016-07-18-6
- APPLE-SA-2016-07-18-6
- RHSA-2016:2957
- RHSA-2016:2957
- [oss-security] 20160525 3 libxml2 issues
- [oss-security] 20160525 3 libxml2 issues
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- 90865
- 90865
- 1036348
- 1036348
- SSA:2016-148-01
- SSA:2016-148-01
- USN-2994-1
- USN-2994-1
- http://xmlsoft.org/news.html
- http://xmlsoft.org/news.html
- RHSA-2016:1292
- RHSA-2016:1292
- https://git.gnome.org/browse/libxml2/commit/?id=b1d34de46a11323fccffa9fadeb33be670d602f5
- https://git.gnome.org/browse/libxml2/commit/?id=b1d34de46a11323fccffa9fadeb33be670d602f5
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://kc.mcafee.com/corporate/index?page=content&id=SB10170
- https://support.apple.com/HT206899
- https://support.apple.com/HT206899
- https://support.apple.com/HT206901
- https://support.apple.com/HT206901
- https://support.apple.com/HT206902
- https://support.apple.com/HT206902
- https://support.apple.com/HT206903
- https://support.apple.com/HT206903
- https://support.apple.com/HT206904
- https://support.apple.com/HT206904
- https://support.apple.com/HT206905
- https://support.apple.com/HT206905
- https://support.cybozu.com/ja-jp/article/9735
- https://support.cybozu.com/ja-jp/article/9735
- DSA-3593
- DSA-3593
- https://www.tenable.com/security/tns-2016-18
- https://www.tenable.com/security/tns-2016-18
Modified: 2024-11-21
CVE-2016-9597
It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.