Details of VAR-201112-0123

ID

VAR-201112-0123

CVE

CVE-2011-5035

TITLE

Hash table implementations vulnerable to algorithmic complexity attacks

Trust: 0.8

sources: CERT/CC: VU#903934

DESCRIPTION

Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869. Some programming language implementations do not sufficiently randomize their hash functions or provide means to limit key collision attacks, which can be leveraged by an unauthenticated attacker to cause a denial-of-service (DoS) condition. Oracle Glassfish Calculates the hash value of the form parameter without restricting the assumption of hash collision. (CPU Resource consumption ) There is a vulnerability that becomes a condition.A third party can send a large amount of crafted parameters to disrupt service operation. (CPU Resource consumption ) There is a possibility of being put into a state. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Background ========== IcedTea is a distribution of the Java OpenJDK source code built with free build tools. ============================================================================ Ubuntu Security Notice USN-1373-2 March 01, 2012 openjdk-6b18 vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS Summary: Multiple vulnerabilities in OpenJDK 6 for the ARM architecture have been fixed. Software Description: - openjdk-6b18: Open Source Java implementation Details: USN 1373-1 fixed vulnerabilities in OpenJDK 6 in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04 for all architectures except for ARM (armel). This provides the corresponding OpenJDK 6 update for use with the ARM (armel) architecture in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. A remote attacker could cause a denial of service by sending special requests that trigger hash collisions predictably. This may be increased by adjusting the sun.net.httpserver.maxReqHeaders property. (CVE-2012-0497) It was discovered that an off-by-one error exists in the Java ZIP file processing code. An attacker could us this to cause a denial of service through a maliciously crafted ZIP file. (CVE-2012-0507) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: icedtea-6-jre-cacao 6b18-1.8.13-0ubuntu1~11.04.1 icedtea-6-jre-jamvm 6b18-1.8.13-0ubuntu1~11.04.1 openjdk-6-jre 6b18-1.8.13-0ubuntu1~11.04.1 openjdk-6-jre-headless 6b18-1.8.13-0ubuntu1~11.04.1 openjdk-6-jre-zero 6b18-1.8.13-0ubuntu1~11.04.1 Ubuntu 10.10: icedtea-6-jre-cacao 6b18-1.8.13-0ubuntu1~10.10.1 openjdk-6-jre 6b18-1.8.13-0ubuntu1~10.10.1 openjdk-6-jre-headless 6b18-1.8.13-0ubuntu1~10.10.1 openjdk-6-jre-zero 6b18-1.8.13-0ubuntu1~10.10.1 Ubuntu 10.04 LTS: icedtea-6-jre-cacao 6b18-1.8.13-0ubuntu1~10.04.1 openjdk-6-jre 6b18-1.8.13-0ubuntu1~10.04.1 openjdk-6-jre-headless 6b18-1.8.13-0ubuntu1~10.04.1 openjdk-6-jre-zero 6b18-1.8.13-0ubuntu1~10.04.1 After a standard system update you need to restart any Java applications or applets to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03350339 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03350339 Version: 1 HPSBUX02784 SSRT100871 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2012-05-30 Last Updated: 2012-05-29 - ----------------------------------------------------------------------------- Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. References: CVE-2011-3563, CVE-2011-5035, CVE-2012-0497, CVE-2012-0498, CVE-2012-0499, CVE-2012-0500, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0504, CVE-2012-0505, CVE-2012-0506, CVE-2012-0507 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.23, B.11.31 running HP JDK and JRE 7.0.0 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2011-3563 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4 CVE-2011-5035 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-0497 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0498 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0499 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0500 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0501 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-0502 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4 CVE-2012-0503 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-0504 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2012-0505 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-0506 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2012-0507 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided the following Java version upgrade to resolve these vulnerabilities. The upgrade is available from the following location http://www.hp.com/go/java HP-UX B.11.23, B.11.31 JDK and JRE v7.0.01 or subsequent MANUAL ACTIONS: Yes - Update For Java v7.0.0, update to Java v7.0.01 or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.23 HP-UX B.11.31 =========== Jdk70.JDK70-COM Jdk70.JDK70-DEMO Jdk70.JDK70-IPF32 Jdk70.JDK70-IPF64 Jre70.JRE70-COM Jre70.JRE70-IPF32 Jre70.JRE70-IPF32-HS Jre70.JRE70-IPF64 Jre70.JRE70-IPF64-HS action: install revision 1.7.0.01 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) 30 May 2012 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Fix in AtomicReferenceArray (CVE-2011-3571). Multiple unspecified vulnerabilities allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors (CVE-2012-0498. CVE-2012-0499, CVE-2012-0500). Issues with some KeyboardFocusManager method (CVE-2012-0502). Issues with TimeZone class (CVE-2012-0503). Enhance exception throwing mechanism in ObjectStreamClass (CVE-2012-0505). Issues with some method in corba (CVE-2012-0506). The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFPPnJ1mqjQ0CJFipgRAsShAJ9uLjzWi9Y8x/myvScmQfUPwRh8RACg22f9 NSDNWCT+JqEyYHUExPAwR58= =cwgS -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201401-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Oracle JRE/JDK: Multiple vulnerabilities Date: January 27, 2014 Bugs: #404071, #421073, #433094, #438706, #451206, #455174, #458444, #460360, #466212, #473830, #473980, #488210, #498148 ID: 201401-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable! 2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 * 3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable! 4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 * 5 app-emulation/emul-linux-x86-java < 1.7.0.51 >= 1.7.0.51 * ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- NOTE: Packages marked with asterisks require manual intervention! ------------------------------------------------------------------- 5 affected packages Description =========== Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details. Impact ====== An unauthenticated, remote attacker could exploit these vulnerabilities to execute arbitrary code. Furthermore, a local or remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code. Workaround ========== There is no known workaround at this time. Resolution ========== All Oracle JDK 1.7 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51" All Oracle JRE 1.7 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51" All users of the precompiled 32-bit Oracle JRE should upgrade to the latest version: # emerge --sync # emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51" All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one of the newer Oracle packages like dev-java/oracle-jdk-bin or dev-java/oracle-jre-bin or choose another alternative we provide; eg. the IBM JDK/JRE or the open source IcedTea. NOTE: As Oracle has revoked the DLJ license for its Java implementation, the packages can no longer be updated automatically. References ========== [ 1 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 2 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 3 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 4 ] CVE-2012-0498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498 [ 5 ] CVE-2012-0499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499 [ 6 ] CVE-2012-0500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500 [ 7 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 8 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 9 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 10 ] CVE-2012-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504 [ 11 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 12 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 13 ] CVE-2012-0507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507 [ 14 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 15 ] CVE-2012-1531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531 [ 16 ] CVE-2012-1532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532 [ 17 ] CVE-2012-1533 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533 [ 18 ] CVE-2012-1541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541 [ 19 ] CVE-2012-1682 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682 [ 20 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 21 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 22 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 23 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 24 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 25 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 26 ] CVE-2012-1721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721 [ 27 ] CVE-2012-1722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722 [ 28 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 29 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 30 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 31 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 32 ] CVE-2012-3136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136 [ 33 ] CVE-2012-3143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143 [ 34 ] CVE-2012-3159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159 [ 35 ] CVE-2012-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174 [ 36 ] CVE-2012-3213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213 [ 37 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 38 ] CVE-2012-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342 [ 39 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 40 ] CVE-2012-4681 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681 [ 41 ] CVE-2012-5067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067 [ 42 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 43 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 44 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 45 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 46 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 47 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 48 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 49 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 50 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 51 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 52 ] CVE-2012-5079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079 [ 53 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 54 ] CVE-2012-5083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083 [ 55 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 56 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 57 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 58 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 59 ] CVE-2012-5088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088 [ 60 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 61 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 62 ] CVE-2013-0351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351 [ 63 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 64 ] CVE-2013-0402 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402 [ 65 ] CVE-2013-0409 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409 [ 66 ] CVE-2013-0419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419 [ 67 ] CVE-2013-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422 [ 68 ] CVE-2013-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423 [ 69 ] CVE-2013-0430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430 [ 70 ] CVE-2013-0437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437 [ 71 ] CVE-2013-0438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438 [ 72 ] CVE-2013-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445 [ 73 ] CVE-2013-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446 [ 74 ] CVE-2013-0448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448 [ 75 ] CVE-2013-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449 [ 76 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 77 ] CVE-2013-1473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473 [ 78 ] CVE-2013-1479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479 [ 79 ] CVE-2013-1481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481 [ 80 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 81 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 82 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 83 ] CVE-2013-1487 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487 [ 84 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 85 ] CVE-2013-1491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491 [ 86 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 87 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 88 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 89 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 90 ] CVE-2013-1540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540 [ 91 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 92 ] CVE-2013-1558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558 [ 93 ] CVE-2013-1561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561 [ 94 ] CVE-2013-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563 [ 95 ] CVE-2013-1564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564 [ 96 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 97 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 98 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 99 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 100 ] CVE-2013-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394 [ 101 ] CVE-2013-2400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400 [ 102 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 103 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 104 ] CVE-2013-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414 [ 105 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 106 ] CVE-2013-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416 [ 107 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 108 ] CVE-2013-2418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418 [ 109 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 110 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 111 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 112 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 113 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 114 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 115 ] CVE-2013-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425 [ 116 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 117 ] CVE-2013-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427 [ 118 ] CVE-2013-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428 [ 119 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 120 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 121 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 122 ] CVE-2013-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432 [ 123 ] CVE-2013-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433 [ 124 ] CVE-2013-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434 [ 125 ] CVE-2013-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435 [ 126 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 127 ] CVE-2013-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437 [ 128 ] CVE-2013-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438 [ 129 ] CVE-2013-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439 [ 130 ] CVE-2013-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440 [ 131 ] CVE-2013-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442 [ 132 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 133 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 134 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 135 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 136 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 137 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 138 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 139 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 140 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 141 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 142 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 143 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 144 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 145 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 146 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 147 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 148 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 149 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 150 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 151 ] CVE-2013-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462 [ 152 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 153 ] CVE-2013-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464 [ 154 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 155 ] CVE-2013-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466 [ 156 ] CVE-2013-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467 [ 157 ] CVE-2013-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468 [ 158 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 159 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 160 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 161 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 162 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 163 ] CVE-2013-3743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743 [ 164 ] CVE-2013-3744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744 [ 165 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 166 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 167 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 168 ] CVE-2013-5775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775 [ 169 ] CVE-2013-5776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776 [ 170 ] CVE-2013-5777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777 [ 171 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 172 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 173 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 174 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 175 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 176 ] CVE-2013-5787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787 [ 177 ] CVE-2013-5788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788 [ 178 ] CVE-2013-5789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789 [ 179 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 180 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 181 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 182 ] CVE-2013-5801 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801 [ 183 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 184 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 185 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 186 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 187 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 188 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 189 ] CVE-2013-5810 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810 [ 190 ] CVE-2013-5812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812 [ 191 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 192 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 193 ] CVE-2013-5818 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818 [ 194 ] CVE-2013-5819 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819 [ 195 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 196 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 197 ] CVE-2013-5824 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824 [ 198 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 199 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 200 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 201 ] CVE-2013-5831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831 [ 202 ] CVE-2013-5832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832 [ 203 ] CVE-2013-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838 [ 204 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 205 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 206 ] CVE-2013-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843 [ 207 ] CVE-2013-5844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844 [ 208 ] CVE-2013-5846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846 [ 209 ] CVE-2013-5848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848 [ 210 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 211 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 212 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 213 ] CVE-2013-5852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852 [ 214 ] CVE-2013-5854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854 [ 215 ] CVE-2013-5870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870 [ 216 ] CVE-2013-5878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878 [ 217 ] CVE-2013-5887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887 [ 218 ] CVE-2013-5888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888 [ 219 ] CVE-2013-5889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889 [ 220 ] CVE-2013-5893 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893 [ 221 ] CVE-2013-5895 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895 [ 222 ] CVE-2013-5896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896 [ 223 ] CVE-2013-5898 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898 [ 224 ] CVE-2013-5899 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899 [ 225 ] CVE-2013-5902 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902 [ 226 ] CVE-2013-5904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904 [ 227 ] CVE-2013-5905 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905 [ 228 ] CVE-2013-5906 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906 [ 229 ] CVE-2013-5907 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907 [ 230 ] CVE-2013-5910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910 [ 231 ] CVE-2014-0368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368 [ 232 ] CVE-2014-0373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373 [ 233 ] CVE-2014-0375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375 [ 234 ] CVE-2014-0376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376 [ 235 ] CVE-2014-0382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382 [ 236 ] CVE-2014-0385 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385 [ 237 ] CVE-2014-0387 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387 [ 238 ] CVE-2014-0403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403 [ 239 ] CVE-2014-0408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408 [ 240 ] CVE-2014-0410 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410 [ 241 ] CVE-2014-0411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411 [ 242 ] CVE-2014-0415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415 [ 243 ] CVE-2014-0416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416 [ 244 ] CVE-2014-0417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417 [ 245 ] CVE-2014-0418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418 [ 246 ] CVE-2014-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422 [ 247 ] CVE-2014-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423 [ 248 ] CVE-2014-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424 [ 249 ] CVE-2014-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201401-30.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . Further information about these flaws can be found on the Oracle Java SE Critical Patch page, listed in the References section. HP has updated the Apache Tomcat and Oracle database software to address vulnerabilities affecting confidentiality, availability, and integrity. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: java-1.6.0-openjdk security update Advisory ID: RHSA-2012:0322-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0322.html Issue date: 2012-02-21 CVE Names: CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 ===================================================================== 1. Summary: Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. It was discovered that Java2D did not properly check graphics rendering objects before passing them to the native renderer. Malicious input, or an untrusted Java application or applet could use this flaw to crash the Java Virtual Machine (JVM), or bypass Java sandbox restrictions. (CVE-2012-0497) It was discovered that the exception thrown on deserialization failure did not always contain a proper identification of the cause of the failure. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2012-0505) The AtomicReferenceArray class implementation did not properly check if the array was of the expected Object[] type. A malicious Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2011-3571) It was discovered that the use of TimeZone.setDefault() was not restricted by the SecurityManager, allowing an untrusted Java application or applet to set a new default time zone, and hence bypass Java sandbox restrictions. (CVE-2012-0503) The HttpServer class did not limit the number of headers read from HTTP requests. A remote attacker could use this flaw to make an application using HttpServer use an excessive amount of CPU time via a specially-crafted request. This update introduces a header count limit controlled using the sun.net.httpserver.maxReqHeaders property. The default value is 200. (CVE-2011-5035) The Java Sound component did not properly check buffer boundaries. Malicious input, or an untrusted Java application or applet could use this flaw to cause the Java Virtual Machine (JVM) to crash or disclose a portion of its memory. (CVE-2011-3563) A flaw was found in the AWT KeyboardFocusManager that could allow an untrusted Java application or applet to acquire keyboard focus and possibly steal sensitive information. (CVE-2012-0502) It was discovered that the CORBA (Common Object Request Broker Architecture) implementation in Java did not properly protect repository identifiers on certain CORBA objects. This could have been used to modify immutable object data. (CVE-2012-0506) An off-by-one flaw, causing a stack overflow, was found in the unpacker for ZIP files. A specially-crafted ZIP archive could cause the Java Virtual Machine (JVM) to crash when opened. (CVE-2012-0501) This erratum also upgrades the OpenJDK package to IcedTea6 1.10.6. Refer to the NEWS file, linked to in the References, for further information. All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 788606 - CVE-2011-5035 OpenJDK: HttpServer no header count limit (Lightweight HTTP Server, 7126960) 788624 - CVE-2012-0501 OpenJDK: off-by-one bug in ZIP reading code (JRE, 7118283) 788976 - CVE-2012-0503 OpenJDK: unrestricted use of TimeZone.setDefault() (i18n, 7110687) 788994 - CVE-2011-3571 OpenJDK: AtomicReferenceArray insufficient array type check (Concurrency, 7082299) 789295 - CVE-2011-3563 OpenJDK: JavaSound incorrect bounds check (Sound, 7088367) 789297 - CVE-2012-0502 OpenJDK: KeyboardFocusManager focus stealing (AWT, 7110683) 789299 - CVE-2012-0505 OpenJDK: incomplete info in the deserialization exception (Serialization, 7110700) 789300 - CVE-2012-0506 OpenJDK: mutable repository identifiers (CORBA, 7110704) 789301 - CVE-2012-0497 OpenJDK: insufficient checking of the graphics rendering object (2D, 7112642) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.25.1.10.6.el5_8.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.25.1.10.6.el5_8.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-3563.html https://www.redhat.com/security/data/cve/CVE-2011-3571.html https://www.redhat.com/security/data/cve/CVE-2011-5035.html https://www.redhat.com/security/data/cve/CVE-2012-0497.html https://www.redhat.com/security/data/cve/CVE-2012-0501.html https://www.redhat.com/security/data/cve/CVE-2012-0502.html https://www.redhat.com/security/data/cve/CVE-2012-0503.html https://www.redhat.com/security/data/cve/CVE-2012-0505.html https://www.redhat.com/security/data/cve/CVE-2012-0506.html https://access.redhat.com/security/updates/classification/#important http://icedtea.classpath.org/hg/release/icedtea6-1.10/file/icedtea6-1.10.6/NEWS http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFPRBvTXlSAg2UNWIIRArkfAJ9B74k5cUjTIZGepTvbu+3kEcMpIgCgo2FR eIi8N5jfo4lIBLPu4EKFpVo= =ChsF -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 3.42

sources: NVD: CVE-2011-5035 // CERT/CC: VU#903934 // JVNDB: JVNDB-2011-003567 // VULMON: CVE-2011-5035 // PACKETSTORM: 123734 // PACKETSTORM: 127267 // PACKETSTORM: 125556 // PACKETSTORM: 112144 // PACKETSTORM: 110365 // PACKETSTORM: 113170 // PACKETSTORM: 109918 // PACKETSTORM: 124943 // PACKETSTORM: 109834 // PACKETSTORM: 125436 // PACKETSTORM: 110035

AFFECTED PRODUCTS

vendor:	oracle	model:	glassfish server	scope:	eq	version:	2.1.1	Trust: 1.8
vendor:	oracle	model:	glassfish server	scope:	eq	version:	3.0.1	Trust: 1.8
vendor:	oracle	model:	glassfish server	scope:	lte	version:	3.1.1	Trust: 1.0
vendor:	apache tomcat	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	microsoft	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	oracle	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	ruby	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	the php group	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.6.8	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.7.3	Trust: 0.8
vendor:	apple	model:	mac os x server	scope:	eq	version:	v10.6.8	Trust: 0.8
vendor:	apple	model:	mac os x server	scope:	eq	version:	v10.7.3	Trust: 0.8
vendor:	oracle	model:	java system web server	scope:	eq	version:	6.1	Trust: 0.8
vendor:	oracle	model:	application server	scope:	eq	version:	10g r3 (10.1.3.5.0)	Trust: 0.8
vendor:	oracle	model:	communications server	scope:	eq	version:	2.0	Trust: 0.8
vendor:	oracle	model:	glassfish server	scope:	eq	version:	3.1.1	Trust: 0.8
vendor:	oracle	model:	iplanet web server	scope:	eq	version:	7.0	Trust: 0.8
vendor:	oracle	model:	jrockit	scope:	lte	version:	27.7.1	Trust: 0.8
vendor:	oracle	model:	jrockit	scope:	lte	version:	28.2.2	Trust: 0.8
vendor:	oracle	model:	sun java system application server	scope:	eq	version:	8.1	Trust: 0.8
vendor:	oracle	model:	sun java system application server	scope:	eq	version:	8.2	Trust: 0.8
vendor:	oracle	model:	weblogic server	scope:	eq	version:	10.0.2	Trust: 0.8
vendor:	oracle	model:	weblogic server	scope:	eq	version:	11gr1 (10.3.3	Trust: 0.8
vendor:	oracle	model:	weblogic server	scope:	eq	version:	10.3.4	Trust: 0.8
vendor:	oracle	model:	weblogic server	scope:	eq	version:	10.3.5)	Trust: 0.8
vendor:	oracle	model:	weblogic server	scope:	eq	version:	12cr1 (12.1.1)	Trust: 0.8
vendor:	oracle	model:	weblogic server	scope:	eq	version:	9.2.4	Trust: 0.8
vendor:	hewlett packard	model:	hp xp p9000 performance advisor software	scope:	lte	version:	5.4.1	Trust: 0.8
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	enterprise version 6	Trust: 0.8
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	standard version 6	Trust: 0.8
vendor:	hitachi	model:	cosminexus application server	scope:	eq	version:	version 5	Trust: 0.8
vendor:	hitachi	model:	cosminexus client	scope:	eq	version:	version 6	Trust: 0.8
vendor:	hitachi	model:	cosminexus developer	scope:	eq	version:	light version 6	Trust: 0.8
vendor:	hitachi	model:	cosminexus developer	scope:	eq	version:	professional version 6	Trust: 0.8
vendor:	hitachi	model:	cosminexus developer	scope:	eq	version:	standard version 6	Trust: 0.8
vendor:	hitachi	model:	cosminexus developer	scope:	eq	version:	version 5	Trust: 0.8
vendor:	hitachi	model:	cosminexus developer's kit for java	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus primary server	scope:	eq	version:	base	Trust: 0.8
vendor:	hitachi	model:	cosminexus server	scope:	eq	version:	- standard edition version 4	Trust: 0.8
vendor:	hitachi	model:	cosminexus server	scope:	eq	version:	- web edition version 4	Trust: 0.8
vendor:	hitachi	model:	cosminexus studio	scope:	eq	version:	- standard edition version 4	Trust: 0.8
vendor:	hitachi	model:	cosminexus studio	scope:	eq	version:	- web edition version 4	Trust: 0.8
vendor:	hitachi	model:	cosminexus studio	scope:	eq	version:	version 5	Trust: 0.8
vendor:	hitachi	model:	hirdb for java /xml	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	developer's kit for java	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	processing kit for xml	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	enterprise	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	express	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	light	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	smart edition	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	standard	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	standard-r	Trust: 0.8
vendor:	hitachi	model:	ucosminexus client	scope:	eq	version:	none	Trust: 0.8
vendor:	hitachi	model:	ucosminexus client	scope:	eq	version:	for plug-in	Trust: 0.8
vendor:	hitachi	model:	ucosminexus developer	scope:	eq	version:	01	Trust: 0.8
vendor:	hitachi	model:	ucosminexus developer	scope:	eq	version:	light	Trust: 0.8
vendor:	hitachi	model:	ucosminexus developer	scope:	eq	version:	professional	Trust: 0.8
vendor:	hitachi	model:	ucosminexus developer	scope:	eq	version:	professional for plug-in	Trust: 0.8
vendor:	hitachi	model:	ucosminexus developer	scope:	eq	version:	standard	Trust: 0.8
vendor:	hitachi	model:	ucosminexus operator	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus portal framework	scope:	eq	version:	entry set	Trust: 0.8
vendor:	hitachi	model:	ucosminexus primary server	scope:	eq	version:	base	Trust: 0.8
vendor:	hitachi	model:	ucosminexus service	scope:	eq	version:	architect	Trust: 0.8
vendor:	hitachi	model:	ucosminexus service	scope:	eq	version:	platform	Trust: 0.8
vendor:	hitachi	model:	ucosminexus service	scope:	eq	version:	platform - messaging	Trust: 0.8
vendor:	fujitsu	model:	internet navigware server	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	interstage application development cycle manager	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	interstage application framework suite	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	interstage application server	scope:	eq	version:	none	Trust: 0.8
vendor:	fujitsu	model:	interstage application server	scope:	eq	version:	plus developer / apworks / studio	Trust: 0.8
vendor:	fujitsu	model:	interstage business application server	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	interstage form coordinator workflow	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	interstage job workload server	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	interstage list manager	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	interstage list works	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	interstage service integrator	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	interstage shunsaku data manager	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	interstage web server	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	interstage xml business activity recorder	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	serverview	scope:	eq	version:	resource orchestrator cloud edition	Trust: 0.8
vendor:	fujitsu	model:	success server	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	systemwalker availability view	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	systemwalker desktop inspection	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	systemwalker it change manager	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	systemwalker it process master	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	systemwalker operation manager	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	systemwalker runbook automation	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	systemwalker service catalog manager	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	systemwalker service quality coordinator	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	systemwalker software configuration manager	scope:	-	version:	-	Trust: 0.8

sources: CERT/CC: VU#903934 // JVNDB: JVNDB-2011-003567 // NVD: CVE-2011-5035

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-5035
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#903934
value:	10.80
Trust: 0.8
NVD:	CVE-2011-5035
value:	MEDIUM
Trust: 0.8
VULMON:	CVE-2011-5035
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2011-5035
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

sources: CERT/CC: VU#903934 // VULMON: CVE-2011-5035 // JVNDB: JVNDB-2011-003567 // NVD: CVE-2011-5035

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.8

sources: JVNDB: JVNDB-2011-003567 // NVD: CVE-2011-5035

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 113170 // CNNVD: CNNVD-201112-500

TYPE

arbitrary, code execution

Trust: 0.1

sources: PACKETSTORM: 127267

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-003567

EXPLOIT AVAILABILITY

sources: VULMON: CVE-2011-5035

PATCH

title:	HT5228	url:	http://support.apple.com/kb/HT5228	Trust: 0.8
title:	HT1338	url:	http://support.apple.com/kb/HT1338?viewlocale=ja_JP	Trust: 0.8
title:	HT5228	url:	http://support.apple.com/kb/HT5228?viewlocale=ja_JP	Trust: 0.8
title:	HS12-007	url:	http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-007/index.html	Trust: 0.8
title:	HPSBST02955 SSRT101157	url:	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c04047415	Trust: 0.8
title:	Text Form of Oracle Critical Patch Update - January 2013 Risk Matrices	url:	http://www.oracle.com/technetwork/topics/security/cpujan2013verbose-1897756.html	Trust: 0.8
title:	Oracle Critical Patch Update Advisory - April 2012	url:	http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html	Trust: 0.8
title:	Oracle Critical Patch Update Advisory - January 2012	url:	http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html	Trust: 0.8
title:	Oracle Critical Patch Update Advisory - January 2013	url:	http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html	Trust: 0.8
title:	Oracle Security Alert for CVE-2011-5035	url:	http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html	Trust: 0.8
title:	RHSA-2013:1455	url:	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Trust: 0.8
title:	January 2012 Critical Patch Update Released	url:	http://blogs.oracle.com/security/entry/january_2012_critical_patch_update	Trust: 0.8
title:	January 2013 Critical Patch Update Released	url:	https://blogs.oracle.com/security/entry/january_2013_critical_patch_update	Trust: 0.8
title:	interstage_as_201201	url:	http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_201201.html	Trust: 0.8
title:	HS12-007	url:	http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-007/index.html	Trust: 0.8
title:	Red Hat: Important: java-1.6.0-openjdk security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20120322 - Security Advisory	Trust: 0.1
title:	Red Hat: Critical: java-1.6.0-openjdk security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20120135 - Security Advisory	Trust: 0.1
title:	Red Hat: Critical: java-1.6.0-sun security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20120139 - Security Advisory	Trust: 0.1
title:	Red Hat: Critical: java-1.6.0-ibm security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20120514 - Security Advisory	Trust: 0.1
title:	Ubuntu Security Notice: openjdk-6b18 vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1373-2	Trust: 0.1
title:	Ubuntu Security Notice: openjdk-6 vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1373-1	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2012-043	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2012-043	Trust: 0.1
title:	Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20131455 - Security Advisory	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/oracle-patches-88-vulnerabilities-including-some-allow-remote-exploits-without-authentication/76457/	Trust: 0.1
title:	welivesecurity	url:	https://www.welivesecurity.com/2012/04/05/mac-flashback-trojan-java-update/	Trust: 0.1

sources: VULMON: CVE-2011-5035 // JVNDB: JVNDB-2011-003567

EXTERNAL IDS

db:	NVD	id:	CVE-2011-5035	Trust: 3.0
db:	CERT/CC	id:	VU#903934	Trust: 2.7
db:	OCERT	id:	OCERT-2011-003	Trust: 1.9
db:	SECUNIA	id:	48589	Trust: 1.1
db:	SECUNIA	id:	57126	Trust: 1.1
db:	SECUNIA	id:	48073	Trust: 1.1
db:	SECUNIA	id:	48074	Trust: 1.1
db:	SECUNIA	id:	48950	Trust: 1.1
db:	JVNDB	id:	JVNDB-2011-003567	Trust: 0.8
db:	BID	id:	51194	Trust: 0.7
db:	CNNVD	id:	CNNVD-201112-500	Trust: 0.6
db:	EXPLOIT-DB	id:	2012	Trust: 0.1
db:	VULMON	id:	CVE-2011-5035	Trust: 0.1
db:	PACKETSTORM	id:	123734	Trust: 0.1
db:	PACKETSTORM	id:	127267	Trust: 0.1
db:	PACKETSTORM	id:	125556	Trust: 0.1
db:	PACKETSTORM	id:	112144	Trust: 0.1
db:	PACKETSTORM	id:	110365	Trust: 0.1
db:	PACKETSTORM	id:	113170	Trust: 0.1
db:	PACKETSTORM	id:	109918	Trust: 0.1
db:	PACKETSTORM	id:	124943	Trust: 0.1
db:	PACKETSTORM	id:	109834	Trust: 0.1
db:	PACKETSTORM	id:	125436	Trust: 0.1
db:	PACKETSTORM	id:	110035	Trust: 0.1

sources: CERT/CC: VU#903934 // VULMON: CVE-2011-5035 // PACKETSTORM: 123734 // PACKETSTORM: 127267 // PACKETSTORM: 125556 // PACKETSTORM: 112144 // PACKETSTORM: 110365 // PACKETSTORM: 113170 // PACKETSTORM: 109918 // PACKETSTORM: 124943 // PACKETSTORM: 109834 // PACKETSTORM: 125436 // PACKETSTORM: 110035 // CNNVD: CNNVD-201112-500 // JVNDB: JVNDB-2011-003567 // NVD: CVE-2011-5035

REFERENCES

url:	http://www.ocert.org/advisories/ocert-2011-003.html	Trust: 1.9
url:	http://www.nruns.com/_downloads/advisory28122011.pdf	Trust: 1.9
url:	http://www.kb.cert.org/vuls/id/903934	Trust: 1.9
url:	http://rhn.redhat.com/errata/rhsa-2013-1455.html	Trust: 1.2
url:	http://security.gentoo.org/glsa/glsa-201406-32.xml	Trust: 1.2
url:	http://rhn.redhat.com/errata/rhsa-2012-0514.html	Trust: 1.2
url:	https://github.com/firefart/hashcollision-dos-poc/blob/master/hashtablepoc.py	Trust: 1.1
url:	http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html	Trust: 1.1
url:	http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html	Trust: 1.1
url:	http://secunia.com/advisories/48589	Trust: 1.1
url:	http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html	Trust: 1.1
url:	http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html	Trust: 1.1
url:	http://secunia.com/advisories/48950	Trust: 1.1
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2013:150	Trust: 1.1
url:	http://www.debian.org/security/2012/dsa-2420	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=139344343412337&w=2	Trust: 1.1
url:	http://secunia.com/advisories/57126	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=134254957702612&w=2	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=133364885411663&w=2	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=133847939902305&w=2	Trust: 1.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16908	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=134254866602253&w=2	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html	Trust: 1.1
url:	http://secunia.com/advisories/48073	Trust: 1.1
url:	http://secunia.com/advisories/48074	Trust: 1.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-5035	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-5035	Trust: 0.9
url:	http://www.cs.rice.edu/~scrosby/hash/crosbywallach_usenixsec2003.pdf	Trust: 0.8
url:	http://technet.microsoft.com/en-us/security/bulletin/ms11-100.mspx	Trust: 0.8
url:	http://blogs.technet.com/b/srd/archive/2011/12/27/more-information-about-the-december-2011-asp-net-vulnerability.aspx	Trust: 0.8
url:	http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/391606	Trust: 0.8
url:	http://www.ipa.go.jp/security/ciadr/vul/20120106-web.html	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu903934	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu514315/	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-5035	Trust: 0.8
url:	http://www.securityfocus.com/bid/51194	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0503	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3563	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0501	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0502	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0505	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0506	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0497	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0499	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0500	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0498	Trust: 0.5
url:	https://www.redhat.com/security/data/cve/cve-2011-3563.html	Trust: 0.4
url:	https://www.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.4
url:	https://access.redhat.com/security/team/key/#package	Trust: 0.4
url:	https://www.redhat.com/security/data/cve/cve-2012-0503.html	Trust: 0.4
url:	https://access.redhat.com/security/team/contact/	Trust: 0.4
url:	https://www.redhat.com/security/data/cve/cve-2012-0506.html	Trust: 0.4
url:	http://bugzilla.redhat.com/):	Trust: 0.4
url:	https://www.redhat.com/security/data/cve/cve-2012-0501.html	Trust: 0.4
url:	https://www.redhat.com/security/data/cve/cve-2012-0502.html	Trust: 0.4
url:	https://www.redhat.com/security/data/cve/cve-2011-5035.html	Trust: 0.4
url:	https://www.redhat.com/security/data/cve/cve-2012-0505.html	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0507	Trust: 0.4
url:	https://www.redhat.com/security/data/cve/cve-2012-0497.html	Trust: 0.3
url:	https://www.redhat.com/security/data/cve/cve-2012-0500.html	Trust: 0.3
url:	https://www.redhat.com/security/data/cve/cve-2012-0499.html	Trust: 0.3
url:	https://www.redhat.com/security/data/cve/cve-2012-0498.html	Trust: 0.3
url:	http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins	Trust: 0.3
url:	http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3571	Trust: 0.3
url:	https://www.redhat.com/security/data/cve/cve-2012-0507.html	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422	Trust: 0.2
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797	Trust: 0.2
url:	http://security.gentoo.org/	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817	Trust: 0.2
url:	https://bugs.gentoo.org.	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2011-2204	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2008-2370	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2008-0002	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3548	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2011-2526	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2009-2902	Trust: 0.2
url:	http://www.hp.com	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2011-0534	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3718	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2007-6286	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2007-5333	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3190	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2007-5342	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2009-2693	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2007-5461	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2010-2227	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2008-1232	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2011-5063	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2008-1947	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2011-1184	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2011-5064	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2010-4172	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2011-2481	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2011-5062	Trust: 0.2
url:	https://h20564.www2.hp.com/portal/site/hpsc/public/kb/	Trust: 0.2
url:	https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2011-0013	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2010-1157	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2011-2729	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2009-2901	Trust: 0.2
url:	https://access.redhat.com/security/updates/classification/#critical	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0504	Trust: 0.2
url:	https://access.redhat.com/kb/docs/doc-11259	Trust: 0.2
url:	https://www.redhat.com/security/data/cve/cve-2011-3571.html	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2012:0322	Trust: 0.1
url:	https://usn.ubuntu.com/1373-2/	Trust: 0.1
url:	https://www.exploit-db.com/exploits/2012/	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=25553	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2468.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-0873.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-3548.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-1540.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-1476.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2463.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2446.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3521	Trust: 0.1
url:	https://access.redhat.com/site/articles/11258	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-1500.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0428.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-1480.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-3556.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2419.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3546	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0401.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2444.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0425.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2454.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-5089.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-3551.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-1722.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-5079.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0419.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-3389.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2422.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-3561.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-1721.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-5081.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0409.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-5071.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-0863.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0423.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-1532.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-3216.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-5069.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-0862	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-0867.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-5084.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0443.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2451.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-3552.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0809.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-1487.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0351.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-0814.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-3547.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-4820.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3549	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0427.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0433.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-1493.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-1569.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-5073.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-3554.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-4823.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2435.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2456.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-3743.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-3549.html	Trust: 0.1
url:	https://access.redhat.com/security/updates/classification/#low	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2407.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3553	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-3516.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-0871.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3554	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2470.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-5068.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-1541.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-0868.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3389	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-4822.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-0873	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-3159.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-1557.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-5075.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2471.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2429.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3548	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-3521.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3551	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2443.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-1713.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3547	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-3213.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0441.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2457.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2412.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-5072.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-3553.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-1718.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0432.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0446.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-1481.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-1537.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-1717.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3545	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-1531.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2432.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2447.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-0802.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2452.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-0865.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0450.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3516	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-3545.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-1491.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2464.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-0862.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-1571.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2383.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2418.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3561	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-1473.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3556	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-0547.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-1563.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2465.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2472.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2466.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2424.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2453.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-3544.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-0867	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2473.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2433.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2437.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-1716.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-5083.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-1533.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-3342.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-0869	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0426.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2450.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-3560.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3550	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-3557.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-3143.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0440.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-1725.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-0865	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2417.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0445.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2394.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2455.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-1682.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2442.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2459.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2430.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3560	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-3546.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0442.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-0551.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0424.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3552	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3544	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-0869.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2448.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-0863	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-1719.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2011-3550.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-1486.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3557	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2384.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0169.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2469.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0438.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-0871	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-0868	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-1478.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0435.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-0434.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-0802	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-0814	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2420.html	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2013-2440.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-4470	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3574	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3423	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3548	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3565	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0864	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3553	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2412	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3557	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2414	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4450	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0865	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4471	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3557	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3562	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3567	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4002	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1478	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5979	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6954	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4476	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4540	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0429	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0441	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2421	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0870	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3554	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0862	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0706	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0434	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3568	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3561	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4467	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3567	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4465	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4472	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3556	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0425	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3568	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3548	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3541	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3566	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3549	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3562	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3571	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0426	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0457	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-2783	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3573	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3552	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0451	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0459	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2423	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1876	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4469	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0431	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0458	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2548	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4448	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3521	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3564	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-4465	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3569	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2403	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-2548	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0871	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2398	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0432	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0815	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0444	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1475	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3554	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-4469	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3564	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3569	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3573	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0461	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0442	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0427	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3548	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2427	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3541	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3549	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3565	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0872	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0429	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3860	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3422	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0433	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3554	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3574	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4470	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0822	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3553	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3555	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3551	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0025	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1476	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0424	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0435	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3544	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0456	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-4450	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0450	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-4467	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0460	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3547	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6629	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-4448	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2783	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3560	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1480	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4351	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0428	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0869	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3566	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3551	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2397	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0452	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3553	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3558	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0446	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0453	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3860	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3561	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0868	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0440	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0443	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3389	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-4351	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3551	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3557	Trust: 0.1
url:	http://www.ibm.com/developerworks/java/jdk/alerts/	Trust: 0.1
url:	https://access.redhat.com/knowledge/articles/11258	Trust: 0.1
url:	http://www.ubuntu.com/usn/usn-1373-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/openjdk-6b18/6b18-1.8.13-0ubuntu1~10.10.1	Trust: 0.1
url:	http://www.ubuntu.com/usn/usn-1373-2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/openjdk-6b18/6b18-1.8.13-0ubuntu1~11.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/openjdk-6b18/6b18-1.8.13-0ubuntu1~10.04.1	Trust: 0.1
url:	https://h20566.www2.hp.com/portal/site/hpsc/public/kb/	Trust: 0.1
url:	http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/	Trust: 0.1
url:	https://www.hp.com/go/swa	Trust: 0.1
url:	http://www.hp.com/go/java	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0497	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3571	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0505	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0500	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3563	Trust: 0.1
url:	http://www.mandriva.com/security/	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0498	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0499	Trust: 0.1
url:	http://www.mandriva.com/security/advisories	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0503	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0506	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0502	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0501	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0507	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5870	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0419	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1558	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5818	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1541	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5889	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0449	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2440	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1540	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0385	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2427	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2437	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0445	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0500	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2468	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3743	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0422	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5893	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3159	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3174	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5888	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0437	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1541	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0373	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0351	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1563	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5789	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0504	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1682	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5899	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5801	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0423	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5832	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5848	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0428	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0415	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1719	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1533	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2400	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1564	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3143	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0448	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0438	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5810	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5905	Trust: 0.1
url:	http://security.gentoo.org/glsa/glsa-201401-30.xml	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5904	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5831	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0422	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3744	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5854	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2394	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0498	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5852	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5777	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0547	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0499	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0409	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1532	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2428	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4681	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2462	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0423	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5083	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0375	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2439	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2416	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3136	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0376	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5824	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3342	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5776	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1531	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0417	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1723	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5819	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1722	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5895	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2466	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0403	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0446	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2418	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5788	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0416	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0424	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1473	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5887	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0418	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0410	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0368	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1717	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2425	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1722	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5902	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2432	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0387	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1716	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1533	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2438	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1721	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0382	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5812	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3213	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5846	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1718	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5775	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5787	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5898	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1531	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1481	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2433	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5844	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5906	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1711	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1532	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1561	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2435	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1491	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5910	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1487	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1713	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5907	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5896	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5843	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5067	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1682	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2414	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2467	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5079	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0411	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1721	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1479	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2434	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2442	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2464	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5878	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0408	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0402	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5838	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0430	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5088	Trust: 0.1
url:	https://rhn.redhat.com/errata/rhsa-2012-0139.html	Trust: 0.1
url:	http://www.oracle.com/technetwork/java/javase/6u31-relnotes-1482342.html	Trust: 0.1
url:	http://icedtea.classpath.org/hg/release/icedtea6-1.10/file/icedtea6-1.10.6/news	Trust: 0.1
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.1
url:	https://rhn.redhat.com/errata/rhsa-2012-0322.html	Trust: 0.1

CREDITS

Alexander Klink, n.runs AG and Julian W?lde, Technische Universit?t Darmstadt

Trust: 0.6

sources: CNNVD: CNNVD-201112-500

SOURCES

db:	CERT/CC	id:	VU#903934
db:	VULMON	id:	CVE-2011-5035
db:	PACKETSTORM	id:	123734
db:	PACKETSTORM	id:	127267
db:	PACKETSTORM	id:	125556
db:	PACKETSTORM	id:	112144
db:	PACKETSTORM	id:	110365
db:	PACKETSTORM	id:	113170
db:	PACKETSTORM	id:	109918
db:	PACKETSTORM	id:	124943
db:	PACKETSTORM	id:	109834
db:	PACKETSTORM	id:	125436
db:	PACKETSTORM	id:	110035
db:	CNNVD	id:	CNNVD-201112-500
db:	JVNDB	id:	JVNDB-2011-003567
db:	NVD	id:	CVE-2011-5035

LAST UPDATE DATE

2025-09-25T21:56:03.954000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#903934	date:	2016-02-15T00:00:00
db:	VULMON	id:	CVE-2011-5035	date:	2018-01-06T00:00:00
db:	CNNVD	id:	CNNVD-201112-500	date:	2012-01-04T00:00:00
db:	JVNDB	id:	JVNDB-2011-003567	date:	2015-03-06T00:00:00
db:	NVD	id:	CVE-2011-5035	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#903934	date:	2011-12-28T00:00:00
db:	VULMON	id:	CVE-2011-5035	date:	2011-12-30T00:00:00
db:	PACKETSTORM	id:	123734	date:	2013-10-23T22:57:57
db:	PACKETSTORM	id:	127267	date:	2014-06-30T23:39:28
db:	PACKETSTORM	id:	125556	date:	2014-03-06T02:39:08
db:	PACKETSTORM	id:	112144	date:	2012-04-25T02:09:03
db:	PACKETSTORM	id:	110365	date:	2012-03-02T03:55:14
db:	PACKETSTORM	id:	113170	date:	2012-06-01T00:12:35
db:	PACKETSTORM	id:	109918	date:	2012-02-18T03:25:35
db:	PACKETSTORM	id:	124943	date:	2014-01-27T18:30:13
db:	PACKETSTORM	id:	109834	date:	2012-02-17T02:33:53
db:	PACKETSTORM	id:	125436	date:	2014-02-26T22:39:24
db:	PACKETSTORM	id:	110035	date:	2012-02-22T02:10:34
db:	CNNVD	id:	CNNVD-201112-500	date:	1900-01-01T00:00:00
db:	JVNDB	id:	JVNDB-2011-003567	date:	2012-01-04T00:00:00
db:	NVD	id:	CVE-2011-5035	date:	2011-12-30T01:55:01.640