Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:25160
HistoryNov 20, 2010 - 12:00 a.m.

About the security content of Safari 5.0.3 and Safari 4.1.3

2010-11-2000:00:00
vulners.com
39
JSON

About the security content of Safari 5.0.3 and Safari 4.1.3

* Last Modified: November 18, 2010
* Article: HT4455

Email this article
Print this page
Summary

This document describes the security content of Safari 5.0.3 and Safari 4.1.3.

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.

For information about the Apple Product Security PGP Key, see "How to use the Apple Product Security PGP Key."

Where possible, CVE-IDs are used to reference the vulnerabilities for further information.

To learn about other Security Updates, see "Apple Security Updates".
Products Affected

Safari 4 (Mac OS X 10.6), Safari 5 (Windows), Safari 5 (Mac OS X 10.6)
Safari 5.0.3 and Safari 4.1.3

*

  WebKit

  CVE-ID: CVE-2010-3803

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: An integer overflow exists in WebKit's handling of strings. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Credit to J23 for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3804

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Websites may surreptitiously track users

  Description: Safari generates random numbers for JavaScript applications using a predictable algorithm. This may allow a website to track a particular Safari session without using cookies, hidden form elements, IP addresses, or other techniques. This update addresses the issue by using a stronger random number generator. Credit to Amit Klein of Trusteer for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-1815

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: A use after free issue exists in WebKit's handling of scrollbars. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory management. Credit to thabermann for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3805

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: An integer underflow exists in WebKit's handling of WebSockets. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Credit to Keith Campbell, and Cris Neckar of Google Chrome Security Team for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3259

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a malicious website may lead to the disclosure of image data from another website

  Description: A cross-origin issue exists in WebKit's handling of images created from "canvas" elements. Visiting a malicious website may lead to the disclosure of image data from another website. This issue is addressed through improved tracking of security origins. Credit to Isaac Dawson, and James Qiu of Microsoft and Microsoft Vulnerability Research (MSVR) for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3808

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: An invalid cast issue exists in WebKit's handling of editing commands. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of editing commands. Credit to wushi of team509 for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-1812

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: A use after free issue exists in WebKit's handling of selections. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory handling. Credit to chipplyman for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3809

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: An invalid cast issue exists in WebKit's handling of inline styling. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of inline styling. Credit to Abhishek Arya (Inferno) of Google Chrome Security Team for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-1814

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: A memory corruption issue exists in WebKit's handling of form menus. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of form menus. Credit to Csaba Osztrogonac of University of Szeged for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3810

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: A maliciously crafted website may be able to spoof the address in the location bar or add arbitrary locations to the history

  Description: A cross-origin issue exists in WebKit's handling of the History object. A maliciously crafted website may be able to spoof the address in the location bar or add arbitrary locations to the history. This issue is addressed through improved tracking of security origins. Credit to Mike Taylor of Opera Software for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3811

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: A use after free issue exists in WebKit's handling of element attributes. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory handling. Credit to Michal Zalewski for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3812

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: An integer overflow exists in WebKit's handling of Text objects. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Credit to J23 working with TippingPoint's Zero Day Initiative for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3813

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: WebKit may perform DNS prefetching even when it is disabled

  Description: When WebKit encounters an HTML Link Element that requests DNS prefetching, it will perform the operation even if prefetching is disabled. This may result in undesired requests to remote servers. As an example, the sender of an HTML-formatted email message could use this to determine that the message was read. This issue is addressed through improved handling of DNS prefetching requests. Credit to Jeff Johnson of Rogue Amoeba Software for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3116

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: Multiple use after free issues exist in WebKit's handling of plug-ins. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. These issues are addressed through improved memory handling.

*

  WebKit

  CVE-ID: CVE-2010-3257

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: A use after free issue exists in WebKit's handling of element focus. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory management. Credit to VUPEN Vulnerability Research Team for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3816

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: A use after free issue exists in WebKit's handling of scrollbars. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory handling. Credit to Rohit Makasana of Google Inc. for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3817

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: An invalid cast issue exists in WebKit's handling of CSS 3D transforms. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of CSS 3D transforms. Credit to Abhishek Arya (Inferno) of Google Chrome Security Team for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3818

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: A use after free issue exists in WebKit's handling of inline text boxes. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory handling. Credit to Abhishek Arya (Inferno) of Google Chrome Security Team for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3819

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: An invalid cast issue exists in WebKit's handling of CSS boxes. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of CSS boxes. Credit to Abhishek Arya (Inferno) of Google Chrome Security Team for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3820

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: An uninitialized memory access issue exists in WebKit's handling of editable elements. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of editable elements. Credit: Apple.

*

  WebKit

  CVE-ID: CVE-2010-1813

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: A memory corruption issue exists in WebKit's rendering of HTML object outlines. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory management. Credit to Jose A. Vazquez of spa-s3c.blogspot.com for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3821

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: A memory corruption issue exists in WebKit's handling of the ':first-letter' pseudo-element in cascading stylesheets. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of the ':first-letter' pseudo-element. Credit to Cris Neckar and Abhishek Arya (Inferno) of Google Chrome Security Team for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3822

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: An uninitialized pointer issue exists in WebKit's handling of CSS counter styles. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of CSS counter styles. Credit to kuzzcc for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3823

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: A use after free issue exists in WebKit's handling of Geolocation objects. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory handling. Credit to kuzzcc for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3824

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: A use after free issue exists in WebKit's handling "use" elements in SVG documents. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory handling. Credit to wushi of team509 for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-1822

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: An invalid cast issue exists in WebKit's handling of SVG elements in non-SVG documents. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of SVG elements. Credit to wushi of team509 for reporting this issue.

*

  WebKit

  CVE-ID: CVE-2010-3826

  Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, Mac OS X Server v10.6.4 or later, Windows 7, Vista, XP SP2 or later

  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

  Description: An invalid cast issue exists in WebKit's handling of colors in SVG documents. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of colors in SVG documents. Credit to Abhishek Arya (Inferno) of Google Chrome Security Team for reporting this issue.

Related

nessus 20
openvas 38
securityvulns 1
freebsd 2
cve 28
ubuntucve 29
prion 28
debiancve 7
veracode 8
fedora 6
oraclelinux 1
checkpoint_advisories 4
packetstorm 1
exploitpack 1
seebug 1
redhat 1
zdi 1
exploitdb 1
msvr 1
gentoo 1
ubuntu 1
nessus
nessus
Safari < 5.0.3 Multiple Vulnerabilities
2010-11-18 00:00:00
Mac OS X : Apple Safari < 5.0.3 / 4.1.3
2010-11-18 00:00:00
Fedora 13 : webkitgtk-1.2.5-1.fc13 (2010-15957)
2010-10-20 00:00:00
openvas
openvas
Apple Safari Webkit Multiple Vulnerabilities - Nov10
2010-11-23 00:00:00
Apple Safari Webkit Multiple Vulnerabilities - Nov10
2010-11-23 00:00:00
FreeBSD Ports: webkit-gtk2
2010-11-17 00:00:00
securityvulns
securityvulns
Apple Webkit / Safari / Google Chrome multiple security vulnerabilities
2010-11-23 00:00:00
freebsd
freebsd
Webkit-gtk2 -- Multiple Vulnabilities
2010-10-01 00:00:00
webkit-gtk2 -- Multiple vulnerabilities
2010-12-28 00:00:00
cve
cve
CVE-2010-3818
2010-11-22 13:00:00
CVE-2010-3816
2010-11-22 13:00:00
CVE-2010-3820
2010-11-22 13:00:00
ubuntucve
ubuntucve
CVE-2010-3816
2010-11-22 00:00:00
CVE-2010-3818
2010-11-22 00:00:00
CVE-2010-3820
2010-11-22 00:00:00
prion
prion
Design/Logic Flaw
2010-11-22 13:00:00
Design/Logic Flaw
2010-11-22 13:00:00
Code injection
2010-10-04 21:00:00
debiancve
debiancve
CVE-2010-1822
2010-10-04 21:00:00
CVE-2010-3813
2010-11-22 13:00:00
CVE-2010-1813
2010-09-09 22:00:00
veracode
veracode
Access Restrictions Bypass
2020-04-10 00:53:20
Denial Of Service (DoS)
2020-04-10 00:53:18
Denial Of Service (DoS)
2020-04-10 00:53:17
fedora
fedora
[SECURITY] Fedora 14 Update: qt-4.7.0-8.fc14
2010-11-03 21:08:39
[SECURITY] Fedora 14 Update: qt-4.7.4-2.fc14
2011-09-25 03:32:05
[SECURITY] Fedora 13 Update: webkitgtk-1.2.6-1.fc13
2011-01-07 20:01:55
oraclelinux
oraclelinux
webkitgtk security update
2011-02-10 00:00:00
checkpoint_advisories
checkpoint_advisories
Apple Safari WebKit Menu Onchange Memory Corruption (CVE-2010-1814)
2011-02-24 00:00:00
Apple Safari and Google Chrome Webkit Object Outline Memory Corruption (CVE-2010-1813)
2011-02-21 00:00:00
Apple Safari WebKit Stale Pointer Use-after-free Code Execution (CVE-2010-3257)
2011-05-31 00:00:00
packetstorm
packetstorm
Webkit Memory Corruption
2010-09-11 00:00:00
exploitpack
exploitpack
Webkit (Apple Safari 4.1.25.0.2 Google Chrome 5.0.375.125) - Memory Corruption
2010-09-10 00:00:00
seebug
seebug
Webkit (Apple Safari < 4.1.2/5.0.2 & Google Chrome < 5.0.375.125) - Memory Corruption
2014-07-01 00:00:00
redhat
redhat
(RHSA-2011:0177) Moderate: webkitgtk security update
2011-01-25 00:00:00
zdi
zdi
Apple Webkit WholeText Integer Overflow Remote Code Execution Vulnerability
2010-11-23 00:00:00
exploitdb
exploitdb
Webkit (Apple Safari &lt; 4.1.2/5.0.2 / Google Chrome &lt; 5.0.375.125) - Memory Corruption
2010-09-10 00:00:00
msvr
msvr
HTML5 Implementation in Chrome, Opera, and Safari Could Allow Information Disclosure
2011-04-19 00:00:00
gentoo
gentoo
Multiple packages, Multiple vulnerabilities fixed in 2011
2014-12-11 00:00:00
ubuntu
ubuntu
WebKit vulnerabilities
2011-08-23 00:00:00
JSON
Related for SECURITYVULNS:DOC:25160
nessus20openvas38securityvulns1freebsd2cve28ubuntucve29prion28debiancve7veracode8fedora6oraclelinux1checkpoint_advisories4packetstorm1exploitpack1seebug1redhat1zdi1exploitdb1msvr1gentoo1ubuntu1