Description

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

INFO

Published Date :

Jan. 28, 2015, 7:59 p.m.

Last Modified :

Nov. 21, 2024, 2:22 a.m.

Remotely Exploitable :

Yes !

Impact Score :

10.0

Exploitability Score :

10.0
Public PoC/Exploit Available at Github

CVE-2015-0235 has a 38 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2015-0235 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Oracle communications_webrtc_session_controller
2 Oracle communications_policy_management
3 Oracle linux
4 Oracle vm_virtualbox
5 Oracle communications_application_session_controller
6 Oracle communications_lsms
7 Oracle communications_eagle_application_processor
8 Oracle communications_session_border_controller
9 Oracle communications_user_data_repository
10 Oracle communications_eagle_lnp_application_processor
11 Oracle exalogic_infrastructure
1 Ibm security_access_manager_for_enterprise_single_sign-on
2 Ibm pureapplication_system
1 Debian debian_linux
1 Apple mac_os_x
1 Redhat virtualization
1 Php php
1 Gnu glibc
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2015-0235.

URL Resource
http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/ Third Party Advisory
http://linux.oracle.com/errata/ELSA-2015-0090.html Third Party Advisory
http://linux.oracle.com/errata/ELSA-2015-0092.html Third Party Advisory
http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142296726407499&w=2 Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142721102728110&w=2 Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142721102728110&w=2 Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142722450701342&w=2 Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142781412222323&w=2 Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142781412222323&w=2 Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=143145428124857&w=2 Issue Tracking Mailing List Third Party Advisory
http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html Exploit Third Party Advisory VDB Entry
http://rhn.redhat.com/errata/RHSA-2015-0126.html Third Party Advisory
http://seclists.org/fulldisclosure/2015/Jan/111 Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2019/Jun/18 Exploit Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2021/Sep/0 Exploit Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2022/Jun/36 Exploit Mailing List Third Party Advisory
http://seclists.org/oss-sec/2015/q1/269 Mailing List Third Party Advisory
http://seclists.org/oss-sec/2015/q1/274 Exploit Mailing List Third Party Advisory
http://secunia.com/advisories/62517 Not Applicable
http://secunia.com/advisories/62640 Not Applicable
http://secunia.com/advisories/62667 Not Applicable
http://secunia.com/advisories/62680 Not Applicable
http://secunia.com/advisories/62681 Not Applicable
http://secunia.com/advisories/62688 Not Applicable
http://secunia.com/advisories/62690 Not Applicable
http://secunia.com/advisories/62691 Not Applicable
http://secunia.com/advisories/62692 Not Applicable
http://secunia.com/advisories/62698 Not Applicable
http://secunia.com/advisories/62715 Not Applicable
http://secunia.com/advisories/62758 Not Applicable
http://secunia.com/advisories/62812 Not Applicable
http://secunia.com/advisories/62813 Not Applicable
http://secunia.com/advisories/62816 Not Applicable
http://secunia.com/advisories/62865 Not Applicable
http://secunia.com/advisories/62870 Not Applicable
http://secunia.com/advisories/62871 Not Applicable
http://secunia.com/advisories/62879 Not Applicable
http://secunia.com/advisories/62883 Not Applicable
http://support.apple.com/kb/HT204942 Third Party Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21695695 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21695774 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21695835 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21695860 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21696131 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21696243 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21696526 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21696600 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21696602 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21696618 Third Party Advisory
http://www.debian.org/security/2015/dsa-3142 Third Party Advisory
http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf Broken Link URL Repurposed
http://www.mandriva.com/security/advisories?name=MDVSA-2015:039 Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/05/04/7 Exploit Mailing List
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Patch Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html Third Party Advisory
http://www.securityfocus.com/archive/1/534845/100/0/threaded Exploit Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/72325 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/91787 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032909 Third Party Advisory VDB Entry
http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 Broken Link Permissions Required
https://bto.bluecoat.com/security-advisory/sa90 Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf Third Party Advisory
https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668 Third Party Advisory
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes Third Party Advisory
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10671 Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10100 Third Party Advisory
https://seclists.org/bugtraq/2019/Jun/14 Exploit Mailing List Third Party Advisory
https://security.gentoo.org/glsa/201503-04 Third Party Advisory
https://security.netapp.com/advisory/ntap-20150127-0001/ Third Party Advisory
https://support.apple.com/HT205267 Third Party Advisory
https://support.apple.com/HT205375 Third Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9 Third Party Advisory
https://www.f-secure.com/en/web/labs_global/fsc-2015-1 Third Party Advisory
https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt Third Party Advisory
https://www.sophos.com/en-us/support/knowledgebase/121879.aspx Third Party Advisory
http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/ Third Party Advisory
http://linux.oracle.com/errata/ELSA-2015-0090.html Third Party Advisory
http://linux.oracle.com/errata/ELSA-2015-0092.html Third Party Advisory
http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142296726407499&w=2 Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142721102728110&w=2 Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142721102728110&w=2 Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142722450701342&w=2 Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142781412222323&w=2 Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142781412222323&w=2 Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=143145428124857&w=2 Issue Tracking Mailing List Third Party Advisory
http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html Exploit Third Party Advisory VDB Entry
http://rhn.redhat.com/errata/RHSA-2015-0126.html Third Party Advisory
http://seclists.org/fulldisclosure/2015/Jan/111 Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2019/Jun/18 Exploit Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2021/Sep/0 Exploit Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2022/Jun/36 Exploit Mailing List Third Party Advisory
http://seclists.org/oss-sec/2015/q1/269 Mailing List Third Party Advisory
http://seclists.org/oss-sec/2015/q1/274 Exploit Mailing List Third Party Advisory
http://secunia.com/advisories/62517 Not Applicable
http://secunia.com/advisories/62640 Not Applicable
http://secunia.com/advisories/62667 Not Applicable
http://secunia.com/advisories/62680 Not Applicable
http://secunia.com/advisories/62681 Not Applicable
http://secunia.com/advisories/62688 Not Applicable
http://secunia.com/advisories/62690 Not Applicable
http://secunia.com/advisories/62691 Not Applicable
http://secunia.com/advisories/62692 Not Applicable
http://secunia.com/advisories/62698 Not Applicable
http://secunia.com/advisories/62715 Not Applicable
http://secunia.com/advisories/62758 Not Applicable
http://secunia.com/advisories/62812 Not Applicable
http://secunia.com/advisories/62813 Not Applicable
http://secunia.com/advisories/62816 Not Applicable
http://secunia.com/advisories/62865 Not Applicable
http://secunia.com/advisories/62870 Not Applicable
http://secunia.com/advisories/62871 Not Applicable
http://secunia.com/advisories/62879 Not Applicable
http://secunia.com/advisories/62883 Not Applicable
http://support.apple.com/kb/HT204942 Third Party Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21695695 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21695774 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21695835 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21695860 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21696131 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21696243 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21696526 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21696600 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21696602 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21696618 Third Party Advisory
http://www.debian.org/security/2015/dsa-3142 Third Party Advisory
http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf Broken Link URL Repurposed
http://www.mandriva.com/security/advisories?name=MDVSA-2015:039 Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/05/04/7 Exploit Mailing List
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Patch Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html Third Party Advisory
http://www.securityfocus.com/archive/1/534845/100/0/threaded Exploit Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/72325 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/91787 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032909 Third Party Advisory VDB Entry
http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 Broken Link Permissions Required
https://bto.bluecoat.com/security-advisory/sa90 Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf Third Party Advisory
https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668 Third Party Advisory
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes Third Party Advisory
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10671 Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10100 Third Party Advisory
https://seclists.org/bugtraq/2019/Jun/14 Exploit Mailing List Third Party Advisory
https://security.gentoo.org/glsa/201503-04 Third Party Advisory
https://security.netapp.com/advisory/ntap-20150127-0001/ Third Party Advisory
https://support.apple.com/HT205267 Third Party Advisory
https://support.apple.com/HT205375 Third Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9 Third Party Advisory
https://www.f-secure.com/en/web/labs_global/fsc-2015-1 Third Party Advisory
https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt Third Party Advisory
https://www.sophos.com/en-us/support/knowledgebase/121879.aspx Third Party Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

None

Python

Updated: 7 months ago
0 stars 0 fork 0 watcher
Born at : May 18, 2024, 2:30 p.m. This repo has been linked 57 different CVEs too.

None

Updated: 1 year, 11 months ago
0 stars 0 fork 0 watcher
Born at : Jan. 11, 2023, 1:21 p.m. This repo has been linked 1044 different CVEs too.

None

Python

Updated: 1 month, 3 weeks ago
6 stars 3 fork 3 watcher
Born at : April 12, 2021, 4:06 a.m. This repo has been linked 57 different CVEs too.

Automatic monitor github cve using Github Actions

Python

Updated: 1 month, 2 weeks ago
1 stars 57 fork 57 watcher
Born at : April 7, 2021, 11:16 a.m. This repo has been linked 1008 different CVEs too.

Sr. Penetration Tester. Creator of Sn1per. Top 20 worldwide on @BugCrowd in 2016. OSCE/OSCP/CISSP/Security+

Updated: 2 weeks, 4 days ago
27 stars 5 fork 5 watcher
Born at : July 30, 2020, 10:09 p.m. This repo has been linked 8 different CVEs too.

None

Updated: 4 months, 1 week ago
13 stars 4 fork 4 watcher
Born at : May 25, 2020, 7:51 a.m. This repo has been linked 1029 different CVEs too.

None

Python

Updated: 3 years, 1 month ago
0 stars 0 fork 0 watcher
Born at : April 23, 2020, 10:26 p.m. This repo has been linked 1 different CVEs too.

A check for GHOST; cve-2015-0235

Python

Updated: 4 years, 8 months ago
0 stars 0 fork 0 watcher
Born at : March 24, 2020, 3:03 p.m. This repo has been linked 1 different CVEs too.

None

C Perl 6 Perl ASP HTML Rich Text Format Visual Basic TeX Assembly Shell

Updated: 4 months, 1 week ago
1 stars 1 fork 1 watcher
Born at : June 13, 2019, 1:51 p.m. This repo has been linked 308 different CVEs too.

None

C Shell Python Ruby PHP

Updated: 6 years, 11 months ago
0 stars 0 fork 0 watcher
Born at : Jan. 1, 2018, 9:24 a.m. This repo has been linked 3 different CVEs too.

None

C Shell Python Ruby PHP

Updated: 7 years, 1 month ago
0 stars 0 fork 0 watcher
Born at : Nov. 22, 2017, 5:20 a.m. This repo has been linked 3 different CVEs too.

None

C Shell Makefile

Updated: 2 years, 8 months ago
9 stars 2 fork 2 watcher
Born at : July 12, 2017, 6:28 a.m. This repo has been linked 14 different CVEs too.

None

Ruby

Updated: 4 months, 1 week ago
0 stars 1 fork 1 watcher
Born at : June 30, 2017, 10:29 a.m. This repo has been linked 1 different CVEs too.

✍️ A curated list of CVE PoCs.

awesome cve poc

Updated: 2 weeks, 2 days ago
3331 stars 680 fork 680 watcher
Born at : Feb. 2, 2017, 6:43 a.m. This repo has been linked 1044 different CVEs too.

Tools that utilize the Red Hat Security Data API

Python

Updated: 3 weeks, 3 days ago
62 stars 26 fork 26 watcher
Born at : Oct. 14, 2016, 4:41 p.m. This repo has been linked 57 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2015-0235 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2015-0235 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/
    Added Reference http://linux.oracle.com/errata/ELSA-2015-0090.html
    Added Reference http://linux.oracle.com/errata/ELSA-2015-0092.html
    Added Reference http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
    Added Reference http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html
    Added Reference http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
    Added Reference http://marc.info/?l=bugtraq&m=142296726407499&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142721102728110&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142721102728110&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142722450701342&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142781412222323&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142781412222323&w=2
    Added Reference http://marc.info/?l=bugtraq&m=143145428124857&w=2
    Added Reference http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html
    Added Reference http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html
    Added Reference http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html
    Added Reference http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html
    Added Reference http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html
    Added Reference http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html
    Added Reference http://rhn.redhat.com/errata/RHSA-2015-0126.html
    Added Reference http://seclists.org/fulldisclosure/2015/Jan/111
    Added Reference http://seclists.org/fulldisclosure/2019/Jun/18
    Added Reference http://seclists.org/fulldisclosure/2021/Sep/0
    Added Reference http://seclists.org/fulldisclosure/2022/Jun/36
    Added Reference http://seclists.org/oss-sec/2015/q1/269
    Added Reference http://seclists.org/oss-sec/2015/q1/274
    Added Reference http://secunia.com/advisories/62517
    Added Reference http://secunia.com/advisories/62640
    Added Reference http://secunia.com/advisories/62667
    Added Reference http://secunia.com/advisories/62680
    Added Reference http://secunia.com/advisories/62681
    Added Reference http://secunia.com/advisories/62688
    Added Reference http://secunia.com/advisories/62690
    Added Reference http://secunia.com/advisories/62691
    Added Reference http://secunia.com/advisories/62692
    Added Reference http://secunia.com/advisories/62698
    Added Reference http://secunia.com/advisories/62715
    Added Reference http://secunia.com/advisories/62758
    Added Reference http://secunia.com/advisories/62812
    Added Reference http://secunia.com/advisories/62813
    Added Reference http://secunia.com/advisories/62816
    Added Reference http://secunia.com/advisories/62865
    Added Reference http://secunia.com/advisories/62870
    Added Reference http://secunia.com/advisories/62871
    Added Reference http://secunia.com/advisories/62879
    Added Reference http://secunia.com/advisories/62883
    Added Reference http://support.apple.com/kb/HT204942
    Added Reference http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost
    Added Reference http://www.debian.org/security/2015/dsa-3142
    Added Reference http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf
    Added Reference http://www.mandriva.com/security/advisories?name=MDVSA-2015:039
    Added Reference http://www.openwall.com/lists/oss-security/2021/05/04/7
    Added Reference http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
    Added Reference http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
    Added Reference http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
    Added Reference http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
    Added Reference http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
    Added Reference http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
    Added Reference http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
    Added Reference http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
    Added Reference http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
    Added Reference http://www.securityfocus.com/archive/1/534845/100/0/threaded
    Added Reference http://www.securityfocus.com/bid/72325
    Added Reference http://www.securityfocus.com/bid/91787
    Added Reference http://www.securitytracker.com/id/1032909
    Added Reference http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21695695
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21695774
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21695835
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21695860
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21696131
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21696243
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21696526
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21696600
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21696602
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21696618
    Added Reference https://bto.bluecoat.com/security-advisory/sa90
    Added Reference https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf
    Added Reference https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability
    Added Reference https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668
    Added Reference https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
    Added Reference https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10671
    Added Reference https://kc.mcafee.com/corporate/index?page=content&id=SB10100
    Added Reference https://seclists.org/bugtraq/2019/Jun/14
    Added Reference https://security.gentoo.org/glsa/201503-04
    Added Reference https://security.netapp.com/advisory/ntap-20150127-0001/
    Added Reference https://support.apple.com/HT205267
    Added Reference https://support.apple.com/HT205375
    Added Reference https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9
    Added Reference https://www.f-secure.com/en/web/labs_global/fsc-2015-1
    Added Reference https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt
    Added Reference https://www.sophos.com/en-us/support/knowledgebase/121879.aspx
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • Modified Analysis by [email protected]

    Jul. 05, 2022

    Action Type Old Value New Value
    Changed Reference Type http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html Third Party Advisory, VDB Entry http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html Exploit, Third Party Advisory, VDB Entry
    Changed Reference Type http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html No Types Assigned http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html Exploit, Third Party Advisory, VDB Entry
    Changed Reference Type http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html No Types Assigned http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html Exploit, Third Party Advisory, VDB Entry
    Changed Reference Type http://seclists.org/fulldisclosure/2019/Jun/18 Mailing List, Third Party Advisory http://seclists.org/fulldisclosure/2019/Jun/18 Exploit, Mailing List, Third Party Advisory
    Changed Reference Type http://seclists.org/fulldisclosure/2021/Sep/0 No Types Assigned http://seclists.org/fulldisclosure/2021/Sep/0 Exploit, Mailing List, Third Party Advisory
    Changed Reference Type http://seclists.org/fulldisclosure/2022/Jun/36 No Types Assigned http://seclists.org/fulldisclosure/2022/Jun/36 Exploit, Mailing List, Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62517 Third Party Advisory http://secunia.com/advisories/62517 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62640 Third Party Advisory http://secunia.com/advisories/62640 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62667 Third Party Advisory http://secunia.com/advisories/62667 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62680 Third Party Advisory http://secunia.com/advisories/62680 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62681 Third Party Advisory http://secunia.com/advisories/62681 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62688 Third Party Advisory http://secunia.com/advisories/62688 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62690 Third Party Advisory http://secunia.com/advisories/62690 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62691 Third Party Advisory http://secunia.com/advisories/62691 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62692 Third Party Advisory http://secunia.com/advisories/62692 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62698 Third Party Advisory http://secunia.com/advisories/62698 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62715 Third Party Advisory http://secunia.com/advisories/62715 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62758 Third Party Advisory http://secunia.com/advisories/62758 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62812 Third Party Advisory http://secunia.com/advisories/62812 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62813 Third Party Advisory http://secunia.com/advisories/62813 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62816 Third Party Advisory http://secunia.com/advisories/62816 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62865 Third Party Advisory http://secunia.com/advisories/62865 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62870 Third Party Advisory http://secunia.com/advisories/62870 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62871 Third Party Advisory http://secunia.com/advisories/62871 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62879 Third Party Advisory http://secunia.com/advisories/62879 Not Applicable
    Changed Reference Type http://secunia.com/advisories/62883 Third Party Advisory http://secunia.com/advisories/62883 Not Applicable
    Changed Reference Type http://www.openwall.com/lists/oss-security/2021/05/04/7 No Types Assigned http://www.openwall.com/lists/oss-security/2021/05/04/7 Exploit, Mailing List
    Changed Reference Type http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html Third Party Advisory http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html Patch, Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html Third Party Advisory http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html Patch, Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html Third Party Advisory http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html Patch, Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html Third Party Advisory http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html Patch, Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Third Party Advisory http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Patch, Third Party Advisory
    Changed Reference Type http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 Permissions Required http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 Broken Link, Permissions Required
    Changed Reference Type https://seclists.org/bugtraq/2019/Jun/14 Mailing List, Third Party Advisory https://seclists.org/bugtraq/2019/Jun/14 Exploit, Mailing List, Third Party Advisory
    Changed Reference Type https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9 No Types Assigned https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9 Third Party Advisory
    Changed CPE Configuration OR *cpe:2.3:a:oracle:communications_application_session_controller:*:*:*:*:*:*:*:* versions up to (excluding) 3.7.1 *cpe:2.3:a:oracle:communications_application_session_controller:3.7.1:-:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_eagle_application_processor:16.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_lsms:13.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_policy_management:9.7.3:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_policy_management:9.9.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_policy_management:10.4.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_policy_management:11.5:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_policy_management:12.1.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_session_border_controller:*:*:*:*:*:*:*:* versions up to (excluding) 7.2.0 *cpe:2.3:a:oracle:communications_session_border_controller:7.2.0:-:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:* versions from (including) 10.0.0 up to (including) 10.0.1 *cpe:2.3:a:oracle:communications_webrtc_session_controller:7.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_webrtc_session_controller:7.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:* *cpe:2.3:a:oracle:exalogic_infrastructure:1.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:exalogic_infrastructure:2.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions up to (excluding) 5.1.24 *cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:* *cpe:2.3:o:oracle:linux:7:0:*:*:*:*:*:* OR *cpe:2.3:a:oracle:communications_application_session_controller:*:*:*:*:*:*:*:* versions up to (excluding) 3.7.1 *cpe:2.3:a:oracle:communications_eagle_application_processor:16.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_lsms:13.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_policy_management:9.7.3:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_policy_management:9.9.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_policy_management:10.4.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_policy_management:11.5:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_policy_management:12.1.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_session_border_controller:*:*:*:*:*:*:*:* versions up to (excluding) 7.2.0 *cpe:2.3:a:oracle:communications_session_border_controller:7.2.0:-:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:* versions from (including) 10.0.0 up to (including) 10.0.1 *cpe:2.3:a:oracle:communications_webrtc_session_controller:7.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_webrtc_session_controller:7.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:* *cpe:2.3:a:oracle:exalogic_infrastructure:1.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:exalogic_infrastructure:2.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions up to (excluding) 5.1.24 *cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:* *cpe:2.3:o:oracle:linux:7:0:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions from (including) 5.4.0 up to (excluding) 5.4.38 *cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions from (including) 5.5.0 up to (excluding) 5.5.22 *cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions from (including) 5.6.0 up to (excluding) 5.6.6
  • CVE Modified by [email protected]

    Jun. 20, 2022

    Action Type Old Value New Value
    Added Reference http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html [No Types Assigned]
  • CVE Modified by [email protected]

    Jun. 17, 2022

    Action Type Old Value New Value
    Added Reference http://seclists.org/fulldisclosure/2022/Jun/36 [No Types Assigned]
  • CVE Modified by [email protected]

    Nov. 17, 2021

    Action Type Old Value New Value
    Added Reference https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9 [No Types Assigned]
  • CVE Modified by [email protected]

    Nov. 10, 2021

    Action Type Old Value New Value
    Removed Reference https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9 [No Types Assigned]
  • CVE Modified by [email protected]

    Nov. 05, 2021

    Action Type Old Value New Value
    Added Reference https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9 [No Types Assigned]
  • CVE Modified by [email protected]

    Sep. 01, 2021

    Action Type Old Value New Value
    Added Reference http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html [No Types Assigned]
  • CVE Modified by [email protected]

    Sep. 01, 2021

    Action Type Old Value New Value
    Added Reference http://seclists.org/fulldisclosure/2021/Sep/0 [No Types Assigned]
  • CVE Modified by [email protected]

    May. 04, 2021

    Action Type Old Value New Value
    Added Reference http://www.openwall.com/lists/oss-security/2021/05/04/7 [No Types Assigned]
  • Modified Analysis by [email protected]

    Oct. 14, 2020

    Action Type Old Value New Value
    Changed Reference Type http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/ No Types Assigned http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/ Third Party Advisory
    Changed Reference Type http://linux.oracle.com/errata/ELSA-2015-0090.html No Types Assigned http://linux.oracle.com/errata/ELSA-2015-0090.html Third Party Advisory
    Changed Reference Type http://linux.oracle.com/errata/ELSA-2015-0092.html No Types Assigned http://linux.oracle.com/errata/ELSA-2015-0092.html Third Party Advisory
    Changed Reference Type http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html No Types Assigned http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html Mailing List, Third Party Advisory
    Changed Reference Type http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html No Types Assigned http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html Mailing List, Third Party Advisory
    Changed Reference Type http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html No Types Assigned http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=142296726407499&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=142296726407499&w=2 Issue Tracking, Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=142721102728110&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=142721102728110&w=2 Issue Tracking, Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=142722450701342&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=142722450701342&w=2 Issue Tracking, Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=142781412222323&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=142781412222323&w=2 Issue Tracking, Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=143145428124857&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=143145428124857&w=2 Issue Tracking, Mailing List, Third Party Advisory
    Changed Reference Type http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html No Types Assigned http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html Exploit, Third Party Advisory, VDB Entry
    Changed Reference Type http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html No Types Assigned http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html Third Party Advisory, VDB Entry
    Changed Reference Type http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html No Types Assigned http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html Exploit, Third Party Advisory, VDB Entry
    Changed Reference Type http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html No Types Assigned http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html Third Party Advisory, VDB Entry
    Changed Reference Type http://rhn.redhat.com/errata/RHSA-2015-0126.html No Types Assigned http://rhn.redhat.com/errata/RHSA-2015-0126.html Third Party Advisory
    Changed Reference Type http://seclists.org/fulldisclosure/2015/Jan/111 No Types Assigned http://seclists.org/fulldisclosure/2015/Jan/111 Mailing List, Third Party Advisory
    Changed Reference Type http://seclists.org/fulldisclosure/2019/Jun/18 No Types Assigned http://seclists.org/fulldisclosure/2019/Jun/18 Mailing List, Third Party Advisory
    Changed Reference Type http://seclists.org/oss-sec/2015/q1/269 No Types Assigned http://seclists.org/oss-sec/2015/q1/269 Mailing List, Third Party Advisory
    Changed Reference Type http://seclists.org/oss-sec/2015/q1/274 Exploit http://seclists.org/oss-sec/2015/q1/274 Exploit, Mailing List, Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62517 No Types Assigned http://secunia.com/advisories/62517 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62640 No Types Assigned http://secunia.com/advisories/62640 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62667 No Types Assigned http://secunia.com/advisories/62667 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62680 No Types Assigned http://secunia.com/advisories/62680 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62681 No Types Assigned http://secunia.com/advisories/62681 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62688 No Types Assigned http://secunia.com/advisories/62688 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62690 No Types Assigned http://secunia.com/advisories/62690 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62691 No Types Assigned http://secunia.com/advisories/62691 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62692 No Types Assigned http://secunia.com/advisories/62692 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62698 No Types Assigned http://secunia.com/advisories/62698 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62715 No Types Assigned http://secunia.com/advisories/62715 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62758 No Types Assigned http://secunia.com/advisories/62758 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62812 No Types Assigned http://secunia.com/advisories/62812 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62813 No Types Assigned http://secunia.com/advisories/62813 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62816 No Types Assigned http://secunia.com/advisories/62816 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62865 No Types Assigned http://secunia.com/advisories/62865 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62870 No Types Assigned http://secunia.com/advisories/62870 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62871 No Types Assigned http://secunia.com/advisories/62871 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62879 No Types Assigned http://secunia.com/advisories/62879 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/62883 No Types Assigned http://secunia.com/advisories/62883 Third Party Advisory
    Changed Reference Type http://support.apple.com/kb/HT204942 No Types Assigned http://support.apple.com/kb/HT204942 Third Party Advisory
    Changed Reference Type http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost No Types Assigned http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost Third Party Advisory
    Changed Reference Type http://www.debian.org/security/2015/dsa-3142 No Types Assigned http://www.debian.org/security/2015/dsa-3142 Third Party Advisory
    Changed Reference Type http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf No Types Assigned http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf Broken Link
    Changed Reference Type http://www.mandriva.com/security/advisories?name=MDVSA-2015:039 No Types Assigned http://www.mandriva.com/security/advisories?name=MDVSA-2015:039 Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html No Types Assigned http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html No Types Assigned http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html No Types Assigned http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html No Types Assigned http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html No Types Assigned http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html No Types Assigned http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html No Types Assigned http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html No Types Assigned http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html No Types Assigned http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html Third Party Advisory
    Changed Reference Type http://www.securityfocus.com/archive/1/534845/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/534845/100/0/threaded Exploit, Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securityfocus.com/bid/72325 No Types Assigned http://www.securityfocus.com/bid/72325 Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securityfocus.com/bid/91787 No Types Assigned http://www.securityfocus.com/bid/91787 Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securitytracker.com/id/1032909 No Types Assigned http://www.securitytracker.com/id/1032909 Third Party Advisory, VDB Entry
    Changed Reference Type http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 No Types Assigned http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 Permissions Required
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21695695 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21695695 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21695774 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21695774 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21695835 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21695835 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21695860 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21695860 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21696131 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21696131 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21696243 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21696243 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21696526 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21696526 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21696600 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21696600 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21696602 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21696602 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21696618 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21696618 Third Party Advisory
    Changed Reference Type https://bto.bluecoat.com/security-advisory/sa90 No Types Assigned https://bto.bluecoat.com/security-advisory/sa90 Third Party Advisory
    Changed Reference Type https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf No Types Assigned https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf Third Party Advisory
    Changed Reference Type https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability No Types Assigned https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability Third Party Advisory
    Changed Reference Type https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668 No Types Assigned https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668 Third Party Advisory
    Changed Reference Type https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes No Types Assigned https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes Third Party Advisory
    Changed Reference Type https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10671 No Types Assigned https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10671 Third Party Advisory
    Changed Reference Type https://kc.mcafee.com/corporate/index?page=content&id=SB10100 No Types Assigned https://kc.mcafee.com/corporate/index?page=content&id=SB10100 Third Party Advisory
    Changed Reference Type https://seclists.org/bugtraq/2019/Jun/14 No Types Assigned https://seclists.org/bugtraq/2019/Jun/14 Mailing List, Third Party Advisory
    Changed Reference Type https://security.gentoo.org/glsa/201503-04 No Types Assigned https://security.gentoo.org/glsa/201503-04 Third Party Advisory
    Changed Reference Type https://security.netapp.com/advisory/ntap-20150127-0001/ No Types Assigned https://security.netapp.com/advisory/ntap-20150127-0001/ Third Party Advisory
    Changed Reference Type https://support.apple.com/HT205267 No Types Assigned https://support.apple.com/HT205267 Third Party Advisory
    Changed Reference Type https://support.apple.com/HT205375 No Types Assigned https://support.apple.com/HT205375 Third Party Advisory
    Changed Reference Type https://www.f-secure.com/en/web/labs_global/fsc-2015-1 No Types Assigned https://www.f-secure.com/en/web/labs_global/fsc-2015-1 Third Party Advisory
    Changed Reference Type https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt No Types Assigned https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt Third Party Advisory
    Changed Reference Type https://www.sophos.com/en-us/support/knowledgebase/121879.aspx No Types Assigned https://www.sophos.com/en-us/support/knowledgebase/121879.aspx Third Party Advisory
    Removed CWE NIST CWE-119
    Added CWE NIST CWE-787
    Removed CPE Configuration OR *cpe:2.3:a:oracle:communications_applications:13.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:oracle_pillar_axiom:6.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:oracle_pillar_axiom:6.2:*:*:*:*:*:*:* *cpe:2.3:a:oracle:oracle_pillar_axiom:6.3:*:*:*:*:*:*:*
    Changed CPE Configuration OR *cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:* OR *cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:* versions from (including) 2.0 up to (excluding) 2.18
    Added CPE Configuration OR *cpe:2.3:a:oracle:communications_application_session_controller:*:*:*:*:*:*:*:* versions up to (excluding) 3.7.1 *cpe:2.3:a:oracle:communications_application_session_controller:3.7.1:-:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_eagle_application_processor:16.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_lsms:13.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_policy_management:9.7.3:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_policy_management:9.9.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_policy_management:10.4.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_policy_management:11.5:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_policy_management:12.1.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_session_border_controller:*:*:*:*:*:*:*:* versions up to (excluding) 7.2.0 *cpe:2.3:a:oracle:communications_session_border_controller:7.2.0:-:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:* versions from (including) 10.0.0 up to (including) 10.0.1 *cpe:2.3:a:oracle:communications_webrtc_session_controller:7.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_webrtc_session_controller:7.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:* *cpe:2.3:a:oracle:exalogic_infrastructure:1.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:exalogic_infrastructure:2.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions up to (excluding) 5.1.24 *cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:* *cpe:2.3:o:oracle:linux:7:0:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* *cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:a:redhat:virtualization:6.0:*:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to (excluding) 10.11.1
    Added CPE Configuration OR *cpe:2.3:a:ibm:pureapplication_system:1.0.0.0:*:*:*:*:*:*:* *cpe:2.3:a:ibm:pureapplication_system:1.1.0.0:*:*:*:*:*:*:* *cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:* *cpe:2.3:a:ibm:security_access_manager_for_enterprise_single_sign-on:8.2:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Feb. 10, 2020

    Action Type Old Value New Value
    Added Reference https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf [No Types Assigned]
  • CVE Modified by [email protected]

    Jun. 13, 2019

    Action Type Old Value New Value
    Added Reference http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html [No Types Assigned]
  • CVE Modified by [email protected]

    Jun. 13, 2019

    Action Type Old Value New Value
    Added Reference https://seclists.org/bugtraq/2019/Jun/14 [No Types Assigned]
  • CVE Modified by [email protected]

    Jun. 13, 2019

    Action Type Old Value New Value
    Added Reference http://seclists.org/fulldisclosure/2019/Jun/18 [No Types Assigned]
  • CVE Modified by [email protected]

    Nov. 30, 2018

    Action Type Old Value New Value
    Added Reference https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 17, 2018

    Action Type Old Value New Value
    Added Reference http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 09, 2018

    Action Type Old Value New Value
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/534845/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/534845/100/0/threaded [No Types Assigned]
  • CVE Modified by [email protected]

    Nov. 10, 2017

    Action Type Old Value New Value
    Added Reference https://security.netapp.com/advisory/ntap-20150127-0001/ [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 20, 2017

    Action Type Old Value New Value
    Added Reference http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html [No Types Assigned]
  • CVE Modified by [email protected]

    Sep. 22, 2017

    Action Type Old Value New Value
    Added Reference http://www.securitytracker.com/id/1032909 [No Types Assigned]
  • CVE Modified by [email protected]

    Aug. 09, 2017

    Action Type Old Value New Value
    Added Reference http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html [No Types Assigned]
  • CVE Modified by [email protected]

    Jul. 01, 2017

    Action Type Old Value New Value
    Added Reference https://security.gentoo.org/glsa/201503-04 [No Types Assigned]
  • CVE Modified by [email protected]

    Jan. 03, 2017

    Action Type Old Value New Value
    Added Reference https://www.f-secure.com/en/web/labs_global/fsc-2015-1 [No Types Assigned]
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21696131 [No Types Assigned]
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21695774 [No Types Assigned]
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21695695 [No Types Assigned]
    Added Reference http://secunia.com/advisories/62816 [No Types Assigned]
    Added Reference http://secunia.com/advisories/62813 [No Types Assigned]
    Added Reference http://secunia.com/advisories/62812 [No Types Assigned]
    Added Reference http://secunia.com/advisories/62758 [No Types Assigned]
  • CVE Modified by [email protected]

    Dec. 07, 2016

    Action Type Old Value New Value
    Added Reference https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668 [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 26, 2016

    Action Type Old Value New Value
    Added Reference http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
  • CVE Modified by [email protected]

    Aug. 23, 2016

    Action Type Old Value New Value
    Added Reference http://marc.info/?l=bugtraq&m=142722450701342&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142296726407499&w=2
    Added Reference http://marc.info/?l=bugtraq&m=143145428124857&w=2
  • CVE Modified by [email protected]

    Aug. 09, 2016

    Action Type Old Value New Value
    Added Reference http://www.securityfocus.com/bid/91787
  • CVE Modified by [email protected]

    Jul. 22, 2016

    Action Type Old Value New Value
    Added Reference http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
  • Modified Analysis by [email protected]

    Jun. 02, 2016

    Action Type Old Value New Value
    Changed CPE Configuration Configuration 1 OR *cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:* Configuration 2 OR *cpe:2.3:a:oracle:communications_applications:13.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:oracle_pillar_axiom:6.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:oracle_pillar_axiom:6.2:*:*:*:*:*:*:* *cpe:2.3:a:oracle:oracle_pillar_axiom:6.3:*:*:*:*:*:*:* Configuration 1 OR *cpe:2.3:a:oracle:communications_applications:13.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:oracle_pillar_axiom:6.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:oracle_pillar_axiom:6.2:*:*:*:*:*:*:* *cpe:2.3:a:oracle:oracle_pillar_axiom:6.3:*:*:*:*:*:*:* Configuration 2 OR *cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Apr. 07, 2016

    Action Type Old Value New Value
    Removed Reference http://www.oracle.com/technetwork/topics/security/alerts-086861.html
    Added Reference http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
  • CVE Modified by [email protected]

    Jan. 22, 2016

    Action Type Old Value New Value
    Added Reference http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
  • Modified Analysis by [email protected]

    Nov. 05, 2015

    Action Type Old Value New Value
    Changed CPE Configuration Configuration 1 OR *cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:* Configuration 1 OR *cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:* Configuration 2 OR *cpe:2.3:a:oracle:communications_applications:13.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:oracle_pillar_axiom:6.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:oracle_pillar_axiom:6.2:*:*:*:*:*:*:* *cpe:2.3:a:oracle:oracle_pillar_axiom:6.3:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Oct. 24, 2015

    Action Type Old Value New Value
    Added Reference https://support.apple.com/HT205375
    Added Reference http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html
  • CVE Modified by [email protected]

    Oct. 23, 2015

    Action Type Old Value New Value
    Added Reference http://www.oracle.com/technetwork/topics/security/alerts-086861.html
  • CVE Modified by [email protected]

    Oct. 10, 2015

    Action Type Old Value New Value
    Added Reference https://support.apple.com/HT205267
    Added Reference http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
  • CVE Modified by [email protected]

    Jul. 17, 2015

    Action Type Old Value New Value
    Added Reference http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
  • CVE Modified by [email protected]

    Jul. 06, 2015

    Action Type Old Value New Value
    Added Reference http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
    Added Reference http://support.apple.com/kb/HT204942
  • CVE Modified by [email protected]

    Apr. 17, 2015

    Action Type Old Value New Value
    Added Reference http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
  • CVE Modified by [email protected]

    Apr. 07, 2015

    Action Type Old Value New Value
    Added Reference http://marc.info/?l=bugtraq&m=142781412222323&w=2
  • CVE Modified by [email protected]

    Apr. 01, 2015

    Action Type Old Value New Value
    Added Reference https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt
    Added Reference http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf
    Added Reference http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html
  • CVE Modified by [email protected]

    Mar. 31, 2015

    Action Type Old Value New Value
    Added Reference http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0
  • CVE Modified by [email protected]

    Mar. 27, 2015

    Action Type Old Value New Value
    Added Reference http://marc.info/?l=bugtraq&m=142721102728110&w=2
  • CVE Modified by [email protected]

    Mar. 24, 2015

    Action Type Old Value New Value
    Added Reference http://www.securityfocus.com/bid/72325
    Added Reference http://www.mandriva.com/security/advisories?name=MDVSA-2015:039
  • CVE Modified by [email protected]

    Mar. 18, 2015

    Action Type Old Value New Value
    Added Reference http://rhn.redhat.com/errata/RHSA-2015-0126.html
    Added Reference http://www.securityfocus.com/archive/1/archive/1/534845/100/0/threaded
    Added Reference http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html
  • CVE Modified by [email protected]

    Mar. 17, 2015

    Action Type Old Value New Value
    Added Reference http://www.debian.org/security/2015/dsa-3142
  • CVE Modified by [email protected]

    Feb. 19, 2015

    Action Type Old Value New Value
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21696600
    Added Reference http://secunia.com/advisories/62883
    Added Reference http://secunia.com/advisories/62870
    Added Reference http://secunia.com/advisories/62871
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21696526
    Added Reference http://secunia.com/advisories/62879
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21696602
    Added Reference http://secunia.com/advisories/62865
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21696618
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21696243
  • CVE Modified by [email protected]

    Feb. 06, 2015

    Action Type Old Value New Value
    Added Reference http://secunia.com/advisories/62691
    Added Reference http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/
    Added Reference http://linux.oracle.com/errata/ELSA-2015-0090.html
    Added Reference https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10671
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21695835
    Added Reference https://kc.mcafee.com/corporate/index?page=content&id=SB10100
    Added Reference http://secunia.com/advisories/62698
    Added Reference http://linux.oracle.com/errata/ELSA-2015-0092.html
    Added Reference http://secunia.com/advisories/62692
    Added Reference https://bto.bluecoat.com/security-advisory/sa90
    Added Reference http://secunia.com/advisories/62690
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21695860
    Added Reference http://secunia.com/advisories/62715
    Added Reference http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost
    Added Reference http://secunia.com/advisories/62688
    Added Reference http://secunia.com/advisories/62681
    Added Reference http://secunia.com/advisories/62667
    Added Reference https://www.sophos.com/en-us/support/knowledgebase/121879.aspx
    Added Reference http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html
    Added Reference http://secunia.com/advisories/62517
    Added Reference http://secunia.com/advisories/62640
    Added Reference http://secunia.com/advisories/62680
    Added Reference http://seclists.org/fulldisclosure/2015/Jan/111
  • Modified Analysis by [email protected]

    Jan. 29, 2015

    Action Type Old Value New Value
    Added CPE Configuration Configuration 1 OR *cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:* *cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*
    Added CVSS V2 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
    Changed Reference Type http://seclists.org/oss-sec/2015/q1/274 No Types Assigned http://seclists.org/oss-sec/2015/q1/274 Exploit
    Added CWE CWE-119
  • Initial Analysis by [email protected]

    Jan. 29, 2015

    Action Type Old Value New Value
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2015-0235 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2015-0235 weaknesses.

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

97.44 }} -0.03%

score

0.99962

percentile

CVSS2 - Vulnerability Scoring System
Access Vector
Access Complexity
Authentication
Confidentiality
Integrity
Availability