github.com/quay/claircore@v1.5.28/suse/testdata/suse.linux.enterprise.desktop.10.xml (about) 1 <?xml version="1.0" encoding="UTF-8"?> 2 <oval_definitions 3 xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd" 4 xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" 5 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 6 xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" 7 xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5"> 8 <generator> 9 <oval:product_name>Marcus OVAL Generator</oval:product_name> 10 <oval:schema_version>5.5</oval:schema_version> 11 <oval:timestamp>2015-03-10T05:01:19</oval:timestamp> 12 </generator> 13 <definitions> 14 <definition id="oval:org.opensuse.security:def:20022443" version="1" class="vulnerability"> 15 <metadata> 16 <title>CVE-2002-2443</title> 17 <affected family="unix"> 18 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 19 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 20 </affected> 21 <reference ref_id="CVE-2002-2443" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443" source="CVE"/> 22 <description> 23 schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103. 24 </description> 25 </metadata> 26 <!-- c39bdbe610296d79e3993188cd5996f5 --> 27 <criteria operator="AND"> 28 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29 <criteria operator="OR"> 30 <criterion test_ref="oval:org.opensuse.security:tst:2009077611" comment="krb5-32bit less than 1.4.3-19.49.53.1"/> 31 <criterion test_ref="oval:org.opensuse.security:tst:2009077612" comment="krb5-client less than 1.4.3-19.49.53.1"/> 32 <criterion test_ref="oval:org.opensuse.security:tst:2009077613" comment="krb5-devel-32bit less than 1.4.3-19.49.53.1"/> 33 <criterion test_ref="oval:org.opensuse.security:tst:2009077614" comment="krb5-devel less than 1.4.3-19.49.53.1"/> 34 <criterion test_ref="oval:org.opensuse.security:tst:2009077615" comment="krb5 less than 1.4.3-19.49.53.1"/> 35 </criteria> 36 </criteria> 37 </definition> 38 <definition id="oval:org.opensuse.security:def:20040687" version="1" class="vulnerability"> 39 <metadata> 40 <title>CVE-2004-0687</title> 41 <affected family="unix"> 42 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 43 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 44 </affected> 45 <reference ref_id="CVE-2004-0687" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0687" source="CVE"/> 46 <description> 47 Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file. 48 </description> 49 </metadata> 50 <!-- 7eda55a9d7bcfbc970fb40b2a369d418 --> 51 <criteria operator="AND"> 52 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 53 <criteria operator="OR"> 54 <criterion test_ref="oval:org.opensuse.security:tst:2009037717" comment="xorg-x11-devel-32bit less than 6.9.0-50.45"/> 55 <criterion test_ref="oval:org.opensuse.security:tst:2009037718" comment="xorg-x11-devel less than 6.9.0-50.45"/> 56 </criteria> 57 </criteria> 58 </definition> 59 <definition id="oval:org.opensuse.security:def:20040688" version="1" class="vulnerability"> 60 <metadata> 61 <title>CVE-2004-0688</title> 62 <affected family="unix"> 63 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 64 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 65 </affected> 66 <reference ref_id="CVE-2004-0688" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0688" source="CVE"/> 67 <description> 68 Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file. 69 </description> 70 </metadata> 71 <!-- 7eda55a9d7bcfbc970fb40b2a369d418 --> 72 <criteria operator="AND"> 73 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 74 <criteria operator="OR"> 75 <criterion test_ref="oval:org.opensuse.security:tst:2009037717" comment="xorg-x11-devel-32bit less than 6.9.0-50.45"/> 76 <criterion test_ref="oval:org.opensuse.security:tst:2009037718" comment="xorg-x11-devel less than 6.9.0-50.45"/> 77 </criteria> 78 </criteria> 79 </definition> 80 <definition id="oval:org.opensuse.security:def:20040782" version="1" class="vulnerability"> 81 <metadata> 82 <title>CVE-2004-0782</title> 83 <affected family="unix"> 84 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 85 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 86 </affected> 87 <reference ref_id="CVE-2004-0782" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0782" source="CVE"/> 88 <description> 89 Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687). 90 </description> 91 </metadata> 92 <!-- c0136d5f769f780ec791f2b7c698b64b --> 93 <criteria operator="AND"> 94 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 95 <criterion test_ref="oval:org.opensuse.security:tst:2009037767" comment="gtk2-devel less than 2.8.11-0.15"/> 96 </criteria> 97 </definition> 98 <definition id="oval:org.opensuse.security:def:20040783" version="1" class="vulnerability"> 99 <metadata> 100 <title>CVE-2004-0783</title> 101 <affected family="unix"> 102 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 103 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 104 </affected> 105 <reference ref_id="CVE-2004-0783" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0783" source="CVE"/> 106 <description> 107 Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688). 108 </description> 109 </metadata> 110 <!-- c0136d5f769f780ec791f2b7c698b64b --> 111 <criteria operator="AND"> 112 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 113 <criterion test_ref="oval:org.opensuse.security:tst:2009037767" comment="gtk2-devel less than 2.8.11-0.15"/> 114 </criteria> 115 </definition> 116 <definition id="oval:org.opensuse.security:def:20040788" version="1" class="vulnerability"> 117 <metadata> 118 <title>CVE-2004-0788</title> 119 <affected family="unix"> 120 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 121 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 122 </affected> 123 <reference ref_id="CVE-2004-0788" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0788" source="CVE"/> 124 <description> 125 Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file. 126 </description> 127 </metadata> 128 <!-- c0136d5f769f780ec791f2b7c698b64b --> 129 <criteria operator="AND"> 130 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 131 <criterion test_ref="oval:org.opensuse.security:tst:2009037767" comment="gtk2-devel less than 2.8.11-0.15"/> 132 </criteria> 133 </definition> 134 <definition id="oval:org.opensuse.security:def:20040891" version="1" class="vulnerability"> 135 <metadata> 136 <title>CVE-2004-0891</title> 137 <affected family="unix"> 138 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 139 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 140 </affected> 141 <reference ref_id="CVE-2004-0891" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0891" source="CVE"/> 142 <description> 143 Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer. 144 </description> 145 </metadata> 146 <!-- f83d87195bba0229ac4b65c0cd41c27c --> 147 <criteria operator="AND"> 148 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 149 <criteria operator="OR"> 150 <criterion test_ref="oval:org.opensuse.security:tst:2009037827" comment="NetworkManager-devel less than 0.6.4-60.26"/> 151 <criterion test_ref="oval:org.opensuse.security:tst:2009037828" comment="NetworkManager-glib less than 0.6.4-60.26"/> 152 <criterion test_ref="oval:org.opensuse.security:tst:2009037829" comment="NetworkManager-gnome less than 0.6.4-60.26"/> 153 <criterion test_ref="oval:org.opensuse.security:tst:2009037830" comment="NetworkManager-openvpn less than 0.3.2cvs20060202-20.25"/> 154 <criterion test_ref="oval:org.opensuse.security:tst:2009037831" comment="NetworkManager-vpnc less than 0.5.0cvs20060202-19.30"/> 155 <criterion test_ref="oval:org.opensuse.security:tst:2009037832" comment="NetworkManager less than 0.6.4-60.26"/> 156 <criterion test_ref="oval:org.opensuse.security:tst:2009037833" comment="art-sharp less than 1.0.10-30.15"/> 157 <criterion test_ref="oval:org.opensuse.security:tst:2009037834" comment="audit-libs-32bit less than 1.2.9-6.9"/> 158 <criterion test_ref="oval:org.opensuse.security:tst:2009037835" comment="audit-libs-python less than 1.2.9-12.9"/> 159 <criterion test_ref="oval:org.opensuse.security:tst:2009037836" comment="audit-libs less than 1.2.9-6.9"/> 160 <criterion test_ref="oval:org.opensuse.security:tst:2009037837" comment="audit less than 1.2.9-6.9"/> 161 <criterion test_ref="oval:org.opensuse.security:tst:2009037838" comment="beagle-evolution less than 0.2.16.3-1.13"/> 162 <criterion test_ref="oval:org.opensuse.security:tst:2009037839" comment="beagle-firefox less than 0.2.16.3-1.13"/> 163 <criterion test_ref="oval:org.opensuse.security:tst:2009037840" comment="beagle-gui less than 0.2.16.3-1.13"/> 164 <criterion test_ref="oval:org.opensuse.security:tst:2009037841" comment="beagle less than 0.2.16.3-1.13"/> 165 <criterion test_ref="oval:org.opensuse.security:tst:2009037842" comment="cifs-mount less than 3.0.24-2.23"/> 166 <criterion test_ref="oval:org.opensuse.security:tst:2009037843" comment="compiz less than 0.4.0-0.21"/> 167 <criterion test_ref="oval:org.opensuse.security:tst:2009037844" comment="contact-lookup-applet less than 0.13-21.14"/> 168 <criterion test_ref="oval:org.opensuse.security:tst:2009037845" comment="dhcp-client less than 3.0.3-23.33"/> 169 <criterion test_ref="oval:org.opensuse.security:tst:2009037846" comment="dhcp less than 3.0.3-23.33"/> 170 <criterion test_ref="oval:org.opensuse.security:tst:2009037847" comment="dia less than 0.94-41.22"/> 171 <criterion test_ref="oval:org.opensuse.security:tst:2009037848" comment="evolution-devel less than 2.6.0-49.55"/> 172 <criterion test_ref="oval:org.opensuse.security:tst:2009037849" comment="evolution-exchange less than 2.6.0-27.34"/> 173 <criterion test_ref="oval:org.opensuse.security:tst:2009037850" comment="evolution-pilot less than 2.6.0-49.55"/> 174 <criterion test_ref="oval:org.opensuse.security:tst:2009037851" comment="evolution-webcal less than 2.4.1-18.14"/> 175 <criterion test_ref="oval:org.opensuse.security:tst:2009037852" comment="evolution less than 2.6.0-49.55"/> 176 <criterion test_ref="oval:org.opensuse.security:tst:2009037853" comment="f-spot less than 0.3.5-0.16"/> 177 <criterion test_ref="oval:org.opensuse.security:tst:2009037854" comment="gaim-devel less than 1.5.0-50.17"/> 178 <criterion test_ref="oval:org.opensuse.security:tst:2009037855" comment="gaim less than 1.5.0-50.17"/> 179 <criterion test_ref="oval:org.opensuse.security:tst:2009037856" comment="gconf-sharp less than 1.0.10-30.15"/> 180 <criterion test_ref="oval:org.opensuse.security:tst:2009037857" comment="gda-sharp less than 1.0.10-30.15"/> 181 <criterion test_ref="oval:org.opensuse.security:tst:2009037858" comment="gdb less than 6.6-12.20"/> 182 <criterion test_ref="oval:org.opensuse.security:tst:2009037859" comment="gftp less than 2.0.18-25.15"/> 183 <criterion test_ref="oval:org.opensuse.security:tst:2009037860" comment="glade-sharp less than 1.0.10-30.15"/> 184 <criterion test_ref="oval:org.opensuse.security:tst:2009037861" comment="glib-sharp less than 1.0.10-30.15"/> 185 <criterion test_ref="oval:org.opensuse.security:tst:2009037862" comment="glib2-32bit less than 2.8.6-0.8"/> 186 <criterion test_ref="oval:org.opensuse.security:tst:2009037863" comment="glib2-devel less than 2.8.6-0.8"/> 187 <criterion test_ref="oval:org.opensuse.security:tst:2009037864" comment="glib2-doc less than 2.8.6-0.8"/> 188 <criterion test_ref="oval:org.opensuse.security:tst:2009037865" comment="glib2 less than 2.8.6-0.8"/> 189 <criterion test_ref="oval:org.opensuse.security:tst:2009037866" comment="gnome-backgrounds less than 2.12.3.1-0.8"/> 190 <criterion test_ref="oval:org.opensuse.security:tst:2009037867" comment="gnome-filesystem less than 0.1-261.12"/> 191 <criterion test_ref="oval:org.opensuse.security:tst:2009037868" comment="gnome-games less than 2.12.3-0.12"/> 192 <criterion test_ref="oval:org.opensuse.security:tst:2009037869" comment="gnome-sharp less than 1.0.10-30.15"/> 193 <criterion test_ref="oval:org.opensuse.security:tst:2009037870" comment="gnomedb-sharp less than 1.0.10-30.15"/> 194 <criterion test_ref="oval:org.opensuse.security:tst:2009037871" comment="gnopernicus-devel less than 1.0.0-23.14"/> 195 <criterion test_ref="oval:org.opensuse.security:tst:2009037872" comment="gnopernicus less than 1.0.0-23.14"/> 196 <criterion test_ref="oval:org.opensuse.security:tst:2009037873" comment="gstreamer010-plugins-base-32bit less than 0.10.5-11.17"/> 197 <criterion test_ref="oval:org.opensuse.security:tst:2009037874" comment="gstreamer010-plugins-base-devel less than 0.10.5-11.17"/> 198 <criterion test_ref="oval:org.opensuse.security:tst:2009037875" comment="gstreamer010-plugins-base-doc less than 0.10.5-11.17"/> 199 <criterion test_ref="oval:org.opensuse.security:tst:2009037876" comment="gstreamer010-plugins-base-oil-32bit less than 0.10.5-11.17"/> 200 <criterion test_ref="oval:org.opensuse.security:tst:2009037877" comment="gstreamer010-plugins-base-oil less than 0.10.5-11.17"/> 201 <criterion test_ref="oval:org.opensuse.security:tst:2009037878" comment="gstreamer010-plugins-base-visual-32bit less than 0.10.5-11.17"/> 202 <criterion test_ref="oval:org.opensuse.security:tst:2009037879" comment="gstreamer010-plugins-base-visual less than 0.10.5-11.17"/> 203 <criterion test_ref="oval:org.opensuse.security:tst:2009037880" comment="gstreamer010-plugins-base less than 0.10.5-11.17"/> 204 <criterion test_ref="oval:org.opensuse.security:tst:2009037881" comment="gtk-sharp-32bit less than 1.0.10-30.15"/> 205 <criterion test_ref="oval:org.opensuse.security:tst:2009037882" comment="gtk-sharp-complete less than 1.0.10-30.15"/> 206 <criterion test_ref="oval:org.opensuse.security:tst:2009037883" comment="gtk-sharp-gapi less than 1.0.10-30.15"/> 207 <criterion test_ref="oval:org.opensuse.security:tst:2009037884" comment="gtk-sharp less than 1.0.10-30.15"/> 208 <criterion test_ref="oval:org.opensuse.security:tst:2009037885" comment="gtkhtml-sharp less than 1.0.10-30.15"/> 209 <criterion test_ref="oval:org.opensuse.security:tst:2009037886" comment="helix-dbus-server less than 0.4.0-0.10"/> 210 <criterion test_ref="oval:org.opensuse.security:tst:2009037887" comment="inkscape less than 0.43-20.15"/> 211 <criterion test_ref="oval:org.opensuse.security:tst:2009037888" comment="libbeagle-32bit less than 0.2.16.3-1.12"/> 212 <criterion test_ref="oval:org.opensuse.security:tst:2009037889" comment="libbeagle-devel less than 0.2.16.3-1.12"/> 213 <criterion test_ref="oval:org.opensuse.security:tst:2009037890" comment="libbeagle less than 0.2.16.3-1.12"/> 214 <criterion test_ref="oval:org.opensuse.security:tst:2009037891" comment="libgail-gnome-devel less than 1.1.3-41.13"/> 215 <criterion test_ref="oval:org.opensuse.security:tst:2009037892" comment="libgail-gnome less than 1.1.3-41.13"/> 216 <criterion test_ref="oval:org.opensuse.security:tst:2009037893" comment="libgdiplus less than 1.2.2-13.13"/> 217 <criterion test_ref="oval:org.opensuse.security:tst:2009037894" comment="libipoddevice-32bit less than 0.5.2-1.17"/> 218 <criterion test_ref="oval:org.opensuse.security:tst:2009037895" comment="libipoddevice less than 0.5.2-1.17"/> 219 <criterion test_ref="oval:org.opensuse.security:tst:2009037896" comment="libsmbclient-32bit less than 3.0.24-2.23"/> 220 <criterion test_ref="oval:org.opensuse.security:tst:2009037897" comment="libsmbclient-devel less than 3.0.24-2.23"/> 221 <criterion test_ref="oval:org.opensuse.security:tst:2009037898" comment="libsmbclient less than 3.0.24-2.23"/> 222 <criterion test_ref="oval:org.opensuse.security:tst:2009037899" comment="libtool-32bit less than 1.5.22-13.12"/> 223 <criterion test_ref="oval:org.opensuse.security:tst:2009037900" comment="libtool less than 1.5.22-13.12"/> 224 <criterion test_ref="oval:org.opensuse.security:tst:2009037901" comment="linphone-applet less than 1.2.0-16.14"/> 225 <criterion test_ref="oval:org.opensuse.security:tst:2009037902" comment="linphone less than 1.2.0-16.14"/> 226 <criterion test_ref="oval:org.opensuse.security:tst:2009037903" comment="openobex-devel less than 1.3-28.7"/> 227 <criterion test_ref="oval:org.opensuse.security:tst:2009037904" comment="openobex less than 1.3-28.7"/> 228 <criterion test_ref="oval:org.opensuse.security:tst:2009037905" comment="planner-devel less than 0.14.1-24.12"/> 229 <criterion test_ref="oval:org.opensuse.security:tst:2009037906" comment="planner less than 0.14.1-24.12"/> 230 <criterion test_ref="oval:org.opensuse.security:tst:2009037907" comment="pwlib-devel less than 1.10.4-0.10"/> 231 <criterion test_ref="oval:org.opensuse.security:tst:2009037908" comment="pwlib less than 1.10.4-0.10"/> 232 <criterion test_ref="oval:org.opensuse.security:tst:2009037909" comment="resapplet less than 0.1.4-5.20"/> 233 <criterion test_ref="oval:org.opensuse.security:tst:2009037910" comment="rsvg-sharp less than 1.0.10-30.15"/> 234 <criterion test_ref="oval:org.opensuse.security:tst:2009037911" comment="sabayon-admin less than 2.12.3-21.29"/> 235 <criterion test_ref="oval:org.opensuse.security:tst:2009037912" comment="sabayon less than 2.12.3-21.29"/> 236 <criterion test_ref="oval:org.opensuse.security:tst:2009037913" comment="samba-32bit less than 3.0.24-2.23"/> 237 <criterion test_ref="oval:org.opensuse.security:tst:2009037914" comment="samba-client-32bit less than 3.0.24-2.23"/> 238 <criterion test_ref="oval:org.opensuse.security:tst:2009037915" comment="samba-client less than 3.0.24-2.23"/> 239 <criterion test_ref="oval:org.opensuse.security:tst:2009037916" comment="samba-doc less than 3.0.24-2.23"/> 240 <criterion test_ref="oval:org.opensuse.security:tst:2009037917" comment="samba-krb-printing less than 3.0.24-2.23"/> 241 <criterion test_ref="oval:org.opensuse.security:tst:2009037918" comment="samba-pdb less than 3.0.24-2.23"/> 242 <criterion test_ref="oval:org.opensuse.security:tst:2009037919" comment="samba-vscan less than 0.3.6b-42.49"/> 243 <criterion test_ref="oval:org.opensuse.security:tst:2009037920" comment="samba-winbind-32bit less than 3.0.24-2.23"/> 244 <criterion test_ref="oval:org.opensuse.security:tst:2009037921" comment="samba-winbind less than 3.0.24-2.23"/> 245 <criterion test_ref="oval:org.opensuse.security:tst:2009037922" comment="samba less than 3.0.24-2.23"/> 246 <criterion test_ref="oval:org.opensuse.security:tst:2009037923" comment="tomboy less than 0.6.0-0.21"/> 247 <criterion test_ref="oval:org.opensuse.security:tst:2009037924" comment="vte-sharp less than 1.0.10-30.15"/> 248 <criterion test_ref="oval:org.opensuse.security:tst:2009037925" comment="wbxml2 less than 0.9.0-18.10"/> 249 <criterion test_ref="oval:org.opensuse.security:tst:2009037926" comment="xgl-hardware-list less than 070326-0.5"/> 250 <criterion test_ref="oval:org.opensuse.security:tst:2009037927" comment="xgl less than cvs_060522-0.32"/> 251 </criteria> 252 </criteria> 253 </definition> 254 <definition id="oval:org.opensuse.security:def:20050005" version="1" class="vulnerability"> 255 <metadata> 256 <title>CVE-2005-0005</title> 257 <affected family="unix"> 258 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 259 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 260 </affected> 261 <reference ref_id="CVE-2005-0005" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0005" source="CVE"/> 262 <description> 263 Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. 264 </description> 265 </metadata> 266 <!-- c63e20288ce2b23db9e99040524a1226 --> 267 <criteria operator="AND"> 268 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 269 <criterion test_ref="oval:org.opensuse.security:tst:2009038159" comment="perl-PerlMagick less than 6.2.5-16.20"/> 270 </criteria> 271 </definition> 272 <definition id="oval:org.opensuse.security:def:20051261" version="1" class="vulnerability"> 273 <metadata> 274 <title>CVE-2005-1261</title> 275 <affected family="unix"> 276 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 277 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 278 </affected> 279 <reference ref_id="CVE-2005-1261" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1261" source="CVE"/> 280 <description> 281 Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL. 282 </description> 283 </metadata> 284 <!-- f83d87195bba0229ac4b65c0cd41c27c --> 285 <criteria operator="AND"> 286 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 287 <criteria operator="OR"> 288 <criterion test_ref="oval:org.opensuse.security:tst:2009037827" comment="NetworkManager-devel less than 0.6.4-60.26"/> 289 <criterion test_ref="oval:org.opensuse.security:tst:2009037828" comment="NetworkManager-glib less than 0.6.4-60.26"/> 290 <criterion test_ref="oval:org.opensuse.security:tst:2009037829" comment="NetworkManager-gnome less than 0.6.4-60.26"/> 291 <criterion test_ref="oval:org.opensuse.security:tst:2009037830" comment="NetworkManager-openvpn less than 0.3.2cvs20060202-20.25"/> 292 <criterion test_ref="oval:org.opensuse.security:tst:2009037831" comment="NetworkManager-vpnc less than 0.5.0cvs20060202-19.30"/> 293 <criterion test_ref="oval:org.opensuse.security:tst:2009037832" comment="NetworkManager less than 0.6.4-60.26"/> 294 <criterion test_ref="oval:org.opensuse.security:tst:2009037833" comment="art-sharp less than 1.0.10-30.15"/> 295 <criterion test_ref="oval:org.opensuse.security:tst:2009037834" comment="audit-libs-32bit less than 1.2.9-6.9"/> 296 <criterion test_ref="oval:org.opensuse.security:tst:2009037835" comment="audit-libs-python less than 1.2.9-12.9"/> 297 <criterion test_ref="oval:org.opensuse.security:tst:2009037836" comment="audit-libs less than 1.2.9-6.9"/> 298 <criterion test_ref="oval:org.opensuse.security:tst:2009037837" comment="audit less than 1.2.9-6.9"/> 299 <criterion test_ref="oval:org.opensuse.security:tst:2009037838" comment="beagle-evolution less than 0.2.16.3-1.13"/> 300 <criterion test_ref="oval:org.opensuse.security:tst:2009037839" comment="beagle-firefox less than 0.2.16.3-1.13"/> 301 <criterion test_ref="oval:org.opensuse.security:tst:2009037840" comment="beagle-gui less than 0.2.16.3-1.13"/> 302 <criterion test_ref="oval:org.opensuse.security:tst:2009037841" comment="beagle less than 0.2.16.3-1.13"/> 303 <criterion test_ref="oval:org.opensuse.security:tst:2009037842" comment="cifs-mount less than 3.0.24-2.23"/> 304 <criterion test_ref="oval:org.opensuse.security:tst:2009037843" comment="compiz less than 0.4.0-0.21"/> 305 <criterion test_ref="oval:org.opensuse.security:tst:2009037844" comment="contact-lookup-applet less than 0.13-21.14"/> 306 <criterion test_ref="oval:org.opensuse.security:tst:2009037845" comment="dhcp-client less than 3.0.3-23.33"/> 307 <criterion test_ref="oval:org.opensuse.security:tst:2009037846" comment="dhcp less than 3.0.3-23.33"/> 308 <criterion test_ref="oval:org.opensuse.security:tst:2009037847" comment="dia less than 0.94-41.22"/> 309 <criterion test_ref="oval:org.opensuse.security:tst:2009037848" comment="evolution-devel less than 2.6.0-49.55"/> 310 <criterion test_ref="oval:org.opensuse.security:tst:2009037849" comment="evolution-exchange less than 2.6.0-27.34"/> 311 <criterion test_ref="oval:org.opensuse.security:tst:2009037850" comment="evolution-pilot less than 2.6.0-49.55"/> 312 <criterion test_ref="oval:org.opensuse.security:tst:2009037851" comment="evolution-webcal less than 2.4.1-18.14"/> 313 <criterion test_ref="oval:org.opensuse.security:tst:2009037852" comment="evolution less than 2.6.0-49.55"/> 314 <criterion test_ref="oval:org.opensuse.security:tst:2009037853" comment="f-spot less than 0.3.5-0.16"/> 315 <criterion test_ref="oval:org.opensuse.security:tst:2009037854" comment="gaim-devel less than 1.5.0-50.17"/> 316 <criterion test_ref="oval:org.opensuse.security:tst:2009037855" comment="gaim less than 1.5.0-50.17"/> 317 <criterion test_ref="oval:org.opensuse.security:tst:2009037856" comment="gconf-sharp less than 1.0.10-30.15"/> 318 <criterion test_ref="oval:org.opensuse.security:tst:2009037857" comment="gda-sharp less than 1.0.10-30.15"/> 319 <criterion test_ref="oval:org.opensuse.security:tst:2009037858" comment="gdb less than 6.6-12.20"/> 320 <criterion test_ref="oval:org.opensuse.security:tst:2009037859" comment="gftp less than 2.0.18-25.15"/> 321 <criterion test_ref="oval:org.opensuse.security:tst:2009037860" comment="glade-sharp less than 1.0.10-30.15"/> 322 <criterion test_ref="oval:org.opensuse.security:tst:2009037861" comment="glib-sharp less than 1.0.10-30.15"/> 323 <criterion test_ref="oval:org.opensuse.security:tst:2009037862" comment="glib2-32bit less than 2.8.6-0.8"/> 324 <criterion test_ref="oval:org.opensuse.security:tst:2009037863" comment="glib2-devel less than 2.8.6-0.8"/> 325 <criterion test_ref="oval:org.opensuse.security:tst:2009037864" comment="glib2-doc less than 2.8.6-0.8"/> 326 <criterion test_ref="oval:org.opensuse.security:tst:2009037865" comment="glib2 less than 2.8.6-0.8"/> 327 <criterion test_ref="oval:org.opensuse.security:tst:2009037866" comment="gnome-backgrounds less than 2.12.3.1-0.8"/> 328 <criterion test_ref="oval:org.opensuse.security:tst:2009037867" comment="gnome-filesystem less than 0.1-261.12"/> 329 <criterion test_ref="oval:org.opensuse.security:tst:2009037868" comment="gnome-games less than 2.12.3-0.12"/> 330 <criterion test_ref="oval:org.opensuse.security:tst:2009037869" comment="gnome-sharp less than 1.0.10-30.15"/> 331 <criterion test_ref="oval:org.opensuse.security:tst:2009037870" comment="gnomedb-sharp less than 1.0.10-30.15"/> 332 <criterion test_ref="oval:org.opensuse.security:tst:2009037871" comment="gnopernicus-devel less than 1.0.0-23.14"/> 333 <criterion test_ref="oval:org.opensuse.security:tst:2009037872" comment="gnopernicus less than 1.0.0-23.14"/> 334 <criterion test_ref="oval:org.opensuse.security:tst:2009037873" comment="gstreamer010-plugins-base-32bit less than 0.10.5-11.17"/> 335 <criterion test_ref="oval:org.opensuse.security:tst:2009037874" comment="gstreamer010-plugins-base-devel less than 0.10.5-11.17"/> 336 <criterion test_ref="oval:org.opensuse.security:tst:2009037875" comment="gstreamer010-plugins-base-doc less than 0.10.5-11.17"/> 337 <criterion test_ref="oval:org.opensuse.security:tst:2009037876" comment="gstreamer010-plugins-base-oil-32bit less than 0.10.5-11.17"/> 338 <criterion test_ref="oval:org.opensuse.security:tst:2009037877" comment="gstreamer010-plugins-base-oil less than 0.10.5-11.17"/> 339 <criterion test_ref="oval:org.opensuse.security:tst:2009037878" comment="gstreamer010-plugins-base-visual-32bit less than 0.10.5-11.17"/> 340 <criterion test_ref="oval:org.opensuse.security:tst:2009037879" comment="gstreamer010-plugins-base-visual less than 0.10.5-11.17"/> 341 <criterion test_ref="oval:org.opensuse.security:tst:2009037880" comment="gstreamer010-plugins-base less than 0.10.5-11.17"/> 342 <criterion test_ref="oval:org.opensuse.security:tst:2009037881" comment="gtk-sharp-32bit less than 1.0.10-30.15"/> 343 <criterion test_ref="oval:org.opensuse.security:tst:2009037882" comment="gtk-sharp-complete less than 1.0.10-30.15"/> 344 <criterion test_ref="oval:org.opensuse.security:tst:2009037883" comment="gtk-sharp-gapi less than 1.0.10-30.15"/> 345 <criterion test_ref="oval:org.opensuse.security:tst:2009037884" comment="gtk-sharp less than 1.0.10-30.15"/> 346 <criterion test_ref="oval:org.opensuse.security:tst:2009037885" comment="gtkhtml-sharp less than 1.0.10-30.15"/> 347 <criterion test_ref="oval:org.opensuse.security:tst:2009037886" comment="helix-dbus-server less than 0.4.0-0.10"/> 348 <criterion test_ref="oval:org.opensuse.security:tst:2009037887" comment="inkscape less than 0.43-20.15"/> 349 <criterion test_ref="oval:org.opensuse.security:tst:2009037888" comment="libbeagle-32bit less than 0.2.16.3-1.12"/> 350 <criterion test_ref="oval:org.opensuse.security:tst:2009037889" comment="libbeagle-devel less than 0.2.16.3-1.12"/> 351 <criterion test_ref="oval:org.opensuse.security:tst:2009037890" comment="libbeagle less than 0.2.16.3-1.12"/> 352 <criterion test_ref="oval:org.opensuse.security:tst:2009037891" comment="libgail-gnome-devel less than 1.1.3-41.13"/> 353 <criterion test_ref="oval:org.opensuse.security:tst:2009037892" comment="libgail-gnome less than 1.1.3-41.13"/> 354 <criterion test_ref="oval:org.opensuse.security:tst:2009037893" comment="libgdiplus less than 1.2.2-13.13"/> 355 <criterion test_ref="oval:org.opensuse.security:tst:2009037894" comment="libipoddevice-32bit less than 0.5.2-1.17"/> 356 <criterion test_ref="oval:org.opensuse.security:tst:2009037895" comment="libipoddevice less than 0.5.2-1.17"/> 357 <criterion test_ref="oval:org.opensuse.security:tst:2009037896" comment="libsmbclient-32bit less than 3.0.24-2.23"/> 358 <criterion test_ref="oval:org.opensuse.security:tst:2009037897" comment="libsmbclient-devel less than 3.0.24-2.23"/> 359 <criterion test_ref="oval:org.opensuse.security:tst:2009037898" comment="libsmbclient less than 3.0.24-2.23"/> 360 <criterion test_ref="oval:org.opensuse.security:tst:2009037899" comment="libtool-32bit less than 1.5.22-13.12"/> 361 <criterion test_ref="oval:org.opensuse.security:tst:2009037900" comment="libtool less than 1.5.22-13.12"/> 362 <criterion test_ref="oval:org.opensuse.security:tst:2009037901" comment="linphone-applet less than 1.2.0-16.14"/> 363 <criterion test_ref="oval:org.opensuse.security:tst:2009037902" comment="linphone less than 1.2.0-16.14"/> 364 <criterion test_ref="oval:org.opensuse.security:tst:2009037903" comment="openobex-devel less than 1.3-28.7"/> 365 <criterion test_ref="oval:org.opensuse.security:tst:2009037904" comment="openobex less than 1.3-28.7"/> 366 <criterion test_ref="oval:org.opensuse.security:tst:2009037905" comment="planner-devel less than 0.14.1-24.12"/> 367 <criterion test_ref="oval:org.opensuse.security:tst:2009037906" comment="planner less than 0.14.1-24.12"/> 368 <criterion test_ref="oval:org.opensuse.security:tst:2009037907" comment="pwlib-devel less than 1.10.4-0.10"/> 369 <criterion test_ref="oval:org.opensuse.security:tst:2009037908" comment="pwlib less than 1.10.4-0.10"/> 370 <criterion test_ref="oval:org.opensuse.security:tst:2009037909" comment="resapplet less than 0.1.4-5.20"/> 371 <criterion test_ref="oval:org.opensuse.security:tst:2009037910" comment="rsvg-sharp less than 1.0.10-30.15"/> 372 <criterion test_ref="oval:org.opensuse.security:tst:2009037911" comment="sabayon-admin less than 2.12.3-21.29"/> 373 <criterion test_ref="oval:org.opensuse.security:tst:2009037912" comment="sabayon less than 2.12.3-21.29"/> 374 <criterion test_ref="oval:org.opensuse.security:tst:2009037913" comment="samba-32bit less than 3.0.24-2.23"/> 375 <criterion test_ref="oval:org.opensuse.security:tst:2009037914" comment="samba-client-32bit less than 3.0.24-2.23"/> 376 <criterion test_ref="oval:org.opensuse.security:tst:2009037915" comment="samba-client less than 3.0.24-2.23"/> 377 <criterion test_ref="oval:org.opensuse.security:tst:2009037916" comment="samba-doc less than 3.0.24-2.23"/> 378 <criterion test_ref="oval:org.opensuse.security:tst:2009037917" comment="samba-krb-printing less than 3.0.24-2.23"/> 379 <criterion test_ref="oval:org.opensuse.security:tst:2009037918" comment="samba-pdb less than 3.0.24-2.23"/> 380 <criterion test_ref="oval:org.opensuse.security:tst:2009037919" comment="samba-vscan less than 0.3.6b-42.49"/> 381 <criterion test_ref="oval:org.opensuse.security:tst:2009037920" comment="samba-winbind-32bit less than 3.0.24-2.23"/> 382 <criterion test_ref="oval:org.opensuse.security:tst:2009037921" comment="samba-winbind less than 3.0.24-2.23"/> 383 <criterion test_ref="oval:org.opensuse.security:tst:2009037922" comment="samba less than 3.0.24-2.23"/> 384 <criterion test_ref="oval:org.opensuse.security:tst:2009037923" comment="tomboy less than 0.6.0-0.21"/> 385 <criterion test_ref="oval:org.opensuse.security:tst:2009037924" comment="vte-sharp less than 1.0.10-30.15"/> 386 <criterion test_ref="oval:org.opensuse.security:tst:2009037925" comment="wbxml2 less than 0.9.0-18.10"/> 387 <criterion test_ref="oval:org.opensuse.security:tst:2009037926" comment="xgl-hardware-list less than 070326-0.5"/> 388 <criterion test_ref="oval:org.opensuse.security:tst:2009037927" comment="xgl less than cvs_060522-0.32"/> 389 </criteria> 390 </criteria> 391 </definition> 392 <definition id="oval:org.opensuse.security:def:20052494" version="1" class="vulnerability"> 393 <metadata> 394 <title>CVE-2005-2494</title> 395 <affected family="unix"> 396 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 397 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 398 </affected> 399 <reference ref_id="CVE-2005-2494" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2494" source="CVE"/> 400 <description> 401 kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files. 402 </description> 403 </metadata> 404 <!-- a463f164b74303a48050afc613869291 --> 405 <criteria operator="AND"> 406 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 407 <criterion test_ref="oval:org.opensuse.security:tst:2009038841" comment="kdebase3-beagle less than 3.5.1-69.52"/> 408 </criteria> 409 </definition> 410 <definition id="oval:org.opensuse.security:def:20052975" version="1" class="vulnerability"> 411 <metadata> 412 <title>CVE-2005-2975</title> 413 <affected family="unix"> 414 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 415 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 416 </affected> 417 <reference ref_id="CVE-2005-2975" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975" source="CVE"/> 418 <description> 419 io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors. 420 </description> 421 </metadata> 422 <!-- c0136d5f769f780ec791f2b7c698b64b --> 423 <criteria operator="AND"> 424 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 425 <criterion test_ref="oval:org.opensuse.security:tst:2009037767" comment="gtk2-devel less than 2.8.11-0.15"/> 426 </criteria> 427 </definition> 428 <definition id="oval:org.opensuse.security:def:20054095" version="1" class="vulnerability"> 429 <metadata> 430 <title>CVE-2005-4095</title> 431 <affected family="unix"> 432 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 433 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 434 </affected> 435 <reference ref_id="CVE-2005-4095" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4095" source="CVE"/> 436 <description> 437 Directory traversal vulnerability in connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows remote attackers to list arbitrary files and directories via ".." sequences in the Type parameter in a GetFoldersAndFiles command. 438 </description> 439 </metadata> 440 <!-- 7eda55a9d7bcfbc970fb40b2a369d418 --> 441 <criteria operator="AND"> 442 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 443 <criteria operator="OR"> 444 <criterion test_ref="oval:org.opensuse.security:tst:2009037717" comment="xorg-x11-devel-32bit less than 6.9.0-50.45"/> 445 <criterion test_ref="oval:org.opensuse.security:tst:2009037718" comment="xorg-x11-devel less than 6.9.0-50.45"/> 446 </criteria> 447 </criteria> 448 </definition> 449 <definition id="oval:org.opensuse.security:def:20054601" version="1" class="vulnerability"> 450 <metadata> 451 <title>CVE-2005-4601</title> 452 <affected family="unix"> 453 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 454 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 455 </affected> 456 <reference ref_id="CVE-2005-4601" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4601" source="CVE"/> 457 <description> 458 The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command. 459 </description> 460 </metadata> 461 <!-- c63e20288ce2b23db9e99040524a1226 --> 462 <criteria operator="AND"> 463 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 464 <criterion test_ref="oval:org.opensuse.security:tst:2009038159" comment="perl-PerlMagick less than 6.2.5-16.20"/> 465 </criteria> 466 </definition> 467 <definition id="oval:org.opensuse.security:def:20054835" version="1" class="vulnerability"> 468 <metadata> 469 <title>CVE-2005-4835</title> 470 <affected family="unix"> 471 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 472 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 473 </affected> 474 <reference ref_id="CVE-2005-4835" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4835" source="CVE"/> 475 <description> 476 The ath_rate_sample function in the ath_rate/sample/sample.c sample code in MadWifi before 0.9.3 allows remote attackers to cause a denial of service (failed KASSERT and system crash) by moving a connected system to a location with low signal strength, and possibly other vectors related to a race condition between interface enabling and packet transmission. 477 </description> 478 </metadata> 479 <!-- f72f26d7dd8e0f81dd5a72942869c106 --> 480 <criteria operator="AND"> 481 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 482 <criteria operator="OR"> 483 <criterion test_ref="oval:org.opensuse.security:tst:2009039492" comment="madwifi-kmp-bigsmp less than 0.9.3_2.6.16.46_0.12-6.6"/> 484 <criterion test_ref="oval:org.opensuse.security:tst:2009039493" comment="madwifi-kmp-default less than 0.9.3_2.6.16.46_0.12-6.6"/> 485 <criterion test_ref="oval:org.opensuse.security:tst:2009039494" comment="madwifi-kmp-smp less than 0.9.3_2.6.16.46_0.12-6.6"/> 486 </criteria> 487 </criteria> 488 </definition> 489 <definition id="oval:org.opensuse.security:def:20054881" version="1" class="vulnerability"> 490 <metadata> 491 <title>CVE-2005-4881</title> 492 <affected family="unix"> 493 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 494 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 495 </affected> 496 <reference ref_id="CVE-2005-4881" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4881" source="CVE"/> 497 <description> 498 The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.13-rc1 does not initialize certain padding fields in structures, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors, related to the (1) tc_fill_qdisc, (2) tcf_fill_node, (3) neightbl_fill_info, (4) neightbl_fill_param_info, (5) neigh_fill_info, (6) rtnetlink_fill_ifinfo, (7) rtnetlink_fill_iwinfo, (8) vif_delete, (9) ipmr_destroy_unres, (10) ipmr_cache_alloc_unres, (11) ipmr_cache_resolve, (12) inet6_fill_ifinfo, (13) tca_get_fill, (14) tca_action_flush, (15) tcf_add_notify, (16) tc_dump_action, (17) cbq_dump_police, (18) __nlmsg_put, (19) __rta_fill, (20) __rta_reserve, (21) inet6_fill_prefix, (22) rsvp_dump, and (23) cbq_dump_ovl functions. 499 </description> 500 </metadata> 501 <criteria operator="OR"> 502 <!-- 1f3d0df322cdf35f54c2baec92610fa0 --> 503 <criteria operator="AND"> 504 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 505 <criteria operator="OR"> 506 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 507 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 508 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 509 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 510 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 511 </criteria> 512 </criteria> 513 <!-- 7a612881db49bcc0dd76d517d881465e --> 514 <criteria operator="AND"> 515 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 516 <criteria operator="OR"> 517 <criterion test_ref="oval:org.opensuse.security:tst:2009056864" comment="kernel-bigsmp less than 2.6.16.60-0.58.1"/> 518 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 519 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 520 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 521 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 522 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 523 <criterion test_ref="oval:org.opensuse.security:tst:2009056865" comment="kernel-xenpae less than 2.6.16.60-0.58.1"/> 524 </criteria> 525 </criteria> 526 </criteria> 527 </definition> 528 <definition id="oval:org.opensuse.security:def:20060082" version="1" class="vulnerability"> 529 <metadata> 530 <title>CVE-2006-0082</title> 531 <affected family="unix"> 532 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 533 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 534 </affected> 535 <reference ref_id="CVE-2006-0082" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0082" source="CVE"/> 536 <description> 537 Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program. 538 </description> 539 </metadata> 540 <!-- c63e20288ce2b23db9e99040524a1226 --> 541 <criteria operator="AND"> 542 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 543 <criterion test_ref="oval:org.opensuse.security:tst:2009038159" comment="perl-PerlMagick less than 6.2.5-16.20"/> 544 </criteria> 545 </definition> 546 <definition id="oval:org.opensuse.security:def:20061526" version="1" class="vulnerability"> 547 <metadata> 548 <title>CVE-2006-1526</title> 549 <affected family="unix"> 550 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 551 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 552 </affected> 553 <reference ref_id="CVE-2006-1526" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1526" source="CVE"/> 554 <description> 555 Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash), as demonstrated by the (1) XRenderCompositeTriStrip and (2) XRenderCompositeTriFan requests in the rendertest from XCB xcb/xcb-demo, which leads to an incorrect memory allocation due to a typo in an expression that uses a "&" instead of a "*" operator. NOTE: the subject line of the original announcement used an incorrect CVE number for this issue. 556 </description> 557 </metadata> 558 <!-- 7eda55a9d7bcfbc970fb40b2a369d418 --> 559 <criteria operator="AND"> 560 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 561 <criteria operator="OR"> 562 <criterion test_ref="oval:org.opensuse.security:tst:2009037717" comment="xorg-x11-devel-32bit less than 6.9.0-50.45"/> 563 <criterion test_ref="oval:org.opensuse.security:tst:2009037718" comment="xorg-x11-devel less than 6.9.0-50.45"/> 564 </criteria> 565 </criteria> 566 </definition> 567 <definition id="oval:org.opensuse.security:def:20062449" version="1" class="vulnerability"> 568 <metadata> 569 <title>CVE-2006-2449</title> 570 <affected family="unix"> 571 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 572 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 573 </affected> 574 <reference ref_id="CVE-2006-2449" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2449" source="CVE"/> 575 <description> 576 KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login. 577 </description> 578 </metadata> 579 <!-- a463f164b74303a48050afc613869291 --> 580 <criteria operator="AND"> 581 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 582 <criterion test_ref="oval:org.opensuse.security:tst:2009038841" comment="kdebase3-beagle less than 3.5.1-69.52"/> 583 </criteria> 584 </definition> 585 <definition id="oval:org.opensuse.security:def:20062627" version="1" class="vulnerability"> 586 <metadata> 587 <title>CVE-2006-2627</title> 588 <affected family="unix"> 589 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 590 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 591 </affected> 592 <reference ref_id="CVE-2006-2627" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2627" source="CVE"/> 593 <description> 594 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 595 </description> 596 </metadata> 597 <!-- ff4fc54264a58b5a65e376174670f408 --> 598 <criteria operator="AND"> 599 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 600 <criteria operator="OR"> 601 <criterion test_ref="oval:org.opensuse.security:tst:2009040429" comment="novell-NLDAPbase-dyn-32bit less than 3.4.1-0.14"/> 602 <criterion test_ref="oval:org.opensuse.security:tst:2009040430" comment="novell-NLDAPbase-dyn less than 3.4.1-0.14"/> 603 <criterion test_ref="oval:org.opensuse.security:tst:2009040431" comment="novell-NLDAPsdk-dyn-32bit less than 3.4.1-0.14"/> 604 <criterion test_ref="oval:org.opensuse.security:tst:2009040432" comment="novell-NLDAPsdk-dyn less than 3.4.1-0.14"/> 605 </criteria> 606 </criteria> 607 </definition> 608 <definition id="oval:org.opensuse.security:def:20062916" version="1" class="vulnerability"> 609 <metadata> 610 <title>CVE-2006-2916</title> 611 <affected family="unix"> 612 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 613 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 614 </affected> 615 <reference ref_id="CVE-2006-2916" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2916" source="CVE"/> 616 <description> 617 artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges. 618 </description> 619 </metadata> 620 <!-- d8a29c5ccebd97806baee81f19174d23 --> 621 <criteria operator="AND"> 622 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 623 <criteria operator="OR"> 624 <criterion test_ref="oval:org.opensuse.security:tst:2009040545" comment="arts-32bit less than 1.5.1-15.15"/> 625 <criterion test_ref="oval:org.opensuse.security:tst:2009040546" comment="arts-devel less than 1.5.1-15.15"/> 626 <criterion test_ref="oval:org.opensuse.security:tst:2009040547" comment="arts less than 1.5.1-15.15"/> 627 <criterion test_ref="oval:org.opensuse.security:tst:2009040548" comment="esound-32bit less than 0.2.36-19.13"/> 628 <criterion test_ref="oval:org.opensuse.security:tst:2009040549" comment="esound-devel less than 0.2.36-19.13"/> 629 <criterion test_ref="oval:org.opensuse.security:tst:2009040550" comment="esound less than 0.2.36-19.13"/> 630 <criterion test_ref="oval:org.opensuse.security:tst:2009040551" comment="fileshareset less than 2.0-84.51"/> 631 <criterion test_ref="oval:org.opensuse.security:tst:2009040552" comment="fontconfig-32bit less than 2.3.94-18.16"/> 632 <criterion test_ref="oval:org.opensuse.security:tst:2009040553" comment="fontconfig-devel-32bit less than 2.3.94-18.16"/> 633 <criterion test_ref="oval:org.opensuse.security:tst:2009040554" comment="fontconfig-devel less than 2.3.94-18.16"/> 634 <criterion test_ref="oval:org.opensuse.security:tst:2009040555" comment="fontconfig less than 2.3.94-18.16"/> 635 <criterion test_ref="oval:org.opensuse.security:tst:2009040556" comment="gnokii less than 0.6.14-40.9"/> 636 <criterion test_ref="oval:org.opensuse.security:tst:2009040557" comment="gtk-32bit less than 1.2.10-907.11"/> 637 <criterion test_ref="oval:org.opensuse.security:tst:2009040558" comment="gtk-devel less than 1.2.10-907.11"/> 638 <criterion test_ref="oval:org.opensuse.security:tst:2009040559" comment="gtk less than 1.2.10-907.11"/> 639 <criterion test_ref="oval:org.opensuse.security:tst:2009040560" comment="icecream-monitor less than 1.0-45.8"/> 640 <criterion test_ref="oval:org.opensuse.security:tst:2009040561" comment="kdebase3-32bit less than 3.5.1-69.52"/> 641 <criterion test_ref="oval:org.opensuse.security:tst:2009040562" comment="kdebase3-devel less than 3.5.1-69.52"/> 642 <criterion test_ref="oval:org.opensuse.security:tst:2009040563" comment="kdebase3-kdm less than 3.5.1-69.52"/> 643 <criterion test_ref="oval:org.opensuse.security:tst:2009040564" comment="kdebase3-ksysguardd less than 3.5.1-69.52"/> 644 <criterion test_ref="oval:org.opensuse.security:tst:2009040565" comment="kdebase3-nsplugin less than 3.5.1-69.52"/> 645 <criterion test_ref="oval:org.opensuse.security:tst:2009040566" comment="kdebase3-samba less than 3.5.1-69.52"/> 646 <criterion test_ref="oval:org.opensuse.security:tst:2009040567" comment="kdebase3-session less than 3.5.1-69.52"/> 647 <criterion test_ref="oval:org.opensuse.security:tst:2009040568" comment="kdebase3 less than 3.5.1-69.52"/> 648 <criterion test_ref="oval:org.opensuse.security:tst:2009040569" comment="kdelibs3-32bit less than 3.5.1-49.35"/> 649 <criterion test_ref="oval:org.opensuse.security:tst:2009040570" comment="kdelibs3-arts-32bit less than 3.5.1-49.35"/> 650 <criterion test_ref="oval:org.opensuse.security:tst:2009040571" comment="kdelibs3-arts less than 3.5.1-49.35"/> 651 <criterion test_ref="oval:org.opensuse.security:tst:2009040572" comment="kdelibs3-devel-doc less than 3.5.1-49.34"/> 652 <criterion test_ref="oval:org.opensuse.security:tst:2009040573" comment="kdelibs3-devel less than 3.5.1-49.35"/> 653 <criterion test_ref="oval:org.opensuse.security:tst:2009040574" comment="kdelibs3-doc less than 3.5.1-49.35"/> 654 <criterion test_ref="oval:org.opensuse.security:tst:2009040575" comment="kdelibs3 less than 3.5.1-49.35"/> 655 <criterion test_ref="oval:org.opensuse.security:tst:2009040576" comment="kdeutils3-devel less than 3.5.1-25.14"/> 656 <criterion test_ref="oval:org.opensuse.security:tst:2009040577" comment="kdeutils3-laptop less than 3.5.1-25.14"/> 657 <criterion test_ref="oval:org.opensuse.security:tst:2009040578" comment="kdeutils3 less than 3.5.1-25.14"/> 658 <criterion test_ref="oval:org.opensuse.security:tst:2009040579" comment="libwnck-32bit less than 2.12.3-0.10"/> 659 <criterion test_ref="oval:org.opensuse.security:tst:2009040580" comment="libwnck-devel less than 2.12.3-0.10"/> 660 <criterion test_ref="oval:org.opensuse.security:tst:2009040581" comment="libwnck less than 2.12.3-0.10"/> 661 <criterion test_ref="oval:org.opensuse.security:tst:2009040582" comment="mysql-client less than 5.0.26-12.8"/> 662 <criterion test_ref="oval:org.opensuse.security:tst:2009040583" comment="mysql-devel less than 5.0.26-12.8"/> 663 <criterion test_ref="oval:org.opensuse.security:tst:2009040584" comment="mysql-shared-32bit less than 5.0.26-12.8"/> 664 <criterion test_ref="oval:org.opensuse.security:tst:2009040585" comment="mysql-shared less than 5.0.26-12.8"/> 665 <criterion test_ref="oval:org.opensuse.security:tst:2009040586" comment="mysql less than 5.0.26-12.8"/> 666 <criterion test_ref="oval:org.opensuse.security:tst:2009040587" comment="net-snmp-32bit less than 5.3.0.1-25.15"/> 667 <criterion test_ref="oval:org.opensuse.security:tst:2009040588" comment="net-snmp-devel less than 5.3.0.1-25.15"/> 668 <criterion test_ref="oval:org.opensuse.security:tst:2009040589" comment="net-snmp less than 5.3.0.1-25.15"/> 669 <criterion test_ref="oval:org.opensuse.security:tst:2009040590" comment="perl-SNMP less than 5.3.0.1-25.15"/> 670 <criterion test_ref="oval:org.opensuse.security:tst:2009040591" comment="qt3-32bit less than 3.3.5-58.24"/> 671 <criterion test_ref="oval:org.opensuse.security:tst:2009040592" comment="qt3-devel-32bit less than 3.3.5-58.24"/> 672 <criterion test_ref="oval:org.opensuse.security:tst:2009040593" comment="qt3-devel-doc less than 3.3.5-58.22"/> 673 <criterion test_ref="oval:org.opensuse.security:tst:2009040594" comment="qt3-devel-tools less than 3.3.5-58.22"/> 674 <criterion test_ref="oval:org.opensuse.security:tst:2009040595" comment="qt3-devel less than 3.3.5-58.24"/> 675 <criterion test_ref="oval:org.opensuse.security:tst:2009040596" comment="qt3-examples less than 3.3.5-58.22"/> 676 <criterion test_ref="oval:org.opensuse.security:tst:2009040597" comment="qt3-man less than 3.3.5-58.22"/> 677 <criterion test_ref="oval:org.opensuse.security:tst:2009040598" comment="qt3 less than 3.3.5-58.24"/> 678 </criteria> 679 </criteria> 680 </definition> 681 <definition id="oval:org.opensuse.security:def:20062934" version="1" class="vulnerability"> 682 <metadata> 683 <title>CVE-2006-2934</title> 684 <affected family="unix"> 685 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 686 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 687 </affected> 688 <reference ref_id="CVE-2006-2934" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2934" source="CVE"/> 689 <description> 690 SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to contain an invalid value that is later used to dereference a pointer. 691 </description> 692 </metadata> 693 <!-- 753294d78b12c46523f2a5e3815690d3 --> 694 <criteria operator="AND"> 695 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 696 <criteria operator="OR"> 697 <criterion test_ref="oval:org.opensuse.security:tst:2009040637" comment="device-mapper-32bit less than 1.02.13-6.9"/> 698 <criterion test_ref="oval:org.opensuse.security:tst:2009040638" comment="device-mapper less than 1.02.13-6.9"/> 699 <criterion test_ref="oval:org.opensuse.security:tst:2009040639" comment="gfxboot less than 3.2.38-0.6"/> 700 <criterion test_ref="oval:org.opensuse.security:tst:2009040640" comment="icecream less than 0.7.14-20.7"/> 701 <criterion test_ref="oval:org.opensuse.security:tst:2009040641" comment="kernel-bigsmp less than 2.6.16.46-0.12"/> 702 <criterion test_ref="oval:org.opensuse.security:tst:2009040642" comment="kernel-default less than 2.6.16.46-0.12"/> 703 <criterion test_ref="oval:org.opensuse.security:tst:2009040643" comment="kernel-smp less than 2.6.16.46-0.12"/> 704 <criterion test_ref="oval:org.opensuse.security:tst:2009040644" comment="kernel-source less than 2.6.16.46-0.12"/> 705 <criterion test_ref="oval:org.opensuse.security:tst:2009040645" comment="kernel-syms less than 2.6.16.46-0.12"/> 706 <criterion test_ref="oval:org.opensuse.security:tst:2009040646" comment="kernel-xen less than 2.6.16.46-0.12"/> 707 <criterion test_ref="oval:org.opensuse.security:tst:2009040647" comment="kernel-xenpae less than 2.6.16.46-0.12"/> 708 <criterion test_ref="oval:org.opensuse.security:tst:2009040648" comment="lkcdutils less than 7.0.1-22.23"/> 709 <criterion test_ref="oval:org.opensuse.security:tst:2009040649" comment="ltrace-32bit less than 0.4-31.9"/> 710 <criterion test_ref="oval:org.opensuse.security:tst:2009040650" comment="ltrace less than 0.4-31.9"/> 711 <criterion test_ref="oval:org.opensuse.security:tst:2009040651" comment="oprofile less than 0.9.1-17.16"/> 712 <criterion test_ref="oval:org.opensuse.security:tst:2009040652" comment="rsync less than 2.6.8-36.8"/> 713 <criterion test_ref="oval:org.opensuse.security:tst:2009040653" comment="sysstat less than 6.0.2-16.19"/> 714 </criteria> 715 </criteria> 716 </definition> 717 <definition id="oval:org.opensuse.security:def:20062935" version="1" class="vulnerability"> 718 <metadata> 719 <title>CVE-2006-2935</title> 720 <affected family="unix"> 721 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 722 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 723 </affected> 724 <reference ref_id="CVE-2006-2935" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2935" source="CVE"/> 725 <description> 726 The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow. 727 </description> 728 </metadata> 729 <!-- 753294d78b12c46523f2a5e3815690d3 --> 730 <criteria operator="AND"> 731 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 732 <criteria operator="OR"> 733 <criterion test_ref="oval:org.opensuse.security:tst:2009040637" comment="device-mapper-32bit less than 1.02.13-6.9"/> 734 <criterion test_ref="oval:org.opensuse.security:tst:2009040638" comment="device-mapper less than 1.02.13-6.9"/> 735 <criterion test_ref="oval:org.opensuse.security:tst:2009040639" comment="gfxboot less than 3.2.38-0.6"/> 736 <criterion test_ref="oval:org.opensuse.security:tst:2009040640" comment="icecream less than 0.7.14-20.7"/> 737 <criterion test_ref="oval:org.opensuse.security:tst:2009040641" comment="kernel-bigsmp less than 2.6.16.46-0.12"/> 738 <criterion test_ref="oval:org.opensuse.security:tst:2009040642" comment="kernel-default less than 2.6.16.46-0.12"/> 739 <criterion test_ref="oval:org.opensuse.security:tst:2009040643" comment="kernel-smp less than 2.6.16.46-0.12"/> 740 <criterion test_ref="oval:org.opensuse.security:tst:2009040644" comment="kernel-source less than 2.6.16.46-0.12"/> 741 <criterion test_ref="oval:org.opensuse.security:tst:2009040645" comment="kernel-syms less than 2.6.16.46-0.12"/> 742 <criterion test_ref="oval:org.opensuse.security:tst:2009040646" comment="kernel-xen less than 2.6.16.46-0.12"/> 743 <criterion test_ref="oval:org.opensuse.security:tst:2009040647" comment="kernel-xenpae less than 2.6.16.46-0.12"/> 744 <criterion test_ref="oval:org.opensuse.security:tst:2009040648" comment="lkcdutils less than 7.0.1-22.23"/> 745 <criterion test_ref="oval:org.opensuse.security:tst:2009040649" comment="ltrace-32bit less than 0.4-31.9"/> 746 <criterion test_ref="oval:org.opensuse.security:tst:2009040650" comment="ltrace less than 0.4-31.9"/> 747 <criterion test_ref="oval:org.opensuse.security:tst:2009040651" comment="oprofile less than 0.9.1-17.16"/> 748 <criterion test_ref="oval:org.opensuse.security:tst:2009040652" comment="rsync less than 2.6.8-36.8"/> 749 <criterion test_ref="oval:org.opensuse.security:tst:2009040653" comment="sysstat less than 6.0.2-16.19"/> 750 </criteria> 751 </criteria> 752 </definition> 753 <definition id="oval:org.opensuse.security:def:20062936" version="1" class="vulnerability"> 754 <metadata> 755 <title>CVE-2006-2936</title> 756 <affected family="unix"> 757 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 758 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 759 </affected> 760 <reference ref_id="CVE-2006-2936" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2936" source="CVE"/> 761 <description> 762 The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be queued. 763 </description> 764 </metadata> 765 <!-- 753294d78b12c46523f2a5e3815690d3 --> 766 <criteria operator="AND"> 767 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 768 <criteria operator="OR"> 769 <criterion test_ref="oval:org.opensuse.security:tst:2009040637" comment="device-mapper-32bit less than 1.02.13-6.9"/> 770 <criterion test_ref="oval:org.opensuse.security:tst:2009040638" comment="device-mapper less than 1.02.13-6.9"/> 771 <criterion test_ref="oval:org.opensuse.security:tst:2009040639" comment="gfxboot less than 3.2.38-0.6"/> 772 <criterion test_ref="oval:org.opensuse.security:tst:2009040640" comment="icecream less than 0.7.14-20.7"/> 773 <criterion test_ref="oval:org.opensuse.security:tst:2009040641" comment="kernel-bigsmp less than 2.6.16.46-0.12"/> 774 <criterion test_ref="oval:org.opensuse.security:tst:2009040642" comment="kernel-default less than 2.6.16.46-0.12"/> 775 <criterion test_ref="oval:org.opensuse.security:tst:2009040643" comment="kernel-smp less than 2.6.16.46-0.12"/> 776 <criterion test_ref="oval:org.opensuse.security:tst:2009040644" comment="kernel-source less than 2.6.16.46-0.12"/> 777 <criterion test_ref="oval:org.opensuse.security:tst:2009040645" comment="kernel-syms less than 2.6.16.46-0.12"/> 778 <criterion test_ref="oval:org.opensuse.security:tst:2009040646" comment="kernel-xen less than 2.6.16.46-0.12"/> 779 <criterion test_ref="oval:org.opensuse.security:tst:2009040647" comment="kernel-xenpae less than 2.6.16.46-0.12"/> 780 <criterion test_ref="oval:org.opensuse.security:tst:2009040648" comment="lkcdutils less than 7.0.1-22.23"/> 781 <criterion test_ref="oval:org.opensuse.security:tst:2009040649" comment="ltrace-32bit less than 0.4-31.9"/> 782 <criterion test_ref="oval:org.opensuse.security:tst:2009040650" comment="ltrace less than 0.4-31.9"/> 783 <criterion test_ref="oval:org.opensuse.security:tst:2009040651" comment="oprofile less than 0.9.1-17.16"/> 784 <criterion test_ref="oval:org.opensuse.security:tst:2009040652" comment="rsync less than 2.6.8-36.8"/> 785 <criterion test_ref="oval:org.opensuse.security:tst:2009040653" comment="sysstat less than 6.0.2-16.19"/> 786 </criteria> 787 </criteria> 788 </definition> 789 <definition id="oval:org.opensuse.security:def:20063334" version="1" class="vulnerability"> 790 <metadata> 791 <title>CVE-2006-3334</title> 792 <affected family="unix"> 793 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 794 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 795 </affected> 796 <reference ref_id="CVE-2006-3334" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3334" source="CVE"/> 797 <description> 798 Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to "chunk error processing," possibly involving the "chunk_name". 799 </description> 800 </metadata> 801 <!-- 40e287bc3683fa01255fe04db39e2e76 --> 802 <criteria operator="AND"> 803 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 804 <criteria operator="OR"> 805 <criterion test_ref="oval:org.opensuse.security:tst:2009040845" comment="libpng-devel-32bit less than 1.2.8-19.6"/> 806 <criterion test_ref="oval:org.opensuse.security:tst:2009040846" comment="libpng-devel less than 1.2.8-19.6"/> 807 </criteria> 808 </criteria> 809 </definition> 810 <definition id="oval:org.opensuse.security:def:20063404" version="1" class="vulnerability"> 811 <metadata> 812 <title>CVE-2006-3404</title> 813 <affected family="unix"> 814 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 815 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 816 </affected> 817 <reference ref_id="CVE-2006-3404" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404" source="CVE"/> 818 <description> 819 Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property. 820 </description> 821 </metadata> 822 <!-- 910453b56d92f11dc3441c5f3674ea54 --> 823 <criteria operator="AND"> 824 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 825 <criteria operator="OR"> 826 <criterion test_ref="oval:org.opensuse.security:tst:2009040930" comment="cairo-32bit less than 1.0.2-27.16"/> 827 <criterion test_ref="oval:org.opensuse.security:tst:2009040931" comment="cairo-devel less than 1.0.2-27.16"/> 828 <criterion test_ref="oval:org.opensuse.security:tst:2009040932" comment="cairo-doc less than 1.0.2-27.16"/> 829 <criterion test_ref="oval:org.opensuse.security:tst:2009040933" comment="cairo less than 1.0.2-27.16"/> 830 <criterion test_ref="oval:org.opensuse.security:tst:2009040934" comment="control-center2-devel less than 2.12.3-0.21"/> 831 <criterion test_ref="oval:org.opensuse.security:tst:2009040935" comment="control-center2 less than 2.12.3-0.21"/> 832 <criterion test_ref="oval:org.opensuse.security:tst:2009040936" comment="eel-32bit less than 2.12.2-18.14"/> 833 <criterion test_ref="oval:org.opensuse.security:tst:2009040937" comment="eel-devel less than 2.12.2-18.14"/> 834 <criterion test_ref="oval:org.opensuse.security:tst:2009040938" comment="eel less than 2.12.2-18.14"/> 835 <criterion test_ref="oval:org.opensuse.security:tst:2009040939" comment="evolution-data-server-32bit less than 1.6.0-43.53"/> 836 <criterion test_ref="oval:org.opensuse.security:tst:2009040940" comment="evolution-data-server-devel less than 1.6.0-43.53"/> 837 <criterion test_ref="oval:org.opensuse.security:tst:2009040941" comment="evolution-data-server less than 1.6.0-43.53"/> 838 <criterion test_ref="oval:org.opensuse.security:tst:2009040942" comment="ghex less than 2.8.1-27.14"/> 839 <criterion test_ref="oval:org.opensuse.security:tst:2009040943" comment="gimp-devel less than 2.2.10-22.20"/> 840 <criterion test_ref="oval:org.opensuse.security:tst:2009040944" comment="gimp less than 2.2.10-22.20"/> 841 <criterion test_ref="oval:org.opensuse.security:tst:2009040945" comment="gnome-applets-devel less than 2.12.2-51.14"/> 842 <criterion test_ref="oval:org.opensuse.security:tst:2009040946" comment="gnome-applets less than 2.12.2-51.14"/> 843 <criterion test_ref="oval:org.opensuse.security:tst:2009040947" comment="gnome-cups-manager-devel less than 0.32cvs20060120-33.23"/> 844 <criterion test_ref="oval:org.opensuse.security:tst:2009040948" comment="gnome-cups-manager less than 0.32cvs20060120-33.23"/> 845 <criterion test_ref="oval:org.opensuse.security:tst:2009040949" comment="gnome-desktop-32bit less than 2.12.2-25.16"/> 846 <criterion test_ref="oval:org.opensuse.security:tst:2009040950" comment="gnome-desktop-devel less than 2.12.2-25.16"/> 847 <criterion test_ref="oval:org.opensuse.security:tst:2009040951" comment="gnome-desktop less than 2.12.2-25.16"/> 848 <criterion test_ref="oval:org.opensuse.security:tst:2009040952" comment="gnome-keyring-32bit less than 0.4.6-18.16"/> 849 <criterion test_ref="oval:org.opensuse.security:tst:2009040953" comment="gnome-keyring-devel less than 0.4.6-18.16"/> 850 <criterion test_ref="oval:org.opensuse.security:tst:2009040954" comment="gnome-keyring less than 0.4.6-18.16"/> 851 <criterion test_ref="oval:org.opensuse.security:tst:2009040955" comment="gnome-main-menu-devel less than 0.9.8-0.15"/> 852 <criterion test_ref="oval:org.opensuse.security:tst:2009040956" comment="gnome-main-menu less than 0.9.8-0.15"/> 853 <criterion test_ref="oval:org.opensuse.security:tst:2009040957" comment="gnome-menus-32bit less than 2.16.1-38.11"/> 854 <criterion test_ref="oval:org.opensuse.security:tst:2009040958" comment="gnome-menus-devel less than 2.16.1-38.11"/> 855 <criterion test_ref="oval:org.opensuse.security:tst:2009040959" comment="gnome-menus less than 2.16.1-38.11"/> 856 <criterion test_ref="oval:org.opensuse.security:tst:2009040960" comment="gnome-panel-nld-32bit less than 2.12.3-0.35"/> 857 <criterion test_ref="oval:org.opensuse.security:tst:2009040961" comment="gnome-panel-nld-devel less than 2.12.3-0.35"/> 858 <criterion test_ref="oval:org.opensuse.security:tst:2009040962" comment="gnome-panel-nld-doc less than 2.12.3-0.35"/> 859 <criterion test_ref="oval:org.opensuse.security:tst:2009040963" comment="gnome-panel-nld less than 2.12.3-0.35"/> 860 <criterion test_ref="oval:org.opensuse.security:tst:2009040964" comment="gnome-vfs2-32bit less than 2.12.2-58.28"/> 861 <criterion test_ref="oval:org.opensuse.security:tst:2009040965" comment="gnome-vfs2-devel less than 2.12.2-58.28"/> 862 <criterion test_ref="oval:org.opensuse.security:tst:2009040966" comment="gnome-vfs2-doc less than 2.12.2-58.28"/> 863 <criterion test_ref="oval:org.opensuse.security:tst:2009040967" comment="gnome-vfs2 less than 2.12.2-58.28"/> 864 <criterion test_ref="oval:org.opensuse.security:tst:2009040968" comment="gstreamer010-32bit less than 0.10.4-11.17"/> 865 <criterion test_ref="oval:org.opensuse.security:tst:2009040969" comment="gstreamer010-devel less than 0.10.4-11.17"/> 866 <criterion test_ref="oval:org.opensuse.security:tst:2009040970" comment="gstreamer010-doc less than 0.10.4-11.17"/> 867 <criterion test_ref="oval:org.opensuse.security:tst:2009040971" comment="gstreamer010 less than 0.10.4-11.17"/> 868 <criterion test_ref="oval:org.opensuse.security:tst:2009040972" comment="gtk2-32bit less than 2.8.11-0.15"/> 869 <criterion test_ref="oval:org.opensuse.security:tst:2009037767" comment="gtk2-devel less than 2.8.11-0.15"/> 870 <criterion test_ref="oval:org.opensuse.security:tst:2009040973" comment="gtk2-doc less than 2.8.11-0.15"/> 871 <criterion test_ref="oval:org.opensuse.security:tst:2009040974" comment="gtk2 less than 2.8.11-0.15"/> 872 <criterion test_ref="oval:org.opensuse.security:tst:2009040975" comment="gtkhtml2-devel less than 3.10.0-15.15"/> 873 <criterion test_ref="oval:org.opensuse.security:tst:2009040976" comment="gtkhtml2 less than 3.10.0-15.15"/> 874 <criterion test_ref="oval:org.opensuse.security:tst:2009040977" comment="intltool less than 0.35.2-4.10"/> 875 <criterion test_ref="oval:org.opensuse.security:tst:2009040978" comment="libgnomedb-devel less than 1.3.91-23.14"/> 876 <criterion test_ref="oval:org.opensuse.security:tst:2009040979" comment="libgnomedb less than 1.3.91-23.14"/> 877 <criterion test_ref="oval:org.opensuse.security:tst:2009040980" comment="libgnomesu-devel less than 1.0.0-32.24"/> 878 <criterion test_ref="oval:org.opensuse.security:tst:2009040981" comment="libgnomesu less than 1.0.0-32.24"/> 879 <criterion test_ref="oval:org.opensuse.security:tst:2009040982" comment="libgnomeui-32bit less than 2.12.1-0.13"/> 880 <criterion test_ref="oval:org.opensuse.security:tst:2009040983" comment="libgnomeui-devel less than 2.12.1-0.13"/> 881 <criterion test_ref="oval:org.opensuse.security:tst:2009040984" comment="libgnomeui-doc less than 2.12.1-0.13"/> 882 <criterion test_ref="oval:org.opensuse.security:tst:2009040985" comment="libgnomeui less than 2.12.1-0.13"/> 883 <criterion test_ref="oval:org.opensuse.security:tst:2009040986" comment="libgsf-32bit less than 1.13.99-13.13"/> 884 <criterion test_ref="oval:org.opensuse.security:tst:2009040987" comment="libgsf-devel less than 1.13.99-13.13"/> 885 <criterion test_ref="oval:org.opensuse.security:tst:2009040988" comment="libgsf-doc less than 1.13.99-13.13"/> 886 <criterion test_ref="oval:org.opensuse.security:tst:2009040989" comment="libgsf-gnome less than 1.13.99-13.13"/> 887 <criterion test_ref="oval:org.opensuse.security:tst:2009040990" comment="libgsf less than 1.13.99-13.13"/> 888 <criterion test_ref="oval:org.opensuse.security:tst:2009040991" comment="libsoup-32bit less than 2.2.90-18.19"/> 889 <criterion test_ref="oval:org.opensuse.security:tst:2009040992" comment="libsoup-devel-32bit less than 2.2.90-18.19"/> 890 <criterion test_ref="oval:org.opensuse.security:tst:2009040993" comment="libsoup-devel less than 2.2.90-18.19"/> 891 <criterion test_ref="oval:org.opensuse.security:tst:2009040994" comment="libsoup less than 2.2.90-18.19"/> 892 <criterion test_ref="oval:org.opensuse.security:tst:2009040995" comment="mozilla-nspr-32bit less than 4.6.4-0.7"/> 893 <criterion test_ref="oval:org.opensuse.security:tst:2009040996" comment="mozilla-nspr-devel less than 4.6.4-0.7"/> 894 <criterion test_ref="oval:org.opensuse.security:tst:2009040997" comment="mozilla-nspr less than 4.6.4-0.7"/> 895 <criterion test_ref="oval:org.opensuse.security:tst:2009040998" comment="nautilus-32bit less than 2.12.2-64.33"/> 896 <criterion test_ref="oval:org.opensuse.security:tst:2009040999" comment="nautilus-devel less than 2.12.2-64.33"/> 897 <criterion test_ref="oval:org.opensuse.security:tst:2009041000" comment="nautilus less than 2.12.2-64.33"/> 898 <criterion test_ref="oval:org.opensuse.security:tst:2009041001" comment="vte-devel less than 0.11.17-0.11"/> 899 <criterion test_ref="oval:org.opensuse.security:tst:2009041002" comment="vte less than 0.11.17-0.11"/> 900 </criteria> 901 </criteria> 902 </definition> 903 <definition id="oval:org.opensuse.security:def:20063626" version="1" class="vulnerability"> 904 <metadata> 905 <title>CVE-2006-3626</title> 906 <affected family="unix"> 907 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 908 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 909 </affected> 910 <reference ref_id="CVE-2006-3626" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3626" source="CVE"/> 911 <description> 912 Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PR_SET_DUMPABLE in a way that causes /proc/self/environ to become setuid root. 913 </description> 914 </metadata> 915 <!-- 753294d78b12c46523f2a5e3815690d3 --> 916 <criteria operator="AND"> 917 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 918 <criteria operator="OR"> 919 <criterion test_ref="oval:org.opensuse.security:tst:2009040637" comment="device-mapper-32bit less than 1.02.13-6.9"/> 920 <criterion test_ref="oval:org.opensuse.security:tst:2009040638" comment="device-mapper less than 1.02.13-6.9"/> 921 <criterion test_ref="oval:org.opensuse.security:tst:2009040639" comment="gfxboot less than 3.2.38-0.6"/> 922 <criterion test_ref="oval:org.opensuse.security:tst:2009040640" comment="icecream less than 0.7.14-20.7"/> 923 <criterion test_ref="oval:org.opensuse.security:tst:2009040641" comment="kernel-bigsmp less than 2.6.16.46-0.12"/> 924 <criterion test_ref="oval:org.opensuse.security:tst:2009040642" comment="kernel-default less than 2.6.16.46-0.12"/> 925 <criterion test_ref="oval:org.opensuse.security:tst:2009040643" comment="kernel-smp less than 2.6.16.46-0.12"/> 926 <criterion test_ref="oval:org.opensuse.security:tst:2009040644" comment="kernel-source less than 2.6.16.46-0.12"/> 927 <criterion test_ref="oval:org.opensuse.security:tst:2009040645" comment="kernel-syms less than 2.6.16.46-0.12"/> 928 <criterion test_ref="oval:org.opensuse.security:tst:2009040646" comment="kernel-xen less than 2.6.16.46-0.12"/> 929 <criterion test_ref="oval:org.opensuse.security:tst:2009040647" comment="kernel-xenpae less than 2.6.16.46-0.12"/> 930 <criterion test_ref="oval:org.opensuse.security:tst:2009040648" comment="lkcdutils less than 7.0.1-22.23"/> 931 <criterion test_ref="oval:org.opensuse.security:tst:2009040649" comment="ltrace-32bit less than 0.4-31.9"/> 932 <criterion test_ref="oval:org.opensuse.security:tst:2009040650" comment="ltrace less than 0.4-31.9"/> 933 <criterion test_ref="oval:org.opensuse.security:tst:2009040651" comment="oprofile less than 0.9.1-17.16"/> 934 <criterion test_ref="oval:org.opensuse.security:tst:2009040652" comment="rsync less than 2.6.8-36.8"/> 935 <criterion test_ref="oval:org.opensuse.security:tst:2009040653" comment="sysstat less than 6.0.2-16.19"/> 936 </criteria> 937 </criteria> 938 </definition> 939 <definition id="oval:org.opensuse.security:def:20063739" version="1" class="vulnerability"> 940 <metadata> 941 <title>CVE-2006-3739</title> 942 <affected family="unix"> 943 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 944 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 945 </affected> 946 <reference ref_id="CVE-2006-3739" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3739" source="CVE"/> 947 <description> 948 Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow. 949 </description> 950 </metadata> 951 <criteria operator="OR"> 952 <!-- 4a2735c6bf8dce53b13ee40593bb74c7 --> 953 <criteria operator="AND"> 954 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 955 <criteria operator="OR"> 956 <criterion test_ref="oval:org.opensuse.security:tst:2009041167" comment="OpenIPMI less than 2.0.7-35.10"/> 957 <criterion test_ref="oval:org.opensuse.security:tst:2009041168" comment="bootsplash-theme-SuSE-NLD less than 3.1-69.17"/> 958 <criterion test_ref="oval:org.opensuse.security:tst:2009041169" comment="glibc-32bit less than 2.4-31.30"/> 959 <criterion test_ref="oval:org.opensuse.security:tst:2009041170" comment="glibc-devel-32bit less than 2.4-31.30"/> 960 <criterion test_ref="oval:org.opensuse.security:tst:2009041171" comment="glibc-devel less than 2.4-31.30"/> 961 <criterion test_ref="oval:org.opensuse.security:tst:2009041172" comment="glibc-html less than 2.4-31.30"/> 962 <criterion test_ref="oval:org.opensuse.security:tst:2009041173" comment="glibc-i18ndata less than 2.4-31.30"/> 963 <criterion test_ref="oval:org.opensuse.security:tst:2009041174" comment="glibc-info less than 2.4-31.30"/> 964 <criterion test_ref="oval:org.opensuse.security:tst:2009041175" comment="glibc-locale-32bit less than 2.4-31.30"/> 965 <criterion test_ref="oval:org.opensuse.security:tst:2009041176" comment="glibc-locale less than 2.4-31.30"/> 966 <criterion test_ref="oval:org.opensuse.security:tst:2009041177" comment="glibc less than 2.4-31.30"/> 967 <criterion test_ref="oval:org.opensuse.security:tst:2009041178" comment="grub less than 0.97-16.8"/> 968 <criterion test_ref="oval:org.opensuse.security:tst:2009041179" comment="ipmitool less than 1.8.9-2.7"/> 969 <criterion test_ref="oval:org.opensuse.security:tst:2009041180" comment="ivman less than 0.6.9-16.14"/> 970 <criterion test_ref="oval:org.opensuse.security:tst:2009041181" comment="ksh less than 93r-12.28"/> 971 <criterion test_ref="oval:org.opensuse.security:tst:2009041182" comment="lvm2 less than 2.02.17-7.9"/> 972 <criterion test_ref="oval:org.opensuse.security:tst:2009041183" comment="nscd less than 2.4-31.30"/> 973 <criterion test_ref="oval:org.opensuse.security:tst:2009041184" comment="timezone less than 2.4-31.30"/> 974 <criterion test_ref="oval:org.opensuse.security:tst:2009041185" comment="xorg-x11-Xnest less than 6.9.0-50.45"/> 975 <criterion test_ref="oval:org.opensuse.security:tst:2009041186" comment="xorg-x11-Xvfb less than 6.9.0-50.45"/> 976 <criterion test_ref="oval:org.opensuse.security:tst:2009041187" comment="xorg-x11-Xvnc less than 6.9.0-50.45"/> 977 <criterion test_ref="oval:org.opensuse.security:tst:2009037717" comment="xorg-x11-devel-32bit less than 6.9.0-50.45"/> 978 <criterion test_ref="oval:org.opensuse.security:tst:2009037718" comment="xorg-x11-devel less than 6.9.0-50.45"/> 979 <criterion test_ref="oval:org.opensuse.security:tst:2009041188" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.45"/> 980 <criterion test_ref="oval:org.opensuse.security:tst:2009041189" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.45"/> 981 <criterion test_ref="oval:org.opensuse.security:tst:2009041190" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.45"/> 982 <criterion test_ref="oval:org.opensuse.security:tst:2009041191" comment="xorg-x11-fonts-scalable less than 6.9.0-50.45"/> 983 <criterion test_ref="oval:org.opensuse.security:tst:2009041192" comment="xorg-x11-fonts-syriac less than 6.9.0-50.45"/> 984 <criterion test_ref="oval:org.opensuse.security:tst:2009041193" comment="xorg-x11-libs-32bit less than 6.9.0-50.45"/> 985 <criterion test_ref="oval:org.opensuse.security:tst:2009041194" comment="xorg-x11-libs less than 6.9.0-50.45"/> 986 <criterion test_ref="oval:org.opensuse.security:tst:2009041195" comment="xorg-x11-man less than 6.9.0-50.45"/> 987 <criterion test_ref="oval:org.opensuse.security:tst:2009041196" comment="xorg-x11-server-glx less than 6.9.0-50.45"/> 988 <criterion test_ref="oval:org.opensuse.security:tst:2009041197" comment="xorg-x11-server less than 6.9.0-50.45"/> 989 <criterion test_ref="oval:org.opensuse.security:tst:2009041198" comment="xorg-x11 less than 6.9.0-50.45"/> 990 </criteria> 991 </criteria> 992 <!-- 7eda55a9d7bcfbc970fb40b2a369d418 --> 993 <criteria operator="AND"> 994 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 995 <criteria operator="OR"> 996 <criterion test_ref="oval:org.opensuse.security:tst:2009037717" comment="xorg-x11-devel-32bit less than 6.9.0-50.45"/> 997 <criterion test_ref="oval:org.opensuse.security:tst:2009037718" comment="xorg-x11-devel less than 6.9.0-50.45"/> 998 </criteria> 999 </criteria> 1000 </criteria> 1001 </definition> 1002 <definition id="oval:org.opensuse.security:def:20063740" version="1" class="vulnerability"> 1003 <metadata> 1004 <title>CVE-2006-3740</title> 1005 <affected family="unix"> 1006 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 1007 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 1008 </affected> 1009 <reference ref_id="CVE-2006-3740" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3740" source="CVE"/> 1010 <description> 1011 Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections. 1012 </description> 1013 </metadata> 1014 <criteria operator="OR"> 1015 <!-- 4a2735c6bf8dce53b13ee40593bb74c7 --> 1016 <criteria operator="AND"> 1017 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1018 <criteria operator="OR"> 1019 <criterion test_ref="oval:org.opensuse.security:tst:2009041167" comment="OpenIPMI less than 2.0.7-35.10"/> 1020 <criterion test_ref="oval:org.opensuse.security:tst:2009041168" comment="bootsplash-theme-SuSE-NLD less than 3.1-69.17"/> 1021 <criterion test_ref="oval:org.opensuse.security:tst:2009041169" comment="glibc-32bit less than 2.4-31.30"/> 1022 <criterion test_ref="oval:org.opensuse.security:tst:2009041170" comment="glibc-devel-32bit less than 2.4-31.30"/> 1023 <criterion test_ref="oval:org.opensuse.security:tst:2009041171" comment="glibc-devel less than 2.4-31.30"/> 1024 <criterion test_ref="oval:org.opensuse.security:tst:2009041172" comment="glibc-html less than 2.4-31.30"/> 1025 <criterion test_ref="oval:org.opensuse.security:tst:2009041173" comment="glibc-i18ndata less than 2.4-31.30"/> 1026 <criterion test_ref="oval:org.opensuse.security:tst:2009041174" comment="glibc-info less than 2.4-31.30"/> 1027 <criterion test_ref="oval:org.opensuse.security:tst:2009041175" comment="glibc-locale-32bit less than 2.4-31.30"/> 1028 <criterion test_ref="oval:org.opensuse.security:tst:2009041176" comment="glibc-locale less than 2.4-31.30"/> 1029 <criterion test_ref="oval:org.opensuse.security:tst:2009041177" comment="glibc less than 2.4-31.30"/> 1030 <criterion test_ref="oval:org.opensuse.security:tst:2009041178" comment="grub less than 0.97-16.8"/> 1031 <criterion test_ref="oval:org.opensuse.security:tst:2009041179" comment="ipmitool less than 1.8.9-2.7"/> 1032 <criterion test_ref="oval:org.opensuse.security:tst:2009041180" comment="ivman less than 0.6.9-16.14"/> 1033 <criterion test_ref="oval:org.opensuse.security:tst:2009041181" comment="ksh less than 93r-12.28"/> 1034 <criterion test_ref="oval:org.opensuse.security:tst:2009041182" comment="lvm2 less than 2.02.17-7.9"/> 1035 <criterion test_ref="oval:org.opensuse.security:tst:2009041183" comment="nscd less than 2.4-31.30"/> 1036 <criterion test_ref="oval:org.opensuse.security:tst:2009041184" comment="timezone less than 2.4-31.30"/> 1037 <criterion test_ref="oval:org.opensuse.security:tst:2009041185" comment="xorg-x11-Xnest less than 6.9.0-50.45"/> 1038 <criterion test_ref="oval:org.opensuse.security:tst:2009041186" comment="xorg-x11-Xvfb less than 6.9.0-50.45"/> 1039 <criterion test_ref="oval:org.opensuse.security:tst:2009041187" comment="xorg-x11-Xvnc less than 6.9.0-50.45"/> 1040 <criterion test_ref="oval:org.opensuse.security:tst:2009037717" comment="xorg-x11-devel-32bit less than 6.9.0-50.45"/> 1041 <criterion test_ref="oval:org.opensuse.security:tst:2009037718" comment="xorg-x11-devel less than 6.9.0-50.45"/> 1042 <criterion test_ref="oval:org.opensuse.security:tst:2009041188" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.45"/> 1043 <criterion test_ref="oval:org.opensuse.security:tst:2009041189" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.45"/> 1044 <criterion test_ref="oval:org.opensuse.security:tst:2009041190" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.45"/> 1045 <criterion test_ref="oval:org.opensuse.security:tst:2009041191" comment="xorg-x11-fonts-scalable less than 6.9.0-50.45"/> 1046 <criterion test_ref="oval:org.opensuse.security:tst:2009041192" comment="xorg-x11-fonts-syriac less than 6.9.0-50.45"/> 1047 <criterion test_ref="oval:org.opensuse.security:tst:2009041193" comment="xorg-x11-libs-32bit less than 6.9.0-50.45"/> 1048 <criterion test_ref="oval:org.opensuse.security:tst:2009041194" comment="xorg-x11-libs less than 6.9.0-50.45"/> 1049 <criterion test_ref="oval:org.opensuse.security:tst:2009041195" comment="xorg-x11-man less than 6.9.0-50.45"/> 1050 <criterion test_ref="oval:org.opensuse.security:tst:2009041196" comment="xorg-x11-server-glx less than 6.9.0-50.45"/> 1051 <criterion test_ref="oval:org.opensuse.security:tst:2009041197" comment="xorg-x11-server less than 6.9.0-50.45"/> 1052 <criterion test_ref="oval:org.opensuse.security:tst:2009041198" comment="xorg-x11 less than 6.9.0-50.45"/> 1053 </criteria> 1054 </criteria> 1055 <!-- 7eda55a9d7bcfbc970fb40b2a369d418 --> 1056 <criteria operator="AND"> 1057 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1058 <criteria operator="OR"> 1059 <criterion test_ref="oval:org.opensuse.security:tst:2009037717" comment="xorg-x11-devel-32bit less than 6.9.0-50.45"/> 1060 <criterion test_ref="oval:org.opensuse.security:tst:2009037718" comment="xorg-x11-devel less than 6.9.0-50.45"/> 1061 </criteria> 1062 </criteria> 1063 </criteria> 1064 </definition> 1065 <definition id="oval:org.opensuse.security:def:20063743" version="1" class="vulnerability"> 1066 <metadata> 1067 <title>CVE-2006-3743</title> 1068 <affected family="unix"> 1069 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 1070 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 1071 </affected> 1072 <reference ref_id="CVE-2006-3743" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3743" source="CVE"/> 1073 <description> 1074 Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images. 1075 </description> 1076 </metadata> 1077 <!-- c63e20288ce2b23db9e99040524a1226 --> 1078 <criteria operator="AND"> 1079 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1080 <criterion test_ref="oval:org.opensuse.security:tst:2009038159" comment="perl-PerlMagick less than 6.2.5-16.20"/> 1081 </criteria> 1082 </definition> 1083 <definition id="oval:org.opensuse.security:def:20063744" version="1" class="vulnerability"> 1084 <metadata> 1085 <title>CVE-2006-3744</title> 1086 <affected family="unix"> 1087 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 1088 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 1089 </affected> 1090 <reference ref_id="CVE-2006-3744" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3744" source="CVE"/> 1091 <description> 1092 Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows. 1093 </description> 1094 </metadata> 1095 <!-- c63e20288ce2b23db9e99040524a1226 --> 1096 <criteria operator="AND"> 1097 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1098 <criterion test_ref="oval:org.opensuse.security:tst:2009038159" comment="perl-PerlMagick less than 6.2.5-16.20"/> 1099 </criteria> 1100 </definition> 1101 <definition id="oval:org.opensuse.security:def:20063745" version="1" class="vulnerability"> 1102 <metadata> 1103 <title>CVE-2006-3745</title> 1104 <affected family="unix"> 1105 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 1106 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 1107 </affected> 1108 <reference ref_id="CVE-2006-3745" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3745" source="CVE"/> 1109 <description> 1110 Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service (panic) and possibly gain root privileges via unknown attack vectors. 1111 </description> 1112 </metadata> 1113 <!-- 753294d78b12c46523f2a5e3815690d3 --> 1114 <criteria operator="AND"> 1115 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1116 <criteria operator="OR"> 1117 <criterion test_ref="oval:org.opensuse.security:tst:2009040637" comment="device-mapper-32bit less than 1.02.13-6.9"/> 1118 <criterion test_ref="oval:org.opensuse.security:tst:2009040638" comment="device-mapper less than 1.02.13-6.9"/> 1119 <criterion test_ref="oval:org.opensuse.security:tst:2009040639" comment="gfxboot less than 3.2.38-0.6"/> 1120 <criterion test_ref="oval:org.opensuse.security:tst:2009040640" comment="icecream less than 0.7.14-20.7"/> 1121 <criterion test_ref="oval:org.opensuse.security:tst:2009040641" comment="kernel-bigsmp less than 2.6.16.46-0.12"/> 1122 <criterion test_ref="oval:org.opensuse.security:tst:2009040642" comment="kernel-default less than 2.6.16.46-0.12"/> 1123 <criterion test_ref="oval:org.opensuse.security:tst:2009040643" comment="kernel-smp less than 2.6.16.46-0.12"/> 1124 <criterion test_ref="oval:org.opensuse.security:tst:2009040644" comment="kernel-source less than 2.6.16.46-0.12"/> 1125 <criterion test_ref="oval:org.opensuse.security:tst:2009040645" comment="kernel-syms less than 2.6.16.46-0.12"/> 1126 <criterion test_ref="oval:org.opensuse.security:tst:2009040646" comment="kernel-xen less than 2.6.16.46-0.12"/> 1127 <criterion test_ref="oval:org.opensuse.security:tst:2009040647" comment="kernel-xenpae less than 2.6.16.46-0.12"/> 1128 <criterion test_ref="oval:org.opensuse.security:tst:2009040648" comment="lkcdutils less than 7.0.1-22.23"/> 1129 <criterion test_ref="oval:org.opensuse.security:tst:2009040649" comment="ltrace-32bit less than 0.4-31.9"/> 1130 <criterion test_ref="oval:org.opensuse.security:tst:2009040650" comment="ltrace less than 0.4-31.9"/> 1131 <criterion test_ref="oval:org.opensuse.security:tst:2009040651" comment="oprofile less than 0.9.1-17.16"/> 1132 <criterion test_ref="oval:org.opensuse.security:tst:2009040652" comment="rsync less than 2.6.8-36.8"/> 1133 <criterion test_ref="oval:org.opensuse.security:tst:2009040653" comment="sysstat less than 6.0.2-16.19"/> 1134 </criteria> 1135 </criteria> 1136 </definition> 1137 <definition id="oval:org.opensuse.security:def:20064144" version="1" class="vulnerability"> 1138 <metadata> 1139 <title>CVE-2006-4144</title> 1140 <affected family="unix"> 1141 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 1142 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 1143 </affected> 1144 <reference ref_id="CVE-2006-4144" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4144" source="CVE"/> 1145 <description> 1146 Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow. 1147 </description> 1148 </metadata> 1149 <!-- c63e20288ce2b23db9e99040524a1226 --> 1150 <criteria operator="AND"> 1151 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1152 <criterion test_ref="oval:org.opensuse.security:tst:2009038159" comment="perl-PerlMagick less than 6.2.5-16.20"/> 1153 </criteria> 1154 </definition> 1155 <definition id="oval:org.opensuse.security:def:20064145" version="1" class="vulnerability"> 1156 <metadata> 1157 <title>CVE-2006-4145</title> 1158 <affected family="unix"> 1159 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 1160 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 1161 </affected> 1162 <reference ref_id="CVE-2006-4145" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4145" source="CVE"/> 1163 <description> 1164 The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service (hang and crash) via certain operations involving truncated files, as demonstrated via the dd command. 1165 </description> 1166 </metadata> 1167 <!-- 753294d78b12c46523f2a5e3815690d3 --> 1168 <criteria operator="AND"> 1169 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1170 <criteria operator="OR"> 1171 <criterion test_ref="oval:org.opensuse.security:tst:2009040637" comment="device-mapper-32bit less than 1.02.13-6.9"/> 1172 <criterion test_ref="oval:org.opensuse.security:tst:2009040638" comment="device-mapper less than 1.02.13-6.9"/> 1173 <criterion test_ref="oval:org.opensuse.security:tst:2009040639" comment="gfxboot less than 3.2.38-0.6"/> 1174 <criterion test_ref="oval:org.opensuse.security:tst:2009040640" comment="icecream less than 0.7.14-20.7"/> 1175 <criterion test_ref="oval:org.opensuse.security:tst:2009040641" comment="kernel-bigsmp less than 2.6.16.46-0.12"/> 1176 <criterion test_ref="oval:org.opensuse.security:tst:2009040642" comment="kernel-default less than 2.6.16.46-0.12"/> 1177 <criterion test_ref="oval:org.opensuse.security:tst:2009040643" comment="kernel-smp less than 2.6.16.46-0.12"/> 1178 <criterion test_ref="oval:org.opensuse.security:tst:2009040644" comment="kernel-source less than 2.6.16.46-0.12"/> 1179 <criterion test_ref="oval:org.opensuse.security:tst:2009040645" comment="kernel-syms less than 2.6.16.46-0.12"/> 1180 <criterion test_ref="oval:org.opensuse.security:tst:2009040646" comment="kernel-xen less than 2.6.16.46-0.12"/> 1181 <criterion test_ref="oval:org.opensuse.security:tst:2009040647" comment="kernel-xenpae less than 2.6.16.46-0.12"/> 1182 <criterion test_ref="oval:org.opensuse.security:tst:2009040648" comment="lkcdutils less than 7.0.1-22.23"/> 1183 <criterion test_ref="oval:org.opensuse.security:tst:2009040649" comment="ltrace-32bit less than 0.4-31.9"/> 1184 <criterion test_ref="oval:org.opensuse.security:tst:2009040650" comment="ltrace less than 0.4-31.9"/> 1185 <criterion test_ref="oval:org.opensuse.security:tst:2009040651" comment="oprofile less than 0.9.1-17.16"/> 1186 <criterion test_ref="oval:org.opensuse.security:tst:2009040652" comment="rsync less than 2.6.8-36.8"/> 1187 <criterion test_ref="oval:org.opensuse.security:tst:2009040653" comment="sysstat less than 6.0.2-16.19"/> 1188 </criteria> 1189 </criteria> 1190 </definition> 1191 <definition id="oval:org.opensuse.security:def:20064340" version="1" class="vulnerability"> 1192 <metadata> 1193 <title>CVE-2006-4340</title> 1194 <affected family="unix"> 1195 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 1196 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 1197 </affected> 1198 <reference ref_id="CVE-2006-4340" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4340" source="CVE"/> 1199 <description> 1200 Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates, a similar vulnerability to CVE-2006-4339. NOTE: on 20061107, Mozilla released an advisory stating that these versions were not completely patched by MFSA2006-60. The newer fixes for 1.5.0.7 are covered by CVE-2006-5462. 1201 </description> 1202 </metadata> 1203 <!-- f2ed7bea62889b94eeb1394136e19e23 --> 1204 <criteria operator="AND"> 1205 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1206 <criteria operator="OR"> 1207 <criterion test_ref="oval:org.opensuse.security:tst:2009041543" comment="MozillaFirefox-translations less than 2.0.0.2-2.13"/> 1208 <criterion test_ref="oval:org.opensuse.security:tst:2009041544" comment="MozillaFirefox less than 2.0.0.2-2.13"/> 1209 <criterion test_ref="oval:org.opensuse.security:tst:2009041545" comment="dejavu less than 2.9-0.10"/> 1210 <criterion test_ref="oval:org.opensuse.security:tst:2009041546" comment="desktop-data-NLD less than 10.1-31.24"/> 1211 <criterion test_ref="oval:org.opensuse.security:tst:2009041547" comment="mozilla-nss-32bit less than 3.11.4-0.7"/> 1212 <criterion test_ref="oval:org.opensuse.security:tst:2009041548" comment="mozilla-nss-devel less than 3.11.4-0.7"/> 1213 <criterion test_ref="oval:org.opensuse.security:tst:2009041549" comment="mozilla-nss-tools less than 3.11.4-0.7"/> 1214 <criterion test_ref="oval:org.opensuse.security:tst:2009041550" comment="mozilla-nss less than 3.11.4-0.7"/> 1215 <criterion test_ref="oval:org.opensuse.security:tst:2009041551" comment="openmotif-libs-32bit less than 2.2.4-21.12"/> 1216 <criterion test_ref="oval:org.opensuse.security:tst:2009041552" comment="openmotif-libs less than 2.2.4-21.12"/> 1217 <criterion test_ref="oval:org.opensuse.security:tst:2009041553" comment="sax2-gui less than 1.7-125.37"/> 1218 <criterion test_ref="oval:org.opensuse.security:tst:2009041554" comment="sax2-ident less than 1.7-125.38"/> 1219 <criterion test_ref="oval:org.opensuse.security:tst:2009041555" comment="sax2-libsax-csharp less than 7.1-121.37"/> 1220 <criterion test_ref="oval:org.opensuse.security:tst:2009041556" comment="sax2-libsax-perl less than 7.1-125.37"/> 1221 <criterion test_ref="oval:org.opensuse.security:tst:2009041557" comment="sax2-libsax less than 7.1-125.37"/> 1222 <criterion test_ref="oval:org.opensuse.security:tst:2009041558" comment="sax2-tools less than 2.7-125.37"/> 1223 <criterion test_ref="oval:org.opensuse.security:tst:2009041559" comment="sax2 less than 7.1-125.37"/> 1224 <criterion test_ref="oval:org.opensuse.security:tst:2009041560" comment="tightvnc less than 1.2.9-201.12"/> 1225 <criterion test_ref="oval:org.opensuse.security:tst:2009041561" comment="xdg-menu less than 0.2-66.10"/> 1226 <criterion test_ref="oval:org.opensuse.security:tst:2009041562" comment="xorg-x11-driver-video-nvidia less than 6.9.0-46.40"/> 1227 <criterion test_ref="oval:org.opensuse.security:tst:2009041563" comment="xorg-x11-driver-video less than 6.9.0-46.40"/> 1228 <criterion test_ref="oval:org.opensuse.security:tst:2009041564" comment="yast2-control-center less than 2.13.10-0.8"/> 1229 <criterion test_ref="oval:org.opensuse.security:tst:2009041565" comment="yast2-qt less than 2.13.82-0.3"/> 1230 <criterion test_ref="oval:org.opensuse.security:tst:2009041566" comment="yast2-x11 less than 2.13.13-0.4"/> 1231 </criteria> 1232 </criteria> 1233 </definition> 1234 <definition id="oval:org.opensuse.security:def:20064538" version="1" class="vulnerability"> 1235 <metadata> 1236 <title>CVE-2006-4538</title> 1237 <affected family="unix"> 1238 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 1239 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 1240 </affected> 1241 <reference ref_id="CVE-2006-4538" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4538" source="CVE"/> 1242 <description> 1243 Linux kernel 2.6.17 and earlier, when running on IA64 or SPARC platforms, allows local users to cause a denial of service (crash) via a malformed ELF file that triggers memory maps that cross region boundaries. 1244 </description> 1245 </metadata> 1246 <!-- 753294d78b12c46523f2a5e3815690d3 --> 1247 <criteria operator="AND"> 1248 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1249 <criteria operator="OR"> 1250 <criterion test_ref="oval:org.opensuse.security:tst:2009040637" comment="device-mapper-32bit less than 1.02.13-6.9"/> 1251 <criterion test_ref="oval:org.opensuse.security:tst:2009040638" comment="device-mapper less than 1.02.13-6.9"/> 1252 <criterion test_ref="oval:org.opensuse.security:tst:2009040639" comment="gfxboot less than 3.2.38-0.6"/> 1253 <criterion test_ref="oval:org.opensuse.security:tst:2009040640" comment="icecream less than 0.7.14-20.7"/> 1254 <criterion test_ref="oval:org.opensuse.security:tst:2009040641" comment="kernel-bigsmp less than 2.6.16.46-0.12"/> 1255 <criterion test_ref="oval:org.opensuse.security:tst:2009040642" comment="kernel-default less than 2.6.16.46-0.12"/> 1256 <criterion test_ref="oval:org.opensuse.security:tst:2009040643" comment="kernel-smp less than 2.6.16.46-0.12"/> 1257 <criterion test_ref="oval:org.opensuse.security:tst:2009040644" comment="kernel-source less than 2.6.16.46-0.12"/> 1258 <criterion test_ref="oval:org.opensuse.security:tst:2009040645" comment="kernel-syms less than 2.6.16.46-0.12"/> 1259 <criterion test_ref="oval:org.opensuse.security:tst:2009040646" comment="kernel-xen less than 2.6.16.46-0.12"/> 1260 <criterion test_ref="oval:org.opensuse.security:tst:2009040647" comment="kernel-xenpae less than 2.6.16.46-0.12"/> 1261 <criterion test_ref="oval:org.opensuse.security:tst:2009040648" comment="lkcdutils less than 7.0.1-22.23"/> 1262 <criterion test_ref="oval:org.opensuse.security:tst:2009040649" comment="ltrace-32bit less than 0.4-31.9"/> 1263 <criterion test_ref="oval:org.opensuse.security:tst:2009040650" comment="ltrace less than 0.4-31.9"/> 1264 <criterion test_ref="oval:org.opensuse.security:tst:2009040651" comment="oprofile less than 0.9.1-17.16"/> 1265 <criterion test_ref="oval:org.opensuse.security:tst:2009040652" comment="rsync less than 2.6.8-36.8"/> 1266 <criterion test_ref="oval:org.opensuse.security:tst:2009040653" comment="sysstat less than 6.0.2-16.19"/> 1267 </criteria> 1268 </criteria> 1269 </definition> 1270 <definition id="oval:org.opensuse.security:def:20064572" version="1" class="vulnerability"> 1271 <metadata> 1272 <title>CVE-2006-4572</title> 1273 <affected family="unix"> 1274 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 1275 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 1276 </affected> 1277 <reference ref_id="CVE-2006-4572" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4572" source="CVE"/> 1278 <description> 1279 ip6_tables in netfilter in the Linux kernel before 2.6.16.31 allows remote attackers to (1) bypass a rule that disallows a protocol, via a packet with the protocol header not located immediately after the fragment header, aka "ip6_tables protocol bypass bug;" and (2) bypass a rule that looks for a certain extension header, via a packet with an extension header outside the first fragment, aka "ip6_tables extension header bypass bug." 1280 </description> 1281 </metadata> 1282 <!-- 753294d78b12c46523f2a5e3815690d3 --> 1283 <criteria operator="AND"> 1284 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1285 <criteria operator="OR"> 1286 <criterion test_ref="oval:org.opensuse.security:tst:2009040637" comment="device-mapper-32bit less than 1.02.13-6.9"/> 1287 <criterion test_ref="oval:org.opensuse.security:tst:2009040638" comment="device-mapper less than 1.02.13-6.9"/> 1288 <criterion test_ref="oval:org.opensuse.security:tst:2009040639" comment="gfxboot less than 3.2.38-0.6"/> 1289 <criterion test_ref="oval:org.opensuse.security:tst:2009040640" comment="icecream less than 0.7.14-20.7"/> 1290 <criterion test_ref="oval:org.opensuse.security:tst:2009040641" comment="kernel-bigsmp less than 2.6.16.46-0.12"/> 1291 <criterion test_ref="oval:org.opensuse.security:tst:2009040642" comment="kernel-default less than 2.6.16.46-0.12"/> 1292 <criterion test_ref="oval:org.opensuse.security:tst:2009040643" comment="kernel-smp less than 2.6.16.46-0.12"/> 1293 <criterion test_ref="oval:org.opensuse.security:tst:2009040644" comment="kernel-source less than 2.6.16.46-0.12"/> 1294 <criterion test_ref="oval:org.opensuse.security:tst:2009040645" comment="kernel-syms less than 2.6.16.46-0.12"/> 1295 <criterion test_ref="oval:org.opensuse.security:tst:2009040646" comment="kernel-xen less than 2.6.16.46-0.12"/> 1296 <criterion test_ref="oval:org.opensuse.security:tst:2009040647" comment="kernel-xenpae less than 2.6.16.46-0.12"/> 1297 <criterion test_ref="oval:org.opensuse.security:tst:2009040648" comment="lkcdutils less than 7.0.1-22.23"/> 1298 <criterion test_ref="oval:org.opensuse.security:tst:2009040649" comment="ltrace-32bit less than 0.4-31.9"/> 1299 <criterion test_ref="oval:org.opensuse.security:tst:2009040650" comment="ltrace less than 0.4-31.9"/> 1300 <criterion test_ref="oval:org.opensuse.security:tst:2009040651" comment="oprofile less than 0.9.1-17.16"/> 1301 <criterion test_ref="oval:org.opensuse.security:tst:2009040652" comment="rsync less than 2.6.8-36.8"/> 1302 <criterion test_ref="oval:org.opensuse.security:tst:2009040653" comment="sysstat less than 6.0.2-16.19"/> 1303 </criteria> 1304 </criteria> 1305 </definition> 1306 <definition id="oval:org.opensuse.security:def:20064811" version="1" class="vulnerability"> 1307 <metadata> 1308 <title>CVE-2006-4811</title> 1309 <affected family="unix"> 1310 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 1311 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 1312 </affected> 1313 <reference ref_id="CVE-2006-4811" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811" source="CVE"/> 1314 <description> 1315 Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image. 1316 </description> 1317 </metadata> 1318 <!-- d8a29c5ccebd97806baee81f19174d23 --> 1319 <criteria operator="AND"> 1320 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1321 <criteria operator="OR"> 1322 <criterion test_ref="oval:org.opensuse.security:tst:2009040545" comment="arts-32bit less than 1.5.1-15.15"/> 1323 <criterion test_ref="oval:org.opensuse.security:tst:2009040546" comment="arts-devel less than 1.5.1-15.15"/> 1324 <criterion test_ref="oval:org.opensuse.security:tst:2009040547" comment="arts less than 1.5.1-15.15"/> 1325 <criterion test_ref="oval:org.opensuse.security:tst:2009040548" comment="esound-32bit less than 0.2.36-19.13"/> 1326 <criterion test_ref="oval:org.opensuse.security:tst:2009040549" comment="esound-devel less than 0.2.36-19.13"/> 1327 <criterion test_ref="oval:org.opensuse.security:tst:2009040550" comment="esound less than 0.2.36-19.13"/> 1328 <criterion test_ref="oval:org.opensuse.security:tst:2009040551" comment="fileshareset less than 2.0-84.51"/> 1329 <criterion test_ref="oval:org.opensuse.security:tst:2009040552" comment="fontconfig-32bit less than 2.3.94-18.16"/> 1330 <criterion test_ref="oval:org.opensuse.security:tst:2009040553" comment="fontconfig-devel-32bit less than 2.3.94-18.16"/> 1331 <criterion test_ref="oval:org.opensuse.security:tst:2009040554" comment="fontconfig-devel less than 2.3.94-18.16"/> 1332 <criterion test_ref="oval:org.opensuse.security:tst:2009040555" comment="fontconfig less than 2.3.94-18.16"/> 1333 <criterion test_ref="oval:org.opensuse.security:tst:2009040556" comment="gnokii less than 0.6.14-40.9"/> 1334 <criterion test_ref="oval:org.opensuse.security:tst:2009040557" comment="gtk-32bit less than 1.2.10-907.11"/> 1335 <criterion test_ref="oval:org.opensuse.security:tst:2009040558" comment="gtk-devel less than 1.2.10-907.11"/> 1336 <criterion test_ref="oval:org.opensuse.security:tst:2009040559" comment="gtk less than 1.2.10-907.11"/> 1337 <criterion test_ref="oval:org.opensuse.security:tst:2009040560" comment="icecream-monitor less than 1.0-45.8"/> 1338 <criterion test_ref="oval:org.opensuse.security:tst:2009040561" comment="kdebase3-32bit less than 3.5.1-69.52"/> 1339 <criterion test_ref="oval:org.opensuse.security:tst:2009040562" comment="kdebase3-devel less than 3.5.1-69.52"/> 1340 <criterion test_ref="oval:org.opensuse.security:tst:2009040563" comment="kdebase3-kdm less than 3.5.1-69.52"/> 1341 <criterion test_ref="oval:org.opensuse.security:tst:2009040564" comment="kdebase3-ksysguardd less than 3.5.1-69.52"/> 1342 <criterion test_ref="oval:org.opensuse.security:tst:2009040565" comment="kdebase3-nsplugin less than 3.5.1-69.52"/> 1343 <criterion test_ref="oval:org.opensuse.security:tst:2009040566" comment="kdebase3-samba less than 3.5.1-69.52"/> 1344 <criterion test_ref="oval:org.opensuse.security:tst:2009040567" comment="kdebase3-session less than 3.5.1-69.52"/> 1345 <criterion test_ref="oval:org.opensuse.security:tst:2009040568" comment="kdebase3 less than 3.5.1-69.52"/> 1346 <criterion test_ref="oval:org.opensuse.security:tst:2009040569" comment="kdelibs3-32bit less than 3.5.1-49.35"/> 1347 <criterion test_ref="oval:org.opensuse.security:tst:2009040570" comment="kdelibs3-arts-32bit less than 3.5.1-49.35"/> 1348 <criterion test_ref="oval:org.opensuse.security:tst:2009040571" comment="kdelibs3-arts less than 3.5.1-49.35"/> 1349 <criterion test_ref="oval:org.opensuse.security:tst:2009040572" comment="kdelibs3-devel-doc less than 3.5.1-49.34"/> 1350 <criterion test_ref="oval:org.opensuse.security:tst:2009040573" comment="kdelibs3-devel less than 3.5.1-49.35"/> 1351 <criterion test_ref="oval:org.opensuse.security:tst:2009040574" comment="kdelibs3-doc less than 3.5.1-49.35"/> 1352 <criterion test_ref="oval:org.opensuse.security:tst:2009040575" comment="kdelibs3 less than 3.5.1-49.35"/> 1353 <criterion test_ref="oval:org.opensuse.security:tst:2009040576" comment="kdeutils3-devel less than 3.5.1-25.14"/> 1354 <criterion test_ref="oval:org.opensuse.security:tst:2009040577" comment="kdeutils3-laptop less than 3.5.1-25.14"/> 1355 <criterion test_ref="oval:org.opensuse.security:tst:2009040578" comment="kdeutils3 less than 3.5.1-25.14"/> 1356 <criterion test_ref="oval:org.opensuse.security:tst:2009040579" comment="libwnck-32bit less than 2.12.3-0.10"/> 1357 <criterion test_ref="oval:org.opensuse.security:tst:2009040580" comment="libwnck-devel less than 2.12.3-0.10"/> 1358 <criterion test_ref="oval:org.opensuse.security:tst:2009040581" comment="libwnck less than 2.12.3-0.10"/> 1359 <criterion test_ref="oval:org.opensuse.security:tst:2009040582" comment="mysql-client less than 5.0.26-12.8"/> 1360 <criterion test_ref="oval:org.opensuse.security:tst:2009040583" comment="mysql-devel less than 5.0.26-12.8"/> 1361 <criterion test_ref="oval:org.opensuse.security:tst:2009040584" comment="mysql-shared-32bit less than 5.0.26-12.8"/> 1362 <criterion test_ref="oval:org.opensuse.security:tst:2009040585" comment="mysql-shared less than 5.0.26-12.8"/> 1363 <criterion test_ref="oval:org.opensuse.security:tst:2009040586" comment="mysql less than 5.0.26-12.8"/> 1364 <criterion test_ref="oval:org.opensuse.security:tst:2009040587" comment="net-snmp-32bit less than 5.3.0.1-25.15"/> 1365 <criterion test_ref="oval:org.opensuse.security:tst:2009040588" comment="net-snmp-devel less than 5.3.0.1-25.15"/> 1366 <criterion test_ref="oval:org.opensuse.security:tst:2009040589" comment="net-snmp less than 5.3.0.1-25.15"/> 1367 <criterion test_ref="oval:org.opensuse.security:tst:2009040590" comment="perl-SNMP less than 5.3.0.1-25.15"/> 1368 <criterion test_ref="oval:org.opensuse.security:tst:2009040591" comment="qt3-32bit less than 3.3.5-58.24"/> 1369 <criterion test_ref="oval:org.opensuse.security:tst:2009040592" comment="qt3-devel-32bit less than 3.3.5-58.24"/> 1370 <criterion test_ref="oval:org.opensuse.security:tst:2009040593" comment="qt3-devel-doc less than 3.3.5-58.22"/> 1371 <criterion test_ref="oval:org.opensuse.security:tst:2009040594" comment="qt3-devel-tools less than 3.3.5-58.22"/> 1372 <criterion test_ref="oval:org.opensuse.security:tst:2009040595" comment="qt3-devel less than 3.3.5-58.24"/> 1373 <criterion test_ref="oval:org.opensuse.security:tst:2009040596" comment="qt3-examples less than 3.3.5-58.22"/> 1374 <criterion test_ref="oval:org.opensuse.security:tst:2009040597" comment="qt3-man less than 3.3.5-58.22"/> 1375 <criterion test_ref="oval:org.opensuse.security:tst:2009040598" comment="qt3 less than 3.3.5-58.24"/> 1376 </criteria> 1377 </criteria> 1378 </definition> 1379 <definition id="oval:org.opensuse.security:def:20065051" version="1" class="vulnerability"> 1380 <metadata> 1381 <title>CVE-2006-5051</title> 1382 <affected family="unix"> 1383 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 1384 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 1385 </affected> 1386 <reference ref_id="CVE-2006-5051" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051" source="CVE"/> 1387 <description> 1388 Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. 1389 </description> 1390 </metadata> 1391 <!-- b7c2f798262596164eb287796a54bdb1 --> 1392 <criteria operator="AND"> 1393 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1394 <criteria operator="OR"> 1395 <criterion test_ref="oval:org.opensuse.security:tst:2009041840" comment="CheckHardware less than 0.1-988.11"/> 1396 <criterion test_ref="oval:org.opensuse.security:tst:2009041841" comment="aaa_base less than 10-12.26"/> 1397 <criterion test_ref="oval:org.opensuse.security:tst:2009041842" comment="acl less than 2.2.41-0.7"/> 1398 <criterion test_ref="oval:org.opensuse.security:tst:2009041843" comment="at less than 3.1.8-921.16"/> 1399 <criterion test_ref="oval:org.opensuse.security:tst:2009041844" comment="attr less than 2.4.34-0.7"/> 1400 <criterion test_ref="oval:org.opensuse.security:tst:2009041845" comment="autofs less than 4.1.4-23.14"/> 1401 <criterion test_ref="oval:org.opensuse.security:tst:2009041846" comment="autoyast2-installation less than 2.13.95-0.8"/> 1402 <criterion test_ref="oval:org.opensuse.security:tst:2009041847" comment="autoyast2 less than 2.13.95-0.8"/> 1403 <criterion test_ref="oval:org.opensuse.security:tst:2009041848" comment="bash less than 3.1-24.14"/> 1404 <criterion test_ref="oval:org.opensuse.security:tst:2009041849" comment="bind-libs-32bit less than 9.3.4-1.8"/> 1405 <criterion test_ref="oval:org.opensuse.security:tst:2009041850" comment="bind-libs less than 9.3.4-1.8"/> 1406 <criterion test_ref="oval:org.opensuse.security:tst:2009041851" comment="bind-utils less than 9.3.4-1.8"/> 1407 <criterion test_ref="oval:org.opensuse.security:tst:2009041852" comment="binutils-32bit less than 2.16.91.0.5-23.20"/> 1408 <criterion test_ref="oval:org.opensuse.security:tst:2009041853" comment="binutils less than 2.16.91.0.5-23.20"/> 1409 <criterion test_ref="oval:org.opensuse.security:tst:2009041854" comment="coreutils less than 5.93-22.14"/> 1410 <criterion test_ref="oval:org.opensuse.security:tst:2009041855" comment="cpio less than 2.6-19.12"/> 1411 <criterion test_ref="oval:org.opensuse.security:tst:2009041856" comment="cron less than 4.1-45.15"/> 1412 <criterion test_ref="oval:org.opensuse.security:tst:2009041857" comment="dbus-1-32bit less than 0.60-33.13"/> 1413 <criterion test_ref="oval:org.opensuse.security:tst:2009041858" comment="dbus-1-devel less than 0.60-33.13"/> 1414 <criterion test_ref="oval:org.opensuse.security:tst:2009041859" comment="dbus-1-glib-32bit less than 0.60-33.13"/> 1415 <criterion test_ref="oval:org.opensuse.security:tst:2009041860" comment="dbus-1-glib less than 0.60-33.13"/> 1416 <criterion test_ref="oval:org.opensuse.security:tst:2009041861" comment="dbus-1-gtk less than 0.60-33.16"/> 1417 <criterion test_ref="oval:org.opensuse.security:tst:2009041862" comment="dbus-1-mono less than 0.60-33.16"/> 1418 <criterion test_ref="oval:org.opensuse.security:tst:2009041863" comment="dbus-1-python less than 0.60-33.16"/> 1419 <criterion test_ref="oval:org.opensuse.security:tst:2009041864" comment="dbus-1-qt3-32bit less than 0.60-33.16"/> 1420 <criterion test_ref="oval:org.opensuse.security:tst:2009041865" comment="dbus-1-qt3-devel less than 0.60-33.16"/> 1421 <criterion test_ref="oval:org.opensuse.security:tst:2009041866" comment="dbus-1-qt3 less than 0.60-33.16"/> 1422 <criterion test_ref="oval:org.opensuse.security:tst:2009041867" comment="dbus-1-x11 less than 0.60-33.16"/> 1423 <criterion test_ref="oval:org.opensuse.security:tst:2009041868" comment="dbus-1 less than 0.60-33.13"/> 1424 <criterion test_ref="oval:org.opensuse.security:tst:2009041869" comment="desktop-translations less than 10.1-40.28"/> 1425 <criterion test_ref="oval:org.opensuse.security:tst:2009041870" comment="diffutils less than 2.8.7-17.14"/> 1426 <criterion test_ref="oval:org.opensuse.security:tst:2009041871" comment="dmraid less than 0.99_1.0.0rc13-0.8"/> 1427 <criterion test_ref="oval:org.opensuse.security:tst:2009041872" comment="dosfstools less than 2.11-15.10"/> 1428 <criterion test_ref="oval:org.opensuse.security:tst:2009041873" comment="e2fsprogs-32bit less than 1.38-25.21"/> 1429 <criterion test_ref="oval:org.opensuse.security:tst:2009041874" comment="e2fsprogs-devel-32bit less than 1.38-25.21"/> 1430 <criterion test_ref="oval:org.opensuse.security:tst:2009041875" comment="e2fsprogs-devel less than 1.38-25.21"/> 1431 <criterion test_ref="oval:org.opensuse.security:tst:2009041876" comment="e2fsprogs less than 1.38-25.21"/> 1432 <criterion test_ref="oval:org.opensuse.security:tst:2009041877" comment="filesystem less than 10-1.12"/> 1433 <criterion test_ref="oval:org.opensuse.security:tst:2009041878" comment="findutils-locate less than 4.2.27-14.10"/> 1434 <criterion test_ref="oval:org.opensuse.security:tst:2009041879" comment="findutils less than 4.2.27-14.10"/> 1435 <criterion test_ref="oval:org.opensuse.security:tst:2009041880" comment="grep less than 2.5.1a-20.11"/> 1436 <criterion test_ref="oval:org.opensuse.security:tst:2009041881" comment="hal-32bit less than 0.5.6-33.26"/> 1437 <criterion test_ref="oval:org.opensuse.security:tst:2009041882" comment="hal-devel less than 0.5.6-33.26"/> 1438 <criterion test_ref="oval:org.opensuse.security:tst:2009041883" comment="hal-gnome less than 0.5.6-33.26"/> 1439 <criterion test_ref="oval:org.opensuse.security:tst:2009041884" comment="hal less than 0.5.6-33.26"/> 1440 <criterion test_ref="oval:org.opensuse.security:tst:2009041885" comment="hwinfo-devel less than 12.46-0.5"/> 1441 <criterion test_ref="oval:org.opensuse.security:tst:2009041886" comment="hwinfo less than 12.46-0.5"/> 1442 <criterion test_ref="oval:org.opensuse.security:tst:2009041887" comment="insserv less than 1.04.0-20.13"/> 1443 <criterion test_ref="oval:org.opensuse.security:tst:2009041888" comment="iputils less than ss021109-167.10"/> 1444 <criterion test_ref="oval:org.opensuse.security:tst:2009041889" comment="klogd less than 1.4.1-559.12"/> 1445 <criterion test_ref="oval:org.opensuse.security:tst:2009041890" comment="krb5-32bit less than 1.4.3-19.17"/> 1446 <criterion test_ref="oval:org.opensuse.security:tst:2009041891" comment="krb5-client less than 1.4.3-19.17"/> 1447 <criterion test_ref="oval:org.opensuse.security:tst:2009041892" comment="krb5-devel-32bit less than 1.4.3-19.17"/> 1448 <criterion test_ref="oval:org.opensuse.security:tst:2009041893" comment="krb5-devel less than 1.4.3-19.17"/> 1449 <criterion test_ref="oval:org.opensuse.security:tst:2009041894" comment="krb5 less than 1.4.3-19.17"/> 1450 <criterion test_ref="oval:org.opensuse.security:tst:2009041895" comment="ldapcpplib less than 0.0.4-14.13"/> 1451 <criterion test_ref="oval:org.opensuse.security:tst:2009041896" comment="libacl-32bit less than 2.2.41-0.7"/> 1452 <criterion test_ref="oval:org.opensuse.security:tst:2009041897" comment="libacl-devel less than 2.2.41-0.7"/> 1453 <criterion test_ref="oval:org.opensuse.security:tst:2009041898" comment="libacl less than 2.2.41-0.7"/> 1454 <criterion test_ref="oval:org.opensuse.security:tst:2009041899" comment="libattr-32bit less than 2.4.34-0.7"/> 1455 <criterion test_ref="oval:org.opensuse.security:tst:2009041900" comment="libattr-devel less than 2.4.34-0.7"/> 1456 <criterion test_ref="oval:org.opensuse.security:tst:2009041901" comment="libattr less than 2.4.34-0.7"/> 1457 <criterion test_ref="oval:org.opensuse.security:tst:2009041902" comment="libcom_err-32bit less than 1.38-25.21"/> 1458 <criterion test_ref="oval:org.opensuse.security:tst:2009041903" comment="libcom_err less than 1.38-25.21"/> 1459 <criterion test_ref="oval:org.opensuse.security:tst:2009041904" comment="liby2util less than 2.13.8-0.12"/> 1460 <criterion test_ref="oval:org.opensuse.security:tst:2009041905" comment="libzypp-zmd-backend less than 7.1.1.0_0.8-0.16"/> 1461 <criterion test_ref="oval:org.opensuse.security:tst:2009041906" comment="libzypp less than 2.15.10-0.4"/> 1462 <criterion test_ref="oval:org.opensuse.security:tst:2009041907" comment="lilo less than 22.7-19.12"/> 1463 <criterion test_ref="oval:org.opensuse.security:tst:2009041908" comment="limal-bootloader less than 1.1.50-0.12"/> 1464 <criterion test_ref="oval:org.opensuse.security:tst:2009041909" comment="limal-perl less than 1.1.56-0.6"/> 1465 <criterion test_ref="oval:org.opensuse.security:tst:2009041910" comment="limal less than 1.1.56-0.6"/> 1466 <criterion test_ref="oval:org.opensuse.security:tst:2009041911" comment="mailx less than 11.25-14.14"/> 1467 <criterion test_ref="oval:org.opensuse.security:tst:2009041912" comment="mcelog less than 0.7-2.12"/> 1468 <criterion test_ref="oval:org.opensuse.security:tst:2009041913" comment="mdadm less than 2.6-0.11"/> 1469 <criterion test_ref="oval:org.opensuse.security:tst:2009041914" comment="microcode_ctl less than 1.15-12.8"/> 1470 <criterion test_ref="oval:org.opensuse.security:tst:2009041915" comment="mkinitrd less than 1.2-106.52"/> 1471 <criterion test_ref="oval:org.opensuse.security:tst:2009041916" comment="module-init-tools less than 3.2.2-32.27"/> 1472 <criterion test_ref="oval:org.opensuse.security:tst:2009041917" comment="multipath-tools less than 0.4.7-34.18"/> 1473 <criterion test_ref="oval:org.opensuse.security:tst:2009041918" comment="ncurses-32bit less than 5.5-18.11"/> 1474 <criterion test_ref="oval:org.opensuse.security:tst:2009041919" comment="ncurses-devel-32bit less than 5.5-18.11"/> 1475 <criterion test_ref="oval:org.opensuse.security:tst:2009041920" comment="ncurses-devel less than 5.5-18.11"/> 1476 <criterion test_ref="oval:org.opensuse.security:tst:2009041921" comment="ncurses less than 5.5-18.11"/> 1477 <criterion test_ref="oval:org.opensuse.security:tst:2009041922" comment="nfs-utils less than 1.0.7-36.21"/> 1478 <criterion test_ref="oval:org.opensuse.security:tst:2009041923" comment="nfsidmap less than 0.12-16.12"/> 1479 <criterion test_ref="oval:org.opensuse.security:tst:2009041924" comment="openldap2-client-32bit less than 2.3.32-0.10"/> 1480 <criterion test_ref="oval:org.opensuse.security:tst:2009041925" comment="openldap2-client less than 2.3.32-0.10"/> 1481 <criterion test_ref="oval:org.opensuse.security:tst:2009041926" comment="openldap2-devel-32bit less than 2.3.32-0.10"/> 1482 <criterion test_ref="oval:org.opensuse.security:tst:2009041927" comment="openldap2-devel less than 2.3.32-0.10"/> 1483 <criterion test_ref="oval:org.opensuse.security:tst:2009041928" comment="openldap2 less than 2.3.32-0.10"/> 1484 <criterion test_ref="oval:org.opensuse.security:tst:2009041929" comment="openssh-askpass less than 4.2p1-18.25"/> 1485 <criterion test_ref="oval:org.opensuse.security:tst:2009041930" comment="openssh less than 4.2p1-18.25"/> 1486 <criterion test_ref="oval:org.opensuse.security:tst:2009041931" comment="pam-32bit less than 0.99.6.3-28.8"/> 1487 <criterion test_ref="oval:org.opensuse.security:tst:2009041932" comment="pam-devel less than 0.99.6.3-28.8"/> 1488 <criterion test_ref="oval:org.opensuse.security:tst:2009041933" comment="pam-modules-32bit less than 10-2.11"/> 1489 <criterion test_ref="oval:org.opensuse.security:tst:2009041934" comment="pam-modules less than 10-2.11"/> 1490 <criterion test_ref="oval:org.opensuse.security:tst:2009041935" comment="pam less than 0.99.6.3-28.8"/> 1491 <criterion test_ref="oval:org.opensuse.security:tst:2009041936" comment="parted-32bit less than 1.6.25.1-15.13"/> 1492 <criterion test_ref="oval:org.opensuse.security:tst:2009041937" comment="parted less than 1.6.25.1-15.13"/> 1493 <criterion test_ref="oval:org.opensuse.security:tst:2009041938" comment="pciutils less than 2.2.4-16.9"/> 1494 <criterion test_ref="oval:org.opensuse.security:tst:2009041939" comment="pcsc-lite-devel less than 1.2.9_beta9-17.10"/> 1495 <criterion test_ref="oval:org.opensuse.security:tst:2009041940" comment="pcsc-lite less than 1.2.9_beta9-17.10"/> 1496 <criterion test_ref="oval:org.opensuse.security:tst:2009041941" comment="perl-Bootloader less than 0.4.15-0.6"/> 1497 <criterion test_ref="oval:org.opensuse.security:tst:2009041942" comment="permissions less than 2007.2.15-0.7"/> 1498 <criterion test_ref="oval:org.opensuse.security:tst:2009041943" comment="popt-32bit less than 1.7-271.19"/> 1499 <criterion test_ref="oval:org.opensuse.security:tst:2009041944" comment="popt-devel-32bit less than 1.7-271.19"/> 1500 <criterion test_ref="oval:org.opensuse.security:tst:2009041945" comment="popt-devel less than 1.7-271.19"/> 1501 <criterion test_ref="oval:org.opensuse.security:tst:2009041946" comment="popt less than 1.7-271.19"/> 1502 <criterion test_ref="oval:org.opensuse.security:tst:2009041947" comment="portmap less than 5beta-749.10"/> 1503 <criterion test_ref="oval:org.opensuse.security:tst:2009041948" comment="postfix less than 2.2.9-10.18"/> 1504 <criterion test_ref="oval:org.opensuse.security:tst:2009041949" comment="powersave-libs-32bit less than 0.12.26-0.6"/> 1505 <criterion test_ref="oval:org.opensuse.security:tst:2009041950" comment="powersave-libs less than 0.12.26-0.6"/> 1506 <criterion test_ref="oval:org.opensuse.security:tst:2009041951" comment="powersave less than 0.12.26-0.6"/> 1507 <criterion test_ref="oval:org.opensuse.security:tst:2009041952" comment="procinfo less than 18-55.12"/> 1508 <criterion test_ref="oval:org.opensuse.security:tst:2009041953" comment="pwdutils less than 3.0.7.1-17.24"/> 1509 <criterion test_ref="oval:org.opensuse.security:tst:2009041954" comment="readline-32bit less than 5.1-24.13"/> 1510 <criterion test_ref="oval:org.opensuse.security:tst:2009041955" comment="readline-devel-32bit less than 5.1-24.13"/> 1511 <criterion test_ref="oval:org.opensuse.security:tst:2009041956" comment="readline-devel less than 5.1-24.13"/> 1512 <criterion test_ref="oval:org.opensuse.security:tst:2009041957" comment="readline less than 5.1-24.13"/> 1513 <criterion test_ref="oval:org.opensuse.security:tst:2009041958" comment="reiserfs less than 3.6.19-19.12"/> 1514 <criterion test_ref="oval:org.opensuse.security:tst:2009041959" comment="rpm-devel less than 4.4.2-43.19"/> 1515 <criterion test_ref="oval:org.opensuse.security:tst:2009041960" comment="rpm-python less than 4.4.2-43.19"/> 1516 <criterion test_ref="oval:org.opensuse.security:tst:2009041961" comment="rpm less than 4.4.2-43.19"/> 1517 <criterion test_ref="oval:org.opensuse.security:tst:2009041962" comment="rug less than 7.2.0.0-0.8"/> 1518 <criterion test_ref="oval:org.opensuse.security:tst:2009041963" comment="scpm-devel less than 1.1.3-18.16"/> 1519 <criterion test_ref="oval:org.opensuse.security:tst:2009041964" comment="scpm less than 1.1.3-18.16"/> 1520 <criterion test_ref="oval:org.opensuse.security:tst:2009041965" comment="screen less than 4.0.2-62.14"/> 1521 <criterion test_ref="oval:org.opensuse.security:tst:2009041966" comment="scsi less than 1.7_2.36_1.19_0.17_0.97-12.14"/> 1522 <criterion test_ref="oval:org.opensuse.security:tst:2009041967" comment="sed less than 4.1.4-17.11"/> 1523 <criterion test_ref="oval:org.opensuse.security:tst:2009041968" comment="sled-release less than 10-9.22"/> 1524 <criterion test_ref="oval:org.opensuse.security:tst:2009041969" comment="sudo less than 1.6.8p12-18.14"/> 1525 <criterion test_ref="oval:org.opensuse.security:tst:2009041970" comment="suseRegister less than 1.2-9.26"/> 1526 <criterion test_ref="oval:org.opensuse.security:tst:2009041971" comment="sysconfig less than 0.50.9-13.25"/> 1527 <criterion test_ref="oval:org.opensuse.security:tst:2009041972" comment="sysfsutils-32bit less than 1.3.0-16.10"/> 1528 <criterion test_ref="oval:org.opensuse.security:tst:2009041973" comment="sysfsutils less than 1.3.0-16.10"/> 1529 <criterion test_ref="oval:org.opensuse.security:tst:2009041974" comment="syslinux less than 3.11-20.11"/> 1530 <criterion test_ref="oval:org.opensuse.security:tst:2009041975" comment="sysvinit less than 2.86-21.15"/> 1531 <criterion test_ref="oval:org.opensuse.security:tst:2009041976" comment="terminfo less than 5.5-18.11"/> 1532 <criterion test_ref="oval:org.opensuse.security:tst:2009041977" comment="udev less than 085-30.37"/> 1533 <criterion test_ref="oval:org.opensuse.security:tst:2009041978" comment="ulimit less than 1.1-146.10"/> 1534 <criterion test_ref="oval:org.opensuse.security:tst:2009041979" comment="update-desktop-files less than 10.1-40.28"/> 1535 <criterion test_ref="oval:org.opensuse.security:tst:2009041980" comment="util-linux less than 2.12r-35.22"/> 1536 <criterion test_ref="oval:org.opensuse.security:tst:2009041981" comment="wireless-tools less than 28pre13-22.12"/> 1537 <criterion test_ref="oval:org.opensuse.security:tst:2009041982" comment="xfsprogs less than 2.8.16-0.10"/> 1538 <criterion test_ref="oval:org.opensuse.security:tst:2009041983" comment="xntp less than 4.2.0a-70.14"/> 1539 <criterion test_ref="oval:org.opensuse.security:tst:2009041984" comment="yast2-backup less than 2.13.5-0.12"/> 1540 <criterion test_ref="oval:org.opensuse.security:tst:2009041985" comment="yast2-bootloader less than 2.13.97-0.4"/> 1541 <criterion test_ref="oval:org.opensuse.security:tst:2009041986" comment="yast2-core less than 2.13.39-0.3"/> 1542 <criterion test_ref="oval:org.opensuse.security:tst:2009041987" comment="yast2-country less than 2.13.52-0.9"/> 1543 <criterion test_ref="oval:org.opensuse.security:tst:2009041988" comment="yast2-firewall less than 2.13.15-0.10"/> 1544 <criterion test_ref="oval:org.opensuse.security:tst:2009041989" comment="yast2-hardware-detection less than 2.13.7-0.9"/> 1545 <criterion test_ref="oval:org.opensuse.security:tst:2009041990" comment="yast2-inetd less than 2.13.8-0.6"/> 1546 <criterion test_ref="oval:org.opensuse.security:tst:2009041991" comment="yast2-installation less than 2.13.192-0.4"/> 1547 <criterion test_ref="oval:org.opensuse.security:tst:2009041992" comment="yast2-irda less than 2.13.3-0.11"/> 1548 <criterion test_ref="oval:org.opensuse.security:tst:2009041993" comment="yast2-kerberos-client less than 2.13.11-0.10"/> 1549 <criterion test_ref="oval:org.opensuse.security:tst:2009041994" comment="yast2-ldap-client less than 2.13.27-0.11"/> 1550 <criterion test_ref="oval:org.opensuse.security:tst:2009041995" comment="yast2-ldap less than 2.13.5-1.11"/> 1551 <criterion test_ref="oval:org.opensuse.security:tst:2009041996" comment="yast2-mail-aliases less than 2.13.8-0.11"/> 1552 <criterion test_ref="oval:org.opensuse.security:tst:2009041997" comment="yast2-mail less than 2.13.8-0.11"/> 1553 <criterion test_ref="oval:org.opensuse.security:tst:2009041998" comment="yast2-ncurses less than 2.13.66-0.12"/> 1554 <criterion test_ref="oval:org.opensuse.security:tst:2009041999" comment="yast2-network less than 2.13.98-0.7"/> 1555 <criterion test_ref="oval:org.opensuse.security:tst:2009042000" comment="yast2-nfs-client less than 2.13.4-0.11"/> 1556 <criterion test_ref="oval:org.opensuse.security:tst:2009042001" comment="yast2-nis-client less than 2.13.8-0.11"/> 1557 <criterion test_ref="oval:org.opensuse.security:tst:2009042002" comment="yast2-ntp-client less than 2.13.17-0.10"/> 1558 <criterion test_ref="oval:org.opensuse.security:tst:2009042003" comment="yast2-online-update-frontend less than 2.13.59-0.3"/> 1559 <criterion test_ref="oval:org.opensuse.security:tst:2009042004" comment="yast2-online-update less than 2.13.59-0.3"/> 1560 <criterion test_ref="oval:org.opensuse.security:tst:2009042005" comment="yast2-packager less than 2.13.175-0.5"/> 1561 <criterion test_ref="oval:org.opensuse.security:tst:2009042006" comment="yast2-pam less than 2.13.5-0.11"/> 1562 <criterion test_ref="oval:org.opensuse.security:tst:2009042007" comment="yast2-perl-bindings less than 2.13.11-0.17"/> 1563 <criterion test_ref="oval:org.opensuse.security:tst:2009042008" comment="yast2-pkg-bindings less than 2.13.117-0.13"/> 1564 <criterion test_ref="oval:org.opensuse.security:tst:2009042009" comment="yast2-power-management less than 2.13.9-0.9"/> 1565 <criterion test_ref="oval:org.opensuse.security:tst:2009042010" comment="yast2-powertweak less than 2.13.8-0.10"/> 1566 <criterion test_ref="oval:org.opensuse.security:tst:2009042011" comment="yast2-printer less than 2.13.32-1.13"/> 1567 <criterion test_ref="oval:org.opensuse.security:tst:2009042012" comment="yast2-profile-manager less than 2.13.6-0.12"/> 1568 <criterion test_ref="oval:org.opensuse.security:tst:2009042013" comment="yast2-repair less than 2.13.10-0.13"/> 1569 <criterion test_ref="oval:org.opensuse.security:tst:2009042014" comment="yast2-restore less than 2.13.2-0.13"/> 1570 <criterion test_ref="oval:org.opensuse.security:tst:2009042015" comment="yast2-runlevel less than 2.13.11-0.11"/> 1571 <criterion test_ref="oval:org.opensuse.security:tst:2009042016" comment="yast2-samba-client less than 2.13.36-0.8"/> 1572 <criterion test_ref="oval:org.opensuse.security:tst:2009042017" comment="yast2-schema less than 2.13.5-0.13"/> 1573 <criterion test_ref="oval:org.opensuse.security:tst:2009042018" comment="yast2-security less than 2.13.7-0.11"/> 1574 <criterion test_ref="oval:org.opensuse.security:tst:2009042019" comment="yast2-slp less than 2.13.4-0.17"/> 1575 <criterion test_ref="oval:org.opensuse.security:tst:2009042020" comment="yast2-storage-lib less than 2.13.94-0.4"/> 1576 <criterion test_ref="oval:org.opensuse.security:tst:2009042021" comment="yast2-storage less than 2.13.94-0.4"/> 1577 <criterion test_ref="oval:org.opensuse.security:tst:2009042022" comment="yast2-support less than 2.13.6-0.10"/> 1578 <criterion test_ref="oval:org.opensuse.security:tst:2009042023" comment="yast2-sysconfig less than 2.13.8-0.10"/> 1579 <criterion test_ref="oval:org.opensuse.security:tst:2009042024" comment="yast2-theme-NLD less than 0.4.5-3.20"/> 1580 <criterion test_ref="oval:org.opensuse.security:tst:2009042025" comment="yast2-trans-stats less than 2.11.0-21.18"/> 1581 <criterion test_ref="oval:org.opensuse.security:tst:2009042026" comment="yast2-transfer less than 2.13.4-0.10"/> 1582 <criterion test_ref="oval:org.opensuse.security:tst:2009042027" comment="yast2-tune less than 2.13.12-0.8"/> 1583 <criterion test_ref="oval:org.opensuse.security:tst:2009042028" comment="yast2-tv less than 2.13.9-0.11"/> 1584 <criterion test_ref="oval:org.opensuse.security:tst:2009042029" comment="yast2-update less than 2.13.52-0.4"/> 1585 <criterion test_ref="oval:org.opensuse.security:tst:2009042030" comment="yast2-users less than 2.13.55-0.4"/> 1586 <criterion test_ref="oval:org.opensuse.security:tst:2009042031" comment="yast2-vm less than 2.13.77-0.4"/> 1587 <criterion test_ref="oval:org.opensuse.security:tst:2009042032" comment="yast2-xml less than 2.13.4-0.8"/> 1588 <criterion test_ref="oval:org.opensuse.security:tst:2009042033" comment="yast2 less than 2.13.104-0.7"/> 1589 <criterion test_ref="oval:org.opensuse.security:tst:2009042034" comment="zmd-inventory less than 7.2.0-0.9"/> 1590 <criterion test_ref="oval:org.opensuse.security:tst:2009042035" comment="zmd less than 7.2.0.0-0.13"/> 1591 <criterion test_ref="oval:org.opensuse.security:tst:2009042036" comment="zypper less than 0.6.17-0.16"/> 1592 </criteria> 1593 </criteria> 1594 </definition> 1595 <definition id="oval:org.opensuse.security:def:20065170" version="1" class="vulnerability"> 1596 <metadata> 1597 <title>CVE-2006-5170</title> 1598 <affected family="unix"> 1599 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 1600 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 1601 </affected> 1602 <reference ref_id="CVE-2006-5170" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5170" source="CVE"/> 1603 <description> 1604 pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver. 1605 </description> 1606 </metadata> 1607 <!-- a0d56ea96b27afc53254f8945a8fc150 --> 1608 <criteria operator="AND"> 1609 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1610 <criteria operator="OR"> 1611 <criterion test_ref="oval:org.opensuse.security:tst:2009042151" comment="nss_ldap-32bit less than 246-14.13"/> 1612 <criterion test_ref="oval:org.opensuse.security:tst:2009042152" comment="nss_ldap less than 246-14.13"/> 1613 <criterion test_ref="oval:org.opensuse.security:tst:2009042153" comment="pam_ldap-32bit less than 180-13.12"/> 1614 <criterion test_ref="oval:org.opensuse.security:tst:2009042154" comment="pam_ldap less than 180-13.12"/> 1615 </criteria> 1616 </criteria> 1617 </definition> 1618 <definition id="oval:org.opensuse.security:def:20065330" version="1" class="vulnerability"> 1619 <metadata> 1620 <title>CVE-2006-5330</title> 1621 <affected family="unix"> 1622 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 1623 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 1624 </affected> 1625 <reference ref_id="CVE-2006-5330" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5330" source="CVE"/> 1626 <description> 1627 CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks via CRLF sequences in arguments to the ActionScript functions (1) XML.addRequestHeader and (2) XML.contentType. NOTE: the flexibility of the attack varies depending on the type of web browser being used. 1628 </description> 1629 </metadata> 1630 <!-- 1867ef9a9f6037b1364b4c0e91ac87a0 --> 1631 <criteria operator="AND"> 1632 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1633 <criteria operator="OR"> 1634 <criterion test_ref="oval:org.opensuse.security:tst:2009042160" comment="NetworkManager-kde less than 0.1r588481-1.17"/> 1635 <criterion test_ref="oval:org.opensuse.security:tst:2009042161" comment="amarok-libvisual less than 1.3.8-34.14"/> 1636 <criterion test_ref="oval:org.opensuse.security:tst:2009042162" comment="amarok-xine less than 1.3.8-34.14"/> 1637 <criterion test_ref="oval:org.opensuse.security:tst:2009042163" comment="amarok less than 1.3.8-34.14"/> 1638 <criterion test_ref="oval:org.opensuse.security:tst:2009042164" comment="beagle-index less than 10.1_20070202-0.13"/> 1639 <criterion test_ref="oval:org.opensuse.security:tst:2009042165" comment="digikam less than 0.8.2-39.9"/> 1640 <criterion test_ref="oval:org.opensuse.security:tst:2009042166" comment="digikamimageplugins less than 0.8.2-36.9"/> 1641 <criterion test_ref="oval:org.opensuse.security:tst:2009042167" comment="flash-player less than 9.0.31.0-1.7"/> 1642 <criterion test_ref="oval:org.opensuse.security:tst:2009042168" comment="gtk-qt-engine-32bit less than 0.7cvs20060209-22.13"/> 1643 <criterion test_ref="oval:org.opensuse.security:tst:2009042169" comment="gtk-qt-engine less than 0.7cvs20060209-22.13"/> 1644 <criterion test_ref="oval:org.opensuse.security:tst:2009042170" comment="kdeaddons3-kate less than 3.5.1-18.14"/> 1645 <criterion test_ref="oval:org.opensuse.security:tst:2009042171" comment="kdeaddons3-kicker less than 3.5.1-18.14"/> 1646 <criterion test_ref="oval:org.opensuse.security:tst:2009042172" comment="kdeaddons3-konqueror less than 3.5.1-18.14"/> 1647 <criterion test_ref="oval:org.opensuse.security:tst:2009042173" comment="kdemultimedia3-CD less than 3.5.1-20.15"/> 1648 <criterion test_ref="oval:org.opensuse.security:tst:2009042174" comment="kdemultimedia3-devel less than 3.5.1-20.15"/> 1649 <criterion test_ref="oval:org.opensuse.security:tst:2009042175" comment="kdemultimedia3-mixer less than 3.5.1-20.15"/> 1650 <criterion test_ref="oval:org.opensuse.security:tst:2009042176" comment="kdemultimedia3-sound less than 3.5.1-20.15"/> 1651 <criterion test_ref="oval:org.opensuse.security:tst:2009042177" comment="kdemultimedia3-video less than 3.5.1-20.15"/> 1652 <criterion test_ref="oval:org.opensuse.security:tst:2009042178" comment="kdemultimedia3 less than 3.5.1-20.15"/> 1653 <criterion test_ref="oval:org.opensuse.security:tst:2009042179" comment="kdenetwork3-InstantMessenger less than 3.5.1-32.24"/> 1654 <criterion test_ref="oval:org.opensuse.security:tst:2009042180" comment="kdenetwork3-news less than 3.5.1-32.24"/> 1655 <criterion test_ref="oval:org.opensuse.security:tst:2009042181" comment="kdenetwork3-vnc less than 3.5.1-32.24"/> 1656 <criterion test_ref="oval:org.opensuse.security:tst:2009042182" comment="kdenetwork3 less than 3.5.1-32.24"/> 1657 <criterion test_ref="oval:org.opensuse.security:tst:2009042183" comment="kdepim3-devel less than 3.5.1-41.30"/> 1658 <criterion test_ref="oval:org.opensuse.security:tst:2009042184" comment="kdepim3-kpilot less than 3.5.1-41.30"/> 1659 <criterion test_ref="oval:org.opensuse.security:tst:2009042185" comment="kdepim3-mobile less than 3.5.1-41.30"/> 1660 <criterion test_ref="oval:org.opensuse.security:tst:2009042186" comment="kdepim3-networkstatus less than 3.5.1-41.30"/> 1661 <criterion test_ref="oval:org.opensuse.security:tst:2009042187" comment="kdepim3-sync less than 3.5.1-41.30"/> 1662 <criterion test_ref="oval:org.opensuse.security:tst:2009042188" comment="kdepim3 less than 3.5.1-41.30"/> 1663 <criterion test_ref="oval:org.opensuse.security:tst:2009042189" comment="kerry less than 0.2.2-0.14"/> 1664 <criterion test_ref="oval:org.opensuse.security:tst:2009042190" comment="kinternet less than 0.75-19.14"/> 1665 <criterion test_ref="oval:org.opensuse.security:tst:2009042191" comment="krecord less than 1.16-25.13"/> 1666 <criterion test_ref="oval:org.opensuse.security:tst:2009042192" comment="kscpm less than 0.5.3-17.14"/> 1667 <criterion test_ref="oval:org.opensuse.security:tst:2009042193" comment="yast2-CASA less than 1.7.1271-3.8"/> 1668 </criteria> 1669 </criteria> 1670 </definition> 1671 <definition id="oval:org.opensuse.security:def:20065456" version="1" class="vulnerability"> 1672 <metadata> 1673 <title>CVE-2006-5456</title> 1674 <affected family="unix"> 1675 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 1676 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 1677 </affected> 1678 <reference ref_id="CVE-2006-5456" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456" source="CVE"/> 1679 <description> 1680 Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. 1681 </description> 1682 </metadata> 1683 <!-- c63e20288ce2b23db9e99040524a1226 --> 1684 <criteria operator="AND"> 1685 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1686 <criterion test_ref="oval:org.opensuse.security:tst:2009038159" comment="perl-PerlMagick less than 6.2.5-16.20"/> 1687 </criteria> 1688 </definition> 1689 <definition id="oval:org.opensuse.security:def:20065619" version="1" class="vulnerability"> 1690 <metadata> 1691 <title>CVE-2006-5619</title> 1692 <affected family="unix"> 1693 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 1694 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 1695 </affected> 1696 <reference ref_id="CVE-2006-5619" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5619" source="CVE"/> 1697 <description> 1698 The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels. 1699 </description> 1700 </metadata> 1701 <!-- 753294d78b12c46523f2a5e3815690d3 --> 1702 <criteria operator="AND"> 1703 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1704 <criteria operator="OR"> 1705 <criterion test_ref="oval:org.opensuse.security:tst:2009040637" comment="device-mapper-32bit less than 1.02.13-6.9"/> 1706 <criterion test_ref="oval:org.opensuse.security:tst:2009040638" comment="device-mapper less than 1.02.13-6.9"/> 1707 <criterion test_ref="oval:org.opensuse.security:tst:2009040639" comment="gfxboot less than 3.2.38-0.6"/> 1708 <criterion test_ref="oval:org.opensuse.security:tst:2009040640" comment="icecream less than 0.7.14-20.7"/> 1709 <criterion test_ref="oval:org.opensuse.security:tst:2009040641" comment="kernel-bigsmp less than 2.6.16.46-0.12"/> 1710 <criterion test_ref="oval:org.opensuse.security:tst:2009040642" comment="kernel-default less than 2.6.16.46-0.12"/> 1711 <criterion test_ref="oval:org.opensuse.security:tst:2009040643" comment="kernel-smp less than 2.6.16.46-0.12"/> 1712 <criterion test_ref="oval:org.opensuse.security:tst:2009040644" comment="kernel-source less than 2.6.16.46-0.12"/> 1713 <criterion test_ref="oval:org.opensuse.security:tst:2009040645" comment="kernel-syms less than 2.6.16.46-0.12"/> 1714 <criterion test_ref="oval:org.opensuse.security:tst:2009040646" comment="kernel-xen less than 2.6.16.46-0.12"/> 1715 <criterion test_ref="oval:org.opensuse.security:tst:2009040647" comment="kernel-xenpae less than 2.6.16.46-0.12"/> 1716 <criterion test_ref="oval:org.opensuse.security:tst:2009040648" comment="lkcdutils less than 7.0.1-22.23"/> 1717 <criterion test_ref="oval:org.opensuse.security:tst:2009040649" comment="ltrace-32bit less than 0.4-31.9"/> 1718 <criterion test_ref="oval:org.opensuse.security:tst:2009040650" comment="ltrace less than 0.4-31.9"/> 1719 <criterion test_ref="oval:org.opensuse.security:tst:2009040651" comment="oprofile less than 0.9.1-17.16"/> 1720 <criterion test_ref="oval:org.opensuse.security:tst:2009040652" comment="rsync less than 2.6.8-36.8"/> 1721 <criterion test_ref="oval:org.opensuse.security:tst:2009040653" comment="sysstat less than 6.0.2-16.19"/> 1722 </criteria> 1723 </criteria> 1724 </definition> 1725 <definition id="oval:org.opensuse.security:def:20065751" version="1" class="vulnerability"> 1726 <metadata> 1727 <title>CVE-2006-5751</title> 1728 <affected family="unix"> 1729 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 1730 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 1731 </affected> 1732 <reference ref_id="CVE-2006-5751" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5751" source="CVE"/> 1733 <description> 1734 Integer overflow in the get_fdb_entries function in net/bridge/br_ioctl.c in the Linux kernel before 2.6.18.4 allows local users to execute arbitrary code via a large maxnum value in an ioctl request. 1735 </description> 1736 </metadata> 1737 <!-- 753294d78b12c46523f2a5e3815690d3 --> 1738 <criteria operator="AND"> 1739 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1740 <criteria operator="OR"> 1741 <criterion test_ref="oval:org.opensuse.security:tst:2009040637" comment="device-mapper-32bit less than 1.02.13-6.9"/> 1742 <criterion test_ref="oval:org.opensuse.security:tst:2009040638" comment="device-mapper less than 1.02.13-6.9"/> 1743 <criterion test_ref="oval:org.opensuse.security:tst:2009040639" comment="gfxboot less than 3.2.38-0.6"/> 1744 <criterion test_ref="oval:org.opensuse.security:tst:2009040640" comment="icecream less than 0.7.14-20.7"/> 1745 <criterion test_ref="oval:org.opensuse.security:tst:2009040641" comment="kernel-bigsmp less than 2.6.16.46-0.12"/> 1746 <criterion test_ref="oval:org.opensuse.security:tst:2009040642" comment="kernel-default less than 2.6.16.46-0.12"/> 1747 <criterion test_ref="oval:org.opensuse.security:tst:2009040643" comment="kernel-smp less than 2.6.16.46-0.12"/> 1748 <criterion test_ref="oval:org.opensuse.security:tst:2009040644" comment="kernel-source less than 2.6.16.46-0.12"/> 1749 <criterion test_ref="oval:org.opensuse.security:tst:2009040645" comment="kernel-syms less than 2.6.16.46-0.12"/> 1750 <criterion test_ref="oval:org.opensuse.security:tst:2009040646" comment="kernel-xen less than 2.6.16.46-0.12"/> 1751 <criterion test_ref="oval:org.opensuse.security:tst:2009040647" comment="kernel-xenpae less than 2.6.16.46-0.12"/> 1752 <criterion test_ref="oval:org.opensuse.security:tst:2009040648" comment="lkcdutils less than 7.0.1-22.23"/> 1753 <criterion test_ref="oval:org.opensuse.security:tst:2009040649" comment="ltrace-32bit less than 0.4-31.9"/> 1754 <criterion test_ref="oval:org.opensuse.security:tst:2009040650" comment="ltrace less than 0.4-31.9"/> 1755 <criterion test_ref="oval:org.opensuse.security:tst:2009040651" comment="oprofile less than 0.9.1-17.16"/> 1756 <criterion test_ref="oval:org.opensuse.security:tst:2009040652" comment="rsync less than 2.6.8-36.8"/> 1757 <criterion test_ref="oval:org.opensuse.security:tst:2009040653" comment="sysstat less than 6.0.2-16.19"/> 1758 </criteria> 1759 </criteria> 1760 </definition> 1761 <definition id="oval:org.opensuse.security:def:20065793" version="1" class="vulnerability"> 1762 <metadata> 1763 <title>CVE-2006-5793</title> 1764 <affected family="unix"> 1765 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 1766 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 1767 </affected> 1768 <reference ref_id="CVE-2006-5793" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793" source="CVE"/> 1769 <description> 1770 The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash) via malformed sPLT chunks that trigger an out-of-bounds read. 1771 </description> 1772 </metadata> 1773 <!-- 40e287bc3683fa01255fe04db39e2e76 --> 1774 <criteria operator="AND"> 1775 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1776 <criteria operator="OR"> 1777 <criterion test_ref="oval:org.opensuse.security:tst:2009040845" comment="libpng-devel-32bit less than 1.2.8-19.6"/> 1778 <criterion test_ref="oval:org.opensuse.security:tst:2009040846" comment="libpng-devel less than 1.2.8-19.6"/> 1779 </criteria> 1780 </criteria> 1781 </definition> 1782 <definition id="oval:org.opensuse.security:def:20065794" version="1" class="vulnerability"> 1783 <metadata> 1784 <title>CVE-2006-5794</title> 1785 <affected family="unix"> 1786 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 1787 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 1788 </affected> 1789 <reference ref_id="CVE-2006-5794" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5794" source="CVE"/> 1790 <description> 1791 Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist. 1792 </description> 1793 </metadata> 1794 <!-- b7c2f798262596164eb287796a54bdb1 --> 1795 <criteria operator="AND"> 1796 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 1797 <criteria operator="OR"> 1798 <criterion test_ref="oval:org.opensuse.security:tst:2009041840" comment="CheckHardware less than 0.1-988.11"/> 1799 <criterion test_ref="oval:org.opensuse.security:tst:2009041841" comment="aaa_base less than 10-12.26"/> 1800 <criterion test_ref="oval:org.opensuse.security:tst:2009041842" comment="acl less than 2.2.41-0.7"/> 1801 <criterion test_ref="oval:org.opensuse.security:tst:2009041843" comment="at less than 3.1.8-921.16"/> 1802 <criterion test_ref="oval:org.opensuse.security:tst:2009041844" comment="attr less than 2.4.34-0.7"/> 1803 <criterion test_ref="oval:org.opensuse.security:tst:2009041845" comment="autofs less than 4.1.4-23.14"/> 1804 <criterion test_ref="oval:org.opensuse.security:tst:2009041846" comment="autoyast2-installation less than 2.13.95-0.8"/> 1805 <criterion test_ref="oval:org.opensuse.security:tst:2009041847" comment="autoyast2 less than 2.13.95-0.8"/> 1806 <criterion test_ref="oval:org.opensuse.security:tst:2009041848" comment="bash less than 3.1-24.14"/> 1807 <criterion test_ref="oval:org.opensuse.security:tst:2009041849" comment="bind-libs-32bit less than 9.3.4-1.8"/> 1808 <criterion test_ref="oval:org.opensuse.security:tst:2009041850" comment="bind-libs less than 9.3.4-1.8"/> 1809 <criterion test_ref="oval:org.opensuse.security:tst:2009041851" comment="bind-utils less than 9.3.4-1.8"/> 1810 <criterion test_ref="oval:org.opensuse.security:tst:2009041852" comment="binutils-32bit less than 2.16.91.0.5-23.20"/> 1811 <criterion test_ref="oval:org.opensuse.security:tst:2009041853" comment="binutils less than 2.16.91.0.5-23.20"/> 1812 <criterion test_ref="oval:org.opensuse.security:tst:2009041854" comment="coreutils less than 5.93-22.14"/> 1813 <criterion test_ref="oval:org.opensuse.security:tst:2009041855" comment="cpio less than 2.6-19.12"/> 1814 <criterion test_ref="oval:org.opensuse.security:tst:2009041856" comment="cron less than 4.1-45.15"/> 1815 <criterion test_ref="oval:org.opensuse.security:tst:2009041857" comment="dbus-1-32bit less than 0.60-33.13"/> 1816 <criterion test_ref="oval:org.opensuse.security:tst:2009041858" comment="dbus-1-devel less than 0.60-33.13"/> 1817 <criterion test_ref="oval:org.opensuse.security:tst:2009041859" comment="dbus-1-glib-32bit less than 0.60-33.13"/> 1818 <criterion test_ref="oval:org.opensuse.security:tst:2009041860" comment="dbus-1-glib less than 0.60-33.13"/> 1819 <criterion test_ref="oval:org.opensuse.security:tst:2009041861" comment="dbus-1-gtk less than 0.60-33.16"/> 1820 <criterion test_ref="oval:org.opensuse.security:tst:2009041862" comment="dbus-1-mono less than 0.60-33.16"/> 1821 <criterion test_ref="oval:org.opensuse.security:tst:2009041863" comment="dbus-1-python less than 0.60-33.16"/> 1822 <criterion test_ref="oval:org.opensuse.security:tst:2009041864" comment="dbus-1-qt3-32bit less than 0.60-33.16"/> 1823 <criterion test_ref="oval:org.opensuse.security:tst:2009041865" comment="dbus-1-qt3-devel less than 0.60-33.16"/> 1824 <criterion test_ref="oval:org.opensuse.security:tst:2009041866" comment="dbus-1-qt3 less than 0.60-33.16"/> 1825 <criterion test_ref="oval:org.opensuse.security:tst:2009041867" comment="dbus-1-x11 less than 0.60-33.16"/> 1826 <criterion test_ref="oval:org.opensuse.security:tst:2009041868" comment="dbus-1 less than 0.60-33.13"/> 1827 <criterion test_ref="oval:org.opensuse.security:tst:2009041869" comment="desktop-translations less than 10.1-40.28"/> 1828 <criterion test_ref="oval:org.opensuse.security:tst:2009041870" comment="diffutils less than 2.8.7-17.14"/> 1829 <criterion test_ref="oval:org.opensuse.security:tst:2009041871" comment="dmraid less than 0.99_1.0.0rc13-0.8"/> 1830 <criterion test_ref="oval:org.opensuse.security:tst:2009041872" comment="dosfstools less than 2.11-15.10"/> 1831 <criterion test_ref="oval:org.opensuse.security:tst:2009041873" comment="e2fsprogs-32bit less than 1.38-25.21"/> 1832 <criterion test_ref="oval:org.opensuse.security:tst:2009041874" comment="e2fsprogs-devel-32bit less than 1.38-25.21"/> 1833 <criterion test_ref="oval:org.opensuse.security:tst:2009041875" comment="e2fsprogs-devel less than 1.38-25.21"/> 1834 <criterion test_ref="oval:org.opensuse.security:tst:2009041876" comment="e2fsprogs less than 1.38-25.21"/> 1835 <criterion test_ref="oval:org.opensuse.security:tst:2009041877" comment="filesystem less than 10-1.12"/> 1836 <criterion test_ref="oval:org.opensuse.security:tst:2009041878" comment="findutils-locate less than 4.2.27-14.10"/> 1837 <criterion test_ref="oval:org.opensuse.security:tst:2009041879" comment="findutils less than 4.2.27-14.10"/> 1838 <criterion test_ref="oval:org.opensuse.security:tst:2009041880" comment="grep less than 2.5.1a-20.11"/> 1839 <criterion test_ref="oval:org.opensuse.security:tst:2009041881" comment="hal-32bit less than 0.5.6-33.26"/> 1840 <criterion test_ref="oval:org.opensuse.security:tst:2009041882" comment="hal-devel less than 0.5.6-33.26"/> 1841 <criterion test_ref="oval:org.opensuse.security:tst:2009041883" comment="hal-gnome less than 0.5.6-33.26"/> 1842 <criterion test_ref="oval:org.opensuse.security:tst:2009041884" comment="hal less than 0.5.6-33.26"/> 1843 <criterion test_ref="oval:org.opensuse.security:tst:2009041885" comment="hwinfo-devel less than 12.46-0.5"/> 1844 <criterion test_ref="oval:org.opensuse.security:tst:2009041886" comment="hwinfo less than 12.46-0.5"/> 1845 <criterion test_ref="oval:org.opensuse.security:tst:2009041887" comment="insserv less than 1.04.0-20.13"/> 1846 <criterion test_ref="oval:org.opensuse.security:tst:2009041888" comment="iputils less than ss021109-167.10"/> 1847 <criterion test_ref="oval:org.opensuse.security:tst:2009041889" comment="klogd less than 1.4.1-559.12"/> 1848 <criterion test_ref="oval:org.opensuse.security:tst:2009041890" comment="krb5-32bit less than 1.4.3-19.17"/> 1849 <criterion test_ref="oval:org.opensuse.security:tst:2009041891" comment="krb5-client less than 1.4.3-19.17"/> 1850 <criterion test_ref="oval:org.opensuse.security:tst:2009041892" comment="krb5-devel-32bit less than 1.4.3-19.17"/> 1851 <criterion test_ref="oval:org.opensuse.security:tst:2009041893" comment="krb5-devel less than 1.4.3-19.17"/> 1852 <criterion test_ref="oval:org.opensuse.security:tst:2009041894" comment="krb5 less than 1.4.3-19.17"/> 1853 <criterion test_ref="oval:org.opensuse.security:tst:2009041895" comment="ldapcpplib less than 0.0.4-14.13"/> 1854 <criterion test_ref="oval:org.opensuse.security:tst:2009041896" comment="libacl-32bit less than 2.2.41-0.7"/> 1855 <criterion test_ref="oval:org.opensuse.security:tst:2009041897" comment="libacl-devel less than 2.2.41-0.7"/> 1856 <criterion test_ref="oval:org.opensuse.security:tst:2009041898" comment="libacl less than 2.2.41-0.7"/> 1857 <criterion test_ref="oval:org.opensuse.security:tst:2009041899" comment="libattr-32bit less than 2.4.34-0.7"/> 1858 <criterion test_ref="oval:org.opensuse.security:tst:2009041900" comment="libattr-devel less than 2.4.34-0.7"/> 1859 <criterion test_ref="oval:org.opensuse.security:tst:2009041901" comment="libattr less than 2.4.34-0.7"/> 1860 <criterion test_ref="oval:org.opensuse.security:tst:2009041902" comment="libcom_err-32bit less than 1.38-25.21"/> 1861 <criterion test_ref="oval:org.opensuse.security:tst:2009041903" comment="libcom_err less than 1.38-25.21"/> 1862 <criterion test_ref="oval:org.opensuse.security:tst:2009041904" comment="liby2util less than 2.13.8-0.12"/> 1863 <criterion test_ref="oval:org.opensuse.security:tst:2009041905" comment="libzypp-zmd-backend less than 7.1.1.0_0.8-0.16"/> 1864 <criterion test_ref="oval:org.opensuse.security:tst:2009041906" comment="libzypp less than 2.15.10-0.4"/> 1865 <criterion test_ref="oval:org.opensuse.security:tst:2009041907" comment="lilo less than 22.7-19.12"/> 1866 <criterion test_ref="oval:org.opensuse.security:tst:2009041908" comment="limal-bootloader less than 1.1.50-0.12"/> 1867 <criterion test_ref="oval:org.opensuse.security:tst:2009041909" comment="limal-perl less than 1.1.56-0.6"/> 1868 <criterion test_ref="oval:org.opensuse.security:tst:2009041910" comment="limal less than 1.1.56-0.6"/> 1869 <criterion test_ref="oval:org.opensuse.security:tst:2009041911" comment="mailx less than 11.25-14.14"/> 1870 <criterion test_ref="oval:org.opensuse.security:tst:2009041912" comment="mcelog less than 0.7-2.12"/> 1871 <criterion test_ref="oval:org.opensuse.security:tst:2009041913" comment="mdadm less than 2.6-0.11"/> 1872 <criterion test_ref="oval:org.opensuse.security:tst:2009041914" comment="microcode_ctl less than 1.15-12.8"/> 1873 <criterion test_ref="oval:org.opensuse.security:tst:2009041915" comment="mkinitrd less than 1.2-106.52"/> 1874 <criterion test_ref="oval:org.opensuse.security:tst:2009041916" comment="module-init-tools less than 3.2.2-32.27"/> 1875 <criterion test_ref="oval:org.opensuse.security:tst:2009041917" comment="multipath-tools less than 0.4.7-34.18"/> 1876 <criterion test_ref="oval:org.opensuse.security:tst:2009041918" comment="ncurses-32bit less than 5.5-18.11"/> 1877 <criterion test_ref="oval:org.opensuse.security:tst:2009041919" comment="ncurses-devel-32bit less than 5.5-18.11"/> 1878 <criterion test_ref="oval:org.opensuse.security:tst:2009041920" comment="ncurses-devel less than 5.5-18.11"/> 1879 <criterion test_ref="oval:org.opensuse.security:tst:2009041921" comment="ncurses less than 5.5-18.11"/> 1880 <criterion test_ref="oval:org.opensuse.security:tst:2009041922" comment="nfs-utils less than 1.0.7-36.21"/> 1881 <criterion test_ref="oval:org.opensuse.security:tst:2009041923" comment="nfsidmap less than 0.12-16.12"/> 1882 <criterion test_ref="oval:org.opensuse.security:tst:2009041924" comment="openldap2-client-32bit less than 2.3.32-0.10"/> 1883 <criterion test_ref="oval:org.opensuse.security:tst:2009041925" comment="openldap2-client less than 2.3.32-0.10"/> 1884 <criterion test_ref="oval:org.opensuse.security:tst:2009041926" comment="openldap2-devel-32bit less than 2.3.32-0.10"/> 1885 <criterion test_ref="oval:org.opensuse.security:tst:2009041927" comment="openldap2-devel less than 2.3.32-0.10"/> 1886 <criterion test_ref="oval:org.opensuse.security:tst:2009041928" comment="openldap2 less than 2.3.32-0.10"/> 1887 <criterion test_ref="oval:org.opensuse.security:tst:2009041929" comment="openssh-askpass less than 4.2p1-18.25"/> 1888 <criterion test_ref="oval:org.opensuse.security:tst:2009041930" comment="openssh less than 4.2p1-18.25"/> 1889 <criterion test_ref="oval:org.opensuse.security:tst:2009041931" comment="pam-32bit less than 0.99.6.3-28.8"/> 1890 <criterion test_ref="oval:org.opensuse.security:tst:2009041932" comment="pam-devel less than 0.99.6.3-28.8"/> 1891 <criterion test_ref="oval:org.opensuse.security:tst:2009041933" comment="pam-modules-32bit less than 10-2.11"/> 1892 <criterion test_ref="oval:org.opensuse.security:tst:2009041934" comment="pam-modules less than 10-2.11"/> 1893 <criterion test_ref="oval:org.opensuse.security:tst:2009041935" comment="pam less than 0.99.6.3-28.8"/> 1894 <criterion test_ref="oval:org.opensuse.security:tst:2009041936" comment="parted-32bit less than 1.6.25.1-15.13"/> 1895 <criterion test_ref="oval:org.opensuse.security:tst:2009041937" comment="parted less than 1.6.25.1-15.13"/> 1896 <criterion test_ref="oval:org.opensuse.security:tst:2009041938" comment="pciutils less than 2.2.4-16.9"/> 1897 <criterion test_ref="oval:org.opensuse.security:tst:2009041939" comment="pcsc-lite-devel less than 1.2.9_beta9-17.10"/> 1898 <criterion test_ref="oval:org.opensuse.security:tst:2009041940" comment="pcsc-lite less than 1.2.9_beta9-17.10"/> 1899 <criterion test_ref="oval:org.opensuse.security:tst:2009041941" comment="perl-Bootloader less than 0.4.15-0.6"/> 1900 <criterion test_ref="oval:org.opensuse.security:tst:2009041942" comment="permissions less than 2007.2.15-0.7"/> 1901 <criterion test_ref="oval:org.opensuse.security:tst:2009041943" comment="popt-32bit less than 1.7-271.19"/> 1902 <criterion test_ref="oval:org.opensuse.security:tst:2009041944" comment="popt-devel-32bit less than 1.7-271.19"/> 1903 <criterion test_ref="oval:org.opensuse.security:tst:2009041945" comment="popt-devel less than 1.7-271.19"/> 1904 <criterion test_ref="oval:org.opensuse.security:tst:2009041946" comment="popt less than 1.7-271.19"/> 1905 <criterion test_ref="oval:org.opensuse.security:tst:2009041947" comment="portmap less than 5beta-749.10"/> 1906 <criterion test_ref="oval:org.opensuse.security:tst:2009041948" comment="postfix less than 2.2.9-10.18"/> 1907 <criterion test_ref="oval:org.opensuse.security:tst:2009041949" comment="powersave-libs-32bit less than 0.12.26-0.6"/> 1908 <criterion test_ref="oval:org.opensuse.security:tst:2009041950" comment="powersave-libs less than 0.12.26-0.6"/> 1909 <criterion test_ref="oval:org.opensuse.security:tst:2009041951" comment="powersave less than 0.12.26-0.6"/> 1910 <criterion test_ref="oval:org.opensuse.security:tst:2009041952" comment="procinfo less than 18-55.12"/> 1911 <criterion test_ref="oval:org.opensuse.security:tst:2009041953" comment="pwdutils less than 3.0.7.1-17.24"/> 1912 <criterion test_ref="oval:org.opensuse.security:tst:2009041954" comment="readline-32bit less than 5.1-24.13"/> 1913 <criterion test_ref="oval:org.opensuse.security:tst:2009041955" comment="readline-devel-32bit less than 5.1-24.13"/> 1914 <criterion test_ref="oval:org.opensuse.security:tst:2009041956" comment="readline-devel less than 5.1-24.13"/> 1915 <criterion test_ref="oval:org.opensuse.security:tst:2009041957" comment="readline less than 5.1-24.13"/> 1916 <criterion test_ref="oval:org.opensuse.security:tst:2009041958" comment="reiserfs less than 3.6.19-19.12"/> 1917 <criterion test_ref="oval:org.opensuse.security:tst:2009041959" comment="rpm-devel less than 4.4.2-43.19"/> 1918 <criterion test_ref="oval:org.opensuse.security:tst:2009041960" comment="rpm-python less than 4.4.2-43.19"/> 1919 <criterion test_ref="oval:org.opensuse.security:tst:2009041961" comment="rpm less than 4.4.2-43.19"/> 1920 <criterion test_ref="oval:org.opensuse.security:tst:2009041962" comment="rug less than 7.2.0.0-0.8"/> 1921 <criterion test_ref="oval:org.opensuse.security:tst:2009041963" comment="scpm-devel less than 1.1.3-18.16"/> 1922 <criterion test_ref="oval:org.opensuse.security:tst:2009041964" comment="scpm less than 1.1.3-18.16"/> 1923 <criterion test_ref="oval:org.opensuse.security:tst:2009041965" comment="screen less than 4.0.2-62.14"/> 1924 <criterion test_ref="oval:org.opensuse.security:tst:2009041966" comment="scsi less than 1.7_2.36_1.19_0.17_0.97-12.14"/> 1925 <criterion test_ref="oval:org.opensuse.security:tst:2009041967" comment="sed less than 4.1.4-17.11"/> 1926 <criterion test_ref="oval:org.opensuse.security:tst:2009041968" comment="sled-release less than 10-9.22"/> 1927 <criterion test_ref="oval:org.opensuse.security:tst:2009041969" comment="sudo less than 1.6.8p12-18.14"/> 1928 <criterion test_ref="oval:org.opensuse.security:tst:2009041970" comment="suseRegister less than 1.2-9.26"/> 1929 <criterion test_ref="oval:org.opensuse.security:tst:2009041971" comment="sysconfig less than 0.50.9-13.25"/> 1930 <criterion test_ref="oval:org.opensuse.security:tst:2009041972" comment="sysfsutils-32bit less than 1.3.0-16.10"/> 1931 <criterion test_ref="oval:org.opensuse.security:tst:2009041973" comment="sysfsutils less than 1.3.0-16.10"/> 1932 <criterion test_ref="oval:org.opensuse.security:tst:2009041974" comment="syslinux less than 3.11-20.11"/> 1933 <criterion test_ref="oval:org.opensuse.security:tst:2009041975" comment="sysvinit less than 2.86-21.15"/> 1934 <criterion test_ref="oval:org.opensuse.security:tst:2009041976" comment="terminfo less than 5.5-18.11"/> 1935 <criterion test_ref="oval:org.opensuse.security:tst:2009041977" comment="udev less than 085-30.37"/> 1936 <criterion test_ref="oval:org.opensuse.security:tst:2009041978" comment="ulimit less than 1.1-146.10"/> 1937 <criterion test_ref="oval:org.opensuse.security:tst:2009041979" comment="update-desktop-files less than 10.1-40.28"/> 1938 <criterion test_ref="oval:org.opensuse.security:tst:2009041980" comment="util-linux less than 2.12r-35.22"/> 1939 <criterion test_ref="oval:org.opensuse.security:tst:2009041981" comment="wireless-tools less than 28pre13-22.12"/> 1940 <criterion test_ref="oval:org.opensuse.security:tst:2009041982" comment="xfsprogs less than 2.8.16-0.10"/> 1941 <criterion test_ref="oval:org.opensuse.security:tst:2009041983" comment="xntp less than 4.2.0a-70.14"/> 1942 <criterion test_ref="oval:org.opensuse.security:tst:2009041984" comment="yast2-backup less than 2.13.5-0.12"/> 1943 <criterion test_ref="oval:org.opensuse.security:tst:2009041985" comment="yast2-bootloader less than 2.13.97-0.4"/> 1944 <criterion test_ref="oval:org.opensuse.security:tst:2009041986" comment="yast2-core less than 2.13.39-0.3"/> 1945 <criterion test_ref="oval:org.opensuse.security:tst:2009041987" comment="yast2-country less than 2.13.52-0.9"/> 1946 <criterion test_ref="oval:org.opensuse.security:tst:2009041988" comment="yast2-firewall less than 2.13.15-0.10"/> 1947 <criterion test_ref="oval:org.opensuse.security:tst:2009041989" comment="yast2-hardware-detection less than 2.13.7-0.9"/> 1948 <criterion test_ref="oval:org.opensuse.security:tst:2009041990" comment="yast2-inetd less than 2.13.8-0.6"/> 1949 <criterion test_ref="oval:org.opensuse.security:tst:2009041991" comment="yast2-installation less than 2.13.192-0.4"/> 1950 <criterion test_ref="oval:org.opensuse.security:tst:2009041992" comment="yast2-irda less than 2.13.3-0.11"/> 1951 <criterion test_ref="oval:org.opensuse.security:tst:2009041993" comment="yast2-kerberos-client less than 2.13.11-0.10"/> 1952 <criterion test_ref="oval:org.opensuse.security:tst:2009041994" comment="yast2-ldap-client less than 2.13.27-0.11"/> 1953 <criterion test_ref="oval:org.opensuse.security:tst:2009041995" comment="yast2-ldap less than 2.13.5-1.11"/> 1954 <criterion test_ref="oval:org.opensuse.security:tst:2009041996" comment="yast2-mail-aliases less than 2.13.8-0.11"/> 1955 <criterion test_ref="oval:org.opensuse.security:tst:2009041997" comment="yast2-mail less than 2.13.8-0.11"/> 1956 <criterion test_ref="oval:org.opensuse.security:tst:2009041998" comment="yast2-ncurses less than 2.13.66-0.12"/> 1957 <criterion test_ref="oval:org.opensuse.security:tst:2009041999" comment="yast2-network less than 2.13.98-0.7"/> 1958 <criterion test_ref="oval:org.opensuse.security:tst:2009042000" comment="yast2-nfs-client less than 2.13.4-0.11"/> 1959 <criterion test_ref="oval:org.opensuse.security:tst:2009042001" comment="yast2-nis-client less than 2.13.8-0.11"/> 1960 <criterion test_ref="oval:org.opensuse.security:tst:2009042002" comment="yast2-ntp-client less than 2.13.17-0.10"/> 1961 <criterion test_ref="oval:org.opensuse.security:tst:2009042003" comment="yast2-online-update-frontend less than 2.13.59-0.3"/> 1962 <criterion test_ref="oval:org.opensuse.security:tst:2009042004" comment="yast2-online-update less than 2.13.59-0.3"/> 1963 <criterion test_ref="oval:org.opensuse.security:tst:2009042005" comment="yast2-packager less than 2.13.175-0.5"/> 1964 <criterion test_ref="oval:org.opensuse.security:tst:2009042006" comment="yast2-pam less than 2.13.5-0.11"/> 1965 <criterion test_ref="oval:org.opensuse.security:tst:2009042007" comment="yast2-perl-bindings less than 2.13.11-0.17"/> 1966 <criterion test_ref="oval:org.opensuse.security:tst:2009042008" comment="yast2-pkg-bindings less than 2.13.117-0.13"/> 1967 <criterion test_ref="oval:org.opensuse.security:tst:2009042009" comment="yast2-power-management less than 2.13.9-0.9"/> 1968 <criterion test_ref="oval:org.opensuse.security:tst:2009042010" comment="yast2-powertweak less than 2.13.8-0.10"/> 1969 <criterion test_ref="oval:org.opensuse.security:tst:2009042011" comment="yast2-printer less than 2.13.32-1.13"/> 1970 <criterion test_ref="oval:org.opensuse.security:tst:2009042012" comment="yast2-profile-manager less than 2.13.6-0.12"/> 1971 <criterion test_ref="oval:org.opensuse.security:tst:2009042013" comment="yast2-repair less than 2.13.10-0.13"/> 1972 <criterion test_ref="oval:org.opensuse.security:tst:2009042014" comment="yast2-restore less than 2.13.2-0.13"/> 1973 <criterion test_ref="oval:org.opensuse.security:tst:2009042015" comment="yast2-runlevel less than 2.13.11-0.11"/> 1974 <criterion test_ref="oval:org.opensuse.security:tst:2009042016" comment="yast2-samba-client less than 2.13.36-0.8"/> 1975 <criterion test_ref="oval:org.opensuse.security:tst:2009042017" comment="yast2-schema less than 2.13.5-0.13"/> 1976 <criterion test_ref="oval:org.opensuse.security:tst:2009042018" comment="yast2-security less than 2.13.7-0.11"/> 1977 <criterion test_ref="oval:org.opensuse.security:tst:2009042019" comment="yast2-slp less than 2.13.4-0.17"/> 1978 <criterion test_ref="oval:org.opensuse.security:tst:2009042020" comment="yast2-storage-lib less than 2.13.94-0.4"/> 1979 <criterion test_ref="oval:org.opensuse.security:tst:2009042021" comment="yast2-storage less than 2.13.94-0.4"/> 1980 <criterion test_ref="oval:org.opensuse.security:tst:2009042022" comment="yast2-support less than 2.13.6-0.10"/> 1981 <criterion test_ref="oval:org.opensuse.security:tst:2009042023" comment="yast2-sysconfig less than 2.13.8-0.10"/> 1982 <criterion test_ref="oval:org.opensuse.security:tst:2009042024" comment="yast2-theme-NLD less than 0.4.5-3.20"/> 1983 <criterion test_ref="oval:org.opensuse.security:tst:2009042025" comment="yast2-trans-stats less than 2.11.0-21.18"/> 1984 <criterion test_ref="oval:org.opensuse.security:tst:2009042026" comment="yast2-transfer less than 2.13.4-0.10"/> 1985 <criterion test_ref="oval:org.opensuse.security:tst:2009042027" comment="yast2-tune less than 2.13.12-0.8"/> 1986 <criterion test_ref="oval:org.opensuse.security:tst:2009042028" comment="yast2-tv less than 2.13.9-0.11"/> 1987 <criterion test_ref="oval:org.opensuse.security:tst:2009042029" comment="yast2-update less than 2.13.52-0.4"/> 1988 <criterion test_ref="oval:org.opensuse.security:tst:2009042030" comment="yast2-users less than 2.13.55-0.4"/> 1989 <criterion test_ref="oval:org.opensuse.security:tst:2009042031" comment="yast2-vm less than 2.13.77-0.4"/> 1990 <criterion test_ref="oval:org.opensuse.security:tst:2009042032" comment="yast2-xml less than 2.13.4-0.8"/> 1991 <criterion test_ref="oval:org.opensuse.security:tst:2009042033" comment="yast2 less than 2.13.104-0.7"/> 1992 <criterion test_ref="oval:org.opensuse.security:tst:2009042034" comment="zmd-inventory less than 7.2.0-0.9"/> 1993 <criterion test_ref="oval:org.opensuse.security:tst:2009042035" comment="zmd less than 7.2.0.0-0.13"/> 1994 <criterion test_ref="oval:org.opensuse.security:tst:2009042036" comment="zypper less than 0.6.17-0.16"/> 1995 </criteria> 1996 </criteria> 1997 </definition> 1998 <definition id="oval:org.opensuse.security:def:20065868" version="1" class="vulnerability"> 1999 <metadata> 2000 <title>CVE-2006-5868</title> 2001 <affected family="unix"> 2002 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 2003 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 2004 </affected> 2005 <reference ref_id="CVE-2006-5868" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5868" source="CVE"/> 2006 <description> 2007 Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image. 2008 </description> 2009 </metadata> 2010 <!-- c63e20288ce2b23db9e99040524a1226 --> 2011 <criteria operator="AND"> 2012 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 2013 <criterion test_ref="oval:org.opensuse.security:tst:2009038159" comment="perl-PerlMagick less than 6.2.5-16.20"/> 2014 </criteria> 2015 </definition> 2016 <definition id="oval:org.opensuse.security:def:20065870" version="1" class="vulnerability"> 2017 <metadata> 2018 <title>CVE-2006-5870</title> 2019 <affected family="unix"> 2020 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 2021 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 2022 </affected> 2023 <reference ref_id="CVE-2006-5870" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5870" source="CVE"/> 2024 <description> 2025 Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records. 2026 </description> 2027 </metadata> 2028 <criteria operator="OR"> 2029 <!-- 3d9fcf4e5387ec9fc9096e15993ca12e --> 2030 <criteria operator="AND"> 2031 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 2032 <criteria operator="OR"> 2033 <criterion test_ref="oval:org.opensuse.security:tst:2009042506" comment="OpenOffice_org-af less than 2.1-0.21"/> 2034 <criterion test_ref="oval:org.opensuse.security:tst:2009042507" comment="OpenOffice_org-ar less than 2.1-0.21"/> 2035 <criterion test_ref="oval:org.opensuse.security:tst:2009042508" comment="OpenOffice_org-ca less than 2.1-0.21"/> 2036 <criterion test_ref="oval:org.opensuse.security:tst:2009042509" comment="OpenOffice_org-cs less than 2.1-0.21"/> 2037 <criterion test_ref="oval:org.opensuse.security:tst:2009042510" comment="OpenOffice_org-da less than 2.1-0.21"/> 2038 <criterion test_ref="oval:org.opensuse.security:tst:2009042511" comment="OpenOffice_org-de-templates less than 8.2-171.6"/> 2039 <criterion test_ref="oval:org.opensuse.security:tst:2009042512" comment="OpenOffice_org-de less than 2.1-0.21"/> 2040 <criterion test_ref="oval:org.opensuse.security:tst:2009042513" comment="OpenOffice_org-es less than 2.1-0.21"/> 2041 <criterion test_ref="oval:org.opensuse.security:tst:2009042514" comment="OpenOffice_org-fi less than 2.1-0.21"/> 2042 <criterion test_ref="oval:org.opensuse.security:tst:2009042515" comment="OpenOffice_org-fr less than 2.1-0.21"/> 2043 <criterion test_ref="oval:org.opensuse.security:tst:2009042516" comment="OpenOffice_org-galleries less than 2.1-0.21"/> 2044 <criterion test_ref="oval:org.opensuse.security:tst:2009042517" comment="OpenOffice_org-gnome less than 2.1-0.21"/> 2045 <criterion test_ref="oval:org.opensuse.security:tst:2009042518" comment="OpenOffice_org-gu-IN less than 2.1-0.21"/> 2046 <criterion test_ref="oval:org.opensuse.security:tst:2009042519" comment="OpenOffice_org-hi-IN less than 2.1-0.21"/> 2047 <criterion test_ref="oval:org.opensuse.security:tst:2009042520" comment="OpenOffice_org-hu less than 2.1-0.21"/> 2048 <criterion test_ref="oval:org.opensuse.security:tst:2009042521" comment="OpenOffice_org-it less than 2.1-0.21"/> 2049 <criterion test_ref="oval:org.opensuse.security:tst:2009042522" comment="OpenOffice_org-ja less than 2.1-0.21"/> 2050 <criterion test_ref="oval:org.opensuse.security:tst:2009042523" comment="OpenOffice_org-kde less than 2.1-0.21"/> 2051 <criterion test_ref="oval:org.opensuse.security:tst:2009042524" comment="OpenOffice_org-mono less than 2.1-0.21"/> 2052 <criterion test_ref="oval:org.opensuse.security:tst:2009042525" comment="OpenOffice_org-nb less than 2.1-0.21"/> 2053 <criterion test_ref="oval:org.opensuse.security:tst:2009042526" comment="OpenOffice_org-nl less than 2.1-0.21"/> 2054 <criterion test_ref="oval:org.opensuse.security:tst:2009042527" comment="OpenOffice_org-nld less than 2.1-0.21"/> 2055 <criterion test_ref="oval:org.opensuse.security:tst:2009042528" comment="OpenOffice_org-nn less than 2.1-0.21"/> 2056 <criterion test_ref="oval:org.opensuse.security:tst:2009042529" comment="OpenOffice_org-pl less than 2.1-0.21"/> 2057 <criterion test_ref="oval:org.opensuse.security:tst:2009042530" comment="OpenOffice_org-pt-BR less than 2.1-0.21"/> 2058 <criterion test_ref="oval:org.opensuse.security:tst:2009042531" comment="OpenOffice_org-ru less than 2.1-0.21"/> 2059 <criterion test_ref="oval:org.opensuse.security:tst:2009042532" comment="OpenOffice_org-sk less than 2.1-0.21"/> 2060 <criterion test_ref="oval:org.opensuse.security:tst:2009042533" comment="OpenOffice_org-sv less than 2.1-0.21"/> 2061 <criterion test_ref="oval:org.opensuse.security:tst:2009042534" comment="OpenOffice_org-xh less than 2.1-0.21"/> 2062 <criterion test_ref="oval:org.opensuse.security:tst:2009042535" comment="OpenOffice_org-zh-CN less than 2.1-0.21"/> 2063 <criterion test_ref="oval:org.opensuse.security:tst:2009042536" comment="OpenOffice_org-zh-TW less than 2.1-0.21"/> 2064 <criterion test_ref="oval:org.opensuse.security:tst:2009042537" comment="OpenOffice_org-zu less than 2.1-0.21"/> 2065 <criterion test_ref="oval:org.opensuse.security:tst:2009042538" comment="OpenOffice_org less than 2.1-0.21"/> 2066 </criteria> 2067 </criteria> 2068 <!-- f83d87195bba0229ac4b65c0cd41c27c --> 2069 <criteria operator="AND"> 2070 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 2071 <criteria operator="OR"> 2072 <criterion test_ref="oval:org.opensuse.security:tst:2009037827" comment="NetworkManager-devel less than 0.6.4-60.26"/> 2073 <criterion test_ref="oval:org.opensuse.security:tst:2009037828" comment="NetworkManager-glib less than 0.6.4-60.26"/> 2074 <criterion test_ref="oval:org.opensuse.security:tst:2009037829" comment="NetworkManager-gnome less than 0.6.4-60.26"/> 2075 <criterion test_ref="oval:org.opensuse.security:tst:2009037830" comment="NetworkManager-openvpn less than 0.3.2cvs20060202-20.25"/> 2076 <criterion test_ref="oval:org.opensuse.security:tst:2009037831" comment="NetworkManager-vpnc less than 0.5.0cvs20060202-19.30"/> 2077 <criterion test_ref="oval:org.opensuse.security:tst:2009037832" comment="NetworkManager less than 0.6.4-60.26"/> 2078 <criterion test_ref="oval:org.opensuse.security:tst:2009037833" comment="art-sharp less than 1.0.10-30.15"/> 2079 <criterion test_ref="oval:org.opensuse.security:tst:2009037834" comment="audit-libs-32bit less than 1.2.9-6.9"/> 2080 <criterion test_ref="oval:org.opensuse.security:tst:2009037835" comment="audit-libs-python less than 1.2.9-12.9"/> 2081 <criterion test_ref="oval:org.opensuse.security:tst:2009037836" comment="audit-libs less than 1.2.9-6.9"/> 2082 <criterion test_ref="oval:org.opensuse.security:tst:2009037837" comment="audit less than 1.2.9-6.9"/> 2083 <criterion test_ref="oval:org.opensuse.security:tst:2009037838" comment="beagle-evolution less than 0.2.16.3-1.13"/> 2084 <criterion test_ref="oval:org.opensuse.security:tst:2009037839" comment="beagle-firefox less than 0.2.16.3-1.13"/> 2085 <criterion test_ref="oval:org.opensuse.security:tst:2009037840" comment="beagle-gui less than 0.2.16.3-1.13"/> 2086 <criterion test_ref="oval:org.opensuse.security:tst:2009037841" comment="beagle less than 0.2.16.3-1.13"/> 2087 <criterion test_ref="oval:org.opensuse.security:tst:2009037842" comment="cifs-mount less than 3.0.24-2.23"/> 2088 <criterion test_ref="oval:org.opensuse.security:tst:2009037843" comment="compiz less than 0.4.0-0.21"/> 2089 <criterion test_ref="oval:org.opensuse.security:tst:2009037844" comment="contact-lookup-applet less than 0.13-21.14"/> 2090 <criterion test_ref="oval:org.opensuse.security:tst:2009037845" comment="dhcp-client less than 3.0.3-23.33"/> 2091 <criterion test_ref="oval:org.opensuse.security:tst:2009037846" comment="dhcp less than 3.0.3-23.33"/> 2092 <criterion test_ref="oval:org.opensuse.security:tst:2009037847" comment="dia less than 0.94-41.22"/> 2093 <criterion test_ref="oval:org.opensuse.security:tst:2009037848" comment="evolution-devel less than 2.6.0-49.55"/> 2094 <criterion test_ref="oval:org.opensuse.security:tst:2009037849" comment="evolution-exchange less than 2.6.0-27.34"/> 2095 <criterion test_ref="oval:org.opensuse.security:tst:2009037850" comment="evolution-pilot less than 2.6.0-49.55"/> 2096 <criterion test_ref="oval:org.opensuse.security:tst:2009037851" comment="evolution-webcal less than 2.4.1-18.14"/> 2097 <criterion test_ref="oval:org.opensuse.security:tst:2009037852" comment="evolution less than 2.6.0-49.55"/> 2098 <criterion test_ref="oval:org.opensuse.security:tst:2009037853" comment="f-spot less than 0.3.5-0.16"/> 2099 <criterion test_ref="oval:org.opensuse.security:tst:2009037854" comment="gaim-devel less than 1.5.0-50.17"/> 2100 <criterion test_ref="oval:org.opensuse.security:tst:2009037855" comment="gaim less than 1.5.0-50.17"/> 2101 <criterion test_ref="oval:org.opensuse.security:tst:2009037856" comment="gconf-sharp less than 1.0.10-30.15"/> 2102 <criterion test_ref="oval:org.opensuse.security:tst:2009037857" comment="gda-sharp less than 1.0.10-30.15"/> 2103 <criterion test_ref="oval:org.opensuse.security:tst:2009037858" comment="gdb less than 6.6-12.20"/> 2104 <criterion test_ref="oval:org.opensuse.security:tst:2009037859" comment="gftp less than 2.0.18-25.15"/> 2105 <criterion test_ref="oval:org.opensuse.security:tst:2009037860" comment="glade-sharp less than 1.0.10-30.15"/> 2106 <criterion test_ref="oval:org.opensuse.security:tst:2009037861" comment="glib-sharp less than 1.0.10-30.15"/> 2107 <criterion test_ref="oval:org.opensuse.security:tst:2009037862" comment="glib2-32bit less than 2.8.6-0.8"/> 2108 <criterion test_ref="oval:org.opensuse.security:tst:2009037863" comment="glib2-devel less than 2.8.6-0.8"/> 2109 <criterion test_ref="oval:org.opensuse.security:tst:2009037864" comment="glib2-doc less than 2.8.6-0.8"/> 2110 <criterion test_ref="oval:org.opensuse.security:tst:2009037865" comment="glib2 less than 2.8.6-0.8"/> 2111 <criterion test_ref="oval:org.opensuse.security:tst:2009037866" comment="gnome-backgrounds less than 2.12.3.1-0.8"/> 2112 <criterion test_ref="oval:org.opensuse.security:tst:2009037867" comment="gnome-filesystem less than 0.1-261.12"/> 2113 <criterion test_ref="oval:org.opensuse.security:tst:2009037868" comment="gnome-games less than 2.12.3-0.12"/> 2114 <criterion test_ref="oval:org.opensuse.security:tst:2009037869" comment="gnome-sharp less than 1.0.10-30.15"/> 2115 <criterion test_ref="oval:org.opensuse.security:tst:2009037870" comment="gnomedb-sharp less than 1.0.10-30.15"/> 2116 <criterion test_ref="oval:org.opensuse.security:tst:2009037871" comment="gnopernicus-devel less than 1.0.0-23.14"/> 2117 <criterion test_ref="oval:org.opensuse.security:tst:2009037872" comment="gnopernicus less than 1.0.0-23.14"/> 2118 <criterion test_ref="oval:org.opensuse.security:tst:2009037873" comment="gstreamer010-plugins-base-32bit less than 0.10.5-11.17"/> 2119 <criterion test_ref="oval:org.opensuse.security:tst:2009037874" comment="gstreamer010-plugins-base-devel less than 0.10.5-11.17"/> 2120 <criterion test_ref="oval:org.opensuse.security:tst:2009037875" comment="gstreamer010-plugins-base-doc less than 0.10.5-11.17"/> 2121 <criterion test_ref="oval:org.opensuse.security:tst:2009037876" comment="gstreamer010-plugins-base-oil-32bit less than 0.10.5-11.17"/> 2122 <criterion test_ref="oval:org.opensuse.security:tst:2009037877" comment="gstreamer010-plugins-base-oil less than 0.10.5-11.17"/> 2123 <criterion test_ref="oval:org.opensuse.security:tst:2009037878" comment="gstreamer010-plugins-base-visual-32bit less than 0.10.5-11.17"/> 2124 <criterion test_ref="oval:org.opensuse.security:tst:2009037879" comment="gstreamer010-plugins-base-visual less than 0.10.5-11.17"/> 2125 <criterion test_ref="oval:org.opensuse.security:tst:2009037880" comment="gstreamer010-plugins-base less than 0.10.5-11.17"/> 2126 <criterion test_ref="oval:org.opensuse.security:tst:2009037881" comment="gtk-sharp-32bit less than 1.0.10-30.15"/> 2127 <criterion test_ref="oval:org.opensuse.security:tst:2009037882" comment="gtk-sharp-complete less than 1.0.10-30.15"/> 2128 <criterion test_ref="oval:org.opensuse.security:tst:2009037883" comment="gtk-sharp-gapi less than 1.0.10-30.15"/> 2129 <criterion test_ref="oval:org.opensuse.security:tst:2009037884" comment="gtk-sharp less than 1.0.10-30.15"/> 2130 <criterion test_ref="oval:org.opensuse.security:tst:2009037885" comment="gtkhtml-sharp less than 1.0.10-30.15"/> 2131 <criterion test_ref="oval:org.opensuse.security:tst:2009037886" comment="helix-dbus-server less than 0.4.0-0.10"/> 2132 <criterion test_ref="oval:org.opensuse.security:tst:2009037887" comment="inkscape less than 0.43-20.15"/> 2133 <criterion test_ref="oval:org.opensuse.security:tst:2009037888" comment="libbeagle-32bit less than 0.2.16.3-1.12"/> 2134 <criterion test_ref="oval:org.opensuse.security:tst:2009037889" comment="libbeagle-devel less than 0.2.16.3-1.12"/> 2135 <criterion test_ref="oval:org.opensuse.security:tst:2009037890" comment="libbeagle less than 0.2.16.3-1.12"/> 2136 <criterion test_ref="oval:org.opensuse.security:tst:2009037891" comment="libgail-gnome-devel less than 1.1.3-41.13"/> 2137 <criterion test_ref="oval:org.opensuse.security:tst:2009037892" comment="libgail-gnome less than 1.1.3-41.13"/> 2138 <criterion test_ref="oval:org.opensuse.security:tst:2009037893" comment="libgdiplus less than 1.2.2-13.13"/> 2139 <criterion test_ref="oval:org.opensuse.security:tst:2009037894" comment="libipoddevice-32bit less than 0.5.2-1.17"/> 2140 <criterion test_ref="oval:org.opensuse.security:tst:2009037895" comment="libipoddevice less than 0.5.2-1.17"/> 2141 <criterion test_ref="oval:org.opensuse.security:tst:2009037896" comment="libsmbclient-32bit less than 3.0.24-2.23"/> 2142 <criterion test_ref="oval:org.opensuse.security:tst:2009037897" comment="libsmbclient-devel less than 3.0.24-2.23"/> 2143 <criterion test_ref="oval:org.opensuse.security:tst:2009037898" comment="libsmbclient less than 3.0.24-2.23"/> 2144 <criterion test_ref="oval:org.opensuse.security:tst:2009037899" comment="libtool-32bit less than 1.5.22-13.12"/> 2145 <criterion test_ref="oval:org.opensuse.security:tst:2009037900" comment="libtool less than 1.5.22-13.12"/> 2146 <criterion test_ref="oval:org.opensuse.security:tst:2009037901" comment="linphone-applet less than 1.2.0-16.14"/> 2147 <criterion test_ref="oval:org.opensuse.security:tst:2009037902" comment="linphone less than 1.2.0-16.14"/> 2148 <criterion test_ref="oval:org.opensuse.security:tst:2009037903" comment="openobex-devel less than 1.3-28.7"/> 2149 <criterion test_ref="oval:org.opensuse.security:tst:2009037904" comment="openobex less than 1.3-28.7"/> 2150 <criterion test_ref="oval:org.opensuse.security:tst:2009037905" comment="planner-devel less than 0.14.1-24.12"/> 2151 <criterion test_ref="oval:org.opensuse.security:tst:2009037906" comment="planner less than 0.14.1-24.12"/> 2152 <criterion test_ref="oval:org.opensuse.security:tst:2009037907" comment="pwlib-devel less than 1.10.4-0.10"/> 2153 <criterion test_ref="oval:org.opensuse.security:tst:2009037908" comment="pwlib less than 1.10.4-0.10"/> 2154 <criterion test_ref="oval:org.opensuse.security:tst:2009037909" comment="resapplet less than 0.1.4-5.20"/> 2155 <criterion test_ref="oval:org.opensuse.security:tst:2009037910" comment="rsvg-sharp less than 1.0.10-30.15"/> 2156 <criterion test_ref="oval:org.opensuse.security:tst:2009037911" comment="sabayon-admin less than 2.12.3-21.29"/> 2157 <criterion test_ref="oval:org.opensuse.security:tst:2009037912" comment="sabayon less than 2.12.3-21.29"/> 2158 <criterion test_ref="oval:org.opensuse.security:tst:2009037913" comment="samba-32bit less than 3.0.24-2.23"/> 2159 <criterion test_ref="oval:org.opensuse.security:tst:2009037914" comment="samba-client-32bit less than 3.0.24-2.23"/> 2160 <criterion test_ref="oval:org.opensuse.security:tst:2009037915" comment="samba-client less than 3.0.24-2.23"/> 2161 <criterion test_ref="oval:org.opensuse.security:tst:2009037916" comment="samba-doc less than 3.0.24-2.23"/> 2162 <criterion test_ref="oval:org.opensuse.security:tst:2009037917" comment="samba-krb-printing less than 3.0.24-2.23"/> 2163 <criterion test_ref="oval:org.opensuse.security:tst:2009037918" comment="samba-pdb less than 3.0.24-2.23"/> 2164 <criterion test_ref="oval:org.opensuse.security:tst:2009037919" comment="samba-vscan less than 0.3.6b-42.49"/> 2165 <criterion test_ref="oval:org.opensuse.security:tst:2009037920" comment="samba-winbind-32bit less than 3.0.24-2.23"/> 2166 <criterion test_ref="oval:org.opensuse.security:tst:2009037921" comment="samba-winbind less than 3.0.24-2.23"/> 2167 <criterion test_ref="oval:org.opensuse.security:tst:2009037922" comment="samba less than 3.0.24-2.23"/> 2168 <criterion test_ref="oval:org.opensuse.security:tst:2009037923" comment="tomboy less than 0.6.0-0.21"/> 2169 <criterion test_ref="oval:org.opensuse.security:tst:2009037924" comment="vte-sharp less than 1.0.10-30.15"/> 2170 <criterion test_ref="oval:org.opensuse.security:tst:2009037925" comment="wbxml2 less than 0.9.0-18.10"/> 2171 <criterion test_ref="oval:org.opensuse.security:tst:2009037926" comment="xgl-hardware-list less than 070326-0.5"/> 2172 <criterion test_ref="oval:org.opensuse.security:tst:2009037927" comment="xgl less than cvs_060522-0.32"/> 2173 </criteria> 2174 </criteria> 2175 </criteria> 2176 </definition> 2177 <definition id="oval:org.opensuse.security:def:20066101" version="1" class="vulnerability"> 2178 <metadata> 2179 <title>CVE-2006-6101</title> 2180 <affected family="unix"> 2181 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 2182 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 2183 </affected> 2184 <reference ref_id="CVE-2006-6101" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6101" source="CVE"/> 2185 <description> 2186 Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures. 2187 </description> 2188 </metadata> 2189 <!-- 7eda55a9d7bcfbc970fb40b2a369d418 --> 2190 <criteria operator="AND"> 2191 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 2192 <criteria operator="OR"> 2193 <criterion test_ref="oval:org.opensuse.security:tst:2009037717" comment="xorg-x11-devel-32bit less than 6.9.0-50.45"/> 2194 <criterion test_ref="oval:org.opensuse.security:tst:2009037718" comment="xorg-x11-devel less than 6.9.0-50.45"/> 2195 </criteria> 2196 </criteria> 2197 </definition> 2198 <definition id="oval:org.opensuse.security:def:20066102" version="1" class="vulnerability"> 2199 <metadata> 2200 <title>CVE-2006-6102</title> 2201 <affected family="unix"> 2202 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 2203 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 2204 </affected> 2205 <reference ref_id="CVE-2006-6102" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6102" source="CVE"/> 2206 <description> 2207 Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures. 2208 </description> 2209 </metadata> 2210 <criteria operator="OR"> 2211 <!-- 4a2735c6bf8dce53b13ee40593bb74c7 --> 2212 <criteria operator="AND"> 2213 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 2214 <criteria operator="OR"> 2215 <criterion test_ref="oval:org.opensuse.security:tst:2009041167" comment="OpenIPMI less than 2.0.7-35.10"/> 2216 <criterion test_ref="oval:org.opensuse.security:tst:2009041168" comment="bootsplash-theme-SuSE-NLD less than 3.1-69.17"/> 2217 <criterion test_ref="oval:org.opensuse.security:tst:2009041169" comment="glibc-32bit less than 2.4-31.30"/> 2218 <criterion test_ref="oval:org.opensuse.security:tst:2009041170" comment="glibc-devel-32bit less than 2.4-31.30"/> 2219 <criterion test_ref="oval:org.opensuse.security:tst:2009041171" comment="glibc-devel less than 2.4-31.30"/> 2220 <criterion test_ref="oval:org.opensuse.security:tst:2009041172" comment="glibc-html less than 2.4-31.30"/> 2221 <criterion test_ref="oval:org.opensuse.security:tst:2009041173" comment="glibc-i18ndata less than 2.4-31.30"/> 2222 <criterion test_ref="oval:org.opensuse.security:tst:2009041174" comment="glibc-info less than 2.4-31.30"/> 2223 <criterion test_ref="oval:org.opensuse.security:tst:2009041175" comment="glibc-locale-32bit less than 2.4-31.30"/> 2224 <criterion test_ref="oval:org.opensuse.security:tst:2009041176" comment="glibc-locale less than 2.4-31.30"/> 2225 <criterion test_ref="oval:org.opensuse.security:tst:2009041177" comment="glibc less than 2.4-31.30"/> 2226 <criterion test_ref="oval:org.opensuse.security:tst:2009041178" comment="grub less than 0.97-16.8"/> 2227 <criterion test_ref="oval:org.opensuse.security:tst:2009041179" comment="ipmitool less than 1.8.9-2.7"/> 2228 <criterion test_ref="oval:org.opensuse.security:tst:2009041180" comment="ivman less than 0.6.9-16.14"/> 2229 <criterion test_ref="oval:org.opensuse.security:tst:2009041181" comment="ksh less than 93r-12.28"/> 2230 <criterion test_ref="oval:org.opensuse.security:tst:2009041182" comment="lvm2 less than 2.02.17-7.9"/> 2231 <criterion test_ref="oval:org.opensuse.security:tst:2009041183" comment="nscd less than 2.4-31.30"/> 2232 <criterion test_ref="oval:org.opensuse.security:tst:2009041184" comment="timezone less than 2.4-31.30"/> 2233 <criterion test_ref="oval:org.opensuse.security:tst:2009041185" comment="xorg-x11-Xnest less than 6.9.0-50.45"/> 2234 <criterion test_ref="oval:org.opensuse.security:tst:2009041186" comment="xorg-x11-Xvfb less than 6.9.0-50.45"/> 2235 <criterion test_ref="oval:org.opensuse.security:tst:2009041187" comment="xorg-x11-Xvnc less than 6.9.0-50.45"/> 2236 <criterion test_ref="oval:org.opensuse.security:tst:2009037717" comment="xorg-x11-devel-32bit less than 6.9.0-50.45"/> 2237 <criterion test_ref="oval:org.opensuse.security:tst:2009037718" comment="xorg-x11-devel less than 6.9.0-50.45"/> 2238 <criterion test_ref="oval:org.opensuse.security:tst:2009041188" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.45"/> 2239 <criterion test_ref="oval:org.opensuse.security:tst:2009041189" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.45"/> 2240 <criterion test_ref="oval:org.opensuse.security:tst:2009041190" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.45"/> 2241 <criterion test_ref="oval:org.opensuse.security:tst:2009041191" comment="xorg-x11-fonts-scalable less than 6.9.0-50.45"/> 2242 <criterion test_ref="oval:org.opensuse.security:tst:2009041192" comment="xorg-x11-fonts-syriac less than 6.9.0-50.45"/> 2243 <criterion test_ref="oval:org.opensuse.security:tst:2009041193" comment="xorg-x11-libs-32bit less than 6.9.0-50.45"/> 2244 <criterion test_ref="oval:org.opensuse.security:tst:2009041194" comment="xorg-x11-libs less than 6.9.0-50.45"/> 2245 <criterion test_ref="oval:org.opensuse.security:tst:2009041195" comment="xorg-x11-man less than 6.9.0-50.45"/> 2246 <criterion test_ref="oval:org.opensuse.security:tst:2009041196" comment="xorg-x11-server-glx less than 6.9.0-50.45"/> 2247 <criterion test_ref="oval:org.opensuse.security:tst:2009041197" comment="xorg-x11-server less than 6.9.0-50.45"/> 2248 <criterion test_ref="oval:org.opensuse.security:tst:2009041198" comment="xorg-x11 less than 6.9.0-50.45"/> 2249 </criteria> 2250 </criteria> 2251 <!-- 7eda55a9d7bcfbc970fb40b2a369d418 --> 2252 <criteria operator="AND"> 2253 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 2254 <criteria operator="OR"> 2255 <criterion test_ref="oval:org.opensuse.security:tst:2009037717" comment="xorg-x11-devel-32bit less than 6.9.0-50.45"/> 2256 <criterion test_ref="oval:org.opensuse.security:tst:2009037718" comment="xorg-x11-devel less than 6.9.0-50.45"/> 2257 </criteria> 2258 </criteria> 2259 </criteria> 2260 </definition> 2261 <definition id="oval:org.opensuse.security:def:20066103" version="1" class="vulnerability"> 2262 <metadata> 2263 <title>CVE-2006-6103</title> 2264 <affected family="unix"> 2265 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 2266 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 2267 </affected> 2268 <reference ref_id="CVE-2006-6103" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6103" source="CVE"/> 2269 <description> 2270 Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures. 2271 </description> 2272 </metadata> 2273 <criteria operator="OR"> 2274 <!-- 4a2735c6bf8dce53b13ee40593bb74c7 --> 2275 <criteria operator="AND"> 2276 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 2277 <criteria operator="OR"> 2278 <criterion test_ref="oval:org.opensuse.security:tst:2009041167" comment="OpenIPMI less than 2.0.7-35.10"/> 2279 <criterion test_ref="oval:org.opensuse.security:tst:2009041168" comment="bootsplash-theme-SuSE-NLD less than 3.1-69.17"/> 2280 <criterion test_ref="oval:org.opensuse.security:tst:2009041169" comment="glibc-32bit less than 2.4-31.30"/> 2281 <criterion test_ref="oval:org.opensuse.security:tst:2009041170" comment="glibc-devel-32bit less than 2.4-31.30"/> 2282 <criterion test_ref="oval:org.opensuse.security:tst:2009041171" comment="glibc-devel less than 2.4-31.30"/> 2283 <criterion test_ref="oval:org.opensuse.security:tst:2009041172" comment="glibc-html less than 2.4-31.30"/> 2284 <criterion test_ref="oval:org.opensuse.security:tst:2009041173" comment="glibc-i18ndata less than 2.4-31.30"/> 2285 <criterion test_ref="oval:org.opensuse.security:tst:2009041174" comment="glibc-info less than 2.4-31.30"/> 2286 <criterion test_ref="oval:org.opensuse.security:tst:2009041175" comment="glibc-locale-32bit less than 2.4-31.30"/> 2287 <criterion test_ref="oval:org.opensuse.security:tst:2009041176" comment="glibc-locale less than 2.4-31.30"/> 2288 <criterion test_ref="oval:org.opensuse.security:tst:2009041177" comment="glibc less than 2.4-31.30"/> 2289 <criterion test_ref="oval:org.opensuse.security:tst:2009041178" comment="grub less than 0.97-16.8"/> 2290 <criterion test_ref="oval:org.opensuse.security:tst:2009041179" comment="ipmitool less than 1.8.9-2.7"/> 2291 <criterion test_ref="oval:org.opensuse.security:tst:2009041180" comment="ivman less than 0.6.9-16.14"/> 2292 <criterion test_ref="oval:org.opensuse.security:tst:2009041181" comment="ksh less than 93r-12.28"/> 2293 <criterion test_ref="oval:org.opensuse.security:tst:2009041182" comment="lvm2 less than 2.02.17-7.9"/> 2294 <criterion test_ref="oval:org.opensuse.security:tst:2009041183" comment="nscd less than 2.4-31.30"/> 2295 <criterion test_ref="oval:org.opensuse.security:tst:2009041184" comment="timezone less than 2.4-31.30"/> 2296 <criterion test_ref="oval:org.opensuse.security:tst:2009041185" comment="xorg-x11-Xnest less than 6.9.0-50.45"/> 2297 <criterion test_ref="oval:org.opensuse.security:tst:2009041186" comment="xorg-x11-Xvfb less than 6.9.0-50.45"/> 2298 <criterion test_ref="oval:org.opensuse.security:tst:2009041187" comment="xorg-x11-Xvnc less than 6.9.0-50.45"/> 2299 <criterion test_ref="oval:org.opensuse.security:tst:2009037717" comment="xorg-x11-devel-32bit less than 6.9.0-50.45"/> 2300 <criterion test_ref="oval:org.opensuse.security:tst:2009037718" comment="xorg-x11-devel less than 6.9.0-50.45"/> 2301 <criterion test_ref="oval:org.opensuse.security:tst:2009041188" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.45"/> 2302 <criterion test_ref="oval:org.opensuse.security:tst:2009041189" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.45"/> 2303 <criterion test_ref="oval:org.opensuse.security:tst:2009041190" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.45"/> 2304 <criterion test_ref="oval:org.opensuse.security:tst:2009041191" comment="xorg-x11-fonts-scalable less than 6.9.0-50.45"/> 2305 <criterion test_ref="oval:org.opensuse.security:tst:2009041192" comment="xorg-x11-fonts-syriac less than 6.9.0-50.45"/> 2306 <criterion test_ref="oval:org.opensuse.security:tst:2009041193" comment="xorg-x11-libs-32bit less than 6.9.0-50.45"/> 2307 <criterion test_ref="oval:org.opensuse.security:tst:2009041194" comment="xorg-x11-libs less than 6.9.0-50.45"/> 2308 <criterion test_ref="oval:org.opensuse.security:tst:2009041195" comment="xorg-x11-man less than 6.9.0-50.45"/> 2309 <criterion test_ref="oval:org.opensuse.security:tst:2009041196" comment="xorg-x11-server-glx less than 6.9.0-50.45"/> 2310 <criterion test_ref="oval:org.opensuse.security:tst:2009041197" comment="xorg-x11-server less than 6.9.0-50.45"/> 2311 <criterion test_ref="oval:org.opensuse.security:tst:2009041198" comment="xorg-x11 less than 6.9.0-50.45"/> 2312 </criteria> 2313 </criteria> 2314 <!-- 7eda55a9d7bcfbc970fb40b2a369d418 --> 2315 <criteria operator="AND"> 2316 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 2317 <criteria operator="OR"> 2318 <criterion test_ref="oval:org.opensuse.security:tst:2009037717" comment="xorg-x11-devel-32bit less than 6.9.0-50.45"/> 2319 <criterion test_ref="oval:org.opensuse.security:tst:2009037718" comment="xorg-x11-devel less than 6.9.0-50.45"/> 2320 </criteria> 2321 </criteria> 2322 </criteria> 2323 </definition> 2324 <definition id="oval:org.opensuse.security:def:20066143" version="1" class="vulnerability"> 2325 <metadata> 2326 <title>CVE-2006-6143</title> 2327 <affected family="unix"> 2328 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 2329 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 2330 </affected> 2331 <reference ref_id="CVE-2006-6143" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6143" source="CVE"/> 2332 <description> 2333 The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. 2334 </description> 2335 </metadata> 2336 <!-- b7c2f798262596164eb287796a54bdb1 --> 2337 <criteria operator="AND"> 2338 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 2339 <criteria operator="OR"> 2340 <criterion test_ref="oval:org.opensuse.security:tst:2009041840" comment="CheckHardware less than 0.1-988.11"/> 2341 <criterion test_ref="oval:org.opensuse.security:tst:2009041841" comment="aaa_base less than 10-12.26"/> 2342 <criterion test_ref="oval:org.opensuse.security:tst:2009041842" comment="acl less than 2.2.41-0.7"/> 2343 <criterion test_ref="oval:org.opensuse.security:tst:2009041843" comment="at less than 3.1.8-921.16"/> 2344 <criterion test_ref="oval:org.opensuse.security:tst:2009041844" comment="attr less than 2.4.34-0.7"/> 2345 <criterion test_ref="oval:org.opensuse.security:tst:2009041845" comment="autofs less than 4.1.4-23.14"/> 2346 <criterion test_ref="oval:org.opensuse.security:tst:2009041846" comment="autoyast2-installation less than 2.13.95-0.8"/> 2347 <criterion test_ref="oval:org.opensuse.security:tst:2009041847" comment="autoyast2 less than 2.13.95-0.8"/> 2348 <criterion test_ref="oval:org.opensuse.security:tst:2009041848" comment="bash less than 3.1-24.14"/> 2349 <criterion test_ref="oval:org.opensuse.security:tst:2009041849" comment="bind-libs-32bit less than 9.3.4-1.8"/> 2350 <criterion test_ref="oval:org.opensuse.security:tst:2009041850" comment="bind-libs less than 9.3.4-1.8"/> 2351 <criterion test_ref="oval:org.opensuse.security:tst:2009041851" comment="bind-utils less than 9.3.4-1.8"/> 2352 <criterion test_ref="oval:org.opensuse.security:tst:2009041852" comment="binutils-32bit less than 2.16.91.0.5-23.20"/> 2353 <criterion test_ref="oval:org.opensuse.security:tst:2009041853" comment="binutils less than 2.16.91.0.5-23.20"/> 2354 <criterion test_ref="oval:org.opensuse.security:tst:2009041854" comment="coreutils less than 5.93-22.14"/> 2355 <criterion test_ref="oval:org.opensuse.security:tst:2009041855" comment="cpio less than 2.6-19.12"/> 2356 <criterion test_ref="oval:org.opensuse.security:tst:2009041856" comment="cron less than 4.1-45.15"/> 2357 <criterion test_ref="oval:org.opensuse.security:tst:2009041857" comment="dbus-1-32bit less than 0.60-33.13"/> 2358 <criterion test_ref="oval:org.opensuse.security:tst:2009041858" comment="dbus-1-devel less than 0.60-33.13"/> 2359 <criterion test_ref="oval:org.opensuse.security:tst:2009041859" comment="dbus-1-glib-32bit less than 0.60-33.13"/> 2360 <criterion test_ref="oval:org.opensuse.security:tst:2009041860" comment="dbus-1-glib less than 0.60-33.13"/> 2361 <criterion test_ref="oval:org.opensuse.security:tst:2009041861" comment="dbus-1-gtk less than 0.60-33.16"/> 2362 <criterion test_ref="oval:org.opensuse.security:tst:2009041862" comment="dbus-1-mono less than 0.60-33.16"/> 2363 <criterion test_ref="oval:org.opensuse.security:tst:2009041863" comment="dbus-1-python less than 0.60-33.16"/> 2364 <criterion test_ref="oval:org.opensuse.security:tst:2009041864" comment="dbus-1-qt3-32bit less than 0.60-33.16"/> 2365 <criterion test_ref="oval:org.opensuse.security:tst:2009041865" comment="dbus-1-qt3-devel less than 0.60-33.16"/> 2366 <criterion test_ref="oval:org.opensuse.security:tst:2009041866" comment="dbus-1-qt3 less than 0.60-33.16"/> 2367 <criterion test_ref="oval:org.opensuse.security:tst:2009041867" comment="dbus-1-x11 less than 0.60-33.16"/> 2368 <criterion test_ref="oval:org.opensuse.security:tst:2009041868" comment="dbus-1 less than 0.60-33.13"/> 2369 <criterion test_ref="oval:org.opensuse.security:tst:2009041869" comment="desktop-translations less than 10.1-40.28"/> 2370 <criterion test_ref="oval:org.opensuse.security:tst:2009041870" comment="diffutils less than 2.8.7-17.14"/> 2371 <criterion test_ref="oval:org.opensuse.security:tst:2009041871" comment="dmraid less than 0.99_1.0.0rc13-0.8"/> 2372 <criterion test_ref="oval:org.opensuse.security:tst:2009041872" comment="dosfstools less than 2.11-15.10"/> 2373 <criterion test_ref="oval:org.opensuse.security:tst:2009041873" comment="e2fsprogs-32bit less than 1.38-25.21"/> 2374 <criterion test_ref="oval:org.opensuse.security:tst:2009041874" comment="e2fsprogs-devel-32bit less than 1.38-25.21"/> 2375 <criterion test_ref="oval:org.opensuse.security:tst:2009041875" comment="e2fsprogs-devel less than 1.38-25.21"/> 2376 <criterion test_ref="oval:org.opensuse.security:tst:2009041876" comment="e2fsprogs less than 1.38-25.21"/> 2377 <criterion test_ref="oval:org.opensuse.security:tst:2009041877" comment="filesystem less than 10-1.12"/> 2378 <criterion test_ref="oval:org.opensuse.security:tst:2009041878" comment="findutils-locate less than 4.2.27-14.10"/> 2379 <criterion test_ref="oval:org.opensuse.security:tst:2009041879" comment="findutils less than 4.2.27-14.10"/> 2380 <criterion test_ref="oval:org.opensuse.security:tst:2009041880" comment="grep less than 2.5.1a-20.11"/> 2381 <criterion test_ref="oval:org.opensuse.security:tst:2009041881" comment="hal-32bit less than 0.5.6-33.26"/> 2382 <criterion test_ref="oval:org.opensuse.security:tst:2009041882" comment="hal-devel less than 0.5.6-33.26"/> 2383 <criterion test_ref="oval:org.opensuse.security:tst:2009041883" comment="hal-gnome less than 0.5.6-33.26"/> 2384 <criterion test_ref="oval:org.opensuse.security:tst:2009041884" comment="hal less than 0.5.6-33.26"/> 2385 <criterion test_ref="oval:org.opensuse.security:tst:2009041885" comment="hwinfo-devel less than 12.46-0.5"/> 2386 <criterion test_ref="oval:org.opensuse.security:tst:2009041886" comment="hwinfo less than 12.46-0.5"/> 2387 <criterion test_ref="oval:org.opensuse.security:tst:2009041887" comment="insserv less than 1.04.0-20.13"/> 2388 <criterion test_ref="oval:org.opensuse.security:tst:2009041888" comment="iputils less than ss021109-167.10"/> 2389 <criterion test_ref="oval:org.opensuse.security:tst:2009041889" comment="klogd less than 1.4.1-559.12"/> 2390 <criterion test_ref="oval:org.opensuse.security:tst:2009041890" comment="krb5-32bit less than 1.4.3-19.17"/> 2391 <criterion test_ref="oval:org.opensuse.security:tst:2009041891" comment="krb5-client less than 1.4.3-19.17"/> 2392 <criterion test_ref="oval:org.opensuse.security:tst:2009041892" comment="krb5-devel-32bit less than 1.4.3-19.17"/> 2393 <criterion test_ref="oval:org.opensuse.security:tst:2009041893" comment="krb5-devel less than 1.4.3-19.17"/> 2394 <criterion test_ref="oval:org.opensuse.security:tst:2009041894" comment="krb5 less than 1.4.3-19.17"/> 2395 <criterion test_ref="oval:org.opensuse.security:tst:2009041895" comment="ldapcpplib less than 0.0.4-14.13"/> 2396 <criterion test_ref="oval:org.opensuse.security:tst:2009041896" comment="libacl-32bit less than 2.2.41-0.7"/> 2397 <criterion test_ref="oval:org.opensuse.security:tst:2009041897" comment="libacl-devel less than 2.2.41-0.7"/> 2398 <criterion test_ref="oval:org.opensuse.security:tst:2009041898" comment="libacl less than 2.2.41-0.7"/> 2399 <criterion test_ref="oval:org.opensuse.security:tst:2009041899" comment="libattr-32bit less than 2.4.34-0.7"/> 2400 <criterion test_ref="oval:org.opensuse.security:tst:2009041900" comment="libattr-devel less than 2.4.34-0.7"/> 2401 <criterion test_ref="oval:org.opensuse.security:tst:2009041901" comment="libattr less than 2.4.34-0.7"/> 2402 <criterion test_ref="oval:org.opensuse.security:tst:2009041902" comment="libcom_err-32bit less than 1.38-25.21"/> 2403 <criterion test_ref="oval:org.opensuse.security:tst:2009041903" comment="libcom_err less than 1.38-25.21"/> 2404 <criterion test_ref="oval:org.opensuse.security:tst:2009041904" comment="liby2util less than 2.13.8-0.12"/> 2405 <criterion test_ref="oval:org.opensuse.security:tst:2009041905" comment="libzypp-zmd-backend less than 7.1.1.0_0.8-0.16"/> 2406 <criterion test_ref="oval:org.opensuse.security:tst:2009041906" comment="libzypp less than 2.15.10-0.4"/> 2407 <criterion test_ref="oval:org.opensuse.security:tst:2009041907" comment="lilo less than 22.7-19.12"/> 2408 <criterion test_ref="oval:org.opensuse.security:tst:2009041908" comment="limal-bootloader less than 1.1.50-0.12"/> 2409 <criterion test_ref="oval:org.opensuse.security:tst:2009041909" comment="limal-perl less than 1.1.56-0.6"/> 2410 <criterion test_ref="oval:org.opensuse.security:tst:2009041910" comment="limal less than 1.1.56-0.6"/> 2411 <criterion test_ref="oval:org.opensuse.security:tst:2009041911" comment="mailx less than 11.25-14.14"/> 2412 <criterion test_ref="oval:org.opensuse.security:tst:2009041912" comment="mcelog less than 0.7-2.12"/> 2413 <criterion test_ref="oval:org.opensuse.security:tst:2009041913" comment="mdadm less than 2.6-0.11"/> 2414 <criterion test_ref="oval:org.opensuse.security:tst:2009041914" comment="microcode_ctl less than 1.15-12.8"/> 2415 <criterion test_ref="oval:org.opensuse.security:tst:2009041915" comment="mkinitrd less than 1.2-106.52"/> 2416 <criterion test_ref="oval:org.opensuse.security:tst:2009041916" comment="module-init-tools less than 3.2.2-32.27"/> 2417 <criterion test_ref="oval:org.opensuse.security:tst:2009041917" comment="multipath-tools less than 0.4.7-34.18"/> 2418 <criterion test_ref="oval:org.opensuse.security:tst:2009041918" comment="ncurses-32bit less than 5.5-18.11"/> 2419 <criterion test_ref="oval:org.opensuse.security:tst:2009041919" comment="ncurses-devel-32bit less than 5.5-18.11"/> 2420 <criterion test_ref="oval:org.opensuse.security:tst:2009041920" comment="ncurses-devel less than 5.5-18.11"/> 2421 <criterion test_ref="oval:org.opensuse.security:tst:2009041921" comment="ncurses less than 5.5-18.11"/> 2422 <criterion test_ref="oval:org.opensuse.security:tst:2009041922" comment="nfs-utils less than 1.0.7-36.21"/> 2423 <criterion test_ref="oval:org.opensuse.security:tst:2009041923" comment="nfsidmap less than 0.12-16.12"/> 2424 <criterion test_ref="oval:org.opensuse.security:tst:2009041924" comment="openldap2-client-32bit less than 2.3.32-0.10"/> 2425 <criterion test_ref="oval:org.opensuse.security:tst:2009041925" comment="openldap2-client less than 2.3.32-0.10"/> 2426 <criterion test_ref="oval:org.opensuse.security:tst:2009041926" comment="openldap2-devel-32bit less than 2.3.32-0.10"/> 2427 <criterion test_ref="oval:org.opensuse.security:tst:2009041927" comment="openldap2-devel less than 2.3.32-0.10"/> 2428 <criterion test_ref="oval:org.opensuse.security:tst:2009041928" comment="openldap2 less than 2.3.32-0.10"/> 2429 <criterion test_ref="oval:org.opensuse.security:tst:2009041929" comment="openssh-askpass less than 4.2p1-18.25"/> 2430 <criterion test_ref="oval:org.opensuse.security:tst:2009041930" comment="openssh less than 4.2p1-18.25"/> 2431 <criterion test_ref="oval:org.opensuse.security:tst:2009041931" comment="pam-32bit less than 0.99.6.3-28.8"/> 2432 <criterion test_ref="oval:org.opensuse.security:tst:2009041932" comment="pam-devel less than 0.99.6.3-28.8"/> 2433 <criterion test_ref="oval:org.opensuse.security:tst:2009041933" comment="pam-modules-32bit less than 10-2.11"/> 2434 <criterion test_ref="oval:org.opensuse.security:tst:2009041934" comment="pam-modules less than 10-2.11"/> 2435 <criterion test_ref="oval:org.opensuse.security:tst:2009041935" comment="pam less than 0.99.6.3-28.8"/> 2436 <criterion test_ref="oval:org.opensuse.security:tst:2009041936" comment="parted-32bit less than 1.6.25.1-15.13"/> 2437 <criterion test_ref="oval:org.opensuse.security:tst:2009041937" comment="parted less than 1.6.25.1-15.13"/> 2438 <criterion test_ref="oval:org.opensuse.security:tst:2009041938" comment="pciutils less than 2.2.4-16.9"/> 2439 <criterion test_ref="oval:org.opensuse.security:tst:2009041939" comment="pcsc-lite-devel less than 1.2.9_beta9-17.10"/> 2440 <criterion test_ref="oval:org.opensuse.security:tst:2009041940" comment="pcsc-lite less than 1.2.9_beta9-17.10"/> 2441 <criterion test_ref="oval:org.opensuse.security:tst:2009041941" comment="perl-Bootloader less than 0.4.15-0.6"/> 2442 <criterion test_ref="oval:org.opensuse.security:tst:2009041942" comment="permissions less than 2007.2.15-0.7"/> 2443 <criterion test_ref="oval:org.opensuse.security:tst:2009041943" comment="popt-32bit less than 1.7-271.19"/> 2444 <criterion test_ref="oval:org.opensuse.security:tst:2009041944" comment="popt-devel-32bit less than 1.7-271.19"/> 2445 <criterion test_ref="oval:org.opensuse.security:tst:2009041945" comment="popt-devel less than 1.7-271.19"/> 2446 <criterion test_ref="oval:org.opensuse.security:tst:2009041946" comment="popt less than 1.7-271.19"/> 2447 <criterion test_ref="oval:org.opensuse.security:tst:2009041947" comment="portmap less than 5beta-749.10"/> 2448 <criterion test_ref="oval:org.opensuse.security:tst:2009041948" comment="postfix less than 2.2.9-10.18"/> 2449 <criterion test_ref="oval:org.opensuse.security:tst:2009041949" comment="powersave-libs-32bit less than 0.12.26-0.6"/> 2450 <criterion test_ref="oval:org.opensuse.security:tst:2009041950" comment="powersave-libs less than 0.12.26-0.6"/> 2451 <criterion test_ref="oval:org.opensuse.security:tst:2009041951" comment="powersave less than 0.12.26-0.6"/> 2452 <criterion test_ref="oval:org.opensuse.security:tst:2009041952" comment="procinfo less than 18-55.12"/> 2453 <criterion test_ref="oval:org.opensuse.security:tst:2009041953" comment="pwdutils less than 3.0.7.1-17.24"/> 2454 <criterion test_ref="oval:org.opensuse.security:tst:2009041954" comment="readline-32bit less than 5.1-24.13"/> 2455 <criterion test_ref="oval:org.opensuse.security:tst:2009041955" comment="readline-devel-32bit less than 5.1-24.13"/> 2456 <criterion test_ref="oval:org.opensuse.security:tst:2009041956" comment="readline-devel less than 5.1-24.13"/> 2457 <criterion test_ref="oval:org.opensuse.security:tst:2009041957" comment="readline less than 5.1-24.13"/> 2458 <criterion test_ref="oval:org.opensuse.security:tst:2009041958" comment="reiserfs less than 3.6.19-19.12"/> 2459 <criterion test_ref="oval:org.opensuse.security:tst:2009041959" comment="rpm-devel less than 4.4.2-43.19"/> 2460 <criterion test_ref="oval:org.opensuse.security:tst:2009041960" comment="rpm-python less than 4.4.2-43.19"/> 2461 <criterion test_ref="oval:org.opensuse.security:tst:2009041961" comment="rpm less than 4.4.2-43.19"/> 2462 <criterion test_ref="oval:org.opensuse.security:tst:2009041962" comment="rug less than 7.2.0.0-0.8"/> 2463 <criterion test_ref="oval:org.opensuse.security:tst:2009041963" comment="scpm-devel less than 1.1.3-18.16"/> 2464 <criterion test_ref="oval:org.opensuse.security:tst:2009041964" comment="scpm less than 1.1.3-18.16"/> 2465 <criterion test_ref="oval:org.opensuse.security:tst:2009041965" comment="screen less than 4.0.2-62.14"/> 2466 <criterion test_ref="oval:org.opensuse.security:tst:2009041966" comment="scsi less than 1.7_2.36_1.19_0.17_0.97-12.14"/> 2467 <criterion test_ref="oval:org.opensuse.security:tst:2009041967" comment="sed less than 4.1.4-17.11"/> 2468 <criterion test_ref="oval:org.opensuse.security:tst:2009041968" comment="sled-release less than 10-9.22"/> 2469 <criterion test_ref="oval:org.opensuse.security:tst:2009041969" comment="sudo less than 1.6.8p12-18.14"/> 2470 <criterion test_ref="oval:org.opensuse.security:tst:2009041970" comment="suseRegister less than 1.2-9.26"/> 2471 <criterion test_ref="oval:org.opensuse.security:tst:2009041971" comment="sysconfig less than 0.50.9-13.25"/> 2472 <criterion test_ref="oval:org.opensuse.security:tst:2009041972" comment="sysfsutils-32bit less than 1.3.0-16.10"/> 2473 <criterion test_ref="oval:org.opensuse.security:tst:2009041973" comment="sysfsutils less than 1.3.0-16.10"/> 2474 <criterion test_ref="oval:org.opensuse.security:tst:2009041974" comment="syslinux less than 3.11-20.11"/> 2475 <criterion test_ref="oval:org.opensuse.security:tst:2009041975" comment="sysvinit less than 2.86-21.15"/> 2476 <criterion test_ref="oval:org.opensuse.security:tst:2009041976" comment="terminfo less than 5.5-18.11"/> 2477 <criterion test_ref="oval:org.opensuse.security:tst:2009041977" comment="udev less than 085-30.37"/> 2478 <criterion test_ref="oval:org.opensuse.security:tst:2009041978" comment="ulimit less than 1.1-146.10"/> 2479 <criterion test_ref="oval:org.opensuse.security:tst:2009041979" comment="update-desktop-files less than 10.1-40.28"/> 2480 <criterion test_ref="oval:org.opensuse.security:tst:2009041980" comment="util-linux less than 2.12r-35.22"/> 2481 <criterion test_ref="oval:org.opensuse.security:tst:2009041981" comment="wireless-tools less than 28pre13-22.12"/> 2482 <criterion test_ref="oval:org.opensuse.security:tst:2009041982" comment="xfsprogs less than 2.8.16-0.10"/> 2483 <criterion test_ref="oval:org.opensuse.security:tst:2009041983" comment="xntp less than 4.2.0a-70.14"/> 2484 <criterion test_ref="oval:org.opensuse.security:tst:2009041984" comment="yast2-backup less than 2.13.5-0.12"/> 2485 <criterion test_ref="oval:org.opensuse.security:tst:2009041985" comment="yast2-bootloader less than 2.13.97-0.4"/> 2486 <criterion test_ref="oval:org.opensuse.security:tst:2009041986" comment="yast2-core less than 2.13.39-0.3"/> 2487 <criterion test_ref="oval:org.opensuse.security:tst:2009041987" comment="yast2-country less than 2.13.52-0.9"/> 2488 <criterion test_ref="oval:org.opensuse.security:tst:2009041988" comment="yast2-firewall less than 2.13.15-0.10"/> 2489 <criterion test_ref="oval:org.opensuse.security:tst:2009041989" comment="yast2-hardware-detection less than 2.13.7-0.9"/> 2490 <criterion test_ref="oval:org.opensuse.security:tst:2009041990" comment="yast2-inetd less than 2.13.8-0.6"/> 2491 <criterion test_ref="oval:org.opensuse.security:tst:2009041991" comment="yast2-installation less than 2.13.192-0.4"/> 2492 <criterion test_ref="oval:org.opensuse.security:tst:2009041992" comment="yast2-irda less than 2.13.3-0.11"/> 2493 <criterion test_ref="oval:org.opensuse.security:tst:2009041993" comment="yast2-kerberos-client less than 2.13.11-0.10"/> 2494 <criterion test_ref="oval:org.opensuse.security:tst:2009041994" comment="yast2-ldap-client less than 2.13.27-0.11"/> 2495 <criterion test_ref="oval:org.opensuse.security:tst:2009041995" comment="yast2-ldap less than 2.13.5-1.11"/> 2496 <criterion test_ref="oval:org.opensuse.security:tst:2009041996" comment="yast2-mail-aliases less than 2.13.8-0.11"/> 2497 <criterion test_ref="oval:org.opensuse.security:tst:2009041997" comment="yast2-mail less than 2.13.8-0.11"/> 2498 <criterion test_ref="oval:org.opensuse.security:tst:2009041998" comment="yast2-ncurses less than 2.13.66-0.12"/> 2499 <criterion test_ref="oval:org.opensuse.security:tst:2009041999" comment="yast2-network less than 2.13.98-0.7"/> 2500 <criterion test_ref="oval:org.opensuse.security:tst:2009042000" comment="yast2-nfs-client less than 2.13.4-0.11"/> 2501 <criterion test_ref="oval:org.opensuse.security:tst:2009042001" comment="yast2-nis-client less than 2.13.8-0.11"/> 2502 <criterion test_ref="oval:org.opensuse.security:tst:2009042002" comment="yast2-ntp-client less than 2.13.17-0.10"/> 2503 <criterion test_ref="oval:org.opensuse.security:tst:2009042003" comment="yast2-online-update-frontend less than 2.13.59-0.3"/> 2504 <criterion test_ref="oval:org.opensuse.security:tst:2009042004" comment="yast2-online-update less than 2.13.59-0.3"/> 2505 <criterion test_ref="oval:org.opensuse.security:tst:2009042005" comment="yast2-packager less than 2.13.175-0.5"/> 2506 <criterion test_ref="oval:org.opensuse.security:tst:2009042006" comment="yast2-pam less than 2.13.5-0.11"/> 2507 <criterion test_ref="oval:org.opensuse.security:tst:2009042007" comment="yast2-perl-bindings less than 2.13.11-0.17"/> 2508 <criterion test_ref="oval:org.opensuse.security:tst:2009042008" comment="yast2-pkg-bindings less than 2.13.117-0.13"/> 2509 <criterion test_ref="oval:org.opensuse.security:tst:2009042009" comment="yast2-power-management less than 2.13.9-0.9"/> 2510 <criterion test_ref="oval:org.opensuse.security:tst:2009042010" comment="yast2-powertweak less than 2.13.8-0.10"/> 2511 <criterion test_ref="oval:org.opensuse.security:tst:2009042011" comment="yast2-printer less than 2.13.32-1.13"/> 2512 <criterion test_ref="oval:org.opensuse.security:tst:2009042012" comment="yast2-profile-manager less than 2.13.6-0.12"/> 2513 <criterion test_ref="oval:org.opensuse.security:tst:2009042013" comment="yast2-repair less than 2.13.10-0.13"/> 2514 <criterion test_ref="oval:org.opensuse.security:tst:2009042014" comment="yast2-restore less than 2.13.2-0.13"/> 2515 <criterion test_ref="oval:org.opensuse.security:tst:2009042015" comment="yast2-runlevel less than 2.13.11-0.11"/> 2516 <criterion test_ref="oval:org.opensuse.security:tst:2009042016" comment="yast2-samba-client less than 2.13.36-0.8"/> 2517 <criterion test_ref="oval:org.opensuse.security:tst:2009042017" comment="yast2-schema less than 2.13.5-0.13"/> 2518 <criterion test_ref="oval:org.opensuse.security:tst:2009042018" comment="yast2-security less than 2.13.7-0.11"/> 2519 <criterion test_ref="oval:org.opensuse.security:tst:2009042019" comment="yast2-slp less than 2.13.4-0.17"/> 2520 <criterion test_ref="oval:org.opensuse.security:tst:2009042020" comment="yast2-storage-lib less than 2.13.94-0.4"/> 2521 <criterion test_ref="oval:org.opensuse.security:tst:2009042021" comment="yast2-storage less than 2.13.94-0.4"/> 2522 <criterion test_ref="oval:org.opensuse.security:tst:2009042022" comment="yast2-support less than 2.13.6-0.10"/> 2523 <criterion test_ref="oval:org.opensuse.security:tst:2009042023" comment="yast2-sysconfig less than 2.13.8-0.10"/> 2524 <criterion test_ref="oval:org.opensuse.security:tst:2009042024" comment="yast2-theme-NLD less than 0.4.5-3.20"/> 2525 <criterion test_ref="oval:org.opensuse.security:tst:2009042025" comment="yast2-trans-stats less than 2.11.0-21.18"/> 2526 <criterion test_ref="oval:org.opensuse.security:tst:2009042026" comment="yast2-transfer less than 2.13.4-0.10"/> 2527 <criterion test_ref="oval:org.opensuse.security:tst:2009042027" comment="yast2-tune less than 2.13.12-0.8"/> 2528 <criterion test_ref="oval:org.opensuse.security:tst:2009042028" comment="yast2-tv less than 2.13.9-0.11"/> 2529 <criterion test_ref="oval:org.opensuse.security:tst:2009042029" comment="yast2-update less than 2.13.52-0.4"/> 2530 <criterion test_ref="oval:org.opensuse.security:tst:2009042030" comment="yast2-users less than 2.13.55-0.4"/> 2531 <criterion test_ref="oval:org.opensuse.security:tst:2009042031" comment="yast2-vm less than 2.13.77-0.4"/> 2532 <criterion test_ref="oval:org.opensuse.security:tst:2009042032" comment="yast2-xml less than 2.13.4-0.8"/> 2533 <criterion test_ref="oval:org.opensuse.security:tst:2009042033" comment="yast2 less than 2.13.104-0.7"/> 2534 <criterion test_ref="oval:org.opensuse.security:tst:2009042034" comment="zmd-inventory less than 7.2.0-0.9"/> 2535 <criterion test_ref="oval:org.opensuse.security:tst:2009042035" comment="zmd less than 7.2.0.0-0.13"/> 2536 <criterion test_ref="oval:org.opensuse.security:tst:2009042036" comment="zypper less than 0.6.17-0.16"/> 2537 </criteria> 2538 </criteria> 2539 </definition> 2540 <definition id="oval:org.opensuse.security:def:20066144" version="1" class="vulnerability"> 2541 <metadata> 2542 <title>CVE-2006-6144</title> 2543 <affected family="unix"> 2544 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 2545 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 2546 </affected> 2547 <reference ref_id="CVE-2006-6144" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6144" source="CVE"/> 2548 <description> 2549 The "mechglue" abstraction interface of the GSS-API library for Kerberos 5 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, allows remote attackers to cause a denial of service (crash) via unspecified vectors that cause mechglue to free uninitialized pointers. 2550 </description> 2551 </metadata> 2552 <!-- b7c2f798262596164eb287796a54bdb1 --> 2553 <criteria operator="AND"> 2554 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 2555 <criteria operator="OR"> 2556 <criterion test_ref="oval:org.opensuse.security:tst:2009041840" comment="CheckHardware less than 0.1-988.11"/> 2557 <criterion test_ref="oval:org.opensuse.security:tst:2009041841" comment="aaa_base less than 10-12.26"/> 2558 <criterion test_ref="oval:org.opensuse.security:tst:2009041842" comment="acl less than 2.2.41-0.7"/> 2559 <criterion test_ref="oval:org.opensuse.security:tst:2009041843" comment="at less than 3.1.8-921.16"/> 2560 <criterion test_ref="oval:org.opensuse.security:tst:2009041844" comment="attr less than 2.4.34-0.7"/> 2561 <criterion test_ref="oval:org.opensuse.security:tst:2009041845" comment="autofs less than 4.1.4-23.14"/> 2562 <criterion test_ref="oval:org.opensuse.security:tst:2009041846" comment="autoyast2-installation less than 2.13.95-0.8"/> 2563 <criterion test_ref="oval:org.opensuse.security:tst:2009041847" comment="autoyast2 less than 2.13.95-0.8"/> 2564 <criterion test_ref="oval:org.opensuse.security:tst:2009041848" comment="bash less than 3.1-24.14"/> 2565 <criterion test_ref="oval:org.opensuse.security:tst:2009041849" comment="bind-libs-32bit less than 9.3.4-1.8"/> 2566 <criterion test_ref="oval:org.opensuse.security:tst:2009041850" comment="bind-libs less than 9.3.4-1.8"/> 2567 <criterion test_ref="oval:org.opensuse.security:tst:2009041851" comment="bind-utils less than 9.3.4-1.8"/> 2568 <criterion test_ref="oval:org.opensuse.security:tst:2009041852" comment="binutils-32bit less than 2.16.91.0.5-23.20"/> 2569 <criterion test_ref="oval:org.opensuse.security:tst:2009041853" comment="binutils less than 2.16.91.0.5-23.20"/> 2570 <criterion test_ref="oval:org.opensuse.security:tst:2009041854" comment="coreutils less than 5.93-22.14"/> 2571 <criterion test_ref="oval:org.opensuse.security:tst:2009041855" comment="cpio less than 2.6-19.12"/> 2572 <criterion test_ref="oval:org.opensuse.security:tst:2009041856" comment="cron less than 4.1-45.15"/> 2573 <criterion test_ref="oval:org.opensuse.security:tst:2009041857" comment="dbus-1-32bit less than 0.60-33.13"/> 2574 <criterion test_ref="oval:org.opensuse.security:tst:2009041858" comment="dbus-1-devel less than 0.60-33.13"/> 2575 <criterion test_ref="oval:org.opensuse.security:tst:2009041859" comment="dbus-1-glib-32bit less than 0.60-33.13"/> 2576 <criterion test_ref="oval:org.opensuse.security:tst:2009041860" comment="dbus-1-glib less than 0.60-33.13"/> 2577 <criterion test_ref="oval:org.opensuse.security:tst:2009041861" comment="dbus-1-gtk less than 0.60-33.16"/> 2578 <criterion test_ref="oval:org.opensuse.security:tst:2009041862" comment="dbus-1-mono less than 0.60-33.16"/> 2579 <criterion test_ref="oval:org.opensuse.security:tst:2009041863" comment="dbus-1-python less than 0.60-33.16"/> 2580 <criterion test_ref="oval:org.opensuse.security:tst:2009041864" comment="dbus-1-qt3-32bit less than 0.60-33.16"/> 2581 <criterion test_ref="oval:org.opensuse.security:tst:2009041865" comment="dbus-1-qt3-devel less than 0.60-33.16"/> 2582 <criterion test_ref="oval:org.opensuse.security:tst:2009041866" comment="dbus-1-qt3 less than 0.60-33.16"/> 2583 <criterion test_ref="oval:org.opensuse.security:tst:2009041867" comment="dbus-1-x11 less than 0.60-33.16"/> 2584 <criterion test_ref="oval:org.opensuse.security:tst:2009041868" comment="dbus-1 less than 0.60-33.13"/> 2585 <criterion test_ref="oval:org.opensuse.security:tst:2009041869" comment="desktop-translations less than 10.1-40.28"/> 2586 <criterion test_ref="oval:org.opensuse.security:tst:2009041870" comment="diffutils less than 2.8.7-17.14"/> 2587 <criterion test_ref="oval:org.opensuse.security:tst:2009041871" comment="dmraid less than 0.99_1.0.0rc13-0.8"/> 2588 <criterion test_ref="oval:org.opensuse.security:tst:2009041872" comment="dosfstools less than 2.11-15.10"/> 2589 <criterion test_ref="oval:org.opensuse.security:tst:2009041873" comment="e2fsprogs-32bit less than 1.38-25.21"/> 2590 <criterion test_ref="oval:org.opensuse.security:tst:2009041874" comment="e2fsprogs-devel-32bit less than 1.38-25.21"/> 2591 <criterion test_ref="oval:org.opensuse.security:tst:2009041875" comment="e2fsprogs-devel less than 1.38-25.21"/> 2592 <criterion test_ref="oval:org.opensuse.security:tst:2009041876" comment="e2fsprogs less than 1.38-25.21"/> 2593 <criterion test_ref="oval:org.opensuse.security:tst:2009041877" comment="filesystem less than 10-1.12"/> 2594 <criterion test_ref="oval:org.opensuse.security:tst:2009041878" comment="findutils-locate less than 4.2.27-14.10"/> 2595 <criterion test_ref="oval:org.opensuse.security:tst:2009041879" comment="findutils less than 4.2.27-14.10"/> 2596 <criterion test_ref="oval:org.opensuse.security:tst:2009041880" comment="grep less than 2.5.1a-20.11"/> 2597 <criterion test_ref="oval:org.opensuse.security:tst:2009041881" comment="hal-32bit less than 0.5.6-33.26"/> 2598 <criterion test_ref="oval:org.opensuse.security:tst:2009041882" comment="hal-devel less than 0.5.6-33.26"/> 2599 <criterion test_ref="oval:org.opensuse.security:tst:2009041883" comment="hal-gnome less than 0.5.6-33.26"/> 2600 <criterion test_ref="oval:org.opensuse.security:tst:2009041884" comment="hal less than 0.5.6-33.26"/> 2601 <criterion test_ref="oval:org.opensuse.security:tst:2009041885" comment="hwinfo-devel less than 12.46-0.5"/> 2602 <criterion test_ref="oval:org.opensuse.security:tst:2009041886" comment="hwinfo less than 12.46-0.5"/> 2603 <criterion test_ref="oval:org.opensuse.security:tst:2009041887" comment="insserv less than 1.04.0-20.13"/> 2604 <criterion test_ref="oval:org.opensuse.security:tst:2009041888" comment="iputils less than ss021109-167.10"/> 2605 <criterion test_ref="oval:org.opensuse.security:tst:2009041889" comment="klogd less than 1.4.1-559.12"/> 2606 <criterion test_ref="oval:org.opensuse.security:tst:2009041890" comment="krb5-32bit less than 1.4.3-19.17"/> 2607 <criterion test_ref="oval:org.opensuse.security:tst:2009041891" comment="krb5-client less than 1.4.3-19.17"/> 2608 <criterion test_ref="oval:org.opensuse.security:tst:2009041892" comment="krb5-devel-32bit less than 1.4.3-19.17"/> 2609 <criterion test_ref="oval:org.opensuse.security:tst:2009041893" comment="krb5-devel less than 1.4.3-19.17"/> 2610 <criterion test_ref="oval:org.opensuse.security:tst:2009041894" comment="krb5 less than 1.4.3-19.17"/> 2611 <criterion test_ref="oval:org.opensuse.security:tst:2009041895" comment="ldapcpplib less than 0.0.4-14.13"/> 2612 <criterion test_ref="oval:org.opensuse.security:tst:2009041896" comment="libacl-32bit less than 2.2.41-0.7"/> 2613 <criterion test_ref="oval:org.opensuse.security:tst:2009041897" comment="libacl-devel less than 2.2.41-0.7"/> 2614 <criterion test_ref="oval:org.opensuse.security:tst:2009041898" comment="libacl less than 2.2.41-0.7"/> 2615 <criterion test_ref="oval:org.opensuse.security:tst:2009041899" comment="libattr-32bit less than 2.4.34-0.7"/> 2616 <criterion test_ref="oval:org.opensuse.security:tst:2009041900" comment="libattr-devel less than 2.4.34-0.7"/> 2617 <criterion test_ref="oval:org.opensuse.security:tst:2009041901" comment="libattr less than 2.4.34-0.7"/> 2618 <criterion test_ref="oval:org.opensuse.security:tst:2009041902" comment="libcom_err-32bit less than 1.38-25.21"/> 2619 <criterion test_ref="oval:org.opensuse.security:tst:2009041903" comment="libcom_err less than 1.38-25.21"/> 2620 <criterion test_ref="oval:org.opensuse.security:tst:2009041904" comment="liby2util less than 2.13.8-0.12"/> 2621 <criterion test_ref="oval:org.opensuse.security:tst:2009041905" comment="libzypp-zmd-backend less than 7.1.1.0_0.8-0.16"/> 2622 <criterion test_ref="oval:org.opensuse.security:tst:2009041906" comment="libzypp less than 2.15.10-0.4"/> 2623 <criterion test_ref="oval:org.opensuse.security:tst:2009041907" comment="lilo less than 22.7-19.12"/> 2624 <criterion test_ref="oval:org.opensuse.security:tst:2009041908" comment="limal-bootloader less than 1.1.50-0.12"/> 2625 <criterion test_ref="oval:org.opensuse.security:tst:2009041909" comment="limal-perl less than 1.1.56-0.6"/> 2626 <criterion test_ref="oval:org.opensuse.security:tst:2009041910" comment="limal less than 1.1.56-0.6"/> 2627 <criterion test_ref="oval:org.opensuse.security:tst:2009041911" comment="mailx less than 11.25-14.14"/> 2628 <criterion test_ref="oval:org.opensuse.security:tst:2009041912" comment="mcelog less than 0.7-2.12"/> 2629 <criterion test_ref="oval:org.opensuse.security:tst:2009041913" comment="mdadm less than 2.6-0.11"/> 2630 <criterion test_ref="oval:org.opensuse.security:tst:2009041914" comment="microcode_ctl less than 1.15-12.8"/> 2631 <criterion test_ref="oval:org.opensuse.security:tst:2009041915" comment="mkinitrd less than 1.2-106.52"/> 2632 <criterion test_ref="oval:org.opensuse.security:tst:2009041916" comment="module-init-tools less than 3.2.2-32.27"/> 2633 <criterion test_ref="oval:org.opensuse.security:tst:2009041917" comment="multipath-tools less than 0.4.7-34.18"/> 2634 <criterion test_ref="oval:org.opensuse.security:tst:2009041918" comment="ncurses-32bit less than 5.5-18.11"/> 2635 <criterion test_ref="oval:org.opensuse.security:tst:2009041919" comment="ncurses-devel-32bit less than 5.5-18.11"/> 2636 <criterion test_ref="oval:org.opensuse.security:tst:2009041920" comment="ncurses-devel less than 5.5-18.11"/> 2637 <criterion test_ref="oval:org.opensuse.security:tst:2009041921" comment="ncurses less than 5.5-18.11"/> 2638 <criterion test_ref="oval:org.opensuse.security:tst:2009041922" comment="nfs-utils less than 1.0.7-36.21"/> 2639 <criterion test_ref="oval:org.opensuse.security:tst:2009041923" comment="nfsidmap less than 0.12-16.12"/> 2640 <criterion test_ref="oval:org.opensuse.security:tst:2009041924" comment="openldap2-client-32bit less than 2.3.32-0.10"/> 2641 <criterion test_ref="oval:org.opensuse.security:tst:2009041925" comment="openldap2-client less than 2.3.32-0.10"/> 2642 <criterion test_ref="oval:org.opensuse.security:tst:2009041926" comment="openldap2-devel-32bit less than 2.3.32-0.10"/> 2643 <criterion test_ref="oval:org.opensuse.security:tst:2009041927" comment="openldap2-devel less than 2.3.32-0.10"/> 2644 <criterion test_ref="oval:org.opensuse.security:tst:2009041928" comment="openldap2 less than 2.3.32-0.10"/> 2645 <criterion test_ref="oval:org.opensuse.security:tst:2009041929" comment="openssh-askpass less than 4.2p1-18.25"/> 2646 <criterion test_ref="oval:org.opensuse.security:tst:2009041930" comment="openssh less than 4.2p1-18.25"/> 2647 <criterion test_ref="oval:org.opensuse.security:tst:2009041931" comment="pam-32bit less than 0.99.6.3-28.8"/> 2648 <criterion test_ref="oval:org.opensuse.security:tst:2009041932" comment="pam-devel less than 0.99.6.3-28.8"/> 2649 <criterion test_ref="oval:org.opensuse.security:tst:2009041933" comment="pam-modules-32bit less than 10-2.11"/> 2650 <criterion test_ref="oval:org.opensuse.security:tst:2009041934" comment="pam-modules less than 10-2.11"/> 2651 <criterion test_ref="oval:org.opensuse.security:tst:2009041935" comment="pam less than 0.99.6.3-28.8"/> 2652 <criterion test_ref="oval:org.opensuse.security:tst:2009041936" comment="parted-32bit less than 1.6.25.1-15.13"/> 2653 <criterion test_ref="oval:org.opensuse.security:tst:2009041937" comment="parted less than 1.6.25.1-15.13"/> 2654 <criterion test_ref="oval:org.opensuse.security:tst:2009041938" comment="pciutils less than 2.2.4-16.9"/> 2655 <criterion test_ref="oval:org.opensuse.security:tst:2009041939" comment="pcsc-lite-devel less than 1.2.9_beta9-17.10"/> 2656 <criterion test_ref="oval:org.opensuse.security:tst:2009041940" comment="pcsc-lite less than 1.2.9_beta9-17.10"/> 2657 <criterion test_ref="oval:org.opensuse.security:tst:2009041941" comment="perl-Bootloader less than 0.4.15-0.6"/> 2658 <criterion test_ref="oval:org.opensuse.security:tst:2009041942" comment="permissions less than 2007.2.15-0.7"/> 2659 <criterion test_ref="oval:org.opensuse.security:tst:2009041943" comment="popt-32bit less than 1.7-271.19"/> 2660 <criterion test_ref="oval:org.opensuse.security:tst:2009041944" comment="popt-devel-32bit less than 1.7-271.19"/> 2661 <criterion test_ref="oval:org.opensuse.security:tst:2009041945" comment="popt-devel less than 1.7-271.19"/> 2662 <criterion test_ref="oval:org.opensuse.security:tst:2009041946" comment="popt less than 1.7-271.19"/> 2663 <criterion test_ref="oval:org.opensuse.security:tst:2009041947" comment="portmap less than 5beta-749.10"/> 2664 <criterion test_ref="oval:org.opensuse.security:tst:2009041948" comment="postfix less than 2.2.9-10.18"/> 2665 <criterion test_ref="oval:org.opensuse.security:tst:2009041949" comment="powersave-libs-32bit less than 0.12.26-0.6"/> 2666 <criterion test_ref="oval:org.opensuse.security:tst:2009041950" comment="powersave-libs less than 0.12.26-0.6"/> 2667 <criterion test_ref="oval:org.opensuse.security:tst:2009041951" comment="powersave less than 0.12.26-0.6"/> 2668 <criterion test_ref="oval:org.opensuse.security:tst:2009041952" comment="procinfo less than 18-55.12"/> 2669 <criterion test_ref="oval:org.opensuse.security:tst:2009041953" comment="pwdutils less than 3.0.7.1-17.24"/> 2670 <criterion test_ref="oval:org.opensuse.security:tst:2009041954" comment="readline-32bit less than 5.1-24.13"/> 2671 <criterion test_ref="oval:org.opensuse.security:tst:2009041955" comment="readline-devel-32bit less than 5.1-24.13"/> 2672 <criterion test_ref="oval:org.opensuse.security:tst:2009041956" comment="readline-devel less than 5.1-24.13"/> 2673 <criterion test_ref="oval:org.opensuse.security:tst:2009041957" comment="readline less than 5.1-24.13"/> 2674 <criterion test_ref="oval:org.opensuse.security:tst:2009041958" comment="reiserfs less than 3.6.19-19.12"/> 2675 <criterion test_ref="oval:org.opensuse.security:tst:2009041959" comment="rpm-devel less than 4.4.2-43.19"/> 2676 <criterion test_ref="oval:org.opensuse.security:tst:2009041960" comment="rpm-python less than 4.4.2-43.19"/> 2677 <criterion test_ref="oval:org.opensuse.security:tst:2009041961" comment="rpm less than 4.4.2-43.19"/> 2678 <criterion test_ref="oval:org.opensuse.security:tst:2009041962" comment="rug less than 7.2.0.0-0.8"/> 2679 <criterion test_ref="oval:org.opensuse.security:tst:2009041963" comment="scpm-devel less than 1.1.3-18.16"/> 2680 <criterion test_ref="oval:org.opensuse.security:tst:2009041964" comment="scpm less than 1.1.3-18.16"/> 2681 <criterion test_ref="oval:org.opensuse.security:tst:2009041965" comment="screen less than 4.0.2-62.14"/> 2682 <criterion test_ref="oval:org.opensuse.security:tst:2009041966" comment="scsi less than 1.7_2.36_1.19_0.17_0.97-12.14"/> 2683 <criterion test_ref="oval:org.opensuse.security:tst:2009041967" comment="sed less than 4.1.4-17.11"/> 2684 <criterion test_ref="oval:org.opensuse.security:tst:2009041968" comment="sled-release less than 10-9.22"/> 2685 <criterion test_ref="oval:org.opensuse.security:tst:2009041969" comment="sudo less than 1.6.8p12-18.14"/> 2686 <criterion test_ref="oval:org.opensuse.security:tst:2009041970" comment="suseRegister less than 1.2-9.26"/> 2687 <criterion test_ref="oval:org.opensuse.security:tst:2009041971" comment="sysconfig less than 0.50.9-13.25"/> 2688 <criterion test_ref="oval:org.opensuse.security:tst:2009041972" comment="sysfsutils-32bit less than 1.3.0-16.10"/> 2689 <criterion test_ref="oval:org.opensuse.security:tst:2009041973" comment="sysfsutils less than 1.3.0-16.10"/> 2690 <criterion test_ref="oval:org.opensuse.security:tst:2009041974" comment="syslinux less than 3.11-20.11"/> 2691 <criterion test_ref="oval:org.opensuse.security:tst:2009041975" comment="sysvinit less than 2.86-21.15"/> 2692 <criterion test_ref="oval:org.opensuse.security:tst:2009041976" comment="terminfo less than 5.5-18.11"/> 2693 <criterion test_ref="oval:org.opensuse.security:tst:2009041977" comment="udev less than 085-30.37"/> 2694 <criterion test_ref="oval:org.opensuse.security:tst:2009041978" comment="ulimit less than 1.1-146.10"/> 2695 <criterion test_ref="oval:org.opensuse.security:tst:2009041979" comment="update-desktop-files less than 10.1-40.28"/> 2696 <criterion test_ref="oval:org.opensuse.security:tst:2009041980" comment="util-linux less than 2.12r-35.22"/> 2697 <criterion test_ref="oval:org.opensuse.security:tst:2009041981" comment="wireless-tools less than 28pre13-22.12"/> 2698 <criterion test_ref="oval:org.opensuse.security:tst:2009041982" comment="xfsprogs less than 2.8.16-0.10"/> 2699 <criterion test_ref="oval:org.opensuse.security:tst:2009041983" comment="xntp less than 4.2.0a-70.14"/> 2700 <criterion test_ref="oval:org.opensuse.security:tst:2009041984" comment="yast2-backup less than 2.13.5-0.12"/> 2701 <criterion test_ref="oval:org.opensuse.security:tst:2009041985" comment="yast2-bootloader less than 2.13.97-0.4"/> 2702 <criterion test_ref="oval:org.opensuse.security:tst:2009041986" comment="yast2-core less than 2.13.39-0.3"/> 2703 <criterion test_ref="oval:org.opensuse.security:tst:2009041987" comment="yast2-country less than 2.13.52-0.9"/> 2704 <criterion test_ref="oval:org.opensuse.security:tst:2009041988" comment="yast2-firewall less than 2.13.15-0.10"/> 2705 <criterion test_ref="oval:org.opensuse.security:tst:2009041989" comment="yast2-hardware-detection less than 2.13.7-0.9"/> 2706 <criterion test_ref="oval:org.opensuse.security:tst:2009041990" comment="yast2-inetd less than 2.13.8-0.6"/> 2707 <criterion test_ref="oval:org.opensuse.security:tst:2009041991" comment="yast2-installation less than 2.13.192-0.4"/> 2708 <criterion test_ref="oval:org.opensuse.security:tst:2009041992" comment="yast2-irda less than 2.13.3-0.11"/> 2709 <criterion test_ref="oval:org.opensuse.security:tst:2009041993" comment="yast2-kerberos-client less than 2.13.11-0.10"/> 2710 <criterion test_ref="oval:org.opensuse.security:tst:2009041994" comment="yast2-ldap-client less than 2.13.27-0.11"/> 2711 <criterion test_ref="oval:org.opensuse.security:tst:2009041995" comment="yast2-ldap less than 2.13.5-1.11"/> 2712 <criterion test_ref="oval:org.opensuse.security:tst:2009041996" comment="yast2-mail-aliases less than 2.13.8-0.11"/> 2713 <criterion test_ref="oval:org.opensuse.security:tst:2009041997" comment="yast2-mail less than 2.13.8-0.11"/> 2714 <criterion test_ref="oval:org.opensuse.security:tst:2009041998" comment="yast2-ncurses less than 2.13.66-0.12"/> 2715 <criterion test_ref="oval:org.opensuse.security:tst:2009041999" comment="yast2-network less than 2.13.98-0.7"/> 2716 <criterion test_ref="oval:org.opensuse.security:tst:2009042000" comment="yast2-nfs-client less than 2.13.4-0.11"/> 2717 <criterion test_ref="oval:org.opensuse.security:tst:2009042001" comment="yast2-nis-client less than 2.13.8-0.11"/> 2718 <criterion test_ref="oval:org.opensuse.security:tst:2009042002" comment="yast2-ntp-client less than 2.13.17-0.10"/> 2719 <criterion test_ref="oval:org.opensuse.security:tst:2009042003" comment="yast2-online-update-frontend less than 2.13.59-0.3"/> 2720 <criterion test_ref="oval:org.opensuse.security:tst:2009042004" comment="yast2-online-update less than 2.13.59-0.3"/> 2721 <criterion test_ref="oval:org.opensuse.security:tst:2009042005" comment="yast2-packager less than 2.13.175-0.5"/> 2722 <criterion test_ref="oval:org.opensuse.security:tst:2009042006" comment="yast2-pam less than 2.13.5-0.11"/> 2723 <criterion test_ref="oval:org.opensuse.security:tst:2009042007" comment="yast2-perl-bindings less than 2.13.11-0.17"/> 2724 <criterion test_ref="oval:org.opensuse.security:tst:2009042008" comment="yast2-pkg-bindings less than 2.13.117-0.13"/> 2725 <criterion test_ref="oval:org.opensuse.security:tst:2009042009" comment="yast2-power-management less than 2.13.9-0.9"/> 2726 <criterion test_ref="oval:org.opensuse.security:tst:2009042010" comment="yast2-powertweak less than 2.13.8-0.10"/> 2727 <criterion test_ref="oval:org.opensuse.security:tst:2009042011" comment="yast2-printer less than 2.13.32-1.13"/> 2728 <criterion test_ref="oval:org.opensuse.security:tst:2009042012" comment="yast2-profile-manager less than 2.13.6-0.12"/> 2729 <criterion test_ref="oval:org.opensuse.security:tst:2009042013" comment="yast2-repair less than 2.13.10-0.13"/> 2730 <criterion test_ref="oval:org.opensuse.security:tst:2009042014" comment="yast2-restore less than 2.13.2-0.13"/> 2731 <criterion test_ref="oval:org.opensuse.security:tst:2009042015" comment="yast2-runlevel less than 2.13.11-0.11"/> 2732 <criterion test_ref="oval:org.opensuse.security:tst:2009042016" comment="yast2-samba-client less than 2.13.36-0.8"/> 2733 <criterion test_ref="oval:org.opensuse.security:tst:2009042017" comment="yast2-schema less than 2.13.5-0.13"/> 2734 <criterion test_ref="oval:org.opensuse.security:tst:2009042018" comment="yast2-security less than 2.13.7-0.11"/> 2735 <criterion test_ref="oval:org.opensuse.security:tst:2009042019" comment="yast2-slp less than 2.13.4-0.17"/> 2736 <criterion test_ref="oval:org.opensuse.security:tst:2009042020" comment="yast2-storage-lib less than 2.13.94-0.4"/> 2737 <criterion test_ref="oval:org.opensuse.security:tst:2009042021" comment="yast2-storage less than 2.13.94-0.4"/> 2738 <criterion test_ref="oval:org.opensuse.security:tst:2009042022" comment="yast2-support less than 2.13.6-0.10"/> 2739 <criterion test_ref="oval:org.opensuse.security:tst:2009042023" comment="yast2-sysconfig less than 2.13.8-0.10"/> 2740 <criterion test_ref="oval:org.opensuse.security:tst:2009042024" comment="yast2-theme-NLD less than 0.4.5-3.20"/> 2741 <criterion test_ref="oval:org.opensuse.security:tst:2009042025" comment="yast2-trans-stats less than 2.11.0-21.18"/> 2742 <criterion test_ref="oval:org.opensuse.security:tst:2009042026" comment="yast2-transfer less than 2.13.4-0.10"/> 2743 <criterion test_ref="oval:org.opensuse.security:tst:2009042027" comment="yast2-tune less than 2.13.12-0.8"/> 2744 <criterion test_ref="oval:org.opensuse.security:tst:2009042028" comment="yast2-tv less than 2.13.9-0.11"/> 2745 <criterion test_ref="oval:org.opensuse.security:tst:2009042029" comment="yast2-update less than 2.13.52-0.4"/> 2746 <criterion test_ref="oval:org.opensuse.security:tst:2009042030" comment="yast2-users less than 2.13.55-0.4"/> 2747 <criterion test_ref="oval:org.opensuse.security:tst:2009042031" comment="yast2-vm less than 2.13.77-0.4"/> 2748 <criterion test_ref="oval:org.opensuse.security:tst:2009042032" comment="yast2-xml less than 2.13.4-0.8"/> 2749 <criterion test_ref="oval:org.opensuse.security:tst:2009042033" comment="yast2 less than 2.13.104-0.7"/> 2750 <criterion test_ref="oval:org.opensuse.security:tst:2009042034" comment="zmd-inventory less than 7.2.0-0.9"/> 2751 <criterion test_ref="oval:org.opensuse.security:tst:2009042035" comment="zmd less than 7.2.0.0-0.13"/> 2752 <criterion test_ref="oval:org.opensuse.security:tst:2009042036" comment="zypper less than 0.6.17-0.16"/> 2753 </criteria> 2754 </criteria> 2755 </definition> 2756 <definition id="oval:org.opensuse.security:def:20067177" version="1" class="vulnerability"> 2757 <metadata> 2758 <title>CVE-2006-7177</title> 2759 <affected family="unix"> 2760 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 2761 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 2762 </affected> 2763 <reference ref_id="CVE-2006-7177" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7177" source="CVE"/> 2764 <description> 2765 MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a denial of service (system crash) via unspecified vectors that lead to a kernel panic in the ieee80211_input function, related to "packets coming from a 'malicious' WinXP system." 2766 </description> 2767 </metadata> 2768 <!-- f72f26d7dd8e0f81dd5a72942869c106 --> 2769 <criteria operator="AND"> 2770 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 2771 <criteria operator="OR"> 2772 <criterion test_ref="oval:org.opensuse.security:tst:2009039492" comment="madwifi-kmp-bigsmp less than 0.9.3_2.6.16.46_0.12-6.6"/> 2773 <criterion test_ref="oval:org.opensuse.security:tst:2009039493" comment="madwifi-kmp-default less than 0.9.3_2.6.16.46_0.12-6.6"/> 2774 <criterion test_ref="oval:org.opensuse.security:tst:2009039494" comment="madwifi-kmp-smp less than 0.9.3_2.6.16.46_0.12-6.6"/> 2775 </criteria> 2776 </criteria> 2777 </definition> 2778 <definition id="oval:org.opensuse.security:def:20067178" version="1" class="vulnerability"> 2779 <metadata> 2780 <title>CVE-2006-7178</title> 2781 <affected family="unix"> 2782 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 2783 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 2784 </affected> 2785 <reference ref_id="CVE-2006-7178" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7178" source="CVE"/> 2786 <description> 2787 MadWifi before 0.9.3 does not properly handle reception of an AUTH frame by an IBSS node, which allows remote attackers to cause a denial of service (system crash) via a certain AUTH frame. 2788 </description> 2789 </metadata> 2790 <!-- f72f26d7dd8e0f81dd5a72942869c106 --> 2791 <criteria operator="AND"> 2792 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 2793 <criteria operator="OR"> 2794 <criterion test_ref="oval:org.opensuse.security:tst:2009039492" comment="madwifi-kmp-bigsmp less than 0.9.3_2.6.16.46_0.12-6.6"/> 2795 <criterion test_ref="oval:org.opensuse.security:tst:2009039493" comment="madwifi-kmp-default less than 0.9.3_2.6.16.46_0.12-6.6"/> 2796 <criterion test_ref="oval:org.opensuse.security:tst:2009039494" comment="madwifi-kmp-smp less than 0.9.3_2.6.16.46_0.12-6.6"/> 2797 </criteria> 2798 </criteria> 2799 </definition> 2800 <definition id="oval:org.opensuse.security:def:20067179" version="1" class="vulnerability"> 2801 <metadata> 2802 <title>CVE-2006-7179</title> 2803 <affected family="unix"> 2804 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 2805 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 2806 </affected> 2807 <reference ref_id="CVE-2006-7179" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7179" source="CVE"/> 2808 <description> 2809 ieee80211_input.c in MadWifi before 0.9.3 does not properly process Channel Switch Announcement Information Elements (CSA IEs), which allows remote attackers to cause a denial of service (loss of communication) via a Channel Switch Count less than or equal to one, triggering a channel change. 2810 </description> 2811 </metadata> 2812 <!-- f72f26d7dd8e0f81dd5a72942869c106 --> 2813 <criteria operator="AND"> 2814 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 2815 <criteria operator="OR"> 2816 <criterion test_ref="oval:org.opensuse.security:tst:2009039492" comment="madwifi-kmp-bigsmp less than 0.9.3_2.6.16.46_0.12-6.6"/> 2817 <criterion test_ref="oval:org.opensuse.security:tst:2009039493" comment="madwifi-kmp-default less than 0.9.3_2.6.16.46_0.12-6.6"/> 2818 <criterion test_ref="oval:org.opensuse.security:tst:2009039494" comment="madwifi-kmp-smp less than 0.9.3_2.6.16.46_0.12-6.6"/> 2819 </criteria> 2820 </criteria> 2821 </definition> 2822 <definition id="oval:org.opensuse.security:def:20067180" version="1" class="vulnerability"> 2823 <metadata> 2824 <title>CVE-2006-7180</title> 2825 <affected family="unix"> 2826 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 2827 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 2828 </affected> 2829 <reference ref_id="CVE-2006-7180" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7180" source="CVE"/> 2830 <description> 2831 ieee80211_output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information (related to network structure), and possibly cause a denial of sevice (disrupted authentication) and conduct spoofing attacks. 2832 </description> 2833 </metadata> 2834 <!-- f72f26d7dd8e0f81dd5a72942869c106 --> 2835 <criteria operator="AND"> 2836 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 2837 <criteria operator="OR"> 2838 <criterion test_ref="oval:org.opensuse.security:tst:2009039492" comment="madwifi-kmp-bigsmp less than 0.9.3_2.6.16.46_0.12-6.6"/> 2839 <criterion test_ref="oval:org.opensuse.security:tst:2009039493" comment="madwifi-kmp-default less than 0.9.3_2.6.16.46_0.12-6.6"/> 2840 <criterion test_ref="oval:org.opensuse.security:tst:2009039494" comment="madwifi-kmp-smp less than 0.9.3_2.6.16.46_0.12-6.6"/> 2841 </criteria> 2842 </criteria> 2843 </definition> 2844 <definition id="oval:org.opensuse.security:def:20067246" version="1" class="vulnerability"> 2845 <metadata> 2846 <title>CVE-2006-7246</title> 2847 <affected family="unix"> 2848 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 2849 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 2850 </affected> 2851 <reference ref_id="CVE-2006-7246" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7246" source="CVE"/> 2852 <description> 2853 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2854 </description> 2855 </metadata> 2856 <!-- 3ae188b8ee6ea152ca6d4acbf24ee30e --> 2857 <criteria operator="AND"> 2858 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 2859 <criteria operator="OR"> 2860 <criterion test_ref="oval:org.opensuse.security:tst:2009072989" comment="NetworkManager-devel less than 0.6.6-0.21.5"/> 2861 <criterion test_ref="oval:org.opensuse.security:tst:2009072990" comment="NetworkManager-glib less than 0.6.6-0.21.5"/> 2862 <criterion test_ref="oval:org.opensuse.security:tst:2009072991" comment="NetworkManager-gnome less than 0.6.6-0.21.5"/> 2863 <criterion test_ref="oval:org.opensuse.security:tst:2009072992" comment="NetworkManager less than 0.6.6-0.21.5"/> 2864 <criterion test_ref="oval:org.opensuse.security:tst:2009072993" comment="wpa_supplicant less than 0.4.8-14.29.5"/> 2865 </criteria> 2866 </criteria> 2867 </definition> 2868 <definition id="oval:org.opensuse.security:def:20067250" version="1" class="vulnerability"> 2869 <metadata> 2870 <title>CVE-2006-7250</title> 2871 <affected family="unix"> 2872 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 2873 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 2874 </affected> 2875 <reference ref_id="CVE-2006-7250" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7250" source="CVE"/> 2876 <description> 2877 The mime_hdr_cmp function in crypto/asn1/asn_mime.c in OpenSSL 0.9.8t and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message. 2878 </description> 2879 </metadata> 2880 <!-- f6896f36048d7e8f3d49c12c286ae0d8 --> 2881 <criteria operator="AND"> 2882 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 2883 <criteria operator="OR"> 2884 <criterion test_ref="oval:org.opensuse.security:tst:2009073451" comment="openssl-32bit less than 0.9.8a-18.64.3"/> 2885 <criterion test_ref="oval:org.opensuse.security:tst:2009073452" comment="openssl-devel-32bit less than 0.9.8a-18.64.3"/> 2886 <criterion test_ref="oval:org.opensuse.security:tst:2009073453" comment="openssl-devel less than 0.9.8a-18.64.3"/> 2887 <criterion test_ref="oval:org.opensuse.security:tst:2009073454" comment="openssl less than 0.9.8a-18.64.3"/> 2888 </criteria> 2889 </criteria> 2890 </definition> 2891 <definition id="oval:org.opensuse.security:def:20070002" version="1" class="vulnerability"> 2892 <metadata> 2893 <title>CVE-2007-0002</title> 2894 <affected family="unix"> 2895 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 2896 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 2897 </affected> 2898 <reference ref_id="CVE-2007-0002" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002" source="CVE"/> 2899 <description> 2900 Multiple heap-based buffer overflows in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allow user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted WordPerfect file in which values to loop counters are not properly handled in the (1) WP3TablesGroup::_readContents and (2) WP5DefinitionGroup_DefineTablesSubGroup::WP5DefinitionGroup_DefineTablesSubGroup functions. NOTE: the integer overflow has been split into CVE-2007-1466. 2901 </description> 2902 </metadata> 2903 <criteria operator="OR"> 2904 <!-- 3d9fcf4e5387ec9fc9096e15993ca12e --> 2905 <criteria operator="AND"> 2906 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 2907 <criteria operator="OR"> 2908 <criterion test_ref="oval:org.opensuse.security:tst:2009042506" comment="OpenOffice_org-af less than 2.1-0.21"/> 2909 <criterion test_ref="oval:org.opensuse.security:tst:2009042507" comment="OpenOffice_org-ar less than 2.1-0.21"/> 2910 <criterion test_ref="oval:org.opensuse.security:tst:2009042508" comment="OpenOffice_org-ca less than 2.1-0.21"/> 2911 <criterion test_ref="oval:org.opensuse.security:tst:2009042509" comment="OpenOffice_org-cs less than 2.1-0.21"/> 2912 <criterion test_ref="oval:org.opensuse.security:tst:2009042510" comment="OpenOffice_org-da less than 2.1-0.21"/> 2913 <criterion test_ref="oval:org.opensuse.security:tst:2009042511" comment="OpenOffice_org-de-templates less than 8.2-171.6"/> 2914 <criterion test_ref="oval:org.opensuse.security:tst:2009042512" comment="OpenOffice_org-de less than 2.1-0.21"/> 2915 <criterion test_ref="oval:org.opensuse.security:tst:2009042513" comment="OpenOffice_org-es less than 2.1-0.21"/> 2916 <criterion test_ref="oval:org.opensuse.security:tst:2009042514" comment="OpenOffice_org-fi less than 2.1-0.21"/> 2917 <criterion test_ref="oval:org.opensuse.security:tst:2009042515" comment="OpenOffice_org-fr less than 2.1-0.21"/> 2918 <criterion test_ref="oval:org.opensuse.security:tst:2009042516" comment="OpenOffice_org-galleries less than 2.1-0.21"/> 2919 <criterion test_ref="oval:org.opensuse.security:tst:2009042517" comment="OpenOffice_org-gnome less than 2.1-0.21"/> 2920 <criterion test_ref="oval:org.opensuse.security:tst:2009042518" comment="OpenOffice_org-gu-IN less than 2.1-0.21"/> 2921 <criterion test_ref="oval:org.opensuse.security:tst:2009042519" comment="OpenOffice_org-hi-IN less than 2.1-0.21"/> 2922 <criterion test_ref="oval:org.opensuse.security:tst:2009042520" comment="OpenOffice_org-hu less than 2.1-0.21"/> 2923 <criterion test_ref="oval:org.opensuse.security:tst:2009042521" comment="OpenOffice_org-it less than 2.1-0.21"/> 2924 <criterion test_ref="oval:org.opensuse.security:tst:2009042522" comment="OpenOffice_org-ja less than 2.1-0.21"/> 2925 <criterion test_ref="oval:org.opensuse.security:tst:2009042523" comment="OpenOffice_org-kde less than 2.1-0.21"/> 2926 <criterion test_ref="oval:org.opensuse.security:tst:2009042524" comment="OpenOffice_org-mono less than 2.1-0.21"/> 2927 <criterion test_ref="oval:org.opensuse.security:tst:2009042525" comment="OpenOffice_org-nb less than 2.1-0.21"/> 2928 <criterion test_ref="oval:org.opensuse.security:tst:2009042526" comment="OpenOffice_org-nl less than 2.1-0.21"/> 2929 <criterion test_ref="oval:org.opensuse.security:tst:2009042527" comment="OpenOffice_org-nld less than 2.1-0.21"/> 2930 <criterion test_ref="oval:org.opensuse.security:tst:2009042528" comment="OpenOffice_org-nn less than 2.1-0.21"/> 2931 <criterion test_ref="oval:org.opensuse.security:tst:2009042529" comment="OpenOffice_org-pl less than 2.1-0.21"/> 2932 <criterion test_ref="oval:org.opensuse.security:tst:2009042530" comment="OpenOffice_org-pt-BR less than 2.1-0.21"/> 2933 <criterion test_ref="oval:org.opensuse.security:tst:2009042531" comment="OpenOffice_org-ru less than 2.1-0.21"/> 2934 <criterion test_ref="oval:org.opensuse.security:tst:2009042532" comment="OpenOffice_org-sk less than 2.1-0.21"/> 2935 <criterion test_ref="oval:org.opensuse.security:tst:2009042533" comment="OpenOffice_org-sv less than 2.1-0.21"/> 2936 <criterion test_ref="oval:org.opensuse.security:tst:2009042534" comment="OpenOffice_org-xh less than 2.1-0.21"/> 2937 <criterion test_ref="oval:org.opensuse.security:tst:2009042535" comment="OpenOffice_org-zh-CN less than 2.1-0.21"/> 2938 <criterion test_ref="oval:org.opensuse.security:tst:2009042536" comment="OpenOffice_org-zh-TW less than 2.1-0.21"/> 2939 <criterion test_ref="oval:org.opensuse.security:tst:2009042537" comment="OpenOffice_org-zu less than 2.1-0.21"/> 2940 <criterion test_ref="oval:org.opensuse.security:tst:2009042538" comment="OpenOffice_org less than 2.1-0.21"/> 2941 </criteria> 2942 </criteria> 2943 <!-- f83d87195bba0229ac4b65c0cd41c27c --> 2944 <criteria operator="AND"> 2945 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 2946 <criteria operator="OR"> 2947 <criterion test_ref="oval:org.opensuse.security:tst:2009037827" comment="NetworkManager-devel less than 0.6.4-60.26"/> 2948 <criterion test_ref="oval:org.opensuse.security:tst:2009037828" comment="NetworkManager-glib less than 0.6.4-60.26"/> 2949 <criterion test_ref="oval:org.opensuse.security:tst:2009037829" comment="NetworkManager-gnome less than 0.6.4-60.26"/> 2950 <criterion test_ref="oval:org.opensuse.security:tst:2009037830" comment="NetworkManager-openvpn less than 0.3.2cvs20060202-20.25"/> 2951 <criterion test_ref="oval:org.opensuse.security:tst:2009037831" comment="NetworkManager-vpnc less than 0.5.0cvs20060202-19.30"/> 2952 <criterion test_ref="oval:org.opensuse.security:tst:2009037832" comment="NetworkManager less than 0.6.4-60.26"/> 2953 <criterion test_ref="oval:org.opensuse.security:tst:2009037833" comment="art-sharp less than 1.0.10-30.15"/> 2954 <criterion test_ref="oval:org.opensuse.security:tst:2009037834" comment="audit-libs-32bit less than 1.2.9-6.9"/> 2955 <criterion test_ref="oval:org.opensuse.security:tst:2009037835" comment="audit-libs-python less than 1.2.9-12.9"/> 2956 <criterion test_ref="oval:org.opensuse.security:tst:2009037836" comment="audit-libs less than 1.2.9-6.9"/> 2957 <criterion test_ref="oval:org.opensuse.security:tst:2009037837" comment="audit less than 1.2.9-6.9"/> 2958 <criterion test_ref="oval:org.opensuse.security:tst:2009037838" comment="beagle-evolution less than 0.2.16.3-1.13"/> 2959 <criterion test_ref="oval:org.opensuse.security:tst:2009037839" comment="beagle-firefox less than 0.2.16.3-1.13"/> 2960 <criterion test_ref="oval:org.opensuse.security:tst:2009037840" comment="beagle-gui less than 0.2.16.3-1.13"/> 2961 <criterion test_ref="oval:org.opensuse.security:tst:2009037841" comment="beagle less than 0.2.16.3-1.13"/> 2962 <criterion test_ref="oval:org.opensuse.security:tst:2009037842" comment="cifs-mount less than 3.0.24-2.23"/> 2963 <criterion test_ref="oval:org.opensuse.security:tst:2009037843" comment="compiz less than 0.4.0-0.21"/> 2964 <criterion test_ref="oval:org.opensuse.security:tst:2009037844" comment="contact-lookup-applet less than 0.13-21.14"/> 2965 <criterion test_ref="oval:org.opensuse.security:tst:2009037845" comment="dhcp-client less than 3.0.3-23.33"/> 2966 <criterion test_ref="oval:org.opensuse.security:tst:2009037846" comment="dhcp less than 3.0.3-23.33"/> 2967 <criterion test_ref="oval:org.opensuse.security:tst:2009037847" comment="dia less than 0.94-41.22"/> 2968 <criterion test_ref="oval:org.opensuse.security:tst:2009037848" comment="evolution-devel less than 2.6.0-49.55"/> 2969 <criterion test_ref="oval:org.opensuse.security:tst:2009037849" comment="evolution-exchange less than 2.6.0-27.34"/> 2970 <criterion test_ref="oval:org.opensuse.security:tst:2009037850" comment="evolution-pilot less than 2.6.0-49.55"/> 2971 <criterion test_ref="oval:org.opensuse.security:tst:2009037851" comment="evolution-webcal less than 2.4.1-18.14"/> 2972 <criterion test_ref="oval:org.opensuse.security:tst:2009037852" comment="evolution less than 2.6.0-49.55"/> 2973 <criterion test_ref="oval:org.opensuse.security:tst:2009037853" comment="f-spot less than 0.3.5-0.16"/> 2974 <criterion test_ref="oval:org.opensuse.security:tst:2009037854" comment="gaim-devel less than 1.5.0-50.17"/> 2975 <criterion test_ref="oval:org.opensuse.security:tst:2009037855" comment="gaim less than 1.5.0-50.17"/> 2976 <criterion test_ref="oval:org.opensuse.security:tst:2009037856" comment="gconf-sharp less than 1.0.10-30.15"/> 2977 <criterion test_ref="oval:org.opensuse.security:tst:2009037857" comment="gda-sharp less than 1.0.10-30.15"/> 2978 <criterion test_ref="oval:org.opensuse.security:tst:2009037858" comment="gdb less than 6.6-12.20"/> 2979 <criterion test_ref="oval:org.opensuse.security:tst:2009037859" comment="gftp less than 2.0.18-25.15"/> 2980 <criterion test_ref="oval:org.opensuse.security:tst:2009037860" comment="glade-sharp less than 1.0.10-30.15"/> 2981 <criterion test_ref="oval:org.opensuse.security:tst:2009037861" comment="glib-sharp less than 1.0.10-30.15"/> 2982 <criterion test_ref="oval:org.opensuse.security:tst:2009037862" comment="glib2-32bit less than 2.8.6-0.8"/> 2983 <criterion test_ref="oval:org.opensuse.security:tst:2009037863" comment="glib2-devel less than 2.8.6-0.8"/> 2984 <criterion test_ref="oval:org.opensuse.security:tst:2009037864" comment="glib2-doc less than 2.8.6-0.8"/> 2985 <criterion test_ref="oval:org.opensuse.security:tst:2009037865" comment="glib2 less than 2.8.6-0.8"/> 2986 <criterion test_ref="oval:org.opensuse.security:tst:2009037866" comment="gnome-backgrounds less than 2.12.3.1-0.8"/> 2987 <criterion test_ref="oval:org.opensuse.security:tst:2009037867" comment="gnome-filesystem less than 0.1-261.12"/> 2988 <criterion test_ref="oval:org.opensuse.security:tst:2009037868" comment="gnome-games less than 2.12.3-0.12"/> 2989 <criterion test_ref="oval:org.opensuse.security:tst:2009037869" comment="gnome-sharp less than 1.0.10-30.15"/> 2990 <criterion test_ref="oval:org.opensuse.security:tst:2009037870" comment="gnomedb-sharp less than 1.0.10-30.15"/> 2991 <criterion test_ref="oval:org.opensuse.security:tst:2009037871" comment="gnopernicus-devel less than 1.0.0-23.14"/> 2992 <criterion test_ref="oval:org.opensuse.security:tst:2009037872" comment="gnopernicus less than 1.0.0-23.14"/> 2993 <criterion test_ref="oval:org.opensuse.security:tst:2009037873" comment="gstreamer010-plugins-base-32bit less than 0.10.5-11.17"/> 2994 <criterion test_ref="oval:org.opensuse.security:tst:2009037874" comment="gstreamer010-plugins-base-devel less than 0.10.5-11.17"/> 2995 <criterion test_ref="oval:org.opensuse.security:tst:2009037875" comment="gstreamer010-plugins-base-doc less than 0.10.5-11.17"/> 2996 <criterion test_ref="oval:org.opensuse.security:tst:2009037876" comment="gstreamer010-plugins-base-oil-32bit less than 0.10.5-11.17"/> 2997 <criterion test_ref="oval:org.opensuse.security:tst:2009037877" comment="gstreamer010-plugins-base-oil less than 0.10.5-11.17"/> 2998 <criterion test_ref="oval:org.opensuse.security:tst:2009037878" comment="gstreamer010-plugins-base-visual-32bit less than 0.10.5-11.17"/> 2999 <criterion test_ref="oval:org.opensuse.security:tst:2009037879" comment="gstreamer010-plugins-base-visual less than 0.10.5-11.17"/> 3000 <criterion test_ref="oval:org.opensuse.security:tst:2009037880" comment="gstreamer010-plugins-base less than 0.10.5-11.17"/> 3001 <criterion test_ref="oval:org.opensuse.security:tst:2009037881" comment="gtk-sharp-32bit less than 1.0.10-30.15"/> 3002 <criterion test_ref="oval:org.opensuse.security:tst:2009037882" comment="gtk-sharp-complete less than 1.0.10-30.15"/> 3003 <criterion test_ref="oval:org.opensuse.security:tst:2009037883" comment="gtk-sharp-gapi less than 1.0.10-30.15"/> 3004 <criterion test_ref="oval:org.opensuse.security:tst:2009037884" comment="gtk-sharp less than 1.0.10-30.15"/> 3005 <criterion test_ref="oval:org.opensuse.security:tst:2009037885" comment="gtkhtml-sharp less than 1.0.10-30.15"/> 3006 <criterion test_ref="oval:org.opensuse.security:tst:2009037886" comment="helix-dbus-server less than 0.4.0-0.10"/> 3007 <criterion test_ref="oval:org.opensuse.security:tst:2009037887" comment="inkscape less than 0.43-20.15"/> 3008 <criterion test_ref="oval:org.opensuse.security:tst:2009037888" comment="libbeagle-32bit less than 0.2.16.3-1.12"/> 3009 <criterion test_ref="oval:org.opensuse.security:tst:2009037889" comment="libbeagle-devel less than 0.2.16.3-1.12"/> 3010 <criterion test_ref="oval:org.opensuse.security:tst:2009037890" comment="libbeagle less than 0.2.16.3-1.12"/> 3011 <criterion test_ref="oval:org.opensuse.security:tst:2009037891" comment="libgail-gnome-devel less than 1.1.3-41.13"/> 3012 <criterion test_ref="oval:org.opensuse.security:tst:2009037892" comment="libgail-gnome less than 1.1.3-41.13"/> 3013 <criterion test_ref="oval:org.opensuse.security:tst:2009037893" comment="libgdiplus less than 1.2.2-13.13"/> 3014 <criterion test_ref="oval:org.opensuse.security:tst:2009037894" comment="libipoddevice-32bit less than 0.5.2-1.17"/> 3015 <criterion test_ref="oval:org.opensuse.security:tst:2009037895" comment="libipoddevice less than 0.5.2-1.17"/> 3016 <criterion test_ref="oval:org.opensuse.security:tst:2009037896" comment="libsmbclient-32bit less than 3.0.24-2.23"/> 3017 <criterion test_ref="oval:org.opensuse.security:tst:2009037897" comment="libsmbclient-devel less than 3.0.24-2.23"/> 3018 <criterion test_ref="oval:org.opensuse.security:tst:2009037898" comment="libsmbclient less than 3.0.24-2.23"/> 3019 <criterion test_ref="oval:org.opensuse.security:tst:2009037899" comment="libtool-32bit less than 1.5.22-13.12"/> 3020 <criterion test_ref="oval:org.opensuse.security:tst:2009037900" comment="libtool less than 1.5.22-13.12"/> 3021 <criterion test_ref="oval:org.opensuse.security:tst:2009037901" comment="linphone-applet less than 1.2.0-16.14"/> 3022 <criterion test_ref="oval:org.opensuse.security:tst:2009037902" comment="linphone less than 1.2.0-16.14"/> 3023 <criterion test_ref="oval:org.opensuse.security:tst:2009037903" comment="openobex-devel less than 1.3-28.7"/> 3024 <criterion test_ref="oval:org.opensuse.security:tst:2009037904" comment="openobex less than 1.3-28.7"/> 3025 <criterion test_ref="oval:org.opensuse.security:tst:2009037905" comment="planner-devel less than 0.14.1-24.12"/> 3026 <criterion test_ref="oval:org.opensuse.security:tst:2009037906" comment="planner less than 0.14.1-24.12"/> 3027 <criterion test_ref="oval:org.opensuse.security:tst:2009037907" comment="pwlib-devel less than 1.10.4-0.10"/> 3028 <criterion test_ref="oval:org.opensuse.security:tst:2009037908" comment="pwlib less than 1.10.4-0.10"/> 3029 <criterion test_ref="oval:org.opensuse.security:tst:2009037909" comment="resapplet less than 0.1.4-5.20"/> 3030 <criterion test_ref="oval:org.opensuse.security:tst:2009037910" comment="rsvg-sharp less than 1.0.10-30.15"/> 3031 <criterion test_ref="oval:org.opensuse.security:tst:2009037911" comment="sabayon-admin less than 2.12.3-21.29"/> 3032 <criterion test_ref="oval:org.opensuse.security:tst:2009037912" comment="sabayon less than 2.12.3-21.29"/> 3033 <criterion test_ref="oval:org.opensuse.security:tst:2009037913" comment="samba-32bit less than 3.0.24-2.23"/> 3034 <criterion test_ref="oval:org.opensuse.security:tst:2009037914" comment="samba-client-32bit less than 3.0.24-2.23"/> 3035 <criterion test_ref="oval:org.opensuse.security:tst:2009037915" comment="samba-client less than 3.0.24-2.23"/> 3036 <criterion test_ref="oval:org.opensuse.security:tst:2009037916" comment="samba-doc less than 3.0.24-2.23"/> 3037 <criterion test_ref="oval:org.opensuse.security:tst:2009037917" comment="samba-krb-printing less than 3.0.24-2.23"/> 3038 <criterion test_ref="oval:org.opensuse.security:tst:2009037918" comment="samba-pdb less than 3.0.24-2.23"/> 3039 <criterion test_ref="oval:org.opensuse.security:tst:2009037919" comment="samba-vscan less than 0.3.6b-42.49"/> 3040 <criterion test_ref="oval:org.opensuse.security:tst:2009037920" comment="samba-winbind-32bit less than 3.0.24-2.23"/> 3041 <criterion test_ref="oval:org.opensuse.security:tst:2009037921" comment="samba-winbind less than 3.0.24-2.23"/> 3042 <criterion test_ref="oval:org.opensuse.security:tst:2009037922" comment="samba less than 3.0.24-2.23"/> 3043 <criterion test_ref="oval:org.opensuse.security:tst:2009037923" comment="tomboy less than 0.6.0-0.21"/> 3044 <criterion test_ref="oval:org.opensuse.security:tst:2009037924" comment="vte-sharp less than 1.0.10-30.15"/> 3045 <criterion test_ref="oval:org.opensuse.security:tst:2009037925" comment="wbxml2 less than 0.9.0-18.10"/> 3046 <criterion test_ref="oval:org.opensuse.security:tst:2009037926" comment="xgl-hardware-list less than 070326-0.5"/> 3047 <criterion test_ref="oval:org.opensuse.security:tst:2009037927" comment="xgl less than cvs_060522-0.32"/> 3048 </criteria> 3049 </criteria> 3050 </criteria> 3051 </definition> 3052 <definition id="oval:org.opensuse.security:def:20070010" version="1" class="vulnerability"> 3053 <metadata> 3054 <title>CVE-2007-0010</title> 3055 <affected family="unix"> 3056 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 3057 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 3058 </affected> 3059 <reference ref_id="CVE-2007-0010" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0010" source="CVE"/> 3060 <description> 3061 The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of service (crash) via a malformed image file. 3062 </description> 3063 </metadata> 3064 <criteria operator="OR"> 3065 <!-- 910453b56d92f11dc3441c5f3674ea54 --> 3066 <criteria operator="AND"> 3067 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 3068 <criteria operator="OR"> 3069 <criterion test_ref="oval:org.opensuse.security:tst:2009040930" comment="cairo-32bit less than 1.0.2-27.16"/> 3070 <criterion test_ref="oval:org.opensuse.security:tst:2009040931" comment="cairo-devel less than 1.0.2-27.16"/> 3071 <criterion test_ref="oval:org.opensuse.security:tst:2009040932" comment="cairo-doc less than 1.0.2-27.16"/> 3072 <criterion test_ref="oval:org.opensuse.security:tst:2009040933" comment="cairo less than 1.0.2-27.16"/> 3073 <criterion test_ref="oval:org.opensuse.security:tst:2009040934" comment="control-center2-devel less than 2.12.3-0.21"/> 3074 <criterion test_ref="oval:org.opensuse.security:tst:2009040935" comment="control-center2 less than 2.12.3-0.21"/> 3075 <criterion test_ref="oval:org.opensuse.security:tst:2009040936" comment="eel-32bit less than 2.12.2-18.14"/> 3076 <criterion test_ref="oval:org.opensuse.security:tst:2009040937" comment="eel-devel less than 2.12.2-18.14"/> 3077 <criterion test_ref="oval:org.opensuse.security:tst:2009040938" comment="eel less than 2.12.2-18.14"/> 3078 <criterion test_ref="oval:org.opensuse.security:tst:2009040939" comment="evolution-data-server-32bit less than 1.6.0-43.53"/> 3079 <criterion test_ref="oval:org.opensuse.security:tst:2009040940" comment="evolution-data-server-devel less than 1.6.0-43.53"/> 3080 <criterion test_ref="oval:org.opensuse.security:tst:2009040941" comment="evolution-data-server less than 1.6.0-43.53"/> 3081 <criterion test_ref="oval:org.opensuse.security:tst:2009040942" comment="ghex less than 2.8.1-27.14"/> 3082 <criterion test_ref="oval:org.opensuse.security:tst:2009040943" comment="gimp-devel less than 2.2.10-22.20"/> 3083 <criterion test_ref="oval:org.opensuse.security:tst:2009040944" comment="gimp less than 2.2.10-22.20"/> 3084 <criterion test_ref="oval:org.opensuse.security:tst:2009040945" comment="gnome-applets-devel less than 2.12.2-51.14"/> 3085 <criterion test_ref="oval:org.opensuse.security:tst:2009040946" comment="gnome-applets less than 2.12.2-51.14"/> 3086 <criterion test_ref="oval:org.opensuse.security:tst:2009040947" comment="gnome-cups-manager-devel less than 0.32cvs20060120-33.23"/> 3087 <criterion test_ref="oval:org.opensuse.security:tst:2009040948" comment="gnome-cups-manager less than 0.32cvs20060120-33.23"/> 3088 <criterion test_ref="oval:org.opensuse.security:tst:2009040949" comment="gnome-desktop-32bit less than 2.12.2-25.16"/> 3089 <criterion test_ref="oval:org.opensuse.security:tst:2009040950" comment="gnome-desktop-devel less than 2.12.2-25.16"/> 3090 <criterion test_ref="oval:org.opensuse.security:tst:2009040951" comment="gnome-desktop less than 2.12.2-25.16"/> 3091 <criterion test_ref="oval:org.opensuse.security:tst:2009040952" comment="gnome-keyring-32bit less than 0.4.6-18.16"/> 3092 <criterion test_ref="oval:org.opensuse.security:tst:2009040953" comment="gnome-keyring-devel less than 0.4.6-18.16"/> 3093 <criterion test_ref="oval:org.opensuse.security:tst:2009040954" comment="gnome-keyring less than 0.4.6-18.16"/> 3094 <criterion test_ref="oval:org.opensuse.security:tst:2009040955" comment="gnome-main-menu-devel less than 0.9.8-0.15"/> 3095 <criterion test_ref="oval:org.opensuse.security:tst:2009040956" comment="gnome-main-menu less than 0.9.8-0.15"/> 3096 <criterion test_ref="oval:org.opensuse.security:tst:2009040957" comment="gnome-menus-32bit less than 2.16.1-38.11"/> 3097 <criterion test_ref="oval:org.opensuse.security:tst:2009040958" comment="gnome-menus-devel less than 2.16.1-38.11"/> 3098 <criterion test_ref="oval:org.opensuse.security:tst:2009040959" comment="gnome-menus less than 2.16.1-38.11"/> 3099 <criterion test_ref="oval:org.opensuse.security:tst:2009040960" comment="gnome-panel-nld-32bit less than 2.12.3-0.35"/> 3100 <criterion test_ref="oval:org.opensuse.security:tst:2009040961" comment="gnome-panel-nld-devel less than 2.12.3-0.35"/> 3101 <criterion test_ref="oval:org.opensuse.security:tst:2009040962" comment="gnome-panel-nld-doc less than 2.12.3-0.35"/> 3102 <criterion test_ref="oval:org.opensuse.security:tst:2009040963" comment="gnome-panel-nld less than 2.12.3-0.35"/> 3103 <criterion test_ref="oval:org.opensuse.security:tst:2009040964" comment="gnome-vfs2-32bit less than 2.12.2-58.28"/> 3104 <criterion test_ref="oval:org.opensuse.security:tst:2009040965" comment="gnome-vfs2-devel less than 2.12.2-58.28"/> 3105 <criterion test_ref="oval:org.opensuse.security:tst:2009040966" comment="gnome-vfs2-doc less than 2.12.2-58.28"/> 3106 <criterion test_ref="oval:org.opensuse.security:tst:2009040967" comment="gnome-vfs2 less than 2.12.2-58.28"/> 3107 <criterion test_ref="oval:org.opensuse.security:tst:2009040968" comment="gstreamer010-32bit less than 0.10.4-11.17"/> 3108 <criterion test_ref="oval:org.opensuse.security:tst:2009040969" comment="gstreamer010-devel less than 0.10.4-11.17"/> 3109 <criterion test_ref="oval:org.opensuse.security:tst:2009040970" comment="gstreamer010-doc less than 0.10.4-11.17"/> 3110 <criterion test_ref="oval:org.opensuse.security:tst:2009040971" comment="gstreamer010 less than 0.10.4-11.17"/> 3111 <criterion test_ref="oval:org.opensuse.security:tst:2009040972" comment="gtk2-32bit less than 2.8.11-0.15"/> 3112 <criterion test_ref="oval:org.opensuse.security:tst:2009037767" comment="gtk2-devel less than 2.8.11-0.15"/> 3113 <criterion test_ref="oval:org.opensuse.security:tst:2009040973" comment="gtk2-doc less than 2.8.11-0.15"/> 3114 <criterion test_ref="oval:org.opensuse.security:tst:2009040974" comment="gtk2 less than 2.8.11-0.15"/> 3115 <criterion test_ref="oval:org.opensuse.security:tst:2009040975" comment="gtkhtml2-devel less than 3.10.0-15.15"/> 3116 <criterion test_ref="oval:org.opensuse.security:tst:2009040976" comment="gtkhtml2 less than 3.10.0-15.15"/> 3117 <criterion test_ref="oval:org.opensuse.security:tst:2009040977" comment="intltool less than 0.35.2-4.10"/> 3118 <criterion test_ref="oval:org.opensuse.security:tst:2009040978" comment="libgnomedb-devel less than 1.3.91-23.14"/> 3119 <criterion test_ref="oval:org.opensuse.security:tst:2009040979" comment="libgnomedb less than 1.3.91-23.14"/> 3120 <criterion test_ref="oval:org.opensuse.security:tst:2009040980" comment="libgnomesu-devel less than 1.0.0-32.24"/> 3121 <criterion test_ref="oval:org.opensuse.security:tst:2009040981" comment="libgnomesu less than 1.0.0-32.24"/> 3122 <criterion test_ref="oval:org.opensuse.security:tst:2009040982" comment="libgnomeui-32bit less than 2.12.1-0.13"/> 3123 <criterion test_ref="oval:org.opensuse.security:tst:2009040983" comment="libgnomeui-devel less than 2.12.1-0.13"/> 3124 <criterion test_ref="oval:org.opensuse.security:tst:2009040984" comment="libgnomeui-doc less than 2.12.1-0.13"/> 3125 <criterion test_ref="oval:org.opensuse.security:tst:2009040985" comment="libgnomeui less than 2.12.1-0.13"/> 3126 <criterion test_ref="oval:org.opensuse.security:tst:2009040986" comment="libgsf-32bit less than 1.13.99-13.13"/> 3127 <criterion test_ref="oval:org.opensuse.security:tst:2009040987" comment="libgsf-devel less than 1.13.99-13.13"/> 3128 <criterion test_ref="oval:org.opensuse.security:tst:2009040988" comment="libgsf-doc less than 1.13.99-13.13"/> 3129 <criterion test_ref="oval:org.opensuse.security:tst:2009040989" comment="libgsf-gnome less than 1.13.99-13.13"/> 3130 <criterion test_ref="oval:org.opensuse.security:tst:2009040990" comment="libgsf less than 1.13.99-13.13"/> 3131 <criterion test_ref="oval:org.opensuse.security:tst:2009040991" comment="libsoup-32bit less than 2.2.90-18.19"/> 3132 <criterion test_ref="oval:org.opensuse.security:tst:2009040992" comment="libsoup-devel-32bit less than 2.2.90-18.19"/> 3133 <criterion test_ref="oval:org.opensuse.security:tst:2009040993" comment="libsoup-devel less than 2.2.90-18.19"/> 3134 <criterion test_ref="oval:org.opensuse.security:tst:2009040994" comment="libsoup less than 2.2.90-18.19"/> 3135 <criterion test_ref="oval:org.opensuse.security:tst:2009040995" comment="mozilla-nspr-32bit less than 4.6.4-0.7"/> 3136 <criterion test_ref="oval:org.opensuse.security:tst:2009040996" comment="mozilla-nspr-devel less than 4.6.4-0.7"/> 3137 <criterion test_ref="oval:org.opensuse.security:tst:2009040997" comment="mozilla-nspr less than 4.6.4-0.7"/> 3138 <criterion test_ref="oval:org.opensuse.security:tst:2009040998" comment="nautilus-32bit less than 2.12.2-64.33"/> 3139 <criterion test_ref="oval:org.opensuse.security:tst:2009040999" comment="nautilus-devel less than 2.12.2-64.33"/> 3140 <criterion test_ref="oval:org.opensuse.security:tst:2009041000" comment="nautilus less than 2.12.2-64.33"/> 3141 <criterion test_ref="oval:org.opensuse.security:tst:2009041001" comment="vte-devel less than 0.11.17-0.11"/> 3142 <criterion test_ref="oval:org.opensuse.security:tst:2009041002" comment="vte less than 0.11.17-0.11"/> 3143 </criteria> 3144 </criteria> 3145 <!-- c0136d5f769f780ec791f2b7c698b64b --> 3146 <criteria operator="AND"> 3147 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 3148 <criterion test_ref="oval:org.opensuse.security:tst:2009037767" comment="gtk2-devel less than 2.8.11-0.15"/> 3149 </criteria> 3150 </criteria> 3151 </definition> 3152 <definition id="oval:org.opensuse.security:def:20070045" version="1" class="vulnerability"> 3153 <metadata> 3154 <title>CVE-2007-0045</title> 3155 <affected family="unix"> 3156 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 3157 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 3158 </affected> 3159 <reference ref_id="CVE-2007-0045" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0045" source="CVE"/> 3160 <description> 3161 Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)." 3162 </description> 3163 </metadata> 3164 <criteria operator="OR"> 3165 <!-- 538748b7a9bae219da3187e837f552ac --> 3166 <criteria operator="AND"> 3167 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 3168 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 3169 </criteria> 3170 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 3171 <criteria operator="AND"> 3172 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 3173 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 3174 </criteria> 3175 </criteria> 3176 </definition> 3177 <definition id="oval:org.opensuse.security:def:20070048" version="1" class="vulnerability"> 3178 <metadata> 3179 <title>CVE-2007-0048</title> 3180 <affected family="unix"> 3181 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 3182 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 3183 </affected> 3184 <reference ref_id="CVE-2007-0048" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0048" source="CVE"/> 3185 <description> 3186 Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long sequence of # (hash) characters appended to a PDF URL, related to a "cross-site scripting issue." 3187 </description> 3188 </metadata> 3189 <criteria operator="OR"> 3190 <!-- 538748b7a9bae219da3187e837f552ac --> 3191 <criteria operator="AND"> 3192 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 3193 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 3194 </criteria> 3195 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 3196 <criteria operator="AND"> 3197 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 3198 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 3199 </criteria> 3200 </criteria> 3201 </definition> 3202 <definition id="oval:org.opensuse.security:def:20070238" version="1" class="vulnerability"> 3203 <metadata> 3204 <title>CVE-2007-0238</title> 3205 <affected family="unix"> 3206 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 3207 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 3208 </affected> 3209 <reference ref_id="CVE-2007-0238" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0238" source="CVE"/> 3210 <description> 3211 Stack-based buffer overflow in filter\starcalc\scflt.cxx in the StarCalc parser in OpenOffice.org (OOo) Office Suite before 2.2, and 1.x before 1.1.5 Patch, allows user-assisted remote attackers to execute arbitrary code via a document with a long Note. 3212 </description> 3213 </metadata> 3214 <criteria operator="OR"> 3215 <!-- 3d9fcf4e5387ec9fc9096e15993ca12e --> 3216 <criteria operator="AND"> 3217 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 3218 <criteria operator="OR"> 3219 <criterion test_ref="oval:org.opensuse.security:tst:2009042506" comment="OpenOffice_org-af less than 2.1-0.21"/> 3220 <criterion test_ref="oval:org.opensuse.security:tst:2009042507" comment="OpenOffice_org-ar less than 2.1-0.21"/> 3221 <criterion test_ref="oval:org.opensuse.security:tst:2009042508" comment="OpenOffice_org-ca less than 2.1-0.21"/> 3222 <criterion test_ref="oval:org.opensuse.security:tst:2009042509" comment="OpenOffice_org-cs less than 2.1-0.21"/> 3223 <criterion test_ref="oval:org.opensuse.security:tst:2009042510" comment="OpenOffice_org-da less than 2.1-0.21"/> 3224 <criterion test_ref="oval:org.opensuse.security:tst:2009042511" comment="OpenOffice_org-de-templates less than 8.2-171.6"/> 3225 <criterion test_ref="oval:org.opensuse.security:tst:2009042512" comment="OpenOffice_org-de less than 2.1-0.21"/> 3226 <criterion test_ref="oval:org.opensuse.security:tst:2009042513" comment="OpenOffice_org-es less than 2.1-0.21"/> 3227 <criterion test_ref="oval:org.opensuse.security:tst:2009042514" comment="OpenOffice_org-fi less than 2.1-0.21"/> 3228 <criterion test_ref="oval:org.opensuse.security:tst:2009042515" comment="OpenOffice_org-fr less than 2.1-0.21"/> 3229 <criterion test_ref="oval:org.opensuse.security:tst:2009042516" comment="OpenOffice_org-galleries less than 2.1-0.21"/> 3230 <criterion test_ref="oval:org.opensuse.security:tst:2009042517" comment="OpenOffice_org-gnome less than 2.1-0.21"/> 3231 <criterion test_ref="oval:org.opensuse.security:tst:2009042518" comment="OpenOffice_org-gu-IN less than 2.1-0.21"/> 3232 <criterion test_ref="oval:org.opensuse.security:tst:2009042519" comment="OpenOffice_org-hi-IN less than 2.1-0.21"/> 3233 <criterion test_ref="oval:org.opensuse.security:tst:2009042520" comment="OpenOffice_org-hu less than 2.1-0.21"/> 3234 <criterion test_ref="oval:org.opensuse.security:tst:2009042521" comment="OpenOffice_org-it less than 2.1-0.21"/> 3235 <criterion test_ref="oval:org.opensuse.security:tst:2009042522" comment="OpenOffice_org-ja less than 2.1-0.21"/> 3236 <criterion test_ref="oval:org.opensuse.security:tst:2009042523" comment="OpenOffice_org-kde less than 2.1-0.21"/> 3237 <criterion test_ref="oval:org.opensuse.security:tst:2009042524" comment="OpenOffice_org-mono less than 2.1-0.21"/> 3238 <criterion test_ref="oval:org.opensuse.security:tst:2009042525" comment="OpenOffice_org-nb less than 2.1-0.21"/> 3239 <criterion test_ref="oval:org.opensuse.security:tst:2009042526" comment="OpenOffice_org-nl less than 2.1-0.21"/> 3240 <criterion test_ref="oval:org.opensuse.security:tst:2009042527" comment="OpenOffice_org-nld less than 2.1-0.21"/> 3241 <criterion test_ref="oval:org.opensuse.security:tst:2009042528" comment="OpenOffice_org-nn less than 2.1-0.21"/> 3242 <criterion test_ref="oval:org.opensuse.security:tst:2009042529" comment="OpenOffice_org-pl less than 2.1-0.21"/> 3243 <criterion test_ref="oval:org.opensuse.security:tst:2009042530" comment="OpenOffice_org-pt-BR less than 2.1-0.21"/> 3244 <criterion test_ref="oval:org.opensuse.security:tst:2009042531" comment="OpenOffice_org-ru less than 2.1-0.21"/> 3245 <criterion test_ref="oval:org.opensuse.security:tst:2009042532" comment="OpenOffice_org-sk less than 2.1-0.21"/> 3246 <criterion test_ref="oval:org.opensuse.security:tst:2009042533" comment="OpenOffice_org-sv less than 2.1-0.21"/> 3247 <criterion test_ref="oval:org.opensuse.security:tst:2009042534" comment="OpenOffice_org-xh less than 2.1-0.21"/> 3248 <criterion test_ref="oval:org.opensuse.security:tst:2009042535" comment="OpenOffice_org-zh-CN less than 2.1-0.21"/> 3249 <criterion test_ref="oval:org.opensuse.security:tst:2009042536" comment="OpenOffice_org-zh-TW less than 2.1-0.21"/> 3250 <criterion test_ref="oval:org.opensuse.security:tst:2009042537" comment="OpenOffice_org-zu less than 2.1-0.21"/> 3251 <criterion test_ref="oval:org.opensuse.security:tst:2009042538" comment="OpenOffice_org less than 2.1-0.21"/> 3252 </criteria> 3253 </criteria> 3254 <!-- f83d87195bba0229ac4b65c0cd41c27c --> 3255 <criteria operator="AND"> 3256 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 3257 <criteria operator="OR"> 3258 <criterion test_ref="oval:org.opensuse.security:tst:2009037827" comment="NetworkManager-devel less than 0.6.4-60.26"/> 3259 <criterion test_ref="oval:org.opensuse.security:tst:2009037828" comment="NetworkManager-glib less than 0.6.4-60.26"/> 3260 <criterion test_ref="oval:org.opensuse.security:tst:2009037829" comment="NetworkManager-gnome less than 0.6.4-60.26"/> 3261 <criterion test_ref="oval:org.opensuse.security:tst:2009037830" comment="NetworkManager-openvpn less than 0.3.2cvs20060202-20.25"/> 3262 <criterion test_ref="oval:org.opensuse.security:tst:2009037831" comment="NetworkManager-vpnc less than 0.5.0cvs20060202-19.30"/> 3263 <criterion test_ref="oval:org.opensuse.security:tst:2009037832" comment="NetworkManager less than 0.6.4-60.26"/> 3264 <criterion test_ref="oval:org.opensuse.security:tst:2009037833" comment="art-sharp less than 1.0.10-30.15"/> 3265 <criterion test_ref="oval:org.opensuse.security:tst:2009037834" comment="audit-libs-32bit less than 1.2.9-6.9"/> 3266 <criterion test_ref="oval:org.opensuse.security:tst:2009037835" comment="audit-libs-python less than 1.2.9-12.9"/> 3267 <criterion test_ref="oval:org.opensuse.security:tst:2009037836" comment="audit-libs less than 1.2.9-6.9"/> 3268 <criterion test_ref="oval:org.opensuse.security:tst:2009037837" comment="audit less than 1.2.9-6.9"/> 3269 <criterion test_ref="oval:org.opensuse.security:tst:2009037838" comment="beagle-evolution less than 0.2.16.3-1.13"/> 3270 <criterion test_ref="oval:org.opensuse.security:tst:2009037839" comment="beagle-firefox less than 0.2.16.3-1.13"/> 3271 <criterion test_ref="oval:org.opensuse.security:tst:2009037840" comment="beagle-gui less than 0.2.16.3-1.13"/> 3272 <criterion test_ref="oval:org.opensuse.security:tst:2009037841" comment="beagle less than 0.2.16.3-1.13"/> 3273 <criterion test_ref="oval:org.opensuse.security:tst:2009037842" comment="cifs-mount less than 3.0.24-2.23"/> 3274 <criterion test_ref="oval:org.opensuse.security:tst:2009037843" comment="compiz less than 0.4.0-0.21"/> 3275 <criterion test_ref="oval:org.opensuse.security:tst:2009037844" comment="contact-lookup-applet less than 0.13-21.14"/> 3276 <criterion test_ref="oval:org.opensuse.security:tst:2009037845" comment="dhcp-client less than 3.0.3-23.33"/> 3277 <criterion test_ref="oval:org.opensuse.security:tst:2009037846" comment="dhcp less than 3.0.3-23.33"/> 3278 <criterion test_ref="oval:org.opensuse.security:tst:2009037847" comment="dia less than 0.94-41.22"/> 3279 <criterion test_ref="oval:org.opensuse.security:tst:2009037848" comment="evolution-devel less than 2.6.0-49.55"/> 3280 <criterion test_ref="oval:org.opensuse.security:tst:2009037849" comment="evolution-exchange less than 2.6.0-27.34"/> 3281 <criterion test_ref="oval:org.opensuse.security:tst:2009037850" comment="evolution-pilot less than 2.6.0-49.55"/> 3282 <criterion test_ref="oval:org.opensuse.security:tst:2009037851" comment="evolution-webcal less than 2.4.1-18.14"/> 3283 <criterion test_ref="oval:org.opensuse.security:tst:2009037852" comment="evolution less than 2.6.0-49.55"/> 3284 <criterion test_ref="oval:org.opensuse.security:tst:2009037853" comment="f-spot less than 0.3.5-0.16"/> 3285 <criterion test_ref="oval:org.opensuse.security:tst:2009037854" comment="gaim-devel less than 1.5.0-50.17"/> 3286 <criterion test_ref="oval:org.opensuse.security:tst:2009037855" comment="gaim less than 1.5.0-50.17"/> 3287 <criterion test_ref="oval:org.opensuse.security:tst:2009037856" comment="gconf-sharp less than 1.0.10-30.15"/> 3288 <criterion test_ref="oval:org.opensuse.security:tst:2009037857" comment="gda-sharp less than 1.0.10-30.15"/> 3289 <criterion test_ref="oval:org.opensuse.security:tst:2009037858" comment="gdb less than 6.6-12.20"/> 3290 <criterion test_ref="oval:org.opensuse.security:tst:2009037859" comment="gftp less than 2.0.18-25.15"/> 3291 <criterion test_ref="oval:org.opensuse.security:tst:2009037860" comment="glade-sharp less than 1.0.10-30.15"/> 3292 <criterion test_ref="oval:org.opensuse.security:tst:2009037861" comment="glib-sharp less than 1.0.10-30.15"/> 3293 <criterion test_ref="oval:org.opensuse.security:tst:2009037862" comment="glib2-32bit less than 2.8.6-0.8"/> 3294 <criterion test_ref="oval:org.opensuse.security:tst:2009037863" comment="glib2-devel less than 2.8.6-0.8"/> 3295 <criterion test_ref="oval:org.opensuse.security:tst:2009037864" comment="glib2-doc less than 2.8.6-0.8"/> 3296 <criterion test_ref="oval:org.opensuse.security:tst:2009037865" comment="glib2 less than 2.8.6-0.8"/> 3297 <criterion test_ref="oval:org.opensuse.security:tst:2009037866" comment="gnome-backgrounds less than 2.12.3.1-0.8"/> 3298 <criterion test_ref="oval:org.opensuse.security:tst:2009037867" comment="gnome-filesystem less than 0.1-261.12"/> 3299 <criterion test_ref="oval:org.opensuse.security:tst:2009037868" comment="gnome-games less than 2.12.3-0.12"/> 3300 <criterion test_ref="oval:org.opensuse.security:tst:2009037869" comment="gnome-sharp less than 1.0.10-30.15"/> 3301 <criterion test_ref="oval:org.opensuse.security:tst:2009037870" comment="gnomedb-sharp less than 1.0.10-30.15"/> 3302 <criterion test_ref="oval:org.opensuse.security:tst:2009037871" comment="gnopernicus-devel less than 1.0.0-23.14"/> 3303 <criterion test_ref="oval:org.opensuse.security:tst:2009037872" comment="gnopernicus less than 1.0.0-23.14"/> 3304 <criterion test_ref="oval:org.opensuse.security:tst:2009037873" comment="gstreamer010-plugins-base-32bit less than 0.10.5-11.17"/> 3305 <criterion test_ref="oval:org.opensuse.security:tst:2009037874" comment="gstreamer010-plugins-base-devel less than 0.10.5-11.17"/> 3306 <criterion test_ref="oval:org.opensuse.security:tst:2009037875" comment="gstreamer010-plugins-base-doc less than 0.10.5-11.17"/> 3307 <criterion test_ref="oval:org.opensuse.security:tst:2009037876" comment="gstreamer010-plugins-base-oil-32bit less than 0.10.5-11.17"/> 3308 <criterion test_ref="oval:org.opensuse.security:tst:2009037877" comment="gstreamer010-plugins-base-oil less than 0.10.5-11.17"/> 3309 <criterion test_ref="oval:org.opensuse.security:tst:2009037878" comment="gstreamer010-plugins-base-visual-32bit less than 0.10.5-11.17"/> 3310 <criterion test_ref="oval:org.opensuse.security:tst:2009037879" comment="gstreamer010-plugins-base-visual less than 0.10.5-11.17"/> 3311 <criterion test_ref="oval:org.opensuse.security:tst:2009037880" comment="gstreamer010-plugins-base less than 0.10.5-11.17"/> 3312 <criterion test_ref="oval:org.opensuse.security:tst:2009037881" comment="gtk-sharp-32bit less than 1.0.10-30.15"/> 3313 <criterion test_ref="oval:org.opensuse.security:tst:2009037882" comment="gtk-sharp-complete less than 1.0.10-30.15"/> 3314 <criterion test_ref="oval:org.opensuse.security:tst:2009037883" comment="gtk-sharp-gapi less than 1.0.10-30.15"/> 3315 <criterion test_ref="oval:org.opensuse.security:tst:2009037884" comment="gtk-sharp less than 1.0.10-30.15"/> 3316 <criterion test_ref="oval:org.opensuse.security:tst:2009037885" comment="gtkhtml-sharp less than 1.0.10-30.15"/> 3317 <criterion test_ref="oval:org.opensuse.security:tst:2009037886" comment="helix-dbus-server less than 0.4.0-0.10"/> 3318 <criterion test_ref="oval:org.opensuse.security:tst:2009037887" comment="inkscape less than 0.43-20.15"/> 3319 <criterion test_ref="oval:org.opensuse.security:tst:2009037888" comment="libbeagle-32bit less than 0.2.16.3-1.12"/> 3320 <criterion test_ref="oval:org.opensuse.security:tst:2009037889" comment="libbeagle-devel less than 0.2.16.3-1.12"/> 3321 <criterion test_ref="oval:org.opensuse.security:tst:2009037890" comment="libbeagle less than 0.2.16.3-1.12"/> 3322 <criterion test_ref="oval:org.opensuse.security:tst:2009037891" comment="libgail-gnome-devel less than 1.1.3-41.13"/> 3323 <criterion test_ref="oval:org.opensuse.security:tst:2009037892" comment="libgail-gnome less than 1.1.3-41.13"/> 3324 <criterion test_ref="oval:org.opensuse.security:tst:2009037893" comment="libgdiplus less than 1.2.2-13.13"/> 3325 <criterion test_ref="oval:org.opensuse.security:tst:2009037894" comment="libipoddevice-32bit less than 0.5.2-1.17"/> 3326 <criterion test_ref="oval:org.opensuse.security:tst:2009037895" comment="libipoddevice less than 0.5.2-1.17"/> 3327 <criterion test_ref="oval:org.opensuse.security:tst:2009037896" comment="libsmbclient-32bit less than 3.0.24-2.23"/> 3328 <criterion test_ref="oval:org.opensuse.security:tst:2009037897" comment="libsmbclient-devel less than 3.0.24-2.23"/> 3329 <criterion test_ref="oval:org.opensuse.security:tst:2009037898" comment="libsmbclient less than 3.0.24-2.23"/> 3330 <criterion test_ref="oval:org.opensuse.security:tst:2009037899" comment="libtool-32bit less than 1.5.22-13.12"/> 3331 <criterion test_ref="oval:org.opensuse.security:tst:2009037900" comment="libtool less than 1.5.22-13.12"/> 3332 <criterion test_ref="oval:org.opensuse.security:tst:2009037901" comment="linphone-applet less than 1.2.0-16.14"/> 3333 <criterion test_ref="oval:org.opensuse.security:tst:2009037902" comment="linphone less than 1.2.0-16.14"/> 3334 <criterion test_ref="oval:org.opensuse.security:tst:2009037903" comment="openobex-devel less than 1.3-28.7"/> 3335 <criterion test_ref="oval:org.opensuse.security:tst:2009037904" comment="openobex less than 1.3-28.7"/> 3336 <criterion test_ref="oval:org.opensuse.security:tst:2009037905" comment="planner-devel less than 0.14.1-24.12"/> 3337 <criterion test_ref="oval:org.opensuse.security:tst:2009037906" comment="planner less than 0.14.1-24.12"/> 3338 <criterion test_ref="oval:org.opensuse.security:tst:2009037907" comment="pwlib-devel less than 1.10.4-0.10"/> 3339 <criterion test_ref="oval:org.opensuse.security:tst:2009037908" comment="pwlib less than 1.10.4-0.10"/> 3340 <criterion test_ref="oval:org.opensuse.security:tst:2009037909" comment="resapplet less than 0.1.4-5.20"/> 3341 <criterion test_ref="oval:org.opensuse.security:tst:2009037910" comment="rsvg-sharp less than 1.0.10-30.15"/> 3342 <criterion test_ref="oval:org.opensuse.security:tst:2009037911" comment="sabayon-admin less than 2.12.3-21.29"/> 3343 <criterion test_ref="oval:org.opensuse.security:tst:2009037912" comment="sabayon less than 2.12.3-21.29"/> 3344 <criterion test_ref="oval:org.opensuse.security:tst:2009037913" comment="samba-32bit less than 3.0.24-2.23"/> 3345 <criterion test_ref="oval:org.opensuse.security:tst:2009037914" comment="samba-client-32bit less than 3.0.24-2.23"/> 3346 <criterion test_ref="oval:org.opensuse.security:tst:2009037915" comment="samba-client less than 3.0.24-2.23"/> 3347 <criterion test_ref="oval:org.opensuse.security:tst:2009037916" comment="samba-doc less than 3.0.24-2.23"/> 3348 <criterion test_ref="oval:org.opensuse.security:tst:2009037917" comment="samba-krb-printing less than 3.0.24-2.23"/> 3349 <criterion test_ref="oval:org.opensuse.security:tst:2009037918" comment="samba-pdb less than 3.0.24-2.23"/> 3350 <criterion test_ref="oval:org.opensuse.security:tst:2009037919" comment="samba-vscan less than 0.3.6b-42.49"/> 3351 <criterion test_ref="oval:org.opensuse.security:tst:2009037920" comment="samba-winbind-32bit less than 3.0.24-2.23"/> 3352 <criterion test_ref="oval:org.opensuse.security:tst:2009037921" comment="samba-winbind less than 3.0.24-2.23"/> 3353 <criterion test_ref="oval:org.opensuse.security:tst:2009037922" comment="samba less than 3.0.24-2.23"/> 3354 <criterion test_ref="oval:org.opensuse.security:tst:2009037923" comment="tomboy less than 0.6.0-0.21"/> 3355 <criterion test_ref="oval:org.opensuse.security:tst:2009037924" comment="vte-sharp less than 1.0.10-30.15"/> 3356 <criterion test_ref="oval:org.opensuse.security:tst:2009037925" comment="wbxml2 less than 0.9.0-18.10"/> 3357 <criterion test_ref="oval:org.opensuse.security:tst:2009037926" comment="xgl-hardware-list less than 070326-0.5"/> 3358 <criterion test_ref="oval:org.opensuse.security:tst:2009037927" comment="xgl less than cvs_060522-0.32"/> 3359 </criteria> 3360 </criteria> 3361 </criteria> 3362 </definition> 3363 <definition id="oval:org.opensuse.security:def:20070239" version="1" class="vulnerability"> 3364 <metadata> 3365 <title>CVE-2007-0239</title> 3366 <affected family="unix"> 3367 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 3368 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 3369 </affected> 3370 <reference ref_id="CVE-2007-0239" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0239" source="CVE"/> 3371 <description> 3372 OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document. 3373 </description> 3374 </metadata> 3375 <criteria operator="OR"> 3376 <!-- 3d9fcf4e5387ec9fc9096e15993ca12e --> 3377 <criteria operator="AND"> 3378 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 3379 <criteria operator="OR"> 3380 <criterion test_ref="oval:org.opensuse.security:tst:2009042506" comment="OpenOffice_org-af less than 2.1-0.21"/> 3381 <criterion test_ref="oval:org.opensuse.security:tst:2009042507" comment="OpenOffice_org-ar less than 2.1-0.21"/> 3382 <criterion test_ref="oval:org.opensuse.security:tst:2009042508" comment="OpenOffice_org-ca less than 2.1-0.21"/> 3383 <criterion test_ref="oval:org.opensuse.security:tst:2009042509" comment="OpenOffice_org-cs less than 2.1-0.21"/> 3384 <criterion test_ref="oval:org.opensuse.security:tst:2009042510" comment="OpenOffice_org-da less than 2.1-0.21"/> 3385 <criterion test_ref="oval:org.opensuse.security:tst:2009042511" comment="OpenOffice_org-de-templates less than 8.2-171.6"/> 3386 <criterion test_ref="oval:org.opensuse.security:tst:2009042512" comment="OpenOffice_org-de less than 2.1-0.21"/> 3387 <criterion test_ref="oval:org.opensuse.security:tst:2009042513" comment="OpenOffice_org-es less than 2.1-0.21"/> 3388 <criterion test_ref="oval:org.opensuse.security:tst:2009042514" comment="OpenOffice_org-fi less than 2.1-0.21"/> 3389 <criterion test_ref="oval:org.opensuse.security:tst:2009042515" comment="OpenOffice_org-fr less than 2.1-0.21"/> 3390 <criterion test_ref="oval:org.opensuse.security:tst:2009042516" comment="OpenOffice_org-galleries less than 2.1-0.21"/> 3391 <criterion test_ref="oval:org.opensuse.security:tst:2009042517" comment="OpenOffice_org-gnome less than 2.1-0.21"/> 3392 <criterion test_ref="oval:org.opensuse.security:tst:2009042518" comment="OpenOffice_org-gu-IN less than 2.1-0.21"/> 3393 <criterion test_ref="oval:org.opensuse.security:tst:2009042519" comment="OpenOffice_org-hi-IN less than 2.1-0.21"/> 3394 <criterion test_ref="oval:org.opensuse.security:tst:2009042520" comment="OpenOffice_org-hu less than 2.1-0.21"/> 3395 <criterion test_ref="oval:org.opensuse.security:tst:2009042521" comment="OpenOffice_org-it less than 2.1-0.21"/> 3396 <criterion test_ref="oval:org.opensuse.security:tst:2009042522" comment="OpenOffice_org-ja less than 2.1-0.21"/> 3397 <criterion test_ref="oval:org.opensuse.security:tst:2009042523" comment="OpenOffice_org-kde less than 2.1-0.21"/> 3398 <criterion test_ref="oval:org.opensuse.security:tst:2009042524" comment="OpenOffice_org-mono less than 2.1-0.21"/> 3399 <criterion test_ref="oval:org.opensuse.security:tst:2009042525" comment="OpenOffice_org-nb less than 2.1-0.21"/> 3400 <criterion test_ref="oval:org.opensuse.security:tst:2009042526" comment="OpenOffice_org-nl less than 2.1-0.21"/> 3401 <criterion test_ref="oval:org.opensuse.security:tst:2009042527" comment="OpenOffice_org-nld less than 2.1-0.21"/> 3402 <criterion test_ref="oval:org.opensuse.security:tst:2009042528" comment="OpenOffice_org-nn less than 2.1-0.21"/> 3403 <criterion test_ref="oval:org.opensuse.security:tst:2009042529" comment="OpenOffice_org-pl less than 2.1-0.21"/> 3404 <criterion test_ref="oval:org.opensuse.security:tst:2009042530" comment="OpenOffice_org-pt-BR less than 2.1-0.21"/> 3405 <criterion test_ref="oval:org.opensuse.security:tst:2009042531" comment="OpenOffice_org-ru less than 2.1-0.21"/> 3406 <criterion test_ref="oval:org.opensuse.security:tst:2009042532" comment="OpenOffice_org-sk less than 2.1-0.21"/> 3407 <criterion test_ref="oval:org.opensuse.security:tst:2009042533" comment="OpenOffice_org-sv less than 2.1-0.21"/> 3408 <criterion test_ref="oval:org.opensuse.security:tst:2009042534" comment="OpenOffice_org-xh less than 2.1-0.21"/> 3409 <criterion test_ref="oval:org.opensuse.security:tst:2009042535" comment="OpenOffice_org-zh-CN less than 2.1-0.21"/> 3410 <criterion test_ref="oval:org.opensuse.security:tst:2009042536" comment="OpenOffice_org-zh-TW less than 2.1-0.21"/> 3411 <criterion test_ref="oval:org.opensuse.security:tst:2009042537" comment="OpenOffice_org-zu less than 2.1-0.21"/> 3412 <criterion test_ref="oval:org.opensuse.security:tst:2009042538" comment="OpenOffice_org less than 2.1-0.21"/> 3413 </criteria> 3414 </criteria> 3415 <!-- f83d87195bba0229ac4b65c0cd41c27c --> 3416 <criteria operator="AND"> 3417 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 3418 <criteria operator="OR"> 3419 <criterion test_ref="oval:org.opensuse.security:tst:2009037827" comment="NetworkManager-devel less than 0.6.4-60.26"/> 3420 <criterion test_ref="oval:org.opensuse.security:tst:2009037828" comment="NetworkManager-glib less than 0.6.4-60.26"/> 3421 <criterion test_ref="oval:org.opensuse.security:tst:2009037829" comment="NetworkManager-gnome less than 0.6.4-60.26"/> 3422 <criterion test_ref="oval:org.opensuse.security:tst:2009037830" comment="NetworkManager-openvpn less than 0.3.2cvs20060202-20.25"/> 3423 <criterion test_ref="oval:org.opensuse.security:tst:2009037831" comment="NetworkManager-vpnc less than 0.5.0cvs20060202-19.30"/> 3424 <criterion test_ref="oval:org.opensuse.security:tst:2009037832" comment="NetworkManager less than 0.6.4-60.26"/> 3425 <criterion test_ref="oval:org.opensuse.security:tst:2009037833" comment="art-sharp less than 1.0.10-30.15"/> 3426 <criterion test_ref="oval:org.opensuse.security:tst:2009037834" comment="audit-libs-32bit less than 1.2.9-6.9"/> 3427 <criterion test_ref="oval:org.opensuse.security:tst:2009037835" comment="audit-libs-python less than 1.2.9-12.9"/> 3428 <criterion test_ref="oval:org.opensuse.security:tst:2009037836" comment="audit-libs less than 1.2.9-6.9"/> 3429 <criterion test_ref="oval:org.opensuse.security:tst:2009037837" comment="audit less than 1.2.9-6.9"/> 3430 <criterion test_ref="oval:org.opensuse.security:tst:2009037838" comment="beagle-evolution less than 0.2.16.3-1.13"/> 3431 <criterion test_ref="oval:org.opensuse.security:tst:2009037839" comment="beagle-firefox less than 0.2.16.3-1.13"/> 3432 <criterion test_ref="oval:org.opensuse.security:tst:2009037840" comment="beagle-gui less than 0.2.16.3-1.13"/> 3433 <criterion test_ref="oval:org.opensuse.security:tst:2009037841" comment="beagle less than 0.2.16.3-1.13"/> 3434 <criterion test_ref="oval:org.opensuse.security:tst:2009037842" comment="cifs-mount less than 3.0.24-2.23"/> 3435 <criterion test_ref="oval:org.opensuse.security:tst:2009037843" comment="compiz less than 0.4.0-0.21"/> 3436 <criterion test_ref="oval:org.opensuse.security:tst:2009037844" comment="contact-lookup-applet less than 0.13-21.14"/> 3437 <criterion test_ref="oval:org.opensuse.security:tst:2009037845" comment="dhcp-client less than 3.0.3-23.33"/> 3438 <criterion test_ref="oval:org.opensuse.security:tst:2009037846" comment="dhcp less than 3.0.3-23.33"/> 3439 <criterion test_ref="oval:org.opensuse.security:tst:2009037847" comment="dia less than 0.94-41.22"/> 3440 <criterion test_ref="oval:org.opensuse.security:tst:2009037848" comment="evolution-devel less than 2.6.0-49.55"/> 3441 <criterion test_ref="oval:org.opensuse.security:tst:2009037849" comment="evolution-exchange less than 2.6.0-27.34"/> 3442 <criterion test_ref="oval:org.opensuse.security:tst:2009037850" comment="evolution-pilot less than 2.6.0-49.55"/> 3443 <criterion test_ref="oval:org.opensuse.security:tst:2009037851" comment="evolution-webcal less than 2.4.1-18.14"/> 3444 <criterion test_ref="oval:org.opensuse.security:tst:2009037852" comment="evolution less than 2.6.0-49.55"/> 3445 <criterion test_ref="oval:org.opensuse.security:tst:2009037853" comment="f-spot less than 0.3.5-0.16"/> 3446 <criterion test_ref="oval:org.opensuse.security:tst:2009037854" comment="gaim-devel less than 1.5.0-50.17"/> 3447 <criterion test_ref="oval:org.opensuse.security:tst:2009037855" comment="gaim less than 1.5.0-50.17"/> 3448 <criterion test_ref="oval:org.opensuse.security:tst:2009037856" comment="gconf-sharp less than 1.0.10-30.15"/> 3449 <criterion test_ref="oval:org.opensuse.security:tst:2009037857" comment="gda-sharp less than 1.0.10-30.15"/> 3450 <criterion test_ref="oval:org.opensuse.security:tst:2009037858" comment="gdb less than 6.6-12.20"/> 3451 <criterion test_ref="oval:org.opensuse.security:tst:2009037859" comment="gftp less than 2.0.18-25.15"/> 3452 <criterion test_ref="oval:org.opensuse.security:tst:2009037860" comment="glade-sharp less than 1.0.10-30.15"/> 3453 <criterion test_ref="oval:org.opensuse.security:tst:2009037861" comment="glib-sharp less than 1.0.10-30.15"/> 3454 <criterion test_ref="oval:org.opensuse.security:tst:2009037862" comment="glib2-32bit less than 2.8.6-0.8"/> 3455 <criterion test_ref="oval:org.opensuse.security:tst:2009037863" comment="glib2-devel less than 2.8.6-0.8"/> 3456 <criterion test_ref="oval:org.opensuse.security:tst:2009037864" comment="glib2-doc less than 2.8.6-0.8"/> 3457 <criterion test_ref="oval:org.opensuse.security:tst:2009037865" comment="glib2 less than 2.8.6-0.8"/> 3458 <criterion test_ref="oval:org.opensuse.security:tst:2009037866" comment="gnome-backgrounds less than 2.12.3.1-0.8"/> 3459 <criterion test_ref="oval:org.opensuse.security:tst:2009037867" comment="gnome-filesystem less than 0.1-261.12"/> 3460 <criterion test_ref="oval:org.opensuse.security:tst:2009037868" comment="gnome-games less than 2.12.3-0.12"/> 3461 <criterion test_ref="oval:org.opensuse.security:tst:2009037869" comment="gnome-sharp less than 1.0.10-30.15"/> 3462 <criterion test_ref="oval:org.opensuse.security:tst:2009037870" comment="gnomedb-sharp less than 1.0.10-30.15"/> 3463 <criterion test_ref="oval:org.opensuse.security:tst:2009037871" comment="gnopernicus-devel less than 1.0.0-23.14"/> 3464 <criterion test_ref="oval:org.opensuse.security:tst:2009037872" comment="gnopernicus less than 1.0.0-23.14"/> 3465 <criterion test_ref="oval:org.opensuse.security:tst:2009037873" comment="gstreamer010-plugins-base-32bit less than 0.10.5-11.17"/> 3466 <criterion test_ref="oval:org.opensuse.security:tst:2009037874" comment="gstreamer010-plugins-base-devel less than 0.10.5-11.17"/> 3467 <criterion test_ref="oval:org.opensuse.security:tst:2009037875" comment="gstreamer010-plugins-base-doc less than 0.10.5-11.17"/> 3468 <criterion test_ref="oval:org.opensuse.security:tst:2009037876" comment="gstreamer010-plugins-base-oil-32bit less than 0.10.5-11.17"/> 3469 <criterion test_ref="oval:org.opensuse.security:tst:2009037877" comment="gstreamer010-plugins-base-oil less than 0.10.5-11.17"/> 3470 <criterion test_ref="oval:org.opensuse.security:tst:2009037878" comment="gstreamer010-plugins-base-visual-32bit less than 0.10.5-11.17"/> 3471 <criterion test_ref="oval:org.opensuse.security:tst:2009037879" comment="gstreamer010-plugins-base-visual less than 0.10.5-11.17"/> 3472 <criterion test_ref="oval:org.opensuse.security:tst:2009037880" comment="gstreamer010-plugins-base less than 0.10.5-11.17"/> 3473 <criterion test_ref="oval:org.opensuse.security:tst:2009037881" comment="gtk-sharp-32bit less than 1.0.10-30.15"/> 3474 <criterion test_ref="oval:org.opensuse.security:tst:2009037882" comment="gtk-sharp-complete less than 1.0.10-30.15"/> 3475 <criterion test_ref="oval:org.opensuse.security:tst:2009037883" comment="gtk-sharp-gapi less than 1.0.10-30.15"/> 3476 <criterion test_ref="oval:org.opensuse.security:tst:2009037884" comment="gtk-sharp less than 1.0.10-30.15"/> 3477 <criterion test_ref="oval:org.opensuse.security:tst:2009037885" comment="gtkhtml-sharp less than 1.0.10-30.15"/> 3478 <criterion test_ref="oval:org.opensuse.security:tst:2009037886" comment="helix-dbus-server less than 0.4.0-0.10"/> 3479 <criterion test_ref="oval:org.opensuse.security:tst:2009037887" comment="inkscape less than 0.43-20.15"/> 3480 <criterion test_ref="oval:org.opensuse.security:tst:2009037888" comment="libbeagle-32bit less than 0.2.16.3-1.12"/> 3481 <criterion test_ref="oval:org.opensuse.security:tst:2009037889" comment="libbeagle-devel less than 0.2.16.3-1.12"/> 3482 <criterion test_ref="oval:org.opensuse.security:tst:2009037890" comment="libbeagle less than 0.2.16.3-1.12"/> 3483 <criterion test_ref="oval:org.opensuse.security:tst:2009037891" comment="libgail-gnome-devel less than 1.1.3-41.13"/> 3484 <criterion test_ref="oval:org.opensuse.security:tst:2009037892" comment="libgail-gnome less than 1.1.3-41.13"/> 3485 <criterion test_ref="oval:org.opensuse.security:tst:2009037893" comment="libgdiplus less than 1.2.2-13.13"/> 3486 <criterion test_ref="oval:org.opensuse.security:tst:2009037894" comment="libipoddevice-32bit less than 0.5.2-1.17"/> 3487 <criterion test_ref="oval:org.opensuse.security:tst:2009037895" comment="libipoddevice less than 0.5.2-1.17"/> 3488 <criterion test_ref="oval:org.opensuse.security:tst:2009037896" comment="libsmbclient-32bit less than 3.0.24-2.23"/> 3489 <criterion test_ref="oval:org.opensuse.security:tst:2009037897" comment="libsmbclient-devel less than 3.0.24-2.23"/> 3490 <criterion test_ref="oval:org.opensuse.security:tst:2009037898" comment="libsmbclient less than 3.0.24-2.23"/> 3491 <criterion test_ref="oval:org.opensuse.security:tst:2009037899" comment="libtool-32bit less than 1.5.22-13.12"/> 3492 <criterion test_ref="oval:org.opensuse.security:tst:2009037900" comment="libtool less than 1.5.22-13.12"/> 3493 <criterion test_ref="oval:org.opensuse.security:tst:2009037901" comment="linphone-applet less than 1.2.0-16.14"/> 3494 <criterion test_ref="oval:org.opensuse.security:tst:2009037902" comment="linphone less than 1.2.0-16.14"/> 3495 <criterion test_ref="oval:org.opensuse.security:tst:2009037903" comment="openobex-devel less than 1.3-28.7"/> 3496 <criterion test_ref="oval:org.opensuse.security:tst:2009037904" comment="openobex less than 1.3-28.7"/> 3497 <criterion test_ref="oval:org.opensuse.security:tst:2009037905" comment="planner-devel less than 0.14.1-24.12"/> 3498 <criterion test_ref="oval:org.opensuse.security:tst:2009037906" comment="planner less than 0.14.1-24.12"/> 3499 <criterion test_ref="oval:org.opensuse.security:tst:2009037907" comment="pwlib-devel less than 1.10.4-0.10"/> 3500 <criterion test_ref="oval:org.opensuse.security:tst:2009037908" comment="pwlib less than 1.10.4-0.10"/> 3501 <criterion test_ref="oval:org.opensuse.security:tst:2009037909" comment="resapplet less than 0.1.4-5.20"/> 3502 <criterion test_ref="oval:org.opensuse.security:tst:2009037910" comment="rsvg-sharp less than 1.0.10-30.15"/> 3503 <criterion test_ref="oval:org.opensuse.security:tst:2009037911" comment="sabayon-admin less than 2.12.3-21.29"/> 3504 <criterion test_ref="oval:org.opensuse.security:tst:2009037912" comment="sabayon less than 2.12.3-21.29"/> 3505 <criterion test_ref="oval:org.opensuse.security:tst:2009037913" comment="samba-32bit less than 3.0.24-2.23"/> 3506 <criterion test_ref="oval:org.opensuse.security:tst:2009037914" comment="samba-client-32bit less than 3.0.24-2.23"/> 3507 <criterion test_ref="oval:org.opensuse.security:tst:2009037915" comment="samba-client less than 3.0.24-2.23"/> 3508 <criterion test_ref="oval:org.opensuse.security:tst:2009037916" comment="samba-doc less than 3.0.24-2.23"/> 3509 <criterion test_ref="oval:org.opensuse.security:tst:2009037917" comment="samba-krb-printing less than 3.0.24-2.23"/> 3510 <criterion test_ref="oval:org.opensuse.security:tst:2009037918" comment="samba-pdb less than 3.0.24-2.23"/> 3511 <criterion test_ref="oval:org.opensuse.security:tst:2009037919" comment="samba-vscan less than 0.3.6b-42.49"/> 3512 <criterion test_ref="oval:org.opensuse.security:tst:2009037920" comment="samba-winbind-32bit less than 3.0.24-2.23"/> 3513 <criterion test_ref="oval:org.opensuse.security:tst:2009037921" comment="samba-winbind less than 3.0.24-2.23"/> 3514 <criterion test_ref="oval:org.opensuse.security:tst:2009037922" comment="samba less than 3.0.24-2.23"/> 3515 <criterion test_ref="oval:org.opensuse.security:tst:2009037923" comment="tomboy less than 0.6.0-0.21"/> 3516 <criterion test_ref="oval:org.opensuse.security:tst:2009037924" comment="vte-sharp less than 1.0.10-30.15"/> 3517 <criterion test_ref="oval:org.opensuse.security:tst:2009037925" comment="wbxml2 less than 0.9.0-18.10"/> 3518 <criterion test_ref="oval:org.opensuse.security:tst:2009037926" comment="xgl-hardware-list less than 070326-0.5"/> 3519 <criterion test_ref="oval:org.opensuse.security:tst:2009037927" comment="xgl less than cvs_060522-0.32"/> 3520 </criteria> 3521 </criteria> 3522 </criteria> 3523 </definition> 3524 <definition id="oval:org.opensuse.security:def:20070452" version="1" class="vulnerability"> 3525 <metadata> 3526 <title>CVE-2007-0452</title> 3527 <affected family="unix"> 3528 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 3529 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 3530 </affected> 3531 <reference ref_id="CVE-2007-0452" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0452" source="CVE"/> 3532 <description> 3533 smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop. 3534 </description> 3535 </metadata> 3536 <!-- f83d87195bba0229ac4b65c0cd41c27c --> 3537 <criteria operator="AND"> 3538 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 3539 <criteria operator="OR"> 3540 <criterion test_ref="oval:org.opensuse.security:tst:2009037827" comment="NetworkManager-devel less than 0.6.4-60.26"/> 3541 <criterion test_ref="oval:org.opensuse.security:tst:2009037828" comment="NetworkManager-glib less than 0.6.4-60.26"/> 3542 <criterion test_ref="oval:org.opensuse.security:tst:2009037829" comment="NetworkManager-gnome less than 0.6.4-60.26"/> 3543 <criterion test_ref="oval:org.opensuse.security:tst:2009037830" comment="NetworkManager-openvpn less than 0.3.2cvs20060202-20.25"/> 3544 <criterion test_ref="oval:org.opensuse.security:tst:2009037831" comment="NetworkManager-vpnc less than 0.5.0cvs20060202-19.30"/> 3545 <criterion test_ref="oval:org.opensuse.security:tst:2009037832" comment="NetworkManager less than 0.6.4-60.26"/> 3546 <criterion test_ref="oval:org.opensuse.security:tst:2009037833" comment="art-sharp less than 1.0.10-30.15"/> 3547 <criterion test_ref="oval:org.opensuse.security:tst:2009037834" comment="audit-libs-32bit less than 1.2.9-6.9"/> 3548 <criterion test_ref="oval:org.opensuse.security:tst:2009037835" comment="audit-libs-python less than 1.2.9-12.9"/> 3549 <criterion test_ref="oval:org.opensuse.security:tst:2009037836" comment="audit-libs less than 1.2.9-6.9"/> 3550 <criterion test_ref="oval:org.opensuse.security:tst:2009037837" comment="audit less than 1.2.9-6.9"/> 3551 <criterion test_ref="oval:org.opensuse.security:tst:2009037838" comment="beagle-evolution less than 0.2.16.3-1.13"/> 3552 <criterion test_ref="oval:org.opensuse.security:tst:2009037839" comment="beagle-firefox less than 0.2.16.3-1.13"/> 3553 <criterion test_ref="oval:org.opensuse.security:tst:2009037840" comment="beagle-gui less than 0.2.16.3-1.13"/> 3554 <criterion test_ref="oval:org.opensuse.security:tst:2009037841" comment="beagle less than 0.2.16.3-1.13"/> 3555 <criterion test_ref="oval:org.opensuse.security:tst:2009037842" comment="cifs-mount less than 3.0.24-2.23"/> 3556 <criterion test_ref="oval:org.opensuse.security:tst:2009037843" comment="compiz less than 0.4.0-0.21"/> 3557 <criterion test_ref="oval:org.opensuse.security:tst:2009037844" comment="contact-lookup-applet less than 0.13-21.14"/> 3558 <criterion test_ref="oval:org.opensuse.security:tst:2009037845" comment="dhcp-client less than 3.0.3-23.33"/> 3559 <criterion test_ref="oval:org.opensuse.security:tst:2009037846" comment="dhcp less than 3.0.3-23.33"/> 3560 <criterion test_ref="oval:org.opensuse.security:tst:2009037847" comment="dia less than 0.94-41.22"/> 3561 <criterion test_ref="oval:org.opensuse.security:tst:2009037848" comment="evolution-devel less than 2.6.0-49.55"/> 3562 <criterion test_ref="oval:org.opensuse.security:tst:2009037849" comment="evolution-exchange less than 2.6.0-27.34"/> 3563 <criterion test_ref="oval:org.opensuse.security:tst:2009037850" comment="evolution-pilot less than 2.6.0-49.55"/> 3564 <criterion test_ref="oval:org.opensuse.security:tst:2009037851" comment="evolution-webcal less than 2.4.1-18.14"/> 3565 <criterion test_ref="oval:org.opensuse.security:tst:2009037852" comment="evolution less than 2.6.0-49.55"/> 3566 <criterion test_ref="oval:org.opensuse.security:tst:2009037853" comment="f-spot less than 0.3.5-0.16"/> 3567 <criterion test_ref="oval:org.opensuse.security:tst:2009037854" comment="gaim-devel less than 1.5.0-50.17"/> 3568 <criterion test_ref="oval:org.opensuse.security:tst:2009037855" comment="gaim less than 1.5.0-50.17"/> 3569 <criterion test_ref="oval:org.opensuse.security:tst:2009037856" comment="gconf-sharp less than 1.0.10-30.15"/> 3570 <criterion test_ref="oval:org.opensuse.security:tst:2009037857" comment="gda-sharp less than 1.0.10-30.15"/> 3571 <criterion test_ref="oval:org.opensuse.security:tst:2009037858" comment="gdb less than 6.6-12.20"/> 3572 <criterion test_ref="oval:org.opensuse.security:tst:2009037859" comment="gftp less than 2.0.18-25.15"/> 3573 <criterion test_ref="oval:org.opensuse.security:tst:2009037860" comment="glade-sharp less than 1.0.10-30.15"/> 3574 <criterion test_ref="oval:org.opensuse.security:tst:2009037861" comment="glib-sharp less than 1.0.10-30.15"/> 3575 <criterion test_ref="oval:org.opensuse.security:tst:2009037862" comment="glib2-32bit less than 2.8.6-0.8"/> 3576 <criterion test_ref="oval:org.opensuse.security:tst:2009037863" comment="glib2-devel less than 2.8.6-0.8"/> 3577 <criterion test_ref="oval:org.opensuse.security:tst:2009037864" comment="glib2-doc less than 2.8.6-0.8"/> 3578 <criterion test_ref="oval:org.opensuse.security:tst:2009037865" comment="glib2 less than 2.8.6-0.8"/> 3579 <criterion test_ref="oval:org.opensuse.security:tst:2009037866" comment="gnome-backgrounds less than 2.12.3.1-0.8"/> 3580 <criterion test_ref="oval:org.opensuse.security:tst:2009037867" comment="gnome-filesystem less than 0.1-261.12"/> 3581 <criterion test_ref="oval:org.opensuse.security:tst:2009037868" comment="gnome-games less than 2.12.3-0.12"/> 3582 <criterion test_ref="oval:org.opensuse.security:tst:2009037869" comment="gnome-sharp less than 1.0.10-30.15"/> 3583 <criterion test_ref="oval:org.opensuse.security:tst:2009037870" comment="gnomedb-sharp less than 1.0.10-30.15"/> 3584 <criterion test_ref="oval:org.opensuse.security:tst:2009037871" comment="gnopernicus-devel less than 1.0.0-23.14"/> 3585 <criterion test_ref="oval:org.opensuse.security:tst:2009037872" comment="gnopernicus less than 1.0.0-23.14"/> 3586 <criterion test_ref="oval:org.opensuse.security:tst:2009037873" comment="gstreamer010-plugins-base-32bit less than 0.10.5-11.17"/> 3587 <criterion test_ref="oval:org.opensuse.security:tst:2009037874" comment="gstreamer010-plugins-base-devel less than 0.10.5-11.17"/> 3588 <criterion test_ref="oval:org.opensuse.security:tst:2009037875" comment="gstreamer010-plugins-base-doc less than 0.10.5-11.17"/> 3589 <criterion test_ref="oval:org.opensuse.security:tst:2009037876" comment="gstreamer010-plugins-base-oil-32bit less than 0.10.5-11.17"/> 3590 <criterion test_ref="oval:org.opensuse.security:tst:2009037877" comment="gstreamer010-plugins-base-oil less than 0.10.5-11.17"/> 3591 <criterion test_ref="oval:org.opensuse.security:tst:2009037878" comment="gstreamer010-plugins-base-visual-32bit less than 0.10.5-11.17"/> 3592 <criterion test_ref="oval:org.opensuse.security:tst:2009037879" comment="gstreamer010-plugins-base-visual less than 0.10.5-11.17"/> 3593 <criterion test_ref="oval:org.opensuse.security:tst:2009037880" comment="gstreamer010-plugins-base less than 0.10.5-11.17"/> 3594 <criterion test_ref="oval:org.opensuse.security:tst:2009037881" comment="gtk-sharp-32bit less than 1.0.10-30.15"/> 3595 <criterion test_ref="oval:org.opensuse.security:tst:2009037882" comment="gtk-sharp-complete less than 1.0.10-30.15"/> 3596 <criterion test_ref="oval:org.opensuse.security:tst:2009037883" comment="gtk-sharp-gapi less than 1.0.10-30.15"/> 3597 <criterion test_ref="oval:org.opensuse.security:tst:2009037884" comment="gtk-sharp less than 1.0.10-30.15"/> 3598 <criterion test_ref="oval:org.opensuse.security:tst:2009037885" comment="gtkhtml-sharp less than 1.0.10-30.15"/> 3599 <criterion test_ref="oval:org.opensuse.security:tst:2009037886" comment="helix-dbus-server less than 0.4.0-0.10"/> 3600 <criterion test_ref="oval:org.opensuse.security:tst:2009037887" comment="inkscape less than 0.43-20.15"/> 3601 <criterion test_ref="oval:org.opensuse.security:tst:2009037888" comment="libbeagle-32bit less than 0.2.16.3-1.12"/> 3602 <criterion test_ref="oval:org.opensuse.security:tst:2009037889" comment="libbeagle-devel less than 0.2.16.3-1.12"/> 3603 <criterion test_ref="oval:org.opensuse.security:tst:2009037890" comment="libbeagle less than 0.2.16.3-1.12"/> 3604 <criterion test_ref="oval:org.opensuse.security:tst:2009037891" comment="libgail-gnome-devel less than 1.1.3-41.13"/> 3605 <criterion test_ref="oval:org.opensuse.security:tst:2009037892" comment="libgail-gnome less than 1.1.3-41.13"/> 3606 <criterion test_ref="oval:org.opensuse.security:tst:2009037893" comment="libgdiplus less than 1.2.2-13.13"/> 3607 <criterion test_ref="oval:org.opensuse.security:tst:2009037894" comment="libipoddevice-32bit less than 0.5.2-1.17"/> 3608 <criterion test_ref="oval:org.opensuse.security:tst:2009037895" comment="libipoddevice less than 0.5.2-1.17"/> 3609 <criterion test_ref="oval:org.opensuse.security:tst:2009037896" comment="libsmbclient-32bit less than 3.0.24-2.23"/> 3610 <criterion test_ref="oval:org.opensuse.security:tst:2009037897" comment="libsmbclient-devel less than 3.0.24-2.23"/> 3611 <criterion test_ref="oval:org.opensuse.security:tst:2009037898" comment="libsmbclient less than 3.0.24-2.23"/> 3612 <criterion test_ref="oval:org.opensuse.security:tst:2009037899" comment="libtool-32bit less than 1.5.22-13.12"/> 3613 <criterion test_ref="oval:org.opensuse.security:tst:2009037900" comment="libtool less than 1.5.22-13.12"/> 3614 <criterion test_ref="oval:org.opensuse.security:tst:2009037901" comment="linphone-applet less than 1.2.0-16.14"/> 3615 <criterion test_ref="oval:org.opensuse.security:tst:2009037902" comment="linphone less than 1.2.0-16.14"/> 3616 <criterion test_ref="oval:org.opensuse.security:tst:2009037903" comment="openobex-devel less than 1.3-28.7"/> 3617 <criterion test_ref="oval:org.opensuse.security:tst:2009037904" comment="openobex less than 1.3-28.7"/> 3618 <criterion test_ref="oval:org.opensuse.security:tst:2009037905" comment="planner-devel less than 0.14.1-24.12"/> 3619 <criterion test_ref="oval:org.opensuse.security:tst:2009037906" comment="planner less than 0.14.1-24.12"/> 3620 <criterion test_ref="oval:org.opensuse.security:tst:2009037907" comment="pwlib-devel less than 1.10.4-0.10"/> 3621 <criterion test_ref="oval:org.opensuse.security:tst:2009037908" comment="pwlib less than 1.10.4-0.10"/> 3622 <criterion test_ref="oval:org.opensuse.security:tst:2009037909" comment="resapplet less than 0.1.4-5.20"/> 3623 <criterion test_ref="oval:org.opensuse.security:tst:2009037910" comment="rsvg-sharp less than 1.0.10-30.15"/> 3624 <criterion test_ref="oval:org.opensuse.security:tst:2009037911" comment="sabayon-admin less than 2.12.3-21.29"/> 3625 <criterion test_ref="oval:org.opensuse.security:tst:2009037912" comment="sabayon less than 2.12.3-21.29"/> 3626 <criterion test_ref="oval:org.opensuse.security:tst:2009037913" comment="samba-32bit less than 3.0.24-2.23"/> 3627 <criterion test_ref="oval:org.opensuse.security:tst:2009037914" comment="samba-client-32bit less than 3.0.24-2.23"/> 3628 <criterion test_ref="oval:org.opensuse.security:tst:2009037915" comment="samba-client less than 3.0.24-2.23"/> 3629 <criterion test_ref="oval:org.opensuse.security:tst:2009037916" comment="samba-doc less than 3.0.24-2.23"/> 3630 <criterion test_ref="oval:org.opensuse.security:tst:2009037917" comment="samba-krb-printing less than 3.0.24-2.23"/> 3631 <criterion test_ref="oval:org.opensuse.security:tst:2009037918" comment="samba-pdb less than 3.0.24-2.23"/> 3632 <criterion test_ref="oval:org.opensuse.security:tst:2009037919" comment="samba-vscan less than 0.3.6b-42.49"/> 3633 <criterion test_ref="oval:org.opensuse.security:tst:2009037920" comment="samba-winbind-32bit less than 3.0.24-2.23"/> 3634 <criterion test_ref="oval:org.opensuse.security:tst:2009037921" comment="samba-winbind less than 3.0.24-2.23"/> 3635 <criterion test_ref="oval:org.opensuse.security:tst:2009037922" comment="samba less than 3.0.24-2.23"/> 3636 <criterion test_ref="oval:org.opensuse.security:tst:2009037923" comment="tomboy less than 0.6.0-0.21"/> 3637 <criterion test_ref="oval:org.opensuse.security:tst:2009037924" comment="vte-sharp less than 1.0.10-30.15"/> 3638 <criterion test_ref="oval:org.opensuse.security:tst:2009037925" comment="wbxml2 less than 0.9.0-18.10"/> 3639 <criterion test_ref="oval:org.opensuse.security:tst:2009037926" comment="xgl-hardware-list less than 070326-0.5"/> 3640 <criterion test_ref="oval:org.opensuse.security:tst:2009037927" comment="xgl less than cvs_060522-0.32"/> 3641 </criteria> 3642 </criteria> 3643 </definition> 3644 <definition id="oval:org.opensuse.security:def:20070775" version="1" class="vulnerability"> 3645 <metadata> 3646 <title>CVE-2007-0775</title> 3647 <affected family="unix"> 3648 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 3649 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 3650 </affected> 3651 <reference ref_id="CVE-2007-0775" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0775" source="CVE"/> 3652 <description> 3653 Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via certain vectors. 3654 </description> 3655 </metadata> 3656 <!-- f2ed7bea62889b94eeb1394136e19e23 --> 3657 <criteria operator="AND"> 3658 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 3659 <criteria operator="OR"> 3660 <criterion test_ref="oval:org.opensuse.security:tst:2009041543" comment="MozillaFirefox-translations less than 2.0.0.2-2.13"/> 3661 <criterion test_ref="oval:org.opensuse.security:tst:2009041544" comment="MozillaFirefox less than 2.0.0.2-2.13"/> 3662 <criterion test_ref="oval:org.opensuse.security:tst:2009041545" comment="dejavu less than 2.9-0.10"/> 3663 <criterion test_ref="oval:org.opensuse.security:tst:2009041546" comment="desktop-data-NLD less than 10.1-31.24"/> 3664 <criterion test_ref="oval:org.opensuse.security:tst:2009041547" comment="mozilla-nss-32bit less than 3.11.4-0.7"/> 3665 <criterion test_ref="oval:org.opensuse.security:tst:2009041548" comment="mozilla-nss-devel less than 3.11.4-0.7"/> 3666 <criterion test_ref="oval:org.opensuse.security:tst:2009041549" comment="mozilla-nss-tools less than 3.11.4-0.7"/> 3667 <criterion test_ref="oval:org.opensuse.security:tst:2009041550" comment="mozilla-nss less than 3.11.4-0.7"/> 3668 <criterion test_ref="oval:org.opensuse.security:tst:2009041551" comment="openmotif-libs-32bit less than 2.2.4-21.12"/> 3669 <criterion test_ref="oval:org.opensuse.security:tst:2009041552" comment="openmotif-libs less than 2.2.4-21.12"/> 3670 <criterion test_ref="oval:org.opensuse.security:tst:2009041553" comment="sax2-gui less than 1.7-125.37"/> 3671 <criterion test_ref="oval:org.opensuse.security:tst:2009041554" comment="sax2-ident less than 1.7-125.38"/> 3672 <criterion test_ref="oval:org.opensuse.security:tst:2009041555" comment="sax2-libsax-csharp less than 7.1-121.37"/> 3673 <criterion test_ref="oval:org.opensuse.security:tst:2009041556" comment="sax2-libsax-perl less than 7.1-125.37"/> 3674 <criterion test_ref="oval:org.opensuse.security:tst:2009041557" comment="sax2-libsax less than 7.1-125.37"/> 3675 <criterion test_ref="oval:org.opensuse.security:tst:2009041558" comment="sax2-tools less than 2.7-125.37"/> 3676 <criterion test_ref="oval:org.opensuse.security:tst:2009041559" comment="sax2 less than 7.1-125.37"/> 3677 <criterion test_ref="oval:org.opensuse.security:tst:2009041560" comment="tightvnc less than 1.2.9-201.12"/> 3678 <criterion test_ref="oval:org.opensuse.security:tst:2009041561" comment="xdg-menu less than 0.2-66.10"/> 3679 <criterion test_ref="oval:org.opensuse.security:tst:2009041562" comment="xorg-x11-driver-video-nvidia less than 6.9.0-46.40"/> 3680 <criterion test_ref="oval:org.opensuse.security:tst:2009041563" comment="xorg-x11-driver-video less than 6.9.0-46.40"/> 3681 <criterion test_ref="oval:org.opensuse.security:tst:2009041564" comment="yast2-control-center less than 2.13.10-0.8"/> 3682 <criterion test_ref="oval:org.opensuse.security:tst:2009041565" comment="yast2-qt less than 2.13.82-0.3"/> 3683 <criterion test_ref="oval:org.opensuse.security:tst:2009041566" comment="yast2-x11 less than 2.13.13-0.4"/> 3684 </criteria> 3685 </criteria> 3686 </definition> 3687 <definition id="oval:org.opensuse.security:def:20070776" version="1" class="vulnerability"> 3688 <metadata> 3689 <title>CVE-2007-0776</title> 3690 <affected family="unix"> 3691 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 3692 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 3693 </affected> 3694 <reference ref_id="CVE-2007-0776" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0776" source="CVE"/> 3695 <description> 3696 Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stroke-width attribute in the clipPath element in an SVG file. 3697 </description> 3698 </metadata> 3699 <!-- f2ed7bea62889b94eeb1394136e19e23 --> 3700 <criteria operator="AND"> 3701 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 3702 <criteria operator="OR"> 3703 <criterion test_ref="oval:org.opensuse.security:tst:2009041543" comment="MozillaFirefox-translations less than 2.0.0.2-2.13"/> 3704 <criterion test_ref="oval:org.opensuse.security:tst:2009041544" comment="MozillaFirefox less than 2.0.0.2-2.13"/> 3705 <criterion test_ref="oval:org.opensuse.security:tst:2009041545" comment="dejavu less than 2.9-0.10"/> 3706 <criterion test_ref="oval:org.opensuse.security:tst:2009041546" comment="desktop-data-NLD less than 10.1-31.24"/> 3707 <criterion test_ref="oval:org.opensuse.security:tst:2009041547" comment="mozilla-nss-32bit less than 3.11.4-0.7"/> 3708 <criterion test_ref="oval:org.opensuse.security:tst:2009041548" comment="mozilla-nss-devel less than 3.11.4-0.7"/> 3709 <criterion test_ref="oval:org.opensuse.security:tst:2009041549" comment="mozilla-nss-tools less than 3.11.4-0.7"/> 3710 <criterion test_ref="oval:org.opensuse.security:tst:2009041550" comment="mozilla-nss less than 3.11.4-0.7"/> 3711 <criterion test_ref="oval:org.opensuse.security:tst:2009041551" comment="openmotif-libs-32bit less than 2.2.4-21.12"/> 3712 <criterion test_ref="oval:org.opensuse.security:tst:2009041552" comment="openmotif-libs less than 2.2.4-21.12"/> 3713 <criterion test_ref="oval:org.opensuse.security:tst:2009041553" comment="sax2-gui less than 1.7-125.37"/> 3714 <criterion test_ref="oval:org.opensuse.security:tst:2009041554" comment="sax2-ident less than 1.7-125.38"/> 3715 <criterion test_ref="oval:org.opensuse.security:tst:2009041555" comment="sax2-libsax-csharp less than 7.1-121.37"/> 3716 <criterion test_ref="oval:org.opensuse.security:tst:2009041556" comment="sax2-libsax-perl less than 7.1-125.37"/> 3717 <criterion test_ref="oval:org.opensuse.security:tst:2009041557" comment="sax2-libsax less than 7.1-125.37"/> 3718 <criterion test_ref="oval:org.opensuse.security:tst:2009041558" comment="sax2-tools less than 2.7-125.37"/> 3719 <criterion test_ref="oval:org.opensuse.security:tst:2009041559" comment="sax2 less than 7.1-125.37"/> 3720 <criterion test_ref="oval:org.opensuse.security:tst:2009041560" comment="tightvnc less than 1.2.9-201.12"/> 3721 <criterion test_ref="oval:org.opensuse.security:tst:2009041561" comment="xdg-menu less than 0.2-66.10"/> 3722 <criterion test_ref="oval:org.opensuse.security:tst:2009041562" comment="xorg-x11-driver-video-nvidia less than 6.9.0-46.40"/> 3723 <criterion test_ref="oval:org.opensuse.security:tst:2009041563" comment="xorg-x11-driver-video less than 6.9.0-46.40"/> 3724 <criterion test_ref="oval:org.opensuse.security:tst:2009041564" comment="yast2-control-center less than 2.13.10-0.8"/> 3725 <criterion test_ref="oval:org.opensuse.security:tst:2009041565" comment="yast2-qt less than 2.13.82-0.3"/> 3726 <criterion test_ref="oval:org.opensuse.security:tst:2009041566" comment="yast2-x11 less than 2.13.13-0.4"/> 3727 </criteria> 3728 </criteria> 3729 </definition> 3730 <definition id="oval:org.opensuse.security:def:20070981" version="1" class="vulnerability"> 3731 <metadata> 3732 <title>CVE-2007-0981</title> 3733 <affected family="unix"> 3734 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 3735 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 3736 </affected> 3737 <reference ref_id="CVE-2007-0981" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0981" source="CVE"/> 3738 <description> 3739 Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code. 3740 </description> 3741 </metadata> 3742 <!-- f2ed7bea62889b94eeb1394136e19e23 --> 3743 <criteria operator="AND"> 3744 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 3745 <criteria operator="OR"> 3746 <criterion test_ref="oval:org.opensuse.security:tst:2009041543" comment="MozillaFirefox-translations less than 2.0.0.2-2.13"/> 3747 <criterion test_ref="oval:org.opensuse.security:tst:2009041544" comment="MozillaFirefox less than 2.0.0.2-2.13"/> 3748 <criterion test_ref="oval:org.opensuse.security:tst:2009041545" comment="dejavu less than 2.9-0.10"/> 3749 <criterion test_ref="oval:org.opensuse.security:tst:2009041546" comment="desktop-data-NLD less than 10.1-31.24"/> 3750 <criterion test_ref="oval:org.opensuse.security:tst:2009041547" comment="mozilla-nss-32bit less than 3.11.4-0.7"/> 3751 <criterion test_ref="oval:org.opensuse.security:tst:2009041548" comment="mozilla-nss-devel less than 3.11.4-0.7"/> 3752 <criterion test_ref="oval:org.opensuse.security:tst:2009041549" comment="mozilla-nss-tools less than 3.11.4-0.7"/> 3753 <criterion test_ref="oval:org.opensuse.security:tst:2009041550" comment="mozilla-nss less than 3.11.4-0.7"/> 3754 <criterion test_ref="oval:org.opensuse.security:tst:2009041551" comment="openmotif-libs-32bit less than 2.2.4-21.12"/> 3755 <criterion test_ref="oval:org.opensuse.security:tst:2009041552" comment="openmotif-libs less than 2.2.4-21.12"/> 3756 <criterion test_ref="oval:org.opensuse.security:tst:2009041553" comment="sax2-gui less than 1.7-125.37"/> 3757 <criterion test_ref="oval:org.opensuse.security:tst:2009041554" comment="sax2-ident less than 1.7-125.38"/> 3758 <criterion test_ref="oval:org.opensuse.security:tst:2009041555" comment="sax2-libsax-csharp less than 7.1-121.37"/> 3759 <criterion test_ref="oval:org.opensuse.security:tst:2009041556" comment="sax2-libsax-perl less than 7.1-125.37"/> 3760 <criterion test_ref="oval:org.opensuse.security:tst:2009041557" comment="sax2-libsax less than 7.1-125.37"/> 3761 <criterion test_ref="oval:org.opensuse.security:tst:2009041558" comment="sax2-tools less than 2.7-125.37"/> 3762 <criterion test_ref="oval:org.opensuse.security:tst:2009041559" comment="sax2 less than 7.1-125.37"/> 3763 <criterion test_ref="oval:org.opensuse.security:tst:2009041560" comment="tightvnc less than 1.2.9-201.12"/> 3764 <criterion test_ref="oval:org.opensuse.security:tst:2009041561" comment="xdg-menu less than 0.2-66.10"/> 3765 <criterion test_ref="oval:org.opensuse.security:tst:2009041562" comment="xorg-x11-driver-video-nvidia less than 6.9.0-46.40"/> 3766 <criterion test_ref="oval:org.opensuse.security:tst:2009041563" comment="xorg-x11-driver-video less than 6.9.0-46.40"/> 3767 <criterion test_ref="oval:org.opensuse.security:tst:2009041564" comment="yast2-control-center less than 2.13.10-0.8"/> 3768 <criterion test_ref="oval:org.opensuse.security:tst:2009041565" comment="yast2-qt less than 2.13.82-0.3"/> 3769 <criterion test_ref="oval:org.opensuse.security:tst:2009041566" comment="yast2-x11 less than 2.13.13-0.4"/> 3770 </criteria> 3771 </criteria> 3772 </definition> 3773 <definition id="oval:org.opensuse.security:def:20070999" version="1" class="vulnerability"> 3774 <metadata> 3775 <title>CVE-2007-0999</title> 3776 <affected family="unix"> 3777 <platform>SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T</platform> 3778 <platform>SUSE Linux Enterprise Desktop 10 SP1 for x86</platform> 3779 </affected> 3780 <reference ref_id="CVE-2007-0999" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0999" source="CVE"/> 3781 <description> 3782 Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006. 3783 </description> 3784 </metadata> 3785 <!-- 5a8fc03d08c7aef3ad206b0c647fe8af --> 3786 <criteria operator="AND"> 3787 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp1-online is installed"/> 3788 <criteria operator="OR"> 3789 <criterion test_ref="oval:org.opensuse.security:tst:2009044278" comment="ekiga less than 2.0.5-0.9"/> 3790 <criterion test_ref="oval:org.opensuse.security:tst:2009044279" comment="opal less than 2.2.5-0.7"/> 3791 <criterion test_ref="oval:org.opensuse.security:tst:2009044280" comment="pwlib-plugins-avc less than 1.10.4-0.10"/> 3792 <criterion test_ref="oval:org.opensuse.security:tst:2009044281" comment="pwlib-plugins-dc less than 1.10.4-0.10"/> 3793 <criterion test_ref="oval:org.opensuse.security:tst:2009044282" comment="pwlib-plugins-v4l2 less than 1.10.4-0.10"/> 3794 </criteria> 3795 </criteria> 3796 </definition> 3797 <definition id="oval:org.opensuse.security:def:20080598" version="1" class="vulnerability"> 3798 <metadata> 3799 <title>CVE-2008-0598</title> 3800 <affected family="unix"> 3801 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 3802 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 3803 </affected> 3804 <reference ref_id="CVE-2008-0598" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0598" source="CVE"/> 3805 <description> 3806 Unspecified vulnerability in the 32-bit and 64-bit emulation in the Linux kernel 2.6.9, 2.6.18, and probably other versions allows local users to read uninitialized memory via unknown vectors involving a crafted binary. 3807 </description> 3808 </metadata> 3809 <criteria operator="OR"> 3810 <!-- b1a5693e9b87368b2dc89b804303d9b2 --> 3811 <criteria operator="AND"> 3812 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 3813 <criteria operator="OR"> 3814 <criterion test_ref="oval:org.opensuse.security:tst:2009060834" comment="kernel-default less than 2.6.16.60-0.66.1"/> 3815 <criterion test_ref="oval:org.opensuse.security:tst:2009060841" comment="kernel-smp less than 2.6.16.60-0.66.1"/> 3816 <criterion test_ref="oval:org.opensuse.security:tst:2009060838" comment="kernel-source less than 2.6.16.60-0.66.1"/> 3817 <criterion test_ref="oval:org.opensuse.security:tst:2009060839" comment="kernel-syms less than 2.6.16.60-0.66.1"/> 3818 <criterion test_ref="oval:org.opensuse.security:tst:2009060842" comment="kernel-xen less than 2.6.16.60-0.66.1"/> 3819 </criteria> 3820 </criteria> 3821 <!-- cf13ba7162e8d3407e2e9d889c8521f7 --> 3822 <criteria operator="AND"> 3823 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 3824 <criteria operator="OR"> 3825 <criterion test_ref="oval:org.opensuse.security:tst:2009060843" comment="kernel-bigsmp less than 2.6.16.60-0.66.1"/> 3826 <criterion test_ref="oval:org.opensuse.security:tst:2009060834" comment="kernel-default less than 2.6.16.60-0.66.1"/> 3827 <criterion test_ref="oval:org.opensuse.security:tst:2009060841" comment="kernel-smp less than 2.6.16.60-0.66.1"/> 3828 <criterion test_ref="oval:org.opensuse.security:tst:2009060838" comment="kernel-source less than 2.6.16.60-0.66.1"/> 3829 <criterion test_ref="oval:org.opensuse.security:tst:2009060839" comment="kernel-syms less than 2.6.16.60-0.66.1"/> 3830 <criterion test_ref="oval:org.opensuse.security:tst:2009060842" comment="kernel-xen less than 2.6.16.60-0.66.1"/> 3831 <criterion test_ref="oval:org.opensuse.security:tst:2009060844" comment="kernel-xenpae less than 2.6.16.60-0.66.1"/> 3832 </criteria> 3833 </criteria> 3834 </criteria> 3835 </definition> 3836 <definition id="oval:org.opensuse.security:def:20080928" version="1" class="vulnerability"> 3837 <metadata> 3838 <title>CVE-2008-0928</title> 3839 <affected family="unix"> 3840 <platform>SUSE Linux Enterprise Thin Client 10 SP2</platform> 3841 </affected> 3842 <reference ref_id="CVE-2008-0928" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0928" source="CVE"/> 3843 <description> 3844 Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine. 3845 </description> 3846 </metadata> 3847 <!-- 816577e14f3b7b0abdb6d607f482c9a8 --> 3848 <criteria operator="AND"> 3849 <criterion test_ref="oval:org.opensuse.security:tst:2009048154" comment="sled10-sp2-tc is installed"/> 3850 <criterion test_ref="oval:org.opensuse.security:tst:2009048155" comment="qemu less than 0.8.2-37.9"/> 3851 </criteria> 3852 </definition> 3853 <definition id="oval:org.opensuse.security:def:20081391" version="1" class="vulnerability"> 3854 <metadata> 3855 <title>CVE-2008-1391</title> 3856 <affected family="unix"> 3857 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 3858 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 3859 </affected> 3860 <reference ref_id="CVE-2008-1391" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1391" source="CVE"/> 3861 <description> 3862 Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to (1) the strfmon function in lib/libc/stdlib/strfmon.c, related to the GET_NUMBER macro; and (2) the printf function, related to left_prec and right_prec. 3863 </description> 3864 </metadata> 3865 <!-- a7e1bffd1e2cae6bb5c9bbff3d3f9de2 --> 3866 <criteria operator="AND"> 3867 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 3868 <criteria operator="OR"> 3869 <criterion test_ref="oval:org.opensuse.security:tst:2009070508" comment="glibc-32bit less than 2.4-31.77.76.1"/> 3870 <criterion test_ref="oval:org.opensuse.security:tst:2009070509" comment="glibc-devel-32bit less than 2.4-31.77.76.1"/> 3871 <criterion test_ref="oval:org.opensuse.security:tst:2009070510" comment="glibc-devel less than 2.4-31.77.76.1"/> 3872 <criterion test_ref="oval:org.opensuse.security:tst:2009070511" comment="glibc-html less than 2.4-31.77.76.1"/> 3873 <criterion test_ref="oval:org.opensuse.security:tst:2009070512" comment="glibc-i18ndata less than 2.4-31.77.76.1"/> 3874 <criterion test_ref="oval:org.opensuse.security:tst:2009070513" comment="glibc-info less than 2.4-31.77.76.1"/> 3875 <criterion test_ref="oval:org.opensuse.security:tst:2009070514" comment="glibc-locale-32bit less than 2.4-31.77.76.1"/> 3876 <criterion test_ref="oval:org.opensuse.security:tst:2009070515" comment="glibc-locale less than 2.4-31.77.76.1"/> 3877 <criterion test_ref="oval:org.opensuse.security:tst:2009070516" comment="glibc less than 2.4-31.77.76.1"/> 3878 <criterion test_ref="oval:org.opensuse.security:tst:2009070517" comment="nscd less than 2.4-31.77.76.1"/> 3879 </criteria> 3880 </criteria> 3881 </definition> 3882 <definition id="oval:org.opensuse.security:def:20081945" version="1" class="vulnerability"> 3883 <metadata> 3884 <title>CVE-2008-1945</title> 3885 <affected family="unix"> 3886 <platform>SUSE Linux Enterprise Thin Client 10 SP2</platform> 3887 </affected> 3888 <reference ref_id="CVE-2008-1945" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1945" source="CVE"/> 3889 <description> 3890 QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004. 3891 </description> 3892 </metadata> 3893 <!-- 816577e14f3b7b0abdb6d607f482c9a8 --> 3894 <criteria operator="AND"> 3895 <criterion test_ref="oval:org.opensuse.security:tst:2009048154" comment="sled10-sp2-tc is installed"/> 3896 <criterion test_ref="oval:org.opensuse.security:tst:2009048155" comment="qemu less than 0.8.2-37.9"/> 3897 </criteria> 3898 </definition> 3899 <definition id="oval:org.opensuse.security:def:20082382" version="1" class="vulnerability"> 3900 <metadata> 3901 <title>CVE-2008-2382</title> 3902 <affected family="unix"> 3903 <platform>SUSE Linux Enterprise Thin Client 10 SP2</platform> 3904 </affected> 3905 <reference ref_id="CVE-2008-2382" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2382" source="CVE"/> 3906 <description> 3907 The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message. 3908 </description> 3909 </metadata> 3910 <!-- 816577e14f3b7b0abdb6d607f482c9a8 --> 3911 <criteria operator="AND"> 3912 <criterion test_ref="oval:org.opensuse.security:tst:2009048154" comment="sled10-sp2-tc is installed"/> 3913 <criterion test_ref="oval:org.opensuse.security:tst:2009048155" comment="qemu less than 0.8.2-37.9"/> 3914 </criteria> 3915 </definition> 3916 <definition id="oval:org.opensuse.security:def:20083834" version="1" class="vulnerability"> 3917 <metadata> 3918 <title>CVE-2008-3834</title> 3919 <affected family="unix"> 3920 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 3921 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 3922 </affected> 3923 <reference ref_id="CVE-2008-3834" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3834" source="CVE"/> 3924 <description> 3925 The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error. 3926 </description> 3927 </metadata> 3928 <!-- dde20c718132c54e40619cef79c34890 --> 3929 <criteria operator="AND"> 3930 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 3931 <criteria operator="OR"> 3932 <criterion test_ref="oval:org.opensuse.security:tst:2009068047" comment="dbus-1-32bit less than 0.60-33.29.1"/> 3933 <criterion test_ref="oval:org.opensuse.security:tst:2009068049" comment="dbus-1-devel less than 0.60-33.29.1"/> 3934 <criterion test_ref="oval:org.opensuse.security:tst:2009068050" comment="dbus-1-glib-32bit less than 0.60-33.29.1"/> 3935 <criterion test_ref="oval:org.opensuse.security:tst:2009068053" comment="dbus-1-glib less than 0.60-33.29.1"/> 3936 <criterion test_ref="oval:org.opensuse.security:tst:2009068054" comment="dbus-1-gtk less than 0.60-33.29.1"/> 3937 <criterion test_ref="oval:org.opensuse.security:tst:2009068056" comment="dbus-1-mono less than 0.60-33.29.1"/> 3938 <criterion test_ref="oval:org.opensuse.security:tst:2009068057" comment="dbus-1-python less than 0.60-33.29.1"/> 3939 <criterion test_ref="oval:org.opensuse.security:tst:2009068058" comment="dbus-1-qt3-32bit less than 0.60-33.29.1"/> 3940 <criterion test_ref="oval:org.opensuse.security:tst:2009068060" comment="dbus-1-qt3-devel less than 0.60-33.29.1"/> 3941 <criterion test_ref="oval:org.opensuse.security:tst:2009068062" comment="dbus-1-qt3 less than 0.60-33.29.1"/> 3942 <criterion test_ref="oval:org.opensuse.security:tst:2009068063" comment="dbus-1-x11 less than 0.60-33.29.1"/> 3943 <criterion test_ref="oval:org.opensuse.security:tst:2009068065" comment="dbus-1 less than 0.60-33.29.1"/> 3944 </criteria> 3945 </criteria> 3946 </definition> 3947 <definition id="oval:org.opensuse.security:def:20083916" version="1" class="vulnerability"> 3948 <metadata> 3949 <title>CVE-2008-3916</title> 3950 <affected family="unix"> 3951 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 3952 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 3953 </affected> 3954 <reference ref_id="CVE-2008-3916" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3916" source="CVE"/> 3955 <description> 3956 Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only crosses privilege boundaries when ed is invoked as a third-party component. 3957 </description> 3958 </metadata> 3959 <!-- 69a1938158b1d690f7f2fe691022627b --> 3960 <criteria operator="AND"> 3961 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 3962 <criterion test_ref="oval:org.opensuse.security:tst:2009065536" comment="ed less than 0.2-881.9.1"/> 3963 </criteria> 3964 </definition> 3965 <definition id="oval:org.opensuse.security:def:20084539" version="1" class="vulnerability"> 3966 <metadata> 3967 <title>CVE-2008-4539</title> 3968 <affected family="unix"> 3969 <platform>SUSE Linux Enterprise Thin Client 10 SP2</platform> 3970 </affected> 3971 <reference ref_id="CVE-2008-4539" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4539" source="CVE"/> 3972 <description> 3973 Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorrect fix for CVE-2007-1320. 3974 </description> 3975 </metadata> 3976 <!-- 816577e14f3b7b0abdb6d607f482c9a8 --> 3977 <criteria operator="AND"> 3978 <criterion test_ref="oval:org.opensuse.security:tst:2009048154" comment="sled10-sp2-tc is installed"/> 3979 <criterion test_ref="oval:org.opensuse.security:tst:2009048155" comment="qemu less than 0.8.2-37.9"/> 3980 </criteria> 3981 </definition> 3982 <definition id="oval:org.opensuse.security:def:20084546" version="1" class="vulnerability"> 3983 <metadata> 3984 <title>CVE-2008-4546</title> 3985 <affected family="unix"> 3986 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 3987 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 3988 </affected> 3989 <reference ref_id="CVE-2008-4546" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4546" source="CVE"/> 3990 <description> 3991 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service (NULL pointer dereference and browser crash) by returning a different response when an HTTP request is sent a second time, as demonstrated by two responses that provide SWF files with different SWF version numbers. 3992 </description> 3993 </metadata> 3994 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 3995 <criteria operator="AND"> 3996 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 3997 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 3998 </criteria> 3999 </definition> 4000 <definition id="oval:org.opensuse.security:def:20084776" version="1" class="vulnerability"> 4001 <metadata> 4002 <title>CVE-2008-4776</title> 4003 <affected family="unix"> 4004 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4005 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4006 </affected> 4007 <reference ref_id="CVE-2008-4776" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4776" source="CVE"/> 4008 <description> 4009 libgadu before 1.8.2 allows remote servers to cause a denial of service (crash) via a contact description with a large length, which triggers a buffer over-read. 4010 </description> 4011 </metadata> 4012 <!-- 61a3b641a9c4e4c8f62b44bd9c2160a0 --> 4013 <criteria operator="AND"> 4014 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4015 <criteria operator="OR"> 4016 <criterion test_ref="oval:org.opensuse.security:tst:2009065300" comment="kdenetwork3-InstantMessenger less than 3.5.1-32.34.1"/> 4017 <criterion test_ref="oval:org.opensuse.security:tst:2009065301" comment="kdenetwork3-news less than 3.5.1-32.34.1"/> 4018 <criterion test_ref="oval:org.opensuse.security:tst:2009065302" comment="kdenetwork3-vnc less than 3.5.1-32.34.1"/> 4019 <criterion test_ref="oval:org.opensuse.security:tst:2009065303" comment="kdenetwork3 less than 3.5.1-32.34.1"/> 4020 </criteria> 4021 </criteria> 4022 </definition> 4023 <definition id="oval:org.opensuse.security:def:20085077" version="1" class="vulnerability"> 4024 <metadata> 4025 <title>CVE-2008-5077</title> 4026 <affected family="unix"> 4027 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 4028 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 4029 </affected> 4030 <reference ref_id="CVE-2008-5077" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077" source="CVE"/> 4031 <description> 4032 OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys. 4033 </description> 4034 </metadata> 4035 <!-- 6deef59a2e94ee7d0f87aa2f497078c7 --> 4036 <criteria operator="AND"> 4037 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 4038 <criteria operator="OR"> 4039 <criterion test_ref="oval:org.opensuse.security:tst:2009069579" comment="compat-openssl097g-32bit less than 0.9.7g-13.21.1"/> 4040 <criterion test_ref="oval:org.opensuse.security:tst:2009069580" comment="compat-openssl097g less than 0.9.7g-13.21.1"/> 4041 </criteria> 4042 </criteria> 4043 </definition> 4044 <definition id="oval:org.opensuse.security:def:20085824" version="1" class="vulnerability"> 4045 <metadata> 4046 <title>CVE-2008-5824</title> 4047 <affected family="unix"> 4048 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4049 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4050 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 4051 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 4052 </affected> 4053 <reference ref_id="CVE-2008-5824" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5824" source="CVE"/> 4054 <description> 4055 Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile 0.2.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WAV file. 4056 </description> 4057 </metadata> 4058 <criteria operator="OR"> 4059 <!-- 261fc81e3f39aee17cd40426f48dcdb2 --> 4060 <criteria operator="AND"> 4061 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 4062 <criteria operator="OR"> 4063 <criterion test_ref="oval:org.opensuse.security:tst:2009067079" comment="audiofile-32bit less than 0.2.6-17.10.14"/> 4064 <criterion test_ref="oval:org.opensuse.security:tst:2009067080" comment="audiofile-devel less than 0.2.6-17.10.14"/> 4065 <criterion test_ref="oval:org.opensuse.security:tst:2009067081" comment="audiofile less than 0.2.6-17.10.14"/> 4066 </criteria> 4067 </criteria> 4068 <!-- 3d7f6c9b75c25202dfe77e4fa2f60506 --> 4069 <criteria operator="AND"> 4070 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4071 <criteria operator="OR"> 4072 <criterion test_ref="oval:org.opensuse.security:tst:2009066628" comment="audiofile-32bit less than 0.2.6-17.10.8"/> 4073 <criterion test_ref="oval:org.opensuse.security:tst:2009066629" comment="audiofile-devel less than 0.2.6-17.10.7"/> 4074 <criterion test_ref="oval:org.opensuse.security:tst:2009066630" comment="audiofile-devel less than 0.2.6-17.10.8"/> 4075 <criterion test_ref="oval:org.opensuse.security:tst:2009066631" comment="audiofile less than 0.2.6-17.10.7"/> 4076 <criterion test_ref="oval:org.opensuse.security:tst:2009066632" comment="audiofile less than 0.2.6-17.10.8"/> 4077 </criteria> 4078 </criteria> 4079 </criteria> 4080 </definition> 4081 <definition id="oval:org.opensuse.security:def:20085913" version="1" class="vulnerability"> 4082 <metadata> 4083 <title>CVE-2008-5913</title> 4084 <affected family="unix"> 4085 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4086 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4087 </affected> 4088 <reference ref_id="CVE-2008-5913" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5913" source="CVE"/> 4089 <description> 4090 The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier for remote attackers to track a user, or trick a user into acting upon a spoofed pop-up message, by calculating the seed value, related to a "temporary footprint" and an "in-session phishing attack." 4091 </description> 4092 </metadata> 4093 <!-- a8d90b51fe9f6e085ade64278ece8e87 --> 4094 <criteria operator="AND"> 4095 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4096 <criteria operator="OR"> 4097 <criterion test_ref="oval:org.opensuse.security:tst:2009061260" comment="MozillaFirefox-translations less than 3.5.10-0.4.1"/> 4098 <criterion test_ref="oval:org.opensuse.security:tst:2009061261" comment="MozillaFirefox less than 3.5.10-0.4.1"/> 4099 <criterion test_ref="oval:org.opensuse.security:tst:2009061262" comment="mozilla-xulrunner191-32bit less than 1.9.1.10-1.4.1"/> 4100 <criterion test_ref="oval:org.opensuse.security:tst:2009061263" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.10-1.4.1"/> 4101 <criterion test_ref="oval:org.opensuse.security:tst:2009061264" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.10-1.4.1"/> 4102 <criterion test_ref="oval:org.opensuse.security:tst:2009061265" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.10-1.4.1"/> 4103 <criterion test_ref="oval:org.opensuse.security:tst:2009061266" comment="mozilla-xulrunner191-translations less than 1.9.1.10-1.4.1"/> 4104 <criterion test_ref="oval:org.opensuse.security:tst:2009061267" comment="mozilla-xulrunner191 less than 1.9.1.10-1.4.1"/> 4105 </criteria> 4106 </criteria> 4107 </definition> 4108 <definition id="oval:org.opensuse.security:def:20086218" version="1" class="vulnerability"> 4109 <metadata> 4110 <title>CVE-2008-6218</title> 4111 <affected family="unix"> 4112 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 4113 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 4114 </affected> 4115 <reference ref_id="CVE-2008-6218" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218" source="CVE"/> 4116 <description> 4117 Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file. 4118 </description> 4119 </metadata> 4120 <!-- cfe75a17284d23a11571eeefdcbad4a8 --> 4121 <criteria operator="AND"> 4122 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 4123 <criteria operator="OR"> 4124 <criterion test_ref="oval:org.opensuse.security:tst:2009069827" comment="libpng-32bit less than 1.2.8-19.31.9"/> 4125 <criterion test_ref="oval:org.opensuse.security:tst:2009069829" comment="libpng-devel-32bit less than 1.2.8-19.31.9"/> 4126 <criterion test_ref="oval:org.opensuse.security:tst:2009069831" comment="libpng-devel less than 1.2.8-19.31.9"/> 4127 <criterion test_ref="oval:org.opensuse.security:tst:2009069833" comment="libpng less than 1.2.8-19.31.9"/> 4128 </criteria> 4129 </criteria> 4130 </definition> 4131 <definition id="oval:org.opensuse.security:def:20087247" version="1" class="vulnerability"> 4132 <metadata> 4133 <title>CVE-2008-7247</title> 4134 <affected family="unix"> 4135 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4136 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4137 </affected> 4138 <reference ref_id="CVE-2008-7247" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7247" source="CVE"/> 4139 <description> 4140 sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink. 4141 </description> 4142 </metadata> 4143 <!-- 71d78dc72e348aa31062cbc12a65c867 --> 4144 <criteria operator="AND"> 4145 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4146 <criteria operator="OR"> 4147 <criterion test_ref="oval:org.opensuse.security:tst:2009058919" comment="mysql-client less than 5.0.26-12.28.1"/> 4148 <criterion test_ref="oval:org.opensuse.security:tst:2009058920" comment="mysql-devel less than 5.0.26-12.28.1"/> 4149 <criterion test_ref="oval:org.opensuse.security:tst:2009058921" comment="mysql-shared-32bit less than 5.0.26-12.28.1"/> 4150 <criterion test_ref="oval:org.opensuse.security:tst:2009058922" comment="mysql-shared less than 5.0.26-12.28.1"/> 4151 <criterion test_ref="oval:org.opensuse.security:tst:2009058923" comment="mysql less than 5.0.26-12.28.1"/> 4152 </criteria> 4153 </criteria> 4154 </definition> 4155 <definition id="oval:org.opensuse.security:def:20087270" version="1" class="vulnerability"> 4156 <metadata> 4157 <title>CVE-2008-7270</title> 4158 <affected family="unix"> 4159 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4160 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4161 </affected> 4162 <reference ref_id="CVE-2008-7270" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7270" source="CVE"/> 4163 <description> 4164 OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the use of a disabled cipher via vectors involving sniffing network traffic to discover a session identifier, a different vulnerability than CVE-2010-4180. 4165 </description> 4166 </metadata> 4167 <!-- 9402e64690b1a9a7f760ca687f37f7aa --> 4168 <criteria operator="AND"> 4169 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4170 <criteria operator="OR"> 4171 <criterion test_ref="oval:org.opensuse.security:tst:2009064327" comment="openssl-32bit less than 0.9.8a-18.43.1"/> 4172 <criterion test_ref="oval:org.opensuse.security:tst:2009064328" comment="openssl-devel-32bit less than 0.9.8a-18.43.1"/> 4173 <criterion test_ref="oval:org.opensuse.security:tst:2009064329" comment="openssl-devel less than 0.9.8a-18.43.1"/> 4174 <criterion test_ref="oval:org.opensuse.security:tst:2009064330" comment="openssl less than 0.9.8a-18.43.1"/> 4175 </criteria> 4176 </criteria> 4177 </definition> 4178 <definition id="oval:org.opensuse.security:def:20090217" version="1" class="vulnerability"> 4179 <metadata> 4180 <title>CVE-2009-0217</title> 4181 <affected family="unix"> 4182 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4183 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4184 </affected> 4185 <reference ref_id="CVE-2009-0217" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217" source="CVE"/> 4186 <description> 4187 The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits. 4188 </description> 4189 </metadata> 4190 <!-- 17aa6adc1c5e58a79af02c479d95aab1 --> 4191 <criteria operator="AND"> 4192 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4193 <criteria operator="OR"> 4194 <criterion test_ref="oval:org.opensuse.security:tst:2009058672" comment="OpenOffice_org-af less than 3.2-0.6.1"/> 4195 <criterion test_ref="oval:org.opensuse.security:tst:2009058673" comment="OpenOffice_org-ar less than 3.2-0.6.1"/> 4196 <criterion test_ref="oval:org.opensuse.security:tst:2009058674" comment="OpenOffice_org-ca less than 3.2-0.6.1"/> 4197 <criterion test_ref="oval:org.opensuse.security:tst:2009058675" comment="OpenOffice_org-cs less than 3.2-0.6.1"/> 4198 <criterion test_ref="oval:org.opensuse.security:tst:2009058676" comment="OpenOffice_org-da less than 3.2-0.6.1"/> 4199 <criterion test_ref="oval:org.opensuse.security:tst:2009058677" comment="OpenOffice_org-de less than 3.2-0.6.1"/> 4200 <criterion test_ref="oval:org.opensuse.security:tst:2009058678" comment="OpenOffice_org-es less than 3.2-0.6.1"/> 4201 <criterion test_ref="oval:org.opensuse.security:tst:2009058679" comment="OpenOffice_org-fi less than 3.2-0.6.1"/> 4202 <criterion test_ref="oval:org.opensuse.security:tst:2009058680" comment="OpenOffice_org-fr less than 3.2-0.6.1"/> 4203 <criterion test_ref="oval:org.opensuse.security:tst:2009058681" comment="OpenOffice_org-galleries less than 3.2-0.6.1"/> 4204 <criterion test_ref="oval:org.opensuse.security:tst:2009058682" comment="OpenOffice_org-gnome less than 3.2-0.6.1"/> 4205 <criterion test_ref="oval:org.opensuse.security:tst:2009058683" comment="OpenOffice_org-gu-IN less than 3.2-0.6.1"/> 4206 <criterion test_ref="oval:org.opensuse.security:tst:2009058684" comment="OpenOffice_org-hi-IN less than 3.2-0.6.1"/> 4207 <criterion test_ref="oval:org.opensuse.security:tst:2009058685" comment="OpenOffice_org-hu less than 3.2-0.6.1"/> 4208 <criterion test_ref="oval:org.opensuse.security:tst:2009058686" comment="OpenOffice_org-it less than 3.2-0.6.1"/> 4209 <criterion test_ref="oval:org.opensuse.security:tst:2009058687" comment="OpenOffice_org-ja less than 3.2-0.6.1"/> 4210 <criterion test_ref="oval:org.opensuse.security:tst:2009058688" comment="OpenOffice_org-kde less than 3.2-0.6.1"/> 4211 <criterion test_ref="oval:org.opensuse.security:tst:2009058689" comment="OpenOffice_org-mono less than 3.2-0.6.1"/> 4212 <criterion test_ref="oval:org.opensuse.security:tst:2009058690" comment="OpenOffice_org-nb less than 3.2-0.6.1"/> 4213 <criterion test_ref="oval:org.opensuse.security:tst:2009058691" comment="OpenOffice_org-nl less than 3.2-0.6.1"/> 4214 <criterion test_ref="oval:org.opensuse.security:tst:2009058692" comment="OpenOffice_org-nld less than 3.2-0.6.1"/> 4215 <criterion test_ref="oval:org.opensuse.security:tst:2009058693" comment="OpenOffice_org-nn less than 3.2-0.6.1"/> 4216 <criterion test_ref="oval:org.opensuse.security:tst:2009058694" comment="OpenOffice_org-pl less than 3.2-0.6.1"/> 4217 <criterion test_ref="oval:org.opensuse.security:tst:2009058695" comment="OpenOffice_org-pt-BR less than 3.2-0.6.1"/> 4218 <criterion test_ref="oval:org.opensuse.security:tst:2009058696" comment="OpenOffice_org-ru less than 3.2-0.6.1"/> 4219 <criterion test_ref="oval:org.opensuse.security:tst:2009058697" comment="OpenOffice_org-sk less than 3.2-0.6.1"/> 4220 <criterion test_ref="oval:org.opensuse.security:tst:2009058698" comment="OpenOffice_org-sv less than 3.2-0.6.1"/> 4221 <criterion test_ref="oval:org.opensuse.security:tst:2009058699" comment="OpenOffice_org-xh less than 3.2-0.6.1"/> 4222 <criterion test_ref="oval:org.opensuse.security:tst:2009058700" comment="OpenOffice_org-zh-CN less than 3.2-0.6.1"/> 4223 <criterion test_ref="oval:org.opensuse.security:tst:2009058701" comment="OpenOffice_org-zh-TW less than 3.2-0.6.1"/> 4224 <criterion test_ref="oval:org.opensuse.security:tst:2009058702" comment="OpenOffice_org-zu less than 3.2-0.6.1"/> 4225 <criterion test_ref="oval:org.opensuse.security:tst:2009058703" comment="OpenOffice_org less than 3.2-0.6.1"/> 4226 </criteria> 4227 </criteria> 4228 </definition> 4229 <definition id="oval:org.opensuse.security:def:20090547" version="1" class="vulnerability"> 4230 <metadata> 4231 <title>CVE-2009-0547</title> 4232 <affected family="unix"> 4233 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4234 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4235 </affected> 4236 <reference ref_id="CVE-2009-0547" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0547" source="CVE"/> 4237 <description> 4238 Evolution 2.22.3.1 checks S/MIME signatures against a copy of the e-mail text within a signed-data blob, not the copy of the e-mail text displayed to the user, which allows remote attackers to spoof a signature by modifying the latter copy, a different vulnerability than CVE-2008-5077. 4239 </description> 4240 </metadata> 4241 <!-- ce348cdfb35e252764bfbecf9d58b216 --> 4242 <criteria operator="AND"> 4243 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4244 <criteria operator="OR"> 4245 <criterion test_ref="oval:org.opensuse.security:tst:2009060320" comment="evolution-data-server-32bit less than 1.6.0-43.92.1"/> 4246 <criterion test_ref="oval:org.opensuse.security:tst:2009060321" comment="evolution-data-server-devel less than 1.6.0-43.92.1"/> 4247 <criterion test_ref="oval:org.opensuse.security:tst:2009060322" comment="evolution-data-server less than 1.6.0-43.92.1"/> 4248 </criteria> 4249 </criteria> 4250 </definition> 4251 <definition id="oval:org.opensuse.security:def:20090587" version="1" class="vulnerability"> 4252 <metadata> 4253 <title>CVE-2009-0587</title> 4254 <affected family="unix"> 4255 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4256 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4257 </affected> 4258 <reference ref_id="CVE-2009-0587" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0587" source="CVE"/> 4259 <description> 4260 Multiple integer overflows in Evolution Data Server (aka evolution-data-server) before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in (1) addressbook/libebook/e-vcard.c in evc or (2) camel/camel-mime-utils.c in libcamel. 4261 </description> 4262 </metadata> 4263 <!-- ce348cdfb35e252764bfbecf9d58b216 --> 4264 <criteria operator="AND"> 4265 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4266 <criteria operator="OR"> 4267 <criterion test_ref="oval:org.opensuse.security:tst:2009060320" comment="evolution-data-server-32bit less than 1.6.0-43.92.1"/> 4268 <criterion test_ref="oval:org.opensuse.security:tst:2009060321" comment="evolution-data-server-devel less than 1.6.0-43.92.1"/> 4269 <criterion test_ref="oval:org.opensuse.security:tst:2009060322" comment="evolution-data-server less than 1.6.0-43.92.1"/> 4270 </criteria> 4271 </criteria> 4272 </definition> 4273 <definition id="oval:org.opensuse.security:def:20090590" version="1" class="vulnerability"> 4274 <metadata> 4275 <title>CVE-2009-0590</title> 4276 <affected family="unix"> 4277 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 4278 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 4279 </affected> 4280 <reference ref_id="CVE-2009-0590" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590" source="CVE"/> 4281 <description> 4282 The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length. 4283 </description> 4284 </metadata> 4285 <!-- 6deef59a2e94ee7d0f87aa2f497078c7 --> 4286 <criteria operator="AND"> 4287 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 4288 <criteria operator="OR"> 4289 <criterion test_ref="oval:org.opensuse.security:tst:2009069579" comment="compat-openssl097g-32bit less than 0.9.7g-13.21.1"/> 4290 <criterion test_ref="oval:org.opensuse.security:tst:2009069580" comment="compat-openssl097g less than 0.9.7g-13.21.1"/> 4291 </criteria> 4292 </criteria> 4293 </definition> 4294 <definition id="oval:org.opensuse.security:def:20090689" version="1" class="vulnerability"> 4295 <metadata> 4296 <title>CVE-2009-0689</title> 4297 <affected family="unix"> 4298 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4299 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4300 </affected> 4301 <reference ref_id="CVE-2009-0689" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689" source="CVE"/> 4302 <description> 4303 Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number. 4304 </description> 4305 </metadata> 4306 <criteria operator="OR"> 4307 <!-- 278f9268005e0adc0cf09d11e2b20a52 --> 4308 <criteria operator="AND"> 4309 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4310 <criteria operator="OR"> 4311 <criterion test_ref="oval:org.opensuse.security:tst:2009056794" comment="kdelibs3-32bit less than 3.5.1-49.53.1"/> 4312 <criterion test_ref="oval:org.opensuse.security:tst:2009056795" comment="kdelibs3-arts-32bit less than 3.5.1-49.53.1"/> 4313 <criterion test_ref="oval:org.opensuse.security:tst:2009056796" comment="kdelibs3-arts less than 3.5.1-49.53.1"/> 4314 <criterion test_ref="oval:org.opensuse.security:tst:2009056797" comment="kdelibs3-devel less than 3.5.1-49.53.1"/> 4315 <criterion test_ref="oval:org.opensuse.security:tst:2009056798" comment="kdelibs3-doc less than 3.5.1-49.53.1"/> 4316 <criterion test_ref="oval:org.opensuse.security:tst:2009056799" comment="kdelibs3 less than 3.5.1-49.53.1"/> 4317 </criteria> 4318 </criteria> 4319 <!-- a105139fcdfd8a2d443ee7ac045f2e46 --> 4320 <criteria operator="AND"> 4321 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4322 <criteria operator="OR"> 4323 <criterion test_ref="oval:org.opensuse.security:tst:2009055908" comment="MozillaFirefox-translations less than 3.5.4-1.4.1"/> 4324 <criterion test_ref="oval:org.opensuse.security:tst:2009055909" comment="MozillaFirefox less than 3.5.4-1.4.1"/> 4325 <criterion test_ref="oval:org.opensuse.security:tst:2009055910" comment="mozilla-xulrunner191-32bit less than 1.9.1.4-2.4.1"/> 4326 <criterion test_ref="oval:org.opensuse.security:tst:2009055911" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.4-2.4.1"/> 4327 <criterion test_ref="oval:org.opensuse.security:tst:2009055912" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.4-2.4.1"/> 4328 <criterion test_ref="oval:org.opensuse.security:tst:2009055913" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.4-2.4.1"/> 4329 <criterion test_ref="oval:org.opensuse.security:tst:2009055914" comment="mozilla-xulrunner191-translations less than 1.9.1.4-2.4.1"/> 4330 <criterion test_ref="oval:org.opensuse.security:tst:2009055915" comment="mozilla-xulrunner191 less than 1.9.1.4-2.4.1"/> 4331 </criteria> 4332 </criteria> 4333 <!-- b45a97409a57ffb7bfed2096ba136e83 --> 4334 <criteria operator="AND"> 4335 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4336 <criteria operator="OR"> 4337 <criterion test_ref="oval:org.opensuse.security:tst:2009055919" comment="mozilla-xulrunner190-32bit less than 1.9.0.15-0.4.2"/> 4338 <criterion test_ref="oval:org.opensuse.security:tst:2009055920" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.15-0.4.2"/> 4339 <criterion test_ref="oval:org.opensuse.security:tst:2009055921" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.15-0.4.2"/> 4340 <criterion test_ref="oval:org.opensuse.security:tst:2009055922" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.15-0.4.2"/> 4341 <criterion test_ref="oval:org.opensuse.security:tst:2009055923" comment="mozilla-xulrunner190-translations less than 1.9.0.15-0.4.2"/> 4342 <criterion test_ref="oval:org.opensuse.security:tst:2009055924" comment="mozilla-xulrunner190 less than 1.9.0.15-0.4.2"/> 4343 </criteria> 4344 </criteria> 4345 <!-- dd29bade9f7bbb05007b9a7cd8d845db --> 4346 <criteria operator="AND"> 4347 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4348 <criteria operator="OR"> 4349 <criterion test_ref="oval:org.opensuse.security:tst:2009056070" comment="mozilla-nspr-32bit less than 4.8.2-1.5.1"/> 4350 <criterion test_ref="oval:org.opensuse.security:tst:2009056071" comment="mozilla-nspr-devel less than 4.8.2-1.5.1"/> 4351 <criterion test_ref="oval:org.opensuse.security:tst:2009056072" comment="mozilla-nspr less than 4.8.2-1.5.1"/> 4352 </criteria> 4353 </criteria> 4354 </criteria> 4355 </definition> 4356 <definition id="oval:org.opensuse.security:def:20090758" version="1" class="vulnerability"> 4357 <metadata> 4358 <title>CVE-2009-0758</title> 4359 <affected family="unix"> 4360 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4361 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4362 </affected> 4363 <reference ref_id="CVE-2009-0758" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0758" source="CVE"/> 4364 <description> 4365 The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote attackers to cause a denial of service (network bandwidth and CPU consumption) via a crafted legacy unicast mDNS query packet that triggers a multicast packet storm. 4366 </description> 4367 </metadata> 4368 <!-- e3449d21d93e94ca21dab3032a76a26d --> 4369 <criteria operator="AND"> 4370 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4371 <criteria operator="OR"> 4372 <criterion test_ref="oval:org.opensuse.security:tst:2009057614" comment="avahi-glib less than 0.6.5-29.26.1"/> 4373 <criterion test_ref="oval:org.opensuse.security:tst:2009057615" comment="avahi less than 0.6.5-29.26.1"/> 4374 </criteria> 4375 </criteria> 4376 </definition> 4377 <definition id="oval:org.opensuse.security:def:20090789" version="1" class="vulnerability"> 4378 <metadata> 4379 <title>CVE-2009-0789</title> 4380 <affected family="unix"> 4381 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 4382 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 4383 </affected> 4384 <reference ref_id="CVE-2009-0789" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789" source="CVE"/> 4385 <description> 4386 OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key. 4387 </description> 4388 </metadata> 4389 <!-- 6deef59a2e94ee7d0f87aa2f497078c7 --> 4390 <criteria operator="AND"> 4391 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 4392 <criteria operator="OR"> 4393 <criterion test_ref="oval:org.opensuse.security:tst:2009069579" comment="compat-openssl097g-32bit less than 0.9.7g-13.21.1"/> 4394 <criterion test_ref="oval:org.opensuse.security:tst:2009069580" comment="compat-openssl097g less than 0.9.7g-13.21.1"/> 4395 </criteria> 4396 </criteria> 4397 </definition> 4398 <definition id="oval:org.opensuse.security:def:20090945" version="1" class="vulnerability"> 4399 <metadata> 4400 <title>CVE-2009-0945</title> 4401 <affected family="unix"> 4402 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4403 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4404 </affected> 4405 <reference ref_id="CVE-2009-0945" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0945" source="CVE"/> 4406 <description> 4407 Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption. 4408 </description> 4409 </metadata> 4410 <criteria operator="OR"> 4411 <!-- bcba4f2a8ad5c321b0e01e3ec52c8c68 --> 4412 <criteria operator="AND"> 4413 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4414 <criteria operator="OR"> 4415 <criterion test_ref="oval:org.opensuse.security:tst:2009056192" comment="dbus-1-qt-32bit less than 4.3.4-0.7.1"/> 4416 <criterion test_ref="oval:org.opensuse.security:tst:2009056193" comment="dbus-1-qt less than 4.3.4-0.7.1"/> 4417 <criterion test_ref="oval:org.opensuse.security:tst:2009056194" comment="qt-qt3support-32bit less than 4.3.4-0.7.1"/> 4418 <criterion test_ref="oval:org.opensuse.security:tst:2009056195" comment="qt-qt3support less than 4.3.4-0.7.1"/> 4419 <criterion test_ref="oval:org.opensuse.security:tst:2009056196" comment="qt-sql-32bit less than 4.3.4-0.7.1"/> 4420 <criterion test_ref="oval:org.opensuse.security:tst:2009056197" comment="qt-sql less than 4.3.4-0.7.1"/> 4421 <criterion test_ref="oval:org.opensuse.security:tst:2009056198" comment="qt-x11-32bit less than 4.3.4-0.7.1"/> 4422 <criterion test_ref="oval:org.opensuse.security:tst:2009056199" comment="qt-x11 less than 4.3.4-0.7.1"/> 4423 </criteria> 4424 </criteria> 4425 <!-- e3ee5f3465bf28ff10fa73651f8a68a3 --> 4426 <criteria operator="AND"> 4427 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4428 <criteria operator="OR"> 4429 <criterion test_ref="oval:org.opensuse.security:tst:2009064972" comment="kdegraphics3-devel less than 3.5.1-23.30.4"/> 4430 <criterion test_ref="oval:org.opensuse.security:tst:2009064973" comment="kdegraphics3-fax less than 3.5.1-23.30.4"/> 4431 <criterion test_ref="oval:org.opensuse.security:tst:2009064974" comment="kdegraphics3-kamera less than 3.5.1-23.30.4"/> 4432 <criterion test_ref="oval:org.opensuse.security:tst:2009064975" comment="kdegraphics3-pdf less than 3.5.1-23.30.4"/> 4433 <criterion test_ref="oval:org.opensuse.security:tst:2009064976" comment="kdegraphics3-postscript less than 3.5.1-23.30.4"/> 4434 <criterion test_ref="oval:org.opensuse.security:tst:2009064977" comment="kdegraphics3-scan less than 3.5.1-23.30.4"/> 4435 <criterion test_ref="oval:org.opensuse.security:tst:2009064978" comment="kdegraphics3 less than 3.5.1-23.30.4"/> 4436 </criteria> 4437 </criteria> 4438 </criteria> 4439 </definition> 4440 <definition id="oval:org.opensuse.security:def:20091189" version="1" class="vulnerability"> 4441 <metadata> 4442 <title>CVE-2009-1189</title> 4443 <affected family="unix"> 4444 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 4445 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 4446 </affected> 4447 <reference ref_id="CVE-2009-1189" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1189" source="CVE"/> 4448 <description> 4449 The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) in D-Bus (aka DBus) before 1.2.14 uses incorrect logic to validate a basic type, which allows remote attackers to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE-2008-3834. 4450 </description> 4451 </metadata> 4452 <!-- dde20c718132c54e40619cef79c34890 --> 4453 <criteria operator="AND"> 4454 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 4455 <criteria operator="OR"> 4456 <criterion test_ref="oval:org.opensuse.security:tst:2009068047" comment="dbus-1-32bit less than 0.60-33.29.1"/> 4457 <criterion test_ref="oval:org.opensuse.security:tst:2009068049" comment="dbus-1-devel less than 0.60-33.29.1"/> 4458 <criterion test_ref="oval:org.opensuse.security:tst:2009068050" comment="dbus-1-glib-32bit less than 0.60-33.29.1"/> 4459 <criterion test_ref="oval:org.opensuse.security:tst:2009068053" comment="dbus-1-glib less than 0.60-33.29.1"/> 4460 <criterion test_ref="oval:org.opensuse.security:tst:2009068054" comment="dbus-1-gtk less than 0.60-33.29.1"/> 4461 <criterion test_ref="oval:org.opensuse.security:tst:2009068056" comment="dbus-1-mono less than 0.60-33.29.1"/> 4462 <criterion test_ref="oval:org.opensuse.security:tst:2009068057" comment="dbus-1-python less than 0.60-33.29.1"/> 4463 <criterion test_ref="oval:org.opensuse.security:tst:2009068058" comment="dbus-1-qt3-32bit less than 0.60-33.29.1"/> 4464 <criterion test_ref="oval:org.opensuse.security:tst:2009068060" comment="dbus-1-qt3-devel less than 0.60-33.29.1"/> 4465 <criterion test_ref="oval:org.opensuse.security:tst:2009068062" comment="dbus-1-qt3 less than 0.60-33.29.1"/> 4466 <criterion test_ref="oval:org.opensuse.security:tst:2009068063" comment="dbus-1-x11 less than 0.60-33.29.1"/> 4467 <criterion test_ref="oval:org.opensuse.security:tst:2009068065" comment="dbus-1 less than 0.60-33.29.1"/> 4468 </criteria> 4469 </criteria> 4470 </definition> 4471 <definition id="oval:org.opensuse.security:def:20091192" version="1" class="vulnerability"> 4472 <metadata> 4473 <title>CVE-2009-1192</title> 4474 <affected family="unix"> 4475 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4476 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4477 </affected> 4478 <reference ref_id="CVE-2009-1192" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1192" source="CVE"/> 4479 <description> 4480 The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. 4481 </description> 4482 </metadata> 4483 <criteria operator="OR"> 4484 <!-- 4d39ec6d8748e038ab04a0b27f7382a1 --> 4485 <criteria operator="AND"> 4486 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4487 <criteria operator="OR"> 4488 <criterion test_ref="oval:org.opensuse.security:tst:2009056156" comment="kernel-bigsmp less than 2.6.16.60-0.57.1"/> 4489 <criterion test_ref="oval:org.opensuse.security:tst:2009056150" comment="kernel-default less than 2.6.16.60-0.57.1"/> 4490 <criterion test_ref="oval:org.opensuse.security:tst:2009056157" comment="kernel-smp less than 2.6.16.60-0.57.1"/> 4491 <criterion test_ref="oval:org.opensuse.security:tst:2009056154" comment="kernel-source less than 2.6.16.60-0.57.1"/> 4492 <criterion test_ref="oval:org.opensuse.security:tst:2009056155" comment="kernel-syms less than 2.6.16.60-0.57.1"/> 4493 <criterion test_ref="oval:org.opensuse.security:tst:2009056158" comment="kernel-xen less than 2.6.16.60-0.57.1"/> 4494 <criterion test_ref="oval:org.opensuse.security:tst:2009056159" comment="kernel-xenpae less than 2.6.16.60-0.57.1"/> 4495 </criteria> 4496 </criteria> 4497 <!-- ddf0cfe0200a78301be8b1d7b78fb645 --> 4498 <criteria operator="AND"> 4499 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4500 <criteria operator="OR"> 4501 <criterion test_ref="oval:org.opensuse.security:tst:2009056150" comment="kernel-default less than 2.6.16.60-0.57.1"/> 4502 <criterion test_ref="oval:org.opensuse.security:tst:2009056157" comment="kernel-smp less than 2.6.16.60-0.57.1"/> 4503 <criterion test_ref="oval:org.opensuse.security:tst:2009056154" comment="kernel-source less than 2.6.16.60-0.57.1"/> 4504 <criterion test_ref="oval:org.opensuse.security:tst:2009056155" comment="kernel-syms less than 2.6.16.60-0.57.1"/> 4505 <criterion test_ref="oval:org.opensuse.security:tst:2009056158" comment="kernel-xen less than 2.6.16.60-0.57.1"/> 4506 </criteria> 4507 </criteria> 4508 </criteria> 4509 </definition> 4510 <definition id="oval:org.opensuse.security:def:20091194" version="1" class="vulnerability"> 4511 <metadata> 4512 <title>CVE-2009-1194</title> 4513 <affected family="unix"> 4514 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4515 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4516 </affected> 4517 <reference ref_id="CVE-2009-1194" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1194" source="CVE"/> 4518 <description> 4519 Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location value in Firefox. 4520 </description> 4521 </metadata> 4522 <criteria operator="OR"> 4523 <!-- 1fd6ca9e4e40b511e5aab13a88cbcfec --> 4524 <criteria operator="AND"> 4525 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4526 <criteria operator="OR"> 4527 <criterion test_ref="oval:org.opensuse.security:tst:2009063814" comment="firefox3-pango-32bit less than 1.14.5-0.10.1"/> 4528 <criterion test_ref="oval:org.opensuse.security:tst:2009063815" comment="firefox3-pango less than 1.14.5-0.10.1"/> 4529 </criteria> 4530 </criteria> 4531 <!-- 7209e77048416ee8624b1ffd95e19987 --> 4532 <criteria operator="AND"> 4533 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4534 <criteria operator="OR"> 4535 <criterion test_ref="oval:org.opensuse.security:tst:2009057924" comment="pango-32bit less than 1.10.2-23.8.1"/> 4536 <criterion test_ref="oval:org.opensuse.security:tst:2009057925" comment="pango-devel less than 1.10.2-23.8.1"/> 4537 <criterion test_ref="oval:org.opensuse.security:tst:2009057926" comment="pango-doc less than 1.10.2-23.8.1"/> 4538 <criterion test_ref="oval:org.opensuse.security:tst:2009057927" comment="pango less than 1.10.2-23.8.1"/> 4539 </criteria> 4540 </criteria> 4541 </criteria> 4542 </definition> 4543 <definition id="oval:org.opensuse.security:def:20091563" version="1" class="vulnerability"> 4544 <metadata> 4545 <title>CVE-2009-1563</title> 4546 <affected family="unix"> 4547 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4548 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4549 </affected> 4550 <reference ref_id="CVE-2009-1563" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1563" source="CVE"/> 4551 <description> 4552 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0689. Reason: This candidate is a duplicate of CVE-2009-0689. Certain codebase relationships were not originally clear. Notes: All CVE users should reference CVE-2009-0689 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. 4553 </description> 4554 </metadata> 4555 <criteria operator="OR"> 4556 <!-- a105139fcdfd8a2d443ee7ac045f2e46 --> 4557 <criteria operator="AND"> 4558 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4559 <criteria operator="OR"> 4560 <criterion test_ref="oval:org.opensuse.security:tst:2009055908" comment="MozillaFirefox-translations less than 3.5.4-1.4.1"/> 4561 <criterion test_ref="oval:org.opensuse.security:tst:2009055909" comment="MozillaFirefox less than 3.5.4-1.4.1"/> 4562 <criterion test_ref="oval:org.opensuse.security:tst:2009055910" comment="mozilla-xulrunner191-32bit less than 1.9.1.4-2.4.1"/> 4563 <criterion test_ref="oval:org.opensuse.security:tst:2009055911" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.4-2.4.1"/> 4564 <criterion test_ref="oval:org.opensuse.security:tst:2009055912" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.4-2.4.1"/> 4565 <criterion test_ref="oval:org.opensuse.security:tst:2009055913" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.4-2.4.1"/> 4566 <criterion test_ref="oval:org.opensuse.security:tst:2009055914" comment="mozilla-xulrunner191-translations less than 1.9.1.4-2.4.1"/> 4567 <criterion test_ref="oval:org.opensuse.security:tst:2009055915" comment="mozilla-xulrunner191 less than 1.9.1.4-2.4.1"/> 4568 </criteria> 4569 </criteria> 4570 <!-- b45a97409a57ffb7bfed2096ba136e83 --> 4571 <criteria operator="AND"> 4572 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4573 <criteria operator="OR"> 4574 <criterion test_ref="oval:org.opensuse.security:tst:2009055919" comment="mozilla-xulrunner190-32bit less than 1.9.0.15-0.4.2"/> 4575 <criterion test_ref="oval:org.opensuse.security:tst:2009055920" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.15-0.4.2"/> 4576 <criterion test_ref="oval:org.opensuse.security:tst:2009055921" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.15-0.4.2"/> 4577 <criterion test_ref="oval:org.opensuse.security:tst:2009055922" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.15-0.4.2"/> 4578 <criterion test_ref="oval:org.opensuse.security:tst:2009055923" comment="mozilla-xulrunner190-translations less than 1.9.0.15-0.4.2"/> 4579 <criterion test_ref="oval:org.opensuse.security:tst:2009055924" comment="mozilla-xulrunner190 less than 1.9.0.15-0.4.2"/> 4580 </criteria> 4581 </criteria> 4582 <!-- dd29bade9f7bbb05007b9a7cd8d845db --> 4583 <criteria operator="AND"> 4584 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4585 <criteria operator="OR"> 4586 <criterion test_ref="oval:org.opensuse.security:tst:2009056070" comment="mozilla-nspr-32bit less than 4.8.2-1.5.1"/> 4587 <criterion test_ref="oval:org.opensuse.security:tst:2009056071" comment="mozilla-nspr-devel less than 4.8.2-1.5.1"/> 4588 <criterion test_ref="oval:org.opensuse.security:tst:2009056072" comment="mozilla-nspr less than 4.8.2-1.5.1"/> 4589 </criteria> 4590 </criteria> 4591 </criteria> 4592 </definition> 4593 <definition id="oval:org.opensuse.security:def:20091570" version="1" class="vulnerability"> 4594 <metadata> 4595 <title>CVE-2009-1570</title> 4596 <affected family="unix"> 4597 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4598 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4599 </affected> 4600 <reference ref_id="CVE-2009-1570" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1570" source="CVE"/> 4601 <description> 4602 Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow. 4603 </description> 4604 </metadata> 4605 <!-- 81784b1af32c10a70030409d240c5d5b --> 4606 <criteria operator="AND"> 4607 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4608 <criterion test_ref="oval:org.opensuse.security:tst:2009059677" comment="gimp less than 2.2.10-22.33.1"/> 4609 </criteria> 4610 </definition> 4611 <definition id="oval:org.opensuse.security:def:20091571" version="1" class="vulnerability"> 4612 <metadata> 4613 <title>CVE-2009-1571</title> 4614 <affected family="unix"> 4615 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4616 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4617 </affected> 4618 <reference ref_id="CVE-2009-1571" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1571" source="CVE"/> 4619 <description> 4620 Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory situations. 4621 </description> 4622 </metadata> 4623 <criteria operator="OR"> 4624 <!-- 630708f048967bcbe3d7e12e91204fcf --> 4625 <criteria operator="AND"> 4626 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4627 <criteria operator="OR"> 4628 <criterion test_ref="oval:org.opensuse.security:tst:2009058405" comment="mozilla-xulrunner190-32bit less than 1.9.0.18-0.4.1"/> 4629 <criterion test_ref="oval:org.opensuse.security:tst:2009058406" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.18-0.4.1"/> 4630 <criterion test_ref="oval:org.opensuse.security:tst:2009058407" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.18-0.4.1"/> 4631 <criterion test_ref="oval:org.opensuse.security:tst:2009058408" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.18-0.4.1"/> 4632 <criterion test_ref="oval:org.opensuse.security:tst:2009058409" comment="mozilla-xulrunner190-translations less than 1.9.0.18-0.4.1"/> 4633 <criterion test_ref="oval:org.opensuse.security:tst:2009058410" comment="mozilla-xulrunner190 less than 1.9.0.18-0.4.1"/> 4634 </criteria> 4635 </criteria> 4636 <!-- d41075930b3e4dc43019336480f6a248 --> 4637 <criteria operator="AND"> 4638 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4639 <criteria operator="OR"> 4640 <criterion test_ref="oval:org.opensuse.security:tst:2009058451" comment="MozillaFirefox-translations less than 3.5.8-0.4.1"/> 4641 <criterion test_ref="oval:org.opensuse.security:tst:2009058452" comment="MozillaFirefox less than 3.5.8-0.4.1"/> 4642 <criterion test_ref="oval:org.opensuse.security:tst:2009058442" comment="mozilla-xulrunner191-32bit less than 1.9.1.8-1.4.1"/> 4643 <criterion test_ref="oval:org.opensuse.security:tst:2009058443" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.8-1.4.1"/> 4644 <criterion test_ref="oval:org.opensuse.security:tst:2009058444" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.8-1.4.1"/> 4645 <criterion test_ref="oval:org.opensuse.security:tst:2009058445" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.8-1.4.1"/> 4646 <criterion test_ref="oval:org.opensuse.security:tst:2009058446" comment="mozilla-xulrunner191-translations less than 1.9.1.8-1.4.1"/> 4647 <criterion test_ref="oval:org.opensuse.security:tst:2009058447" comment="mozilla-xulrunner191 less than 1.9.1.8-1.4.1"/> 4648 </criteria> 4649 </criteria> 4650 </criteria> 4651 </definition> 4652 <definition id="oval:org.opensuse.security:def:20091631" version="1" class="vulnerability"> 4653 <metadata> 4654 <title>CVE-2009-1631</title> 4655 <affected family="unix"> 4656 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4657 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4658 </affected> 4659 <reference ref_id="CVE-2009-1631" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1631" source="CVE"/> 4660 <description> 4661 The Mailer component in Evolution 2.26.1 and earlier uses world-readable permissions for the .evolution directory, and certain directories and files under .evolution/ related to local mail, which allows local users to obtain sensitive information by reading these files. 4662 </description> 4663 </metadata> 4664 <!-- ce348cdfb35e252764bfbecf9d58b216 --> 4665 <criteria operator="AND"> 4666 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4667 <criteria operator="OR"> 4668 <criterion test_ref="oval:org.opensuse.security:tst:2009060320" comment="evolution-data-server-32bit less than 1.6.0-43.92.1"/> 4669 <criterion test_ref="oval:org.opensuse.security:tst:2009060321" comment="evolution-data-server-devel less than 1.6.0-43.92.1"/> 4670 <criterion test_ref="oval:org.opensuse.security:tst:2009060322" comment="evolution-data-server less than 1.6.0-43.92.1"/> 4671 </criteria> 4672 </criteria> 4673 </definition> 4674 <definition id="oval:org.opensuse.security:def:20091709" version="1" class="vulnerability"> 4675 <metadata> 4676 <title>CVE-2009-1709</title> 4677 <affected family="unix"> 4678 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4679 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4680 </affected> 4681 <reference ref_id="CVE-2009-1709" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1709" source="CVE"/> 4682 <description> 4683 Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches." 4684 </description> 4685 </metadata> 4686 <!-- e3ee5f3465bf28ff10fa73651f8a68a3 --> 4687 <criteria operator="AND"> 4688 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4689 <criteria operator="OR"> 4690 <criterion test_ref="oval:org.opensuse.security:tst:2009064972" comment="kdegraphics3-devel less than 3.5.1-23.30.4"/> 4691 <criterion test_ref="oval:org.opensuse.security:tst:2009064973" comment="kdegraphics3-fax less than 3.5.1-23.30.4"/> 4692 <criterion test_ref="oval:org.opensuse.security:tst:2009064974" comment="kdegraphics3-kamera less than 3.5.1-23.30.4"/> 4693 <criterion test_ref="oval:org.opensuse.security:tst:2009064975" comment="kdegraphics3-pdf less than 3.5.1-23.30.4"/> 4694 <criterion test_ref="oval:org.opensuse.security:tst:2009064976" comment="kdegraphics3-postscript less than 3.5.1-23.30.4"/> 4695 <criterion test_ref="oval:org.opensuse.security:tst:2009064977" comment="kdegraphics3-scan less than 3.5.1-23.30.4"/> 4696 <criterion test_ref="oval:org.opensuse.security:tst:2009064978" comment="kdegraphics3 less than 3.5.1-23.30.4"/> 4697 </criteria> 4698 </criteria> 4699 </definition> 4700 <definition id="oval:org.opensuse.security:def:20091725" version="1" class="vulnerability"> 4701 <metadata> 4702 <title>CVE-2009-1725</title> 4703 <affected family="unix"> 4704 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4705 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4706 </affected> 4707 <reference ref_id="CVE-2009-1725" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1725" source="CVE"/> 4708 <description> 4709 WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. 4710 </description> 4711 </metadata> 4712 <!-- c5b30cec13efad0da65c9a7a3126e989 --> 4713 <criteria operator="AND"> 4714 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4715 <criteria operator="OR"> 4716 <criterion test_ref="oval:org.opensuse.security:tst:2009064930" comment="kdelibs3-32bit less than 3.5.1-49.55.1"/> 4717 <criterion test_ref="oval:org.opensuse.security:tst:2009064931" comment="kdelibs3-arts-32bit less than 3.5.1-49.55.1"/> 4718 <criterion test_ref="oval:org.opensuse.security:tst:2009064932" comment="kdelibs3-arts less than 3.5.1-49.55.1"/> 4719 <criterion test_ref="oval:org.opensuse.security:tst:2009064933" comment="kdelibs3-devel less than 3.5.1-49.55.1"/> 4720 <criterion test_ref="oval:org.opensuse.security:tst:2009064934" comment="kdelibs3-doc less than 3.5.1-49.55.1"/> 4721 <criterion test_ref="oval:org.opensuse.security:tst:2009064935" comment="kdelibs3 less than 3.5.1-49.55.1"/> 4722 </criteria> 4723 </criteria> 4724 </definition> 4725 <definition id="oval:org.opensuse.security:def:20092408" version="1" class="vulnerability"> 4726 <metadata> 4727 <title>CVE-2009-2408</title> 4728 <affected family="unix"> 4729 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4730 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4731 </affected> 4732 <reference ref_id="CVE-2009-2408" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408" source="CVE"/> 4733 <description> 4734 Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5. 4735 </description> 4736 </metadata> 4737 <criteria operator="OR"> 4738 <!-- 98c851b2207890cdc78a8457a78465b2 --> 4739 <criteria operator="AND"> 4740 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4741 <criteria operator="OR"> 4742 <criterion test_ref="oval:org.opensuse.security:tst:2009055927" comment="openldap2-client-32bit less than 2.3.32-0.36.91"/> 4743 <criterion test_ref="oval:org.opensuse.security:tst:2009055928" comment="openldap2-client less than 2.3.32-0.36.91"/> 4744 <criterion test_ref="oval:org.opensuse.security:tst:2009055929" comment="openldap2-devel-32bit less than 2.3.32-0.36.91"/> 4745 <criterion test_ref="oval:org.opensuse.security:tst:2009055930" comment="openldap2-devel less than 2.3.32-0.36.91"/> 4746 <criterion test_ref="oval:org.opensuse.security:tst:2009055931" comment="openldap2 less than 2.3.32-0.36.50"/> 4747 </criteria> 4748 </criteria> 4749 <!-- 9c400659d0ad61b54865449b76c3d803 --> 4750 <criteria operator="AND"> 4751 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4752 <criteria operator="OR"> 4753 <criterion test_ref="oval:org.opensuse.security:tst:2009055800" comment="neon-32bit less than 0.24.7-20.8.1"/> 4754 <criterion test_ref="oval:org.opensuse.security:tst:2009055801" comment="neon-devel less than 0.24.7-20.8.1"/> 4755 <criterion test_ref="oval:org.opensuse.security:tst:2009055802" comment="neon less than 0.24.7-20.8.1"/> 4756 </criteria> 4757 </criteria> 4758 </criteria> 4759 </definition> 4760 <definition id="oval:org.opensuse.security:def:20092412" version="1" class="vulnerability"> 4761 <metadata> 4762 <title>CVE-2009-2412</title> 4763 <affected family="unix"> 4764 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4765 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4766 </affected> 4767 <reference ref_id="CVE-2009-2412" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412" source="CVE"/> 4768 <description> 4769 Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information. 4770 </description> 4771 </metadata> 4772 <!-- 7d5c42318fd9b8e7c53cb5cebad8bffa --> 4773 <criteria operator="AND"> 4774 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4775 <criteria operator="OR"> 4776 <criterion test_ref="oval:org.opensuse.security:tst:2009055553" comment="libapr-util1-devel less than 1.2.2-13.9.1"/> 4777 <criterion test_ref="oval:org.opensuse.security:tst:2009055554" comment="libapr-util1 less than 1.2.2-13.9.1"/> 4778 <criterion test_ref="oval:org.opensuse.security:tst:2009055555" comment="libapr1-devel less than 1.2.2-13.8.1"/> 4779 <criterion test_ref="oval:org.opensuse.security:tst:2009055556" comment="libapr1 less than 1.2.2-13.8.1"/> 4780 </criteria> 4781 </criteria> 4782 </definition> 4783 <definition id="oval:org.opensuse.security:def:20092473" version="1" class="vulnerability"> 4784 <metadata> 4785 <title>CVE-2009-2473</title> 4786 <affected family="unix"> 4787 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4788 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4789 </affected> 4790 <reference ref_id="CVE-2009-2473" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2473" source="CVE"/> 4791 <description> 4792 neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. 4793 </description> 4794 </metadata> 4795 <!-- 9c400659d0ad61b54865449b76c3d803 --> 4796 <criteria operator="AND"> 4797 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4798 <criteria operator="OR"> 4799 <criterion test_ref="oval:org.opensuse.security:tst:2009055800" comment="neon-32bit less than 0.24.7-20.8.1"/> 4800 <criterion test_ref="oval:org.opensuse.security:tst:2009055801" comment="neon-devel less than 0.24.7-20.8.1"/> 4801 <criterion test_ref="oval:org.opensuse.security:tst:2009055802" comment="neon less than 0.24.7-20.8.1"/> 4802 </criteria> 4803 </criteria> 4804 </definition> 4805 <definition id="oval:org.opensuse.security:def:20092493" version="1" class="vulnerability"> 4806 <metadata> 4807 <title>CVE-2009-2493</title> 4808 <affected family="unix"> 4809 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4810 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4811 </affected> 4812 <reference ref_id="CVE-2009-2493" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2493" source="CVE"/> 4813 <description> 4814 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability." 4815 </description> 4816 </metadata> 4817 <!-- af469401da197afd4006ef4ae0c61aaa --> 4818 <criteria operator="AND"> 4819 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4820 <criteria operator="OR"> 4821 <criterion test_ref="oval:org.opensuse.security:tst:2009057019" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11-0.4.2"/> 4822 <criterion test_ref="oval:org.opensuse.security:tst:2009057020" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11-0.4.2"/> 4823 <criterion test_ref="oval:org.opensuse.security:tst:2009057021" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11-0.4.2"/> 4824 <criterion test_ref="oval:org.opensuse.security:tst:2009057022" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11-0.4.2"/> 4825 <criterion test_ref="oval:org.opensuse.security:tst:2009057023" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11-0.4.2"/> 4826 <criterion test_ref="oval:org.opensuse.security:tst:2009057024" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11-0.4.2"/> 4827 <criterion test_ref="oval:org.opensuse.security:tst:2009057025" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11-0.4.2"/> 4828 <criterion test_ref="oval:org.opensuse.security:tst:2009057026" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11-0.4.2"/> 4829 <criterion test_ref="oval:org.opensuse.security:tst:2009057027" comment="java-1_5_0-ibm-src less than 1.5.0_sr11-0.4.2"/> 4830 <criterion test_ref="oval:org.opensuse.security:tst:2009057028" comment="java-1_5_0-ibm less than 1.5.0_sr11-0.4.2"/> 4831 </criteria> 4832 </criteria> 4833 </definition> 4834 <definition id="oval:org.opensuse.security:def:20092560" version="1" class="vulnerability"> 4835 <metadata> 4836 <title>CVE-2009-2560</title> 4837 <affected family="unix"> 4838 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4839 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4840 </affected> 4841 <reference ref_id="CVE-2009-2560" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2560" source="CVE"/> 4842 <description> 4843 Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later reported that the RADIUS issue also affects 0.10.13 through 1.0.9. 4844 </description> 4845 </metadata> 4846 <!-- 0417f6ab47e0cc6042fa19e603c81608 --> 4847 <criteria operator="AND"> 4848 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4849 <criterion test_ref="oval:org.opensuse.security:tst:2009056452" comment="ethereal less than 0.10.14-16.39.1"/> 4850 </criteria> 4851 </definition> 4852 <definition id="oval:org.opensuse.security:def:20092563" version="1" class="vulnerability"> 4853 <metadata> 4854 <title>CVE-2009-2563</title> 4855 <affected family="unix"> 4856 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4857 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4858 </affected> 4859 <reference ref_id="CVE-2009-2563" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2563" source="CVE"/> 4860 <description> 4861 Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors. 4862 </description> 4863 </metadata> 4864 <!-- a7013413afe9902cca86ec3f1281b76e --> 4865 <criteria operator="AND"> 4866 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4867 <criterion test_ref="oval:org.opensuse.security:tst:2009058913" comment="ethereal less than 0.10.14-16.41.1"/> 4868 </criteria> 4869 </definition> 4870 <definition id="oval:org.opensuse.security:def:20092564" version="1" class="vulnerability"> 4871 <metadata> 4872 <title>CVE-2009-2564</title> 4873 <affected family="unix"> 4874 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4875 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4876 </affected> 4877 <reference ref_id="CVE-2009-2564" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2564" source="CVE"/> 4878 <description> 4879 NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot. 4880 </description> 4881 </metadata> 4882 <criteria operator="OR"> 4883 <!-- 538748b7a9bae219da3187e837f552ac --> 4884 <criteria operator="AND"> 4885 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4886 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 4887 </criteria> 4888 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 4889 <criteria operator="AND"> 4890 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4891 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 4892 </criteria> 4893 </criteria> 4894 </definition> 4895 <definition id="oval:org.opensuse.security:def:20092621" version="1" class="vulnerability"> 4896 <metadata> 4897 <title>CVE-2009-2621</title> 4898 <affected family="unix"> 4899 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4900 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4901 </affected> 4902 <reference ref_id="CVE-2009-2621" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2621" source="CVE"/> 4903 <description> 4904 Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not properly enforce "buffer limits and related bound checks," which allows remote attackers to cause a denial of service via (1) an incomplete request or (2) a request with a large header size, related to (a) HttpMsg.cc and (b) client_side.cc. 4905 </description> 4906 </metadata> 4907 <!-- c47f23990313deda7c25045777a1d09b --> 4908 <criteria operator="AND"> 4909 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4910 <criterion test_ref="oval:org.opensuse.security:tst:2009059073" comment="squid less than 2.5.STABLE12-18.13.982.2.1"/> 4911 </criteria> 4912 </definition> 4913 <definition id="oval:org.opensuse.security:def:20092622" version="1" class="vulnerability"> 4914 <metadata> 4915 <title>CVE-2009-2622</title> 4916 <affected family="unix"> 4917 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4918 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4919 </affected> 4920 <reference ref_id="CVE-2009-2622" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2622" source="CVE"/> 4921 <description> 4922 Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version," or (4) "missing or invalid status number," related to (a) HttpMsg.cc and (b) HttpReply.cc. 4923 </description> 4924 </metadata> 4925 <!-- c47f23990313deda7c25045777a1d09b --> 4926 <criteria operator="AND"> 4927 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4928 <criterion test_ref="oval:org.opensuse.security:tst:2009059073" comment="squid less than 2.5.STABLE12-18.13.982.2.1"/> 4929 </criteria> 4930 </definition> 4931 <definition id="oval:org.opensuse.security:def:20092625" version="1" class="vulnerability"> 4932 <metadata> 4933 <title>CVE-2009-2625</title> 4934 <affected family="unix"> 4935 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4936 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4937 </affected> 4938 <reference ref_id="CVE-2009-2625" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2625" source="CVE"/> 4939 <description> 4940 XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework. 4941 </description> 4942 </metadata> 4943 <criteria operator="OR"> 4944 <!-- 2bf3d4d93bd78d8c4ba85f2b470302a5 --> 4945 <criteria operator="AND"> 4946 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4947 <criteria operator="OR"> 4948 <criterion test_ref="oval:org.opensuse.security:tst:2009060392" comment="python-32bit less than 2.4.2-18.29.2"/> 4949 <criterion test_ref="oval:org.opensuse.security:tst:2009060393" comment="python-curses less than 2.4.2-18.29.2"/> 4950 <criterion test_ref="oval:org.opensuse.security:tst:2009060394" comment="python-devel less than 2.4.2-18.29.2"/> 4951 <criterion test_ref="oval:org.opensuse.security:tst:2009060395" comment="python-gdbm less than 2.4.2-18.29.2"/> 4952 <criterion test_ref="oval:org.opensuse.security:tst:2009060396" comment="python-tk less than 2.4.2-18.29.2"/> 4953 <criterion test_ref="oval:org.opensuse.security:tst:2009060397" comment="python-xml less than 2.4.2-18.29.2"/> 4954 <criterion test_ref="oval:org.opensuse.security:tst:2009060398" comment="python less than 2.4.2-18.29.2"/> 4955 </criteria> 4956 </criteria> 4957 <!-- 4b6a98144b056338e16faebd4e808fd6 --> 4958 <criteria operator="AND"> 4959 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4960 <criteria operator="OR"> 4961 <criterion test_ref="oval:org.opensuse.security:tst:2009060281" comment="libicecore less than 1.0.8-0.6.1"/> 4962 <criterion test_ref="oval:org.opensuse.security:tst:2009060282" comment="libiiclib less than 1.0.8-0.6.1"/> 4963 <criterion test_ref="oval:org.opensuse.security:tst:2009060283" comment="libiksemel less than 1.0.8-0.6.1"/> 4964 <criterion test_ref="oval:org.opensuse.security:tst:2009060284" comment="libnetlib less than 1.0.8-0.6.1"/> 4965 <criterion test_ref="oval:org.opensuse.security:tst:2009060285" comment="libxmlrpc less than 1.0.8-0.6.1"/> 4966 </criteria> 4967 </criteria> 4968 </criteria> 4969 </definition> 4970 <definition id="oval:org.opensuse.security:def:20092663" version="1" class="vulnerability"> 4971 <metadata> 4972 <title>CVE-2009-2663</title> 4973 <affected family="unix"> 4974 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4975 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4976 </affected> 4977 <reference ref_id="CVE-2009-2663" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2663" source="CVE"/> 4978 <description> 4979 libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .ogg file. 4980 </description> 4981 </metadata> 4982 <!-- 8ce1e2c2dcbbf5df8764b4d8f461c007 --> 4983 <criteria operator="AND"> 4984 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 4985 <criteria operator="OR"> 4986 <criterion test_ref="oval:org.opensuse.security:tst:2009061115" comment="libvorbis-32bit less than 1.1.2-13.17.1"/> 4987 <criterion test_ref="oval:org.opensuse.security:tst:2009061116" comment="libvorbis less than 1.1.2-13.17.1"/> 4988 </criteria> 4989 </criteria> 4990 </definition> 4991 <definition id="oval:org.opensuse.security:def:20092700" version="1" class="vulnerability"> 4992 <metadata> 4993 <title>CVE-2009-2700</title> 4994 <affected family="unix"> 4995 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 4996 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 4997 </affected> 4998 <reference ref_id="CVE-2009-2700" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2700" source="CVE"/> 4999 <description> 5000 src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. 5001 </description> 5002 </metadata> 5003 <!-- bcba4f2a8ad5c321b0e01e3ec52c8c68 --> 5004 <criteria operator="AND"> 5005 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5006 <criteria operator="OR"> 5007 <criterion test_ref="oval:org.opensuse.security:tst:2009056192" comment="dbus-1-qt-32bit less than 4.3.4-0.7.1"/> 5008 <criterion test_ref="oval:org.opensuse.security:tst:2009056193" comment="dbus-1-qt less than 4.3.4-0.7.1"/> 5009 <criterion test_ref="oval:org.opensuse.security:tst:2009056194" comment="qt-qt3support-32bit less than 4.3.4-0.7.1"/> 5010 <criterion test_ref="oval:org.opensuse.security:tst:2009056195" comment="qt-qt3support less than 4.3.4-0.7.1"/> 5011 <criterion test_ref="oval:org.opensuse.security:tst:2009056196" comment="qt-sql-32bit less than 4.3.4-0.7.1"/> 5012 <criterion test_ref="oval:org.opensuse.security:tst:2009056197" comment="qt-sql less than 4.3.4-0.7.1"/> 5013 <criterion test_ref="oval:org.opensuse.security:tst:2009056198" comment="qt-x11-32bit less than 4.3.4-0.7.1"/> 5014 <criterion test_ref="oval:org.opensuse.security:tst:2009056199" comment="qt-x11 less than 4.3.4-0.7.1"/> 5015 </criteria> 5016 </criteria> 5017 </definition> 5018 <definition id="oval:org.opensuse.security:def:20092813" version="1" class="vulnerability"> 5019 <metadata> 5020 <title>CVE-2009-2813</title> 5021 <affected family="unix"> 5022 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5023 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5024 </affected> 5025 <reference ref_id="CVE-2009-2813" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813" source="CVE"/> 5026 <description> 5027 Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories. 5028 </description> 5029 </metadata> 5030 <!-- dc4ae9dd35f01cf1f82feae5daa110f6 --> 5031 <criteria operator="AND"> 5032 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5033 <criteria operator="OR"> 5034 <criterion test_ref="oval:org.opensuse.security:tst:2009055614" comment="cifs-mount less than 3.0.36-0.7.1"/> 5035 <criterion test_ref="oval:org.opensuse.security:tst:2009055615" comment="ldapsmb less than 1.34b-25.7.1"/> 5036 <criterion test_ref="oval:org.opensuse.security:tst:2009055616" comment="libsmbclient-32bit less than 3.0.36-0.7.1"/> 5037 <criterion test_ref="oval:org.opensuse.security:tst:2009055617" comment="libsmbclient-devel less than 3.0.36-0.7.1"/> 5038 <criterion test_ref="oval:org.opensuse.security:tst:2009055618" comment="libsmbclient less than 3.0.36-0.7.1"/> 5039 <criterion test_ref="oval:org.opensuse.security:tst:2009055619" comment="samba-32bit less than 3.0.36-0.7.1"/> 5040 <criterion test_ref="oval:org.opensuse.security:tst:2009055620" comment="samba-client-32bit less than 3.0.36-0.7.1"/> 5041 <criterion test_ref="oval:org.opensuse.security:tst:2009055621" comment="samba-client less than 3.0.36-0.7.1"/> 5042 <criterion test_ref="oval:org.opensuse.security:tst:2009055622" comment="samba-krb-printing less than 3.0.36-0.7.1"/> 5043 <criterion test_ref="oval:org.opensuse.security:tst:2009055623" comment="samba-vscan less than 0.3.6b-43.7.1"/> 5044 <criterion test_ref="oval:org.opensuse.security:tst:2009055624" comment="samba-winbind-32bit less than 3.0.36-0.7.1"/> 5045 <criterion test_ref="oval:org.opensuse.security:tst:2009055625" comment="samba-winbind less than 3.0.36-0.7.1"/> 5046 <criterion test_ref="oval:org.opensuse.security:tst:2009055626" comment="samba less than 3.0.36-0.7.1"/> 5047 </criteria> 5048 </criteria> 5049 </definition> 5050 <definition id="oval:org.opensuse.security:def:20092855" version="1" class="vulnerability"> 5051 <metadata> 5052 <title>CVE-2009-2855</title> 5053 <affected family="unix"> 5054 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5055 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5056 </affected> 5057 <reference ref_id="CVE-2009-2855" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2855" source="CVE"/> 5058 <description> 5059 The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function. 5060 </description> 5061 </metadata> 5062 <!-- c47f23990313deda7c25045777a1d09b --> 5063 <criteria operator="AND"> 5064 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5065 <criterion test_ref="oval:org.opensuse.security:tst:2009059073" comment="squid less than 2.5.STABLE12-18.13.982.2.1"/> 5066 </criteria> 5067 </definition> 5068 <definition id="oval:org.opensuse.security:def:20092903" version="1" class="vulnerability"> 5069 <metadata> 5070 <title>CVE-2009-2903</title> 5071 <affected family="unix"> 5072 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5073 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5074 </affected> 5075 <reference ref_id="CVE-2009-2903" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2903" source="CVE"/> 5076 <description> 5077 Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams. 5078 </description> 5079 </metadata> 5080 <criteria operator="OR"> 5081 <!-- 1f3d0df322cdf35f54c2baec92610fa0 --> 5082 <criteria operator="AND"> 5083 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5084 <criteria operator="OR"> 5085 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 5086 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 5087 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 5088 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 5089 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 5090 </criteria> 5091 </criteria> 5092 <!-- 7a612881db49bcc0dd76d517d881465e --> 5093 <criteria operator="AND"> 5094 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5095 <criteria operator="OR"> 5096 <criterion test_ref="oval:org.opensuse.security:tst:2009056864" comment="kernel-bigsmp less than 2.6.16.60-0.58.1"/> 5097 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 5098 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 5099 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 5100 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 5101 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 5102 <criterion test_ref="oval:org.opensuse.security:tst:2009056865" comment="kernel-xenpae less than 2.6.16.60-0.58.1"/> 5103 </criteria> 5104 </criteria> 5105 </criteria> 5106 </definition> 5107 <definition id="oval:org.opensuse.security:def:20092906" version="1" class="vulnerability"> 5108 <metadata> 5109 <title>CVE-2009-2906</title> 5110 <affected family="unix"> 5111 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5112 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5113 </affected> 5114 <reference ref_id="CVE-2009-2906" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906" source="CVE"/> 5115 <description> 5116 smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet. 5117 </description> 5118 </metadata> 5119 <!-- dc4ae9dd35f01cf1f82feae5daa110f6 --> 5120 <criteria operator="AND"> 5121 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5122 <criteria operator="OR"> 5123 <criterion test_ref="oval:org.opensuse.security:tst:2009055614" comment="cifs-mount less than 3.0.36-0.7.1"/> 5124 <criterion test_ref="oval:org.opensuse.security:tst:2009055615" comment="ldapsmb less than 1.34b-25.7.1"/> 5125 <criterion test_ref="oval:org.opensuse.security:tst:2009055616" comment="libsmbclient-32bit less than 3.0.36-0.7.1"/> 5126 <criterion test_ref="oval:org.opensuse.security:tst:2009055617" comment="libsmbclient-devel less than 3.0.36-0.7.1"/> 5127 <criterion test_ref="oval:org.opensuse.security:tst:2009055618" comment="libsmbclient less than 3.0.36-0.7.1"/> 5128 <criterion test_ref="oval:org.opensuse.security:tst:2009055619" comment="samba-32bit less than 3.0.36-0.7.1"/> 5129 <criterion test_ref="oval:org.opensuse.security:tst:2009055620" comment="samba-client-32bit less than 3.0.36-0.7.1"/> 5130 <criterion test_ref="oval:org.opensuse.security:tst:2009055621" comment="samba-client less than 3.0.36-0.7.1"/> 5131 <criterion test_ref="oval:org.opensuse.security:tst:2009055622" comment="samba-krb-printing less than 3.0.36-0.7.1"/> 5132 <criterion test_ref="oval:org.opensuse.security:tst:2009055623" comment="samba-vscan less than 0.3.6b-43.7.1"/> 5133 <criterion test_ref="oval:org.opensuse.security:tst:2009055624" comment="samba-winbind-32bit less than 3.0.36-0.7.1"/> 5134 <criterion test_ref="oval:org.opensuse.security:tst:2009055625" comment="samba-winbind less than 3.0.36-0.7.1"/> 5135 <criterion test_ref="oval:org.opensuse.security:tst:2009055626" comment="samba less than 3.0.36-0.7.1"/> 5136 </criteria> 5137 </criteria> 5138 </definition> 5139 <definition id="oval:org.opensuse.security:def:20092909" version="1" class="vulnerability"> 5140 <metadata> 5141 <title>CVE-2009-2909</title> 5142 <affected family="unix"> 5143 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5144 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5145 </affected> 5146 <reference ref_id="CVE-2009-2909" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2909" source="CVE"/> 5147 <description> 5148 Integer signedness error in the ax25_setsockopt function in net/ax25/af_ax25.c in the ax25 subsystem in the Linux kernel before 2.6.31.2 allows local users to cause a denial of service (OOPS) via a crafted optlen value in an SO_BINDTODEVICE operation. 5149 </description> 5150 </metadata> 5151 <criteria operator="OR"> 5152 <!-- 4d39ec6d8748e038ab04a0b27f7382a1 --> 5153 <criteria operator="AND"> 5154 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5155 <criteria operator="OR"> 5156 <criterion test_ref="oval:org.opensuse.security:tst:2009056156" comment="kernel-bigsmp less than 2.6.16.60-0.57.1"/> 5157 <criterion test_ref="oval:org.opensuse.security:tst:2009056150" comment="kernel-default less than 2.6.16.60-0.57.1"/> 5158 <criterion test_ref="oval:org.opensuse.security:tst:2009056157" comment="kernel-smp less than 2.6.16.60-0.57.1"/> 5159 <criterion test_ref="oval:org.opensuse.security:tst:2009056154" comment="kernel-source less than 2.6.16.60-0.57.1"/> 5160 <criterion test_ref="oval:org.opensuse.security:tst:2009056155" comment="kernel-syms less than 2.6.16.60-0.57.1"/> 5161 <criterion test_ref="oval:org.opensuse.security:tst:2009056158" comment="kernel-xen less than 2.6.16.60-0.57.1"/> 5162 <criterion test_ref="oval:org.opensuse.security:tst:2009056159" comment="kernel-xenpae less than 2.6.16.60-0.57.1"/> 5163 </criteria> 5164 </criteria> 5165 <!-- ddf0cfe0200a78301be8b1d7b78fb645 --> 5166 <criteria operator="AND"> 5167 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5168 <criteria operator="OR"> 5169 <criterion test_ref="oval:org.opensuse.security:tst:2009056150" comment="kernel-default less than 2.6.16.60-0.57.1"/> 5170 <criterion test_ref="oval:org.opensuse.security:tst:2009056157" comment="kernel-smp less than 2.6.16.60-0.57.1"/> 5171 <criterion test_ref="oval:org.opensuse.security:tst:2009056154" comment="kernel-source less than 2.6.16.60-0.57.1"/> 5172 <criterion test_ref="oval:org.opensuse.security:tst:2009056155" comment="kernel-syms less than 2.6.16.60-0.57.1"/> 5173 <criterion test_ref="oval:org.opensuse.security:tst:2009056158" comment="kernel-xen less than 2.6.16.60-0.57.1"/> 5174 </criteria> 5175 </criteria> 5176 </criteria> 5177 </definition> 5178 <definition id="oval:org.opensuse.security:def:20092910" version="1" class="vulnerability"> 5179 <metadata> 5180 <title>CVE-2009-2910</title> 5181 <affected family="unix"> 5182 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5183 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5184 </affected> 5185 <reference ref_id="CVE-2009-2910" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2910" source="CVE"/> 5186 <description> 5187 arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode. 5188 </description> 5189 </metadata> 5190 <criteria operator="OR"> 5191 <!-- 4d39ec6d8748e038ab04a0b27f7382a1 --> 5192 <criteria operator="AND"> 5193 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5194 <criteria operator="OR"> 5195 <criterion test_ref="oval:org.opensuse.security:tst:2009056156" comment="kernel-bigsmp less than 2.6.16.60-0.57.1"/> 5196 <criterion test_ref="oval:org.opensuse.security:tst:2009056150" comment="kernel-default less than 2.6.16.60-0.57.1"/> 5197 <criterion test_ref="oval:org.opensuse.security:tst:2009056157" comment="kernel-smp less than 2.6.16.60-0.57.1"/> 5198 <criterion test_ref="oval:org.opensuse.security:tst:2009056154" comment="kernel-source less than 2.6.16.60-0.57.1"/> 5199 <criterion test_ref="oval:org.opensuse.security:tst:2009056155" comment="kernel-syms less than 2.6.16.60-0.57.1"/> 5200 <criterion test_ref="oval:org.opensuse.security:tst:2009056158" comment="kernel-xen less than 2.6.16.60-0.57.1"/> 5201 <criterion test_ref="oval:org.opensuse.security:tst:2009056159" comment="kernel-xenpae less than 2.6.16.60-0.57.1"/> 5202 </criteria> 5203 </criteria> 5204 <!-- ddf0cfe0200a78301be8b1d7b78fb645 --> 5205 <criteria operator="AND"> 5206 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5207 <criteria operator="OR"> 5208 <criterion test_ref="oval:org.opensuse.security:tst:2009056150" comment="kernel-default less than 2.6.16.60-0.57.1"/> 5209 <criterion test_ref="oval:org.opensuse.security:tst:2009056157" comment="kernel-smp less than 2.6.16.60-0.57.1"/> 5210 <criterion test_ref="oval:org.opensuse.security:tst:2009056154" comment="kernel-source less than 2.6.16.60-0.57.1"/> 5211 <criterion test_ref="oval:org.opensuse.security:tst:2009056155" comment="kernel-syms less than 2.6.16.60-0.57.1"/> 5212 <criterion test_ref="oval:org.opensuse.security:tst:2009056158" comment="kernel-xen less than 2.6.16.60-0.57.1"/> 5213 </criteria> 5214 </criteria> 5215 </criteria> 5216 </definition> 5217 <definition id="oval:org.opensuse.security:def:20092948" version="1" class="vulnerability"> 5218 <metadata> 5219 <title>CVE-2009-2948</title> 5220 <affected family="unix"> 5221 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5222 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5223 </affected> 5224 <reference ref_id="CVE-2009-2948" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948" source="CVE"/> 5225 <description> 5226 mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the credentials file and using the --verbose or -v option. 5227 </description> 5228 </metadata> 5229 <!-- dc4ae9dd35f01cf1f82feae5daa110f6 --> 5230 <criteria operator="AND"> 5231 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5232 <criteria operator="OR"> 5233 <criterion test_ref="oval:org.opensuse.security:tst:2009055614" comment="cifs-mount less than 3.0.36-0.7.1"/> 5234 <criterion test_ref="oval:org.opensuse.security:tst:2009055615" comment="ldapsmb less than 1.34b-25.7.1"/> 5235 <criterion test_ref="oval:org.opensuse.security:tst:2009055616" comment="libsmbclient-32bit less than 3.0.36-0.7.1"/> 5236 <criterion test_ref="oval:org.opensuse.security:tst:2009055617" comment="libsmbclient-devel less than 3.0.36-0.7.1"/> 5237 <criterion test_ref="oval:org.opensuse.security:tst:2009055618" comment="libsmbclient less than 3.0.36-0.7.1"/> 5238 <criterion test_ref="oval:org.opensuse.security:tst:2009055619" comment="samba-32bit less than 3.0.36-0.7.1"/> 5239 <criterion test_ref="oval:org.opensuse.security:tst:2009055620" comment="samba-client-32bit less than 3.0.36-0.7.1"/> 5240 <criterion test_ref="oval:org.opensuse.security:tst:2009055621" comment="samba-client less than 3.0.36-0.7.1"/> 5241 <criterion test_ref="oval:org.opensuse.security:tst:2009055622" comment="samba-krb-printing less than 3.0.36-0.7.1"/> 5242 <criterion test_ref="oval:org.opensuse.security:tst:2009055623" comment="samba-vscan less than 0.3.6b-43.7.1"/> 5243 <criterion test_ref="oval:org.opensuse.security:tst:2009055624" comment="samba-winbind-32bit less than 3.0.36-0.7.1"/> 5244 <criterion test_ref="oval:org.opensuse.security:tst:2009055625" comment="samba-winbind less than 3.0.36-0.7.1"/> 5245 <criterion test_ref="oval:org.opensuse.security:tst:2009055626" comment="samba less than 3.0.36-0.7.1"/> 5246 </criteria> 5247 </criteria> 5248 </definition> 5249 <definition id="oval:org.opensuse.security:def:20092949" version="1" class="vulnerability"> 5250 <metadata> 5251 <title>CVE-2009-2949</title> 5252 <affected family="unix"> 5253 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5254 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5255 </affected> 5256 <reference ref_id="CVE-2009-2949" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2949" source="CVE"/> 5257 <description> 5258 Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow. 5259 </description> 5260 </metadata> 5261 <!-- 17aa6adc1c5e58a79af02c479d95aab1 --> 5262 <criteria operator="AND"> 5263 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5264 <criteria operator="OR"> 5265 <criterion test_ref="oval:org.opensuse.security:tst:2009058672" comment="OpenOffice_org-af less than 3.2-0.6.1"/> 5266 <criterion test_ref="oval:org.opensuse.security:tst:2009058673" comment="OpenOffice_org-ar less than 3.2-0.6.1"/> 5267 <criterion test_ref="oval:org.opensuse.security:tst:2009058674" comment="OpenOffice_org-ca less than 3.2-0.6.1"/> 5268 <criterion test_ref="oval:org.opensuse.security:tst:2009058675" comment="OpenOffice_org-cs less than 3.2-0.6.1"/> 5269 <criterion test_ref="oval:org.opensuse.security:tst:2009058676" comment="OpenOffice_org-da less than 3.2-0.6.1"/> 5270 <criterion test_ref="oval:org.opensuse.security:tst:2009058677" comment="OpenOffice_org-de less than 3.2-0.6.1"/> 5271 <criterion test_ref="oval:org.opensuse.security:tst:2009058678" comment="OpenOffice_org-es less than 3.2-0.6.1"/> 5272 <criterion test_ref="oval:org.opensuse.security:tst:2009058679" comment="OpenOffice_org-fi less than 3.2-0.6.1"/> 5273 <criterion test_ref="oval:org.opensuse.security:tst:2009058680" comment="OpenOffice_org-fr less than 3.2-0.6.1"/> 5274 <criterion test_ref="oval:org.opensuse.security:tst:2009058681" comment="OpenOffice_org-galleries less than 3.2-0.6.1"/> 5275 <criterion test_ref="oval:org.opensuse.security:tst:2009058682" comment="OpenOffice_org-gnome less than 3.2-0.6.1"/> 5276 <criterion test_ref="oval:org.opensuse.security:tst:2009058683" comment="OpenOffice_org-gu-IN less than 3.2-0.6.1"/> 5277 <criterion test_ref="oval:org.opensuse.security:tst:2009058684" comment="OpenOffice_org-hi-IN less than 3.2-0.6.1"/> 5278 <criterion test_ref="oval:org.opensuse.security:tst:2009058685" comment="OpenOffice_org-hu less than 3.2-0.6.1"/> 5279 <criterion test_ref="oval:org.opensuse.security:tst:2009058686" comment="OpenOffice_org-it less than 3.2-0.6.1"/> 5280 <criterion test_ref="oval:org.opensuse.security:tst:2009058687" comment="OpenOffice_org-ja less than 3.2-0.6.1"/> 5281 <criterion test_ref="oval:org.opensuse.security:tst:2009058688" comment="OpenOffice_org-kde less than 3.2-0.6.1"/> 5282 <criterion test_ref="oval:org.opensuse.security:tst:2009058689" comment="OpenOffice_org-mono less than 3.2-0.6.1"/> 5283 <criterion test_ref="oval:org.opensuse.security:tst:2009058690" comment="OpenOffice_org-nb less than 3.2-0.6.1"/> 5284 <criterion test_ref="oval:org.opensuse.security:tst:2009058691" comment="OpenOffice_org-nl less than 3.2-0.6.1"/> 5285 <criterion test_ref="oval:org.opensuse.security:tst:2009058692" comment="OpenOffice_org-nld less than 3.2-0.6.1"/> 5286 <criterion test_ref="oval:org.opensuse.security:tst:2009058693" comment="OpenOffice_org-nn less than 3.2-0.6.1"/> 5287 <criterion test_ref="oval:org.opensuse.security:tst:2009058694" comment="OpenOffice_org-pl less than 3.2-0.6.1"/> 5288 <criterion test_ref="oval:org.opensuse.security:tst:2009058695" comment="OpenOffice_org-pt-BR less than 3.2-0.6.1"/> 5289 <criterion test_ref="oval:org.opensuse.security:tst:2009058696" comment="OpenOffice_org-ru less than 3.2-0.6.1"/> 5290 <criterion test_ref="oval:org.opensuse.security:tst:2009058697" comment="OpenOffice_org-sk less than 3.2-0.6.1"/> 5291 <criterion test_ref="oval:org.opensuse.security:tst:2009058698" comment="OpenOffice_org-sv less than 3.2-0.6.1"/> 5292 <criterion test_ref="oval:org.opensuse.security:tst:2009058699" comment="OpenOffice_org-xh less than 3.2-0.6.1"/> 5293 <criterion test_ref="oval:org.opensuse.security:tst:2009058700" comment="OpenOffice_org-zh-CN less than 3.2-0.6.1"/> 5294 <criterion test_ref="oval:org.opensuse.security:tst:2009058701" comment="OpenOffice_org-zh-TW less than 3.2-0.6.1"/> 5295 <criterion test_ref="oval:org.opensuse.security:tst:2009058702" comment="OpenOffice_org-zu less than 3.2-0.6.1"/> 5296 <criterion test_ref="oval:org.opensuse.security:tst:2009058703" comment="OpenOffice_org less than 3.2-0.6.1"/> 5297 </criteria> 5298 </criteria> 5299 </definition> 5300 <definition id="oval:org.opensuse.security:def:20092950" version="1" class="vulnerability"> 5301 <metadata> 5302 <title>CVE-2009-2950</title> 5303 <affected family="unix"> 5304 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5305 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5306 </affected> 5307 <reference ref_id="CVE-2009-2950" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2950" source="CVE"/> 5308 <description> 5309 Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression. 5310 </description> 5311 </metadata> 5312 <!-- 17aa6adc1c5e58a79af02c479d95aab1 --> 5313 <criteria operator="AND"> 5314 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5315 <criteria operator="OR"> 5316 <criterion test_ref="oval:org.opensuse.security:tst:2009058672" comment="OpenOffice_org-af less than 3.2-0.6.1"/> 5317 <criterion test_ref="oval:org.opensuse.security:tst:2009058673" comment="OpenOffice_org-ar less than 3.2-0.6.1"/> 5318 <criterion test_ref="oval:org.opensuse.security:tst:2009058674" comment="OpenOffice_org-ca less than 3.2-0.6.1"/> 5319 <criterion test_ref="oval:org.opensuse.security:tst:2009058675" comment="OpenOffice_org-cs less than 3.2-0.6.1"/> 5320 <criterion test_ref="oval:org.opensuse.security:tst:2009058676" comment="OpenOffice_org-da less than 3.2-0.6.1"/> 5321 <criterion test_ref="oval:org.opensuse.security:tst:2009058677" comment="OpenOffice_org-de less than 3.2-0.6.1"/> 5322 <criterion test_ref="oval:org.opensuse.security:tst:2009058678" comment="OpenOffice_org-es less than 3.2-0.6.1"/> 5323 <criterion test_ref="oval:org.opensuse.security:tst:2009058679" comment="OpenOffice_org-fi less than 3.2-0.6.1"/> 5324 <criterion test_ref="oval:org.opensuse.security:tst:2009058680" comment="OpenOffice_org-fr less than 3.2-0.6.1"/> 5325 <criterion test_ref="oval:org.opensuse.security:tst:2009058681" comment="OpenOffice_org-galleries less than 3.2-0.6.1"/> 5326 <criterion test_ref="oval:org.opensuse.security:tst:2009058682" comment="OpenOffice_org-gnome less than 3.2-0.6.1"/> 5327 <criterion test_ref="oval:org.opensuse.security:tst:2009058683" comment="OpenOffice_org-gu-IN less than 3.2-0.6.1"/> 5328 <criterion test_ref="oval:org.opensuse.security:tst:2009058684" comment="OpenOffice_org-hi-IN less than 3.2-0.6.1"/> 5329 <criterion test_ref="oval:org.opensuse.security:tst:2009058685" comment="OpenOffice_org-hu less than 3.2-0.6.1"/> 5330 <criterion test_ref="oval:org.opensuse.security:tst:2009058686" comment="OpenOffice_org-it less than 3.2-0.6.1"/> 5331 <criterion test_ref="oval:org.opensuse.security:tst:2009058687" comment="OpenOffice_org-ja less than 3.2-0.6.1"/> 5332 <criterion test_ref="oval:org.opensuse.security:tst:2009058688" comment="OpenOffice_org-kde less than 3.2-0.6.1"/> 5333 <criterion test_ref="oval:org.opensuse.security:tst:2009058689" comment="OpenOffice_org-mono less than 3.2-0.6.1"/> 5334 <criterion test_ref="oval:org.opensuse.security:tst:2009058690" comment="OpenOffice_org-nb less than 3.2-0.6.1"/> 5335 <criterion test_ref="oval:org.opensuse.security:tst:2009058691" comment="OpenOffice_org-nl less than 3.2-0.6.1"/> 5336 <criterion test_ref="oval:org.opensuse.security:tst:2009058692" comment="OpenOffice_org-nld less than 3.2-0.6.1"/> 5337 <criterion test_ref="oval:org.opensuse.security:tst:2009058693" comment="OpenOffice_org-nn less than 3.2-0.6.1"/> 5338 <criterion test_ref="oval:org.opensuse.security:tst:2009058694" comment="OpenOffice_org-pl less than 3.2-0.6.1"/> 5339 <criterion test_ref="oval:org.opensuse.security:tst:2009058695" comment="OpenOffice_org-pt-BR less than 3.2-0.6.1"/> 5340 <criterion test_ref="oval:org.opensuse.security:tst:2009058696" comment="OpenOffice_org-ru less than 3.2-0.6.1"/> 5341 <criterion test_ref="oval:org.opensuse.security:tst:2009058697" comment="OpenOffice_org-sk less than 3.2-0.6.1"/> 5342 <criterion test_ref="oval:org.opensuse.security:tst:2009058698" comment="OpenOffice_org-sv less than 3.2-0.6.1"/> 5343 <criterion test_ref="oval:org.opensuse.security:tst:2009058699" comment="OpenOffice_org-xh less than 3.2-0.6.1"/> 5344 <criterion test_ref="oval:org.opensuse.security:tst:2009058700" comment="OpenOffice_org-zh-CN less than 3.2-0.6.1"/> 5345 <criterion test_ref="oval:org.opensuse.security:tst:2009058701" comment="OpenOffice_org-zh-TW less than 3.2-0.6.1"/> 5346 <criterion test_ref="oval:org.opensuse.security:tst:2009058702" comment="OpenOffice_org-zu less than 3.2-0.6.1"/> 5347 <criterion test_ref="oval:org.opensuse.security:tst:2009058703" comment="OpenOffice_org less than 3.2-0.6.1"/> 5348 </criteria> 5349 </criteria> 5350 </definition> 5351 <definition id="oval:org.opensuse.security:def:20092979" version="1" class="vulnerability"> 5352 <metadata> 5353 <title>CVE-2009-2979</title> 5354 <affected family="unix"> 5355 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5356 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5357 </affected> 5358 <reference ref_id="CVE-2009-2979" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2979" source="CVE"/> 5359 <description> 5360 Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 do not properly perform XMP-XML entity expansion, which allows remote attackers to cause a denial of service via a crafted document. 5361 </description> 5362 </metadata> 5363 <criteria operator="OR"> 5364 <!-- 538748b7a9bae219da3187e837f552ac --> 5365 <criteria operator="AND"> 5366 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5367 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 5368 </criteria> 5369 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 5370 <criteria operator="AND"> 5371 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5372 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 5373 </criteria> 5374 </criteria> 5375 </definition> 5376 <definition id="oval:org.opensuse.security:def:20092980" version="1" class="vulnerability"> 5377 <metadata> 5378 <title>CVE-2009-2980</title> 5379 <affected family="unix"> 5380 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5381 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5382 </affected> 5383 <reference ref_id="CVE-2009-2980" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2980" source="CVE"/> 5384 <description> 5385 Integer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors. 5386 </description> 5387 </metadata> 5388 <criteria operator="OR"> 5389 <!-- 538748b7a9bae219da3187e837f552ac --> 5390 <criteria operator="AND"> 5391 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5392 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 5393 </criteria> 5394 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 5395 <criteria operator="AND"> 5396 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5397 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 5398 </criteria> 5399 </criteria> 5400 </definition> 5401 <definition id="oval:org.opensuse.security:def:20092981" version="1" class="vulnerability"> 5402 <metadata> 5403 <title>CVE-2009-2981</title> 5404 <affected family="unix"> 5405 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5406 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5407 </affected> 5408 <reference ref_id="CVE-2009-2981" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2981" source="CVE"/> 5409 <description> 5410 Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to bypass intended Trust Manager restrictions via unspecified vectors. 5411 </description> 5412 </metadata> 5413 <criteria operator="OR"> 5414 <!-- 538748b7a9bae219da3187e837f552ac --> 5415 <criteria operator="AND"> 5416 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5417 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 5418 </criteria> 5419 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 5420 <criteria operator="AND"> 5421 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5422 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 5423 </criteria> 5424 </criteria> 5425 </definition> 5426 <definition id="oval:org.opensuse.security:def:20092982" version="1" class="vulnerability"> 5427 <metadata> 5428 <title>CVE-2009-2982</title> 5429 <affected family="unix"> 5430 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5431 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5432 </affected> 5433 <reference ref_id="CVE-2009-2982" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2982" source="CVE"/> 5434 <description> 5435 An unspecified certificate in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow remote attackers to conduct a "social engineering attack" via unknown vectors. 5436 </description> 5437 </metadata> 5438 <criteria operator="OR"> 5439 <!-- 538748b7a9bae219da3187e837f552ac --> 5440 <criteria operator="AND"> 5441 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5442 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 5443 </criteria> 5444 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 5445 <criteria operator="AND"> 5446 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5447 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 5448 </criteria> 5449 </criteria> 5450 </definition> 5451 <definition id="oval:org.opensuse.security:def:20092983" version="1" class="vulnerability"> 5452 <metadata> 5453 <title>CVE-2009-2983</title> 5454 <affected family="unix"> 5455 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5456 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5457 </affected> 5458 <reference ref_id="CVE-2009-2983" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2983" source="CVE"/> 5459 <description> 5460 Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. 5461 </description> 5462 </metadata> 5463 <criteria operator="OR"> 5464 <!-- 538748b7a9bae219da3187e837f552ac --> 5465 <criteria operator="AND"> 5466 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5467 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 5468 </criteria> 5469 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 5470 <criteria operator="AND"> 5471 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5472 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 5473 </criteria> 5474 </criteria> 5475 </definition> 5476 <definition id="oval:org.opensuse.security:def:20092985" version="1" class="vulnerability"> 5477 <metadata> 5478 <title>CVE-2009-2985</title> 5479 <affected family="unix"> 5480 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5481 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5482 </affected> 5483 <reference ref_id="CVE-2009-2985" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2985" source="CVE"/> 5484 <description> 5485 Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2996. 5486 </description> 5487 </metadata> 5488 <criteria operator="OR"> 5489 <!-- 538748b7a9bae219da3187e837f552ac --> 5490 <criteria operator="AND"> 5491 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5492 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 5493 </criteria> 5494 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 5495 <criteria operator="AND"> 5496 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5497 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 5498 </criteria> 5499 </criteria> 5500 </definition> 5501 <definition id="oval:org.opensuse.security:def:20092986" version="1" class="vulnerability"> 5502 <metadata> 5503 <title>CVE-2009-2986</title> 5504 <affected family="unix"> 5505 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5506 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5507 </affected> 5508 <reference ref_id="CVE-2009-2986" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2986" source="CVE"/> 5509 <description> 5510 Multiple heap-based buffer overflows in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors. 5511 </description> 5512 </metadata> 5513 <criteria operator="OR"> 5514 <!-- 538748b7a9bae219da3187e837f552ac --> 5515 <criteria operator="AND"> 5516 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5517 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 5518 </criteria> 5519 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 5520 <criteria operator="AND"> 5521 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5522 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 5523 </criteria> 5524 </criteria> 5525 </definition> 5526 <definition id="oval:org.opensuse.security:def:20092988" version="1" class="vulnerability"> 5527 <metadata> 5528 <title>CVE-2009-2988</title> 5529 <affected family="unix"> 5530 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5531 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5532 </affected> 5533 <reference ref_id="CVE-2009-2988" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2988" source="CVE"/> 5534 <description> 5535 Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which allows attackers to cause a denial of service via unspecified vectors. 5536 </description> 5537 </metadata> 5538 <criteria operator="OR"> 5539 <!-- 538748b7a9bae219da3187e837f552ac --> 5540 <criteria operator="AND"> 5541 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5542 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 5543 </criteria> 5544 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 5545 <criteria operator="AND"> 5546 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5547 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 5548 </criteria> 5549 </criteria> 5550 </definition> 5551 <definition id="oval:org.opensuse.security:def:20092990" version="1" class="vulnerability"> 5552 <metadata> 5553 <title>CVE-2009-2990</title> 5554 <affected family="unix"> 5555 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5556 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5557 </affected> 5558 <reference ref_id="CVE-2009-2990" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2990" source="CVE"/> 5559 <description> 5560 Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors. 5561 </description> 5562 </metadata> 5563 <criteria operator="OR"> 5564 <!-- 538748b7a9bae219da3187e837f552ac --> 5565 <criteria operator="AND"> 5566 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5567 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 5568 </criteria> 5569 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 5570 <criteria operator="AND"> 5571 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5572 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 5573 </criteria> 5574 </criteria> 5575 </definition> 5576 <definition id="oval:org.opensuse.security:def:20092991" version="1" class="vulnerability"> 5577 <metadata> 5578 <title>CVE-2009-2991</title> 5579 <affected family="unix"> 5580 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5581 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5582 </affected> 5583 <reference ref_id="CVE-2009-2991" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2991" source="CVE"/> 5584 <description> 5585 Unspecified vulnerability in the Mozilla plug-in in Adobe Reader and Acrobat 8.x before 8.1.7, and possibly 7.x before 7.1.4 and 9.x before 9.2, might allow remote attackers to execute arbitrary code via unknown vectors. 5586 </description> 5587 </metadata> 5588 <criteria operator="OR"> 5589 <!-- 538748b7a9bae219da3187e837f552ac --> 5590 <criteria operator="AND"> 5591 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5592 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 5593 </criteria> 5594 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 5595 <criteria operator="AND"> 5596 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5597 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 5598 </criteria> 5599 </criteria> 5600 </definition> 5601 <definition id="oval:org.opensuse.security:def:20092992" version="1" class="vulnerability"> 5602 <metadata> 5603 <title>CVE-2009-2992</title> 5604 <affected family="unix"> 5605 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5606 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5607 </affected> 5608 <reference ref_id="CVE-2009-2992" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2992" source="CVE"/> 5609 <description> 5610 An unspecified ActiveX control in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 does not properly validate input, which allows attackers to cause a denial of service via unknown vectors. 5611 </description> 5612 </metadata> 5613 <criteria operator="OR"> 5614 <!-- 538748b7a9bae219da3187e837f552ac --> 5615 <criteria operator="AND"> 5616 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5617 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 5618 </criteria> 5619 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 5620 <criteria operator="AND"> 5621 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5622 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 5623 </criteria> 5624 </criteria> 5625 </definition> 5626 <definition id="oval:org.opensuse.security:def:20092993" version="1" class="vulnerability"> 5627 <metadata> 5628 <title>CVE-2009-2993</title> 5629 <affected family="unix"> 5630 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5631 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5632 </affected> 5633 <reference ref_id="CVE-2009-2993" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2993" source="CVE"/> 5634 <description> 5635 The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and possibly execute arbitrary code, via the cPath parameter in a crafted PDF file. NOTE: some of these details are obtained from third party information. 5636 </description> 5637 </metadata> 5638 <criteria operator="OR"> 5639 <!-- 538748b7a9bae219da3187e837f552ac --> 5640 <criteria operator="AND"> 5641 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5642 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 5643 </criteria> 5644 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 5645 <criteria operator="AND"> 5646 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5647 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 5648 </criteria> 5649 </criteria> 5650 </definition> 5651 <definition id="oval:org.opensuse.security:def:20092994" version="1" class="vulnerability"> 5652 <metadata> 5653 <title>CVE-2009-2994</title> 5654 <affected family="unix"> 5655 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5656 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5657 </affected> 5658 <reference ref_id="CVE-2009-2994" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2994" source="CVE"/> 5659 <description> 5660 Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors. 5661 </description> 5662 </metadata> 5663 <criteria operator="OR"> 5664 <!-- 538748b7a9bae219da3187e837f552ac --> 5665 <criteria operator="AND"> 5666 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5667 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 5668 </criteria> 5669 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 5670 <criteria operator="AND"> 5671 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5672 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 5673 </criteria> 5674 </criteria> 5675 </definition> 5676 <definition id="oval:org.opensuse.security:def:20092996" version="1" class="vulnerability"> 5677 <metadata> 5678 <title>CVE-2009-2996</title> 5679 <affected family="unix"> 5680 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5681 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5682 </affected> 5683 <reference ref_id="CVE-2009-2996" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2996" source="CVE"/> 5684 <description> 5685 Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2985. 5686 </description> 5687 </metadata> 5688 <criteria operator="OR"> 5689 <!-- 538748b7a9bae219da3187e837f552ac --> 5690 <criteria operator="AND"> 5691 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5692 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 5693 </criteria> 5694 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 5695 <criteria operator="AND"> 5696 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5697 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 5698 </criteria> 5699 </criteria> 5700 </definition> 5701 <definition id="oval:org.opensuse.security:def:20092997" version="1" class="vulnerability"> 5702 <metadata> 5703 <title>CVE-2009-2997</title> 5704 <affected family="unix"> 5705 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5706 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5707 </affected> 5708 <reference ref_id="CVE-2009-2997" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2997" source="CVE"/> 5709 <description> 5710 Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors. 5711 </description> 5712 </metadata> 5713 <criteria operator="OR"> 5714 <!-- 538748b7a9bae219da3187e837f552ac --> 5715 <criteria operator="AND"> 5716 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5717 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 5718 </criteria> 5719 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 5720 <criteria operator="AND"> 5721 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5722 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 5723 </criteria> 5724 </criteria> 5725 </definition> 5726 <definition id="oval:org.opensuse.security:def:20092998" version="1" class="vulnerability"> 5727 <metadata> 5728 <title>CVE-2009-2998</title> 5729 <affected family="unix"> 5730 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5731 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5732 </affected> 5733 <reference ref_id="CVE-2009-2998" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2998" source="CVE"/> 5734 <description> 5735 Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-3458. 5736 </description> 5737 </metadata> 5738 <criteria operator="OR"> 5739 <!-- 538748b7a9bae219da3187e837f552ac --> 5740 <criteria operator="AND"> 5741 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5742 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 5743 </criteria> 5744 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 5745 <criteria operator="AND"> 5746 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5747 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 5748 </criteria> 5749 </criteria> 5750 </definition> 5751 <definition id="oval:org.opensuse.security:def:20093025" version="1" class="vulnerability"> 5752 <metadata> 5753 <title>CVE-2009-3025</title> 5754 <affected family="unix"> 5755 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5756 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5757 </affected> 5758 <reference ref_id="CVE-2009-3025" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3025" source="CVE"/> 5759 <description> 5760 Unspecified vulnerability in Pidgin 2.6.0 allows remote attackers to cause a denial of service (crash) via a link in a Yahoo IM. 5761 </description> 5762 </metadata> 5763 <!-- 9b89dca2177efa5da444e8dfb83b1662 --> 5764 <criteria operator="AND"> 5765 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5766 <criteria operator="OR"> 5767 <criterion test_ref="oval:org.opensuse.security:tst:2009056814" comment="finch less than 2.6.3-0.5.1"/> 5768 <criterion test_ref="oval:org.opensuse.security:tst:2009056815" comment="libpurple less than 2.6.3-0.5.1"/> 5769 <criterion test_ref="oval:org.opensuse.security:tst:2009056816" comment="pidgin less than 2.6.3-0.5.1"/> 5770 </criteria> 5771 </criteria> 5772 </definition> 5773 <definition id="oval:org.opensuse.security:def:20093026" version="1" class="vulnerability"> 5774 <metadata> 5775 <title>CVE-2009-3026</title> 5776 <affected family="unix"> 5777 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5778 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5779 </affected> 5780 <reference ref_id="CVE-2009-3026" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3026" source="CVE"/> 5781 <description> 5782 protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the "require TLS/SSL" preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect to the server without the expected encryption and allows remote attackers to sniff sessions. 5783 </description> 5784 </metadata> 5785 <!-- 9b89dca2177efa5da444e8dfb83b1662 --> 5786 <criteria operator="AND"> 5787 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5788 <criteria operator="OR"> 5789 <criterion test_ref="oval:org.opensuse.security:tst:2009056814" comment="finch less than 2.6.3-0.5.1"/> 5790 <criterion test_ref="oval:org.opensuse.security:tst:2009056815" comment="libpurple less than 2.6.3-0.5.1"/> 5791 <criterion test_ref="oval:org.opensuse.security:tst:2009056816" comment="pidgin less than 2.6.3-0.5.1"/> 5792 </criteria> 5793 </criteria> 5794 </definition> 5795 <definition id="oval:org.opensuse.security:def:20093069" version="1" class="vulnerability"> 5796 <metadata> 5797 <title>CVE-2009-3069</title> 5798 <affected family="unix"> 5799 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5800 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5801 </affected> 5802 <reference ref_id="CVE-2009-3069" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3069" source="CVE"/> 5803 <description> 5804 Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 5805 </description> 5806 </metadata> 5807 <!-- 0dcf54ecfb8ca7d6807c24bf27729992 --> 5808 <criteria operator="AND"> 5809 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5810 <criteria operator="OR"> 5811 <criterion test_ref="oval:org.opensuse.security:tst:2009055434" comment="MozillaFirefox-branding-SLED less than 3.5-1.6.7"/> 5812 <criterion test_ref="oval:org.opensuse.security:tst:2009055435" comment="MozillaFirefox-translations less than 3.5.3-1.5.3"/> 5813 <criterion test_ref="oval:org.opensuse.security:tst:2009055436" comment="MozillaFirefox less than 3.5.3-1.5.3"/> 5814 <criterion test_ref="oval:org.opensuse.security:tst:2009055437" comment="mozilla-xulrunner190-32bit less than 1.9.0.14-0.6.6"/> 5815 <criterion test_ref="oval:org.opensuse.security:tst:2009055438" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.14-0.6.6"/> 5816 <criterion test_ref="oval:org.opensuse.security:tst:2009055439" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.14-0.6.6"/> 5817 <criterion test_ref="oval:org.opensuse.security:tst:2009055440" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.14-0.6.6"/> 5818 <criterion test_ref="oval:org.opensuse.security:tst:2009055441" comment="mozilla-xulrunner190-translations less than 1.9.0.14-0.6.6"/> 5819 <criterion test_ref="oval:org.opensuse.security:tst:2009055442" comment="mozilla-xulrunner190 less than 1.9.0.14-0.6.6"/> 5820 <criterion test_ref="oval:org.opensuse.security:tst:2009055443" comment="mozilla-xulrunner191-32bit less than 1.9.1.3-1.5.7"/> 5821 <criterion test_ref="oval:org.opensuse.security:tst:2009055444" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.3-1.5.7"/> 5822 <criterion test_ref="oval:org.opensuse.security:tst:2009055445" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.3-1.5.7"/> 5823 <criterion test_ref="oval:org.opensuse.security:tst:2009055446" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.3-1.5.7"/> 5824 <criterion test_ref="oval:org.opensuse.security:tst:2009055447" comment="mozilla-xulrunner191-translations less than 1.9.1.3-1.5.7"/> 5825 <criterion test_ref="oval:org.opensuse.security:tst:2009055448" comment="mozilla-xulrunner191 less than 1.9.1.3-1.5.7"/> 5826 </criteria> 5827 </criteria> 5828 </definition> 5829 <definition id="oval:org.opensuse.security:def:20093070" version="1" class="vulnerability"> 5830 <metadata> 5831 <title>CVE-2009-3070</title> 5832 <affected family="unix"> 5833 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5834 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5835 </affected> 5836 <reference ref_id="CVE-2009-3070" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3070" source="CVE"/> 5837 <description> 5838 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 5839 </description> 5840 </metadata> 5841 <!-- 0dcf54ecfb8ca7d6807c24bf27729992 --> 5842 <criteria operator="AND"> 5843 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5844 <criteria operator="OR"> 5845 <criterion test_ref="oval:org.opensuse.security:tst:2009055434" comment="MozillaFirefox-branding-SLED less than 3.5-1.6.7"/> 5846 <criterion test_ref="oval:org.opensuse.security:tst:2009055435" comment="MozillaFirefox-translations less than 3.5.3-1.5.3"/> 5847 <criterion test_ref="oval:org.opensuse.security:tst:2009055436" comment="MozillaFirefox less than 3.5.3-1.5.3"/> 5848 <criterion test_ref="oval:org.opensuse.security:tst:2009055437" comment="mozilla-xulrunner190-32bit less than 1.9.0.14-0.6.6"/> 5849 <criterion test_ref="oval:org.opensuse.security:tst:2009055438" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.14-0.6.6"/> 5850 <criterion test_ref="oval:org.opensuse.security:tst:2009055439" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.14-0.6.6"/> 5851 <criterion test_ref="oval:org.opensuse.security:tst:2009055440" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.14-0.6.6"/> 5852 <criterion test_ref="oval:org.opensuse.security:tst:2009055441" comment="mozilla-xulrunner190-translations less than 1.9.0.14-0.6.6"/> 5853 <criterion test_ref="oval:org.opensuse.security:tst:2009055442" comment="mozilla-xulrunner190 less than 1.9.0.14-0.6.6"/> 5854 <criterion test_ref="oval:org.opensuse.security:tst:2009055443" comment="mozilla-xulrunner191-32bit less than 1.9.1.3-1.5.7"/> 5855 <criterion test_ref="oval:org.opensuse.security:tst:2009055444" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.3-1.5.7"/> 5856 <criterion test_ref="oval:org.opensuse.security:tst:2009055445" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.3-1.5.7"/> 5857 <criterion test_ref="oval:org.opensuse.security:tst:2009055446" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.3-1.5.7"/> 5858 <criterion test_ref="oval:org.opensuse.security:tst:2009055447" comment="mozilla-xulrunner191-translations less than 1.9.1.3-1.5.7"/> 5859 <criterion test_ref="oval:org.opensuse.security:tst:2009055448" comment="mozilla-xulrunner191 less than 1.9.1.3-1.5.7"/> 5860 </criteria> 5861 </criteria> 5862 </definition> 5863 <definition id="oval:org.opensuse.security:def:20093071" version="1" class="vulnerability"> 5864 <metadata> 5865 <title>CVE-2009-3071</title> 5866 <affected family="unix"> 5867 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5868 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5869 </affected> 5870 <reference ref_id="CVE-2009-3071" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3071" source="CVE"/> 5871 <description> 5872 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 5873 </description> 5874 </metadata> 5875 <!-- 0dcf54ecfb8ca7d6807c24bf27729992 --> 5876 <criteria operator="AND"> 5877 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5878 <criteria operator="OR"> 5879 <criterion test_ref="oval:org.opensuse.security:tst:2009055434" comment="MozillaFirefox-branding-SLED less than 3.5-1.6.7"/> 5880 <criterion test_ref="oval:org.opensuse.security:tst:2009055435" comment="MozillaFirefox-translations less than 3.5.3-1.5.3"/> 5881 <criterion test_ref="oval:org.opensuse.security:tst:2009055436" comment="MozillaFirefox less than 3.5.3-1.5.3"/> 5882 <criterion test_ref="oval:org.opensuse.security:tst:2009055437" comment="mozilla-xulrunner190-32bit less than 1.9.0.14-0.6.6"/> 5883 <criterion test_ref="oval:org.opensuse.security:tst:2009055438" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.14-0.6.6"/> 5884 <criterion test_ref="oval:org.opensuse.security:tst:2009055439" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.14-0.6.6"/> 5885 <criterion test_ref="oval:org.opensuse.security:tst:2009055440" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.14-0.6.6"/> 5886 <criterion test_ref="oval:org.opensuse.security:tst:2009055441" comment="mozilla-xulrunner190-translations less than 1.9.0.14-0.6.6"/> 5887 <criterion test_ref="oval:org.opensuse.security:tst:2009055442" comment="mozilla-xulrunner190 less than 1.9.0.14-0.6.6"/> 5888 <criterion test_ref="oval:org.opensuse.security:tst:2009055443" comment="mozilla-xulrunner191-32bit less than 1.9.1.3-1.5.7"/> 5889 <criterion test_ref="oval:org.opensuse.security:tst:2009055444" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.3-1.5.7"/> 5890 <criterion test_ref="oval:org.opensuse.security:tst:2009055445" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.3-1.5.7"/> 5891 <criterion test_ref="oval:org.opensuse.security:tst:2009055446" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.3-1.5.7"/> 5892 <criterion test_ref="oval:org.opensuse.security:tst:2009055447" comment="mozilla-xulrunner191-translations less than 1.9.1.3-1.5.7"/> 5893 <criterion test_ref="oval:org.opensuse.security:tst:2009055448" comment="mozilla-xulrunner191 less than 1.9.1.3-1.5.7"/> 5894 </criteria> 5895 </criteria> 5896 </definition> 5897 <definition id="oval:org.opensuse.security:def:20093072" version="1" class="vulnerability"> 5898 <metadata> 5899 <title>CVE-2009-3072</title> 5900 <affected family="unix"> 5901 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5902 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5903 </affected> 5904 <reference ref_id="CVE-2009-3072" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3072" source="CVE"/> 5905 <description> 5906 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors. 5907 </description> 5908 </metadata> 5909 <!-- 0dcf54ecfb8ca7d6807c24bf27729992 --> 5910 <criteria operator="AND"> 5911 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5912 <criteria operator="OR"> 5913 <criterion test_ref="oval:org.opensuse.security:tst:2009055434" comment="MozillaFirefox-branding-SLED less than 3.5-1.6.7"/> 5914 <criterion test_ref="oval:org.opensuse.security:tst:2009055435" comment="MozillaFirefox-translations less than 3.5.3-1.5.3"/> 5915 <criterion test_ref="oval:org.opensuse.security:tst:2009055436" comment="MozillaFirefox less than 3.5.3-1.5.3"/> 5916 <criterion test_ref="oval:org.opensuse.security:tst:2009055437" comment="mozilla-xulrunner190-32bit less than 1.9.0.14-0.6.6"/> 5917 <criterion test_ref="oval:org.opensuse.security:tst:2009055438" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.14-0.6.6"/> 5918 <criterion test_ref="oval:org.opensuse.security:tst:2009055439" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.14-0.6.6"/> 5919 <criterion test_ref="oval:org.opensuse.security:tst:2009055440" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.14-0.6.6"/> 5920 <criterion test_ref="oval:org.opensuse.security:tst:2009055441" comment="mozilla-xulrunner190-translations less than 1.9.0.14-0.6.6"/> 5921 <criterion test_ref="oval:org.opensuse.security:tst:2009055442" comment="mozilla-xulrunner190 less than 1.9.0.14-0.6.6"/> 5922 <criterion test_ref="oval:org.opensuse.security:tst:2009055443" comment="mozilla-xulrunner191-32bit less than 1.9.1.3-1.5.7"/> 5923 <criterion test_ref="oval:org.opensuse.security:tst:2009055444" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.3-1.5.7"/> 5924 <criterion test_ref="oval:org.opensuse.security:tst:2009055445" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.3-1.5.7"/> 5925 <criterion test_ref="oval:org.opensuse.security:tst:2009055446" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.3-1.5.7"/> 5926 <criterion test_ref="oval:org.opensuse.security:tst:2009055447" comment="mozilla-xulrunner191-translations less than 1.9.1.3-1.5.7"/> 5927 <criterion test_ref="oval:org.opensuse.security:tst:2009055448" comment="mozilla-xulrunner191 less than 1.9.1.3-1.5.7"/> 5928 </criteria> 5929 </criteria> 5930 </definition> 5931 <definition id="oval:org.opensuse.security:def:20093073" version="1" class="vulnerability"> 5932 <metadata> 5933 <title>CVE-2009-3073</title> 5934 <affected family="unix"> 5935 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5936 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5937 </affected> 5938 <reference ref_id="CVE-2009-3073" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3073" source="CVE"/> 5939 <description> 5940 Unspecified vulnerability in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 5941 </description> 5942 </metadata> 5943 <!-- 0dcf54ecfb8ca7d6807c24bf27729992 --> 5944 <criteria operator="AND"> 5945 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5946 <criteria operator="OR"> 5947 <criterion test_ref="oval:org.opensuse.security:tst:2009055434" comment="MozillaFirefox-branding-SLED less than 3.5-1.6.7"/> 5948 <criterion test_ref="oval:org.opensuse.security:tst:2009055435" comment="MozillaFirefox-translations less than 3.5.3-1.5.3"/> 5949 <criterion test_ref="oval:org.opensuse.security:tst:2009055436" comment="MozillaFirefox less than 3.5.3-1.5.3"/> 5950 <criterion test_ref="oval:org.opensuse.security:tst:2009055437" comment="mozilla-xulrunner190-32bit less than 1.9.0.14-0.6.6"/> 5951 <criterion test_ref="oval:org.opensuse.security:tst:2009055438" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.14-0.6.6"/> 5952 <criterion test_ref="oval:org.opensuse.security:tst:2009055439" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.14-0.6.6"/> 5953 <criterion test_ref="oval:org.opensuse.security:tst:2009055440" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.14-0.6.6"/> 5954 <criterion test_ref="oval:org.opensuse.security:tst:2009055441" comment="mozilla-xulrunner190-translations less than 1.9.0.14-0.6.6"/> 5955 <criterion test_ref="oval:org.opensuse.security:tst:2009055442" comment="mozilla-xulrunner190 less than 1.9.0.14-0.6.6"/> 5956 <criterion test_ref="oval:org.opensuse.security:tst:2009055443" comment="mozilla-xulrunner191-32bit less than 1.9.1.3-1.5.7"/> 5957 <criterion test_ref="oval:org.opensuse.security:tst:2009055444" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.3-1.5.7"/> 5958 <criterion test_ref="oval:org.opensuse.security:tst:2009055445" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.3-1.5.7"/> 5959 <criterion test_ref="oval:org.opensuse.security:tst:2009055446" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.3-1.5.7"/> 5960 <criterion test_ref="oval:org.opensuse.security:tst:2009055447" comment="mozilla-xulrunner191-translations less than 1.9.1.3-1.5.7"/> 5961 <criterion test_ref="oval:org.opensuse.security:tst:2009055448" comment="mozilla-xulrunner191 less than 1.9.1.3-1.5.7"/> 5962 </criteria> 5963 </criteria> 5964 </definition> 5965 <definition id="oval:org.opensuse.security:def:20093075" version="1" class="vulnerability"> 5966 <metadata> 5967 <title>CVE-2009-3075</title> 5968 <affected family="unix"> 5969 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 5970 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 5971 </affected> 5972 <reference ref_id="CVE-2009-3075" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3075" source="CVE"/> 5973 <description> 5974 Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to use of mutable strings in the js_StringReplaceHelper function in js/src/jsstr.cpp, and unknown vectors. 5975 </description> 5976 </metadata> 5977 <!-- 0dcf54ecfb8ca7d6807c24bf27729992 --> 5978 <criteria operator="AND"> 5979 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 5980 <criteria operator="OR"> 5981 <criterion test_ref="oval:org.opensuse.security:tst:2009055434" comment="MozillaFirefox-branding-SLED less than 3.5-1.6.7"/> 5982 <criterion test_ref="oval:org.opensuse.security:tst:2009055435" comment="MozillaFirefox-translations less than 3.5.3-1.5.3"/> 5983 <criterion test_ref="oval:org.opensuse.security:tst:2009055436" comment="MozillaFirefox less than 3.5.3-1.5.3"/> 5984 <criterion test_ref="oval:org.opensuse.security:tst:2009055437" comment="mozilla-xulrunner190-32bit less than 1.9.0.14-0.6.6"/> 5985 <criterion test_ref="oval:org.opensuse.security:tst:2009055438" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.14-0.6.6"/> 5986 <criterion test_ref="oval:org.opensuse.security:tst:2009055439" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.14-0.6.6"/> 5987 <criterion test_ref="oval:org.opensuse.security:tst:2009055440" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.14-0.6.6"/> 5988 <criterion test_ref="oval:org.opensuse.security:tst:2009055441" comment="mozilla-xulrunner190-translations less than 1.9.0.14-0.6.6"/> 5989 <criterion test_ref="oval:org.opensuse.security:tst:2009055442" comment="mozilla-xulrunner190 less than 1.9.0.14-0.6.6"/> 5990 <criterion test_ref="oval:org.opensuse.security:tst:2009055443" comment="mozilla-xulrunner191-32bit less than 1.9.1.3-1.5.7"/> 5991 <criterion test_ref="oval:org.opensuse.security:tst:2009055444" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.3-1.5.7"/> 5992 <criterion test_ref="oval:org.opensuse.security:tst:2009055445" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.3-1.5.7"/> 5993 <criterion test_ref="oval:org.opensuse.security:tst:2009055446" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.3-1.5.7"/> 5994 <criterion test_ref="oval:org.opensuse.security:tst:2009055447" comment="mozilla-xulrunner191-translations less than 1.9.1.3-1.5.7"/> 5995 <criterion test_ref="oval:org.opensuse.security:tst:2009055448" comment="mozilla-xulrunner191 less than 1.9.1.3-1.5.7"/> 5996 </criteria> 5997 </criteria> 5998 </definition> 5999 <definition id="oval:org.opensuse.security:def:20093076" version="1" class="vulnerability"> 6000 <metadata> 6001 <title>CVE-2009-3076</title> 6002 <affected family="unix"> 6003 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6004 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6005 </affected> 6006 <reference ref_id="CVE-2009-3076" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3076" source="CVE"/> 6007 <description> 6008 Mozilla Firefox before 3.0.14 does not properly implement certain dialogs associated with the (1) pkcs11.addmodule and (2) pkcs11.deletemodule operations, which makes it easier for remote attackers to trick a user into installing or removing an arbitrary PKCS11 module. 6009 </description> 6010 </metadata> 6011 <!-- 0dcf54ecfb8ca7d6807c24bf27729992 --> 6012 <criteria operator="AND"> 6013 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6014 <criteria operator="OR"> 6015 <criterion test_ref="oval:org.opensuse.security:tst:2009055434" comment="MozillaFirefox-branding-SLED less than 3.5-1.6.7"/> 6016 <criterion test_ref="oval:org.opensuse.security:tst:2009055435" comment="MozillaFirefox-translations less than 3.5.3-1.5.3"/> 6017 <criterion test_ref="oval:org.opensuse.security:tst:2009055436" comment="MozillaFirefox less than 3.5.3-1.5.3"/> 6018 <criterion test_ref="oval:org.opensuse.security:tst:2009055437" comment="mozilla-xulrunner190-32bit less than 1.9.0.14-0.6.6"/> 6019 <criterion test_ref="oval:org.opensuse.security:tst:2009055438" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.14-0.6.6"/> 6020 <criterion test_ref="oval:org.opensuse.security:tst:2009055439" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.14-0.6.6"/> 6021 <criterion test_ref="oval:org.opensuse.security:tst:2009055440" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.14-0.6.6"/> 6022 <criterion test_ref="oval:org.opensuse.security:tst:2009055441" comment="mozilla-xulrunner190-translations less than 1.9.0.14-0.6.6"/> 6023 <criterion test_ref="oval:org.opensuse.security:tst:2009055442" comment="mozilla-xulrunner190 less than 1.9.0.14-0.6.6"/> 6024 <criterion test_ref="oval:org.opensuse.security:tst:2009055443" comment="mozilla-xulrunner191-32bit less than 1.9.1.3-1.5.7"/> 6025 <criterion test_ref="oval:org.opensuse.security:tst:2009055444" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.3-1.5.7"/> 6026 <criterion test_ref="oval:org.opensuse.security:tst:2009055445" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.3-1.5.7"/> 6027 <criterion test_ref="oval:org.opensuse.security:tst:2009055446" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.3-1.5.7"/> 6028 <criterion test_ref="oval:org.opensuse.security:tst:2009055447" comment="mozilla-xulrunner191-translations less than 1.9.1.3-1.5.7"/> 6029 <criterion test_ref="oval:org.opensuse.security:tst:2009055448" comment="mozilla-xulrunner191 less than 1.9.1.3-1.5.7"/> 6030 </criteria> 6031 </criteria> 6032 </definition> 6033 <definition id="oval:org.opensuse.security:def:20093077" version="1" class="vulnerability"> 6034 <metadata> 6035 <title>CVE-2009-3077</title> 6036 <affected family="unix"> 6037 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6038 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6039 </affected> 6040 <reference ref_id="CVE-2009-3077" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3077" source="CVE"/> 6041 <description> 6042 Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns (aka TreeColumns) of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a "dangling pointer vulnerability." 6043 </description> 6044 </metadata> 6045 <!-- 0dcf54ecfb8ca7d6807c24bf27729992 --> 6046 <criteria operator="AND"> 6047 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6048 <criteria operator="OR"> 6049 <criterion test_ref="oval:org.opensuse.security:tst:2009055434" comment="MozillaFirefox-branding-SLED less than 3.5-1.6.7"/> 6050 <criterion test_ref="oval:org.opensuse.security:tst:2009055435" comment="MozillaFirefox-translations less than 3.5.3-1.5.3"/> 6051 <criterion test_ref="oval:org.opensuse.security:tst:2009055436" comment="MozillaFirefox less than 3.5.3-1.5.3"/> 6052 <criterion test_ref="oval:org.opensuse.security:tst:2009055437" comment="mozilla-xulrunner190-32bit less than 1.9.0.14-0.6.6"/> 6053 <criterion test_ref="oval:org.opensuse.security:tst:2009055438" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.14-0.6.6"/> 6054 <criterion test_ref="oval:org.opensuse.security:tst:2009055439" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.14-0.6.6"/> 6055 <criterion test_ref="oval:org.opensuse.security:tst:2009055440" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.14-0.6.6"/> 6056 <criterion test_ref="oval:org.opensuse.security:tst:2009055441" comment="mozilla-xulrunner190-translations less than 1.9.0.14-0.6.6"/> 6057 <criterion test_ref="oval:org.opensuse.security:tst:2009055442" comment="mozilla-xulrunner190 less than 1.9.0.14-0.6.6"/> 6058 <criterion test_ref="oval:org.opensuse.security:tst:2009055443" comment="mozilla-xulrunner191-32bit less than 1.9.1.3-1.5.7"/> 6059 <criterion test_ref="oval:org.opensuse.security:tst:2009055444" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.3-1.5.7"/> 6060 <criterion test_ref="oval:org.opensuse.security:tst:2009055445" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.3-1.5.7"/> 6061 <criterion test_ref="oval:org.opensuse.security:tst:2009055446" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.3-1.5.7"/> 6062 <criterion test_ref="oval:org.opensuse.security:tst:2009055447" comment="mozilla-xulrunner191-translations less than 1.9.1.3-1.5.7"/> 6063 <criterion test_ref="oval:org.opensuse.security:tst:2009055448" comment="mozilla-xulrunner191 less than 1.9.1.3-1.5.7"/> 6064 </criteria> 6065 </criteria> 6066 </definition> 6067 <definition id="oval:org.opensuse.security:def:20093078" version="1" class="vulnerability"> 6068 <metadata> 6069 <title>CVE-2009-3078</title> 6070 <affected family="unix"> 6071 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6072 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6073 </affected> 6074 <reference ref_id="CVE-2009-3078" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3078" source="CVE"/> 6075 <description> 6076 Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property. 6077 </description> 6078 </metadata> 6079 <!-- 0dcf54ecfb8ca7d6807c24bf27729992 --> 6080 <criteria operator="AND"> 6081 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6082 <criteria operator="OR"> 6083 <criterion test_ref="oval:org.opensuse.security:tst:2009055434" comment="MozillaFirefox-branding-SLED less than 3.5-1.6.7"/> 6084 <criterion test_ref="oval:org.opensuse.security:tst:2009055435" comment="MozillaFirefox-translations less than 3.5.3-1.5.3"/> 6085 <criterion test_ref="oval:org.opensuse.security:tst:2009055436" comment="MozillaFirefox less than 3.5.3-1.5.3"/> 6086 <criterion test_ref="oval:org.opensuse.security:tst:2009055437" comment="mozilla-xulrunner190-32bit less than 1.9.0.14-0.6.6"/> 6087 <criterion test_ref="oval:org.opensuse.security:tst:2009055438" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.14-0.6.6"/> 6088 <criterion test_ref="oval:org.opensuse.security:tst:2009055439" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.14-0.6.6"/> 6089 <criterion test_ref="oval:org.opensuse.security:tst:2009055440" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.14-0.6.6"/> 6090 <criterion test_ref="oval:org.opensuse.security:tst:2009055441" comment="mozilla-xulrunner190-translations less than 1.9.0.14-0.6.6"/> 6091 <criterion test_ref="oval:org.opensuse.security:tst:2009055442" comment="mozilla-xulrunner190 less than 1.9.0.14-0.6.6"/> 6092 <criterion test_ref="oval:org.opensuse.security:tst:2009055443" comment="mozilla-xulrunner191-32bit less than 1.9.1.3-1.5.7"/> 6093 <criterion test_ref="oval:org.opensuse.security:tst:2009055444" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.3-1.5.7"/> 6094 <criterion test_ref="oval:org.opensuse.security:tst:2009055445" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.3-1.5.7"/> 6095 <criterion test_ref="oval:org.opensuse.security:tst:2009055446" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.3-1.5.7"/> 6096 <criterion test_ref="oval:org.opensuse.security:tst:2009055447" comment="mozilla-xulrunner191-translations less than 1.9.1.3-1.5.7"/> 6097 <criterion test_ref="oval:org.opensuse.security:tst:2009055448" comment="mozilla-xulrunner191 less than 1.9.1.3-1.5.7"/> 6098 </criteria> 6099 </criteria> 6100 </definition> 6101 <definition id="oval:org.opensuse.security:def:20093079" version="1" class="vulnerability"> 6102 <metadata> 6103 <title>CVE-2009-3079</title> 6104 <affected family="unix"> 6105 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6106 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6107 </affected> 6108 <reference ref_id="CVE-2009-3079" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3079" source="CVE"/> 6109 <description> 6110 Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter. 6111 </description> 6112 </metadata> 6113 <!-- 0dcf54ecfb8ca7d6807c24bf27729992 --> 6114 <criteria operator="AND"> 6115 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6116 <criteria operator="OR"> 6117 <criterion test_ref="oval:org.opensuse.security:tst:2009055434" comment="MozillaFirefox-branding-SLED less than 3.5-1.6.7"/> 6118 <criterion test_ref="oval:org.opensuse.security:tst:2009055435" comment="MozillaFirefox-translations less than 3.5.3-1.5.3"/> 6119 <criterion test_ref="oval:org.opensuse.security:tst:2009055436" comment="MozillaFirefox less than 3.5.3-1.5.3"/> 6120 <criterion test_ref="oval:org.opensuse.security:tst:2009055437" comment="mozilla-xulrunner190-32bit less than 1.9.0.14-0.6.6"/> 6121 <criterion test_ref="oval:org.opensuse.security:tst:2009055438" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.14-0.6.6"/> 6122 <criterion test_ref="oval:org.opensuse.security:tst:2009055439" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.14-0.6.6"/> 6123 <criterion test_ref="oval:org.opensuse.security:tst:2009055440" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.14-0.6.6"/> 6124 <criterion test_ref="oval:org.opensuse.security:tst:2009055441" comment="mozilla-xulrunner190-translations less than 1.9.0.14-0.6.6"/> 6125 <criterion test_ref="oval:org.opensuse.security:tst:2009055442" comment="mozilla-xulrunner190 less than 1.9.0.14-0.6.6"/> 6126 <criterion test_ref="oval:org.opensuse.security:tst:2009055443" comment="mozilla-xulrunner191-32bit less than 1.9.1.3-1.5.7"/> 6127 <criterion test_ref="oval:org.opensuse.security:tst:2009055444" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.3-1.5.7"/> 6128 <criterion test_ref="oval:org.opensuse.security:tst:2009055445" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.3-1.5.7"/> 6129 <criterion test_ref="oval:org.opensuse.security:tst:2009055446" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.3-1.5.7"/> 6130 <criterion test_ref="oval:org.opensuse.security:tst:2009055447" comment="mozilla-xulrunner191-translations less than 1.9.1.3-1.5.7"/> 6131 <criterion test_ref="oval:org.opensuse.security:tst:2009055448" comment="mozilla-xulrunner191 less than 1.9.1.3-1.5.7"/> 6132 </criteria> 6133 </criteria> 6134 </definition> 6135 <definition id="oval:org.opensuse.security:def:20093080" version="1" class="vulnerability"> 6136 <metadata> 6137 <title>CVE-2009-3080</title> 6138 <affected family="unix"> 6139 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6140 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6141 </affected> 6142 <reference ref_id="CVE-2009-3080" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3080" source="CVE"/> 6143 <description> 6144 Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request. 6145 </description> 6146 </metadata> 6147 <criteria operator="OR"> 6148 <!-- 1f3d0df322cdf35f54c2baec92610fa0 --> 6149 <criteria operator="AND"> 6150 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6151 <criteria operator="OR"> 6152 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 6153 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 6154 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 6155 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 6156 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 6157 </criteria> 6158 </criteria> 6159 <!-- 7a612881db49bcc0dd76d517d881465e --> 6160 <criteria operator="AND"> 6161 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6162 <criteria operator="OR"> 6163 <criterion test_ref="oval:org.opensuse.security:tst:2009056864" comment="kernel-bigsmp less than 2.6.16.60-0.58.1"/> 6164 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 6165 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 6166 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 6167 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 6168 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 6169 <criterion test_ref="oval:org.opensuse.security:tst:2009056865" comment="kernel-xenpae less than 2.6.16.60-0.58.1"/> 6170 </criteria> 6171 </criteria> 6172 </criteria> 6173 </definition> 6174 <definition id="oval:org.opensuse.security:def:20093083" version="1" class="vulnerability"> 6175 <metadata> 6176 <title>CVE-2009-3083</title> 6177 <affected family="unix"> 6178 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6179 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6180 </affected> 6181 <reference ref_id="CVE-2009-3083" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3083" source="CVE"/> 6182 <description> 6183 The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client. 6184 </description> 6185 </metadata> 6186 <!-- 9b89dca2177efa5da444e8dfb83b1662 --> 6187 <criteria operator="AND"> 6188 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6189 <criteria operator="OR"> 6190 <criterion test_ref="oval:org.opensuse.security:tst:2009056814" comment="finch less than 2.6.3-0.5.1"/> 6191 <criterion test_ref="oval:org.opensuse.security:tst:2009056815" comment="libpurple less than 2.6.3-0.5.1"/> 6192 <criterion test_ref="oval:org.opensuse.security:tst:2009056816" comment="pidgin less than 2.6.3-0.5.1"/> 6193 </criteria> 6194 </criteria> 6195 </definition> 6196 <definition id="oval:org.opensuse.security:def:20093084" version="1" class="vulnerability"> 6197 <metadata> 6198 <title>CVE-2009-3084</title> 6199 <affected family="unix"> 6200 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6201 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6202 </affected> 6203 <reference ref_id="CVE-2009-3084" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3084" source="CVE"/> 6204 <description> 6205 The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c in the MSN protocol plugin in libpurple 2.6.0 and 2.6.1, as used in Pidgin before 2.6.2, allows remote attackers to cause a denial of service (application crash) via a handwritten (aka Ink) message, related to an uninitialized variable and the incorrect "UTF16-LE" charset name. 6206 </description> 6207 </metadata> 6208 <!-- 9b89dca2177efa5da444e8dfb83b1662 --> 6209 <criteria operator="AND"> 6210 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6211 <criteria operator="OR"> 6212 <criterion test_ref="oval:org.opensuse.security:tst:2009056814" comment="finch less than 2.6.3-0.5.1"/> 6213 <criterion test_ref="oval:org.opensuse.security:tst:2009056815" comment="libpurple less than 2.6.3-0.5.1"/> 6214 <criterion test_ref="oval:org.opensuse.security:tst:2009056816" comment="pidgin less than 2.6.3-0.5.1"/> 6215 </criteria> 6216 </criteria> 6217 </definition> 6218 <definition id="oval:org.opensuse.security:def:20093085" version="1" class="vulnerability"> 6219 <metadata> 6220 <title>CVE-2009-3085</title> 6221 <affected family="unix"> 6222 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6223 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6224 </affected> 6225 <reference ref_id="CVE-2009-3085" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3085" source="CVE"/> 6226 <description> 6227 The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service (application crash) via XHTML-IM content with cid: images. 6228 </description> 6229 </metadata> 6230 <!-- 9b89dca2177efa5da444e8dfb83b1662 --> 6231 <criteria operator="AND"> 6232 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6233 <criteria operator="OR"> 6234 <criterion test_ref="oval:org.opensuse.security:tst:2009056814" comment="finch less than 2.6.3-0.5.1"/> 6235 <criterion test_ref="oval:org.opensuse.security:tst:2009056815" comment="libpurple less than 2.6.3-0.5.1"/> 6236 <criterion test_ref="oval:org.opensuse.security:tst:2009056816" comment="pidgin less than 2.6.3-0.5.1"/> 6237 </criteria> 6238 </criteria> 6239 </definition> 6240 <definition id="oval:org.opensuse.security:def:20093229" version="1" class="vulnerability"> 6241 <metadata> 6242 <title>CVE-2009-3229</title> 6243 <affected family="unix"> 6244 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6245 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6246 </affected> 6247 <reference ref_id="CVE-2009-3229" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3229" source="CVE"/> 6248 <description> 6249 The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, and 8.2 before 8.2.14 allows remote authenticated users to cause a denial of service (backend shutdown) by "re-LOAD-ing" libraries from a certain plugins directory. 6250 </description> 6251 </metadata> 6252 <!-- b265c261559c08a75d17afd72f670c10 --> 6253 <criteria operator="AND"> 6254 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6255 <criteria operator="OR"> 6256 <criterion test_ref="oval:org.opensuse.security:tst:2009055449" comment="postgresql-devel less than 8.1.18-0.5.1"/> 6257 <criterion test_ref="oval:org.opensuse.security:tst:2009055450" comment="postgresql-libs-32bit less than 8.1.18-0.5.1"/> 6258 <criterion test_ref="oval:org.opensuse.security:tst:2009055451" comment="postgresql-libs less than 8.1.18-0.5.1"/> 6259 </criteria> 6260 </criteria> 6261 </definition> 6262 <definition id="oval:org.opensuse.security:def:20093230" version="1" class="vulnerability"> 6263 <metadata> 6264 <title>CVE-2009-3230</title> 6265 <affected family="unix"> 6266 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6267 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6268 </affected> 6269 <reference ref_id="CVE-2009-3230" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3230" source="CVE"/> 6270 <description> 6271 The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, 8.2 before 8.2.14, 8.1 before 8.1.18, 8.0 before 8.0.22, and 7.4 before 7.4.26 does not use the appropriate privileges for the (1) RESET ROLE and (2) RESET SESSION AUTHORIZATION operations, which allows remote authenticated users to gain privileges. NOTE: this is due to an incomplete fix for CVE-2007-6600. 6272 </description> 6273 </metadata> 6274 <!-- b265c261559c08a75d17afd72f670c10 --> 6275 <criteria operator="AND"> 6276 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6277 <criteria operator="OR"> 6278 <criterion test_ref="oval:org.opensuse.security:tst:2009055449" comment="postgresql-devel less than 8.1.18-0.5.1"/> 6279 <criterion test_ref="oval:org.opensuse.security:tst:2009055450" comment="postgresql-libs-32bit less than 8.1.18-0.5.1"/> 6280 <criterion test_ref="oval:org.opensuse.security:tst:2009055451" comment="postgresql-libs less than 8.1.18-0.5.1"/> 6281 </criteria> 6282 </criteria> 6283 </definition> 6284 <definition id="oval:org.opensuse.security:def:20093231" version="1" class="vulnerability"> 6285 <metadata> 6286 <title>CVE-2009-3231</title> 6287 <affected family="unix"> 6288 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6289 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6290 </affected> 6291 <reference ref_id="CVE-2009-3231" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3231" source="CVE"/> 6292 <description> 6293 The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password. 6294 </description> 6295 </metadata> 6296 <!-- b265c261559c08a75d17afd72f670c10 --> 6297 <criteria operator="AND"> 6298 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6299 <criteria operator="OR"> 6300 <criterion test_ref="oval:org.opensuse.security:tst:2009055449" comment="postgresql-devel less than 8.1.18-0.5.1"/> 6301 <criterion test_ref="oval:org.opensuse.security:tst:2009055450" comment="postgresql-libs-32bit less than 8.1.18-0.5.1"/> 6302 <criterion test_ref="oval:org.opensuse.security:tst:2009055451" comment="postgresql-libs less than 8.1.18-0.5.1"/> 6303 </criteria> 6304 </criteria> 6305 </definition> 6306 <definition id="oval:org.opensuse.security:def:20093238" version="1" class="vulnerability"> 6307 <metadata> 6308 <title>CVE-2009-3238</title> 6309 <affected family="unix"> 6310 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6311 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6312 </affected> 6313 <reference ref_id="CVE-2009-3238" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3238" source="CVE"/> 6314 <description> 6315 The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to "return the same value over and over again for long stretches of time." 6316 </description> 6317 </metadata> 6318 <criteria operator="OR"> 6319 <!-- 4d39ec6d8748e038ab04a0b27f7382a1 --> 6320 <criteria operator="AND"> 6321 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6322 <criteria operator="OR"> 6323 <criterion test_ref="oval:org.opensuse.security:tst:2009056156" comment="kernel-bigsmp less than 2.6.16.60-0.57.1"/> 6324 <criterion test_ref="oval:org.opensuse.security:tst:2009056150" comment="kernel-default less than 2.6.16.60-0.57.1"/> 6325 <criterion test_ref="oval:org.opensuse.security:tst:2009056157" comment="kernel-smp less than 2.6.16.60-0.57.1"/> 6326 <criterion test_ref="oval:org.opensuse.security:tst:2009056154" comment="kernel-source less than 2.6.16.60-0.57.1"/> 6327 <criterion test_ref="oval:org.opensuse.security:tst:2009056155" comment="kernel-syms less than 2.6.16.60-0.57.1"/> 6328 <criterion test_ref="oval:org.opensuse.security:tst:2009056158" comment="kernel-xen less than 2.6.16.60-0.57.1"/> 6329 <criterion test_ref="oval:org.opensuse.security:tst:2009056159" comment="kernel-xenpae less than 2.6.16.60-0.57.1"/> 6330 </criteria> 6331 </criteria> 6332 <!-- ddf0cfe0200a78301be8b1d7b78fb645 --> 6333 <criteria operator="AND"> 6334 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6335 <criteria operator="OR"> 6336 <criterion test_ref="oval:org.opensuse.security:tst:2009056150" comment="kernel-default less than 2.6.16.60-0.57.1"/> 6337 <criterion test_ref="oval:org.opensuse.security:tst:2009056157" comment="kernel-smp less than 2.6.16.60-0.57.1"/> 6338 <criterion test_ref="oval:org.opensuse.security:tst:2009056154" comment="kernel-source less than 2.6.16.60-0.57.1"/> 6339 <criterion test_ref="oval:org.opensuse.security:tst:2009056155" comment="kernel-syms less than 2.6.16.60-0.57.1"/> 6340 <criterion test_ref="oval:org.opensuse.security:tst:2009056158" comment="kernel-xen less than 2.6.16.60-0.57.1"/> 6341 </criteria> 6342 </criteria> 6343 </criteria> 6344 </definition> 6345 <definition id="oval:org.opensuse.security:def:20093245" version="1" class="vulnerability"> 6346 <metadata> 6347 <title>CVE-2009-3245</title> 6348 <affected family="unix"> 6349 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6350 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6351 </affected> 6352 <reference ref_id="CVE-2009-3245" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245" source="CVE"/> 6353 <description> 6354 OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors. 6355 </description> 6356 </metadata> 6357 <!-- 045df4135757c0ab62aa79c2419c1dad --> 6358 <criteria operator="AND"> 6359 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6360 <criteria operator="OR"> 6361 <criterion test_ref="oval:org.opensuse.security:tst:2009059228" comment="openssl-32bit less than 0.9.8a-18.42.2"/> 6362 <criterion test_ref="oval:org.opensuse.security:tst:2009059229" comment="openssl-devel-32bit less than 0.9.8a-18.42.2"/> 6363 <criterion test_ref="oval:org.opensuse.security:tst:2009059230" comment="openssl-devel less than 0.9.8a-18.42.2"/> 6364 <criterion test_ref="oval:org.opensuse.security:tst:2009059231" comment="openssl less than 0.9.8a-18.42.2"/> 6365 </criteria> 6366 </criteria> 6367 </definition> 6368 <definition id="oval:org.opensuse.security:def:20093274" version="1" class="vulnerability"> 6369 <metadata> 6370 <title>CVE-2009-3274</title> 6371 <affected family="unix"> 6372 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6373 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6374 </affected> 6375 <reference ref_id="CVE-2009-3274" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3274" source="CVE"/> 6376 <description> 6377 Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary downloaded file by placing a file in a /tmp location before the download occurs, related to the Download Manager component. NOTE: some of these details are obtained from third party information. 6378 </description> 6379 </metadata> 6380 <criteria operator="OR"> 6381 <!-- a105139fcdfd8a2d443ee7ac045f2e46 --> 6382 <criteria operator="AND"> 6383 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6384 <criteria operator="OR"> 6385 <criterion test_ref="oval:org.opensuse.security:tst:2009055908" comment="MozillaFirefox-translations less than 3.5.4-1.4.1"/> 6386 <criterion test_ref="oval:org.opensuse.security:tst:2009055909" comment="MozillaFirefox less than 3.5.4-1.4.1"/> 6387 <criterion test_ref="oval:org.opensuse.security:tst:2009055910" comment="mozilla-xulrunner191-32bit less than 1.9.1.4-2.4.1"/> 6388 <criterion test_ref="oval:org.opensuse.security:tst:2009055911" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.4-2.4.1"/> 6389 <criterion test_ref="oval:org.opensuse.security:tst:2009055912" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.4-2.4.1"/> 6390 <criterion test_ref="oval:org.opensuse.security:tst:2009055913" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.4-2.4.1"/> 6391 <criterion test_ref="oval:org.opensuse.security:tst:2009055914" comment="mozilla-xulrunner191-translations less than 1.9.1.4-2.4.1"/> 6392 <criterion test_ref="oval:org.opensuse.security:tst:2009055915" comment="mozilla-xulrunner191 less than 1.9.1.4-2.4.1"/> 6393 </criteria> 6394 </criteria> 6395 <!-- b45a97409a57ffb7bfed2096ba136e83 --> 6396 <criteria operator="AND"> 6397 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6398 <criteria operator="OR"> 6399 <criterion test_ref="oval:org.opensuse.security:tst:2009055919" comment="mozilla-xulrunner190-32bit less than 1.9.0.15-0.4.2"/> 6400 <criterion test_ref="oval:org.opensuse.security:tst:2009055920" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.15-0.4.2"/> 6401 <criterion test_ref="oval:org.opensuse.security:tst:2009055921" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.15-0.4.2"/> 6402 <criterion test_ref="oval:org.opensuse.security:tst:2009055922" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.15-0.4.2"/> 6403 <criterion test_ref="oval:org.opensuse.security:tst:2009055923" comment="mozilla-xulrunner190-translations less than 1.9.0.15-0.4.2"/> 6404 <criterion test_ref="oval:org.opensuse.security:tst:2009055924" comment="mozilla-xulrunner190 less than 1.9.0.15-0.4.2"/> 6405 </criteria> 6406 </criteria> 6407 </criteria> 6408 </definition> 6409 <definition id="oval:org.opensuse.security:def:20093297" version="1" class="vulnerability"> 6410 <metadata> 6411 <title>CVE-2009-3297</title> 6412 <affected family="unix"> 6413 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6414 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6415 </affected> 6416 <reference ref_id="CVE-2009-3297" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3297" source="CVE"/> 6417 <description> 6418 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-0787, CVE-2010-0788, CVE-2010-0789. Reason: this candidate was intended for one issue in Samba, but it was used for multiple distinct issues, including one in FUSE and one in ncpfs. Notes: All CVE users should consult CVE-2010-0787 (Samba), CVE-2010-0788 (ncpfs), and CVE-2010-0789 (FUSE) to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage. 6419 </description> 6420 </metadata> 6421 <criteria operator="OR"> 6422 <!-- 6a69e558001894fbe19e2b3df6063065 --> 6423 <criteria operator="AND"> 6424 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6425 <criteria operator="OR"> 6426 <criterion test_ref="oval:org.opensuse.security:tst:2009060033" comment="fuse-devel less than 2.7.2-15.8.1"/> 6427 <criterion test_ref="oval:org.opensuse.security:tst:2009060034" comment="fuse less than 2.7.2-15.8.1"/> 6428 <criterion test_ref="oval:org.opensuse.security:tst:2009060035" comment="libfuse2 less than 2.7.2-15.8.1"/> 6429 </criteria> 6430 </criteria> 6431 <!-- d1fb23e6fc7336162eafa25df10d4b66 --> 6432 <criteria operator="AND"> 6433 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6434 <criteria operator="OR"> 6435 <criterion test_ref="oval:org.opensuse.security:tst:2009057950" comment="fuse-devel less than 2.7.2-15.7.1"/> 6436 <criterion test_ref="oval:org.opensuse.security:tst:2009057951" comment="fuse less than 2.7.2-15.7.1"/> 6437 <criterion test_ref="oval:org.opensuse.security:tst:2009057952" comment="libfuse2 less than 2.7.2-15.7.1"/> 6438 </criteria> 6439 </criteria> 6440 </criteria> 6441 </definition> 6442 <definition id="oval:org.opensuse.security:def:20093301" version="1" class="vulnerability"> 6443 <metadata> 6444 <title>CVE-2009-3301</title> 6445 <affected family="unix"> 6446 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6447 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6448 </affected> 6449 <reference ref_id="CVE-2009-3301" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3301" source="CVE"/> 6450 <description> 6451 Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document. 6452 </description> 6453 </metadata> 6454 <!-- 17aa6adc1c5e58a79af02c479d95aab1 --> 6455 <criteria operator="AND"> 6456 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6457 <criteria operator="OR"> 6458 <criterion test_ref="oval:org.opensuse.security:tst:2009058672" comment="OpenOffice_org-af less than 3.2-0.6.1"/> 6459 <criterion test_ref="oval:org.opensuse.security:tst:2009058673" comment="OpenOffice_org-ar less than 3.2-0.6.1"/> 6460 <criterion test_ref="oval:org.opensuse.security:tst:2009058674" comment="OpenOffice_org-ca less than 3.2-0.6.1"/> 6461 <criterion test_ref="oval:org.opensuse.security:tst:2009058675" comment="OpenOffice_org-cs less than 3.2-0.6.1"/> 6462 <criterion test_ref="oval:org.opensuse.security:tst:2009058676" comment="OpenOffice_org-da less than 3.2-0.6.1"/> 6463 <criterion test_ref="oval:org.opensuse.security:tst:2009058677" comment="OpenOffice_org-de less than 3.2-0.6.1"/> 6464 <criterion test_ref="oval:org.opensuse.security:tst:2009058678" comment="OpenOffice_org-es less than 3.2-0.6.1"/> 6465 <criterion test_ref="oval:org.opensuse.security:tst:2009058679" comment="OpenOffice_org-fi less than 3.2-0.6.1"/> 6466 <criterion test_ref="oval:org.opensuse.security:tst:2009058680" comment="OpenOffice_org-fr less than 3.2-0.6.1"/> 6467 <criterion test_ref="oval:org.opensuse.security:tst:2009058681" comment="OpenOffice_org-galleries less than 3.2-0.6.1"/> 6468 <criterion test_ref="oval:org.opensuse.security:tst:2009058682" comment="OpenOffice_org-gnome less than 3.2-0.6.1"/> 6469 <criterion test_ref="oval:org.opensuse.security:tst:2009058683" comment="OpenOffice_org-gu-IN less than 3.2-0.6.1"/> 6470 <criterion test_ref="oval:org.opensuse.security:tst:2009058684" comment="OpenOffice_org-hi-IN less than 3.2-0.6.1"/> 6471 <criterion test_ref="oval:org.opensuse.security:tst:2009058685" comment="OpenOffice_org-hu less than 3.2-0.6.1"/> 6472 <criterion test_ref="oval:org.opensuse.security:tst:2009058686" comment="OpenOffice_org-it less than 3.2-0.6.1"/> 6473 <criterion test_ref="oval:org.opensuse.security:tst:2009058687" comment="OpenOffice_org-ja less than 3.2-0.6.1"/> 6474 <criterion test_ref="oval:org.opensuse.security:tst:2009058688" comment="OpenOffice_org-kde less than 3.2-0.6.1"/> 6475 <criterion test_ref="oval:org.opensuse.security:tst:2009058689" comment="OpenOffice_org-mono less than 3.2-0.6.1"/> 6476 <criterion test_ref="oval:org.opensuse.security:tst:2009058690" comment="OpenOffice_org-nb less than 3.2-0.6.1"/> 6477 <criterion test_ref="oval:org.opensuse.security:tst:2009058691" comment="OpenOffice_org-nl less than 3.2-0.6.1"/> 6478 <criterion test_ref="oval:org.opensuse.security:tst:2009058692" comment="OpenOffice_org-nld less than 3.2-0.6.1"/> 6479 <criterion test_ref="oval:org.opensuse.security:tst:2009058693" comment="OpenOffice_org-nn less than 3.2-0.6.1"/> 6480 <criterion test_ref="oval:org.opensuse.security:tst:2009058694" comment="OpenOffice_org-pl less than 3.2-0.6.1"/> 6481 <criterion test_ref="oval:org.opensuse.security:tst:2009058695" comment="OpenOffice_org-pt-BR less than 3.2-0.6.1"/> 6482 <criterion test_ref="oval:org.opensuse.security:tst:2009058696" comment="OpenOffice_org-ru less than 3.2-0.6.1"/> 6483 <criterion test_ref="oval:org.opensuse.security:tst:2009058697" comment="OpenOffice_org-sk less than 3.2-0.6.1"/> 6484 <criterion test_ref="oval:org.opensuse.security:tst:2009058698" comment="OpenOffice_org-sv less than 3.2-0.6.1"/> 6485 <criterion test_ref="oval:org.opensuse.security:tst:2009058699" comment="OpenOffice_org-xh less than 3.2-0.6.1"/> 6486 <criterion test_ref="oval:org.opensuse.security:tst:2009058700" comment="OpenOffice_org-zh-CN less than 3.2-0.6.1"/> 6487 <criterion test_ref="oval:org.opensuse.security:tst:2009058701" comment="OpenOffice_org-zh-TW less than 3.2-0.6.1"/> 6488 <criterion test_ref="oval:org.opensuse.security:tst:2009058702" comment="OpenOffice_org-zu less than 3.2-0.6.1"/> 6489 <criterion test_ref="oval:org.opensuse.security:tst:2009058703" comment="OpenOffice_org less than 3.2-0.6.1"/> 6490 </criteria> 6491 </criteria> 6492 </definition> 6493 <definition id="oval:org.opensuse.security:def:20093302" version="1" class="vulnerability"> 6494 <metadata> 6495 <title>CVE-2009-3302</title> 6496 <affected family="unix"> 6497 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6498 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6499 </affected> 6500 <reference ref_id="CVE-2009-3302" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3302" source="CVE"/> 6501 <description> 6502 filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw." 6503 </description> 6504 </metadata> 6505 <!-- 17aa6adc1c5e58a79af02c479d95aab1 --> 6506 <criteria operator="AND"> 6507 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6508 <criteria operator="OR"> 6509 <criterion test_ref="oval:org.opensuse.security:tst:2009058672" comment="OpenOffice_org-af less than 3.2-0.6.1"/> 6510 <criterion test_ref="oval:org.opensuse.security:tst:2009058673" comment="OpenOffice_org-ar less than 3.2-0.6.1"/> 6511 <criterion test_ref="oval:org.opensuse.security:tst:2009058674" comment="OpenOffice_org-ca less than 3.2-0.6.1"/> 6512 <criterion test_ref="oval:org.opensuse.security:tst:2009058675" comment="OpenOffice_org-cs less than 3.2-0.6.1"/> 6513 <criterion test_ref="oval:org.opensuse.security:tst:2009058676" comment="OpenOffice_org-da less than 3.2-0.6.1"/> 6514 <criterion test_ref="oval:org.opensuse.security:tst:2009058677" comment="OpenOffice_org-de less than 3.2-0.6.1"/> 6515 <criterion test_ref="oval:org.opensuse.security:tst:2009058678" comment="OpenOffice_org-es less than 3.2-0.6.1"/> 6516 <criterion test_ref="oval:org.opensuse.security:tst:2009058679" comment="OpenOffice_org-fi less than 3.2-0.6.1"/> 6517 <criterion test_ref="oval:org.opensuse.security:tst:2009058680" comment="OpenOffice_org-fr less than 3.2-0.6.1"/> 6518 <criterion test_ref="oval:org.opensuse.security:tst:2009058681" comment="OpenOffice_org-galleries less than 3.2-0.6.1"/> 6519 <criterion test_ref="oval:org.opensuse.security:tst:2009058682" comment="OpenOffice_org-gnome less than 3.2-0.6.1"/> 6520 <criterion test_ref="oval:org.opensuse.security:tst:2009058683" comment="OpenOffice_org-gu-IN less than 3.2-0.6.1"/> 6521 <criterion test_ref="oval:org.opensuse.security:tst:2009058684" comment="OpenOffice_org-hi-IN less than 3.2-0.6.1"/> 6522 <criterion test_ref="oval:org.opensuse.security:tst:2009058685" comment="OpenOffice_org-hu less than 3.2-0.6.1"/> 6523 <criterion test_ref="oval:org.opensuse.security:tst:2009058686" comment="OpenOffice_org-it less than 3.2-0.6.1"/> 6524 <criterion test_ref="oval:org.opensuse.security:tst:2009058687" comment="OpenOffice_org-ja less than 3.2-0.6.1"/> 6525 <criterion test_ref="oval:org.opensuse.security:tst:2009058688" comment="OpenOffice_org-kde less than 3.2-0.6.1"/> 6526 <criterion test_ref="oval:org.opensuse.security:tst:2009058689" comment="OpenOffice_org-mono less than 3.2-0.6.1"/> 6527 <criterion test_ref="oval:org.opensuse.security:tst:2009058690" comment="OpenOffice_org-nb less than 3.2-0.6.1"/> 6528 <criterion test_ref="oval:org.opensuse.security:tst:2009058691" comment="OpenOffice_org-nl less than 3.2-0.6.1"/> 6529 <criterion test_ref="oval:org.opensuse.security:tst:2009058692" comment="OpenOffice_org-nld less than 3.2-0.6.1"/> 6530 <criterion test_ref="oval:org.opensuse.security:tst:2009058693" comment="OpenOffice_org-nn less than 3.2-0.6.1"/> 6531 <criterion test_ref="oval:org.opensuse.security:tst:2009058694" comment="OpenOffice_org-pl less than 3.2-0.6.1"/> 6532 <criterion test_ref="oval:org.opensuse.security:tst:2009058695" comment="OpenOffice_org-pt-BR less than 3.2-0.6.1"/> 6533 <criterion test_ref="oval:org.opensuse.security:tst:2009058696" comment="OpenOffice_org-ru less than 3.2-0.6.1"/> 6534 <criterion test_ref="oval:org.opensuse.security:tst:2009058697" comment="OpenOffice_org-sk less than 3.2-0.6.1"/> 6535 <criterion test_ref="oval:org.opensuse.security:tst:2009058698" comment="OpenOffice_org-sv less than 3.2-0.6.1"/> 6536 <criterion test_ref="oval:org.opensuse.security:tst:2009058699" comment="OpenOffice_org-xh less than 3.2-0.6.1"/> 6537 <criterion test_ref="oval:org.opensuse.security:tst:2009058700" comment="OpenOffice_org-zh-CN less than 3.2-0.6.1"/> 6538 <criterion test_ref="oval:org.opensuse.security:tst:2009058701" comment="OpenOffice_org-zh-TW less than 3.2-0.6.1"/> 6539 <criterion test_ref="oval:org.opensuse.security:tst:2009058702" comment="OpenOffice_org-zu less than 3.2-0.6.1"/> 6540 <criterion test_ref="oval:org.opensuse.security:tst:2009058703" comment="OpenOffice_org less than 3.2-0.6.1"/> 6541 </criteria> 6542 </criteria> 6543 </definition> 6544 <definition id="oval:org.opensuse.security:def:20093370" version="1" class="vulnerability"> 6545 <metadata> 6546 <title>CVE-2009-3370</title> 6547 <affected family="unix"> 6548 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6549 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6550 </affected> 6551 <reference ref_id="CVE-2009-3370" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3370" source="CVE"/> 6552 <description> 6553 Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries. 6554 </description> 6555 </metadata> 6556 <criteria operator="OR"> 6557 <!-- a105139fcdfd8a2d443ee7ac045f2e46 --> 6558 <criteria operator="AND"> 6559 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6560 <criteria operator="OR"> 6561 <criterion test_ref="oval:org.opensuse.security:tst:2009055908" comment="MozillaFirefox-translations less than 3.5.4-1.4.1"/> 6562 <criterion test_ref="oval:org.opensuse.security:tst:2009055909" comment="MozillaFirefox less than 3.5.4-1.4.1"/> 6563 <criterion test_ref="oval:org.opensuse.security:tst:2009055910" comment="mozilla-xulrunner191-32bit less than 1.9.1.4-2.4.1"/> 6564 <criterion test_ref="oval:org.opensuse.security:tst:2009055911" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.4-2.4.1"/> 6565 <criterion test_ref="oval:org.opensuse.security:tst:2009055912" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.4-2.4.1"/> 6566 <criterion test_ref="oval:org.opensuse.security:tst:2009055913" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.4-2.4.1"/> 6567 <criterion test_ref="oval:org.opensuse.security:tst:2009055914" comment="mozilla-xulrunner191-translations less than 1.9.1.4-2.4.1"/> 6568 <criterion test_ref="oval:org.opensuse.security:tst:2009055915" comment="mozilla-xulrunner191 less than 1.9.1.4-2.4.1"/> 6569 </criteria> 6570 </criteria> 6571 <!-- b45a97409a57ffb7bfed2096ba136e83 --> 6572 <criteria operator="AND"> 6573 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6574 <criteria operator="OR"> 6575 <criterion test_ref="oval:org.opensuse.security:tst:2009055919" comment="mozilla-xulrunner190-32bit less than 1.9.0.15-0.4.2"/> 6576 <criterion test_ref="oval:org.opensuse.security:tst:2009055920" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.15-0.4.2"/> 6577 <criterion test_ref="oval:org.opensuse.security:tst:2009055921" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.15-0.4.2"/> 6578 <criterion test_ref="oval:org.opensuse.security:tst:2009055922" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.15-0.4.2"/> 6579 <criterion test_ref="oval:org.opensuse.security:tst:2009055923" comment="mozilla-xulrunner190-translations less than 1.9.0.15-0.4.2"/> 6580 <criterion test_ref="oval:org.opensuse.security:tst:2009055924" comment="mozilla-xulrunner190 less than 1.9.0.15-0.4.2"/> 6581 </criteria> 6582 </criteria> 6583 </criteria> 6584 </definition> 6585 <definition id="oval:org.opensuse.security:def:20093371" version="1" class="vulnerability"> 6586 <metadata> 6587 <title>CVE-2009-3371</title> 6588 <affected family="unix"> 6589 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6590 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6591 </affected> 6592 <reference ref_id="CVE-2009-3371" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3371" source="CVE"/> 6593 <description> 6594 Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by creating JavaScript web-workers recursively. 6595 </description> 6596 </metadata> 6597 <criteria operator="OR"> 6598 <!-- a105139fcdfd8a2d443ee7ac045f2e46 --> 6599 <criteria operator="AND"> 6600 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6601 <criteria operator="OR"> 6602 <criterion test_ref="oval:org.opensuse.security:tst:2009055908" comment="MozillaFirefox-translations less than 3.5.4-1.4.1"/> 6603 <criterion test_ref="oval:org.opensuse.security:tst:2009055909" comment="MozillaFirefox less than 3.5.4-1.4.1"/> 6604 <criterion test_ref="oval:org.opensuse.security:tst:2009055910" comment="mozilla-xulrunner191-32bit less than 1.9.1.4-2.4.1"/> 6605 <criterion test_ref="oval:org.opensuse.security:tst:2009055911" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.4-2.4.1"/> 6606 <criterion test_ref="oval:org.opensuse.security:tst:2009055912" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.4-2.4.1"/> 6607 <criterion test_ref="oval:org.opensuse.security:tst:2009055913" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.4-2.4.1"/> 6608 <criterion test_ref="oval:org.opensuse.security:tst:2009055914" comment="mozilla-xulrunner191-translations less than 1.9.1.4-2.4.1"/> 6609 <criterion test_ref="oval:org.opensuse.security:tst:2009055915" comment="mozilla-xulrunner191 less than 1.9.1.4-2.4.1"/> 6610 </criteria> 6611 </criteria> 6612 <!-- b45a97409a57ffb7bfed2096ba136e83 --> 6613 <criteria operator="AND"> 6614 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6615 <criteria operator="OR"> 6616 <criterion test_ref="oval:org.opensuse.security:tst:2009055919" comment="mozilla-xulrunner190-32bit less than 1.9.0.15-0.4.2"/> 6617 <criterion test_ref="oval:org.opensuse.security:tst:2009055920" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.15-0.4.2"/> 6618 <criterion test_ref="oval:org.opensuse.security:tst:2009055921" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.15-0.4.2"/> 6619 <criterion test_ref="oval:org.opensuse.security:tst:2009055922" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.15-0.4.2"/> 6620 <criterion test_ref="oval:org.opensuse.security:tst:2009055923" comment="mozilla-xulrunner190-translations less than 1.9.0.15-0.4.2"/> 6621 <criterion test_ref="oval:org.opensuse.security:tst:2009055924" comment="mozilla-xulrunner190 less than 1.9.0.15-0.4.2"/> 6622 </criteria> 6623 </criteria> 6624 </criteria> 6625 </definition> 6626 <definition id="oval:org.opensuse.security:def:20093372" version="1" class="vulnerability"> 6627 <metadata> 6628 <title>CVE-2009-3372</title> 6629 <affected family="unix"> 6630 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6631 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6632 </affected> 6633 <reference ref_id="CVE-2009-3372" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3372" source="CVE"/> 6634 <description> 6635 Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file. 6636 </description> 6637 </metadata> 6638 <criteria operator="OR"> 6639 <!-- a105139fcdfd8a2d443ee7ac045f2e46 --> 6640 <criteria operator="AND"> 6641 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6642 <criteria operator="OR"> 6643 <criterion test_ref="oval:org.opensuse.security:tst:2009055908" comment="MozillaFirefox-translations less than 3.5.4-1.4.1"/> 6644 <criterion test_ref="oval:org.opensuse.security:tst:2009055909" comment="MozillaFirefox less than 3.5.4-1.4.1"/> 6645 <criterion test_ref="oval:org.opensuse.security:tst:2009055910" comment="mozilla-xulrunner191-32bit less than 1.9.1.4-2.4.1"/> 6646 <criterion test_ref="oval:org.opensuse.security:tst:2009055911" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.4-2.4.1"/> 6647 <criterion test_ref="oval:org.opensuse.security:tst:2009055912" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.4-2.4.1"/> 6648 <criterion test_ref="oval:org.opensuse.security:tst:2009055913" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.4-2.4.1"/> 6649 <criterion test_ref="oval:org.opensuse.security:tst:2009055914" comment="mozilla-xulrunner191-translations less than 1.9.1.4-2.4.1"/> 6650 <criterion test_ref="oval:org.opensuse.security:tst:2009055915" comment="mozilla-xulrunner191 less than 1.9.1.4-2.4.1"/> 6651 </criteria> 6652 </criteria> 6653 <!-- b45a97409a57ffb7bfed2096ba136e83 --> 6654 <criteria operator="AND"> 6655 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6656 <criteria operator="OR"> 6657 <criterion test_ref="oval:org.opensuse.security:tst:2009055919" comment="mozilla-xulrunner190-32bit less than 1.9.0.15-0.4.2"/> 6658 <criterion test_ref="oval:org.opensuse.security:tst:2009055920" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.15-0.4.2"/> 6659 <criterion test_ref="oval:org.opensuse.security:tst:2009055921" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.15-0.4.2"/> 6660 <criterion test_ref="oval:org.opensuse.security:tst:2009055922" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.15-0.4.2"/> 6661 <criterion test_ref="oval:org.opensuse.security:tst:2009055923" comment="mozilla-xulrunner190-translations less than 1.9.0.15-0.4.2"/> 6662 <criterion test_ref="oval:org.opensuse.security:tst:2009055924" comment="mozilla-xulrunner190 less than 1.9.0.15-0.4.2"/> 6663 </criteria> 6664 </criteria> 6665 </criteria> 6666 </definition> 6667 <definition id="oval:org.opensuse.security:def:20093373" version="1" class="vulnerability"> 6668 <metadata> 6669 <title>CVE-2009-3373</title> 6670 <affected family="unix"> 6671 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6672 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6673 </affected> 6674 <reference ref_id="CVE-2009-3373" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3373" source="CVE"/> 6675 <description> 6676 Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors. 6677 </description> 6678 </metadata> 6679 <criteria operator="OR"> 6680 <!-- a105139fcdfd8a2d443ee7ac045f2e46 --> 6681 <criteria operator="AND"> 6682 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6683 <criteria operator="OR"> 6684 <criterion test_ref="oval:org.opensuse.security:tst:2009055908" comment="MozillaFirefox-translations less than 3.5.4-1.4.1"/> 6685 <criterion test_ref="oval:org.opensuse.security:tst:2009055909" comment="MozillaFirefox less than 3.5.4-1.4.1"/> 6686 <criterion test_ref="oval:org.opensuse.security:tst:2009055910" comment="mozilla-xulrunner191-32bit less than 1.9.1.4-2.4.1"/> 6687 <criterion test_ref="oval:org.opensuse.security:tst:2009055911" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.4-2.4.1"/> 6688 <criterion test_ref="oval:org.opensuse.security:tst:2009055912" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.4-2.4.1"/> 6689 <criterion test_ref="oval:org.opensuse.security:tst:2009055913" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.4-2.4.1"/> 6690 <criterion test_ref="oval:org.opensuse.security:tst:2009055914" comment="mozilla-xulrunner191-translations less than 1.9.1.4-2.4.1"/> 6691 <criterion test_ref="oval:org.opensuse.security:tst:2009055915" comment="mozilla-xulrunner191 less than 1.9.1.4-2.4.1"/> 6692 </criteria> 6693 </criteria> 6694 <!-- b45a97409a57ffb7bfed2096ba136e83 --> 6695 <criteria operator="AND"> 6696 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6697 <criteria operator="OR"> 6698 <criterion test_ref="oval:org.opensuse.security:tst:2009055919" comment="mozilla-xulrunner190-32bit less than 1.9.0.15-0.4.2"/> 6699 <criterion test_ref="oval:org.opensuse.security:tst:2009055920" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.15-0.4.2"/> 6700 <criterion test_ref="oval:org.opensuse.security:tst:2009055921" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.15-0.4.2"/> 6701 <criterion test_ref="oval:org.opensuse.security:tst:2009055922" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.15-0.4.2"/> 6702 <criterion test_ref="oval:org.opensuse.security:tst:2009055923" comment="mozilla-xulrunner190-translations less than 1.9.0.15-0.4.2"/> 6703 <criterion test_ref="oval:org.opensuse.security:tst:2009055924" comment="mozilla-xulrunner190 less than 1.9.0.15-0.4.2"/> 6704 </criteria> 6705 </criteria> 6706 </criteria> 6707 </definition> 6708 <definition id="oval:org.opensuse.security:def:20093374" version="1" class="vulnerability"> 6709 <metadata> 6710 <title>CVE-2009-3374</title> 6711 <affected family="unix"> 6712 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6713 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6714 </affected> 6715 <reference ref_id="CVE-2009-3374" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3374" source="CVE"/> 6716 <description> 6717 The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to "doubly-wrapped objects." 6718 </description> 6719 </metadata> 6720 <criteria operator="OR"> 6721 <!-- a105139fcdfd8a2d443ee7ac045f2e46 --> 6722 <criteria operator="AND"> 6723 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6724 <criteria operator="OR"> 6725 <criterion test_ref="oval:org.opensuse.security:tst:2009055908" comment="MozillaFirefox-translations less than 3.5.4-1.4.1"/> 6726 <criterion test_ref="oval:org.opensuse.security:tst:2009055909" comment="MozillaFirefox less than 3.5.4-1.4.1"/> 6727 <criterion test_ref="oval:org.opensuse.security:tst:2009055910" comment="mozilla-xulrunner191-32bit less than 1.9.1.4-2.4.1"/> 6728 <criterion test_ref="oval:org.opensuse.security:tst:2009055911" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.4-2.4.1"/> 6729 <criterion test_ref="oval:org.opensuse.security:tst:2009055912" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.4-2.4.1"/> 6730 <criterion test_ref="oval:org.opensuse.security:tst:2009055913" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.4-2.4.1"/> 6731 <criterion test_ref="oval:org.opensuse.security:tst:2009055914" comment="mozilla-xulrunner191-translations less than 1.9.1.4-2.4.1"/> 6732 <criterion test_ref="oval:org.opensuse.security:tst:2009055915" comment="mozilla-xulrunner191 less than 1.9.1.4-2.4.1"/> 6733 </criteria> 6734 </criteria> 6735 <!-- b45a97409a57ffb7bfed2096ba136e83 --> 6736 <criteria operator="AND"> 6737 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6738 <criteria operator="OR"> 6739 <criterion test_ref="oval:org.opensuse.security:tst:2009055919" comment="mozilla-xulrunner190-32bit less than 1.9.0.15-0.4.2"/> 6740 <criterion test_ref="oval:org.opensuse.security:tst:2009055920" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.15-0.4.2"/> 6741 <criterion test_ref="oval:org.opensuse.security:tst:2009055921" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.15-0.4.2"/> 6742 <criterion test_ref="oval:org.opensuse.security:tst:2009055922" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.15-0.4.2"/> 6743 <criterion test_ref="oval:org.opensuse.security:tst:2009055923" comment="mozilla-xulrunner190-translations less than 1.9.0.15-0.4.2"/> 6744 <criterion test_ref="oval:org.opensuse.security:tst:2009055924" comment="mozilla-xulrunner190 less than 1.9.0.15-0.4.2"/> 6745 </criteria> 6746 </criteria> 6747 </criteria> 6748 </definition> 6749 <definition id="oval:org.opensuse.security:def:20093375" version="1" class="vulnerability"> 6750 <metadata> 6751 <title>CVE-2009-3375</title> 6752 <affected family="unix"> 6753 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6754 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6755 </affected> 6756 <reference ref_id="CVE-2009-3375" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3375" source="CVE"/> 6757 <description> 6758 content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection function. 6759 </description> 6760 </metadata> 6761 <criteria operator="OR"> 6762 <!-- a105139fcdfd8a2d443ee7ac045f2e46 --> 6763 <criteria operator="AND"> 6764 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6765 <criteria operator="OR"> 6766 <criterion test_ref="oval:org.opensuse.security:tst:2009055908" comment="MozillaFirefox-translations less than 3.5.4-1.4.1"/> 6767 <criterion test_ref="oval:org.opensuse.security:tst:2009055909" comment="MozillaFirefox less than 3.5.4-1.4.1"/> 6768 <criterion test_ref="oval:org.opensuse.security:tst:2009055910" comment="mozilla-xulrunner191-32bit less than 1.9.1.4-2.4.1"/> 6769 <criterion test_ref="oval:org.opensuse.security:tst:2009055911" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.4-2.4.1"/> 6770 <criterion test_ref="oval:org.opensuse.security:tst:2009055912" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.4-2.4.1"/> 6771 <criterion test_ref="oval:org.opensuse.security:tst:2009055913" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.4-2.4.1"/> 6772 <criterion test_ref="oval:org.opensuse.security:tst:2009055914" comment="mozilla-xulrunner191-translations less than 1.9.1.4-2.4.1"/> 6773 <criterion test_ref="oval:org.opensuse.security:tst:2009055915" comment="mozilla-xulrunner191 less than 1.9.1.4-2.4.1"/> 6774 </criteria> 6775 </criteria> 6776 <!-- b45a97409a57ffb7bfed2096ba136e83 --> 6777 <criteria operator="AND"> 6778 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6779 <criteria operator="OR"> 6780 <criterion test_ref="oval:org.opensuse.security:tst:2009055919" comment="mozilla-xulrunner190-32bit less than 1.9.0.15-0.4.2"/> 6781 <criterion test_ref="oval:org.opensuse.security:tst:2009055920" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.15-0.4.2"/> 6782 <criterion test_ref="oval:org.opensuse.security:tst:2009055921" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.15-0.4.2"/> 6783 <criterion test_ref="oval:org.opensuse.security:tst:2009055922" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.15-0.4.2"/> 6784 <criterion test_ref="oval:org.opensuse.security:tst:2009055923" comment="mozilla-xulrunner190-translations less than 1.9.0.15-0.4.2"/> 6785 <criterion test_ref="oval:org.opensuse.security:tst:2009055924" comment="mozilla-xulrunner190 less than 1.9.0.15-0.4.2"/> 6786 </criteria> 6787 </criteria> 6788 </criteria> 6789 </definition> 6790 <definition id="oval:org.opensuse.security:def:20093376" version="1" class="vulnerability"> 6791 <metadata> 6792 <title>CVE-2009-3376</title> 6793 <affected family="unix"> 6794 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6795 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6796 </affected> 6797 <reference ref_id="CVE-2009-3376" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3376" source="CVE"/> 6798 <description> 6799 Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file. 6800 </description> 6801 </metadata> 6802 <criteria operator="OR"> 6803 <!-- a105139fcdfd8a2d443ee7ac045f2e46 --> 6804 <criteria operator="AND"> 6805 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6806 <criteria operator="OR"> 6807 <criterion test_ref="oval:org.opensuse.security:tst:2009055908" comment="MozillaFirefox-translations less than 3.5.4-1.4.1"/> 6808 <criterion test_ref="oval:org.opensuse.security:tst:2009055909" comment="MozillaFirefox less than 3.5.4-1.4.1"/> 6809 <criterion test_ref="oval:org.opensuse.security:tst:2009055910" comment="mozilla-xulrunner191-32bit less than 1.9.1.4-2.4.1"/> 6810 <criterion test_ref="oval:org.opensuse.security:tst:2009055911" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.4-2.4.1"/> 6811 <criterion test_ref="oval:org.opensuse.security:tst:2009055912" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.4-2.4.1"/> 6812 <criterion test_ref="oval:org.opensuse.security:tst:2009055913" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.4-2.4.1"/> 6813 <criterion test_ref="oval:org.opensuse.security:tst:2009055914" comment="mozilla-xulrunner191-translations less than 1.9.1.4-2.4.1"/> 6814 <criterion test_ref="oval:org.opensuse.security:tst:2009055915" comment="mozilla-xulrunner191 less than 1.9.1.4-2.4.1"/> 6815 </criteria> 6816 </criteria> 6817 <!-- b45a97409a57ffb7bfed2096ba136e83 --> 6818 <criteria operator="AND"> 6819 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6820 <criteria operator="OR"> 6821 <criterion test_ref="oval:org.opensuse.security:tst:2009055919" comment="mozilla-xulrunner190-32bit less than 1.9.0.15-0.4.2"/> 6822 <criterion test_ref="oval:org.opensuse.security:tst:2009055920" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.15-0.4.2"/> 6823 <criterion test_ref="oval:org.opensuse.security:tst:2009055921" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.15-0.4.2"/> 6824 <criterion test_ref="oval:org.opensuse.security:tst:2009055922" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.15-0.4.2"/> 6825 <criterion test_ref="oval:org.opensuse.security:tst:2009055923" comment="mozilla-xulrunner190-translations less than 1.9.0.15-0.4.2"/> 6826 <criterion test_ref="oval:org.opensuse.security:tst:2009055924" comment="mozilla-xulrunner190 less than 1.9.0.15-0.4.2"/> 6827 </criteria> 6828 </criteria> 6829 </criteria> 6830 </definition> 6831 <definition id="oval:org.opensuse.security:def:20093377" version="1" class="vulnerability"> 6832 <metadata> 6833 <title>CVE-2009-3377</title> 6834 <affected family="unix"> 6835 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6836 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6837 </affected> 6838 <reference ref_id="CVE-2009-3377" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3377" source="CVE"/> 6839 <description> 6840 Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. 6841 </description> 6842 </metadata> 6843 <!-- a105139fcdfd8a2d443ee7ac045f2e46 --> 6844 <criteria operator="AND"> 6845 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6846 <criteria operator="OR"> 6847 <criterion test_ref="oval:org.opensuse.security:tst:2009055908" comment="MozillaFirefox-translations less than 3.5.4-1.4.1"/> 6848 <criterion test_ref="oval:org.opensuse.security:tst:2009055909" comment="MozillaFirefox less than 3.5.4-1.4.1"/> 6849 <criterion test_ref="oval:org.opensuse.security:tst:2009055910" comment="mozilla-xulrunner191-32bit less than 1.9.1.4-2.4.1"/> 6850 <criterion test_ref="oval:org.opensuse.security:tst:2009055911" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.4-2.4.1"/> 6851 <criterion test_ref="oval:org.opensuse.security:tst:2009055912" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.4-2.4.1"/> 6852 <criterion test_ref="oval:org.opensuse.security:tst:2009055913" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.4-2.4.1"/> 6853 <criterion test_ref="oval:org.opensuse.security:tst:2009055914" comment="mozilla-xulrunner191-translations less than 1.9.1.4-2.4.1"/> 6854 <criterion test_ref="oval:org.opensuse.security:tst:2009055915" comment="mozilla-xulrunner191 less than 1.9.1.4-2.4.1"/> 6855 </criteria> 6856 </criteria> 6857 </definition> 6858 <definition id="oval:org.opensuse.security:def:20093378" version="1" class="vulnerability"> 6859 <metadata> 6860 <title>CVE-2009-3378</title> 6861 <affected family="unix"> 6862 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6863 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6864 </affected> 6865 <reference ref_id="CVE-2009-3378" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3378" source="CVE"/> 6866 <description> 6867 The oggplay_data_handle_theora_frame function in media/liboggplay/src/liboggplay/oggplay_data.c in liboggplay, as used in Mozilla Firefox 3.5.x before 3.5.4, attempts to reuse an earlier frame data structure upon encountering a decoding error for the first frame, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a crafted .ogg video file. 6868 </description> 6869 </metadata> 6870 <!-- a105139fcdfd8a2d443ee7ac045f2e46 --> 6871 <criteria operator="AND"> 6872 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6873 <criteria operator="OR"> 6874 <criterion test_ref="oval:org.opensuse.security:tst:2009055908" comment="MozillaFirefox-translations less than 3.5.4-1.4.1"/> 6875 <criterion test_ref="oval:org.opensuse.security:tst:2009055909" comment="MozillaFirefox less than 3.5.4-1.4.1"/> 6876 <criterion test_ref="oval:org.opensuse.security:tst:2009055910" comment="mozilla-xulrunner191-32bit less than 1.9.1.4-2.4.1"/> 6877 <criterion test_ref="oval:org.opensuse.security:tst:2009055911" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.4-2.4.1"/> 6878 <criterion test_ref="oval:org.opensuse.security:tst:2009055912" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.4-2.4.1"/> 6879 <criterion test_ref="oval:org.opensuse.security:tst:2009055913" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.4-2.4.1"/> 6880 <criterion test_ref="oval:org.opensuse.security:tst:2009055914" comment="mozilla-xulrunner191-translations less than 1.9.1.4-2.4.1"/> 6881 <criterion test_ref="oval:org.opensuse.security:tst:2009055915" comment="mozilla-xulrunner191 less than 1.9.1.4-2.4.1"/> 6882 </criteria> 6883 </criteria> 6884 </definition> 6885 <definition id="oval:org.opensuse.security:def:20093379" version="1" class="vulnerability"> 6886 <metadata> 6887 <title>CVE-2009-3379</title> 6888 <affected family="unix"> 6889 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6890 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6891 </affected> 6892 <reference ref_id="CVE-2009-3379" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3379" source="CVE"/> 6893 <description> 6894 Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overlap CVE-2009-2663. 6895 </description> 6896 </metadata> 6897 <!-- a105139fcdfd8a2d443ee7ac045f2e46 --> 6898 <criteria operator="AND"> 6899 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6900 <criteria operator="OR"> 6901 <criterion test_ref="oval:org.opensuse.security:tst:2009055908" comment="MozillaFirefox-translations less than 3.5.4-1.4.1"/> 6902 <criterion test_ref="oval:org.opensuse.security:tst:2009055909" comment="MozillaFirefox less than 3.5.4-1.4.1"/> 6903 <criterion test_ref="oval:org.opensuse.security:tst:2009055910" comment="mozilla-xulrunner191-32bit less than 1.9.1.4-2.4.1"/> 6904 <criterion test_ref="oval:org.opensuse.security:tst:2009055911" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.4-2.4.1"/> 6905 <criterion test_ref="oval:org.opensuse.security:tst:2009055912" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.4-2.4.1"/> 6906 <criterion test_ref="oval:org.opensuse.security:tst:2009055913" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.4-2.4.1"/> 6907 <criterion test_ref="oval:org.opensuse.security:tst:2009055914" comment="mozilla-xulrunner191-translations less than 1.9.1.4-2.4.1"/> 6908 <criterion test_ref="oval:org.opensuse.security:tst:2009055915" comment="mozilla-xulrunner191 less than 1.9.1.4-2.4.1"/> 6909 </criteria> 6910 </criteria> 6911 </definition> 6912 <definition id="oval:org.opensuse.security:def:20093380" version="1" class="vulnerability"> 6913 <metadata> 6914 <title>CVE-2009-3380</title> 6915 <affected family="unix"> 6916 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6917 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6918 </affected> 6919 <reference ref_id="CVE-2009-3380" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3380" source="CVE"/> 6920 <description> 6921 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 6922 </description> 6923 </metadata> 6924 <criteria operator="OR"> 6925 <!-- a105139fcdfd8a2d443ee7ac045f2e46 --> 6926 <criteria operator="AND"> 6927 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6928 <criteria operator="OR"> 6929 <criterion test_ref="oval:org.opensuse.security:tst:2009055908" comment="MozillaFirefox-translations less than 3.5.4-1.4.1"/> 6930 <criterion test_ref="oval:org.opensuse.security:tst:2009055909" comment="MozillaFirefox less than 3.5.4-1.4.1"/> 6931 <criterion test_ref="oval:org.opensuse.security:tst:2009055910" comment="mozilla-xulrunner191-32bit less than 1.9.1.4-2.4.1"/> 6932 <criterion test_ref="oval:org.opensuse.security:tst:2009055911" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.4-2.4.1"/> 6933 <criterion test_ref="oval:org.opensuse.security:tst:2009055912" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.4-2.4.1"/> 6934 <criterion test_ref="oval:org.opensuse.security:tst:2009055913" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.4-2.4.1"/> 6935 <criterion test_ref="oval:org.opensuse.security:tst:2009055914" comment="mozilla-xulrunner191-translations less than 1.9.1.4-2.4.1"/> 6936 <criterion test_ref="oval:org.opensuse.security:tst:2009055915" comment="mozilla-xulrunner191 less than 1.9.1.4-2.4.1"/> 6937 </criteria> 6938 </criteria> 6939 <!-- b45a97409a57ffb7bfed2096ba136e83 --> 6940 <criteria operator="AND"> 6941 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6942 <criteria operator="OR"> 6943 <criterion test_ref="oval:org.opensuse.security:tst:2009055919" comment="mozilla-xulrunner190-32bit less than 1.9.0.15-0.4.2"/> 6944 <criterion test_ref="oval:org.opensuse.security:tst:2009055920" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.15-0.4.2"/> 6945 <criterion test_ref="oval:org.opensuse.security:tst:2009055921" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.15-0.4.2"/> 6946 <criterion test_ref="oval:org.opensuse.security:tst:2009055922" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.15-0.4.2"/> 6947 <criterion test_ref="oval:org.opensuse.security:tst:2009055923" comment="mozilla-xulrunner190-translations less than 1.9.0.15-0.4.2"/> 6948 <criterion test_ref="oval:org.opensuse.security:tst:2009055924" comment="mozilla-xulrunner190 less than 1.9.0.15-0.4.2"/> 6949 </criteria> 6950 </criteria> 6951 </criteria> 6952 </definition> 6953 <definition id="oval:org.opensuse.security:def:20093381" version="1" class="vulnerability"> 6954 <metadata> 6955 <title>CVE-2009-3381</title> 6956 <affected family="unix"> 6957 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6958 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 6959 </affected> 6960 <reference ref_id="CVE-2009-3381" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3381" source="CVE"/> 6961 <description> 6962 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 6963 </description> 6964 </metadata> 6965 <criteria operator="OR"> 6966 <!-- a105139fcdfd8a2d443ee7ac045f2e46 --> 6967 <criteria operator="AND"> 6968 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6969 <criteria operator="OR"> 6970 <criterion test_ref="oval:org.opensuse.security:tst:2009055908" comment="MozillaFirefox-translations less than 3.5.4-1.4.1"/> 6971 <criterion test_ref="oval:org.opensuse.security:tst:2009055909" comment="MozillaFirefox less than 3.5.4-1.4.1"/> 6972 <criterion test_ref="oval:org.opensuse.security:tst:2009055910" comment="mozilla-xulrunner191-32bit less than 1.9.1.4-2.4.1"/> 6973 <criterion test_ref="oval:org.opensuse.security:tst:2009055911" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.4-2.4.1"/> 6974 <criterion test_ref="oval:org.opensuse.security:tst:2009055912" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.4-2.4.1"/> 6975 <criterion test_ref="oval:org.opensuse.security:tst:2009055913" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.4-2.4.1"/> 6976 <criterion test_ref="oval:org.opensuse.security:tst:2009055914" comment="mozilla-xulrunner191-translations less than 1.9.1.4-2.4.1"/> 6977 <criterion test_ref="oval:org.opensuse.security:tst:2009055915" comment="mozilla-xulrunner191 less than 1.9.1.4-2.4.1"/> 6978 </criteria> 6979 </criteria> 6980 <!-- b45a97409a57ffb7bfed2096ba136e83 --> 6981 <criteria operator="AND"> 6982 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 6983 <criteria operator="OR"> 6984 <criterion test_ref="oval:org.opensuse.security:tst:2009055919" comment="mozilla-xulrunner190-32bit less than 1.9.0.15-0.4.2"/> 6985 <criterion test_ref="oval:org.opensuse.security:tst:2009055920" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.15-0.4.2"/> 6986 <criterion test_ref="oval:org.opensuse.security:tst:2009055921" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.15-0.4.2"/> 6987 <criterion test_ref="oval:org.opensuse.security:tst:2009055922" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.15-0.4.2"/> 6988 <criterion test_ref="oval:org.opensuse.security:tst:2009055923" comment="mozilla-xulrunner190-translations less than 1.9.0.15-0.4.2"/> 6989 <criterion test_ref="oval:org.opensuse.security:tst:2009055924" comment="mozilla-xulrunner190 less than 1.9.0.15-0.4.2"/> 6990 </criteria> 6991 </criteria> 6992 </criteria> 6993 </definition> 6994 <definition id="oval:org.opensuse.security:def:20093382" version="1" class="vulnerability"> 6995 <metadata> 6996 <title>CVE-2009-3382</title> 6997 <affected family="unix"> 6998 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 6999 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7000 </affected> 7001 <reference ref_id="CVE-2009-3382" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3382" source="CVE"/> 7002 <description> 7003 layout/base/nsCSSFrameConstructor.cpp in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 does not properly handle first-letter frames, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. 7004 </description> 7005 </metadata> 7006 <criteria operator="OR"> 7007 <!-- a105139fcdfd8a2d443ee7ac045f2e46 --> 7008 <criteria operator="AND"> 7009 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7010 <criteria operator="OR"> 7011 <criterion test_ref="oval:org.opensuse.security:tst:2009055908" comment="MozillaFirefox-translations less than 3.5.4-1.4.1"/> 7012 <criterion test_ref="oval:org.opensuse.security:tst:2009055909" comment="MozillaFirefox less than 3.5.4-1.4.1"/> 7013 <criterion test_ref="oval:org.opensuse.security:tst:2009055910" comment="mozilla-xulrunner191-32bit less than 1.9.1.4-2.4.1"/> 7014 <criterion test_ref="oval:org.opensuse.security:tst:2009055911" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.4-2.4.1"/> 7015 <criterion test_ref="oval:org.opensuse.security:tst:2009055912" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.4-2.4.1"/> 7016 <criterion test_ref="oval:org.opensuse.security:tst:2009055913" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.4-2.4.1"/> 7017 <criterion test_ref="oval:org.opensuse.security:tst:2009055914" comment="mozilla-xulrunner191-translations less than 1.9.1.4-2.4.1"/> 7018 <criterion test_ref="oval:org.opensuse.security:tst:2009055915" comment="mozilla-xulrunner191 less than 1.9.1.4-2.4.1"/> 7019 </criteria> 7020 </criteria> 7021 <!-- b45a97409a57ffb7bfed2096ba136e83 --> 7022 <criteria operator="AND"> 7023 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7024 <criteria operator="OR"> 7025 <criterion test_ref="oval:org.opensuse.security:tst:2009055919" comment="mozilla-xulrunner190-32bit less than 1.9.0.15-0.4.2"/> 7026 <criterion test_ref="oval:org.opensuse.security:tst:2009055920" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.15-0.4.2"/> 7027 <criterion test_ref="oval:org.opensuse.security:tst:2009055921" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.15-0.4.2"/> 7028 <criterion test_ref="oval:org.opensuse.security:tst:2009055922" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.15-0.4.2"/> 7029 <criterion test_ref="oval:org.opensuse.security:tst:2009055923" comment="mozilla-xulrunner190-translations less than 1.9.0.15-0.4.2"/> 7030 <criterion test_ref="oval:org.opensuse.security:tst:2009055924" comment="mozilla-xulrunner190 less than 1.9.0.15-0.4.2"/> 7031 </criteria> 7032 </criteria> 7033 </criteria> 7034 </definition> 7035 <definition id="oval:org.opensuse.security:def:20093383" version="1" class="vulnerability"> 7036 <metadata> 7037 <title>CVE-2009-3383</title> 7038 <affected family="unix"> 7039 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7040 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7041 </affected> 7042 <reference ref_id="CVE-2009-3383" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3383" source="CVE"/> 7043 <description> 7044 Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 7045 </description> 7046 </metadata> 7047 <criteria operator="OR"> 7048 <!-- a105139fcdfd8a2d443ee7ac045f2e46 --> 7049 <criteria operator="AND"> 7050 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7051 <criteria operator="OR"> 7052 <criterion test_ref="oval:org.opensuse.security:tst:2009055908" comment="MozillaFirefox-translations less than 3.5.4-1.4.1"/> 7053 <criterion test_ref="oval:org.opensuse.security:tst:2009055909" comment="MozillaFirefox less than 3.5.4-1.4.1"/> 7054 <criterion test_ref="oval:org.opensuse.security:tst:2009055910" comment="mozilla-xulrunner191-32bit less than 1.9.1.4-2.4.1"/> 7055 <criterion test_ref="oval:org.opensuse.security:tst:2009055911" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.4-2.4.1"/> 7056 <criterion test_ref="oval:org.opensuse.security:tst:2009055912" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.4-2.4.1"/> 7057 <criterion test_ref="oval:org.opensuse.security:tst:2009055913" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.4-2.4.1"/> 7058 <criterion test_ref="oval:org.opensuse.security:tst:2009055914" comment="mozilla-xulrunner191-translations less than 1.9.1.4-2.4.1"/> 7059 <criterion test_ref="oval:org.opensuse.security:tst:2009055915" comment="mozilla-xulrunner191 less than 1.9.1.4-2.4.1"/> 7060 </criteria> 7061 </criteria> 7062 <!-- b45a97409a57ffb7bfed2096ba136e83 --> 7063 <criteria operator="AND"> 7064 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7065 <criteria operator="OR"> 7066 <criterion test_ref="oval:org.opensuse.security:tst:2009055919" comment="mozilla-xulrunner190-32bit less than 1.9.0.15-0.4.2"/> 7067 <criterion test_ref="oval:org.opensuse.security:tst:2009055920" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.15-0.4.2"/> 7068 <criterion test_ref="oval:org.opensuse.security:tst:2009055921" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.15-0.4.2"/> 7069 <criterion test_ref="oval:org.opensuse.security:tst:2009055922" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.15-0.4.2"/> 7070 <criterion test_ref="oval:org.opensuse.security:tst:2009055923" comment="mozilla-xulrunner190-translations less than 1.9.0.15-0.4.2"/> 7071 <criterion test_ref="oval:org.opensuse.security:tst:2009055924" comment="mozilla-xulrunner190 less than 1.9.0.15-0.4.2"/> 7072 </criteria> 7073 </criteria> 7074 </criteria> 7075 </definition> 7076 <definition id="oval:org.opensuse.security:def:20093388" version="1" class="vulnerability"> 7077 <metadata> 7078 <title>CVE-2009-3388</title> 7079 <affected family="unix"> 7080 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7081 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7082 </affected> 7083 <reference ref_id="CVE-2009-3388" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3388" source="CVE"/> 7084 <description> 7085 liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before 2.0.1 might allow context-dependent attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to "memory safety issues." 7086 </description> 7087 </metadata> 7088 <!-- 2f608be689872233c5fce2ce26bd4514 --> 7089 <criteria operator="AND"> 7090 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7091 <criteria operator="OR"> 7092 <criterion test_ref="oval:org.opensuse.security:tst:2009056915" comment="MozillaFirefox-translations less than 3.5.6-1.4.1"/> 7093 <criterion test_ref="oval:org.opensuse.security:tst:2009056916" comment="MozillaFirefox less than 3.5.6-1.4.1"/> 7094 <criterion test_ref="oval:org.opensuse.security:tst:2009056917" comment="mozilla-xulrunner191-32bit less than 1.9.1.6-1.4.1"/> 7095 <criterion test_ref="oval:org.opensuse.security:tst:2009056918" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.6-1.4.1"/> 7096 <criterion test_ref="oval:org.opensuse.security:tst:2009056919" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.6-1.4.1"/> 7097 <criterion test_ref="oval:org.opensuse.security:tst:2009056920" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.6-1.4.1"/> 7098 <criterion test_ref="oval:org.opensuse.security:tst:2009056921" comment="mozilla-xulrunner191-translations less than 1.9.1.6-1.4.1"/> 7099 <criterion test_ref="oval:org.opensuse.security:tst:2009056922" comment="mozilla-xulrunner191 less than 1.9.1.6-1.4.1"/> 7100 </criteria> 7101 </criteria> 7102 </definition> 7103 <definition id="oval:org.opensuse.security:def:20093389" version="1" class="vulnerability"> 7104 <metadata> 7105 <title>CVE-2009-3389</title> 7106 <affected family="unix"> 7107 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7108 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7109 </affected> 7110 <reference ref_id="CVE-2009-3389" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3389" source="CVE"/> 7111 <description> 7112 Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions. 7113 </description> 7114 </metadata> 7115 <!-- 2f608be689872233c5fce2ce26bd4514 --> 7116 <criteria operator="AND"> 7117 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7118 <criteria operator="OR"> 7119 <criterion test_ref="oval:org.opensuse.security:tst:2009056915" comment="MozillaFirefox-translations less than 3.5.6-1.4.1"/> 7120 <criterion test_ref="oval:org.opensuse.security:tst:2009056916" comment="MozillaFirefox less than 3.5.6-1.4.1"/> 7121 <criterion test_ref="oval:org.opensuse.security:tst:2009056917" comment="mozilla-xulrunner191-32bit less than 1.9.1.6-1.4.1"/> 7122 <criterion test_ref="oval:org.opensuse.security:tst:2009056918" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.6-1.4.1"/> 7123 <criterion test_ref="oval:org.opensuse.security:tst:2009056919" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.6-1.4.1"/> 7124 <criterion test_ref="oval:org.opensuse.security:tst:2009056920" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.6-1.4.1"/> 7125 <criterion test_ref="oval:org.opensuse.security:tst:2009056921" comment="mozilla-xulrunner191-translations less than 1.9.1.6-1.4.1"/> 7126 <criterion test_ref="oval:org.opensuse.security:tst:2009056922" comment="mozilla-xulrunner191 less than 1.9.1.6-1.4.1"/> 7127 </criteria> 7128 </criteria> 7129 </definition> 7130 <definition id="oval:org.opensuse.security:def:20093431" version="1" class="vulnerability"> 7131 <metadata> 7132 <title>CVE-2009-3431</title> 7133 <affected family="unix"> 7134 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7135 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7136 </affected> 7137 <reference ref_id="CVE-2009-3431" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3431" source="CVE"/> 7138 <description> 7139 Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, 9.1.2, 9.1.1, and earlier 9.x versions; 8.1.6 and earlier 8.x versions; and possibly 7.1.4 and earlier 7.x versions allows remote attackers to cause a denial of service (application crash) via a PDF file with a large number of [ (open square bracket) characters in the argument to the alert method. NOTE: some of these details are obtained from third party information. 7140 </description> 7141 </metadata> 7142 <criteria operator="OR"> 7143 <!-- 538748b7a9bae219da3187e837f552ac --> 7144 <criteria operator="AND"> 7145 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7146 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 7147 </criteria> 7148 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 7149 <criteria operator="AND"> 7150 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7151 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 7152 </criteria> 7153 </criteria> 7154 </definition> 7155 <definition id="oval:org.opensuse.security:def:20093458" version="1" class="vulnerability"> 7156 <metadata> 7157 <title>CVE-2009-3458</title> 7158 <affected family="unix"> 7159 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7160 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7161 </affected> 7162 <reference ref_id="CVE-2009-3458" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3458" source="CVE"/> 7163 <description> 7164 Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2998. 7165 </description> 7166 </metadata> 7167 <criteria operator="OR"> 7168 <!-- 538748b7a9bae219da3187e837f552ac --> 7169 <criteria operator="AND"> 7170 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7171 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 7172 </criteria> 7173 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 7174 <criteria operator="AND"> 7175 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7176 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 7177 </criteria> 7178 </criteria> 7179 </definition> 7180 <definition id="oval:org.opensuse.security:def:20093459" version="1" class="vulnerability"> 7181 <metadata> 7182 <title>CVE-2009-3459</title> 7183 <affected family="unix"> 7184 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7185 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7186 </affected> 7187 <reference ref_id="CVE-2009-3459" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3459" source="CVE"/> 7188 <description> 7189 Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information. 7190 </description> 7191 </metadata> 7192 <criteria operator="OR"> 7193 <!-- 538748b7a9bae219da3187e837f552ac --> 7194 <criteria operator="AND"> 7195 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7196 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 7197 </criteria> 7198 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 7199 <criteria operator="AND"> 7200 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7201 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 7202 </criteria> 7203 </criteria> 7204 </definition> 7205 <definition id="oval:org.opensuse.security:def:20093462" version="1" class="vulnerability"> 7206 <metadata> 7207 <title>CVE-2009-3462</title> 7208 <affected family="unix"> 7209 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7210 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7211 </affected> 7212 <reference ref_id="CVE-2009-3462" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3462" source="CVE"/> 7213 <description> 7214 Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug." 7215 </description> 7216 </metadata> 7217 <criteria operator="OR"> 7218 <!-- 538748b7a9bae219da3187e837f552ac --> 7219 <criteria operator="AND"> 7220 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7221 <criterion test_ref="oval:org.opensuse.security:tst:2009055729" comment="acroread less than 8.1.7-0.5.1"/> 7222 </criteria> 7223 <!-- c7ba3c517224717a03bcb3b56d7b3550 --> 7224 <criteria operator="AND"> 7225 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7226 <criterion test_ref="oval:org.opensuse.security:tst:2009055728" comment="acroread_ja less than 8.1.7-0.5.1"/> 7227 </criteria> 7228 </criteria> 7229 </definition> 7230 <definition id="oval:org.opensuse.security:def:20093547" version="1" class="vulnerability"> 7231 <metadata> 7232 <title>CVE-2009-3547</title> 7233 <affected family="unix"> 7234 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7235 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7236 </affected> 7237 <reference ref_id="CVE-2009-3547" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547" source="CVE"/> 7238 <description> 7239 Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname. 7240 </description> 7241 </metadata> 7242 <criteria operator="OR"> 7243 <!-- 4d39ec6d8748e038ab04a0b27f7382a1 --> 7244 <criteria operator="AND"> 7245 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7246 <criteria operator="OR"> 7247 <criterion test_ref="oval:org.opensuse.security:tst:2009056156" comment="kernel-bigsmp less than 2.6.16.60-0.57.1"/> 7248 <criterion test_ref="oval:org.opensuse.security:tst:2009056150" comment="kernel-default less than 2.6.16.60-0.57.1"/> 7249 <criterion test_ref="oval:org.opensuse.security:tst:2009056157" comment="kernel-smp less than 2.6.16.60-0.57.1"/> 7250 <criterion test_ref="oval:org.opensuse.security:tst:2009056154" comment="kernel-source less than 2.6.16.60-0.57.1"/> 7251 <criterion test_ref="oval:org.opensuse.security:tst:2009056155" comment="kernel-syms less than 2.6.16.60-0.57.1"/> 7252 <criterion test_ref="oval:org.opensuse.security:tst:2009056158" comment="kernel-xen less than 2.6.16.60-0.57.1"/> 7253 <criterion test_ref="oval:org.opensuse.security:tst:2009056159" comment="kernel-xenpae less than 2.6.16.60-0.57.1"/> 7254 </criteria> 7255 </criteria> 7256 <!-- ddf0cfe0200a78301be8b1d7b78fb645 --> 7257 <criteria operator="AND"> 7258 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7259 <criteria operator="OR"> 7260 <criterion test_ref="oval:org.opensuse.security:tst:2009056150" comment="kernel-default less than 2.6.16.60-0.57.1"/> 7261 <criterion test_ref="oval:org.opensuse.security:tst:2009056157" comment="kernel-smp less than 2.6.16.60-0.57.1"/> 7262 <criterion test_ref="oval:org.opensuse.security:tst:2009056154" comment="kernel-source less than 2.6.16.60-0.57.1"/> 7263 <criterion test_ref="oval:org.opensuse.security:tst:2009056155" comment="kernel-syms less than 2.6.16.60-0.57.1"/> 7264 <criterion test_ref="oval:org.opensuse.security:tst:2009056158" comment="kernel-xen less than 2.6.16.60-0.57.1"/> 7265 </criteria> 7266 </criteria> 7267 </criteria> 7268 </definition> 7269 <definition id="oval:org.opensuse.security:def:20093549" version="1" class="vulnerability"> 7270 <metadata> 7271 <title>CVE-2009-3549</title> 7272 <affected family="unix"> 7273 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7274 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7275 </affected> 7276 <reference ref_id="CVE-2009-3549" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3549" source="CVE"/> 7277 <description> 7278 packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. 7279 </description> 7280 </metadata> 7281 <!-- 0417f6ab47e0cc6042fa19e603c81608 --> 7282 <criteria operator="AND"> 7283 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7284 <criterion test_ref="oval:org.opensuse.security:tst:2009056452" comment="ethereal less than 0.10.14-16.39.1"/> 7285 </criteria> 7286 </definition> 7287 <definition id="oval:org.opensuse.security:def:20093550" version="1" class="vulnerability"> 7288 <metadata> 7289 <title>CVE-2009-3550</title> 7290 <affected family="unix"> 7291 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7292 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7293 </affected> 7294 <reference ref_id="CVE-2009-3550" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3550" source="CVE"/> 7295 <description> 7296 The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information. 7297 </description> 7298 </metadata> 7299 <!-- 0417f6ab47e0cc6042fa19e603c81608 --> 7300 <criteria operator="AND"> 7301 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7302 <criterion test_ref="oval:org.opensuse.security:tst:2009056452" comment="ethereal less than 0.10.14-16.39.1"/> 7303 </criteria> 7304 </definition> 7305 <definition id="oval:org.opensuse.security:def:20093551" version="1" class="vulnerability"> 7306 <metadata> 7307 <title>CVE-2009-3551</title> 7308 <affected family="unix"> 7309 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7310 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7311 </affected> 7312 <reference ref_id="CVE-2009-3551" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3551" source="CVE"/> 7313 <description> 7314 Off-by-one error in the dissect_negprot_response function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information. 7315 </description> 7316 </metadata> 7317 <!-- 0417f6ab47e0cc6042fa19e603c81608 --> 7318 <criteria operator="AND"> 7319 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7320 <criterion test_ref="oval:org.opensuse.security:tst:2009056452" comment="ethereal less than 0.10.14-16.39.1"/> 7321 </criteria> 7322 </definition> 7323 <definition id="oval:org.opensuse.security:def:20093555" version="1" class="vulnerability"> 7324 <metadata> 7325 <title>CVE-2009-3555</title> 7326 <affected family="unix"> 7327 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7328 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7329 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 7330 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 7331 </affected> 7332 <reference ref_id="CVE-2009-3555" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555" source="CVE"/> 7333 <description> 7334 The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue. 7335 </description> 7336 </metadata> 7337 <criteria operator="OR"> 7338 <!-- 045df4135757c0ab62aa79c2419c1dad --> 7339 <criteria operator="AND"> 7340 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7341 <criteria operator="OR"> 7342 <criterion test_ref="oval:org.opensuse.security:tst:2009059228" comment="openssl-32bit less than 0.9.8a-18.42.2"/> 7343 <criterion test_ref="oval:org.opensuse.security:tst:2009059229" comment="openssl-devel-32bit less than 0.9.8a-18.42.2"/> 7344 <criterion test_ref="oval:org.opensuse.security:tst:2009059230" comment="openssl-devel less than 0.9.8a-18.42.2"/> 7345 <criterion test_ref="oval:org.opensuse.security:tst:2009059231" comment="openssl less than 0.9.8a-18.42.2"/> 7346 </criteria> 7347 </criteria> 7348 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 7349 <criteria operator="AND"> 7350 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7351 <criteria operator="OR"> 7352 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 7353 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 7354 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 7355 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 7356 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 7357 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 7358 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 7359 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 7360 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 7361 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 7362 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 7363 </criteria> 7364 </criteria> 7365 <!-- 4b65ef8ab087bd6b69fba574b61214de --> 7366 <criteria operator="AND"> 7367 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7368 <criteria operator="OR"> 7369 <criterion test_ref="oval:org.opensuse.security:tst:2009070720" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.2-0.4.1"/> 7370 <criterion test_ref="oval:org.opensuse.security:tst:2009070721" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.2-0.4.1"/> 7371 <criterion test_ref="oval:org.opensuse.security:tst:2009070722" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.2-0.4.1"/> 7372 <criterion test_ref="oval:org.opensuse.security:tst:2009070723" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.2-0.4.1"/> 7373 <criterion test_ref="oval:org.opensuse.security:tst:2009070724" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.2-0.4.1"/> 7374 <criterion test_ref="oval:org.opensuse.security:tst:2009070725" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.2-0.4.1"/> 7375 <criterion test_ref="oval:org.opensuse.security:tst:2009070726" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.2-0.4.1"/> 7376 <criterion test_ref="oval:org.opensuse.security:tst:2009070727" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.2-0.4.1"/> 7377 <criterion test_ref="oval:org.opensuse.security:tst:2009070728" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.2-0.4.1"/> 7378 <criterion test_ref="oval:org.opensuse.security:tst:2009070729" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.2-0.4.1"/> 7379 <criterion test_ref="oval:org.opensuse.security:tst:2009070730" comment="java-1_5_0-ibm less than 1.5.0_sr12.2-0.4.1"/> 7380 </criteria> 7381 </criteria> 7382 <!-- 51e57ecf5ce9b970237d90e5ee4acd5e --> 7383 <criteria operator="AND"> 7384 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7385 <criteria operator="OR"> 7386 <criterion test_ref="oval:org.opensuse.security:tst:2009059552" comment="mozilla-nss-32bit less than 3.12.6-3.4.1"/> 7387 <criterion test_ref="oval:org.opensuse.security:tst:2009059553" comment="mozilla-nss-devel less than 3.12.6-3.4.1"/> 7388 <criterion test_ref="oval:org.opensuse.security:tst:2009059554" comment="mozilla-nss-tools less than 3.12.6-3.4.1"/> 7389 <criterion test_ref="oval:org.opensuse.security:tst:2009059555" comment="mozilla-nss less than 3.12.6-3.4.1"/> 7390 </criteria> 7391 </criteria> 7392 <!-- 65e1119797680c75f5f7043e72c6987b --> 7393 <criteria operator="AND"> 7394 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7395 <criteria operator="OR"> 7396 <criterion test_ref="oval:org.opensuse.security:tst:2009059562" comment="mozilla-xulrunner190-32bit less than 1.9.0.19-0.4.1"/> 7397 <criterion test_ref="oval:org.opensuse.security:tst:2009059563" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.19-0.4.1"/> 7398 <criterion test_ref="oval:org.opensuse.security:tst:2009059564" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.19-0.4.1"/> 7399 <criterion test_ref="oval:org.opensuse.security:tst:2009059565" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.19-0.4.1"/> 7400 <criterion test_ref="oval:org.opensuse.security:tst:2009059566" comment="mozilla-xulrunner190-translations less than 1.9.0.19-0.4.1"/> 7401 <criterion test_ref="oval:org.opensuse.security:tst:2009059567" comment="mozilla-xulrunner190 less than 1.9.0.19-0.4.1"/> 7402 </criteria> 7403 </criteria> 7404 <!-- 6deef59a2e94ee7d0f87aa2f497078c7 --> 7405 <criteria operator="AND"> 7406 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 7407 <criteria operator="OR"> 7408 <criterion test_ref="oval:org.opensuse.security:tst:2009069579" comment="compat-openssl097g-32bit less than 0.9.7g-13.21.1"/> 7409 <criterion test_ref="oval:org.opensuse.security:tst:2009069580" comment="compat-openssl097g less than 0.9.7g-13.21.1"/> 7410 </criteria> 7411 </criteria> 7412 <!-- 7296a09b7cd71335b7d466c822ef3e7b --> 7413 <criteria operator="AND"> 7414 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7415 <criteria operator="OR"> 7416 <criterion test_ref="oval:org.opensuse.security:tst:2009065651" comment="gnutls-32bit less than 1.2.10-13.26.1"/> 7417 <criterion test_ref="oval:org.opensuse.security:tst:2009065652" comment="gnutls-devel-32bit less than 1.2.10-13.26.1"/> 7418 <criterion test_ref="oval:org.opensuse.security:tst:2009065653" comment="gnutls-devel less than 1.2.10-13.26.1"/> 7419 <criterion test_ref="oval:org.opensuse.security:tst:2009065654" comment="gnutls less than 1.2.10-13.26.1"/> 7420 </criteria> 7421 </criteria> 7422 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 7423 <criteria operator="AND"> 7424 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7425 <criteria operator="OR"> 7426 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 7427 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 7428 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 7429 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 7430 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 7431 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 7432 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 7433 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 7434 </criteria> 7435 </criteria> 7436 <!-- c053554d7ebb124457bc5983a3bd1377 --> 7437 <criteria operator="AND"> 7438 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7439 <criteria operator="OR"> 7440 <criterion test_ref="oval:org.opensuse.security:tst:2009059570" comment="MozillaFirefox-translations less than 3.5.9-0.4.1"/> 7441 <criterion test_ref="oval:org.opensuse.security:tst:2009059571" comment="MozillaFirefox less than 3.5.9-0.4.1"/> 7442 <criterion test_ref="oval:org.opensuse.security:tst:2009059572" comment="mozilla-xulrunner191-32bit less than 1.9.1.9-1.4.1"/> 7443 <criterion test_ref="oval:org.opensuse.security:tst:2009059573" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.9-1.4.1"/> 7444 <criterion test_ref="oval:org.opensuse.security:tst:2009059574" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.9-1.4.1"/> 7445 <criterion test_ref="oval:org.opensuse.security:tst:2009059575" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.9-1.4.1"/> 7446 <criterion test_ref="oval:org.opensuse.security:tst:2009059576" comment="mozilla-xulrunner191-translations less than 1.9.1.9-1.4.1"/> 7447 <criterion test_ref="oval:org.opensuse.security:tst:2009059577" comment="mozilla-xulrunner191 less than 1.9.1.9-1.4.1"/> 7448 </criteria> 7449 </criteria> 7450 <!-- c061b25f20728b088a7357bd5622663c --> 7451 <criteria operator="AND"> 7452 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7453 <criteria operator="OR"> 7454 <criterion test_ref="oval:org.opensuse.security:tst:2009056263" comment="compat-openssl097g-32bit less than 0.9.7g-13.19.1"/> 7455 <criterion test_ref="oval:org.opensuse.security:tst:2009056264" comment="compat-openssl097g less than 0.9.7g-13.19.1"/> 7456 </criteria> 7457 </criteria> 7458 <!-- f99093a5bf235f2d2471722a946414f0 --> 7459 <criteria operator="AND"> 7460 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7461 <criteria operator="OR"> 7462 <criterion test_ref="oval:org.opensuse.security:tst:2009056267" comment="openssl-32bit less than 0.9.8a-18.39.1"/> 7463 <criterion test_ref="oval:org.opensuse.security:tst:2009056268" comment="openssl-devel-32bit less than 0.9.8a-18.39.1"/> 7464 <criterion test_ref="oval:org.opensuse.security:tst:2009056269" comment="openssl-devel less than 0.9.8a-18.39.1"/> 7465 <criterion test_ref="oval:org.opensuse.security:tst:2009056270" comment="openssl less than 0.9.8a-18.39.1"/> 7466 </criteria> 7467 </criteria> 7468 </criteria> 7469 </definition> 7470 <definition id="oval:org.opensuse.security:def:20093556" version="1" class="vulnerability"> 7471 <metadata> 7472 <title>CVE-2009-3556</title> 7473 <affected family="unix"> 7474 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7475 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7476 </affected> 7477 <reference ref_id="CVE-2009-3556" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3556" source="CVE"/> 7478 <description> 7479 A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when N_Port ID Virtualization (NPIV) hardware is used, sets world-writable permissions for the (1) vport_create and (2) vport_delete files under /sys/class/scsi_host/, which allows local users to make arbitrary changes to SCSI host attributes by modifying these files. 7480 </description> 7481 </metadata> 7482 <criteria operator="OR"> 7483 <!-- 30110847005ad3a7ea7c5d1efd067ce1 --> 7484 <criteria operator="AND"> 7485 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7486 <criteria operator="OR"> 7487 <criterion test_ref="oval:org.opensuse.security:tst:2009059203" comment="kernel-default less than 2.6.16.60-0.60.1"/> 7488 <criterion test_ref="oval:org.opensuse.security:tst:2009059217" comment="kernel-smp less than 2.6.16.60-0.60.1"/> 7489 <criterion test_ref="oval:org.opensuse.security:tst:2009059207" comment="kernel-source less than 2.6.16.60-0.60.1"/> 7490 <criterion test_ref="oval:org.opensuse.security:tst:2009059208" comment="kernel-syms less than 2.6.16.60-0.60.1"/> 7491 <criterion test_ref="oval:org.opensuse.security:tst:2009059218" comment="kernel-xen less than 2.6.16.60-0.60.1"/> 7492 </criteria> 7493 </criteria> 7494 <!-- 44be42f54c5e35e6e551e68351bbd0e1 --> 7495 <criteria operator="AND"> 7496 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7497 <criteria operator="OR"> 7498 <criterion test_ref="oval:org.opensuse.security:tst:2009059220" comment="kernel-bigsmp less than 2.6.16.60-0.60.1"/> 7499 <criterion test_ref="oval:org.opensuse.security:tst:2009059203" comment="kernel-default less than 2.6.16.60-0.60.1"/> 7500 <criterion test_ref="oval:org.opensuse.security:tst:2009059217" comment="kernel-smp less than 2.6.16.60-0.60.1"/> 7501 <criterion test_ref="oval:org.opensuse.security:tst:2009059207" comment="kernel-source less than 2.6.16.60-0.60.1"/> 7502 <criterion test_ref="oval:org.opensuse.security:tst:2009059208" comment="kernel-syms less than 2.6.16.60-0.60.1"/> 7503 <criterion test_ref="oval:org.opensuse.security:tst:2009059218" comment="kernel-xen less than 2.6.16.60-0.60.1"/> 7504 <criterion test_ref="oval:org.opensuse.security:tst:2009059221" comment="kernel-xenpae less than 2.6.16.60-0.60.1"/> 7505 </criteria> 7506 </criteria> 7507 </criteria> 7508 </definition> 7509 <definition id="oval:org.opensuse.security:def:20093560" version="1" class="vulnerability"> 7510 <metadata> 7511 <title>CVE-2009-3560</title> 7512 <affected family="unix"> 7513 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7514 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7515 </affected> 7516 <reference ref_id="CVE-2009-3560" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560" source="CVE"/> 7517 <description> 7518 The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720. 7519 </description> 7520 </metadata> 7521 <criteria operator="OR"> 7522 <!-- 2bf3d4d93bd78d8c4ba85f2b470302a5 --> 7523 <criteria operator="AND"> 7524 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7525 <criteria operator="OR"> 7526 <criterion test_ref="oval:org.opensuse.security:tst:2009060392" comment="python-32bit less than 2.4.2-18.29.2"/> 7527 <criterion test_ref="oval:org.opensuse.security:tst:2009060393" comment="python-curses less than 2.4.2-18.29.2"/> 7528 <criterion test_ref="oval:org.opensuse.security:tst:2009060394" comment="python-devel less than 2.4.2-18.29.2"/> 7529 <criterion test_ref="oval:org.opensuse.security:tst:2009060395" comment="python-gdbm less than 2.4.2-18.29.2"/> 7530 <criterion test_ref="oval:org.opensuse.security:tst:2009060396" comment="python-tk less than 2.4.2-18.29.2"/> 7531 <criterion test_ref="oval:org.opensuse.security:tst:2009060397" comment="python-xml less than 2.4.2-18.29.2"/> 7532 <criterion test_ref="oval:org.opensuse.security:tst:2009060398" comment="python less than 2.4.2-18.29.2"/> 7533 </criteria> 7534 </criteria> 7535 <!-- 3639bd4a9da276a1b1610f2fa05250fe --> 7536 <criteria operator="AND"> 7537 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7538 <criterion test_ref="oval:org.opensuse.security:tst:2009056875" comment="pyxml less than 0.8.4-17.9.1"/> 7539 </criteria> 7540 <!-- 4b6a98144b056338e16faebd4e808fd6 --> 7541 <criteria operator="AND"> 7542 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7543 <criteria operator="OR"> 7544 <criterion test_ref="oval:org.opensuse.security:tst:2009060281" comment="libicecore less than 1.0.8-0.6.1"/> 7545 <criterion test_ref="oval:org.opensuse.security:tst:2009060282" comment="libiiclib less than 1.0.8-0.6.1"/> 7546 <criterion test_ref="oval:org.opensuse.security:tst:2009060283" comment="libiksemel less than 1.0.8-0.6.1"/> 7547 <criterion test_ref="oval:org.opensuse.security:tst:2009060284" comment="libnetlib less than 1.0.8-0.6.1"/> 7548 <criterion test_ref="oval:org.opensuse.security:tst:2009060285" comment="libxmlrpc less than 1.0.8-0.6.1"/> 7549 </criteria> 7550 </criteria> 7551 <!-- 820bf995b0b8ef652938ed9ac02c7290 --> 7552 <criteria operator="AND"> 7553 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7554 <criteria operator="OR"> 7555 <criterion test_ref="oval:org.opensuse.security:tst:2009057249" comment="expat-32bit less than 2.0.0-13.9.1"/> 7556 <criterion test_ref="oval:org.opensuse.security:tst:2009057250" comment="expat less than 2.0.0-13.9.1"/> 7557 </criteria> 7558 </criteria> 7559 <!-- ec0e6b56bef3a2f0abbec9124426a667 --> 7560 <criteria operator="AND"> 7561 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7562 <criteria operator="OR"> 7563 <criterion test_ref="oval:org.opensuse.security:tst:2009056853" comment="expat-32bit less than 2.0.0-13.8.1"/> 7564 <criterion test_ref="oval:org.opensuse.security:tst:2009056854" comment="expat less than 2.0.0-13.8.1"/> 7565 </criteria> 7566 </criteria> 7567 </criteria> 7568 </definition> 7569 <definition id="oval:org.opensuse.security:def:20093563" version="1" class="vulnerability"> 7570 <metadata> 7571 <title>CVE-2009-3563</title> 7572 <affected family="unix"> 7573 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7574 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7575 </affected> 7576 <reference ref_id="CVE-2009-3563" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563" source="CVE"/> 7577 <description> 7578 ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons. 7579 </description> 7580 </metadata> 7581 <!-- a60f56a5cbd62094d9b3667468cfec91 --> 7582 <criteria operator="AND"> 7583 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7584 <criterion test_ref="oval:org.opensuse.security:tst:2009056880" comment="xntp less than 4.2.4p3-48.15.1"/> 7585 </criteria> 7586 </definition> 7587 <definition id="oval:org.opensuse.security:def:20093603" version="1" class="vulnerability"> 7588 <metadata> 7589 <title>CVE-2009-3603</title> 7590 <affected family="unix"> 7591 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7592 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7593 </affected> 7594 <reference ref_id="CVE-2009-3603" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603" source="CVE"/> 7595 <description> 7596 Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188. 7597 </description> 7598 </metadata> 7599 <!-- ec68168613114b71d4f75d36708a4550 --> 7600 <criteria operator="AND"> 7601 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7602 <criterion test_ref="oval:org.opensuse.security:tst:2009056063" comment="xpdf-tools less than 3.01-21.23.2"/> 7603 </criteria> 7604 </definition> 7605 <definition id="oval:org.opensuse.security:def:20093604" version="1" class="vulnerability"> 7606 <metadata> 7607 <title>CVE-2009-3604</title> 7608 <affected family="unix"> 7609 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7610 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7611 </affected> 7612 <reference ref_id="CVE-2009-3604" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604" source="CVE"/> 7613 <description> 7614 The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow. 7615 </description> 7616 </metadata> 7617 <!-- ec68168613114b71d4f75d36708a4550 --> 7618 <criteria operator="AND"> 7619 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7620 <criterion test_ref="oval:org.opensuse.security:tst:2009056063" comment="xpdf-tools less than 3.01-21.23.2"/> 7621 </criteria> 7622 </definition> 7623 <definition id="oval:org.opensuse.security:def:20093605" version="1" class="vulnerability"> 7624 <metadata> 7625 <title>CVE-2009-3605</title> 7626 <affected family="unix"> 7627 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7628 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7629 </affected> 7630 <reference ref_id="CVE-2009-3605" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605" source="CVE"/> 7631 <description> 7632 Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791. 7633 </description> 7634 </metadata> 7635 <!-- ec68168613114b71d4f75d36708a4550 --> 7636 <criteria operator="AND"> 7637 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7638 <criterion test_ref="oval:org.opensuse.security:tst:2009056063" comment="xpdf-tools less than 3.01-21.23.2"/> 7639 </criteria> 7640 </definition> 7641 <definition id="oval:org.opensuse.security:def:20093606" version="1" class="vulnerability"> 7642 <metadata> 7643 <title>CVE-2009-3606</title> 7644 <affected family="unix"> 7645 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7646 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7647 </affected> 7648 <reference ref_id="CVE-2009-3606" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606" source="CVE"/> 7649 <description> 7650 Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. 7651 </description> 7652 </metadata> 7653 <!-- ec68168613114b71d4f75d36708a4550 --> 7654 <criteria operator="AND"> 7655 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7656 <criterion test_ref="oval:org.opensuse.security:tst:2009056063" comment="xpdf-tools less than 3.01-21.23.2"/> 7657 </criteria> 7658 </definition> 7659 <definition id="oval:org.opensuse.security:def:20093608" version="1" class="vulnerability"> 7660 <metadata> 7661 <title>CVE-2009-3608</title> 7662 <affected family="unix"> 7663 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7664 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7665 </affected> 7666 <reference ref_id="CVE-2009-3608" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608" source="CVE"/> 7667 <description> 7668 Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. 7669 </description> 7670 </metadata> 7671 <criteria operator="OR"> 7672 <!-- acb3f6410ae6c78670cfcceb8a8c1b20 --> 7673 <criteria operator="AND"> 7674 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7675 <criterion test_ref="oval:org.opensuse.security:tst:2009056247" comment="kdegraphics3-pdf less than 3.5.1-23.26.1"/> 7676 </criteria> 7677 <!-- e853ec612aaf89b8d57a41b0d2317728 --> 7678 <criteria operator="AND"> 7679 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7680 <criteria operator="OR"> 7681 <criterion test_ref="oval:org.opensuse.security:tst:2009057081" comment="poppler-devel less than 0.4.4-19.26.1"/> 7682 <criterion test_ref="oval:org.opensuse.security:tst:2009057082" comment="poppler-glib less than 0.4.4-19.26.1"/> 7683 <criterion test_ref="oval:org.opensuse.security:tst:2009057083" comment="poppler-qt less than 0.4.4-19.26.1"/> 7684 <criterion test_ref="oval:org.opensuse.security:tst:2009057084" comment="poppler less than 0.4.4-19.26.1"/> 7685 </criteria> 7686 </criteria> 7687 <!-- ec68168613114b71d4f75d36708a4550 --> 7688 <criteria operator="AND"> 7689 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7690 <criterion test_ref="oval:org.opensuse.security:tst:2009056063" comment="xpdf-tools less than 3.01-21.23.2"/> 7691 </criteria> 7692 </criteria> 7693 </definition> 7694 <definition id="oval:org.opensuse.security:def:20093609" version="1" class="vulnerability"> 7695 <metadata> 7696 <title>CVE-2009-3609</title> 7697 <affected family="unix"> 7698 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7699 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7700 </affected> 7701 <reference ref_id="CVE-2009-3609" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609" source="CVE"/> 7702 <description> 7703 Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read. 7704 </description> 7705 </metadata> 7706 <criteria operator="OR"> 7707 <!-- acb3f6410ae6c78670cfcceb8a8c1b20 --> 7708 <criteria operator="AND"> 7709 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7710 <criterion test_ref="oval:org.opensuse.security:tst:2009056247" comment="kdegraphics3-pdf less than 3.5.1-23.26.1"/> 7711 </criteria> 7712 <!-- d08f63f2bc0b4ca434e47aa9eb4c37c4 --> 7713 <criteria operator="AND"> 7714 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7715 <criteria operator="OR"> 7716 <criterion test_ref="oval:org.opensuse.security:tst:2009056936" comment="cups-client less than 1.1.23-40.59.8"/> 7717 <criterion test_ref="oval:org.opensuse.security:tst:2009056937" comment="cups-devel less than 1.1.23-40.59.8"/> 7718 <criterion test_ref="oval:org.opensuse.security:tst:2009056938" comment="cups-libs-32bit less than 1.1.23-40.59.8"/> 7719 <criterion test_ref="oval:org.opensuse.security:tst:2009056939" comment="cups-libs less than 1.1.23-40.59.8"/> 7720 <criterion test_ref="oval:org.opensuse.security:tst:2009056940" comment="cups less than 1.1.23-40.59.8"/> 7721 </criteria> 7722 </criteria> 7723 <!-- ec68168613114b71d4f75d36708a4550 --> 7724 <criteria operator="AND"> 7725 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7726 <criterion test_ref="oval:org.opensuse.security:tst:2009056063" comment="xpdf-tools less than 3.01-21.23.2"/> 7727 </criteria> 7728 </criteria> 7729 </definition> 7730 <definition id="oval:org.opensuse.security:def:20093612" version="1" class="vulnerability"> 7731 <metadata> 7732 <title>CVE-2009-3612</title> 7733 <affected family="unix"> 7734 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7735 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7736 </affected> 7737 <reference ref_id="CVE-2009-3612" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3612" source="CVE"/> 7738 <description> 7739 The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2005-4881. 7740 </description> 7741 </metadata> 7742 <criteria operator="OR"> 7743 <!-- 1f3d0df322cdf35f54c2baec92610fa0 --> 7744 <criteria operator="AND"> 7745 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7746 <criteria operator="OR"> 7747 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 7748 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 7749 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 7750 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 7751 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 7752 </criteria> 7753 </criteria> 7754 <!-- 7a612881db49bcc0dd76d517d881465e --> 7755 <criteria operator="AND"> 7756 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7757 <criteria operator="OR"> 7758 <criterion test_ref="oval:org.opensuse.security:tst:2009056864" comment="kernel-bigsmp less than 2.6.16.60-0.58.1"/> 7759 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 7760 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 7761 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 7762 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 7763 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 7764 <criterion test_ref="oval:org.opensuse.security:tst:2009056865" comment="kernel-xenpae less than 2.6.16.60-0.58.1"/> 7765 </criteria> 7766 </criteria> 7767 </criteria> 7768 </definition> 7769 <definition id="oval:org.opensuse.security:def:20093615" version="1" class="vulnerability"> 7770 <metadata> 7771 <title>CVE-2009-3615</title> 7772 <affected family="unix"> 7773 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7774 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7775 </affected> 7776 <reference ref_id="CVE-2009-3615" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3615" source="CVE"/> 7777 <description> 7778 The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client. 7779 </description> 7780 </metadata> 7781 <!-- 9b89dca2177efa5da444e8dfb83b1662 --> 7782 <criteria operator="AND"> 7783 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7784 <criteria operator="OR"> 7785 <criterion test_ref="oval:org.opensuse.security:tst:2009056814" comment="finch less than 2.6.3-0.5.1"/> 7786 <criterion test_ref="oval:org.opensuse.security:tst:2009056815" comment="libpurple less than 2.6.3-0.5.1"/> 7787 <criterion test_ref="oval:org.opensuse.security:tst:2009056816" comment="pidgin less than 2.6.3-0.5.1"/> 7788 </criteria> 7789 </criteria> 7790 </definition> 7791 <definition id="oval:org.opensuse.security:def:20093620" version="1" class="vulnerability"> 7792 <metadata> 7793 <title>CVE-2009-3620</title> 7794 <affected family="unix"> 7795 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7796 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7797 </affected> 7798 <reference ref_id="CVE-2009-3620" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3620" source="CVE"/> 7799 <description> 7800 The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls. 7801 </description> 7802 </metadata> 7803 <criteria operator="OR"> 7804 <!-- 1f3d0df322cdf35f54c2baec92610fa0 --> 7805 <criteria operator="AND"> 7806 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7807 <criteria operator="OR"> 7808 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 7809 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 7810 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 7811 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 7812 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 7813 </criteria> 7814 </criteria> 7815 <!-- 7a612881db49bcc0dd76d517d881465e --> 7816 <criteria operator="AND"> 7817 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7818 <criteria operator="OR"> 7819 <criterion test_ref="oval:org.opensuse.security:tst:2009056864" comment="kernel-bigsmp less than 2.6.16.60-0.58.1"/> 7820 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 7821 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 7822 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 7823 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 7824 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 7825 <criterion test_ref="oval:org.opensuse.security:tst:2009056865" comment="kernel-xenpae less than 2.6.16.60-0.58.1"/> 7826 </criteria> 7827 </criteria> 7828 </criteria> 7829 </definition> 7830 <definition id="oval:org.opensuse.security:def:20093621" version="1" class="vulnerability"> 7831 <metadata> 7832 <title>CVE-2009-3621</title> 7833 <affected family="unix"> 7834 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7835 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7836 </affected> 7837 <reference ref_id="CVE-2009-3621" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3621" source="CVE"/> 7838 <description> 7839 net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket. 7840 </description> 7841 </metadata> 7842 <criteria operator="OR"> 7843 <!-- 1f3d0df322cdf35f54c2baec92610fa0 --> 7844 <criteria operator="AND"> 7845 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7846 <criteria operator="OR"> 7847 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 7848 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 7849 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 7850 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 7851 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 7852 </criteria> 7853 </criteria> 7854 <!-- 7a612881db49bcc0dd76d517d881465e --> 7855 <criteria operator="AND"> 7856 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7857 <criteria operator="OR"> 7858 <criterion test_ref="oval:org.opensuse.security:tst:2009056864" comment="kernel-bigsmp less than 2.6.16.60-0.58.1"/> 7859 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 7860 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 7861 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 7862 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 7863 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 7864 <criterion test_ref="oval:org.opensuse.security:tst:2009056865" comment="kernel-xenpae less than 2.6.16.60-0.58.1"/> 7865 </criteria> 7866 </criteria> 7867 </criteria> 7868 </definition> 7869 <definition id="oval:org.opensuse.security:def:20093627" version="1" class="vulnerability"> 7870 <metadata> 7871 <title>CVE-2009-3627</title> 7872 <affected family="unix"> 7873 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7874 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7875 </affected> 7876 <reference ref_id="CVE-2009-3627" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3627" source="CVE"/> 7877 <description> 7878 The decode_entities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service (infinite loop) via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character. 7879 </description> 7880 </metadata> 7881 <!-- c1fba3f81350b7a36c5028892ca260fc --> 7882 <criteria operator="AND"> 7883 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7884 <criterion test_ref="oval:org.opensuse.security:tst:2009056805" comment="perl-HTML-Parser less than 3.48-12.7.1"/> 7885 </criteria> 7886 </definition> 7887 <definition id="oval:org.opensuse.security:def:20093720" version="1" class="vulnerability"> 7888 <metadata> 7889 <title>CVE-2009-3720</title> 7890 <affected family="unix"> 7891 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7892 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7893 </affected> 7894 <reference ref_id="CVE-2009-3720" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720" source="CVE"/> 7895 <description> 7896 The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625. 7897 </description> 7898 </metadata> 7899 <criteria operator="OR"> 7900 <!-- 2bf3d4d93bd78d8c4ba85f2b470302a5 --> 7901 <criteria operator="AND"> 7902 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7903 <criteria operator="OR"> 7904 <criterion test_ref="oval:org.opensuse.security:tst:2009060392" comment="python-32bit less than 2.4.2-18.29.2"/> 7905 <criterion test_ref="oval:org.opensuse.security:tst:2009060393" comment="python-curses less than 2.4.2-18.29.2"/> 7906 <criterion test_ref="oval:org.opensuse.security:tst:2009060394" comment="python-devel less than 2.4.2-18.29.2"/> 7907 <criterion test_ref="oval:org.opensuse.security:tst:2009060395" comment="python-gdbm less than 2.4.2-18.29.2"/> 7908 <criterion test_ref="oval:org.opensuse.security:tst:2009060396" comment="python-tk less than 2.4.2-18.29.2"/> 7909 <criterion test_ref="oval:org.opensuse.security:tst:2009060397" comment="python-xml less than 2.4.2-18.29.2"/> 7910 <criterion test_ref="oval:org.opensuse.security:tst:2009060398" comment="python less than 2.4.2-18.29.2"/> 7911 </criteria> 7912 </criteria> 7913 <!-- 3639bd4a9da276a1b1610f2fa05250fe --> 7914 <criteria operator="AND"> 7915 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7916 <criterion test_ref="oval:org.opensuse.security:tst:2009056875" comment="pyxml less than 0.8.4-17.9.1"/> 7917 </criteria> 7918 <!-- 4b6a98144b056338e16faebd4e808fd6 --> 7919 <criteria operator="AND"> 7920 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7921 <criteria operator="OR"> 7922 <criterion test_ref="oval:org.opensuse.security:tst:2009060281" comment="libicecore less than 1.0.8-0.6.1"/> 7923 <criterion test_ref="oval:org.opensuse.security:tst:2009060282" comment="libiiclib less than 1.0.8-0.6.1"/> 7924 <criterion test_ref="oval:org.opensuse.security:tst:2009060283" comment="libiksemel less than 1.0.8-0.6.1"/> 7925 <criterion test_ref="oval:org.opensuse.security:tst:2009060284" comment="libnetlib less than 1.0.8-0.6.1"/> 7926 <criterion test_ref="oval:org.opensuse.security:tst:2009060285" comment="libxmlrpc less than 1.0.8-0.6.1"/> 7927 </criteria> 7928 </criteria> 7929 <!-- f94e65884b9f736b165e780f6ebf1e36 --> 7930 <criteria operator="AND"> 7931 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7932 <criteria operator="OR"> 7933 <criterion test_ref="oval:org.opensuse.security:tst:2009056341" comment="expat-32bit less than 2.0.0-13.7.1"/> 7934 <criterion test_ref="oval:org.opensuse.security:tst:2009056342" comment="expat less than 2.0.0-13.7.1"/> 7935 </criteria> 7936 </criteria> 7937 </criteria> 7938 </definition> 7939 <definition id="oval:org.opensuse.security:def:20093726" version="1" class="vulnerability"> 7940 <metadata> 7941 <title>CVE-2009-3726</title> 7942 <affected family="unix"> 7943 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7944 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7945 </affected> 7946 <reference ref_id="CVE-2009-3726" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3726" source="CVE"/> 7947 <description> 7948 The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state. 7949 </description> 7950 </metadata> 7951 <criteria operator="OR"> 7952 <!-- 1f3d0df322cdf35f54c2baec92610fa0 --> 7953 <criteria operator="AND"> 7954 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7955 <criteria operator="OR"> 7956 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 7957 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 7958 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 7959 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 7960 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 7961 </criteria> 7962 </criteria> 7963 <!-- 7a612881db49bcc0dd76d517d881465e --> 7964 <criteria operator="AND"> 7965 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7966 <criteria operator="OR"> 7967 <criterion test_ref="oval:org.opensuse.security:tst:2009056864" comment="kernel-bigsmp less than 2.6.16.60-0.58.1"/> 7968 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 7969 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 7970 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 7971 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 7972 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 7973 <criterion test_ref="oval:org.opensuse.security:tst:2009056865" comment="kernel-xenpae less than 2.6.16.60-0.58.1"/> 7974 </criteria> 7975 </criteria> 7976 </criteria> 7977 </definition> 7978 <definition id="oval:org.opensuse.security:def:20093736" version="1" class="vulnerability"> 7979 <metadata> 7980 <title>CVE-2009-3736</title> 7981 <affected family="unix"> 7982 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 7983 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 7984 </affected> 7985 <reference ref_id="CVE-2009-3736" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736" source="CVE"/> 7986 <description> 7987 ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file. 7988 </description> 7989 </metadata> 7990 <!-- 1232434f1a9adbb5ef92fe6f2b438090 --> 7991 <criteria operator="AND"> 7992 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 7993 <criteria operator="OR"> 7994 <criterion test_ref="oval:org.opensuse.security:tst:2009057125" comment="libtool-32bit less than 1.5.22-13.16.1"/> 7995 <criterion test_ref="oval:org.opensuse.security:tst:2009057126" comment="libtool less than 1.5.22-13.16.1"/> 7996 </criteria> 7997 </criteria> 7998 </definition> 7999 <definition id="oval:org.opensuse.security:def:20093743" version="1" class="vulnerability"> 8000 <metadata> 8001 <title>CVE-2009-3743</title> 8002 <affected family="unix"> 8003 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 8004 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 8005 </affected> 8006 <reference ref_id="CVE-2009-3743" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3743" source="CVE"/> 8007 <description> 8008 Off-by-one error in the Ins_MINDEX function in the TrueType bytecode interpreter in Ghostscript before 8.71 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed TrueType font in a document that trigger an integer overflow and a heap-based buffer overflow. 8009 </description> 8010 </metadata> 8011 <!-- ed33b07c67b3e3c685b564c2b6d267ec --> 8012 <criteria operator="AND"> 8013 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 8014 <criteria operator="OR"> 8015 <criterion test_ref="oval:org.opensuse.security:tst:2009073813" comment="ghostscript-fonts-other less than 8.15.4-16.14.1"/> 8016 <criterion test_ref="oval:org.opensuse.security:tst:2009073814" comment="ghostscript-fonts-std less than 8.15.4-16.14.1"/> 8017 <criterion test_ref="oval:org.opensuse.security:tst:2009073815" comment="ghostscript-library less than 8.15.4-16.14.1"/> 8018 <criterion test_ref="oval:org.opensuse.security:tst:2009073816" comment="ghostscript-x11 less than 8.15.4-16.14.1"/> 8019 <criterion test_ref="oval:org.opensuse.security:tst:2009073817" comment="libgimpprint less than 4.2.7-62.14.1"/> 8020 </criteria> 8021 </criteria> 8022 </definition> 8023 <definition id="oval:org.opensuse.security:def:20093793" version="1" class="vulnerability"> 8024 <metadata> 8025 <title>CVE-2009-3793</title> 8026 <affected family="unix"> 8027 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8028 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8029 </affected> 8030 <reference ref_id="CVE-2009-3793" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3793" source="CVE"/> 8031 <description> 8032 Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory consumption) or possibly execute arbitrary code via unknown vectors. 8033 </description> 8034 </metadata> 8035 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 8036 <criteria operator="AND"> 8037 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8038 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 8039 </criteria> 8040 </definition> 8041 <definition id="oval:org.opensuse.security:def:20093794" version="1" class="vulnerability"> 8042 <metadata> 8043 <title>CVE-2009-3794</title> 8044 <affected family="unix"> 8045 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8046 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8047 </affected> 8048 <reference ref_id="CVE-2009-3794" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3794" source="CVE"/> 8049 <description> 8050 Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file. 8051 </description> 8052 </metadata> 8053 <!-- 4f8ea51c70b690cd3ab328933e9d624d --> 8054 <criteria operator="AND"> 8055 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8056 <criterion test_ref="oval:org.opensuse.security:tst:2009057177" comment="flash-player less than 9.0.260.0-0.4.1"/> 8057 </criteria> 8058 </definition> 8059 <definition id="oval:org.opensuse.security:def:20093796" version="1" class="vulnerability"> 8060 <metadata> 8061 <title>CVE-2009-3796</title> 8062 <affected family="unix"> 8063 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8064 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8065 </affected> 8066 <reference ref_id="CVE-2009-3796" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3796" source="CVE"/> 8067 <description> 8068 Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors, related to a "data injection vulnerability." 8069 </description> 8070 </metadata> 8071 <!-- 4f8ea51c70b690cd3ab328933e9d624d --> 8072 <criteria operator="AND"> 8073 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8074 <criterion test_ref="oval:org.opensuse.security:tst:2009057177" comment="flash-player less than 9.0.260.0-0.4.1"/> 8075 </criteria> 8076 </definition> 8077 <definition id="oval:org.opensuse.security:def:20093797" version="1" class="vulnerability"> 8078 <metadata> 8079 <title>CVE-2009-3797</title> 8080 <affected family="unix"> 8081 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8082 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8083 </affected> 8084 <reference ref_id="CVE-2009-3797" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3797" source="CVE"/> 8085 <description> 8086 Adobe Flash Player 10.x before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption. 8087 </description> 8088 </metadata> 8089 <!-- 4f8ea51c70b690cd3ab328933e9d624d --> 8090 <criteria operator="AND"> 8091 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8092 <criterion test_ref="oval:org.opensuse.security:tst:2009057177" comment="flash-player less than 9.0.260.0-0.4.1"/> 8093 </criteria> 8094 </definition> 8095 <definition id="oval:org.opensuse.security:def:20093798" version="1" class="vulnerability"> 8096 <metadata> 8097 <title>CVE-2009-3798</title> 8098 <affected family="unix"> 8099 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8100 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8101 </affected> 8102 <reference ref_id="CVE-2009-3798" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3798" source="CVE"/> 8103 <description> 8104 Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption. 8105 </description> 8106 </metadata> 8107 <!-- 4f8ea51c70b690cd3ab328933e9d624d --> 8108 <criteria operator="AND"> 8109 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8110 <criterion test_ref="oval:org.opensuse.security:tst:2009057177" comment="flash-player less than 9.0.260.0-0.4.1"/> 8111 </criteria> 8112 </definition> 8113 <definition id="oval:org.opensuse.security:def:20093799" version="1" class="vulnerability"> 8114 <metadata> 8115 <title>CVE-2009-3799</title> 8116 <affected family="unix"> 8117 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8118 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8119 </affected> 8120 <reference ref_id="CVE-2009-3799" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3799" source="CVE"/> 8121 <description> 8122 Integer overflow in the Verifier::parseExceptionHandlers function in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via an SWF file with a large exception_count value that triggers memory corruption, related to "generation of ActionScript exception handlers." 8123 </description> 8124 </metadata> 8125 <!-- 4f8ea51c70b690cd3ab328933e9d624d --> 8126 <criteria operator="AND"> 8127 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8128 <criterion test_ref="oval:org.opensuse.security:tst:2009057177" comment="flash-player less than 9.0.260.0-0.4.1"/> 8129 </criteria> 8130 </definition> 8131 <definition id="oval:org.opensuse.security:def:20093800" version="1" class="vulnerability"> 8132 <metadata> 8133 <title>CVE-2009-3800</title> 8134 <affected family="unix"> 8135 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8136 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8137 </affected> 8138 <reference ref_id="CVE-2009-3800" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3800" source="CVE"/> 8139 <description> 8140 Multiple unspecified vulnerabilities in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allow attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. 8141 </description> 8142 </metadata> 8143 <!-- 4f8ea51c70b690cd3ab328933e9d624d --> 8144 <criteria operator="AND"> 8145 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8146 <criterion test_ref="oval:org.opensuse.security:tst:2009057177" comment="flash-player less than 9.0.260.0-0.4.1"/> 8147 </criteria> 8148 </definition> 8149 <definition id="oval:org.opensuse.security:def:20093867" version="1" class="vulnerability"> 8150 <metadata> 8151 <title>CVE-2009-3867</title> 8152 <affected family="unix"> 8153 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8154 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8155 </affected> 8156 <reference ref_id="CVE-2009-3867" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3867" source="CVE"/> 8157 <description> 8158 Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303. 8159 </description> 8160 </metadata> 8161 <!-- af469401da197afd4006ef4ae0c61aaa --> 8162 <criteria operator="AND"> 8163 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8164 <criteria operator="OR"> 8165 <criterion test_ref="oval:org.opensuse.security:tst:2009057019" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11-0.4.2"/> 8166 <criterion test_ref="oval:org.opensuse.security:tst:2009057020" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11-0.4.2"/> 8167 <criterion test_ref="oval:org.opensuse.security:tst:2009057021" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11-0.4.2"/> 8168 <criterion test_ref="oval:org.opensuse.security:tst:2009057022" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11-0.4.2"/> 8169 <criterion test_ref="oval:org.opensuse.security:tst:2009057023" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11-0.4.2"/> 8170 <criterion test_ref="oval:org.opensuse.security:tst:2009057024" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11-0.4.2"/> 8171 <criterion test_ref="oval:org.opensuse.security:tst:2009057025" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11-0.4.2"/> 8172 <criterion test_ref="oval:org.opensuse.security:tst:2009057026" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11-0.4.2"/> 8173 <criterion test_ref="oval:org.opensuse.security:tst:2009057027" comment="java-1_5_0-ibm-src less than 1.5.0_sr11-0.4.2"/> 8174 <criterion test_ref="oval:org.opensuse.security:tst:2009057028" comment="java-1_5_0-ibm less than 1.5.0_sr11-0.4.2"/> 8175 </criteria> 8176 </criteria> 8177 </definition> 8178 <definition id="oval:org.opensuse.security:def:20093868" version="1" class="vulnerability"> 8179 <metadata> 8180 <title>CVE-2009-3868</title> 8181 <affected family="unix"> 8182 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8183 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8184 </affected> 8185 <reference ref_id="CVE-2009-3868" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3868" source="CVE"/> 8186 <description> 8187 Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970. 8188 </description> 8189 </metadata> 8190 <!-- af469401da197afd4006ef4ae0c61aaa --> 8191 <criteria operator="AND"> 8192 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8193 <criteria operator="OR"> 8194 <criterion test_ref="oval:org.opensuse.security:tst:2009057019" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11-0.4.2"/> 8195 <criterion test_ref="oval:org.opensuse.security:tst:2009057020" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11-0.4.2"/> 8196 <criterion test_ref="oval:org.opensuse.security:tst:2009057021" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11-0.4.2"/> 8197 <criterion test_ref="oval:org.opensuse.security:tst:2009057022" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11-0.4.2"/> 8198 <criterion test_ref="oval:org.opensuse.security:tst:2009057023" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11-0.4.2"/> 8199 <criterion test_ref="oval:org.opensuse.security:tst:2009057024" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11-0.4.2"/> 8200 <criterion test_ref="oval:org.opensuse.security:tst:2009057025" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11-0.4.2"/> 8201 <criterion test_ref="oval:org.opensuse.security:tst:2009057026" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11-0.4.2"/> 8202 <criterion test_ref="oval:org.opensuse.security:tst:2009057027" comment="java-1_5_0-ibm-src less than 1.5.0_sr11-0.4.2"/> 8203 <criterion test_ref="oval:org.opensuse.security:tst:2009057028" comment="java-1_5_0-ibm less than 1.5.0_sr11-0.4.2"/> 8204 </criteria> 8205 </criteria> 8206 </definition> 8207 <definition id="oval:org.opensuse.security:def:20093869" version="1" class="vulnerability"> 8208 <metadata> 8209 <title>CVE-2009-3869</title> 8210 <affected family="unix"> 8211 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8212 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8213 </affected> 8214 <reference ref_id="CVE-2009-3869" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3869" source="CVE"/> 8215 <description> 8216 Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357. 8217 </description> 8218 </metadata> 8219 <!-- af469401da197afd4006ef4ae0c61aaa --> 8220 <criteria operator="AND"> 8221 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8222 <criteria operator="OR"> 8223 <criterion test_ref="oval:org.opensuse.security:tst:2009057019" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11-0.4.2"/> 8224 <criterion test_ref="oval:org.opensuse.security:tst:2009057020" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11-0.4.2"/> 8225 <criterion test_ref="oval:org.opensuse.security:tst:2009057021" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11-0.4.2"/> 8226 <criterion test_ref="oval:org.opensuse.security:tst:2009057022" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11-0.4.2"/> 8227 <criterion test_ref="oval:org.opensuse.security:tst:2009057023" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11-0.4.2"/> 8228 <criterion test_ref="oval:org.opensuse.security:tst:2009057024" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11-0.4.2"/> 8229 <criterion test_ref="oval:org.opensuse.security:tst:2009057025" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11-0.4.2"/> 8230 <criterion test_ref="oval:org.opensuse.security:tst:2009057026" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11-0.4.2"/> 8231 <criterion test_ref="oval:org.opensuse.security:tst:2009057027" comment="java-1_5_0-ibm-src less than 1.5.0_sr11-0.4.2"/> 8232 <criterion test_ref="oval:org.opensuse.security:tst:2009057028" comment="java-1_5_0-ibm less than 1.5.0_sr11-0.4.2"/> 8233 </criteria> 8234 </criteria> 8235 </definition> 8236 <definition id="oval:org.opensuse.security:def:20093871" version="1" class="vulnerability"> 8237 <metadata> 8238 <title>CVE-2009-3871</title> 8239 <affected family="unix"> 8240 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8241 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8242 </affected> 8243 <reference ref_id="CVE-2009-3871" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3871" source="CVE"/> 8244 <description> 8245 Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358. 8246 </description> 8247 </metadata> 8248 <!-- af469401da197afd4006ef4ae0c61aaa --> 8249 <criteria operator="AND"> 8250 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8251 <criteria operator="OR"> 8252 <criterion test_ref="oval:org.opensuse.security:tst:2009057019" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11-0.4.2"/> 8253 <criterion test_ref="oval:org.opensuse.security:tst:2009057020" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11-0.4.2"/> 8254 <criterion test_ref="oval:org.opensuse.security:tst:2009057021" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11-0.4.2"/> 8255 <criterion test_ref="oval:org.opensuse.security:tst:2009057022" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11-0.4.2"/> 8256 <criterion test_ref="oval:org.opensuse.security:tst:2009057023" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11-0.4.2"/> 8257 <criterion test_ref="oval:org.opensuse.security:tst:2009057024" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11-0.4.2"/> 8258 <criterion test_ref="oval:org.opensuse.security:tst:2009057025" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11-0.4.2"/> 8259 <criterion test_ref="oval:org.opensuse.security:tst:2009057026" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11-0.4.2"/> 8260 <criterion test_ref="oval:org.opensuse.security:tst:2009057027" comment="java-1_5_0-ibm-src less than 1.5.0_sr11-0.4.2"/> 8261 <criterion test_ref="oval:org.opensuse.security:tst:2009057028" comment="java-1_5_0-ibm less than 1.5.0_sr11-0.4.2"/> 8262 </criteria> 8263 </criteria> 8264 </definition> 8265 <definition id="oval:org.opensuse.security:def:20093872" version="1" class="vulnerability"> 8266 <metadata> 8267 <title>CVE-2009-3872</title> 8268 <affected family="unix"> 8269 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8270 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8271 </affected> 8272 <reference ref_id="CVE-2009-3872" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3872" source="CVE"/> 8273 <description> 8274 Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969. 8275 </description> 8276 </metadata> 8277 <!-- af469401da197afd4006ef4ae0c61aaa --> 8278 <criteria operator="AND"> 8279 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8280 <criteria operator="OR"> 8281 <criterion test_ref="oval:org.opensuse.security:tst:2009057019" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11-0.4.2"/> 8282 <criterion test_ref="oval:org.opensuse.security:tst:2009057020" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11-0.4.2"/> 8283 <criterion test_ref="oval:org.opensuse.security:tst:2009057021" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11-0.4.2"/> 8284 <criterion test_ref="oval:org.opensuse.security:tst:2009057022" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11-0.4.2"/> 8285 <criterion test_ref="oval:org.opensuse.security:tst:2009057023" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11-0.4.2"/> 8286 <criterion test_ref="oval:org.opensuse.security:tst:2009057024" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11-0.4.2"/> 8287 <criterion test_ref="oval:org.opensuse.security:tst:2009057025" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11-0.4.2"/> 8288 <criterion test_ref="oval:org.opensuse.security:tst:2009057026" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11-0.4.2"/> 8289 <criterion test_ref="oval:org.opensuse.security:tst:2009057027" comment="java-1_5_0-ibm-src less than 1.5.0_sr11-0.4.2"/> 8290 <criterion test_ref="oval:org.opensuse.security:tst:2009057028" comment="java-1_5_0-ibm less than 1.5.0_sr11-0.4.2"/> 8291 </criteria> 8292 </criteria> 8293 </definition> 8294 <definition id="oval:org.opensuse.security:def:20093873" version="1" class="vulnerability"> 8295 <metadata> 8296 <title>CVE-2009-3873</title> 8297 <affected family="unix"> 8298 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8299 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8300 </affected> 8301 <reference ref_id="CVE-2009-3873" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3873" source="CVE"/> 8302 <description> 8303 The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem," aka Bug Id 6862968. 8304 </description> 8305 </metadata> 8306 <!-- af469401da197afd4006ef4ae0c61aaa --> 8307 <criteria operator="AND"> 8308 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8309 <criteria operator="OR"> 8310 <criterion test_ref="oval:org.opensuse.security:tst:2009057019" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11-0.4.2"/> 8311 <criterion test_ref="oval:org.opensuse.security:tst:2009057020" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11-0.4.2"/> 8312 <criterion test_ref="oval:org.opensuse.security:tst:2009057021" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11-0.4.2"/> 8313 <criterion test_ref="oval:org.opensuse.security:tst:2009057022" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11-0.4.2"/> 8314 <criterion test_ref="oval:org.opensuse.security:tst:2009057023" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11-0.4.2"/> 8315 <criterion test_ref="oval:org.opensuse.security:tst:2009057024" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11-0.4.2"/> 8316 <criterion test_ref="oval:org.opensuse.security:tst:2009057025" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11-0.4.2"/> 8317 <criterion test_ref="oval:org.opensuse.security:tst:2009057026" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11-0.4.2"/> 8318 <criterion test_ref="oval:org.opensuse.security:tst:2009057027" comment="java-1_5_0-ibm-src less than 1.5.0_sr11-0.4.2"/> 8319 <criterion test_ref="oval:org.opensuse.security:tst:2009057028" comment="java-1_5_0-ibm less than 1.5.0_sr11-0.4.2"/> 8320 </criteria> 8321 </criteria> 8322 </definition> 8323 <definition id="oval:org.opensuse.security:def:20093874" version="1" class="vulnerability"> 8324 <metadata> 8325 <title>CVE-2009-3874</title> 8326 <affected family="unix"> 8327 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8328 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8329 </affected> 8330 <reference ref_id="CVE-2009-3874" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3874" source="CVE"/> 8331 <description> 8332 Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643. 8333 </description> 8334 </metadata> 8335 <!-- af469401da197afd4006ef4ae0c61aaa --> 8336 <criteria operator="AND"> 8337 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8338 <criteria operator="OR"> 8339 <criterion test_ref="oval:org.opensuse.security:tst:2009057019" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11-0.4.2"/> 8340 <criterion test_ref="oval:org.opensuse.security:tst:2009057020" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11-0.4.2"/> 8341 <criterion test_ref="oval:org.opensuse.security:tst:2009057021" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11-0.4.2"/> 8342 <criterion test_ref="oval:org.opensuse.security:tst:2009057022" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11-0.4.2"/> 8343 <criterion test_ref="oval:org.opensuse.security:tst:2009057023" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11-0.4.2"/> 8344 <criterion test_ref="oval:org.opensuse.security:tst:2009057024" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11-0.4.2"/> 8345 <criterion test_ref="oval:org.opensuse.security:tst:2009057025" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11-0.4.2"/> 8346 <criterion test_ref="oval:org.opensuse.security:tst:2009057026" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11-0.4.2"/> 8347 <criterion test_ref="oval:org.opensuse.security:tst:2009057027" comment="java-1_5_0-ibm-src less than 1.5.0_sr11-0.4.2"/> 8348 <criterion test_ref="oval:org.opensuse.security:tst:2009057028" comment="java-1_5_0-ibm less than 1.5.0_sr11-0.4.2"/> 8349 </criteria> 8350 </criteria> 8351 </definition> 8352 <definition id="oval:org.opensuse.security:def:20093875" version="1" class="vulnerability"> 8353 <metadata> 8354 <title>CVE-2009-3875</title> 8355 <affected family="unix"> 8356 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8357 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8358 </affected> 8359 <reference ref_id="CVE-2009-3875" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3875" source="CVE"/> 8360 <description> 8361 The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possibly bypass authentication, via unspecified vectors related to "timing attack vulnerabilities," aka Bug Id 6863503. 8362 </description> 8363 </metadata> 8364 <!-- af469401da197afd4006ef4ae0c61aaa --> 8365 <criteria operator="AND"> 8366 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8367 <criteria operator="OR"> 8368 <criterion test_ref="oval:org.opensuse.security:tst:2009057019" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11-0.4.2"/> 8369 <criterion test_ref="oval:org.opensuse.security:tst:2009057020" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11-0.4.2"/> 8370 <criterion test_ref="oval:org.opensuse.security:tst:2009057021" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11-0.4.2"/> 8371 <criterion test_ref="oval:org.opensuse.security:tst:2009057022" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11-0.4.2"/> 8372 <criterion test_ref="oval:org.opensuse.security:tst:2009057023" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11-0.4.2"/> 8373 <criterion test_ref="oval:org.opensuse.security:tst:2009057024" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11-0.4.2"/> 8374 <criterion test_ref="oval:org.opensuse.security:tst:2009057025" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11-0.4.2"/> 8375 <criterion test_ref="oval:org.opensuse.security:tst:2009057026" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11-0.4.2"/> 8376 <criterion test_ref="oval:org.opensuse.security:tst:2009057027" comment="java-1_5_0-ibm-src less than 1.5.0_sr11-0.4.2"/> 8377 <criterion test_ref="oval:org.opensuse.security:tst:2009057028" comment="java-1_5_0-ibm less than 1.5.0_sr11-0.4.2"/> 8378 </criteria> 8379 </criteria> 8380 </definition> 8381 <definition id="oval:org.opensuse.security:def:20093876" version="1" class="vulnerability"> 8382 <metadata> 8383 <title>CVE-2009-3876</title> 8384 <affected family="unix"> 8385 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8386 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8387 </affected> 8388 <reference ref_id="CVE-2009-3876" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3876" source="CVE"/> 8389 <description> 8390 Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not properly decoded by the ASN.1 DER input stream parser, aka Bug Id 6864911. 8391 </description> 8392 </metadata> 8393 <!-- af469401da197afd4006ef4ae0c61aaa --> 8394 <criteria operator="AND"> 8395 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8396 <criteria operator="OR"> 8397 <criterion test_ref="oval:org.opensuse.security:tst:2009057019" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11-0.4.2"/> 8398 <criterion test_ref="oval:org.opensuse.security:tst:2009057020" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11-0.4.2"/> 8399 <criterion test_ref="oval:org.opensuse.security:tst:2009057021" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11-0.4.2"/> 8400 <criterion test_ref="oval:org.opensuse.security:tst:2009057022" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11-0.4.2"/> 8401 <criterion test_ref="oval:org.opensuse.security:tst:2009057023" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11-0.4.2"/> 8402 <criterion test_ref="oval:org.opensuse.security:tst:2009057024" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11-0.4.2"/> 8403 <criterion test_ref="oval:org.opensuse.security:tst:2009057025" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11-0.4.2"/> 8404 <criterion test_ref="oval:org.opensuse.security:tst:2009057026" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11-0.4.2"/> 8405 <criterion test_ref="oval:org.opensuse.security:tst:2009057027" comment="java-1_5_0-ibm-src less than 1.5.0_sr11-0.4.2"/> 8406 <criterion test_ref="oval:org.opensuse.security:tst:2009057028" comment="java-1_5_0-ibm less than 1.5.0_sr11-0.4.2"/> 8407 </criteria> 8408 </criteria> 8409 </definition> 8410 <definition id="oval:org.opensuse.security:def:20093877" version="1" class="vulnerability"> 8411 <metadata> 8412 <title>CVE-2009-3877</title> 8413 <affected family="unix"> 8414 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8415 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8416 </affected> 8417 <reference ref_id="CVE-2009-3877" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3877" source="CVE"/> 8418 <description> 8419 Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911. 8420 </description> 8421 </metadata> 8422 <!-- af469401da197afd4006ef4ae0c61aaa --> 8423 <criteria operator="AND"> 8424 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8425 <criteria operator="OR"> 8426 <criterion test_ref="oval:org.opensuse.security:tst:2009057019" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11-0.4.2"/> 8427 <criterion test_ref="oval:org.opensuse.security:tst:2009057020" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11-0.4.2"/> 8428 <criterion test_ref="oval:org.opensuse.security:tst:2009057021" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11-0.4.2"/> 8429 <criterion test_ref="oval:org.opensuse.security:tst:2009057022" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11-0.4.2"/> 8430 <criterion test_ref="oval:org.opensuse.security:tst:2009057023" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11-0.4.2"/> 8431 <criterion test_ref="oval:org.opensuse.security:tst:2009057024" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11-0.4.2"/> 8432 <criterion test_ref="oval:org.opensuse.security:tst:2009057025" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11-0.4.2"/> 8433 <criterion test_ref="oval:org.opensuse.security:tst:2009057026" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11-0.4.2"/> 8434 <criterion test_ref="oval:org.opensuse.security:tst:2009057027" comment="java-1_5_0-ibm-src less than 1.5.0_sr11-0.4.2"/> 8435 <criterion test_ref="oval:org.opensuse.security:tst:2009057028" comment="java-1_5_0-ibm less than 1.5.0_sr11-0.4.2"/> 8436 </criteria> 8437 </criteria> 8438 </definition> 8439 <definition id="oval:org.opensuse.security:def:20093909" version="1" class="vulnerability"> 8440 <metadata> 8441 <title>CVE-2009-3909</title> 8442 <affected family="unix"> 8443 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8444 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8445 </affected> 8446 <reference ref_id="CVE-2009-3909" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3909" source="CVE"/> 8447 <description> 8448 Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow. 8449 </description> 8450 </metadata> 8451 <!-- 81784b1af32c10a70030409d240c5d5b --> 8452 <criteria operator="AND"> 8453 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8454 <criterion test_ref="oval:org.opensuse.security:tst:2009059677" comment="gimp less than 2.2.10-22.33.1"/> 8455 </criteria> 8456 </definition> 8457 <definition id="oval:org.opensuse.security:def:20093939" version="1" class="vulnerability"> 8458 <metadata> 8459 <title>CVE-2009-3939</title> 8460 <affected family="unix"> 8461 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8462 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8463 </affected> 8464 <reference ref_id="CVE-2009-3939" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3939" source="CVE"/> 8465 <description> 8466 The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file. 8467 </description> 8468 </metadata> 8469 <criteria operator="OR"> 8470 <!-- 1f3d0df322cdf35f54c2baec92610fa0 --> 8471 <criteria operator="AND"> 8472 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8473 <criteria operator="OR"> 8474 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 8475 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 8476 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 8477 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 8478 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 8479 </criteria> 8480 </criteria> 8481 <!-- 7a612881db49bcc0dd76d517d881465e --> 8482 <criteria operator="AND"> 8483 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8484 <criteria operator="OR"> 8485 <criterion test_ref="oval:org.opensuse.security:tst:2009056864" comment="kernel-bigsmp less than 2.6.16.60-0.58.1"/> 8486 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 8487 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 8488 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 8489 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 8490 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 8491 <criterion test_ref="oval:org.opensuse.security:tst:2009056865" comment="kernel-xenpae less than 2.6.16.60-0.58.1"/> 8492 </criteria> 8493 </criteria> 8494 </criteria> 8495 </definition> 8496 <definition id="oval:org.opensuse.security:def:20093951" version="1" class="vulnerability"> 8497 <metadata> 8498 <title>CVE-2009-3951</title> 8499 <affected family="unix"> 8500 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8501 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8502 </affected> 8503 <reference ref_id="CVE-2009-3951" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3951" source="CVE"/> 8504 <description> 8505 Unspecified vulnerability in the Flash Player ActiveX control in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 on Windows allows remote attackers to obtain the names of local files via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4820. 8506 </description> 8507 </metadata> 8508 <!-- 4f8ea51c70b690cd3ab328933e9d624d --> 8509 <criteria operator="AND"> 8510 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8511 <criterion test_ref="oval:org.opensuse.security:tst:2009057177" comment="flash-player less than 9.0.260.0-0.4.1"/> 8512 </criteria> 8513 </definition> 8514 <definition id="oval:org.opensuse.security:def:20093953" version="1" class="vulnerability"> 8515 <metadata> 8516 <title>CVE-2009-3953</title> 8517 <affected family="unix"> 8518 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8519 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8520 </affected> 8521 <reference ref_id="CVE-2009-3953" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953" source="CVE"/> 8522 <description> 8523 The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different vulnerability than CVE-2009-2994. 8524 </description> 8525 </metadata> 8526 <criteria operator="OR"> 8527 <!-- 73bd1b6a089975c2c242ccdaf305c42a --> 8528 <criteria operator="AND"> 8529 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8530 <criterion test_ref="oval:org.opensuse.security:tst:2009057624" comment="acroread_ja less than 9.3-0.5.1"/> 8531 </criteria> 8532 <!-- e120e08caae007ef5da62938c4998230 --> 8533 <criteria operator="AND"> 8534 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8535 <criterion test_ref="oval:org.opensuse.security:tst:2009057625" comment="acroread less than 9.3-0.6.1"/> 8536 </criteria> 8537 </criteria> 8538 </definition> 8539 <definition id="oval:org.opensuse.security:def:20093954" version="1" class="vulnerability"> 8540 <metadata> 8541 <title>CVE-2009-3954</title> 8542 <affected family="unix"> 8543 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8544 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8545 </affected> 8546 <reference ref_id="CVE-2009-3954" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3954" source="CVE"/> 8547 <description> 8548 The 3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to execute arbitrary code via unspecified vectors, related to a "DLL-loading vulnerability." 8549 </description> 8550 </metadata> 8551 <criteria operator="OR"> 8552 <!-- 73bd1b6a089975c2c242ccdaf305c42a --> 8553 <criteria operator="AND"> 8554 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8555 <criterion test_ref="oval:org.opensuse.security:tst:2009057624" comment="acroread_ja less than 9.3-0.5.1"/> 8556 </criteria> 8557 <!-- e120e08caae007ef5da62938c4998230 --> 8558 <criteria operator="AND"> 8559 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8560 <criterion test_ref="oval:org.opensuse.security:tst:2009057625" comment="acroread less than 9.3-0.6.1"/> 8561 </criteria> 8562 </criteria> 8563 </definition> 8564 <definition id="oval:org.opensuse.security:def:20093955" version="1" class="vulnerability"> 8565 <metadata> 8566 <title>CVE-2009-3955</title> 8567 <affected family="unix"> 8568 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8569 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8570 </affected> 8571 <reference ref_id="CVE-2009-3955" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3955" source="CVE"/> 8572 <description> 8573 Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream of a JpxDecode encoded data stream, which triggers an integer sign extension that bypasses a sanity check, leading to memory corruption. 8574 </description> 8575 </metadata> 8576 <criteria operator="OR"> 8577 <!-- 73bd1b6a089975c2c242ccdaf305c42a --> 8578 <criteria operator="AND"> 8579 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8580 <criterion test_ref="oval:org.opensuse.security:tst:2009057624" comment="acroread_ja less than 9.3-0.5.1"/> 8581 </criteria> 8582 <!-- e120e08caae007ef5da62938c4998230 --> 8583 <criteria operator="AND"> 8584 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8585 <criterion test_ref="oval:org.opensuse.security:tst:2009057625" comment="acroread less than 9.3-0.6.1"/> 8586 </criteria> 8587 </criteria> 8588 </definition> 8589 <definition id="oval:org.opensuse.security:def:20093956" version="1" class="vulnerability"> 8590 <metadata> 8591 <title>CVE-2009-3956</title> 8592 <affected family="unix"> 8593 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8594 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8595 </affected> 8596 <reference ref_id="CVE-2009-3956" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3956" source="CVE"/> 8597 <description> 8598 The default configuration of Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, does not enable the Enhanced Security feature, which has unspecified impact and attack vectors, related to a "script injection vulnerability," as demonstrated by Acrobat Forms Data Format (FDF) behavior that allows cross-site scripting (XSS) by user-assisted remote attackers. 8599 </description> 8600 </metadata> 8601 <criteria operator="OR"> 8602 <!-- 73bd1b6a089975c2c242ccdaf305c42a --> 8603 <criteria operator="AND"> 8604 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8605 <criterion test_ref="oval:org.opensuse.security:tst:2009057624" comment="acroread_ja less than 9.3-0.5.1"/> 8606 </criteria> 8607 <!-- e120e08caae007ef5da62938c4998230 --> 8608 <criteria operator="AND"> 8609 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8610 <criterion test_ref="oval:org.opensuse.security:tst:2009057625" comment="acroread less than 9.3-0.6.1"/> 8611 </criteria> 8612 </criteria> 8613 </definition> 8614 <definition id="oval:org.opensuse.security:def:20093957" version="1" class="vulnerability"> 8615 <metadata> 8616 <title>CVE-2009-3957</title> 8617 <affected family="unix"> 8618 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8619 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8620 </affected> 8621 <reference ref_id="CVE-2009-3957" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3957" source="CVE"/> 8622 <description> 8623 Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors. 8624 </description> 8625 </metadata> 8626 <criteria operator="OR"> 8627 <!-- 73bd1b6a089975c2c242ccdaf305c42a --> 8628 <criteria operator="AND"> 8629 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8630 <criterion test_ref="oval:org.opensuse.security:tst:2009057624" comment="acroread_ja less than 9.3-0.5.1"/> 8631 </criteria> 8632 <!-- e120e08caae007ef5da62938c4998230 --> 8633 <criteria operator="AND"> 8634 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8635 <criterion test_ref="oval:org.opensuse.security:tst:2009057625" comment="acroread less than 9.3-0.6.1"/> 8636 </criteria> 8637 </criteria> 8638 </definition> 8639 <definition id="oval:org.opensuse.security:def:20093958" version="1" class="vulnerability"> 8640 <metadata> 8641 <title>CVE-2009-3958</title> 8642 <affected family="unix"> 8643 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8644 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8645 </affected> 8646 <reference ref_id="CVE-2009-3958" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3958" source="CVE"/> 8647 <description> 8648 Multiple stack-based buffer overflows in the NOS Microsystems getPlus Helper ActiveX control before 1.6.2.49 in gp.ocx in the Download Manager in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow remote attackers to execute arbitrary code via unspecified initialization parameters. 8649 </description> 8650 </metadata> 8651 <criteria operator="OR"> 8652 <!-- 73bd1b6a089975c2c242ccdaf305c42a --> 8653 <criteria operator="AND"> 8654 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8655 <criterion test_ref="oval:org.opensuse.security:tst:2009057624" comment="acroread_ja less than 9.3-0.5.1"/> 8656 </criteria> 8657 <!-- e120e08caae007ef5da62938c4998230 --> 8658 <criteria operator="AND"> 8659 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8660 <criterion test_ref="oval:org.opensuse.security:tst:2009057625" comment="acroread less than 9.3-0.6.1"/> 8661 </criteria> 8662 </criteria> 8663 </definition> 8664 <definition id="oval:org.opensuse.security:def:20093959" version="1" class="vulnerability"> 8665 <metadata> 8666 <title>CVE-2009-3959</title> 8667 <affected family="unix"> 8668 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8669 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8670 </affected> 8671 <reference ref_id="CVE-2009-3959" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3959" source="CVE"/> 8672 <description> 8673 Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a malformed PDF document. 8674 </description> 8675 </metadata> 8676 <criteria operator="OR"> 8677 <!-- 73bd1b6a089975c2c242ccdaf305c42a --> 8678 <criteria operator="AND"> 8679 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8680 <criterion test_ref="oval:org.opensuse.security:tst:2009057624" comment="acroread_ja less than 9.3-0.5.1"/> 8681 </criteria> 8682 <!-- e120e08caae007ef5da62938c4998230 --> 8683 <criteria operator="AND"> 8684 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8685 <criterion test_ref="oval:org.opensuse.security:tst:2009057625" comment="acroread less than 9.3-0.6.1"/> 8686 </criteria> 8687 </criteria> 8688 </definition> 8689 <definition id="oval:org.opensuse.security:def:20093978" version="1" class="vulnerability"> 8690 <metadata> 8691 <title>CVE-2009-3978</title> 8692 <affected family="unix"> 8693 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8694 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8695 </affected> 8696 <reference ref_id="CVE-2009-3978" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3978" source="CVE"/> 8697 <description> 8698 The nsGIFDecoder2::GifWrite function in decoders/gif/nsGIFDecoder2.cpp in libpr0n in Mozilla Firefox before 3.5.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an animated GIF file with a large image size, a different vulnerability than CVE-2009-3373. 8699 </description> 8700 </metadata> 8701 <!-- 3491c1762db63fb4f81a16754561e6b1 --> 8702 <criteria operator="AND"> 8703 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8704 <criteria operator="OR"> 8705 <criterion test_ref="oval:org.opensuse.security:tst:2009056353" comment="MozillaFirefox-translations less than 3.5.5-1.4.1"/> 8706 <criterion test_ref="oval:org.opensuse.security:tst:2009056354" comment="MozillaFirefox less than 3.5.5-1.4.1"/> 8707 <criterion test_ref="oval:org.opensuse.security:tst:2009056355" comment="mozilla-xulrunner191-32bit less than 1.9.1.5-1.4.1"/> 8708 <criterion test_ref="oval:org.opensuse.security:tst:2009056356" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.5-1.4.1"/> 8709 <criterion test_ref="oval:org.opensuse.security:tst:2009056357" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.5-1.4.1"/> 8710 <criterion test_ref="oval:org.opensuse.security:tst:2009056358" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.5-1.4.1"/> 8711 <criterion test_ref="oval:org.opensuse.security:tst:2009056359" comment="mozilla-xulrunner191-translations less than 1.9.1.5-1.4.1"/> 8712 <criterion test_ref="oval:org.opensuse.security:tst:2009056360" comment="mozilla-xulrunner191 less than 1.9.1.5-1.4.1"/> 8713 </criteria> 8714 </criteria> 8715 </definition> 8716 <definition id="oval:org.opensuse.security:def:20093979" version="1" class="vulnerability"> 8717 <metadata> 8718 <title>CVE-2009-3979</title> 8719 <affected family="unix"> 8720 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8721 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8722 </affected> 8723 <reference ref_id="CVE-2009-3979" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3979" source="CVE"/> 8724 <description> 8725 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 8726 </description> 8727 </metadata> 8728 <criteria operator="OR"> 8729 <!-- 2f608be689872233c5fce2ce26bd4514 --> 8730 <criteria operator="AND"> 8731 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8732 <criteria operator="OR"> 8733 <criterion test_ref="oval:org.opensuse.security:tst:2009056915" comment="MozillaFirefox-translations less than 3.5.6-1.4.1"/> 8734 <criterion test_ref="oval:org.opensuse.security:tst:2009056916" comment="MozillaFirefox less than 3.5.6-1.4.1"/> 8735 <criterion test_ref="oval:org.opensuse.security:tst:2009056917" comment="mozilla-xulrunner191-32bit less than 1.9.1.6-1.4.1"/> 8736 <criterion test_ref="oval:org.opensuse.security:tst:2009056918" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.6-1.4.1"/> 8737 <criterion test_ref="oval:org.opensuse.security:tst:2009056919" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.6-1.4.1"/> 8738 <criterion test_ref="oval:org.opensuse.security:tst:2009056920" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.6-1.4.1"/> 8739 <criterion test_ref="oval:org.opensuse.security:tst:2009056921" comment="mozilla-xulrunner191-translations less than 1.9.1.6-1.4.1"/> 8740 <criterion test_ref="oval:org.opensuse.security:tst:2009056922" comment="mozilla-xulrunner191 less than 1.9.1.6-1.4.1"/> 8741 </criteria> 8742 </criteria> 8743 <!-- 38f2e3bf80d291ec111cc852e32a75f0 --> 8744 <criteria operator="AND"> 8745 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8746 <criteria operator="OR"> 8747 <criterion test_ref="oval:org.opensuse.security:tst:2009056945" comment="mozilla-xulrunner190-32bit less than 1.9.0.16-0.4.1"/> 8748 <criterion test_ref="oval:org.opensuse.security:tst:2009056946" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.16-0.4.1"/> 8749 <criterion test_ref="oval:org.opensuse.security:tst:2009056947" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.16-0.4.1"/> 8750 <criterion test_ref="oval:org.opensuse.security:tst:2009056948" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.16-0.4.1"/> 8751 <criterion test_ref="oval:org.opensuse.security:tst:2009056949" comment="mozilla-xulrunner190-translations less than 1.9.0.16-0.4.1"/> 8752 <criterion test_ref="oval:org.opensuse.security:tst:2009056950" comment="mozilla-xulrunner190 less than 1.9.0.16-0.4.1"/> 8753 </criteria> 8754 </criteria> 8755 </criteria> 8756 </definition> 8757 <definition id="oval:org.opensuse.security:def:20093980" version="1" class="vulnerability"> 8758 <metadata> 8759 <title>CVE-2009-3980</title> 8760 <affected family="unix"> 8761 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8762 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8763 </affected> 8764 <reference ref_id="CVE-2009-3980" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3980" source="CVE"/> 8765 <description> 8766 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 8767 </description> 8768 </metadata> 8769 <!-- 2f608be689872233c5fce2ce26bd4514 --> 8770 <criteria operator="AND"> 8771 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8772 <criteria operator="OR"> 8773 <criterion test_ref="oval:org.opensuse.security:tst:2009056915" comment="MozillaFirefox-translations less than 3.5.6-1.4.1"/> 8774 <criterion test_ref="oval:org.opensuse.security:tst:2009056916" comment="MozillaFirefox less than 3.5.6-1.4.1"/> 8775 <criterion test_ref="oval:org.opensuse.security:tst:2009056917" comment="mozilla-xulrunner191-32bit less than 1.9.1.6-1.4.1"/> 8776 <criterion test_ref="oval:org.opensuse.security:tst:2009056918" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.6-1.4.1"/> 8777 <criterion test_ref="oval:org.opensuse.security:tst:2009056919" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.6-1.4.1"/> 8778 <criterion test_ref="oval:org.opensuse.security:tst:2009056920" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.6-1.4.1"/> 8779 <criterion test_ref="oval:org.opensuse.security:tst:2009056921" comment="mozilla-xulrunner191-translations less than 1.9.1.6-1.4.1"/> 8780 <criterion test_ref="oval:org.opensuse.security:tst:2009056922" comment="mozilla-xulrunner191 less than 1.9.1.6-1.4.1"/> 8781 </criteria> 8782 </criteria> 8783 </definition> 8784 <definition id="oval:org.opensuse.security:def:20093981" version="1" class="vulnerability"> 8785 <metadata> 8786 <title>CVE-2009-3981</title> 8787 <affected family="unix"> 8788 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8789 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8790 </affected> 8791 <reference ref_id="CVE-2009-3981" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3981" source="CVE"/> 8792 <description> 8793 Unspecified vulnerability in the browser engine in Mozilla Firefox before 3.0.16, SeaMonkey before 2.0.1, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 8794 </description> 8795 </metadata> 8796 <!-- 38f2e3bf80d291ec111cc852e32a75f0 --> 8797 <criteria operator="AND"> 8798 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8799 <criteria operator="OR"> 8800 <criterion test_ref="oval:org.opensuse.security:tst:2009056945" comment="mozilla-xulrunner190-32bit less than 1.9.0.16-0.4.1"/> 8801 <criterion test_ref="oval:org.opensuse.security:tst:2009056946" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.16-0.4.1"/> 8802 <criterion test_ref="oval:org.opensuse.security:tst:2009056947" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.16-0.4.1"/> 8803 <criterion test_ref="oval:org.opensuse.security:tst:2009056948" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.16-0.4.1"/> 8804 <criterion test_ref="oval:org.opensuse.security:tst:2009056949" comment="mozilla-xulrunner190-translations less than 1.9.0.16-0.4.1"/> 8805 <criterion test_ref="oval:org.opensuse.security:tst:2009056950" comment="mozilla-xulrunner190 less than 1.9.0.16-0.4.1"/> 8806 </criteria> 8807 </criteria> 8808 </definition> 8809 <definition id="oval:org.opensuse.security:def:20093982" version="1" class="vulnerability"> 8810 <metadata> 8811 <title>CVE-2009-3982</title> 8812 <affected family="unix"> 8813 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8814 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8815 </affected> 8816 <reference ref_id="CVE-2009-3982" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3982" source="CVE"/> 8817 <description> 8818 Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 8819 </description> 8820 </metadata> 8821 <!-- 2f608be689872233c5fce2ce26bd4514 --> 8822 <criteria operator="AND"> 8823 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8824 <criteria operator="OR"> 8825 <criterion test_ref="oval:org.opensuse.security:tst:2009056915" comment="MozillaFirefox-translations less than 3.5.6-1.4.1"/> 8826 <criterion test_ref="oval:org.opensuse.security:tst:2009056916" comment="MozillaFirefox less than 3.5.6-1.4.1"/> 8827 <criterion test_ref="oval:org.opensuse.security:tst:2009056917" comment="mozilla-xulrunner191-32bit less than 1.9.1.6-1.4.1"/> 8828 <criterion test_ref="oval:org.opensuse.security:tst:2009056918" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.6-1.4.1"/> 8829 <criterion test_ref="oval:org.opensuse.security:tst:2009056919" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.6-1.4.1"/> 8830 <criterion test_ref="oval:org.opensuse.security:tst:2009056920" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.6-1.4.1"/> 8831 <criterion test_ref="oval:org.opensuse.security:tst:2009056921" comment="mozilla-xulrunner191-translations less than 1.9.1.6-1.4.1"/> 8832 <criterion test_ref="oval:org.opensuse.security:tst:2009056922" comment="mozilla-xulrunner191 less than 1.9.1.6-1.4.1"/> 8833 </criteria> 8834 </criteria> 8835 </definition> 8836 <definition id="oval:org.opensuse.security:def:20093983" version="1" class="vulnerability"> 8837 <metadata> 8838 <title>CVE-2009-3983</title> 8839 <affected family="unix"> 8840 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8841 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8842 </affected> 8843 <reference ref_id="CVE-2009-3983" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3983" source="CVE"/> 8844 <description> 8845 Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user. 8846 </description> 8847 </metadata> 8848 <criteria operator="OR"> 8849 <!-- 2f608be689872233c5fce2ce26bd4514 --> 8850 <criteria operator="AND"> 8851 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8852 <criteria operator="OR"> 8853 <criterion test_ref="oval:org.opensuse.security:tst:2009056915" comment="MozillaFirefox-translations less than 3.5.6-1.4.1"/> 8854 <criterion test_ref="oval:org.opensuse.security:tst:2009056916" comment="MozillaFirefox less than 3.5.6-1.4.1"/> 8855 <criterion test_ref="oval:org.opensuse.security:tst:2009056917" comment="mozilla-xulrunner191-32bit less than 1.9.1.6-1.4.1"/> 8856 <criterion test_ref="oval:org.opensuse.security:tst:2009056918" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.6-1.4.1"/> 8857 <criterion test_ref="oval:org.opensuse.security:tst:2009056919" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.6-1.4.1"/> 8858 <criterion test_ref="oval:org.opensuse.security:tst:2009056920" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.6-1.4.1"/> 8859 <criterion test_ref="oval:org.opensuse.security:tst:2009056921" comment="mozilla-xulrunner191-translations less than 1.9.1.6-1.4.1"/> 8860 <criterion test_ref="oval:org.opensuse.security:tst:2009056922" comment="mozilla-xulrunner191 less than 1.9.1.6-1.4.1"/> 8861 </criteria> 8862 </criteria> 8863 <!-- 38f2e3bf80d291ec111cc852e32a75f0 --> 8864 <criteria operator="AND"> 8865 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8866 <criteria operator="OR"> 8867 <criterion test_ref="oval:org.opensuse.security:tst:2009056945" comment="mozilla-xulrunner190-32bit less than 1.9.0.16-0.4.1"/> 8868 <criterion test_ref="oval:org.opensuse.security:tst:2009056946" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.16-0.4.1"/> 8869 <criterion test_ref="oval:org.opensuse.security:tst:2009056947" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.16-0.4.1"/> 8870 <criterion test_ref="oval:org.opensuse.security:tst:2009056948" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.16-0.4.1"/> 8871 <criterion test_ref="oval:org.opensuse.security:tst:2009056949" comment="mozilla-xulrunner190-translations less than 1.9.0.16-0.4.1"/> 8872 <criterion test_ref="oval:org.opensuse.security:tst:2009056950" comment="mozilla-xulrunner190 less than 1.9.0.16-0.4.1"/> 8873 </criteria> 8874 </criteria> 8875 </criteria> 8876 </definition> 8877 <definition id="oval:org.opensuse.security:def:20093984" version="1" class="vulnerability"> 8878 <metadata> 8879 <title>CVE-2009-3984</title> 8880 <affected family="unix"> 8881 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8882 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8883 </affected> 8884 <reference ref_id="CVE-2009-3984" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3984" source="CVE"/> 8885 <description> 8886 Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content (aka 204) status code and an empty body. 8887 </description> 8888 </metadata> 8889 <criteria operator="OR"> 8890 <!-- 2f608be689872233c5fce2ce26bd4514 --> 8891 <criteria operator="AND"> 8892 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8893 <criteria operator="OR"> 8894 <criterion test_ref="oval:org.opensuse.security:tst:2009056915" comment="MozillaFirefox-translations less than 3.5.6-1.4.1"/> 8895 <criterion test_ref="oval:org.opensuse.security:tst:2009056916" comment="MozillaFirefox less than 3.5.6-1.4.1"/> 8896 <criterion test_ref="oval:org.opensuse.security:tst:2009056917" comment="mozilla-xulrunner191-32bit less than 1.9.1.6-1.4.1"/> 8897 <criterion test_ref="oval:org.opensuse.security:tst:2009056918" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.6-1.4.1"/> 8898 <criterion test_ref="oval:org.opensuse.security:tst:2009056919" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.6-1.4.1"/> 8899 <criterion test_ref="oval:org.opensuse.security:tst:2009056920" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.6-1.4.1"/> 8900 <criterion test_ref="oval:org.opensuse.security:tst:2009056921" comment="mozilla-xulrunner191-translations less than 1.9.1.6-1.4.1"/> 8901 <criterion test_ref="oval:org.opensuse.security:tst:2009056922" comment="mozilla-xulrunner191 less than 1.9.1.6-1.4.1"/> 8902 </criteria> 8903 </criteria> 8904 <!-- 38f2e3bf80d291ec111cc852e32a75f0 --> 8905 <criteria operator="AND"> 8906 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8907 <criteria operator="OR"> 8908 <criterion test_ref="oval:org.opensuse.security:tst:2009056945" comment="mozilla-xulrunner190-32bit less than 1.9.0.16-0.4.1"/> 8909 <criterion test_ref="oval:org.opensuse.security:tst:2009056946" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.16-0.4.1"/> 8910 <criterion test_ref="oval:org.opensuse.security:tst:2009056947" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.16-0.4.1"/> 8911 <criterion test_ref="oval:org.opensuse.security:tst:2009056948" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.16-0.4.1"/> 8912 <criterion test_ref="oval:org.opensuse.security:tst:2009056949" comment="mozilla-xulrunner190-translations less than 1.9.0.16-0.4.1"/> 8913 <criterion test_ref="oval:org.opensuse.security:tst:2009056950" comment="mozilla-xulrunner190 less than 1.9.0.16-0.4.1"/> 8914 </criteria> 8915 </criteria> 8916 </criteria> 8917 </definition> 8918 <definition id="oval:org.opensuse.security:def:20093985" version="1" class="vulnerability"> 8919 <metadata> 8920 <title>CVE-2009-3985</title> 8921 <affected family="unix"> 8922 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8923 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8924 </affected> 8925 <reference ref_id="CVE-2009-3985" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3985" source="CVE"/> 8926 <description> 8927 Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654. 8928 </description> 8929 </metadata> 8930 <criteria operator="OR"> 8931 <!-- 2f608be689872233c5fce2ce26bd4514 --> 8932 <criteria operator="AND"> 8933 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8934 <criteria operator="OR"> 8935 <criterion test_ref="oval:org.opensuse.security:tst:2009056915" comment="MozillaFirefox-translations less than 3.5.6-1.4.1"/> 8936 <criterion test_ref="oval:org.opensuse.security:tst:2009056916" comment="MozillaFirefox less than 3.5.6-1.4.1"/> 8937 <criterion test_ref="oval:org.opensuse.security:tst:2009056917" comment="mozilla-xulrunner191-32bit less than 1.9.1.6-1.4.1"/> 8938 <criterion test_ref="oval:org.opensuse.security:tst:2009056918" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.6-1.4.1"/> 8939 <criterion test_ref="oval:org.opensuse.security:tst:2009056919" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.6-1.4.1"/> 8940 <criterion test_ref="oval:org.opensuse.security:tst:2009056920" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.6-1.4.1"/> 8941 <criterion test_ref="oval:org.opensuse.security:tst:2009056921" comment="mozilla-xulrunner191-translations less than 1.9.1.6-1.4.1"/> 8942 <criterion test_ref="oval:org.opensuse.security:tst:2009056922" comment="mozilla-xulrunner191 less than 1.9.1.6-1.4.1"/> 8943 </criteria> 8944 </criteria> 8945 <!-- 38f2e3bf80d291ec111cc852e32a75f0 --> 8946 <criteria operator="AND"> 8947 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8948 <criteria operator="OR"> 8949 <criterion test_ref="oval:org.opensuse.security:tst:2009056945" comment="mozilla-xulrunner190-32bit less than 1.9.0.16-0.4.1"/> 8950 <criterion test_ref="oval:org.opensuse.security:tst:2009056946" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.16-0.4.1"/> 8951 <criterion test_ref="oval:org.opensuse.security:tst:2009056947" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.16-0.4.1"/> 8952 <criterion test_ref="oval:org.opensuse.security:tst:2009056948" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.16-0.4.1"/> 8953 <criterion test_ref="oval:org.opensuse.security:tst:2009056949" comment="mozilla-xulrunner190-translations less than 1.9.0.16-0.4.1"/> 8954 <criterion test_ref="oval:org.opensuse.security:tst:2009056950" comment="mozilla-xulrunner190 less than 1.9.0.16-0.4.1"/> 8955 </criteria> 8956 </criteria> 8957 </criteria> 8958 </definition> 8959 <definition id="oval:org.opensuse.security:def:20093986" version="1" class="vulnerability"> 8960 <metadata> 8961 <title>CVE-2009-3986</title> 8962 <affected family="unix"> 8963 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 8964 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 8965 </affected> 8966 <reference ref_id="CVE-2009-3986" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3986" source="CVE"/> 8967 <description> 8968 Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to execute arbitrary JavaScript with chrome privileges by leveraging a reference to a chrome window from a content window, related to the window.opener property. 8969 </description> 8970 </metadata> 8971 <criteria operator="OR"> 8972 <!-- 2f608be689872233c5fce2ce26bd4514 --> 8973 <criteria operator="AND"> 8974 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8975 <criteria operator="OR"> 8976 <criterion test_ref="oval:org.opensuse.security:tst:2009056915" comment="MozillaFirefox-translations less than 3.5.6-1.4.1"/> 8977 <criterion test_ref="oval:org.opensuse.security:tst:2009056916" comment="MozillaFirefox less than 3.5.6-1.4.1"/> 8978 <criterion test_ref="oval:org.opensuse.security:tst:2009056917" comment="mozilla-xulrunner191-32bit less than 1.9.1.6-1.4.1"/> 8979 <criterion test_ref="oval:org.opensuse.security:tst:2009056918" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.6-1.4.1"/> 8980 <criterion test_ref="oval:org.opensuse.security:tst:2009056919" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.6-1.4.1"/> 8981 <criterion test_ref="oval:org.opensuse.security:tst:2009056920" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.6-1.4.1"/> 8982 <criterion test_ref="oval:org.opensuse.security:tst:2009056921" comment="mozilla-xulrunner191-translations less than 1.9.1.6-1.4.1"/> 8983 <criterion test_ref="oval:org.opensuse.security:tst:2009056922" comment="mozilla-xulrunner191 less than 1.9.1.6-1.4.1"/> 8984 </criteria> 8985 </criteria> 8986 <!-- 38f2e3bf80d291ec111cc852e32a75f0 --> 8987 <criteria operator="AND"> 8988 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 8989 <criteria operator="OR"> 8990 <criterion test_ref="oval:org.opensuse.security:tst:2009056945" comment="mozilla-xulrunner190-32bit less than 1.9.0.16-0.4.1"/> 8991 <criterion test_ref="oval:org.opensuse.security:tst:2009056946" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.16-0.4.1"/> 8992 <criterion test_ref="oval:org.opensuse.security:tst:2009056947" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.16-0.4.1"/> 8993 <criterion test_ref="oval:org.opensuse.security:tst:2009056948" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.16-0.4.1"/> 8994 <criterion test_ref="oval:org.opensuse.security:tst:2009056949" comment="mozilla-xulrunner190-translations less than 1.9.0.16-0.4.1"/> 8995 <criterion test_ref="oval:org.opensuse.security:tst:2009056950" comment="mozilla-xulrunner190 less than 1.9.0.16-0.4.1"/> 8996 </criteria> 8997 </criteria> 8998 </criteria> 8999 </definition> 9000 <definition id="oval:org.opensuse.security:def:20093988" version="1" class="vulnerability"> 9001 <metadata> 9002 <title>CVE-2009-3988</title> 9003 <affected family="unix"> 9004 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9005 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9006 </affected> 9007 <reference ref_id="CVE-2009-3988" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3988" source="CVE"/> 9008 <description> 9009 Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly restrict read access to object properties in showModalDialog, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via crafted dialogArguments values. 9010 </description> 9011 </metadata> 9012 <criteria operator="OR"> 9013 <!-- 630708f048967bcbe3d7e12e91204fcf --> 9014 <criteria operator="AND"> 9015 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9016 <criteria operator="OR"> 9017 <criterion test_ref="oval:org.opensuse.security:tst:2009058405" comment="mozilla-xulrunner190-32bit less than 1.9.0.18-0.4.1"/> 9018 <criterion test_ref="oval:org.opensuse.security:tst:2009058406" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.18-0.4.1"/> 9019 <criterion test_ref="oval:org.opensuse.security:tst:2009058407" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.18-0.4.1"/> 9020 <criterion test_ref="oval:org.opensuse.security:tst:2009058408" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.18-0.4.1"/> 9021 <criterion test_ref="oval:org.opensuse.security:tst:2009058409" comment="mozilla-xulrunner190-translations less than 1.9.0.18-0.4.1"/> 9022 <criterion test_ref="oval:org.opensuse.security:tst:2009058410" comment="mozilla-xulrunner190 less than 1.9.0.18-0.4.1"/> 9023 </criteria> 9024 </criteria> 9025 <!-- d41075930b3e4dc43019336480f6a248 --> 9026 <criteria operator="AND"> 9027 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9028 <criteria operator="OR"> 9029 <criterion test_ref="oval:org.opensuse.security:tst:2009058451" comment="MozillaFirefox-translations less than 3.5.8-0.4.1"/> 9030 <criterion test_ref="oval:org.opensuse.security:tst:2009058452" comment="MozillaFirefox less than 3.5.8-0.4.1"/> 9031 <criterion test_ref="oval:org.opensuse.security:tst:2009058442" comment="mozilla-xulrunner191-32bit less than 1.9.1.8-1.4.1"/> 9032 <criterion test_ref="oval:org.opensuse.security:tst:2009058443" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.8-1.4.1"/> 9033 <criterion test_ref="oval:org.opensuse.security:tst:2009058444" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.8-1.4.1"/> 9034 <criterion test_ref="oval:org.opensuse.security:tst:2009058445" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.8-1.4.1"/> 9035 <criterion test_ref="oval:org.opensuse.security:tst:2009058446" comment="mozilla-xulrunner191-translations less than 1.9.1.8-1.4.1"/> 9036 <criterion test_ref="oval:org.opensuse.security:tst:2009058447" comment="mozilla-xulrunner191 less than 1.9.1.8-1.4.1"/> 9037 </criteria> 9038 </criteria> 9039 </criteria> 9040 </definition> 9041 <definition id="oval:org.opensuse.security:def:20093995" version="1" class="vulnerability"> 9042 <metadata> 9043 <title>CVE-2009-3995</title> 9044 <affected family="unix"> 9045 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9046 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9047 </affected> 9048 <reference ref_id="CVE-2009-3995" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3995" source="CVE"/> 9049 <description> 9050 Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details are obtained from third party information. 9051 </description> 9052 </metadata> 9053 <!-- a2bdb4e2453c5f8b835512f634e53383 --> 9054 <criteria operator="AND"> 9055 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9056 <criteria operator="OR"> 9057 <criterion test_ref="oval:org.opensuse.security:tst:2009060140" comment="libmikmod-32bit less than 3.1.11-14.10.1"/> 9058 <criterion test_ref="oval:org.opensuse.security:tst:2009060141" comment="libmikmod less than 3.1.11-14.10.1"/> 9059 </criteria> 9060 </criteria> 9061 </definition> 9062 <definition id="oval:org.opensuse.security:def:20093996" version="1" class="vulnerability"> 9063 <metadata> 9064 <title>CVE-2009-3996</title> 9065 <affected family="unix"> 9066 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9067 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9068 </affected> 9069 <reference ref_id="CVE-2009-3996" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3996" source="CVE"/> 9070 <description> 9071 Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via an Ultratracker file. 9072 </description> 9073 </metadata> 9074 <!-- a2bdb4e2453c5f8b835512f634e53383 --> 9075 <criteria operator="AND"> 9076 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9077 <criteria operator="OR"> 9078 <criterion test_ref="oval:org.opensuse.security:tst:2009060140" comment="libmikmod-32bit less than 3.1.11-14.10.1"/> 9079 <criterion test_ref="oval:org.opensuse.security:tst:2009060141" comment="libmikmod less than 3.1.11-14.10.1"/> 9080 </criteria> 9081 </criteria> 9082 </definition> 9083 <definition id="oval:org.opensuse.security:def:20094005" version="1" class="vulnerability"> 9084 <metadata> 9085 <title>CVE-2009-4005</title> 9086 <affected family="unix"> 9087 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9088 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9089 </affected> 9090 <reference ref_id="CVE-2009-4005" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4005" source="CVE"/> 9091 <description> 9092 The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read. 9093 </description> 9094 </metadata> 9095 <criteria operator="OR"> 9096 <!-- 1f3d0df322cdf35f54c2baec92610fa0 --> 9097 <criteria operator="AND"> 9098 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9099 <criteria operator="OR"> 9100 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 9101 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 9102 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 9103 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 9104 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 9105 </criteria> 9106 </criteria> 9107 <!-- 7a612881db49bcc0dd76d517d881465e --> 9108 <criteria operator="AND"> 9109 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9110 <criteria operator="OR"> 9111 <criterion test_ref="oval:org.opensuse.security:tst:2009056864" comment="kernel-bigsmp less than 2.6.16.60-0.58.1"/> 9112 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 9113 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 9114 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 9115 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 9116 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 9117 <criterion test_ref="oval:org.opensuse.security:tst:2009056865" comment="kernel-xenpae less than 2.6.16.60-0.58.1"/> 9118 </criteria> 9119 </criteria> 9120 </criteria> 9121 </definition> 9122 <definition id="oval:org.opensuse.security:def:20094019" version="1" class="vulnerability"> 9123 <metadata> 9124 <title>CVE-2009-4019</title> 9125 <affected family="unix"> 9126 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9127 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9128 </affected> 9129 <reference ref_id="CVE-2009-4019" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4019" source="CVE"/> 9130 <description> 9131 mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement. 9132 </description> 9133 </metadata> 9134 <!-- 71d78dc72e348aa31062cbc12a65c867 --> 9135 <criteria operator="AND"> 9136 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9137 <criteria operator="OR"> 9138 <criterion test_ref="oval:org.opensuse.security:tst:2009058919" comment="mysql-client less than 5.0.26-12.28.1"/> 9139 <criterion test_ref="oval:org.opensuse.security:tst:2009058920" comment="mysql-devel less than 5.0.26-12.28.1"/> 9140 <criterion test_ref="oval:org.opensuse.security:tst:2009058921" comment="mysql-shared-32bit less than 5.0.26-12.28.1"/> 9141 <criterion test_ref="oval:org.opensuse.security:tst:2009058922" comment="mysql-shared less than 5.0.26-12.28.1"/> 9142 <criterion test_ref="oval:org.opensuse.security:tst:2009058923" comment="mysql less than 5.0.26-12.28.1"/> 9143 </criteria> 9144 </criteria> 9145 </definition> 9146 <definition id="oval:org.opensuse.security:def:20094020" version="1" class="vulnerability"> 9147 <metadata> 9148 <title>CVE-2009-4020</title> 9149 <affected family="unix"> 9150 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9151 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9152 </affected> 9153 <reference ref_id="CVE-2009-4020" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4020" source="CVE"/> 9154 <description> 9155 Stack-based buffer overflow in the hfs subsystem in the Linux kernel 2.6.32 allows remote attackers to have an unspecified impact via a crafted Hierarchical File System (HFS) filesystem, related to the hfs_readdir function in fs/hfs/dir.c. 9156 </description> 9157 </metadata> 9158 <criteria operator="OR"> 9159 <!-- 30110847005ad3a7ea7c5d1efd067ce1 --> 9160 <criteria operator="AND"> 9161 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9162 <criteria operator="OR"> 9163 <criterion test_ref="oval:org.opensuse.security:tst:2009059203" comment="kernel-default less than 2.6.16.60-0.60.1"/> 9164 <criterion test_ref="oval:org.opensuse.security:tst:2009059217" comment="kernel-smp less than 2.6.16.60-0.60.1"/> 9165 <criterion test_ref="oval:org.opensuse.security:tst:2009059207" comment="kernel-source less than 2.6.16.60-0.60.1"/> 9166 <criterion test_ref="oval:org.opensuse.security:tst:2009059208" comment="kernel-syms less than 2.6.16.60-0.60.1"/> 9167 <criterion test_ref="oval:org.opensuse.security:tst:2009059218" comment="kernel-xen less than 2.6.16.60-0.60.1"/> 9168 </criteria> 9169 </criteria> 9170 <!-- 44be42f54c5e35e6e551e68351bbd0e1 --> 9171 <criteria operator="AND"> 9172 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9173 <criteria operator="OR"> 9174 <criterion test_ref="oval:org.opensuse.security:tst:2009059220" comment="kernel-bigsmp less than 2.6.16.60-0.60.1"/> 9175 <criterion test_ref="oval:org.opensuse.security:tst:2009059203" comment="kernel-default less than 2.6.16.60-0.60.1"/> 9176 <criterion test_ref="oval:org.opensuse.security:tst:2009059217" comment="kernel-smp less than 2.6.16.60-0.60.1"/> 9177 <criterion test_ref="oval:org.opensuse.security:tst:2009059207" comment="kernel-source less than 2.6.16.60-0.60.1"/> 9178 <criterion test_ref="oval:org.opensuse.security:tst:2009059208" comment="kernel-syms less than 2.6.16.60-0.60.1"/> 9179 <criterion test_ref="oval:org.opensuse.security:tst:2009059218" comment="kernel-xen less than 2.6.16.60-0.60.1"/> 9180 <criterion test_ref="oval:org.opensuse.security:tst:2009059221" comment="kernel-xenpae less than 2.6.16.60-0.60.1"/> 9181 </criteria> 9182 </criteria> 9183 </criteria> 9184 </definition> 9185 <definition id="oval:org.opensuse.security:def:20094021" version="1" class="vulnerability"> 9186 <metadata> 9187 <title>CVE-2009-4021</title> 9188 <affected family="unix"> 9189 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9190 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9191 </affected> 9192 <reference ref_id="CVE-2009-4021" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4021" source="CVE"/> 9193 <description> 9194 The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel before 2.6.32-rc7 might allow attackers to cause a denial of service (invalid pointer dereference and OOPS) via vectors possibly related to a memory-consumption attack. 9195 </description> 9196 </metadata> 9197 <criteria operator="OR"> 9198 <!-- 1f3d0df322cdf35f54c2baec92610fa0 --> 9199 <criteria operator="AND"> 9200 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9201 <criteria operator="OR"> 9202 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 9203 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 9204 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 9205 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 9206 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 9207 </criteria> 9208 </criteria> 9209 <!-- 7a612881db49bcc0dd76d517d881465e --> 9210 <criteria operator="AND"> 9211 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9212 <criteria operator="OR"> 9213 <criterion test_ref="oval:org.opensuse.security:tst:2009056864" comment="kernel-bigsmp less than 2.6.16.60-0.58.1"/> 9214 <criterion test_ref="oval:org.opensuse.security:tst:2009056858" comment="kernel-default less than 2.6.16.60-0.58.1"/> 9215 <criterion test_ref="oval:org.opensuse.security:tst:2009056861" comment="kernel-smp less than 2.6.16.60-0.58.1"/> 9216 <criterion test_ref="oval:org.opensuse.security:tst:2009056859" comment="kernel-source less than 2.6.16.60-0.58.1"/> 9217 <criterion test_ref="oval:org.opensuse.security:tst:2009056860" comment="kernel-syms less than 2.6.16.60-0.58.1"/> 9218 <criterion test_ref="oval:org.opensuse.security:tst:2009056862" comment="kernel-xen less than 2.6.16.60-0.58.1"/> 9219 <criterion test_ref="oval:org.opensuse.security:tst:2009056865" comment="kernel-xenpae less than 2.6.16.60-0.58.1"/> 9220 </criteria> 9221 </criteria> 9222 </criteria> 9223 </definition> 9224 <definition id="oval:org.opensuse.security:def:20094028" version="1" class="vulnerability"> 9225 <metadata> 9226 <title>CVE-2009-4028</title> 9227 <affected family="unix"> 9228 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9229 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9230 </affected> 9231 <reference ref_id="CVE-2009-4028" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4028" source="CVE"/> 9232 <description> 9233 The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library. 9234 </description> 9235 </metadata> 9236 <!-- 71d78dc72e348aa31062cbc12a65c867 --> 9237 <criteria operator="AND"> 9238 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9239 <criteria operator="OR"> 9240 <criterion test_ref="oval:org.opensuse.security:tst:2009058919" comment="mysql-client less than 5.0.26-12.28.1"/> 9241 <criterion test_ref="oval:org.opensuse.security:tst:2009058920" comment="mysql-devel less than 5.0.26-12.28.1"/> 9242 <criterion test_ref="oval:org.opensuse.security:tst:2009058921" comment="mysql-shared-32bit less than 5.0.26-12.28.1"/> 9243 <criterion test_ref="oval:org.opensuse.security:tst:2009058922" comment="mysql-shared less than 5.0.26-12.28.1"/> 9244 <criterion test_ref="oval:org.opensuse.security:tst:2009058923" comment="mysql less than 5.0.26-12.28.1"/> 9245 </criteria> 9246 </criteria> 9247 </definition> 9248 <definition id="oval:org.opensuse.security:def:20094030" version="1" class="vulnerability"> 9249 <metadata> 9250 <title>CVE-2009-4030</title> 9251 <affected family="unix"> 9252 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9253 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9254 </affected> 9255 <reference ref_id="CVE-2009-4030" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4030" source="CVE"/> 9256 <description> 9257 MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079. 9258 </description> 9259 </metadata> 9260 <!-- 71d78dc72e348aa31062cbc12a65c867 --> 9261 <criteria operator="AND"> 9262 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9263 <criteria operator="OR"> 9264 <criterion test_ref="oval:org.opensuse.security:tst:2009058919" comment="mysql-client less than 5.0.26-12.28.1"/> 9265 <criterion test_ref="oval:org.opensuse.security:tst:2009058920" comment="mysql-devel less than 5.0.26-12.28.1"/> 9266 <criterion test_ref="oval:org.opensuse.security:tst:2009058921" comment="mysql-shared-32bit less than 5.0.26-12.28.1"/> 9267 <criterion test_ref="oval:org.opensuse.security:tst:2009058922" comment="mysql-shared less than 5.0.26-12.28.1"/> 9268 <criterion test_ref="oval:org.opensuse.security:tst:2009058923" comment="mysql less than 5.0.26-12.28.1"/> 9269 </criteria> 9270 </criteria> 9271 </definition> 9272 <definition id="oval:org.opensuse.security:def:20094034" version="1" class="vulnerability"> 9273 <metadata> 9274 <title>CVE-2009-4034</title> 9275 <affected family="unix"> 9276 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9277 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9278 </affected> 9279 <reference ref_id="CVE-2009-4034" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4034" source="CVE"/> 9280 <description> 9281 PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based PostgreSQL servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended client-hostname restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. 9282 </description> 9283 </metadata> 9284 <!-- 3c417b624dd7c9352d811841c176ffe7 --> 9285 <criteria operator="AND"> 9286 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9287 <criteria operator="OR"> 9288 <criterion test_ref="oval:org.opensuse.security:tst:2009057312" comment="postgresql-devel less than 8.1.19-0.4.2"/> 9289 <criterion test_ref="oval:org.opensuse.security:tst:2009057313" comment="postgresql-libs-32bit less than 8.1.19-0.4.2"/> 9290 <criterion test_ref="oval:org.opensuse.security:tst:2009057314" comment="postgresql-libs less than 8.1.19-0.4.2"/> 9291 </criteria> 9292 </criteria> 9293 </definition> 9294 <definition id="oval:org.opensuse.security:def:20094035" version="1" class="vulnerability"> 9295 <metadata> 9296 <title>CVE-2009-4035</title> 9297 <affected family="unix"> 9298 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9299 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9300 </affected> 9301 <reference ref_id="CVE-2009-4035" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035" source="CVE"/> 9302 <description> 9303 The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow. 9304 </description> 9305 </metadata> 9306 <!-- e853ec612aaf89b8d57a41b0d2317728 --> 9307 <criteria operator="AND"> 9308 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9309 <criteria operator="OR"> 9310 <criterion test_ref="oval:org.opensuse.security:tst:2009057081" comment="poppler-devel less than 0.4.4-19.26.1"/> 9311 <criterion test_ref="oval:org.opensuse.security:tst:2009057082" comment="poppler-glib less than 0.4.4-19.26.1"/> 9312 <criterion test_ref="oval:org.opensuse.security:tst:2009057083" comment="poppler-qt less than 0.4.4-19.26.1"/> 9313 <criterion test_ref="oval:org.opensuse.security:tst:2009057084" comment="poppler less than 0.4.4-19.26.1"/> 9314 </criteria> 9315 </criteria> 9316 </definition> 9317 <definition id="oval:org.opensuse.security:def:20094067" version="1" class="vulnerability"> 9318 <metadata> 9319 <title>CVE-2009-4067</title> 9320 <affected family="unix"> 9321 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 9322 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 9323 </affected> 9324 <reference ref_id="CVE-2009-4067" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4067" source="CVE"/> 9325 <description> 9326 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 9327 </description> 9328 </metadata> 9329 <criteria operator="OR"> 9330 <!-- 6253a90635c740c154fb5e3cc64612f2 --> 9331 <criteria operator="AND"> 9332 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 9333 <criteria operator="OR"> 9334 <criterion test_ref="oval:org.opensuse.security:tst:2009071616" comment="kernel-bigsmp less than 2.6.16.60-0.91.1"/> 9335 <criterion test_ref="oval:org.opensuse.security:tst:2009071613" comment="kernel-default less than 2.6.16.60-0.91.1"/> 9336 <criterion test_ref="oval:org.opensuse.security:tst:2009071617" comment="kernel-smp less than 2.6.16.60-0.91.1"/> 9337 <criterion test_ref="oval:org.opensuse.security:tst:2009071614" comment="kernel-source less than 2.6.16.60-0.91.1"/> 9338 <criterion test_ref="oval:org.opensuse.security:tst:2009071615" comment="kernel-syms less than 2.6.16.60-0.91.1"/> 9339 <criterion test_ref="oval:org.opensuse.security:tst:2009071618" comment="kernel-xen less than 2.6.16.60-0.91.1"/> 9340 <criterion test_ref="oval:org.opensuse.security:tst:2009071619" comment="kernel-xenpae less than 2.6.16.60-0.91.1"/> 9341 </criteria> 9342 </criteria> 9343 <!-- be6b41cc85222e68513448b61b7af786 --> 9344 <criteria operator="AND"> 9345 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 9346 <criteria operator="OR"> 9347 <criterion test_ref="oval:org.opensuse.security:tst:2009071613" comment="kernel-default less than 2.6.16.60-0.91.1"/> 9348 <criterion test_ref="oval:org.opensuse.security:tst:2009071617" comment="kernel-smp less than 2.6.16.60-0.91.1"/> 9349 <criterion test_ref="oval:org.opensuse.security:tst:2009071614" comment="kernel-source less than 2.6.16.60-0.91.1"/> 9350 <criterion test_ref="oval:org.opensuse.security:tst:2009071615" comment="kernel-syms less than 2.6.16.60-0.91.1"/> 9351 <criterion test_ref="oval:org.opensuse.security:tst:2009071618" comment="kernel-xen less than 2.6.16.60-0.91.1"/> 9352 </criteria> 9353 </criteria> 9354 </criteria> 9355 </definition> 9356 <definition id="oval:org.opensuse.security:def:20094134" version="1" class="vulnerability"> 9357 <metadata> 9358 <title>CVE-2009-4134</title> 9359 <affected family="unix"> 9360 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9361 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9362 </affected> 9363 <reference ref_id="CVE-2009-4134" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4134" source="CVE"/> 9364 <description> 9365 Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service (application crash) via a large ZSIZE value in a black-and-white (aka B/W) RGB image that triggers an invalid pointer dereference. 9366 </description> 9367 </metadata> 9368 <!-- a2098cb2e3d51d63912dc55b837af4c0 --> 9369 <criteria operator="AND"> 9370 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9371 <criteria operator="OR"> 9372 <criterion test_ref="oval:org.opensuse.security:tst:2009065575" comment="python-32bit less than 2.4.2-18.32.5"/> 9373 <criterion test_ref="oval:org.opensuse.security:tst:2009065576" comment="python-curses less than 2.4.2-18.32.5"/> 9374 <criterion test_ref="oval:org.opensuse.security:tst:2009065577" comment="python-devel less than 2.4.2-18.32.5"/> 9375 <criterion test_ref="oval:org.opensuse.security:tst:2009065578" comment="python-gdbm less than 2.4.2-18.32.5"/> 9376 <criterion test_ref="oval:org.opensuse.security:tst:2009065579" comment="python-tk less than 2.4.2-18.32.5"/> 9377 <criterion test_ref="oval:org.opensuse.security:tst:2009065580" comment="python-xml less than 2.4.2-18.32.5"/> 9378 <criterion test_ref="oval:org.opensuse.security:tst:2009065581" comment="python less than 2.4.2-18.32.5"/> 9379 </criteria> 9380 </criteria> 9381 </definition> 9382 <definition id="oval:org.opensuse.security:def:20094136" version="1" class="vulnerability"> 9383 <metadata> 9384 <title>CVE-2009-4136</title> 9385 <affected family="unix"> 9386 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9387 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9388 </affected> 9389 <reference ref_id="CVE-2009-4136" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4136" source="CVE"/> 9390 <description> 9391 PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly manage session-local state during execution of an index function by a database superuser, which allows remote authenticated users to gain privileges via a table with crafted index functions, as demonstrated by functions that modify (1) search_path or (2) a prepared statement, a related issue to CVE-2007-6600 and CVE-2009-3230. 9392 </description> 9393 </metadata> 9394 <!-- 3c417b624dd7c9352d811841c176ffe7 --> 9395 <criteria operator="AND"> 9396 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9397 <criteria operator="OR"> 9398 <criterion test_ref="oval:org.opensuse.security:tst:2009057312" comment="postgresql-devel less than 8.1.19-0.4.2"/> 9399 <criterion test_ref="oval:org.opensuse.security:tst:2009057313" comment="postgresql-libs-32bit less than 8.1.19-0.4.2"/> 9400 <criterion test_ref="oval:org.opensuse.security:tst:2009057314" comment="postgresql-libs less than 8.1.19-0.4.2"/> 9401 </criteria> 9402 </criteria> 9403 </definition> 9404 <definition id="oval:org.opensuse.security:def:20094212" version="1" class="vulnerability"> 9405 <metadata> 9406 <title>CVE-2009-4212</title> 9407 <affected family="unix"> 9408 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9409 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9410 </affected> 9411 <reference ref_id="CVE-2009-4212" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4212" source="CVE"/> 9412 <description> 9413 Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid. 9414 </description> 9415 </metadata> 9416 <!-- 1bedaaa888e968a71e801332958567ed --> 9417 <criteria operator="AND"> 9418 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9419 <criteria operator="OR"> 9420 <criterion test_ref="oval:org.opensuse.security:tst:2009057391" comment="krb5-32bit less than 1.4.3-19.44.1"/> 9421 <criterion test_ref="oval:org.opensuse.security:tst:2009057392" comment="krb5-client less than 1.4.3-19.44.1"/> 9422 <criterion test_ref="oval:org.opensuse.security:tst:2009057393" comment="krb5-devel-32bit less than 1.4.3-19.44.1"/> 9423 <criterion test_ref="oval:org.opensuse.security:tst:2009057394" comment="krb5-devel less than 1.4.3-19.44.1"/> 9424 <criterion test_ref="oval:org.opensuse.security:tst:2009057395" comment="krb5 less than 1.4.3-19.44.1"/> 9425 </criteria> 9426 </criteria> 9427 </definition> 9428 <definition id="oval:org.opensuse.security:def:20094243" version="1" class="vulnerability"> 9429 <metadata> 9430 <title>CVE-2009-4243</title> 9431 <affected family="unix"> 9432 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9433 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9434 </affected> 9435 <reference ref_id="CVE-2009-4243" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4243" source="CVE"/> 9436 <description> 9437 RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an "overflow." 9438 </description> 9439 </metadata> 9440 <!-- 522925dbc731d22be640a74295f7c711 --> 9441 <criteria operator="AND"> 9442 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9443 <criteria operator="OR"> 9444 <criterion test_ref="oval:org.opensuse.security:tst:2009062183" comment="gst-fluendo-mp3 less than 2-108.4.1"/> 9445 <criterion test_ref="oval:org.opensuse.security:tst:2009062184" comment="helix-banshee-devel less than 0.13.2-1.16.1"/> 9446 <criterion test_ref="oval:org.opensuse.security:tst:2009062185" comment="helix-banshee-engine-gst less than 0.13.2-1.16.1"/> 9447 <criterion test_ref="oval:org.opensuse.security:tst:2009062186" comment="helix-banshee-plugins-default less than 0.13.2-1.16.1"/> 9448 <criterion test_ref="oval:org.opensuse.security:tst:2009062187" comment="helix-banshee-plugins-extra less than 0.13.2-1.16.1"/> 9449 <criterion test_ref="oval:org.opensuse.security:tst:2009062188" comment="helix-banshee less than 0.13.2-1.16.1"/> 9450 </criteria> 9451 </criteria> 9452 </definition> 9453 <definition id="oval:org.opensuse.security:def:20094248" version="1" class="vulnerability"> 9454 <metadata> 9455 <title>CVE-2009-4248</title> 9456 <affected family="unix"> 9457 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9458 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9459 </affected> 9460 <reference ref_id="CVE-2009-4248" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4248" source="CVE"/> 9461 <description> 9462 Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request. 9463 </description> 9464 </metadata> 9465 <!-- 522925dbc731d22be640a74295f7c711 --> 9466 <criteria operator="AND"> 9467 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9468 <criteria operator="OR"> 9469 <criterion test_ref="oval:org.opensuse.security:tst:2009062183" comment="gst-fluendo-mp3 less than 2-108.4.1"/> 9470 <criterion test_ref="oval:org.opensuse.security:tst:2009062184" comment="helix-banshee-devel less than 0.13.2-1.16.1"/> 9471 <criterion test_ref="oval:org.opensuse.security:tst:2009062185" comment="helix-banshee-engine-gst less than 0.13.2-1.16.1"/> 9472 <criterion test_ref="oval:org.opensuse.security:tst:2009062186" comment="helix-banshee-plugins-default less than 0.13.2-1.16.1"/> 9473 <criterion test_ref="oval:org.opensuse.security:tst:2009062187" comment="helix-banshee-plugins-extra less than 0.13.2-1.16.1"/> 9474 <criterion test_ref="oval:org.opensuse.security:tst:2009062188" comment="helix-banshee less than 0.13.2-1.16.1"/> 9475 </criteria> 9476 </criteria> 9477 </definition> 9478 <definition id="oval:org.opensuse.security:def:20094274" version="1" class="vulnerability"> 9479 <metadata> 9480 <title>CVE-2009-4274</title> 9481 <affected family="unix"> 9482 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9483 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9484 </affected> 9485 <reference ref_id="CVE-2009-4274" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4274" source="CVE"/> 9486 <description> 9487 Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value. 9488 </description> 9489 </metadata> 9490 <!-- c55990c28f5d933b319140fb62a2fc33 --> 9491 <criteria operator="AND"> 9492 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9493 <criteria operator="OR"> 9494 <criterion test_ref="oval:org.opensuse.security:tst:2009058595" comment="libnetpbm-32bit less than 1.0.0-657.10.1"/> 9495 <criterion test_ref="oval:org.opensuse.security:tst:2009058596" comment="libnetpbm less than 1.0.0-657.10.1"/> 9496 <criterion test_ref="oval:org.opensuse.security:tst:2009058597" comment="netpbm less than 10.26.22-14.10.1"/> 9497 </criteria> 9498 </criteria> 9499 </definition> 9500 <definition id="oval:org.opensuse.security:def:20094324" version="1" class="vulnerability"> 9501 <metadata> 9502 <title>CVE-2009-4324</title> 9503 <affected family="unix"> 9504 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9505 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9506 </affected> 9507 <reference ref_id="CVE-2009-4324" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324" source="CVE"/> 9508 <description> 9509 Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009. 9510 </description> 9511 </metadata> 9512 <criteria operator="OR"> 9513 <!-- 73bd1b6a089975c2c242ccdaf305c42a --> 9514 <criteria operator="AND"> 9515 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9516 <criterion test_ref="oval:org.opensuse.security:tst:2009057624" comment="acroread_ja less than 9.3-0.5.1"/> 9517 </criteria> 9518 <!-- e120e08caae007ef5da62938c4998230 --> 9519 <criteria operator="AND"> 9520 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9521 <criterion test_ref="oval:org.opensuse.security:tst:2009057625" comment="acroread less than 9.3-0.6.1"/> 9522 </criteria> 9523 </criteria> 9524 </definition> 9525 <definition id="oval:org.opensuse.security:def:20094355" version="1" class="vulnerability"> 9526 <metadata> 9527 <title>CVE-2009-4355</title> 9528 <affected family="unix"> 9529 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9530 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9531 </affected> 9532 <reference ref_id="CVE-2009-4355" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355" source="CVE"/> 9533 <description> 9534 Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. 9535 </description> 9536 </metadata> 9537 <!-- 373d1722f8baa6f0246e1f1564e17b32 --> 9538 <criteria operator="AND"> 9539 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9540 <criteria operator="OR"> 9541 <criterion test_ref="oval:org.opensuse.security:tst:2009057482" comment="openssl-32bit less than 0.9.8a-18.40.1"/> 9542 <criterion test_ref="oval:org.opensuse.security:tst:2009057483" comment="openssl-devel-32bit less than 0.9.8a-18.40.1"/> 9543 <criterion test_ref="oval:org.opensuse.security:tst:2009057484" comment="openssl-devel less than 0.9.8a-18.40.1"/> 9544 <criterion test_ref="oval:org.opensuse.security:tst:2009057485" comment="openssl less than 0.9.8a-18.40.1"/> 9545 </criteria> 9546 </criteria> 9547 </definition> 9548 <definition id="oval:org.opensuse.security:def:20094376" version="1" class="vulnerability"> 9549 <metadata> 9550 <title>CVE-2009-4376</title> 9551 <affected family="unix"> 9552 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9553 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9554 </affected> 9555 <reference ref_id="CVE-2009-4376" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4376" source="CVE"/> 9556 <description> 9557 Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet. 9558 </description> 9559 </metadata> 9560 <!-- a7013413afe9902cca86ec3f1281b76e --> 9561 <criteria operator="AND"> 9562 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9563 <criterion test_ref="oval:org.opensuse.security:tst:2009058913" comment="ethereal less than 0.10.14-16.41.1"/> 9564 </criteria> 9565 </definition> 9566 <definition id="oval:org.opensuse.security:def:20094377" version="1" class="vulnerability"> 9567 <metadata> 9568 <title>CVE-2009-4377</title> 9569 <affected family="unix"> 9570 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9571 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9572 </affected> 9573 <reference ref_id="CVE-2009-4377" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4377" source="CVE"/> 9574 <description> 9575 The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap. 9576 </description> 9577 </metadata> 9578 <!-- a7013413afe9902cca86ec3f1281b76e --> 9579 <criteria operator="AND"> 9580 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9581 <criterion test_ref="oval:org.opensuse.security:tst:2009058913" comment="ethereal less than 0.10.14-16.41.1"/> 9582 </criteria> 9583 </definition> 9584 <definition id="oval:org.opensuse.security:def:20094484" version="1" class="vulnerability"> 9585 <metadata> 9586 <title>CVE-2009-4484</title> 9587 <affected family="unix"> 9588 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9589 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9590 </affected> 9591 <reference ref_id="CVE-2009-4484" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4484" source="CVE"/> 9592 <description> 9593 Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a. 9594 </description> 9595 </metadata> 9596 <!-- 71d78dc72e348aa31062cbc12a65c867 --> 9597 <criteria operator="AND"> 9598 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9599 <criteria operator="OR"> 9600 <criterion test_ref="oval:org.opensuse.security:tst:2009058919" comment="mysql-client less than 5.0.26-12.28.1"/> 9601 <criterion test_ref="oval:org.opensuse.security:tst:2009058920" comment="mysql-devel less than 5.0.26-12.28.1"/> 9602 <criterion test_ref="oval:org.opensuse.security:tst:2009058921" comment="mysql-shared-32bit less than 5.0.26-12.28.1"/> 9603 <criterion test_ref="oval:org.opensuse.security:tst:2009058922" comment="mysql-shared less than 5.0.26-12.28.1"/> 9604 <criterion test_ref="oval:org.opensuse.security:tst:2009058923" comment="mysql less than 5.0.26-12.28.1"/> 9605 </criteria> 9606 </criteria> 9607 </definition> 9608 <definition id="oval:org.opensuse.security:def:20094536" version="1" class="vulnerability"> 9609 <metadata> 9610 <title>CVE-2009-4536</title> 9611 <affected family="unix"> 9612 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9613 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9614 </affected> 9615 <reference ref_id="CVE-2009-4536" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4536" source="CVE"/> 9616 <description> 9617 drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1385. 9618 </description> 9619 </metadata> 9620 <criteria operator="OR"> 9621 <!-- 28c8f48c0fee5a87c37ae066bdfccd05 --> 9622 <criteria operator="AND"> 9623 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9624 <criteria operator="OR"> 9625 <criterion test_ref="oval:org.opensuse.security:tst:2009057413" comment="kernel-bigsmp less than 2.6.16.60-0.59.1"/> 9626 <criterion test_ref="oval:org.opensuse.security:tst:2009057414" comment="kernel-default less than 2.6.16.60-0.59.1"/> 9627 <criterion test_ref="oval:org.opensuse.security:tst:2009057415" comment="kernel-smp less than 2.6.16.60-0.59.1"/> 9628 <criterion test_ref="oval:org.opensuse.security:tst:2009057416" comment="kernel-source less than 2.6.16.60-0.59.1"/> 9629 <criterion test_ref="oval:org.opensuse.security:tst:2009057417" comment="kernel-syms less than 2.6.16.60-0.59.1"/> 9630 <criterion test_ref="oval:org.opensuse.security:tst:2009057418" comment="kernel-xen less than 2.6.16.60-0.59.1"/> 9631 <criterion test_ref="oval:org.opensuse.security:tst:2009057419" comment="kernel-xenpae less than 2.6.16.60-0.59.1"/> 9632 </criteria> 9633 </criteria> 9634 <!-- 7ab8659e9762f6aa1d31509f781cf439 --> 9635 <criteria operator="AND"> 9636 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9637 <criteria operator="OR"> 9638 <criterion test_ref="oval:org.opensuse.security:tst:2009057414" comment="kernel-default less than 2.6.16.60-0.59.1"/> 9639 <criterion test_ref="oval:org.opensuse.security:tst:2009057415" comment="kernel-smp less than 2.6.16.60-0.59.1"/> 9640 <criterion test_ref="oval:org.opensuse.security:tst:2009057416" comment="kernel-source less than 2.6.16.60-0.59.1"/> 9641 <criterion test_ref="oval:org.opensuse.security:tst:2009057417" comment="kernel-syms less than 2.6.16.60-0.59.1"/> 9642 <criterion test_ref="oval:org.opensuse.security:tst:2009057418" comment="kernel-xen less than 2.6.16.60-0.59.1"/> 9643 </criteria> 9644 </criteria> 9645 </criteria> 9646 </definition> 9647 <definition id="oval:org.opensuse.security:def:20094537" version="1" class="vulnerability"> 9648 <metadata> 9649 <title>CVE-2009-4537</title> 9650 <affected family="unix"> 9651 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9652 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9653 </affected> 9654 <reference ref_id="CVE-2009-4537" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4537" source="CVE"/> 9655 <description> 9656 drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '\0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389. 9657 </description> 9658 </metadata> 9659 <criteria operator="OR"> 9660 <!-- 132a57d5a85c59b02655912de8a478f9 --> 9661 <criteria operator="AND"> 9662 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9663 <criteria operator="OR"> 9664 <criterion test_ref="oval:org.opensuse.security:tst:2009059929" comment="kernel-default less than 2.6.16.60-0.62.1"/> 9665 <criterion test_ref="oval:org.opensuse.security:tst:2009059930" comment="kernel-smp less than 2.6.16.60-0.62.1"/> 9666 <criterion test_ref="oval:org.opensuse.security:tst:2009059931" comment="kernel-source less than 2.6.16.60-0.62.1"/> 9667 <criterion test_ref="oval:org.opensuse.security:tst:2009059932" comment="kernel-syms less than 2.6.16.60-0.62.1"/> 9668 <criterion test_ref="oval:org.opensuse.security:tst:2009059933" comment="kernel-xen less than 2.6.16.60-0.62.1"/> 9669 </criteria> 9670 </criteria> 9671 <!-- b1a5693e9b87368b2dc89b804303d9b2 --> 9672 <criteria operator="AND"> 9673 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9674 <criteria operator="OR"> 9675 <criterion test_ref="oval:org.opensuse.security:tst:2009060834" comment="kernel-default less than 2.6.16.60-0.66.1"/> 9676 <criterion test_ref="oval:org.opensuse.security:tst:2009060841" comment="kernel-smp less than 2.6.16.60-0.66.1"/> 9677 <criterion test_ref="oval:org.opensuse.security:tst:2009060838" comment="kernel-source less than 2.6.16.60-0.66.1"/> 9678 <criterion test_ref="oval:org.opensuse.security:tst:2009060839" comment="kernel-syms less than 2.6.16.60-0.66.1"/> 9679 <criterion test_ref="oval:org.opensuse.security:tst:2009060842" comment="kernel-xen less than 2.6.16.60-0.66.1"/> 9680 </criteria> 9681 </criteria> 9682 <!-- cf13ba7162e8d3407e2e9d889c8521f7 --> 9683 <criteria operator="AND"> 9684 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9685 <criteria operator="OR"> 9686 <criterion test_ref="oval:org.opensuse.security:tst:2009060843" comment="kernel-bigsmp less than 2.6.16.60-0.66.1"/> 9687 <criterion test_ref="oval:org.opensuse.security:tst:2009060834" comment="kernel-default less than 2.6.16.60-0.66.1"/> 9688 <criterion test_ref="oval:org.opensuse.security:tst:2009060841" comment="kernel-smp less than 2.6.16.60-0.66.1"/> 9689 <criterion test_ref="oval:org.opensuse.security:tst:2009060838" comment="kernel-source less than 2.6.16.60-0.66.1"/> 9690 <criterion test_ref="oval:org.opensuse.security:tst:2009060839" comment="kernel-syms less than 2.6.16.60-0.66.1"/> 9691 <criterion test_ref="oval:org.opensuse.security:tst:2009060842" comment="kernel-xen less than 2.6.16.60-0.66.1"/> 9692 <criterion test_ref="oval:org.opensuse.security:tst:2009060844" comment="kernel-xenpae less than 2.6.16.60-0.66.1"/> 9693 </criteria> 9694 </criteria> 9695 </criteria> 9696 </definition> 9697 <definition id="oval:org.opensuse.security:def:20094538" version="1" class="vulnerability"> 9698 <metadata> 9699 <title>CVE-2009-4538</title> 9700 <affected family="unix"> 9701 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9702 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9703 </affected> 9704 <reference ref_id="CVE-2009-4538" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4538" source="CVE"/> 9705 <description> 9706 drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537. 9707 </description> 9708 </metadata> 9709 <criteria operator="OR"> 9710 <!-- 28c8f48c0fee5a87c37ae066bdfccd05 --> 9711 <criteria operator="AND"> 9712 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9713 <criteria operator="OR"> 9714 <criterion test_ref="oval:org.opensuse.security:tst:2009057413" comment="kernel-bigsmp less than 2.6.16.60-0.59.1"/> 9715 <criterion test_ref="oval:org.opensuse.security:tst:2009057414" comment="kernel-default less than 2.6.16.60-0.59.1"/> 9716 <criterion test_ref="oval:org.opensuse.security:tst:2009057415" comment="kernel-smp less than 2.6.16.60-0.59.1"/> 9717 <criterion test_ref="oval:org.opensuse.security:tst:2009057416" comment="kernel-source less than 2.6.16.60-0.59.1"/> 9718 <criterion test_ref="oval:org.opensuse.security:tst:2009057417" comment="kernel-syms less than 2.6.16.60-0.59.1"/> 9719 <criterion test_ref="oval:org.opensuse.security:tst:2009057418" comment="kernel-xen less than 2.6.16.60-0.59.1"/> 9720 <criterion test_ref="oval:org.opensuse.security:tst:2009057419" comment="kernel-xenpae less than 2.6.16.60-0.59.1"/> 9721 </criteria> 9722 </criteria> 9723 <!-- 7ab8659e9762f6aa1d31509f781cf439 --> 9724 <criteria operator="AND"> 9725 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9726 <criteria operator="OR"> 9727 <criterion test_ref="oval:org.opensuse.security:tst:2009057414" comment="kernel-default less than 2.6.16.60-0.59.1"/> 9728 <criterion test_ref="oval:org.opensuse.security:tst:2009057415" comment="kernel-smp less than 2.6.16.60-0.59.1"/> 9729 <criterion test_ref="oval:org.opensuse.security:tst:2009057416" comment="kernel-source less than 2.6.16.60-0.59.1"/> 9730 <criterion test_ref="oval:org.opensuse.security:tst:2009057417" comment="kernel-syms less than 2.6.16.60-0.59.1"/> 9731 <criterion test_ref="oval:org.opensuse.security:tst:2009057418" comment="kernel-xen less than 2.6.16.60-0.59.1"/> 9732 </criteria> 9733 </criteria> 9734 </criteria> 9735 </definition> 9736 <definition id="oval:org.opensuse.security:def:20094565" version="1" class="vulnerability"> 9737 <metadata> 9738 <title>CVE-2009-4565</title> 9739 <affected family="unix"> 9740 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9741 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9742 </affected> 9743 <reference ref_id="CVE-2009-4565" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565" source="CVE"/> 9744 <description> 9745 sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. 9746 </description> 9747 </metadata> 9748 <!-- 637f7c015ec852910c5ed66bc8101858 --> 9749 <criteria operator="AND"> 9750 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9751 <criterion test_ref="oval:org.opensuse.security:tst:2009058483" comment="sendmail less than 8.13.6-9.18.1"/> 9752 </criteria> 9753 </definition> 9754 <definition id="oval:org.opensuse.security:def:20094835" version="1" class="vulnerability"> 9755 <metadata> 9756 <title>CVE-2009-4835</title> 9757 <affected family="unix"> 9758 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 9759 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 9760 </affected> 9761 <reference ref_id="CVE-2009-4835" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4835" source="CVE"/> 9762 <description> 9763 The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, (5) float32_init, and (6) sds_read_header functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted audio file. 9764 </description> 9765 </metadata> 9766 <!-- 353cec4df70fe9d46be9127fe99a5ebf --> 9767 <criteria operator="AND"> 9768 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 9769 <criteria operator="OR"> 9770 <criterion test_ref="oval:org.opensuse.security:tst:2009069638" comment="libsndfile-32bit less than 1.0.12-13.13.1"/> 9771 <criterion test_ref="oval:org.opensuse.security:tst:2009069639" comment="libsndfile-devel less than 1.0.12-13.13.1"/> 9772 <criterion test_ref="oval:org.opensuse.security:tst:2009069640" comment="libsndfile less than 1.0.12-13.13.1"/> 9773 </criteria> 9774 </criteria> 9775 </definition> 9776 <definition id="oval:org.opensuse.security:def:20095029" version="1" class="vulnerability"> 9777 <metadata> 9778 <title>CVE-2009-5029</title> 9779 <affected family="unix"> 9780 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 9781 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 9782 </affected> 9783 <reference ref_id="CVE-2009-5029" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5029" source="CVE"/> 9784 <description> 9785 Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd. 9786 </description> 9787 </metadata> 9788 <!-- aba5a35b05cac6339a45d9264306d85b --> 9789 <criteria operator="AND"> 9790 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 9791 <criteria operator="OR"> 9792 <criterion test_ref="oval:org.opensuse.security:tst:2009072376" comment="glibc-32bit less than 2.4-31.97.1"/> 9793 <criterion test_ref="oval:org.opensuse.security:tst:2009072377" comment="glibc-devel-32bit less than 2.4-31.97.1"/> 9794 <criterion test_ref="oval:org.opensuse.security:tst:2009072378" comment="glibc-devel less than 2.4-31.97.1"/> 9795 <criterion test_ref="oval:org.opensuse.security:tst:2009072379" comment="glibc-html less than 2.4-31.97.1"/> 9796 <criterion test_ref="oval:org.opensuse.security:tst:2009072380" comment="glibc-i18ndata less than 2.4-31.97.1"/> 9797 <criterion test_ref="oval:org.opensuse.security:tst:2009072381" comment="glibc-info less than 2.4-31.97.1"/> 9798 <criterion test_ref="oval:org.opensuse.security:tst:2009072382" comment="glibc-locale-32bit less than 2.4-31.97.1"/> 9799 <criterion test_ref="oval:org.opensuse.security:tst:2009072383" comment="glibc-locale less than 2.4-31.97.1"/> 9800 <criterion test_ref="oval:org.opensuse.security:tst:2009072384" comment="glibc less than 2.4-31.97.1"/> 9801 <criterion test_ref="oval:org.opensuse.security:tst:2009072385" comment="nscd less than 2.4-31.97.1"/> 9802 </criteria> 9803 </criteria> 9804 </definition> 9805 <definition id="oval:org.opensuse.security:def:20095063" version="1" class="vulnerability"> 9806 <metadata> 9807 <title>CVE-2009-5063</title> 9808 <affected family="unix"> 9809 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 9810 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 9811 </affected> 9812 <reference ref_id="CVE-2009-5063" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5063" source="CVE"/> 9813 <description> 9814 Memory leak in the embedded_profile_len function in pngwutil.c in libpng before 1.2.39beta5 allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length. NOTE: this is due to an incomplete fix for CVE-2006-7244. 9815 </description> 9816 </metadata> 9817 <!-- cfe75a17284d23a11571eeefdcbad4a8 --> 9818 <criteria operator="AND"> 9819 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 9820 <criteria operator="OR"> 9821 <criterion test_ref="oval:org.opensuse.security:tst:2009069827" comment="libpng-32bit less than 1.2.8-19.31.9"/> 9822 <criterion test_ref="oval:org.opensuse.security:tst:2009069829" comment="libpng-devel-32bit less than 1.2.8-19.31.9"/> 9823 <criterion test_ref="oval:org.opensuse.security:tst:2009069831" comment="libpng-devel less than 1.2.8-19.31.9"/> 9824 <criterion test_ref="oval:org.opensuse.security:tst:2009069833" comment="libpng less than 1.2.8-19.31.9"/> 9825 </criteria> 9826 </criteria> 9827 </definition> 9828 <definition id="oval:org.opensuse.security:def:20100001" version="1" class="vulnerability"> 9829 <metadata> 9830 <title>CVE-2010-0001</title> 9831 <affected family="unix"> 9832 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9833 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9834 </affected> 9835 <reference ref_id="CVE-2010-0001" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001" source="CVE"/> 9836 <description> 9837 Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error. 9838 </description> 9839 </metadata> 9840 <!-- 5e020c0fdf9bfed4daa27c5a6bdb4f2a --> 9841 <criteria operator="AND"> 9842 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9843 <criterion test_ref="oval:org.opensuse.security:tst:2009057497" comment="gzip less than 1.3.5-159.10.1"/> 9844 </criteria> 9845 </definition> 9846 <definition id="oval:org.opensuse.security:def:20100007" version="1" class="vulnerability"> 9847 <metadata> 9848 <title>CVE-2010-0007</title> 9849 <affected family="unix"> 9850 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9851 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9852 </affected> 9853 <reference ref_id="CVE-2010-0007" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0007" source="CVE"/> 9854 <description> 9855 net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAP_NET_ADMIN capability for setting or modifying rules, which allows local users to bypass intended access restrictions and configure arbitrary network-traffic filtering via a modified ebtables application. 9856 </description> 9857 </metadata> 9858 <criteria operator="OR"> 9859 <!-- 28c8f48c0fee5a87c37ae066bdfccd05 --> 9860 <criteria operator="AND"> 9861 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9862 <criteria operator="OR"> 9863 <criterion test_ref="oval:org.opensuse.security:tst:2009057413" comment="kernel-bigsmp less than 2.6.16.60-0.59.1"/> 9864 <criterion test_ref="oval:org.opensuse.security:tst:2009057414" comment="kernel-default less than 2.6.16.60-0.59.1"/> 9865 <criterion test_ref="oval:org.opensuse.security:tst:2009057415" comment="kernel-smp less than 2.6.16.60-0.59.1"/> 9866 <criterion test_ref="oval:org.opensuse.security:tst:2009057416" comment="kernel-source less than 2.6.16.60-0.59.1"/> 9867 <criterion test_ref="oval:org.opensuse.security:tst:2009057417" comment="kernel-syms less than 2.6.16.60-0.59.1"/> 9868 <criterion test_ref="oval:org.opensuse.security:tst:2009057418" comment="kernel-xen less than 2.6.16.60-0.59.1"/> 9869 <criterion test_ref="oval:org.opensuse.security:tst:2009057419" comment="kernel-xenpae less than 2.6.16.60-0.59.1"/> 9870 </criteria> 9871 </criteria> 9872 <!-- 7ab8659e9762f6aa1d31509f781cf439 --> 9873 <criteria operator="AND"> 9874 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9875 <criteria operator="OR"> 9876 <criterion test_ref="oval:org.opensuse.security:tst:2009057414" comment="kernel-default less than 2.6.16.60-0.59.1"/> 9877 <criterion test_ref="oval:org.opensuse.security:tst:2009057415" comment="kernel-smp less than 2.6.16.60-0.59.1"/> 9878 <criterion test_ref="oval:org.opensuse.security:tst:2009057416" comment="kernel-source less than 2.6.16.60-0.59.1"/> 9879 <criterion test_ref="oval:org.opensuse.security:tst:2009057417" comment="kernel-syms less than 2.6.16.60-0.59.1"/> 9880 <criterion test_ref="oval:org.opensuse.security:tst:2009057418" comment="kernel-xen less than 2.6.16.60-0.59.1"/> 9881 </criteria> 9882 </criteria> 9883 </criteria> 9884 </definition> 9885 <definition id="oval:org.opensuse.security:def:20100008" version="1" class="vulnerability"> 9886 <metadata> 9887 <title>CVE-2010-0008</title> 9888 <affected family="unix"> 9889 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 9890 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 9891 </affected> 9892 <reference ref_id="CVE-2010-0008" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0008" source="CVE"/> 9893 <description> 9894 The sctp_rcv_ootb function in the SCTP implementation in the Linux kernel before 2.6.23 allows remote attackers to cause a denial of service (infinite loop) via (1) an Out Of The Blue (OOTB) chunk or (2) a chunk of zero length. 9895 </description> 9896 </metadata> 9897 <criteria operator="OR"> 9898 <!-- 754d5abd3666eec2fbee9b225156757d --> 9899 <criteria operator="AND"> 9900 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 9901 <criteria operator="OR"> 9902 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 9903 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 9904 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 9905 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 9906 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 9907 </criteria> 9908 </criteria> 9909 <!-- c44206b33270f7a4715bc2a20553ccb8 --> 9910 <criteria operator="AND"> 9911 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 9912 <criteria operator="OR"> 9913 <criterion test_ref="oval:org.opensuse.security:tst:2009070734" comment="kernel-bigsmp less than 2.6.16.60-0.87.1"/> 9914 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 9915 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 9916 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 9917 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 9918 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 9919 <criterion test_ref="oval:org.opensuse.security:tst:2009070735" comment="kernel-xenpae less than 2.6.16.60-0.87.1"/> 9920 </criteria> 9921 </criteria> 9922 </criteria> 9923 </definition> 9924 <definition id="oval:org.opensuse.security:def:20100013" version="1" class="vulnerability"> 9925 <metadata> 9926 <title>CVE-2010-0013</title> 9927 <affected family="unix"> 9928 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9929 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9930 </affected> 9931 <reference ref_id="CVE-2010-0013" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0013" source="CVE"/> 9932 <description> 9933 Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon. 9934 </description> 9935 </metadata> 9936 <!-- 50f32d80d39a4dd5b12549f50b2c99b4 --> 9937 <criteria operator="AND"> 9938 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9939 <criteria operator="OR"> 9940 <criterion test_ref="oval:org.opensuse.security:tst:2009058526" comment="finch less than 2.6.6-0.4.1"/> 9941 <criterion test_ref="oval:org.opensuse.security:tst:2009058527" comment="libpurple less than 2.6.6-0.4.1"/> 9942 <criterion test_ref="oval:org.opensuse.security:tst:2009058528" comment="pidgin less than 2.6.6-0.4.1"/> 9943 </criteria> 9944 </criteria> 9945 </definition> 9946 <definition id="oval:org.opensuse.security:def:20100015" version="1" class="vulnerability"> 9947 <metadata> 9948 <title>CVE-2010-0015</title> 9949 <affected family="unix"> 9950 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9951 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9952 </affected> 9953 <reference ref_id="CVE-2010-0015" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0015" source="CVE"/> 9954 <description> 9955 nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function. 9956 </description> 9957 </metadata> 9958 <!-- a7e1bffd1e2cae6bb5c9bbff3d3f9de2 --> 9959 <criteria operator="AND"> 9960 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9961 <criteria operator="OR"> 9962 <criterion test_ref="oval:org.opensuse.security:tst:2009070508" comment="glibc-32bit less than 2.4-31.77.76.1"/> 9963 <criterion test_ref="oval:org.opensuse.security:tst:2009070509" comment="glibc-devel-32bit less than 2.4-31.77.76.1"/> 9964 <criterion test_ref="oval:org.opensuse.security:tst:2009070510" comment="glibc-devel less than 2.4-31.77.76.1"/> 9965 <criterion test_ref="oval:org.opensuse.security:tst:2009070511" comment="glibc-html less than 2.4-31.77.76.1"/> 9966 <criterion test_ref="oval:org.opensuse.security:tst:2009070512" comment="glibc-i18ndata less than 2.4-31.77.76.1"/> 9967 <criterion test_ref="oval:org.opensuse.security:tst:2009070513" comment="glibc-info less than 2.4-31.77.76.1"/> 9968 <criterion test_ref="oval:org.opensuse.security:tst:2009070514" comment="glibc-locale-32bit less than 2.4-31.77.76.1"/> 9969 <criterion test_ref="oval:org.opensuse.security:tst:2009070515" comment="glibc-locale less than 2.4-31.77.76.1"/> 9970 <criterion test_ref="oval:org.opensuse.security:tst:2009070516" comment="glibc less than 2.4-31.77.76.1"/> 9971 <criterion test_ref="oval:org.opensuse.security:tst:2009070517" comment="nscd less than 2.4-31.77.76.1"/> 9972 </criteria> 9973 </criteria> 9974 </definition> 9975 <definition id="oval:org.opensuse.security:def:20100084" version="1" class="vulnerability"> 9976 <metadata> 9977 <title>CVE-2010-0084</title> 9978 <affected family="unix"> 9979 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 9980 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 9981 </affected> 9982 <reference ref_id="CVE-2010-0084" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0084" source="CVE"/> 9983 <description> 9984 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors. 9985 </description> 9986 </metadata> 9987 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 9988 <criteria operator="AND"> 9989 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 9990 <criteria operator="OR"> 9991 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 9992 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 9993 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 9994 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 9995 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 9996 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 9997 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 9998 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 9999 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 10000 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 10001 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 10002 </criteria> 10003 </criteria> 10004 </definition> 10005 <definition id="oval:org.opensuse.security:def:20100085" version="1" class="vulnerability"> 10006 <metadata> 10007 <title>CVE-2010-0085</title> 10008 <affected family="unix"> 10009 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10010 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10011 </affected> 10012 <reference ref_id="CVE-2010-0085" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0085" source="CVE"/> 10013 <description> 10014 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. 10015 </description> 10016 </metadata> 10017 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 10018 <criteria operator="AND"> 10019 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10020 <criteria operator="OR"> 10021 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 10022 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 10023 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 10024 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 10025 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 10026 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 10027 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 10028 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 10029 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 10030 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 10031 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 10032 </criteria> 10033 </criteria> 10034 </definition> 10035 <definition id="oval:org.opensuse.security:def:20100087" version="1" class="vulnerability"> 10036 <metadata> 10037 <title>CVE-2010-0087</title> 10038 <affected family="unix"> 10039 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10040 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10041 </affected> 10042 <reference ref_id="CVE-2010-0087" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0087" source="CVE"/> 10043 <description> 10044 Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. 10045 </description> 10046 </metadata> 10047 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 10048 <criteria operator="AND"> 10049 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10050 <criteria operator="OR"> 10051 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 10052 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 10053 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 10054 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 10055 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 10056 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 10057 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 10058 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 10059 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 10060 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 10061 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 10062 </criteria> 10063 </criteria> 10064 </definition> 10065 <definition id="oval:org.opensuse.security:def:20100088" version="1" class="vulnerability"> 10066 <metadata> 10067 <title>CVE-2010-0088</title> 10068 <affected family="unix"> 10069 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10070 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10071 </affected> 10072 <reference ref_id="CVE-2010-0088" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0088" source="CVE"/> 10073 <description> 10074 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. 10075 </description> 10076 </metadata> 10077 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 10078 <criteria operator="AND"> 10079 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10080 <criteria operator="OR"> 10081 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 10082 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 10083 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 10084 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 10085 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 10086 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 10087 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 10088 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 10089 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 10090 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 10091 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 10092 </criteria> 10093 </criteria> 10094 </definition> 10095 <definition id="oval:org.opensuse.security:def:20100089" version="1" class="vulnerability"> 10096 <metadata> 10097 <title>CVE-2010-0089</title> 10098 <affected family="unix"> 10099 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10100 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10101 </affected> 10102 <reference ref_id="CVE-2010-0089" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0089" source="CVE"/> 10103 <description> 10104 Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect availability via unknown vectors. 10105 </description> 10106 </metadata> 10107 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 10108 <criteria operator="AND"> 10109 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10110 <criteria operator="OR"> 10111 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 10112 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 10113 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 10114 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 10115 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 10116 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 10117 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 10118 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 10119 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 10120 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 10121 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 10122 </criteria> 10123 </criteria> 10124 </definition> 10125 <definition id="oval:org.opensuse.security:def:20100091" version="1" class="vulnerability"> 10126 <metadata> 10127 <title>CVE-2010-0091</title> 10128 <affected family="unix"> 10129 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10130 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10131 </affected> 10132 <reference ref_id="CVE-2010-0091" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0091" source="CVE"/> 10133 <description> 10134 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors. 10135 </description> 10136 </metadata> 10137 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 10138 <criteria operator="AND"> 10139 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10140 <criteria operator="OR"> 10141 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 10142 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 10143 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 10144 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 10145 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 10146 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 10147 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 10148 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 10149 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 10150 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 10151 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 10152 </criteria> 10153 </criteria> 10154 </definition> 10155 <definition id="oval:org.opensuse.security:def:20100092" version="1" class="vulnerability"> 10156 <metadata> 10157 <title>CVE-2010-0092</title> 10158 <affected family="unix"> 10159 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10160 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10161 </affected> 10162 <reference ref_id="CVE-2010-0092" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0092" source="CVE"/> 10163 <description> 10164 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. 10165 </description> 10166 </metadata> 10167 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 10168 <criteria operator="AND"> 10169 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10170 <criteria operator="OR"> 10171 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 10172 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 10173 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 10174 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 10175 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 10176 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 10177 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 10178 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 10179 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 10180 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 10181 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 10182 </criteria> 10183 </criteria> 10184 </definition> 10185 <definition id="oval:org.opensuse.security:def:20100094" version="1" class="vulnerability"> 10186 <metadata> 10187 <title>CVE-2010-0094</title> 10188 <affected family="unix"> 10189 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10190 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10191 </affected> 10192 <reference ref_id="CVE-2010-0094" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0094" source="CVE"/> 10193 <description> 10194 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is due to missing privilege checks during deserialization of RMIConnectionImpl objects, which allows remote attackers to call system-level Java functions via the ClassLoader of a constructor that is being deserialized. 10195 </description> 10196 </metadata> 10197 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 10198 <criteria operator="AND"> 10199 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10200 <criteria operator="OR"> 10201 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 10202 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 10203 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 10204 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 10205 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 10206 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 10207 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 10208 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 10209 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 10210 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 10211 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 10212 </criteria> 10213 </criteria> 10214 </definition> 10215 <definition id="oval:org.opensuse.security:def:20100095" version="1" class="vulnerability"> 10216 <metadata> 10217 <title>CVE-2010-0095</title> 10218 <affected family="unix"> 10219 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10220 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10221 </affected> 10222 <reference ref_id="CVE-2010-0095" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0095" source="CVE"/> 10223 <description> 10224 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. 10225 </description> 10226 </metadata> 10227 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 10228 <criteria operator="AND"> 10229 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10230 <criteria operator="OR"> 10231 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 10232 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 10233 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 10234 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 10235 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 10236 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 10237 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 10238 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 10239 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 10240 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 10241 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 10242 </criteria> 10243 </criteria> 10244 </definition> 10245 <definition id="oval:org.opensuse.security:def:20100098" version="1" class="vulnerability"> 10246 <metadata> 10247 <title>CVE-2010-0098</title> 10248 <affected family="unix"> 10249 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10250 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10251 </affected> 10252 <reference ref_id="CVE-2010-0098" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0098" source="CVE"/> 10253 <description> 10254 ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities. 10255 </description> 10256 </metadata> 10257 <!-- 0fe0a47e2d9e4a6160a308a56172d457 --> 10258 <criteria operator="AND"> 10259 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10260 <criterion test_ref="oval:org.opensuse.security:tst:2009059973" comment="clamav less than 0.96-0.6.1"/> 10261 </criteria> 10262 </definition> 10263 <definition id="oval:org.opensuse.security:def:20100136" version="1" class="vulnerability"> 10264 <metadata> 10265 <title>CVE-2010-0136</title> 10266 <affected family="unix"> 10267 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10268 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10269 </affected> 10270 <reference ref_id="CVE-2010-0136" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0136" source="CVE"/> 10271 <description> 10272 OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document. 10273 </description> 10274 </metadata> 10275 <!-- 17aa6adc1c5e58a79af02c479d95aab1 --> 10276 <criteria operator="AND"> 10277 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10278 <criteria operator="OR"> 10279 <criterion test_ref="oval:org.opensuse.security:tst:2009058672" comment="OpenOffice_org-af less than 3.2-0.6.1"/> 10280 <criterion test_ref="oval:org.opensuse.security:tst:2009058673" comment="OpenOffice_org-ar less than 3.2-0.6.1"/> 10281 <criterion test_ref="oval:org.opensuse.security:tst:2009058674" comment="OpenOffice_org-ca less than 3.2-0.6.1"/> 10282 <criterion test_ref="oval:org.opensuse.security:tst:2009058675" comment="OpenOffice_org-cs less than 3.2-0.6.1"/> 10283 <criterion test_ref="oval:org.opensuse.security:tst:2009058676" comment="OpenOffice_org-da less than 3.2-0.6.1"/> 10284 <criterion test_ref="oval:org.opensuse.security:tst:2009058677" comment="OpenOffice_org-de less than 3.2-0.6.1"/> 10285 <criterion test_ref="oval:org.opensuse.security:tst:2009058678" comment="OpenOffice_org-es less than 3.2-0.6.1"/> 10286 <criterion test_ref="oval:org.opensuse.security:tst:2009058679" comment="OpenOffice_org-fi less than 3.2-0.6.1"/> 10287 <criterion test_ref="oval:org.opensuse.security:tst:2009058680" comment="OpenOffice_org-fr less than 3.2-0.6.1"/> 10288 <criterion test_ref="oval:org.opensuse.security:tst:2009058681" comment="OpenOffice_org-galleries less than 3.2-0.6.1"/> 10289 <criterion test_ref="oval:org.opensuse.security:tst:2009058682" comment="OpenOffice_org-gnome less than 3.2-0.6.1"/> 10290 <criterion test_ref="oval:org.opensuse.security:tst:2009058683" comment="OpenOffice_org-gu-IN less than 3.2-0.6.1"/> 10291 <criterion test_ref="oval:org.opensuse.security:tst:2009058684" comment="OpenOffice_org-hi-IN less than 3.2-0.6.1"/> 10292 <criterion test_ref="oval:org.opensuse.security:tst:2009058685" comment="OpenOffice_org-hu less than 3.2-0.6.1"/> 10293 <criterion test_ref="oval:org.opensuse.security:tst:2009058686" comment="OpenOffice_org-it less than 3.2-0.6.1"/> 10294 <criterion test_ref="oval:org.opensuse.security:tst:2009058687" comment="OpenOffice_org-ja less than 3.2-0.6.1"/> 10295 <criterion test_ref="oval:org.opensuse.security:tst:2009058688" comment="OpenOffice_org-kde less than 3.2-0.6.1"/> 10296 <criterion test_ref="oval:org.opensuse.security:tst:2009058689" comment="OpenOffice_org-mono less than 3.2-0.6.1"/> 10297 <criterion test_ref="oval:org.opensuse.security:tst:2009058690" comment="OpenOffice_org-nb less than 3.2-0.6.1"/> 10298 <criterion test_ref="oval:org.opensuse.security:tst:2009058691" comment="OpenOffice_org-nl less than 3.2-0.6.1"/> 10299 <criterion test_ref="oval:org.opensuse.security:tst:2009058692" comment="OpenOffice_org-nld less than 3.2-0.6.1"/> 10300 <criterion test_ref="oval:org.opensuse.security:tst:2009058693" comment="OpenOffice_org-nn less than 3.2-0.6.1"/> 10301 <criterion test_ref="oval:org.opensuse.security:tst:2009058694" comment="OpenOffice_org-pl less than 3.2-0.6.1"/> 10302 <criterion test_ref="oval:org.opensuse.security:tst:2009058695" comment="OpenOffice_org-pt-BR less than 3.2-0.6.1"/> 10303 <criterion test_ref="oval:org.opensuse.security:tst:2009058696" comment="OpenOffice_org-ru less than 3.2-0.6.1"/> 10304 <criterion test_ref="oval:org.opensuse.security:tst:2009058697" comment="OpenOffice_org-sk less than 3.2-0.6.1"/> 10305 <criterion test_ref="oval:org.opensuse.security:tst:2009058698" comment="OpenOffice_org-sv less than 3.2-0.6.1"/> 10306 <criterion test_ref="oval:org.opensuse.security:tst:2009058699" comment="OpenOffice_org-xh less than 3.2-0.6.1"/> 10307 <criterion test_ref="oval:org.opensuse.security:tst:2009058700" comment="OpenOffice_org-zh-CN less than 3.2-0.6.1"/> 10308 <criterion test_ref="oval:org.opensuse.security:tst:2009058701" comment="OpenOffice_org-zh-TW less than 3.2-0.6.1"/> 10309 <criterion test_ref="oval:org.opensuse.security:tst:2009058702" comment="OpenOffice_org-zu less than 3.2-0.6.1"/> 10310 <criterion test_ref="oval:org.opensuse.security:tst:2009058703" comment="OpenOffice_org less than 3.2-0.6.1"/> 10311 </criteria> 10312 </criteria> 10313 </definition> 10314 <definition id="oval:org.opensuse.security:def:20100159" version="1" class="vulnerability"> 10315 <metadata> 10316 <title>CVE-2010-0159</title> 10317 <affected family="unix"> 10318 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10319 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10320 </affected> 10321 <reference ref_id="CVE-2010-0159" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0159" source="CVE"/> 10322 <description> 10323 The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors. 10324 </description> 10325 </metadata> 10326 <criteria operator="OR"> 10327 <!-- 630708f048967bcbe3d7e12e91204fcf --> 10328 <criteria operator="AND"> 10329 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10330 <criteria operator="OR"> 10331 <criterion test_ref="oval:org.opensuse.security:tst:2009058405" comment="mozilla-xulrunner190-32bit less than 1.9.0.18-0.4.1"/> 10332 <criterion test_ref="oval:org.opensuse.security:tst:2009058406" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.18-0.4.1"/> 10333 <criterion test_ref="oval:org.opensuse.security:tst:2009058407" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.18-0.4.1"/> 10334 <criterion test_ref="oval:org.opensuse.security:tst:2009058408" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.18-0.4.1"/> 10335 <criterion test_ref="oval:org.opensuse.security:tst:2009058409" comment="mozilla-xulrunner190-translations less than 1.9.0.18-0.4.1"/> 10336 <criterion test_ref="oval:org.opensuse.security:tst:2009058410" comment="mozilla-xulrunner190 less than 1.9.0.18-0.4.1"/> 10337 </criteria> 10338 </criteria> 10339 <!-- d41075930b3e4dc43019336480f6a248 --> 10340 <criteria operator="AND"> 10341 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10342 <criteria operator="OR"> 10343 <criterion test_ref="oval:org.opensuse.security:tst:2009058451" comment="MozillaFirefox-translations less than 3.5.8-0.4.1"/> 10344 <criterion test_ref="oval:org.opensuse.security:tst:2009058452" comment="MozillaFirefox less than 3.5.8-0.4.1"/> 10345 <criterion test_ref="oval:org.opensuse.security:tst:2009058442" comment="mozilla-xulrunner191-32bit less than 1.9.1.8-1.4.1"/> 10346 <criterion test_ref="oval:org.opensuse.security:tst:2009058443" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.8-1.4.1"/> 10347 <criterion test_ref="oval:org.opensuse.security:tst:2009058444" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.8-1.4.1"/> 10348 <criterion test_ref="oval:org.opensuse.security:tst:2009058445" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.8-1.4.1"/> 10349 <criterion test_ref="oval:org.opensuse.security:tst:2009058446" comment="mozilla-xulrunner191-translations less than 1.9.1.8-1.4.1"/> 10350 <criterion test_ref="oval:org.opensuse.security:tst:2009058447" comment="mozilla-xulrunner191 less than 1.9.1.8-1.4.1"/> 10351 </criteria> 10352 </criteria> 10353 </criteria> 10354 </definition> 10355 <definition id="oval:org.opensuse.security:def:20100160" version="1" class="vulnerability"> 10356 <metadata> 10357 <title>CVE-2010-0160</title> 10358 <affected family="unix"> 10359 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10360 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10361 </affected> 10362 <reference ref_id="CVE-2010-0160" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0160" source="CVE"/> 10363 <description> 10364 The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. 10365 </description> 10366 </metadata> 10367 <criteria operator="OR"> 10368 <!-- 630708f048967bcbe3d7e12e91204fcf --> 10369 <criteria operator="AND"> 10370 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10371 <criteria operator="OR"> 10372 <criterion test_ref="oval:org.opensuse.security:tst:2009058405" comment="mozilla-xulrunner190-32bit less than 1.9.0.18-0.4.1"/> 10373 <criterion test_ref="oval:org.opensuse.security:tst:2009058406" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.18-0.4.1"/> 10374 <criterion test_ref="oval:org.opensuse.security:tst:2009058407" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.18-0.4.1"/> 10375 <criterion test_ref="oval:org.opensuse.security:tst:2009058408" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.18-0.4.1"/> 10376 <criterion test_ref="oval:org.opensuse.security:tst:2009058409" comment="mozilla-xulrunner190-translations less than 1.9.0.18-0.4.1"/> 10377 <criterion test_ref="oval:org.opensuse.security:tst:2009058410" comment="mozilla-xulrunner190 less than 1.9.0.18-0.4.1"/> 10378 </criteria> 10379 </criteria> 10380 <!-- d41075930b3e4dc43019336480f6a248 --> 10381 <criteria operator="AND"> 10382 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10383 <criteria operator="OR"> 10384 <criterion test_ref="oval:org.opensuse.security:tst:2009058451" comment="MozillaFirefox-translations less than 3.5.8-0.4.1"/> 10385 <criterion test_ref="oval:org.opensuse.security:tst:2009058452" comment="MozillaFirefox less than 3.5.8-0.4.1"/> 10386 <criterion test_ref="oval:org.opensuse.security:tst:2009058442" comment="mozilla-xulrunner191-32bit less than 1.9.1.8-1.4.1"/> 10387 <criterion test_ref="oval:org.opensuse.security:tst:2009058443" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.8-1.4.1"/> 10388 <criterion test_ref="oval:org.opensuse.security:tst:2009058444" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.8-1.4.1"/> 10389 <criterion test_ref="oval:org.opensuse.security:tst:2009058445" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.8-1.4.1"/> 10390 <criterion test_ref="oval:org.opensuse.security:tst:2009058446" comment="mozilla-xulrunner191-translations less than 1.9.1.8-1.4.1"/> 10391 <criterion test_ref="oval:org.opensuse.security:tst:2009058447" comment="mozilla-xulrunner191 less than 1.9.1.8-1.4.1"/> 10392 </criteria> 10393 </criteria> 10394 </criteria> 10395 </definition> 10396 <definition id="oval:org.opensuse.security:def:20100162" version="1" class="vulnerability"> 10397 <metadata> 10398 <title>CVE-2010-0162</title> 10399 <affected family="unix"> 10400 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10401 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10402 </affected> 10403 <reference ref_id="CVE-2010-0162" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0162" source="CVE"/> 10404 <description> 10405 Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly support the application/octet-stream content type as a protection mechanism against execution of web script in certain circumstances involving SVG and the EMBED element, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via an embedded SVG document. 10406 </description> 10407 </metadata> 10408 <criteria operator="OR"> 10409 <!-- 630708f048967bcbe3d7e12e91204fcf --> 10410 <criteria operator="AND"> 10411 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10412 <criteria operator="OR"> 10413 <criterion test_ref="oval:org.opensuse.security:tst:2009058405" comment="mozilla-xulrunner190-32bit less than 1.9.0.18-0.4.1"/> 10414 <criterion test_ref="oval:org.opensuse.security:tst:2009058406" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.18-0.4.1"/> 10415 <criterion test_ref="oval:org.opensuse.security:tst:2009058407" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.18-0.4.1"/> 10416 <criterion test_ref="oval:org.opensuse.security:tst:2009058408" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.18-0.4.1"/> 10417 <criterion test_ref="oval:org.opensuse.security:tst:2009058409" comment="mozilla-xulrunner190-translations less than 1.9.0.18-0.4.1"/> 10418 <criterion test_ref="oval:org.opensuse.security:tst:2009058410" comment="mozilla-xulrunner190 less than 1.9.0.18-0.4.1"/> 10419 </criteria> 10420 </criteria> 10421 <!-- d41075930b3e4dc43019336480f6a248 --> 10422 <criteria operator="AND"> 10423 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10424 <criteria operator="OR"> 10425 <criterion test_ref="oval:org.opensuse.security:tst:2009058451" comment="MozillaFirefox-translations less than 3.5.8-0.4.1"/> 10426 <criterion test_ref="oval:org.opensuse.security:tst:2009058452" comment="MozillaFirefox less than 3.5.8-0.4.1"/> 10427 <criterion test_ref="oval:org.opensuse.security:tst:2009058442" comment="mozilla-xulrunner191-32bit less than 1.9.1.8-1.4.1"/> 10428 <criterion test_ref="oval:org.opensuse.security:tst:2009058443" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.8-1.4.1"/> 10429 <criterion test_ref="oval:org.opensuse.security:tst:2009058444" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.8-1.4.1"/> 10430 <criterion test_ref="oval:org.opensuse.security:tst:2009058445" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.8-1.4.1"/> 10431 <criterion test_ref="oval:org.opensuse.security:tst:2009058446" comment="mozilla-xulrunner191-translations less than 1.9.1.8-1.4.1"/> 10432 <criterion test_ref="oval:org.opensuse.security:tst:2009058447" comment="mozilla-xulrunner191 less than 1.9.1.8-1.4.1"/> 10433 </criteria> 10434 </criteria> 10435 </criteria> 10436 </definition> 10437 <definition id="oval:org.opensuse.security:def:20100173" version="1" class="vulnerability"> 10438 <metadata> 10439 <title>CVE-2010-0173</title> 10440 <affected family="unix"> 10441 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10442 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10443 </affected> 10444 <reference ref_id="CVE-2010-0173" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0173" source="CVE"/> 10445 <description> 10446 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 10447 </description> 10448 </metadata> 10449 <criteria operator="OR"> 10450 <!-- 65e1119797680c75f5f7043e72c6987b --> 10451 <criteria operator="AND"> 10452 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10453 <criteria operator="OR"> 10454 <criterion test_ref="oval:org.opensuse.security:tst:2009059562" comment="mozilla-xulrunner190-32bit less than 1.9.0.19-0.4.1"/> 10455 <criterion test_ref="oval:org.opensuse.security:tst:2009059563" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.19-0.4.1"/> 10456 <criterion test_ref="oval:org.opensuse.security:tst:2009059564" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.19-0.4.1"/> 10457 <criterion test_ref="oval:org.opensuse.security:tst:2009059565" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.19-0.4.1"/> 10458 <criterion test_ref="oval:org.opensuse.security:tst:2009059566" comment="mozilla-xulrunner190-translations less than 1.9.0.19-0.4.1"/> 10459 <criterion test_ref="oval:org.opensuse.security:tst:2009059567" comment="mozilla-xulrunner190 less than 1.9.0.19-0.4.1"/> 10460 </criteria> 10461 </criteria> 10462 <!-- c053554d7ebb124457bc5983a3bd1377 --> 10463 <criteria operator="AND"> 10464 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10465 <criteria operator="OR"> 10466 <criterion test_ref="oval:org.opensuse.security:tst:2009059570" comment="MozillaFirefox-translations less than 3.5.9-0.4.1"/> 10467 <criterion test_ref="oval:org.opensuse.security:tst:2009059571" comment="MozillaFirefox less than 3.5.9-0.4.1"/> 10468 <criterion test_ref="oval:org.opensuse.security:tst:2009059572" comment="mozilla-xulrunner191-32bit less than 1.9.1.9-1.4.1"/> 10469 <criterion test_ref="oval:org.opensuse.security:tst:2009059573" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.9-1.4.1"/> 10470 <criterion test_ref="oval:org.opensuse.security:tst:2009059574" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.9-1.4.1"/> 10471 <criterion test_ref="oval:org.opensuse.security:tst:2009059575" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.9-1.4.1"/> 10472 <criterion test_ref="oval:org.opensuse.security:tst:2009059576" comment="mozilla-xulrunner191-translations less than 1.9.1.9-1.4.1"/> 10473 <criterion test_ref="oval:org.opensuse.security:tst:2009059577" comment="mozilla-xulrunner191 less than 1.9.1.9-1.4.1"/> 10474 </criteria> 10475 </criteria> 10476 </criteria> 10477 </definition> 10478 <definition id="oval:org.opensuse.security:def:20100174" version="1" class="vulnerability"> 10479 <metadata> 10480 <title>CVE-2010-0174</title> 10481 <affected family="unix"> 10482 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10483 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10484 </affected> 10485 <reference ref_id="CVE-2010-0174" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0174" source="CVE"/> 10486 <description> 10487 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 10488 </description> 10489 </metadata> 10490 <criteria operator="OR"> 10491 <!-- 65e1119797680c75f5f7043e72c6987b --> 10492 <criteria operator="AND"> 10493 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10494 <criteria operator="OR"> 10495 <criterion test_ref="oval:org.opensuse.security:tst:2009059562" comment="mozilla-xulrunner190-32bit less than 1.9.0.19-0.4.1"/> 10496 <criterion test_ref="oval:org.opensuse.security:tst:2009059563" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.19-0.4.1"/> 10497 <criterion test_ref="oval:org.opensuse.security:tst:2009059564" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.19-0.4.1"/> 10498 <criterion test_ref="oval:org.opensuse.security:tst:2009059565" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.19-0.4.1"/> 10499 <criterion test_ref="oval:org.opensuse.security:tst:2009059566" comment="mozilla-xulrunner190-translations less than 1.9.0.19-0.4.1"/> 10500 <criterion test_ref="oval:org.opensuse.security:tst:2009059567" comment="mozilla-xulrunner190 less than 1.9.0.19-0.4.1"/> 10501 </criteria> 10502 </criteria> 10503 <!-- c053554d7ebb124457bc5983a3bd1377 --> 10504 <criteria operator="AND"> 10505 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10506 <criteria operator="OR"> 10507 <criterion test_ref="oval:org.opensuse.security:tst:2009059570" comment="MozillaFirefox-translations less than 3.5.9-0.4.1"/> 10508 <criterion test_ref="oval:org.opensuse.security:tst:2009059571" comment="MozillaFirefox less than 3.5.9-0.4.1"/> 10509 <criterion test_ref="oval:org.opensuse.security:tst:2009059572" comment="mozilla-xulrunner191-32bit less than 1.9.1.9-1.4.1"/> 10510 <criterion test_ref="oval:org.opensuse.security:tst:2009059573" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.9-1.4.1"/> 10511 <criterion test_ref="oval:org.opensuse.security:tst:2009059574" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.9-1.4.1"/> 10512 <criterion test_ref="oval:org.opensuse.security:tst:2009059575" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.9-1.4.1"/> 10513 <criterion test_ref="oval:org.opensuse.security:tst:2009059576" comment="mozilla-xulrunner191-translations less than 1.9.1.9-1.4.1"/> 10514 <criterion test_ref="oval:org.opensuse.security:tst:2009059577" comment="mozilla-xulrunner191 less than 1.9.1.9-1.4.1"/> 10515 </criteria> 10516 </criteria> 10517 </criteria> 10518 </definition> 10519 <definition id="oval:org.opensuse.security:def:20100175" version="1" class="vulnerability"> 10520 <metadata> 10521 <title>CVE-2010-0175</title> 10522 <affected family="unix"> 10523 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10524 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10525 </affected> 10526 <reference ref_id="CVE-2010-0175" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0175" source="CVE"/> 10527 <description> 10528 Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger a call to the handler for the select event for XUL tree items. 10529 </description> 10530 </metadata> 10531 <criteria operator="OR"> 10532 <!-- 65e1119797680c75f5f7043e72c6987b --> 10533 <criteria operator="AND"> 10534 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10535 <criteria operator="OR"> 10536 <criterion test_ref="oval:org.opensuse.security:tst:2009059562" comment="mozilla-xulrunner190-32bit less than 1.9.0.19-0.4.1"/> 10537 <criterion test_ref="oval:org.opensuse.security:tst:2009059563" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.19-0.4.1"/> 10538 <criterion test_ref="oval:org.opensuse.security:tst:2009059564" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.19-0.4.1"/> 10539 <criterion test_ref="oval:org.opensuse.security:tst:2009059565" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.19-0.4.1"/> 10540 <criterion test_ref="oval:org.opensuse.security:tst:2009059566" comment="mozilla-xulrunner190-translations less than 1.9.0.19-0.4.1"/> 10541 <criterion test_ref="oval:org.opensuse.security:tst:2009059567" comment="mozilla-xulrunner190 less than 1.9.0.19-0.4.1"/> 10542 </criteria> 10543 </criteria> 10544 <!-- c053554d7ebb124457bc5983a3bd1377 --> 10545 <criteria operator="AND"> 10546 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10547 <criteria operator="OR"> 10548 <criterion test_ref="oval:org.opensuse.security:tst:2009059570" comment="MozillaFirefox-translations less than 3.5.9-0.4.1"/> 10549 <criterion test_ref="oval:org.opensuse.security:tst:2009059571" comment="MozillaFirefox less than 3.5.9-0.4.1"/> 10550 <criterion test_ref="oval:org.opensuse.security:tst:2009059572" comment="mozilla-xulrunner191-32bit less than 1.9.1.9-1.4.1"/> 10551 <criterion test_ref="oval:org.opensuse.security:tst:2009059573" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.9-1.4.1"/> 10552 <criterion test_ref="oval:org.opensuse.security:tst:2009059574" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.9-1.4.1"/> 10553 <criterion test_ref="oval:org.opensuse.security:tst:2009059575" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.9-1.4.1"/> 10554 <criterion test_ref="oval:org.opensuse.security:tst:2009059576" comment="mozilla-xulrunner191-translations less than 1.9.1.9-1.4.1"/> 10555 <criterion test_ref="oval:org.opensuse.security:tst:2009059577" comment="mozilla-xulrunner191 less than 1.9.1.9-1.4.1"/> 10556 </criteria> 10557 </criteria> 10558 </criteria> 10559 </definition> 10560 <definition id="oval:org.opensuse.security:def:20100176" version="1" class="vulnerability"> 10561 <metadata> 10562 <title>CVE-2010-0176</title> 10563 <affected family="unix"> 10564 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10565 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10566 </affected> 10567 <reference ref_id="CVE-2010-0176" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0176" source="CVE"/> 10568 <description> 10569 Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a "dangling pointer vulnerability." 10570 </description> 10571 </metadata> 10572 <criteria operator="OR"> 10573 <!-- 65e1119797680c75f5f7043e72c6987b --> 10574 <criteria operator="AND"> 10575 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10576 <criteria operator="OR"> 10577 <criterion test_ref="oval:org.opensuse.security:tst:2009059562" comment="mozilla-xulrunner190-32bit less than 1.9.0.19-0.4.1"/> 10578 <criterion test_ref="oval:org.opensuse.security:tst:2009059563" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.19-0.4.1"/> 10579 <criterion test_ref="oval:org.opensuse.security:tst:2009059564" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.19-0.4.1"/> 10580 <criterion test_ref="oval:org.opensuse.security:tst:2009059565" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.19-0.4.1"/> 10581 <criterion test_ref="oval:org.opensuse.security:tst:2009059566" comment="mozilla-xulrunner190-translations less than 1.9.0.19-0.4.1"/> 10582 <criterion test_ref="oval:org.opensuse.security:tst:2009059567" comment="mozilla-xulrunner190 less than 1.9.0.19-0.4.1"/> 10583 </criteria> 10584 </criteria> 10585 <!-- c053554d7ebb124457bc5983a3bd1377 --> 10586 <criteria operator="AND"> 10587 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10588 <criteria operator="OR"> 10589 <criterion test_ref="oval:org.opensuse.security:tst:2009059570" comment="MozillaFirefox-translations less than 3.5.9-0.4.1"/> 10590 <criterion test_ref="oval:org.opensuse.security:tst:2009059571" comment="MozillaFirefox less than 3.5.9-0.4.1"/> 10591 <criterion test_ref="oval:org.opensuse.security:tst:2009059572" comment="mozilla-xulrunner191-32bit less than 1.9.1.9-1.4.1"/> 10592 <criterion test_ref="oval:org.opensuse.security:tst:2009059573" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.9-1.4.1"/> 10593 <criterion test_ref="oval:org.opensuse.security:tst:2009059574" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.9-1.4.1"/> 10594 <criterion test_ref="oval:org.opensuse.security:tst:2009059575" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.9-1.4.1"/> 10595 <criterion test_ref="oval:org.opensuse.security:tst:2009059576" comment="mozilla-xulrunner191-translations less than 1.9.1.9-1.4.1"/> 10596 <criterion test_ref="oval:org.opensuse.security:tst:2009059577" comment="mozilla-xulrunner191 less than 1.9.1.9-1.4.1"/> 10597 </criteria> 10598 </criteria> 10599 </criteria> 10600 </definition> 10601 <definition id="oval:org.opensuse.security:def:20100177" version="1" class="vulnerability"> 10602 <metadata> 10603 <title>CVE-2010-0177</title> 10604 <affected family="unix"> 10605 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10606 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10607 </affected> 10608 <reference ref_id="CVE-2010-0177" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0177" source="CVE"/> 10609 <description> 10610 Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a "dangling pointer vulnerability." 10611 </description> 10612 </metadata> 10613 <criteria operator="OR"> 10614 <!-- 65e1119797680c75f5f7043e72c6987b --> 10615 <criteria operator="AND"> 10616 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10617 <criteria operator="OR"> 10618 <criterion test_ref="oval:org.opensuse.security:tst:2009059562" comment="mozilla-xulrunner190-32bit less than 1.9.0.19-0.4.1"/> 10619 <criterion test_ref="oval:org.opensuse.security:tst:2009059563" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.19-0.4.1"/> 10620 <criterion test_ref="oval:org.opensuse.security:tst:2009059564" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.19-0.4.1"/> 10621 <criterion test_ref="oval:org.opensuse.security:tst:2009059565" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.19-0.4.1"/> 10622 <criterion test_ref="oval:org.opensuse.security:tst:2009059566" comment="mozilla-xulrunner190-translations less than 1.9.0.19-0.4.1"/> 10623 <criterion test_ref="oval:org.opensuse.security:tst:2009059567" comment="mozilla-xulrunner190 less than 1.9.0.19-0.4.1"/> 10624 </criteria> 10625 </criteria> 10626 <!-- c053554d7ebb124457bc5983a3bd1377 --> 10627 <criteria operator="AND"> 10628 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10629 <criteria operator="OR"> 10630 <criterion test_ref="oval:org.opensuse.security:tst:2009059570" comment="MozillaFirefox-translations less than 3.5.9-0.4.1"/> 10631 <criterion test_ref="oval:org.opensuse.security:tst:2009059571" comment="MozillaFirefox less than 3.5.9-0.4.1"/> 10632 <criterion test_ref="oval:org.opensuse.security:tst:2009059572" comment="mozilla-xulrunner191-32bit less than 1.9.1.9-1.4.1"/> 10633 <criterion test_ref="oval:org.opensuse.security:tst:2009059573" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.9-1.4.1"/> 10634 <criterion test_ref="oval:org.opensuse.security:tst:2009059574" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.9-1.4.1"/> 10635 <criterion test_ref="oval:org.opensuse.security:tst:2009059575" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.9-1.4.1"/> 10636 <criterion test_ref="oval:org.opensuse.security:tst:2009059576" comment="mozilla-xulrunner191-translations less than 1.9.1.9-1.4.1"/> 10637 <criterion test_ref="oval:org.opensuse.security:tst:2009059577" comment="mozilla-xulrunner191 less than 1.9.1.9-1.4.1"/> 10638 </criteria> 10639 </criteria> 10640 </criteria> 10641 </definition> 10642 <definition id="oval:org.opensuse.security:def:20100178" version="1" class="vulnerability"> 10643 <metadata> 10644 <title>CVE-2010-0178</title> 10645 <affected family="unix"> 10646 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10647 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10648 </affected> 10649 <reference ref_id="CVE-2010-0178" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0178" source="CVE"/> 10650 <description> 10651 Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL. 10652 </description> 10653 </metadata> 10654 <criteria operator="OR"> 10655 <!-- 65e1119797680c75f5f7043e72c6987b --> 10656 <criteria operator="AND"> 10657 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10658 <criteria operator="OR"> 10659 <criterion test_ref="oval:org.opensuse.security:tst:2009059562" comment="mozilla-xulrunner190-32bit less than 1.9.0.19-0.4.1"/> 10660 <criterion test_ref="oval:org.opensuse.security:tst:2009059563" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.19-0.4.1"/> 10661 <criterion test_ref="oval:org.opensuse.security:tst:2009059564" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.19-0.4.1"/> 10662 <criterion test_ref="oval:org.opensuse.security:tst:2009059565" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.19-0.4.1"/> 10663 <criterion test_ref="oval:org.opensuse.security:tst:2009059566" comment="mozilla-xulrunner190-translations less than 1.9.0.19-0.4.1"/> 10664 <criterion test_ref="oval:org.opensuse.security:tst:2009059567" comment="mozilla-xulrunner190 less than 1.9.0.19-0.4.1"/> 10665 </criteria> 10666 </criteria> 10667 <!-- c053554d7ebb124457bc5983a3bd1377 --> 10668 <criteria operator="AND"> 10669 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10670 <criteria operator="OR"> 10671 <criterion test_ref="oval:org.opensuse.security:tst:2009059570" comment="MozillaFirefox-translations less than 3.5.9-0.4.1"/> 10672 <criterion test_ref="oval:org.opensuse.security:tst:2009059571" comment="MozillaFirefox less than 3.5.9-0.4.1"/> 10673 <criterion test_ref="oval:org.opensuse.security:tst:2009059572" comment="mozilla-xulrunner191-32bit less than 1.9.1.9-1.4.1"/> 10674 <criterion test_ref="oval:org.opensuse.security:tst:2009059573" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.9-1.4.1"/> 10675 <criterion test_ref="oval:org.opensuse.security:tst:2009059574" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.9-1.4.1"/> 10676 <criterion test_ref="oval:org.opensuse.security:tst:2009059575" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.9-1.4.1"/> 10677 <criterion test_ref="oval:org.opensuse.security:tst:2009059576" comment="mozilla-xulrunner191-translations less than 1.9.1.9-1.4.1"/> 10678 <criterion test_ref="oval:org.opensuse.security:tst:2009059577" comment="mozilla-xulrunner191 less than 1.9.1.9-1.4.1"/> 10679 </criteria> 10680 </criteria> 10681 </criteria> 10682 </definition> 10683 <definition id="oval:org.opensuse.security:def:20100179" version="1" class="vulnerability"> 10684 <metadata> 10685 <title>CVE-2010-0179</title> 10686 <affected family="unix"> 10687 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10688 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10689 </affected> 10690 <reference ref_id="CVE-2010-0179" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0179" source="CVE"/> 10691 <description> 10692 Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response. 10693 </description> 10694 </metadata> 10695 <criteria operator="OR"> 10696 <!-- 61e0860309635831b6c4f3a30dccd608 --> 10697 <criteria operator="AND"> 10698 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10699 <criteria operator="OR"> 10700 <criterion test_ref="oval:org.opensuse.security:tst:2009065407" comment="MozillaFirefox-translations less than 3.5.16-0.4.1"/> 10701 <criterion test_ref="oval:org.opensuse.security:tst:2009065408" comment="MozillaFirefox less than 3.5.16-0.4.1"/> 10702 <criterion test_ref="oval:org.opensuse.security:tst:2009065409" comment="mozilla-xulrunner191-32bit less than 1.9.1.16-0.4.1"/> 10703 <criterion test_ref="oval:org.opensuse.security:tst:2009065410" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.16-0.4.1"/> 10704 <criterion test_ref="oval:org.opensuse.security:tst:2009065411" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.16-0.4.1"/> 10705 <criterion test_ref="oval:org.opensuse.security:tst:2009065412" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.16-0.4.1"/> 10706 <criterion test_ref="oval:org.opensuse.security:tst:2009065413" comment="mozilla-xulrunner191-translations less than 1.9.1.16-0.4.1"/> 10707 <criterion test_ref="oval:org.opensuse.security:tst:2009065414" comment="mozilla-xulrunner191 less than 1.9.1.16-0.4.1"/> 10708 </criteria> 10709 </criteria> 10710 <!-- 65e1119797680c75f5f7043e72c6987b --> 10711 <criteria operator="AND"> 10712 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10713 <criteria operator="OR"> 10714 <criterion test_ref="oval:org.opensuse.security:tst:2009059562" comment="mozilla-xulrunner190-32bit less than 1.9.0.19-0.4.1"/> 10715 <criterion test_ref="oval:org.opensuse.security:tst:2009059563" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.19-0.4.1"/> 10716 <criterion test_ref="oval:org.opensuse.security:tst:2009059564" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.19-0.4.1"/> 10717 <criterion test_ref="oval:org.opensuse.security:tst:2009059565" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.19-0.4.1"/> 10718 <criterion test_ref="oval:org.opensuse.security:tst:2009059566" comment="mozilla-xulrunner190-translations less than 1.9.0.19-0.4.1"/> 10719 <criterion test_ref="oval:org.opensuse.security:tst:2009059567" comment="mozilla-xulrunner190 less than 1.9.0.19-0.4.1"/> 10720 </criteria> 10721 </criteria> 10722 <!-- c053554d7ebb124457bc5983a3bd1377 --> 10723 <criteria operator="AND"> 10724 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10725 <criteria operator="OR"> 10726 <criterion test_ref="oval:org.opensuse.security:tst:2009059570" comment="MozillaFirefox-translations less than 3.5.9-0.4.1"/> 10727 <criterion test_ref="oval:org.opensuse.security:tst:2009059571" comment="MozillaFirefox less than 3.5.9-0.4.1"/> 10728 <criterion test_ref="oval:org.opensuse.security:tst:2009059572" comment="mozilla-xulrunner191-32bit less than 1.9.1.9-1.4.1"/> 10729 <criterion test_ref="oval:org.opensuse.security:tst:2009059573" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.9-1.4.1"/> 10730 <criterion test_ref="oval:org.opensuse.security:tst:2009059574" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.9-1.4.1"/> 10731 <criterion test_ref="oval:org.opensuse.security:tst:2009059575" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.9-1.4.1"/> 10732 <criterion test_ref="oval:org.opensuse.security:tst:2009059576" comment="mozilla-xulrunner191-translations less than 1.9.1.9-1.4.1"/> 10733 <criterion test_ref="oval:org.opensuse.security:tst:2009059577" comment="mozilla-xulrunner191 less than 1.9.1.9-1.4.1"/> 10734 </criteria> 10735 </criteria> 10736 </criteria> 10737 </definition> 10738 <definition id="oval:org.opensuse.security:def:20100181" version="1" class="vulnerability"> 10739 <metadata> 10740 <title>CVE-2010-0181</title> 10741 <affected family="unix"> 10742 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10743 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10744 </affected> 10745 <reference ref_id="CVE-2010-0181" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0181" source="CVE"/> 10746 <description> 10747 Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many images. 10748 </description> 10749 </metadata> 10750 <criteria operator="OR"> 10751 <!-- 65e1119797680c75f5f7043e72c6987b --> 10752 <criteria operator="AND"> 10753 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10754 <criteria operator="OR"> 10755 <criterion test_ref="oval:org.opensuse.security:tst:2009059562" comment="mozilla-xulrunner190-32bit less than 1.9.0.19-0.4.1"/> 10756 <criterion test_ref="oval:org.opensuse.security:tst:2009059563" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.19-0.4.1"/> 10757 <criterion test_ref="oval:org.opensuse.security:tst:2009059564" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.19-0.4.1"/> 10758 <criterion test_ref="oval:org.opensuse.security:tst:2009059565" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.19-0.4.1"/> 10759 <criterion test_ref="oval:org.opensuse.security:tst:2009059566" comment="mozilla-xulrunner190-translations less than 1.9.0.19-0.4.1"/> 10760 <criterion test_ref="oval:org.opensuse.security:tst:2009059567" comment="mozilla-xulrunner190 less than 1.9.0.19-0.4.1"/> 10761 </criteria> 10762 </criteria> 10763 <!-- c053554d7ebb124457bc5983a3bd1377 --> 10764 <criteria operator="AND"> 10765 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10766 <criteria operator="OR"> 10767 <criterion test_ref="oval:org.opensuse.security:tst:2009059570" comment="MozillaFirefox-translations less than 3.5.9-0.4.1"/> 10768 <criterion test_ref="oval:org.opensuse.security:tst:2009059571" comment="MozillaFirefox less than 3.5.9-0.4.1"/> 10769 <criterion test_ref="oval:org.opensuse.security:tst:2009059572" comment="mozilla-xulrunner191-32bit less than 1.9.1.9-1.4.1"/> 10770 <criterion test_ref="oval:org.opensuse.security:tst:2009059573" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.9-1.4.1"/> 10771 <criterion test_ref="oval:org.opensuse.security:tst:2009059574" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.9-1.4.1"/> 10772 <criterion test_ref="oval:org.opensuse.security:tst:2009059575" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.9-1.4.1"/> 10773 <criterion test_ref="oval:org.opensuse.security:tst:2009059576" comment="mozilla-xulrunner191-translations less than 1.9.1.9-1.4.1"/> 10774 <criterion test_ref="oval:org.opensuse.security:tst:2009059577" comment="mozilla-xulrunner191 less than 1.9.1.9-1.4.1"/> 10775 </criteria> 10776 </criteria> 10777 </criteria> 10778 </definition> 10779 <definition id="oval:org.opensuse.security:def:20100182" version="1" class="vulnerability"> 10780 <metadata> 10781 <title>CVE-2010-0182</title> 10782 <affected family="unix"> 10783 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10784 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10785 </affected> 10786 <reference ref_id="CVE-2010-0182" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0182" source="CVE"/> 10787 <description> 10788 The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content. 10789 </description> 10790 </metadata> 10791 <criteria operator="OR"> 10792 <!-- 65e1119797680c75f5f7043e72c6987b --> 10793 <criteria operator="AND"> 10794 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10795 <criteria operator="OR"> 10796 <criterion test_ref="oval:org.opensuse.security:tst:2009059562" comment="mozilla-xulrunner190-32bit less than 1.9.0.19-0.4.1"/> 10797 <criterion test_ref="oval:org.opensuse.security:tst:2009059563" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.19-0.4.1"/> 10798 <criterion test_ref="oval:org.opensuse.security:tst:2009059564" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.19-0.4.1"/> 10799 <criterion test_ref="oval:org.opensuse.security:tst:2009059565" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.19-0.4.1"/> 10800 <criterion test_ref="oval:org.opensuse.security:tst:2009059566" comment="mozilla-xulrunner190-translations less than 1.9.0.19-0.4.1"/> 10801 <criterion test_ref="oval:org.opensuse.security:tst:2009059567" comment="mozilla-xulrunner190 less than 1.9.0.19-0.4.1"/> 10802 </criteria> 10803 </criteria> 10804 <!-- c053554d7ebb124457bc5983a3bd1377 --> 10805 <criteria operator="AND"> 10806 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10807 <criteria operator="OR"> 10808 <criterion test_ref="oval:org.opensuse.security:tst:2009059570" comment="MozillaFirefox-translations less than 3.5.9-0.4.1"/> 10809 <criterion test_ref="oval:org.opensuse.security:tst:2009059571" comment="MozillaFirefox less than 3.5.9-0.4.1"/> 10810 <criterion test_ref="oval:org.opensuse.security:tst:2009059572" comment="mozilla-xulrunner191-32bit less than 1.9.1.9-1.4.1"/> 10811 <criterion test_ref="oval:org.opensuse.security:tst:2009059573" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.9-1.4.1"/> 10812 <criterion test_ref="oval:org.opensuse.security:tst:2009059574" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.9-1.4.1"/> 10813 <criterion test_ref="oval:org.opensuse.security:tst:2009059575" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.9-1.4.1"/> 10814 <criterion test_ref="oval:org.opensuse.security:tst:2009059576" comment="mozilla-xulrunner191-translations less than 1.9.1.9-1.4.1"/> 10815 <criterion test_ref="oval:org.opensuse.security:tst:2009059577" comment="mozilla-xulrunner191 less than 1.9.1.9-1.4.1"/> 10816 </criteria> 10817 </criteria> 10818 </criteria> 10819 </definition> 10820 <definition id="oval:org.opensuse.security:def:20100183" version="1" class="vulnerability"> 10821 <metadata> 10822 <title>CVE-2010-0183</title> 10823 <affected family="unix"> 10824 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10825 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10826 </affected> 10827 <reference ref_id="CVE-2010-0183" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0183" source="CVE"/> 10828 <description> 10829 Use-after-free vulnerability in the nsCycleCollector::MarkRoots function in Mozilla Firefox 3.5.x before 3.5.10 and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a crafted HTML document, related to an improper frame construction process for menus. 10830 </description> 10831 </metadata> 10832 <!-- a8d90b51fe9f6e085ade64278ece8e87 --> 10833 <criteria operator="AND"> 10834 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10835 <criteria operator="OR"> 10836 <criterion test_ref="oval:org.opensuse.security:tst:2009061260" comment="MozillaFirefox-translations less than 3.5.10-0.4.1"/> 10837 <criterion test_ref="oval:org.opensuse.security:tst:2009061261" comment="MozillaFirefox less than 3.5.10-0.4.1"/> 10838 <criterion test_ref="oval:org.opensuse.security:tst:2009061262" comment="mozilla-xulrunner191-32bit less than 1.9.1.10-1.4.1"/> 10839 <criterion test_ref="oval:org.opensuse.security:tst:2009061263" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.10-1.4.1"/> 10840 <criterion test_ref="oval:org.opensuse.security:tst:2009061264" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.10-1.4.1"/> 10841 <criterion test_ref="oval:org.opensuse.security:tst:2009061265" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.10-1.4.1"/> 10842 <criterion test_ref="oval:org.opensuse.security:tst:2009061266" comment="mozilla-xulrunner191-translations less than 1.9.1.10-1.4.1"/> 10843 <criterion test_ref="oval:org.opensuse.security:tst:2009061267" comment="mozilla-xulrunner191 less than 1.9.1.10-1.4.1"/> 10844 </criteria> 10845 </criteria> 10846 </definition> 10847 <definition id="oval:org.opensuse.security:def:20100186" version="1" class="vulnerability"> 10848 <metadata> 10849 <title>CVE-2010-0186</title> 10850 <affected family="unix"> 10851 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10852 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10853 </affected> 10854 <reference ref_id="CVE-2010-0186" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186" source="CVE"/> 10855 <description> 10856 Cross-domain vulnerability in Adobe Flash Player before 10.0.45.2, Adobe AIR before 1.5.3.9130, and Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors. 10857 </description> 10858 </metadata> 10859 <criteria operator="OR"> 10860 <!-- 4096889efde630b696485936c2c8032f --> 10861 <criteria operator="AND"> 10862 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10863 <criteria operator="OR"> 10864 <criterion test_ref="oval:org.opensuse.security:tst:2009058571" comment="acroread-cmaps less than 9.3.1-0.4.1"/> 10865 <criterion test_ref="oval:org.opensuse.security:tst:2009058572" comment="acroread-fonts-ja less than 9.3.1-0.4.1"/> 10866 <criterion test_ref="oval:org.opensuse.security:tst:2009058573" comment="acroread-fonts-ko less than 9.3.1-0.4.1"/> 10867 <criterion test_ref="oval:org.opensuse.security:tst:2009058574" comment="acroread-fonts-zh_CN less than 9.3.1-0.4.1"/> 10868 <criterion test_ref="oval:org.opensuse.security:tst:2009058575" comment="acroread-fonts-zh_TW less than 9.3.1-0.4.1"/> 10869 <criterion test_ref="oval:org.opensuse.security:tst:2009058577" comment="acroread less than 9.3.1-0.4.1"/> 10870 </criteria> 10871 </criteria> 10872 <!-- d4123b925c8ab86f6721672c777dac10 --> 10873 <criteria operator="AND"> 10874 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10875 <criterion test_ref="oval:org.opensuse.security:tst:2009057996" comment="flash-player less than 9.0.262.0-0.4.1"/> 10876 </criteria> 10877 </criteria> 10878 </definition> 10879 <definition id="oval:org.opensuse.security:def:20100187" version="1" class="vulnerability"> 10880 <metadata> 10881 <title>CVE-2010-0187</title> 10882 <affected family="unix"> 10883 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10884 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10885 </affected> 10886 <reference ref_id="CVE-2010-0187" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0187" source="CVE"/> 10887 <description> 10888 Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 allow remote attackers to cause a denial of service (application crash) via a modified SWF file. 10889 </description> 10890 </metadata> 10891 <!-- d4123b925c8ab86f6721672c777dac10 --> 10892 <criteria operator="AND"> 10893 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10894 <criterion test_ref="oval:org.opensuse.security:tst:2009057996" comment="flash-player less than 9.0.262.0-0.4.1"/> 10895 </criteria> 10896 </definition> 10897 <definition id="oval:org.opensuse.security:def:20100188" version="1" class="vulnerability"> 10898 <metadata> 10899 <title>CVE-2010-0188</title> 10900 <affected family="unix"> 10901 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10902 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10903 </affected> 10904 <reference ref_id="CVE-2010-0188" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188" source="CVE"/> 10905 <description> 10906 Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. 10907 </description> 10908 </metadata> 10909 <!-- 4096889efde630b696485936c2c8032f --> 10910 <criteria operator="AND"> 10911 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10912 <criteria operator="OR"> 10913 <criterion test_ref="oval:org.opensuse.security:tst:2009058571" comment="acroread-cmaps less than 9.3.1-0.4.1"/> 10914 <criterion test_ref="oval:org.opensuse.security:tst:2009058572" comment="acroread-fonts-ja less than 9.3.1-0.4.1"/> 10915 <criterion test_ref="oval:org.opensuse.security:tst:2009058573" comment="acroread-fonts-ko less than 9.3.1-0.4.1"/> 10916 <criterion test_ref="oval:org.opensuse.security:tst:2009058574" comment="acroread-fonts-zh_CN less than 9.3.1-0.4.1"/> 10917 <criterion test_ref="oval:org.opensuse.security:tst:2009058575" comment="acroread-fonts-zh_TW less than 9.3.1-0.4.1"/> 10918 <criterion test_ref="oval:org.opensuse.security:tst:2009058577" comment="acroread less than 9.3.1-0.4.1"/> 10919 </criteria> 10920 </criteria> 10921 </definition> 10922 <definition id="oval:org.opensuse.security:def:20100190" version="1" class="vulnerability"> 10923 <metadata> 10924 <title>CVE-2010-0190</title> 10925 <affected family="unix"> 10926 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10927 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10928 </affected> 10929 <reference ref_id="CVE-2010-0190" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190" source="CVE"/> 10930 <description> 10931 Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 10932 </description> 10933 </metadata> 10934 <criteria operator="OR"> 10935 <!-- 1a12ee072c929ca16f4fccdba35aff6f --> 10936 <criteria operator="AND"> 10937 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10938 <criterion test_ref="oval:org.opensuse.security:tst:2009059789" comment="acroread_ja less than 9.3.2-0.4.1"/> 10939 </criteria> 10940 <!-- ea122670adcd95514736ecbc647a5104 --> 10941 <criteria operator="AND"> 10942 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10943 <criteria operator="OR"> 10944 <criterion test_ref="oval:org.opensuse.security:tst:2009059802" comment="acroread-cmaps less than 9.3.2-0.4.1"/> 10945 <criterion test_ref="oval:org.opensuse.security:tst:2009059803" comment="acroread-fonts-ja less than 9.3.2-0.4.1"/> 10946 <criterion test_ref="oval:org.opensuse.security:tst:2009059804" comment="acroread-fonts-ko less than 9.3.2-0.4.1"/> 10947 <criterion test_ref="oval:org.opensuse.security:tst:2009059805" comment="acroread-fonts-zh_CN less than 9.3.2-0.4.1"/> 10948 <criterion test_ref="oval:org.opensuse.security:tst:2009059806" comment="acroread-fonts-zh_TW less than 9.3.2-0.4.1"/> 10949 <criterion test_ref="oval:org.opensuse.security:tst:2009059807" comment="acroread less than 9.3.2-0.4.1"/> 10950 </criteria> 10951 </criteria> 10952 </criteria> 10953 </definition> 10954 <definition id="oval:org.opensuse.security:def:20100191" version="1" class="vulnerability"> 10955 <metadata> 10956 <title>CVE-2010-0191</title> 10957 <affected family="unix"> 10958 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10959 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10960 </affected> 10961 <reference ref_id="CVE-2010-0191" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191" source="CVE"/> 10962 <description> 10963 Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability." 10964 </description> 10965 </metadata> 10966 <criteria operator="OR"> 10967 <!-- 1a12ee072c929ca16f4fccdba35aff6f --> 10968 <criteria operator="AND"> 10969 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10970 <criterion test_ref="oval:org.opensuse.security:tst:2009059789" comment="acroread_ja less than 9.3.2-0.4.1"/> 10971 </criteria> 10972 <!-- ea122670adcd95514736ecbc647a5104 --> 10973 <criteria operator="AND"> 10974 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 10975 <criteria operator="OR"> 10976 <criterion test_ref="oval:org.opensuse.security:tst:2009059802" comment="acroread-cmaps less than 9.3.2-0.4.1"/> 10977 <criterion test_ref="oval:org.opensuse.security:tst:2009059803" comment="acroread-fonts-ja less than 9.3.2-0.4.1"/> 10978 <criterion test_ref="oval:org.opensuse.security:tst:2009059804" comment="acroread-fonts-ko less than 9.3.2-0.4.1"/> 10979 <criterion test_ref="oval:org.opensuse.security:tst:2009059805" comment="acroread-fonts-zh_CN less than 9.3.2-0.4.1"/> 10980 <criterion test_ref="oval:org.opensuse.security:tst:2009059806" comment="acroread-fonts-zh_TW less than 9.3.2-0.4.1"/> 10981 <criterion test_ref="oval:org.opensuse.security:tst:2009059807" comment="acroread less than 9.3.2-0.4.1"/> 10982 </criteria> 10983 </criteria> 10984 </criteria> 10985 </definition> 10986 <definition id="oval:org.opensuse.security:def:20100192" version="1" class="vulnerability"> 10987 <metadata> 10988 <title>CVE-2010-0192</title> 10989 <affected family="unix"> 10990 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 10991 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 10992 </affected> 10993 <reference ref_id="CVE-2010-0192" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192" source="CVE"/> 10994 <description> 10995 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0193 and CVE-2010-0196. 10996 </description> 10997 </metadata> 10998 <criteria operator="OR"> 10999 <!-- 1a12ee072c929ca16f4fccdba35aff6f --> 11000 <criteria operator="AND"> 11001 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11002 <criterion test_ref="oval:org.opensuse.security:tst:2009059789" comment="acroread_ja less than 9.3.2-0.4.1"/> 11003 </criteria> 11004 <!-- ea122670adcd95514736ecbc647a5104 --> 11005 <criteria operator="AND"> 11006 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11007 <criteria operator="OR"> 11008 <criterion test_ref="oval:org.opensuse.security:tst:2009059802" comment="acroread-cmaps less than 9.3.2-0.4.1"/> 11009 <criterion test_ref="oval:org.opensuse.security:tst:2009059803" comment="acroread-fonts-ja less than 9.3.2-0.4.1"/> 11010 <criterion test_ref="oval:org.opensuse.security:tst:2009059804" comment="acroread-fonts-ko less than 9.3.2-0.4.1"/> 11011 <criterion test_ref="oval:org.opensuse.security:tst:2009059805" comment="acroread-fonts-zh_CN less than 9.3.2-0.4.1"/> 11012 <criterion test_ref="oval:org.opensuse.security:tst:2009059806" comment="acroread-fonts-zh_TW less than 9.3.2-0.4.1"/> 11013 <criterion test_ref="oval:org.opensuse.security:tst:2009059807" comment="acroread less than 9.3.2-0.4.1"/> 11014 </criteria> 11015 </criteria> 11016 </criteria> 11017 </definition> 11018 <definition id="oval:org.opensuse.security:def:20100193" version="1" class="vulnerability"> 11019 <metadata> 11020 <title>CVE-2010-0193</title> 11021 <affected family="unix"> 11022 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11023 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11024 </affected> 11025 <reference ref_id="CVE-2010-0193" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193" source="CVE"/> 11026 <description> 11027 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0192 and CVE-2010-0196. 11028 </description> 11029 </metadata> 11030 <criteria operator="OR"> 11031 <!-- 1a12ee072c929ca16f4fccdba35aff6f --> 11032 <criteria operator="AND"> 11033 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11034 <criterion test_ref="oval:org.opensuse.security:tst:2009059789" comment="acroread_ja less than 9.3.2-0.4.1"/> 11035 </criteria> 11036 <!-- ea122670adcd95514736ecbc647a5104 --> 11037 <criteria operator="AND"> 11038 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11039 <criteria operator="OR"> 11040 <criterion test_ref="oval:org.opensuse.security:tst:2009059802" comment="acroread-cmaps less than 9.3.2-0.4.1"/> 11041 <criterion test_ref="oval:org.opensuse.security:tst:2009059803" comment="acroread-fonts-ja less than 9.3.2-0.4.1"/> 11042 <criterion test_ref="oval:org.opensuse.security:tst:2009059804" comment="acroread-fonts-ko less than 9.3.2-0.4.1"/> 11043 <criterion test_ref="oval:org.opensuse.security:tst:2009059805" comment="acroread-fonts-zh_CN less than 9.3.2-0.4.1"/> 11044 <criterion test_ref="oval:org.opensuse.security:tst:2009059806" comment="acroread-fonts-zh_TW less than 9.3.2-0.4.1"/> 11045 <criterion test_ref="oval:org.opensuse.security:tst:2009059807" comment="acroread less than 9.3.2-0.4.1"/> 11046 </criteria> 11047 </criteria> 11048 </criteria> 11049 </definition> 11050 <definition id="oval:org.opensuse.security:def:20100194" version="1" class="vulnerability"> 11051 <metadata> 11052 <title>CVE-2010-0194</title> 11053 <affected family="unix"> 11054 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11055 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11056 </affected> 11057 <reference ref_id="CVE-2010-0194" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194" source="CVE"/> 11058 <description> 11059 Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0197, CVE-2010-0201, and CVE-2010-0204. 11060 </description> 11061 </metadata> 11062 <criteria operator="OR"> 11063 <!-- 1a12ee072c929ca16f4fccdba35aff6f --> 11064 <criteria operator="AND"> 11065 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11066 <criterion test_ref="oval:org.opensuse.security:tst:2009059789" comment="acroread_ja less than 9.3.2-0.4.1"/> 11067 </criteria> 11068 <!-- ea122670adcd95514736ecbc647a5104 --> 11069 <criteria operator="AND"> 11070 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11071 <criteria operator="OR"> 11072 <criterion test_ref="oval:org.opensuse.security:tst:2009059802" comment="acroread-cmaps less than 9.3.2-0.4.1"/> 11073 <criterion test_ref="oval:org.opensuse.security:tst:2009059803" comment="acroread-fonts-ja less than 9.3.2-0.4.1"/> 11074 <criterion test_ref="oval:org.opensuse.security:tst:2009059804" comment="acroread-fonts-ko less than 9.3.2-0.4.1"/> 11075 <criterion test_ref="oval:org.opensuse.security:tst:2009059805" comment="acroread-fonts-zh_CN less than 9.3.2-0.4.1"/> 11076 <criterion test_ref="oval:org.opensuse.security:tst:2009059806" comment="acroread-fonts-zh_TW less than 9.3.2-0.4.1"/> 11077 <criterion test_ref="oval:org.opensuse.security:tst:2009059807" comment="acroread less than 9.3.2-0.4.1"/> 11078 </criteria> 11079 </criteria> 11080 </criteria> 11081 </definition> 11082 <definition id="oval:org.opensuse.security:def:20100195" version="1" class="vulnerability"> 11083 <metadata> 11084 <title>CVE-2010-0195</title> 11085 <affected family="unix"> 11086 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11087 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11088 </affected> 11089 <reference ref_id="CVE-2010-0195" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195" source="CVE"/> 11090 <description> 11091 Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, do not properly handle fonts, which allows attackers to execute arbitrary code via unspecified vectors. 11092 </description> 11093 </metadata> 11094 <criteria operator="OR"> 11095 <!-- 1a12ee072c929ca16f4fccdba35aff6f --> 11096 <criteria operator="AND"> 11097 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11098 <criterion test_ref="oval:org.opensuse.security:tst:2009059789" comment="acroread_ja less than 9.3.2-0.4.1"/> 11099 </criteria> 11100 <!-- ea122670adcd95514736ecbc647a5104 --> 11101 <criteria operator="AND"> 11102 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11103 <criteria operator="OR"> 11104 <criterion test_ref="oval:org.opensuse.security:tst:2009059802" comment="acroread-cmaps less than 9.3.2-0.4.1"/> 11105 <criterion test_ref="oval:org.opensuse.security:tst:2009059803" comment="acroread-fonts-ja less than 9.3.2-0.4.1"/> 11106 <criterion test_ref="oval:org.opensuse.security:tst:2009059804" comment="acroread-fonts-ko less than 9.3.2-0.4.1"/> 11107 <criterion test_ref="oval:org.opensuse.security:tst:2009059805" comment="acroread-fonts-zh_CN less than 9.3.2-0.4.1"/> 11108 <criterion test_ref="oval:org.opensuse.security:tst:2009059806" comment="acroread-fonts-zh_TW less than 9.3.2-0.4.1"/> 11109 <criterion test_ref="oval:org.opensuse.security:tst:2009059807" comment="acroread less than 9.3.2-0.4.1"/> 11110 </criteria> 11111 </criteria> 11112 </criteria> 11113 </definition> 11114 <definition id="oval:org.opensuse.security:def:20100196" version="1" class="vulnerability"> 11115 <metadata> 11116 <title>CVE-2010-0196</title> 11117 <affected family="unix"> 11118 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11119 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11120 </affected> 11121 <reference ref_id="CVE-2010-0196" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196" source="CVE"/> 11122 <description> 11123 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0192 and CVE-2010-0193. 11124 </description> 11125 </metadata> 11126 <criteria operator="OR"> 11127 <!-- 1a12ee072c929ca16f4fccdba35aff6f --> 11128 <criteria operator="AND"> 11129 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11130 <criterion test_ref="oval:org.opensuse.security:tst:2009059789" comment="acroread_ja less than 9.3.2-0.4.1"/> 11131 </criteria> 11132 <!-- ea122670adcd95514736ecbc647a5104 --> 11133 <criteria operator="AND"> 11134 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11135 <criteria operator="OR"> 11136 <criterion test_ref="oval:org.opensuse.security:tst:2009059802" comment="acroread-cmaps less than 9.3.2-0.4.1"/> 11137 <criterion test_ref="oval:org.opensuse.security:tst:2009059803" comment="acroread-fonts-ja less than 9.3.2-0.4.1"/> 11138 <criterion test_ref="oval:org.opensuse.security:tst:2009059804" comment="acroread-fonts-ko less than 9.3.2-0.4.1"/> 11139 <criterion test_ref="oval:org.opensuse.security:tst:2009059805" comment="acroread-fonts-zh_CN less than 9.3.2-0.4.1"/> 11140 <criterion test_ref="oval:org.opensuse.security:tst:2009059806" comment="acroread-fonts-zh_TW less than 9.3.2-0.4.1"/> 11141 <criterion test_ref="oval:org.opensuse.security:tst:2009059807" comment="acroread less than 9.3.2-0.4.1"/> 11142 </criteria> 11143 </criteria> 11144 </criteria> 11145 </definition> 11146 <definition id="oval:org.opensuse.security:def:20100197" version="1" class="vulnerability"> 11147 <metadata> 11148 <title>CVE-2010-0197</title> 11149 <affected family="unix"> 11150 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11151 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11152 </affected> 11153 <reference ref_id="CVE-2010-0197" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197" source="CVE"/> 11154 <description> 11155 Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0201, and CVE-2010-0204. 11156 </description> 11157 </metadata> 11158 <criteria operator="OR"> 11159 <!-- 1a12ee072c929ca16f4fccdba35aff6f --> 11160 <criteria operator="AND"> 11161 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11162 <criterion test_ref="oval:org.opensuse.security:tst:2009059789" comment="acroread_ja less than 9.3.2-0.4.1"/> 11163 </criteria> 11164 <!-- ea122670adcd95514736ecbc647a5104 --> 11165 <criteria operator="AND"> 11166 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11167 <criteria operator="OR"> 11168 <criterion test_ref="oval:org.opensuse.security:tst:2009059802" comment="acroread-cmaps less than 9.3.2-0.4.1"/> 11169 <criterion test_ref="oval:org.opensuse.security:tst:2009059803" comment="acroread-fonts-ja less than 9.3.2-0.4.1"/> 11170 <criterion test_ref="oval:org.opensuse.security:tst:2009059804" comment="acroread-fonts-ko less than 9.3.2-0.4.1"/> 11171 <criterion test_ref="oval:org.opensuse.security:tst:2009059805" comment="acroread-fonts-zh_CN less than 9.3.2-0.4.1"/> 11172 <criterion test_ref="oval:org.opensuse.security:tst:2009059806" comment="acroread-fonts-zh_TW less than 9.3.2-0.4.1"/> 11173 <criterion test_ref="oval:org.opensuse.security:tst:2009059807" comment="acroread less than 9.3.2-0.4.1"/> 11174 </criteria> 11175 </criteria> 11176 </criteria> 11177 </definition> 11178 <definition id="oval:org.opensuse.security:def:20100198" version="1" class="vulnerability"> 11179 <metadata> 11180 <title>CVE-2010-0198</title> 11181 <affected family="unix"> 11182 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11183 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11184 </affected> 11185 <reference ref_id="CVE-2010-0198" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198" source="CVE"/> 11186 <description> 11187 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0199, CVE-2010-0202, and CVE-2010-0203. 11188 </description> 11189 </metadata> 11190 <criteria operator="OR"> 11191 <!-- 1a12ee072c929ca16f4fccdba35aff6f --> 11192 <criteria operator="AND"> 11193 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11194 <criterion test_ref="oval:org.opensuse.security:tst:2009059789" comment="acroread_ja less than 9.3.2-0.4.1"/> 11195 </criteria> 11196 <!-- ea122670adcd95514736ecbc647a5104 --> 11197 <criteria operator="AND"> 11198 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11199 <criteria operator="OR"> 11200 <criterion test_ref="oval:org.opensuse.security:tst:2009059802" comment="acroread-cmaps less than 9.3.2-0.4.1"/> 11201 <criterion test_ref="oval:org.opensuse.security:tst:2009059803" comment="acroread-fonts-ja less than 9.3.2-0.4.1"/> 11202 <criterion test_ref="oval:org.opensuse.security:tst:2009059804" comment="acroread-fonts-ko less than 9.3.2-0.4.1"/> 11203 <criterion test_ref="oval:org.opensuse.security:tst:2009059805" comment="acroread-fonts-zh_CN less than 9.3.2-0.4.1"/> 11204 <criterion test_ref="oval:org.opensuse.security:tst:2009059806" comment="acroread-fonts-zh_TW less than 9.3.2-0.4.1"/> 11205 <criterion test_ref="oval:org.opensuse.security:tst:2009059807" comment="acroread less than 9.3.2-0.4.1"/> 11206 </criteria> 11207 </criteria> 11208 </criteria> 11209 </definition> 11210 <definition id="oval:org.opensuse.security:def:20100199" version="1" class="vulnerability"> 11211 <metadata> 11212 <title>CVE-2010-0199</title> 11213 <affected family="unix"> 11214 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11215 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11216 </affected> 11217 <reference ref_id="CVE-2010-0199" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199" source="CVE"/> 11218 <description> 11219 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0202, and CVE-2010-0203. 11220 </description> 11221 </metadata> 11222 <criteria operator="OR"> 11223 <!-- 1a12ee072c929ca16f4fccdba35aff6f --> 11224 <criteria operator="AND"> 11225 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11226 <criterion test_ref="oval:org.opensuse.security:tst:2009059789" comment="acroread_ja less than 9.3.2-0.4.1"/> 11227 </criteria> 11228 <!-- ea122670adcd95514736ecbc647a5104 --> 11229 <criteria operator="AND"> 11230 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11231 <criteria operator="OR"> 11232 <criterion test_ref="oval:org.opensuse.security:tst:2009059802" comment="acroread-cmaps less than 9.3.2-0.4.1"/> 11233 <criterion test_ref="oval:org.opensuse.security:tst:2009059803" comment="acroread-fonts-ja less than 9.3.2-0.4.1"/> 11234 <criterion test_ref="oval:org.opensuse.security:tst:2009059804" comment="acroread-fonts-ko less than 9.3.2-0.4.1"/> 11235 <criterion test_ref="oval:org.opensuse.security:tst:2009059805" comment="acroread-fonts-zh_CN less than 9.3.2-0.4.1"/> 11236 <criterion test_ref="oval:org.opensuse.security:tst:2009059806" comment="acroread-fonts-zh_TW less than 9.3.2-0.4.1"/> 11237 <criterion test_ref="oval:org.opensuse.security:tst:2009059807" comment="acroread less than 9.3.2-0.4.1"/> 11238 </criteria> 11239 </criteria> 11240 </criteria> 11241 </definition> 11242 <definition id="oval:org.opensuse.security:def:20100201" version="1" class="vulnerability"> 11243 <metadata> 11244 <title>CVE-2010-0201</title> 11245 <affected family="unix"> 11246 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11247 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11248 </affected> 11249 <reference ref_id="CVE-2010-0201" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201" source="CVE"/> 11250 <description> 11251 Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0204. 11252 </description> 11253 </metadata> 11254 <criteria operator="OR"> 11255 <!-- 1a12ee072c929ca16f4fccdba35aff6f --> 11256 <criteria operator="AND"> 11257 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11258 <criterion test_ref="oval:org.opensuse.security:tst:2009059789" comment="acroread_ja less than 9.3.2-0.4.1"/> 11259 </criteria> 11260 <!-- ea122670adcd95514736ecbc647a5104 --> 11261 <criteria operator="AND"> 11262 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11263 <criteria operator="OR"> 11264 <criterion test_ref="oval:org.opensuse.security:tst:2009059802" comment="acroread-cmaps less than 9.3.2-0.4.1"/> 11265 <criterion test_ref="oval:org.opensuse.security:tst:2009059803" comment="acroread-fonts-ja less than 9.3.2-0.4.1"/> 11266 <criterion test_ref="oval:org.opensuse.security:tst:2009059804" comment="acroread-fonts-ko less than 9.3.2-0.4.1"/> 11267 <criterion test_ref="oval:org.opensuse.security:tst:2009059805" comment="acroread-fonts-zh_CN less than 9.3.2-0.4.1"/> 11268 <criterion test_ref="oval:org.opensuse.security:tst:2009059806" comment="acroread-fonts-zh_TW less than 9.3.2-0.4.1"/> 11269 <criterion test_ref="oval:org.opensuse.security:tst:2009059807" comment="acroread less than 9.3.2-0.4.1"/> 11270 </criteria> 11271 </criteria> 11272 </criteria> 11273 </definition> 11274 <definition id="oval:org.opensuse.security:def:20100202" version="1" class="vulnerability"> 11275 <metadata> 11276 <title>CVE-2010-0202</title> 11277 <affected family="unix"> 11278 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11279 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11280 </affected> 11281 <reference ref_id="CVE-2010-0202" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202" source="CVE"/> 11282 <description> 11283 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0203. 11284 </description> 11285 </metadata> 11286 <criteria operator="OR"> 11287 <!-- 1a12ee072c929ca16f4fccdba35aff6f --> 11288 <criteria operator="AND"> 11289 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11290 <criterion test_ref="oval:org.opensuse.security:tst:2009059789" comment="acroread_ja less than 9.3.2-0.4.1"/> 11291 </criteria> 11292 <!-- ea122670adcd95514736ecbc647a5104 --> 11293 <criteria operator="AND"> 11294 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11295 <criteria operator="OR"> 11296 <criterion test_ref="oval:org.opensuse.security:tst:2009059802" comment="acroread-cmaps less than 9.3.2-0.4.1"/> 11297 <criterion test_ref="oval:org.opensuse.security:tst:2009059803" comment="acroread-fonts-ja less than 9.3.2-0.4.1"/> 11298 <criterion test_ref="oval:org.opensuse.security:tst:2009059804" comment="acroread-fonts-ko less than 9.3.2-0.4.1"/> 11299 <criterion test_ref="oval:org.opensuse.security:tst:2009059805" comment="acroread-fonts-zh_CN less than 9.3.2-0.4.1"/> 11300 <criterion test_ref="oval:org.opensuse.security:tst:2009059806" comment="acroread-fonts-zh_TW less than 9.3.2-0.4.1"/> 11301 <criterion test_ref="oval:org.opensuse.security:tst:2009059807" comment="acroread less than 9.3.2-0.4.1"/> 11302 </criteria> 11303 </criteria> 11304 </criteria> 11305 </definition> 11306 <definition id="oval:org.opensuse.security:def:20100203" version="1" class="vulnerability"> 11307 <metadata> 11308 <title>CVE-2010-0203</title> 11309 <affected family="unix"> 11310 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11311 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11312 </affected> 11313 <reference ref_id="CVE-2010-0203" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203" source="CVE"/> 11314 <description> 11315 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0202. 11316 </description> 11317 </metadata> 11318 <criteria operator="OR"> 11319 <!-- 1a12ee072c929ca16f4fccdba35aff6f --> 11320 <criteria operator="AND"> 11321 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11322 <criterion test_ref="oval:org.opensuse.security:tst:2009059789" comment="acroread_ja less than 9.3.2-0.4.1"/> 11323 </criteria> 11324 <!-- ea122670adcd95514736ecbc647a5104 --> 11325 <criteria operator="AND"> 11326 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11327 <criteria operator="OR"> 11328 <criterion test_ref="oval:org.opensuse.security:tst:2009059802" comment="acroread-cmaps less than 9.3.2-0.4.1"/> 11329 <criterion test_ref="oval:org.opensuse.security:tst:2009059803" comment="acroread-fonts-ja less than 9.3.2-0.4.1"/> 11330 <criterion test_ref="oval:org.opensuse.security:tst:2009059804" comment="acroread-fonts-ko less than 9.3.2-0.4.1"/> 11331 <criterion test_ref="oval:org.opensuse.security:tst:2009059805" comment="acroread-fonts-zh_CN less than 9.3.2-0.4.1"/> 11332 <criterion test_ref="oval:org.opensuse.security:tst:2009059806" comment="acroread-fonts-zh_TW less than 9.3.2-0.4.1"/> 11333 <criterion test_ref="oval:org.opensuse.security:tst:2009059807" comment="acroread less than 9.3.2-0.4.1"/> 11334 </criteria> 11335 </criteria> 11336 </criteria> 11337 </definition> 11338 <definition id="oval:org.opensuse.security:def:20100204" version="1" class="vulnerability"> 11339 <metadata> 11340 <title>CVE-2010-0204</title> 11341 <affected family="unix"> 11342 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11343 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11344 </affected> 11345 <reference ref_id="CVE-2010-0204" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204" source="CVE"/> 11346 <description> 11347 Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0201. 11348 </description> 11349 </metadata> 11350 <criteria operator="OR"> 11351 <!-- 1a12ee072c929ca16f4fccdba35aff6f --> 11352 <criteria operator="AND"> 11353 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11354 <criterion test_ref="oval:org.opensuse.security:tst:2009059789" comment="acroread_ja less than 9.3.2-0.4.1"/> 11355 </criteria> 11356 <!-- ea122670adcd95514736ecbc647a5104 --> 11357 <criteria operator="AND"> 11358 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11359 <criteria operator="OR"> 11360 <criterion test_ref="oval:org.opensuse.security:tst:2009059802" comment="acroread-cmaps less than 9.3.2-0.4.1"/> 11361 <criterion test_ref="oval:org.opensuse.security:tst:2009059803" comment="acroread-fonts-ja less than 9.3.2-0.4.1"/> 11362 <criterion test_ref="oval:org.opensuse.security:tst:2009059804" comment="acroread-fonts-ko less than 9.3.2-0.4.1"/> 11363 <criterion test_ref="oval:org.opensuse.security:tst:2009059805" comment="acroread-fonts-zh_CN less than 9.3.2-0.4.1"/> 11364 <criterion test_ref="oval:org.opensuse.security:tst:2009059806" comment="acroread-fonts-zh_TW less than 9.3.2-0.4.1"/> 11365 <criterion test_ref="oval:org.opensuse.security:tst:2009059807" comment="acroread less than 9.3.2-0.4.1"/> 11366 </criteria> 11367 </criteria> 11368 </criteria> 11369 </definition> 11370 <definition id="oval:org.opensuse.security:def:20100205" version="1" class="vulnerability"> 11371 <metadata> 11372 <title>CVE-2010-0205</title> 11373 <affected family="unix"> 11374 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11375 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11376 </affected> 11377 <reference ref_id="CVE-2010-0205" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205" source="CVE"/> 11378 <description> 11379 The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "decompression bomb" attack. 11380 </description> 11381 </metadata> 11382 <!-- 6c342648d084c0a27cf90b4e478dd419 --> 11383 <criteria operator="AND"> 11384 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11385 <criteria operator="OR"> 11386 <criterion test_ref="oval:org.opensuse.security:tst:2009060304" comment="libpng-32bit less than 1.2.8-19.28.1"/> 11387 <criterion test_ref="oval:org.opensuse.security:tst:2009060305" comment="libpng-devel-32bit less than 1.2.8-19.28.1"/> 11388 <criterion test_ref="oval:org.opensuse.security:tst:2009060306" comment="libpng-devel less than 1.2.8-19.28.1"/> 11389 <criterion test_ref="oval:org.opensuse.security:tst:2009060307" comment="libpng less than 1.2.8-19.28.1"/> 11390 </criteria> 11391 </criteria> 11392 </definition> 11393 <definition id="oval:org.opensuse.security:def:20100209" version="1" class="vulnerability"> 11394 <metadata> 11395 <title>CVE-2010-0209</title> 11396 <affected family="unix"> 11397 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11398 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11399 </affected> 11400 <reference ref_id="CVE-2010-0209" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0209" source="CVE"/> 11401 <description> 11402 Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2213, CVE-2010-2214, and CVE-2010-2216. 11403 </description> 11404 </metadata> 11405 <criteria operator="OR"> 11406 <!-- 0dc88ee261caadcb967f90fbfd30e7f2 --> 11407 <criteria operator="AND"> 11408 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11409 <criteria operator="OR"> 11410 <criterion test_ref="oval:org.opensuse.security:tst:2009062195" comment="acroread-cmaps less than 9.3.4-0.5.1"/> 11411 <criterion test_ref="oval:org.opensuse.security:tst:2009062196" comment="acroread-fonts-ja less than 9.3.4-0.5.1"/> 11412 <criterion test_ref="oval:org.opensuse.security:tst:2009062197" comment="acroread-fonts-ko less than 9.3.4-0.5.1"/> 11413 <criterion test_ref="oval:org.opensuse.security:tst:2009062198" comment="acroread-fonts-zh_CN less than 9.3.4-0.5.1"/> 11414 <criterion test_ref="oval:org.opensuse.security:tst:2009062199" comment="acroread-fonts-zh_TW less than 9.3.4-0.5.1"/> 11415 <criterion test_ref="oval:org.opensuse.security:tst:2009062200" comment="acroread less than 9.3.4-0.5.1"/> 11416 </criteria> 11417 </criteria> 11418 <!-- 4f2b033e0413b46d025beb15797c544d --> 11419 <criteria operator="AND"> 11420 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11421 <criterion test_ref="oval:org.opensuse.security:tst:2009061983" comment="flash-player less than 9.0.280.0-0.4.1"/> 11422 </criteria> 11423 <!-- 8d6734b9845d252567cc853032034436 --> 11424 <criteria operator="AND"> 11425 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11426 <criterion test_ref="oval:org.opensuse.security:tst:2009062201" comment="acroread_ja less than 9.3.4-0.4.1"/> 11427 </criteria> 11428 </criteria> 11429 </definition> 11430 <definition id="oval:org.opensuse.security:def:20100211" version="1" class="vulnerability"> 11431 <metadata> 11432 <title>CVE-2010-0211</title> 11433 <affected family="unix"> 11434 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11435 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11436 </affected> 11437 <reference ref_id="CVE-2010-0211" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0211" source="CVE"/> 11438 <description> 11439 The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite. 11440 </description> 11441 </metadata> 11442 <!-- e9480928ac9cfc137826355cdaa57ecf --> 11443 <criteria operator="AND"> 11444 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11445 <criteria operator="OR"> 11446 <criterion test_ref="oval:org.opensuse.security:tst:2009062053" comment="openldap2-client-32bit less than 2.3.32-0.37.1"/> 11447 <criterion test_ref="oval:org.opensuse.security:tst:2009062054" comment="openldap2-client less than 2.3.32-0.37.1"/> 11448 <criterion test_ref="oval:org.opensuse.security:tst:2009062055" comment="openldap2-devel-32bit less than 2.3.32-0.37.1"/> 11449 <criterion test_ref="oval:org.opensuse.security:tst:2009062056" comment="openldap2-devel less than 2.3.32-0.37.1"/> 11450 <criterion test_ref="oval:org.opensuse.security:tst:2009062057" comment="openldap2 less than 2.3.32-0.37.1"/> 11451 </criteria> 11452 </criteria> 11453 </definition> 11454 <definition id="oval:org.opensuse.security:def:20100212" version="1" class="vulnerability"> 11455 <metadata> 11456 <title>CVE-2010-0212</title> 11457 <affected family="unix"> 11458 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11459 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11460 </affected> 11461 <reference ref_id="CVE-2010-0212" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0212" source="CVE"/> 11462 <description> 11463 OpenLDAP 2.4.22 allows remote attackers to cause a denial of service (crash) via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite. 11464 </description> 11465 </metadata> 11466 <!-- e9480928ac9cfc137826355cdaa57ecf --> 11467 <criteria operator="AND"> 11468 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11469 <criteria operator="OR"> 11470 <criterion test_ref="oval:org.opensuse.security:tst:2009062053" comment="openldap2-client-32bit less than 2.3.32-0.37.1"/> 11471 <criterion test_ref="oval:org.opensuse.security:tst:2009062054" comment="openldap2-client less than 2.3.32-0.37.1"/> 11472 <criterion test_ref="oval:org.opensuse.security:tst:2009062055" comment="openldap2-devel-32bit less than 2.3.32-0.37.1"/> 11473 <criterion test_ref="oval:org.opensuse.security:tst:2009062056" comment="openldap2-devel less than 2.3.32-0.37.1"/> 11474 <criterion test_ref="oval:org.opensuse.security:tst:2009062057" comment="openldap2 less than 2.3.32-0.37.1"/> 11475 </criteria> 11476 </criteria> 11477 </definition> 11478 <definition id="oval:org.opensuse.security:def:20100220" version="1" class="vulnerability"> 11479 <metadata> 11480 <title>CVE-2010-0220</title> 11481 <affected family="unix"> 11482 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11483 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11484 </affected> 11485 <reference ref_id="CVE-2010-0220" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0220" source="CVE"/> 11486 <description> 11487 The nsObserverList::FillObserverArray function in xpcom/ds/nsObserverList.cpp in Mozilla Firefox before 3.5.7 allows remote attackers to cause a denial of service (application crash) via a crafted web site that triggers memory consumption and an accompanying Low Memory alert dialog, and also triggers attempted removal of an observer from an empty observers array. 11488 </description> 11489 </metadata> 11490 <criteria operator="OR"> 11491 <!-- e0375f6a4697591175520d61a8dd7b70 --> 11492 <criteria operator="AND"> 11493 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11494 <criteria operator="OR"> 11495 <criterion test_ref="oval:org.opensuse.security:tst:2009057647" comment="mozilla-xulrunner190-32bit less than 1.9.0.17-0.4.1"/> 11496 <criterion test_ref="oval:org.opensuse.security:tst:2009057648" comment="mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.17-0.4.1"/> 11497 <criterion test_ref="oval:org.opensuse.security:tst:2009057649" comment="mozilla-xulrunner190-gnomevfs less than 1.9.0.17-0.4.1"/> 11498 <criterion test_ref="oval:org.opensuse.security:tst:2009057650" comment="mozilla-xulrunner190-translations-32bit less than 1.9.0.17-0.4.1"/> 11499 <criterion test_ref="oval:org.opensuse.security:tst:2009057651" comment="mozilla-xulrunner190-translations less than 1.9.0.17-0.4.1"/> 11500 <criterion test_ref="oval:org.opensuse.security:tst:2009057652" comment="mozilla-xulrunner190 less than 1.9.0.17-0.4.1"/> 11501 </criteria> 11502 </criteria> 11503 <!-- f9103589486f0a989bea800ed2b2ea23 --> 11504 <criteria operator="AND"> 11505 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11506 <criteria operator="OR"> 11507 <criterion test_ref="oval:org.opensuse.security:tst:2009057660" comment="MozillaFirefox-translations less than 3.5.7-1.4.1"/> 11508 <criterion test_ref="oval:org.opensuse.security:tst:2009057661" comment="MozillaFirefox less than 3.5.7-1.4.1"/> 11509 <criterion test_ref="oval:org.opensuse.security:tst:2009057662" comment="mozilla-xulrunner191-32bit less than 1.9.1.7-1.4.1"/> 11510 <criterion test_ref="oval:org.opensuse.security:tst:2009057663" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.7-1.4.1"/> 11511 <criterion test_ref="oval:org.opensuse.security:tst:2009057664" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.7-1.4.1"/> 11512 <criterion test_ref="oval:org.opensuse.security:tst:2009057665" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.7-1.4.1"/> 11513 <criterion test_ref="oval:org.opensuse.security:tst:2009057666" comment="mozilla-xulrunner191-translations less than 1.9.1.7-1.4.1"/> 11514 <criterion test_ref="oval:org.opensuse.security:tst:2009057667" comment="mozilla-xulrunner191 less than 1.9.1.7-1.4.1"/> 11515 </criteria> 11516 </criteria> 11517 </criteria> 11518 </definition> 11519 <definition id="oval:org.opensuse.security:def:20100230" version="1" class="vulnerability"> 11520 <metadata> 11521 <title>CVE-2010-0230</title> 11522 <affected family="unix"> 11523 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11524 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11525 </affected> 11526 <reference ref_id="CVE-2010-0230" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0230" source="CVE"/> 11527 <description> 11528 SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures postfix to listen on all network interfaces, which might allow remote attackers to bypass intended access restrictions. 11529 </description> 11530 </metadata> 11531 <!-- e9ed7474141480a4d84752bb6a9c8342 --> 11532 <criteria operator="AND"> 11533 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11534 <criterion test_ref="oval:org.opensuse.security:tst:2009057254" comment="postfix less than 2.5.6-4.8.4"/> 11535 </criteria> 11536 </definition> 11537 <definition id="oval:org.opensuse.security:def:20100277" version="1" class="vulnerability"> 11538 <metadata> 11539 <title>CVE-2010-0277</title> 11540 <affected family="unix"> 11541 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11542 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11543 </affected> 11544 <reference ref_id="CVE-2010-0277" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277" source="CVE"/> 11545 <description> 11546 slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a different issue than CVE-2010-0013. 11547 </description> 11548 </metadata> 11549 <!-- 50f32d80d39a4dd5b12549f50b2c99b4 --> 11550 <criteria operator="AND"> 11551 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11552 <criteria operator="OR"> 11553 <criterion test_ref="oval:org.opensuse.security:tst:2009058526" comment="finch less than 2.6.6-0.4.1"/> 11554 <criterion test_ref="oval:org.opensuse.security:tst:2009058527" comment="libpurple less than 2.6.6-0.4.1"/> 11555 <criterion test_ref="oval:org.opensuse.security:tst:2009058528" comment="pidgin less than 2.6.6-0.4.1"/> 11556 </criteria> 11557 </criteria> 11558 </definition> 11559 <definition id="oval:org.opensuse.security:def:20100296" version="1" class="vulnerability"> 11560 <metadata> 11561 <title>CVE-2010-0296</title> 11562 <affected family="unix"> 11563 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11564 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11565 </affected> 11566 <reference ref_id="CVE-2010-0296" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0296" source="CVE"/> 11567 <description> 11568 The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request. 11569 </description> 11570 </metadata> 11571 <!-- a7e1bffd1e2cae6bb5c9bbff3d3f9de2 --> 11572 <criteria operator="AND"> 11573 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11574 <criteria operator="OR"> 11575 <criterion test_ref="oval:org.opensuse.security:tst:2009070508" comment="glibc-32bit less than 2.4-31.77.76.1"/> 11576 <criterion test_ref="oval:org.opensuse.security:tst:2009070509" comment="glibc-devel-32bit less than 2.4-31.77.76.1"/> 11577 <criterion test_ref="oval:org.opensuse.security:tst:2009070510" comment="glibc-devel less than 2.4-31.77.76.1"/> 11578 <criterion test_ref="oval:org.opensuse.security:tst:2009070511" comment="glibc-html less than 2.4-31.77.76.1"/> 11579 <criterion test_ref="oval:org.opensuse.security:tst:2009070512" comment="glibc-i18ndata less than 2.4-31.77.76.1"/> 11580 <criterion test_ref="oval:org.opensuse.security:tst:2009070513" comment="glibc-info less than 2.4-31.77.76.1"/> 11581 <criterion test_ref="oval:org.opensuse.security:tst:2009070514" comment="glibc-locale-32bit less than 2.4-31.77.76.1"/> 11582 <criterion test_ref="oval:org.opensuse.security:tst:2009070515" comment="glibc-locale less than 2.4-31.77.76.1"/> 11583 <criterion test_ref="oval:org.opensuse.security:tst:2009070516" comment="glibc less than 2.4-31.77.76.1"/> 11584 <criterion test_ref="oval:org.opensuse.security:tst:2009070517" comment="nscd less than 2.4-31.77.76.1"/> 11585 </criteria> 11586 </criteria> 11587 </definition> 11588 <definition id="oval:org.opensuse.security:def:20100304" version="1" class="vulnerability"> 11589 <metadata> 11590 <title>CVE-2010-0304</title> 11591 <affected family="unix"> 11592 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11593 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11594 </affected> 11595 <reference ref_id="CVE-2010-0304" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0304" source="CVE"/> 11596 <description> 11597 Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function. 11598 </description> 11599 </metadata> 11600 <!-- a7013413afe9902cca86ec3f1281b76e --> 11601 <criteria operator="AND"> 11602 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11603 <criterion test_ref="oval:org.opensuse.security:tst:2009058913" comment="ethereal less than 0.10.14-16.41.1"/> 11604 </criteria> 11605 </definition> 11606 <definition id="oval:org.opensuse.security:def:20100308" version="1" class="vulnerability"> 11607 <metadata> 11608 <title>CVE-2010-0308</title> 11609 <affected family="unix"> 11610 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11611 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11612 </affected> 11613 <reference ref_id="CVE-2010-0308" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0308" source="CVE"/> 11614 <description> 11615 lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service (assertion failure) via a crafted DNS packet that only contains a header. 11616 </description> 11617 </metadata> 11618 <!-- c47f23990313deda7c25045777a1d09b --> 11619 <criteria operator="AND"> 11620 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11621 <criterion test_ref="oval:org.opensuse.security:tst:2009059073" comment="squid less than 2.5.STABLE12-18.13.982.2.1"/> 11622 </criteria> 11623 </definition> 11624 <definition id="oval:org.opensuse.security:def:20100395" version="1" class="vulnerability"> 11625 <metadata> 11626 <title>CVE-2010-0395</title> 11627 <affected family="unix"> 11628 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11629 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11630 </affected> 11631 <reference ref_id="CVE-2010-0395" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0395" source="CVE"/> 11632 <description> 11633 OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed. 11634 </description> 11635 </metadata> 11636 <!-- 5789ee106e960c8b674f218923b99512 --> 11637 <criteria operator="AND"> 11638 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11639 <criteria operator="OR"> 11640 <criterion test_ref="oval:org.opensuse.security:tst:2009061719" comment="OpenOffice_org-af less than 3.2.1-0.4.1"/> 11641 <criterion test_ref="oval:org.opensuse.security:tst:2009061720" comment="OpenOffice_org-ar less than 3.2.1-0.4.1"/> 11642 <criterion test_ref="oval:org.opensuse.security:tst:2009061721" comment="OpenOffice_org-ca less than 3.2.1-0.4.1"/> 11643 <criterion test_ref="oval:org.opensuse.security:tst:2009061722" comment="OpenOffice_org-cs less than 3.2.1-0.4.1"/> 11644 <criterion test_ref="oval:org.opensuse.security:tst:2009061723" comment="OpenOffice_org-da less than 3.2.1-0.4.1"/> 11645 <criterion test_ref="oval:org.opensuse.security:tst:2009061724" comment="OpenOffice_org-de less than 3.2.1-0.4.1"/> 11646 <criterion test_ref="oval:org.opensuse.security:tst:2009061725" comment="OpenOffice_org-el less than 3.2.1-0.4.1"/> 11647 <criterion test_ref="oval:org.opensuse.security:tst:2009061726" comment="OpenOffice_org-en-GB less than 3.2.1-0.4.1"/> 11648 <criterion test_ref="oval:org.opensuse.security:tst:2009061727" comment="OpenOffice_org-es less than 3.2.1-0.4.1"/> 11649 <criterion test_ref="oval:org.opensuse.security:tst:2009061728" comment="OpenOffice_org-fi less than 3.2.1-0.4.1"/> 11650 <criterion test_ref="oval:org.opensuse.security:tst:2009061729" comment="OpenOffice_org-fr less than 3.2.1-0.4.1"/> 11651 <criterion test_ref="oval:org.opensuse.security:tst:2009061730" comment="OpenOffice_org-galleries less than 3.2.1-0.4.1"/> 11652 <criterion test_ref="oval:org.opensuse.security:tst:2009061731" comment="OpenOffice_org-gnome less than 3.2.1-0.4.1"/> 11653 <criterion test_ref="oval:org.opensuse.security:tst:2009061732" comment="OpenOffice_org-gu-IN less than 3.2.1-0.4.1"/> 11654 <criterion test_ref="oval:org.opensuse.security:tst:2009061733" comment="OpenOffice_org-hi-IN less than 3.2.1-0.4.1"/> 11655 <criterion test_ref="oval:org.opensuse.security:tst:2009061734" comment="OpenOffice_org-hu less than 3.2.1-0.4.1"/> 11656 <criterion test_ref="oval:org.opensuse.security:tst:2009061735" comment="OpenOffice_org-it less than 3.2.1-0.4.1"/> 11657 <criterion test_ref="oval:org.opensuse.security:tst:2009061736" comment="OpenOffice_org-ja less than 3.2.1-0.4.1"/> 11658 <criterion test_ref="oval:org.opensuse.security:tst:2009061737" comment="OpenOffice_org-kde less than 3.2.1-0.4.1"/> 11659 <criterion test_ref="oval:org.opensuse.security:tst:2009061738" comment="OpenOffice_org-ko less than 3.2.1-0.4.1"/> 11660 <criterion test_ref="oval:org.opensuse.security:tst:2009061739" comment="OpenOffice_org-mono less than 3.2.1-0.4.1"/> 11661 <criterion test_ref="oval:org.opensuse.security:tst:2009061740" comment="OpenOffice_org-nb less than 3.2.1-0.4.1"/> 11662 <criterion test_ref="oval:org.opensuse.security:tst:2009061741" comment="OpenOffice_org-nl less than 3.2.1-0.4.1"/> 11663 <criterion test_ref="oval:org.opensuse.security:tst:2009061742" comment="OpenOffice_org-nld less than 3.2.1-0.4.1"/> 11664 <criterion test_ref="oval:org.opensuse.security:tst:2009061743" comment="OpenOffice_org-nn less than 3.2.1-0.4.1"/> 11665 <criterion test_ref="oval:org.opensuse.security:tst:2009061744" comment="OpenOffice_org-pl less than 3.2.1-0.4.1"/> 11666 <criterion test_ref="oval:org.opensuse.security:tst:2009061745" comment="OpenOffice_org-pt-BR less than 3.2.1-0.4.1"/> 11667 <criterion test_ref="oval:org.opensuse.security:tst:2009061746" comment="OpenOffice_org-ru less than 3.2.1-0.4.1"/> 11668 <criterion test_ref="oval:org.opensuse.security:tst:2009061747" comment="OpenOffice_org-sk less than 3.2.1-0.4.1"/> 11669 <criterion test_ref="oval:org.opensuse.security:tst:2009061748" comment="OpenOffice_org-sv less than 3.2.1-0.4.1"/> 11670 <criterion test_ref="oval:org.opensuse.security:tst:2009061749" comment="OpenOffice_org-xh less than 3.2.1-0.4.1"/> 11671 <criterion test_ref="oval:org.opensuse.security:tst:2009061750" comment="OpenOffice_org-zh-CN less than 3.2.1-0.4.1"/> 11672 <criterion test_ref="oval:org.opensuse.security:tst:2009061751" comment="OpenOffice_org-zh-TW less than 3.2.1-0.4.1"/> 11673 <criterion test_ref="oval:org.opensuse.security:tst:2009061752" comment="OpenOffice_org-zu less than 3.2.1-0.4.1"/> 11674 <criterion test_ref="oval:org.opensuse.security:tst:2009061753" comment="OpenOffice_org less than 3.2.1-0.4.1"/> 11675 </criteria> 11676 </criteria> 11677 </definition> 11678 <definition id="oval:org.opensuse.security:def:20100405" version="1" class="vulnerability"> 11679 <metadata> 11680 <title>CVE-2010-0405</title> 11681 <affected family="unix"> 11682 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11683 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11684 </affected> 11685 <reference ref_id="CVE-2010-0405" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405" source="CVE"/> 11686 <description> 11687 Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file. 11688 </description> 11689 </metadata> 11690 <!-- 592a9b28d8bb5f34d0edf0c2399959df --> 11691 <criteria operator="AND"> 11692 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11693 <criteria operator="OR"> 11694 <criterion test_ref="oval:org.opensuse.security:tst:2009063225" comment="bzip2-32bit less than 1.0.3-17.15.4"/> 11695 <criterion test_ref="oval:org.opensuse.security:tst:2009063226" comment="bzip2 less than 1.0.3-17.15.4"/> 11696 </criteria> 11697 </criteria> 11698 </definition> 11699 <definition id="oval:org.opensuse.security:def:20100407" version="1" class="vulnerability"> 11700 <metadata> 11701 <title>CVE-2010-0407</title> 11702 <affected family="unix"> 11703 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11704 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11705 </affected> 11706 <reference ref_id="CVE-2010-0407" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0407" source="CVE"/> 11707 <description> 11708 Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled. 11709 </description> 11710 </metadata> 11711 <!-- f9f0b4850f079469498b87c6323992e9 --> 11712 <criteria operator="AND"> 11713 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11714 <criteria operator="OR"> 11715 <criterion test_ref="oval:org.opensuse.security:tst:2009062688" comment="pcsc-lite-devel less than 1.2.9_beta9-17.17.1"/> 11716 <criterion test_ref="oval:org.opensuse.security:tst:2009062689" comment="pcsc-lite less than 1.2.9_beta9-17.17.1"/> 11717 </criteria> 11718 </criteria> 11719 </definition> 11720 <definition id="oval:org.opensuse.security:def:20100410" version="1" class="vulnerability"> 11721 <metadata> 11722 <title>CVE-2010-0410</title> 11723 <affected family="unix"> 11724 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11725 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11726 </affected> 11727 <reference ref_id="CVE-2010-0410" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0410" source="CVE"/> 11728 <description> 11729 drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages. 11730 </description> 11731 </metadata> 11732 <criteria operator="OR"> 11733 <!-- 30110847005ad3a7ea7c5d1efd067ce1 --> 11734 <criteria operator="AND"> 11735 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11736 <criteria operator="OR"> 11737 <criterion test_ref="oval:org.opensuse.security:tst:2009059203" comment="kernel-default less than 2.6.16.60-0.60.1"/> 11738 <criterion test_ref="oval:org.opensuse.security:tst:2009059217" comment="kernel-smp less than 2.6.16.60-0.60.1"/> 11739 <criterion test_ref="oval:org.opensuse.security:tst:2009059207" comment="kernel-source less than 2.6.16.60-0.60.1"/> 11740 <criterion test_ref="oval:org.opensuse.security:tst:2009059208" comment="kernel-syms less than 2.6.16.60-0.60.1"/> 11741 <criterion test_ref="oval:org.opensuse.security:tst:2009059218" comment="kernel-xen less than 2.6.16.60-0.60.1"/> 11742 </criteria> 11743 </criteria> 11744 <!-- 44be42f54c5e35e6e551e68351bbd0e1 --> 11745 <criteria operator="AND"> 11746 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11747 <criteria operator="OR"> 11748 <criterion test_ref="oval:org.opensuse.security:tst:2009059220" comment="kernel-bigsmp less than 2.6.16.60-0.60.1"/> 11749 <criterion test_ref="oval:org.opensuse.security:tst:2009059203" comment="kernel-default less than 2.6.16.60-0.60.1"/> 11750 <criterion test_ref="oval:org.opensuse.security:tst:2009059217" comment="kernel-smp less than 2.6.16.60-0.60.1"/> 11751 <criterion test_ref="oval:org.opensuse.security:tst:2009059207" comment="kernel-source less than 2.6.16.60-0.60.1"/> 11752 <criterion test_ref="oval:org.opensuse.security:tst:2009059208" comment="kernel-syms less than 2.6.16.60-0.60.1"/> 11753 <criterion test_ref="oval:org.opensuse.security:tst:2009059218" comment="kernel-xen less than 2.6.16.60-0.60.1"/> 11754 <criterion test_ref="oval:org.opensuse.security:tst:2009059221" comment="kernel-xenpae less than 2.6.16.60-0.60.1"/> 11755 </criteria> 11756 </criteria> 11757 </criteria> 11758 </definition> 11759 <definition id="oval:org.opensuse.security:def:20100416" version="1" class="vulnerability"> 11760 <metadata> 11761 <title>CVE-2010-0416</title> 11762 <affected family="unix"> 11763 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11764 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11765 </affected> 11766 <reference ref_id="CVE-2010-0416" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0416" source="CVE"/> 11767 <description> 11768 Buffer overflow in the Unescape function in common/util/hxurl.cpp and player/hxclientkit/src/CHXClientSink.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a URL argument containing a % (percent) character that is not followed by two hex digits. 11769 </description> 11770 </metadata> 11771 <!-- 522925dbc731d22be640a74295f7c711 --> 11772 <criteria operator="AND"> 11773 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11774 <criteria operator="OR"> 11775 <criterion test_ref="oval:org.opensuse.security:tst:2009062183" comment="gst-fluendo-mp3 less than 2-108.4.1"/> 11776 <criterion test_ref="oval:org.opensuse.security:tst:2009062184" comment="helix-banshee-devel less than 0.13.2-1.16.1"/> 11777 <criterion test_ref="oval:org.opensuse.security:tst:2009062185" comment="helix-banshee-engine-gst less than 0.13.2-1.16.1"/> 11778 <criterion test_ref="oval:org.opensuse.security:tst:2009062186" comment="helix-banshee-plugins-default less than 0.13.2-1.16.1"/> 11779 <criterion test_ref="oval:org.opensuse.security:tst:2009062187" comment="helix-banshee-plugins-extra less than 0.13.2-1.16.1"/> 11780 <criterion test_ref="oval:org.opensuse.security:tst:2009062188" comment="helix-banshee less than 0.13.2-1.16.1"/> 11781 </criteria> 11782 </criteria> 11783 </definition> 11784 <definition id="oval:org.opensuse.security:def:20100420" version="1" class="vulnerability"> 11785 <metadata> 11786 <title>CVE-2010-0420</title> 11787 <affected family="unix"> 11788 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11789 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11790 </affected> 11791 <reference ref_id="CVE-2010-0420" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420" source="CVE"/> 11792 <description> 11793 libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not properly parse nicknames containing <br> sequences, which allows remote attackers to cause a denial of service (application crash) via a crafted nickname. 11794 </description> 11795 </metadata> 11796 <!-- 50f32d80d39a4dd5b12549f50b2c99b4 --> 11797 <criteria operator="AND"> 11798 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11799 <criteria operator="OR"> 11800 <criterion test_ref="oval:org.opensuse.security:tst:2009058526" comment="finch less than 2.6.6-0.4.1"/> 11801 <criterion test_ref="oval:org.opensuse.security:tst:2009058527" comment="libpurple less than 2.6.6-0.4.1"/> 11802 <criterion test_ref="oval:org.opensuse.security:tst:2009058528" comment="pidgin less than 2.6.6-0.4.1"/> 11803 </criteria> 11804 </criteria> 11805 </definition> 11806 <definition id="oval:org.opensuse.security:def:20100421" version="1" class="vulnerability"> 11807 <metadata> 11808 <title>CVE-2010-0421</title> 11809 <affected family="unix"> 11810 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11811 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11812 </affected> 11813 <reference ref_id="CVE-2010-0421" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0421" source="CVE"/> 11814 <description> 11815 Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph Definition (aka GDEF) table by using this font's charmap and the Unicode property database. 11816 </description> 11817 </metadata> 11818 <!-- f8957f06660b9d9c7af340279d684999 --> 11819 <criteria operator="AND"> 11820 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11821 <criteria operator="OR"> 11822 <criterion test_ref="oval:org.opensuse.security:tst:2009059703" comment="pango-32bit less than 1.10.2-23.9.1"/> 11823 <criterion test_ref="oval:org.opensuse.security:tst:2009059704" comment="pango-devel less than 1.10.2-23.9.1"/> 11824 <criterion test_ref="oval:org.opensuse.security:tst:2009059705" comment="pango-doc less than 1.10.2-23.9.1"/> 11825 <criterion test_ref="oval:org.opensuse.security:tst:2009059706" comment="pango less than 1.10.2-23.9.1"/> 11826 </criteria> 11827 </criteria> 11828 </definition> 11829 <definition id="oval:org.opensuse.security:def:20100423" version="1" class="vulnerability"> 11830 <metadata> 11831 <title>CVE-2010-0423</title> 11832 <affected family="unix"> 11833 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11834 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11835 </affected> 11836 <reference ref_id="CVE-2010-0423" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423" source="CVE"/> 11837 <description> 11838 gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service (CPU consumption and application hang) by sending many smileys in a (1) IM or (2) chat. 11839 </description> 11840 </metadata> 11841 <!-- 50f32d80d39a4dd5b12549f50b2c99b4 --> 11842 <criteria operator="AND"> 11843 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11844 <criteria operator="OR"> 11845 <criterion test_ref="oval:org.opensuse.security:tst:2009058526" comment="finch less than 2.6.6-0.4.1"/> 11846 <criterion test_ref="oval:org.opensuse.security:tst:2009058527" comment="libpurple less than 2.6.6-0.4.1"/> 11847 <criterion test_ref="oval:org.opensuse.security:tst:2009058528" comment="pidgin less than 2.6.6-0.4.1"/> 11848 </criteria> 11849 </criteria> 11850 </definition> 11851 <definition id="oval:org.opensuse.security:def:20100424" version="1" class="vulnerability"> 11852 <metadata> 11853 <title>CVE-2010-0424</title> 11854 <affected family="unix"> 11855 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11856 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11857 </affected> 11858 <reference ref_id="CVE-2010-0424" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0424" source="CVE"/> 11859 <description> 11860 The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory. 11861 </description> 11862 </metadata> 11863 <!-- 9a1b912ae4ee3e6d4c41f65e42685eb1 --> 11864 <criteria operator="AND"> 11865 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11866 <criterion test_ref="oval:org.opensuse.security:tst:2009058938" comment="cron less than 4.1-45.31.1"/> 11867 </criteria> 11868 </definition> 11869 <definition id="oval:org.opensuse.security:def:20100426" version="1" class="vulnerability"> 11870 <metadata> 11871 <title>CVE-2010-0426</title> 11872 <affected family="unix"> 11873 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11874 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11875 </affected> 11876 <reference ref_id="CVE-2010-0426" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0426" source="CVE"/> 11877 <description> 11878 sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user's home directory. 11879 </description> 11880 </metadata> 11881 <!-- 52516363f6f16788787cabc5bc367283 --> 11882 <criteria operator="AND"> 11883 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11884 <criterion test_ref="oval:org.opensuse.security:tst:2009058662" comment="sudo less than 1.6.8p12-18.17.1"/> 11885 </criteria> 11886 </definition> 11887 <definition id="oval:org.opensuse.security:def:20100436" version="1" class="vulnerability"> 11888 <metadata> 11889 <title>CVE-2010-0436</title> 11890 <affected family="unix"> 11891 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11892 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11893 </affected> 11894 <reference ref_id="CVE-2010-0436" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0436" source="CVE"/> 11895 <description> 11896 Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm. 11897 </description> 11898 </metadata> 11899 <!-- 79a7a6d69e310c4db79b45a47b5e8ec7 --> 11900 <criteria operator="AND"> 11901 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11902 <criteria operator="OR"> 11903 <criterion test_ref="oval:org.opensuse.security:tst:2009059752" comment="fileshareset less than 2.0-84.77.1"/> 11904 <criterion test_ref="oval:org.opensuse.security:tst:2009059753" comment="kdebase3-32bit less than 3.5.1-69.77.1"/> 11905 <criterion test_ref="oval:org.opensuse.security:tst:2009059754" comment="kdebase3-beagle less than 3.5.1-69.77.1"/> 11906 <criterion test_ref="oval:org.opensuse.security:tst:2009059755" comment="kdebase3-devel less than 3.5.1-69.77.1"/> 11907 <criterion test_ref="oval:org.opensuse.security:tst:2009059756" comment="kdebase3-kdm less than 3.5.1-69.77.1"/> 11908 <criterion test_ref="oval:org.opensuse.security:tst:2009059757" comment="kdebase3-ksysguardd less than 3.5.1-69.77.1"/> 11909 <criterion test_ref="oval:org.opensuse.security:tst:2009059758" comment="kdebase3-nsplugin less than 3.5.1-69.77.1"/> 11910 <criterion test_ref="oval:org.opensuse.security:tst:2009059759" comment="kdebase3-samba less than 3.5.1-69.77.1"/> 11911 <criterion test_ref="oval:org.opensuse.security:tst:2009059760" comment="kdebase3-session less than 3.5.1-69.77.1"/> 11912 <criterion test_ref="oval:org.opensuse.security:tst:2009059761" comment="kdebase3 less than 3.5.1-69.77.1"/> 11913 </criteria> 11914 </criteria> 11915 </definition> 11916 <definition id="oval:org.opensuse.security:def:20100540" version="1" class="vulnerability"> 11917 <metadata> 11918 <title>CVE-2010-0540</title> 11919 <affected family="unix"> 11920 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 11921 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 11922 </affected> 11923 <reference ref_id="CVE-2010-0540" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0540" source="CVE"/> 11924 <description> 11925 Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings. 11926 </description> 11927 </metadata> 11928 <!-- 58f92f1602b118d40cc39ae74d76028f --> 11929 <criteria operator="AND"> 11930 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 11931 <criteria operator="OR"> 11932 <criterion test_ref="oval:org.opensuse.security:tst:2009071180" comment="cups-client less than 1.1.23-40.62.1"/> 11933 <criterion test_ref="oval:org.opensuse.security:tst:2009071181" comment="cups-devel less than 1.1.23-40.62.1"/> 11934 <criterion test_ref="oval:org.opensuse.security:tst:2009071182" comment="cups-libs-32bit less than 1.1.23-40.62.1"/> 11935 <criterion test_ref="oval:org.opensuse.security:tst:2009071183" comment="cups-libs less than 1.1.23-40.62.1"/> 11936 <criterion test_ref="oval:org.opensuse.security:tst:2009071184" comment="cups less than 1.1.23-40.62.1"/> 11937 </criteria> 11938 </criteria> 11939 </definition> 11940 <definition id="oval:org.opensuse.security:def:20100542" version="1" class="vulnerability"> 11941 <metadata> 11942 <title>CVE-2010-0542</title> 11943 <affected family="unix"> 11944 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11945 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11946 </affected> 11947 <reference ref_id="CVE-2010-0542" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0542" source="CVE"/> 11948 <description> 11949 The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file. 11950 </description> 11951 </metadata> 11952 <!-- d80f195def5f87d532c424567f8d8cea --> 11953 <criteria operator="AND"> 11954 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11955 <criteria operator="OR"> 11956 <criterion test_ref="oval:org.opensuse.security:tst:2009064812" comment="cups-client less than 1.1.23-40.60.12"/> 11957 <criterion test_ref="oval:org.opensuse.security:tst:2009064813" comment="cups-devel less than 1.1.23-40.60.12"/> 11958 <criterion test_ref="oval:org.opensuse.security:tst:2009064814" comment="cups-libs-32bit less than 1.1.23-40.60.12"/> 11959 <criterion test_ref="oval:org.opensuse.security:tst:2009064815" comment="cups-libs less than 1.1.23-40.60.12"/> 11960 <criterion test_ref="oval:org.opensuse.security:tst:2009064816" comment="cups less than 1.1.23-40.60.12"/> 11961 </criteria> 11962 </criteria> 11963 </definition> 11964 <definition id="oval:org.opensuse.security:def:20100547" version="1" class="vulnerability"> 11965 <metadata> 11966 <title>CVE-2010-0547</title> 11967 <affected family="unix"> 11968 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 11969 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 11970 </affected> 11971 <reference ref_id="CVE-2010-0547" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0547" source="CVE"/> 11972 <description> 11973 client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. 11974 </description> 11975 </metadata> 11976 <!-- fa6455f54a922a4b9e9c2e1b755db9f5 --> 11977 <criteria operator="AND"> 11978 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 11979 <criteria operator="OR"> 11980 <criterion test_ref="oval:org.opensuse.security:tst:2009059386" comment="cifs-mount less than 3.0.36-0.9.1"/> 11981 <criterion test_ref="oval:org.opensuse.security:tst:2009059387" comment="ldapsmb less than 1.34b-25.9.1"/> 11982 <criterion test_ref="oval:org.opensuse.security:tst:2009059388" comment="libsmbclient-32bit less than 3.0.36-0.9.1"/> 11983 <criterion test_ref="oval:org.opensuse.security:tst:2009059389" comment="libsmbclient-devel less than 3.0.36-0.9.1"/> 11984 <criterion test_ref="oval:org.opensuse.security:tst:2009059390" comment="libsmbclient less than 3.0.36-0.9.1"/> 11985 <criterion test_ref="oval:org.opensuse.security:tst:2009059391" comment="samba-32bit less than 3.0.36-0.9.1"/> 11986 <criterion test_ref="oval:org.opensuse.security:tst:2009059392" comment="samba-client-32bit less than 3.0.36-0.9.1"/> 11987 <criterion test_ref="oval:org.opensuse.security:tst:2009059393" comment="samba-client less than 3.0.36-0.9.1"/> 11988 <criterion test_ref="oval:org.opensuse.security:tst:2009059394" comment="samba-krb-printing less than 3.0.36-0.9.1"/> 11989 <criterion test_ref="oval:org.opensuse.security:tst:2009059395" comment="samba-vscan less than 0.3.6b-43.9.1"/> 11990 <criterion test_ref="oval:org.opensuse.security:tst:2009059396" comment="samba-winbind-32bit less than 3.0.36-0.9.1"/> 11991 <criterion test_ref="oval:org.opensuse.security:tst:2009059397" comment="samba-winbind less than 3.0.36-0.9.1"/> 11992 <criterion test_ref="oval:org.opensuse.security:tst:2009059398" comment="samba less than 3.0.36-0.9.1"/> 11993 </criteria> 11994 </criteria> 11995 </definition> 11996 <definition id="oval:org.opensuse.security:def:20100624" version="1" class="vulnerability"> 11997 <metadata> 11998 <title>CVE-2010-0624</title> 11999 <affected family="unix"> 12000 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12001 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12002 </affected> 12003 <reference ref_id="CVE-2010-0624" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624" source="CVE"/> 12004 <description> 12005 Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character. 12006 </description> 12007 </metadata> 12008 <criteria operator="OR"> 12009 <!-- 1a9a8923163bf15a7b362029b28403f3 --> 12010 <criteria operator="AND"> 12011 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12012 <criterion test_ref="oval:org.opensuse.security:tst:2009060136" comment="cpio less than 2.6-19.26.1"/> 12013 </criteria> 12014 <!-- 237f45f6ed85d324a9d45daadd2e66fd --> 12015 <criteria operator="AND"> 12016 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12017 <criterion test_ref="oval:org.opensuse.security:tst:2009060037" comment="tar less than 1.15.1-23.16.1"/> 12018 </criteria> 12019 </criteria> 12020 </definition> 12021 <definition id="oval:org.opensuse.security:def:20100654" version="1" class="vulnerability"> 12022 <metadata> 12023 <title>CVE-2010-0654</title> 12024 <affected family="unix"> 12025 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12026 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12027 </affected> 12028 <reference ref_id="CVE-2010-0654" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0654" source="CVE"/> 12029 <description> 12030 Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 permit cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document. 12031 </description> 12032 </metadata> 12033 <!-- 8b35218d04ea0b2f8a4fa600f61c669c --> 12034 <criteria operator="AND"> 12035 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12036 <criteria operator="OR"> 12037 <criterion test_ref="oval:org.opensuse.security:tst:2009061842" comment="MozillaFirefox-translations less than 3.5.11-0.4.1"/> 12038 <criterion test_ref="oval:org.opensuse.security:tst:2009061843" comment="MozillaFirefox less than 3.5.11-0.4.1"/> 12039 <criterion test_ref="oval:org.opensuse.security:tst:2009061844" comment="mozilla-xulrunner191-32bit less than 1.9.1.11-0.4.1"/> 12040 <criterion test_ref="oval:org.opensuse.security:tst:2009061845" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.11-0.4.1"/> 12041 <criterion test_ref="oval:org.opensuse.security:tst:2009061846" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.11-0.4.1"/> 12042 <criterion test_ref="oval:org.opensuse.security:tst:2009061847" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.11-0.4.1"/> 12043 <criterion test_ref="oval:org.opensuse.security:tst:2009061848" comment="mozilla-xulrunner191-translations less than 1.9.1.11-0.4.1"/> 12044 <criterion test_ref="oval:org.opensuse.security:tst:2009061849" comment="mozilla-xulrunner191 less than 1.9.1.11-0.4.1"/> 12045 </criteria> 12046 </criteria> 12047 </definition> 12048 <definition id="oval:org.opensuse.security:def:20100733" version="1" class="vulnerability"> 12049 <metadata> 12050 <title>CVE-2010-0733</title> 12051 <affected family="unix"> 12052 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12053 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12054 </affected> 12055 <reference ref_id="CVE-2010-0733" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0733" source="CVE"/> 12056 <description> 12057 Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with many LEFT JOIN clauses, related to certain hashtable size calculations. 12058 </description> 12059 </metadata> 12060 <!-- 6bdf69d7fb74ed93841ee668250b20e3 --> 12061 <criteria operator="AND"> 12062 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12063 <criteria operator="OR"> 12064 <criterion test_ref="oval:org.opensuse.security:tst:2009061294" comment="postgresql-devel less than 8.1.21-0.4.1"/> 12065 <criterion test_ref="oval:org.opensuse.security:tst:2009061295" comment="postgresql-libs-32bit less than 8.1.21-0.4.1"/> 12066 <criterion test_ref="oval:org.opensuse.security:tst:2009061296" comment="postgresql-libs less than 8.1.21-0.4.1"/> 12067 </criteria> 12068 </criteria> 12069 </definition> 12070 <definition id="oval:org.opensuse.security:def:20100739" version="1" class="vulnerability"> 12071 <metadata> 12072 <title>CVE-2010-0739</title> 12073 <affected family="unix"> 12074 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12075 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12076 </affected> 12077 <reference ref_id="CVE-2010-0739" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0739" source="CVE"/> 12078 <description> 12079 Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. 12080 </description> 12081 </metadata> 12082 <!-- fe2b0b79a120e78a91e39517628cfa61 --> 12083 <criteria operator="AND"> 12084 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12085 <criteria operator="OR"> 12086 <criterion test_ref="oval:org.opensuse.security:tst:2009060488" comment="te_ams less than 3.0-37.13.1"/> 12087 <criterion test_ref="oval:org.opensuse.security:tst:2009060489" comment="te_cont less than 3.0-37.13.1"/> 12088 <criterion test_ref="oval:org.opensuse.security:tst:2009060490" comment="te_dvilj less than 3.0-37.13.1"/> 12089 <criterion test_ref="oval:org.opensuse.security:tst:2009060491" comment="te_eplai less than 3.0-37.13.1"/> 12090 <criterion test_ref="oval:org.opensuse.security:tst:2009060492" comment="te_kpath less than 3.0-37.13.1"/> 12091 <criterion test_ref="oval:org.opensuse.security:tst:2009060493" comment="te_latex less than 3.0-37.13.1"/> 12092 <criterion test_ref="oval:org.opensuse.security:tst:2009060494" comment="te_mpost less than 3.0-37.13.1"/> 12093 <criterion test_ref="oval:org.opensuse.security:tst:2009060495" comment="te_omega less than 3.0-37.13.1"/> 12094 <criterion test_ref="oval:org.opensuse.security:tst:2009060496" comment="te_ptex less than 3.0-37.13.1"/> 12095 <criterion test_ref="oval:org.opensuse.security:tst:2009060497" comment="te_web less than 3.0-37.13.1"/> 12096 <criterion test_ref="oval:org.opensuse.security:tst:2009060498" comment="tetex less than 3.0-37.13.1"/> 12097 </criteria> 12098 </criteria> 12099 </definition> 12100 <definition id="oval:org.opensuse.security:def:20100787" version="1" class="vulnerability"> 12101 <metadata> 12102 <title>CVE-2010-0787</title> 12103 <affected family="unix"> 12104 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12105 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12106 </affected> 12107 <reference ref_id="CVE-2010-0787" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0787" source="CVE"/> 12108 <description> 12109 client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. 12110 </description> 12111 </metadata> 12112 <!-- 29eb70d58d45c14009af67c3e137b8fe --> 12113 <criteria operator="AND"> 12114 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12115 <criteria operator="OR"> 12116 <criterion test_ref="oval:org.opensuse.security:tst:2009060962" comment="cifs-mount less than 3.0.36-0.11.1"/> 12117 <criterion test_ref="oval:org.opensuse.security:tst:2009060963" comment="ldapsmb less than 1.34b-25.11.1"/> 12118 <criterion test_ref="oval:org.opensuse.security:tst:2009060964" comment="libsmbclient-32bit less than 3.0.36-0.11.1"/> 12119 <criterion test_ref="oval:org.opensuse.security:tst:2009060965" comment="libsmbclient-devel less than 3.0.36-0.11.1"/> 12120 <criterion test_ref="oval:org.opensuse.security:tst:2009060966" comment="libsmbclient less than 3.0.36-0.11.1"/> 12121 <criterion test_ref="oval:org.opensuse.security:tst:2009060967" comment="samba-32bit less than 3.0.36-0.11.1"/> 12122 <criterion test_ref="oval:org.opensuse.security:tst:2009060968" comment="samba-client-32bit less than 3.0.36-0.11.1"/> 12123 <criterion test_ref="oval:org.opensuse.security:tst:2009060969" comment="samba-client less than 3.0.36-0.11.1"/> 12124 <criterion test_ref="oval:org.opensuse.security:tst:2009060970" comment="samba-krb-printing less than 3.0.36-0.11.1"/> 12125 <criterion test_ref="oval:org.opensuse.security:tst:2009060971" comment="samba-vscan less than 0.3.6b-43.11.1"/> 12126 <criterion test_ref="oval:org.opensuse.security:tst:2009060972" comment="samba-winbind-32bit less than 3.0.36-0.11.1"/> 12127 <criterion test_ref="oval:org.opensuse.security:tst:2009060973" comment="samba-winbind less than 3.0.36-0.11.1"/> 12128 <criterion test_ref="oval:org.opensuse.security:tst:2009060974" comment="samba less than 3.0.36-0.11.1"/> 12129 </criteria> 12130 </criteria> 12131 </definition> 12132 <definition id="oval:org.opensuse.security:def:20100788" version="1" class="vulnerability"> 12133 <metadata> 12134 <title>CVE-2010-0788</title> 12135 <affected family="unix"> 12136 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12137 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12138 </affected> 12139 <reference ref_id="CVE-2010-0788" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0788" source="CVE"/> 12140 <description> 12141 ncpfs 2.2.6 allows local users to cause a denial of service, obtain sensitive information, or possibly gain privileges via symlink attacks involving the (1) ncpmount and (2) ncpumount programs. 12142 </description> 12143 </metadata> 12144 <!-- 893bc8b94e0875f06794074cdd2aaa26 --> 12145 <criteria operator="AND"> 12146 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12147 <criterion test_ref="oval:org.opensuse.security:tst:2009060663" comment="ncpfs less than 2.2.6-24.17.1"/> 12148 </criteria> 12149 </definition> 12150 <definition id="oval:org.opensuse.security:def:20100790" version="1" class="vulnerability"> 12151 <metadata> 12152 <title>CVE-2010-0790</title> 12153 <affected family="unix"> 12154 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12155 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12156 </affected> 12157 <reference ref_id="CVE-2010-0790" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0790" source="CVE"/> 12158 <description> 12159 sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain detailed error messages about the results of privileged file-access attempts, which allows local users to determine the existence of arbitrary files via the mountpoint name. 12160 </description> 12161 </metadata> 12162 <!-- 893bc8b94e0875f06794074cdd2aaa26 --> 12163 <criteria operator="AND"> 12164 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12165 <criterion test_ref="oval:org.opensuse.security:tst:2009060663" comment="ncpfs less than 2.2.6-24.17.1"/> 12166 </criteria> 12167 </definition> 12168 <definition id="oval:org.opensuse.security:def:20100791" version="1" class="vulnerability"> 12169 <metadata> 12170 <title>CVE-2010-0791</title> 12171 <affected family="unix"> 12172 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12173 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12174 </affected> 12175 <reference ref_id="CVE-2010-0791" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0791" source="CVE"/> 12176 <description> 12177 The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs 2.2.6 do not properly create lock files, which allows local users to cause a denial of service (application failure) via unspecified vectors that trigger the creation of a /etc/mtab~ file that persists after the program exits. 12178 </description> 12179 </metadata> 12180 <!-- 893bc8b94e0875f06794074cdd2aaa26 --> 12181 <criteria operator="AND"> 12182 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12183 <criterion test_ref="oval:org.opensuse.security:tst:2009060663" comment="ncpfs less than 2.2.6-24.17.1"/> 12184 </criteria> 12185 </definition> 12186 <definition id="oval:org.opensuse.security:def:20100827" version="1" class="vulnerability"> 12187 <metadata> 12188 <title>CVE-2010-0827</title> 12189 <affected family="unix"> 12190 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12191 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12192 </affected> 12193 <reference ref_id="CVE-2010-0827" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0827" source="CVE"/> 12194 <description> 12195 Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted virtual font (VF) file associated with a DVI file. 12196 </description> 12197 </metadata> 12198 <!-- fe2b0b79a120e78a91e39517628cfa61 --> 12199 <criteria operator="AND"> 12200 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12201 <criteria operator="OR"> 12202 <criterion test_ref="oval:org.opensuse.security:tst:2009060488" comment="te_ams less than 3.0-37.13.1"/> 12203 <criterion test_ref="oval:org.opensuse.security:tst:2009060489" comment="te_cont less than 3.0-37.13.1"/> 12204 <criterion test_ref="oval:org.opensuse.security:tst:2009060490" comment="te_dvilj less than 3.0-37.13.1"/> 12205 <criterion test_ref="oval:org.opensuse.security:tst:2009060491" comment="te_eplai less than 3.0-37.13.1"/> 12206 <criterion test_ref="oval:org.opensuse.security:tst:2009060492" comment="te_kpath less than 3.0-37.13.1"/> 12207 <criterion test_ref="oval:org.opensuse.security:tst:2009060493" comment="te_latex less than 3.0-37.13.1"/> 12208 <criterion test_ref="oval:org.opensuse.security:tst:2009060494" comment="te_mpost less than 3.0-37.13.1"/> 12209 <criterion test_ref="oval:org.opensuse.security:tst:2009060495" comment="te_omega less than 3.0-37.13.1"/> 12210 <criterion test_ref="oval:org.opensuse.security:tst:2009060496" comment="te_ptex less than 3.0-37.13.1"/> 12211 <criterion test_ref="oval:org.opensuse.security:tst:2009060497" comment="te_web less than 3.0-37.13.1"/> 12212 <criterion test_ref="oval:org.opensuse.security:tst:2009060498" comment="tetex less than 3.0-37.13.1"/> 12213 </criteria> 12214 </criteria> 12215 </definition> 12216 <definition id="oval:org.opensuse.security:def:20100829" version="1" class="vulnerability"> 12217 <metadata> 12218 <title>CVE-2010-0829</title> 12219 <affected family="unix"> 12220 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12221 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12222 </affected> 12223 <reference ref_id="CVE-2010-0829" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0829" source="CVE"/> 12224 <description> 12225 Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file. 12226 </description> 12227 </metadata> 12228 <!-- fe2b0b79a120e78a91e39517628cfa61 --> 12229 <criteria operator="AND"> 12230 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12231 <criteria operator="OR"> 12232 <criterion test_ref="oval:org.opensuse.security:tst:2009060488" comment="te_ams less than 3.0-37.13.1"/> 12233 <criterion test_ref="oval:org.opensuse.security:tst:2009060489" comment="te_cont less than 3.0-37.13.1"/> 12234 <criterion test_ref="oval:org.opensuse.security:tst:2009060490" comment="te_dvilj less than 3.0-37.13.1"/> 12235 <criterion test_ref="oval:org.opensuse.security:tst:2009060491" comment="te_eplai less than 3.0-37.13.1"/> 12236 <criterion test_ref="oval:org.opensuse.security:tst:2009060492" comment="te_kpath less than 3.0-37.13.1"/> 12237 <criterion test_ref="oval:org.opensuse.security:tst:2009060493" comment="te_latex less than 3.0-37.13.1"/> 12238 <criterion test_ref="oval:org.opensuse.security:tst:2009060494" comment="te_mpost less than 3.0-37.13.1"/> 12239 <criterion test_ref="oval:org.opensuse.security:tst:2009060495" comment="te_omega less than 3.0-37.13.1"/> 12240 <criterion test_ref="oval:org.opensuse.security:tst:2009060496" comment="te_ptex less than 3.0-37.13.1"/> 12241 <criterion test_ref="oval:org.opensuse.security:tst:2009060497" comment="te_web less than 3.0-37.13.1"/> 12242 <criterion test_ref="oval:org.opensuse.security:tst:2009060498" comment="tetex less than 3.0-37.13.1"/> 12243 </criteria> 12244 </criteria> 12245 </definition> 12246 <definition id="oval:org.opensuse.security:def:20100830" version="1" class="vulnerability"> 12247 <metadata> 12248 <title>CVE-2010-0830</title> 12249 <affected family="unix"> 12250 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12251 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12252 </affected> 12253 <reference ref_id="CVE-2010-0830" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0830" source="CVE"/> 12254 <description> 12255 Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header. 12256 </description> 12257 </metadata> 12258 <!-- a7e1bffd1e2cae6bb5c9bbff3d3f9de2 --> 12259 <criteria operator="AND"> 12260 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12261 <criteria operator="OR"> 12262 <criterion test_ref="oval:org.opensuse.security:tst:2009070508" comment="glibc-32bit less than 2.4-31.77.76.1"/> 12263 <criterion test_ref="oval:org.opensuse.security:tst:2009070509" comment="glibc-devel-32bit less than 2.4-31.77.76.1"/> 12264 <criterion test_ref="oval:org.opensuse.security:tst:2009070510" comment="glibc-devel less than 2.4-31.77.76.1"/> 12265 <criterion test_ref="oval:org.opensuse.security:tst:2009070511" comment="glibc-html less than 2.4-31.77.76.1"/> 12266 <criterion test_ref="oval:org.opensuse.security:tst:2009070512" comment="glibc-i18ndata less than 2.4-31.77.76.1"/> 12267 <criterion test_ref="oval:org.opensuse.security:tst:2009070513" comment="glibc-info less than 2.4-31.77.76.1"/> 12268 <criterion test_ref="oval:org.opensuse.security:tst:2009070514" comment="glibc-locale-32bit less than 2.4-31.77.76.1"/> 12269 <criterion test_ref="oval:org.opensuse.security:tst:2009070515" comment="glibc-locale less than 2.4-31.77.76.1"/> 12270 <criterion test_ref="oval:org.opensuse.security:tst:2009070516" comment="glibc less than 2.4-31.77.76.1"/> 12271 <criterion test_ref="oval:org.opensuse.security:tst:2009070517" comment="nscd less than 2.4-31.77.76.1"/> 12272 </criteria> 12273 </criteria> 12274 </definition> 12275 <definition id="oval:org.opensuse.security:def:20100837" version="1" class="vulnerability"> 12276 <metadata> 12277 <title>CVE-2010-0837</title> 12278 <affected family="unix"> 12279 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12280 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12281 </affected> 12282 <reference ref_id="CVE-2010-0837" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0837" source="CVE"/> 12283 <description> 12284 Unspecified vulnerability in the Pack200 component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. 12285 </description> 12286 </metadata> 12287 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 12288 <criteria operator="AND"> 12289 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12290 <criteria operator="OR"> 12291 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 12292 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 12293 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 12294 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 12295 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 12296 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 12297 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 12298 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 12299 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 12300 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 12301 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 12302 </criteria> 12303 </criteria> 12304 </definition> 12305 <definition id="oval:org.opensuse.security:def:20100838" version="1" class="vulnerability"> 12306 <metadata> 12307 <title>CVE-2010-0838</title> 12308 <affected family="unix"> 12309 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12310 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12311 </affected> 12312 <reference ref_id="CVE-2010-0838" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0838" source="CVE"/> 12313 <description> 12314 Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow using an untrusted size value in the readMabCurveData function in the CMM module in the JVM. 12315 </description> 12316 </metadata> 12317 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 12318 <criteria operator="AND"> 12319 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12320 <criteria operator="OR"> 12321 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 12322 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 12323 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 12324 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 12325 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 12326 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 12327 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 12328 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 12329 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 12330 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 12331 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 12332 </criteria> 12333 </criteria> 12334 </definition> 12335 <definition id="oval:org.opensuse.security:def:20100839" version="1" class="vulnerability"> 12336 <metadata> 12337 <title>CVE-2010-0839</title> 12338 <affected family="unix"> 12339 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12340 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12341 </affected> 12342 <reference ref_id="CVE-2010-0839" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0839" source="CVE"/> 12343 <description> 12344 Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. 12345 </description> 12346 </metadata> 12347 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 12348 <criteria operator="AND"> 12349 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12350 <criteria operator="OR"> 12351 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 12352 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 12353 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 12354 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 12355 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 12356 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 12357 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 12358 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 12359 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 12360 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 12361 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 12362 </criteria> 12363 </criteria> 12364 </definition> 12365 <definition id="oval:org.opensuse.security:def:20100840" version="1" class="vulnerability"> 12366 <metadata> 12367 <title>CVE-2010-0840</title> 12368 <affected family="unix"> 12369 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12370 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12371 </affected> 12372 <reference ref_id="CVE-2010-0840" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0840" source="CVE"/> 12373 <description> 12374 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) "a similar trust issue with interfaces," aka "Trusted Methods Chaining Remote Code Execution Vulnerability." 12375 </description> 12376 </metadata> 12377 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 12378 <criteria operator="AND"> 12379 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12380 <criteria operator="OR"> 12381 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 12382 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 12383 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 12384 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 12385 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 12386 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 12387 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 12388 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 12389 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 12390 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 12391 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 12392 </criteria> 12393 </criteria> 12394 </definition> 12395 <definition id="oval:org.opensuse.security:def:20100841" version="1" class="vulnerability"> 12396 <metadata> 12397 <title>CVE-2010-0841</title> 12398 <affected family="unix"> 12399 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12400 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12401 </affected> 12402 <reference ref_id="CVE-2010-0841" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0841" source="CVE"/> 12403 <description> 12404 Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the Java Runtime Environment that allows remote attackers to execute arbitrary code via a JPEG image that contains subsample dimensions with large values, related to JPEGImageReader and "stepX". 12405 </description> 12406 </metadata> 12407 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 12408 <criteria operator="AND"> 12409 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12410 <criteria operator="OR"> 12411 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 12412 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 12413 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 12414 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 12415 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 12416 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 12417 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 12418 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 12419 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 12420 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 12421 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 12422 </criteria> 12423 </criteria> 12424 </definition> 12425 <definition id="oval:org.opensuse.security:def:20100842" version="1" class="vulnerability"> 12426 <metadata> 12427 <title>CVE-2010-0842</title> 12428 <affected family="unix"> 12429 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12430 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12431 </affected> 12432 <reference ref_id="CVE-2010-0842" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0842" source="CVE"/> 12433 <description> 12434 Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an uncontrolled array index that allows remote attackers to execute arbitrary code via a MIDI file with a crafted MixerSequencer object, related to the GM_Song structure. 12435 </description> 12436 </metadata> 12437 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 12438 <criteria operator="AND"> 12439 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12440 <criteria operator="OR"> 12441 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 12442 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 12443 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 12444 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 12445 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 12446 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 12447 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 12448 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 12449 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 12450 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 12451 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 12452 </criteria> 12453 </criteria> 12454 </definition> 12455 <definition id="oval:org.opensuse.security:def:20100843" version="1" class="vulnerability"> 12456 <metadata> 12457 <title>CVE-2010-0843</title> 12458 <affected family="unix"> 12459 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12460 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12461 </affected> 12462 <reference ref_id="CVE-2010-0843" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0843" source="CVE"/> 12463 <description> 12464 Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to XNewPtr and improper handling of an integer parameter when allocating heap memory in the com.sun.media.sound libraries, which allows remote attackers to execute arbitrary code. 12465 </description> 12466 </metadata> 12467 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 12468 <criteria operator="AND"> 12469 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12470 <criteria operator="OR"> 12471 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 12472 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 12473 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 12474 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 12475 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 12476 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 12477 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 12478 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 12479 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 12480 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 12481 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 12482 </criteria> 12483 </criteria> 12484 </definition> 12485 <definition id="oval:org.opensuse.security:def:20100844" version="1" class="vulnerability"> 12486 <metadata> 12487 <title>CVE-2010-0844</title> 12488 <affected family="unix"> 12489 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12490 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12491 </affected> 12492 <reference ref_id="CVE-2010-0844" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0844" source="CVE"/> 12493 <description> 12494 Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is for improper parsing of a crafted MIDI stream when creating a MixerSequencer object, which causes a pointer to be corrupted and allows a NULL byte to be written to arbitrary memory. 12495 </description> 12496 </metadata> 12497 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 12498 <criteria operator="AND"> 12499 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12500 <criteria operator="OR"> 12501 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 12502 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 12503 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 12504 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 12505 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 12506 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 12507 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 12508 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 12509 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 12510 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 12511 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 12512 </criteria> 12513 </criteria> 12514 </definition> 12515 <definition id="oval:org.opensuse.security:def:20100846" version="1" class="vulnerability"> 12516 <metadata> 12517 <title>CVE-2010-0846</title> 12518 <affected family="unix"> 12519 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12520 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12521 </affected> 12522 <reference ref_id="CVE-2010-0846" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0846" source="CVE"/> 12523 <description> 12524 Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows remote attackers to execute arbitrary code, related to an "invalid assignment" and inconsistent length values in a JPEG image encoder (JPEGImageEncoderImpl). 12525 </description> 12526 </metadata> 12527 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 12528 <criteria operator="AND"> 12529 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12530 <criteria operator="OR"> 12531 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 12532 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 12533 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 12534 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 12535 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 12536 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 12537 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 12538 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 12539 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 12540 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 12541 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 12542 </criteria> 12543 </criteria> 12544 </definition> 12545 <definition id="oval:org.opensuse.security:def:20100847" version="1" class="vulnerability"> 12546 <metadata> 12547 <title>CVE-2010-0847</title> 12548 <affected family="unix"> 12549 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12550 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12551 </affected> 12552 <reference ref_id="CVE-2010-0847" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847" source="CVE"/> 12553 <description> 12554 Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows arbitrary code execution via a crafted image. 12555 </description> 12556 </metadata> 12557 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 12558 <criteria operator="AND"> 12559 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12560 <criteria operator="OR"> 12561 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 12562 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 12563 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 12564 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 12565 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 12566 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 12567 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 12568 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 12569 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 12570 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 12571 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 12572 </criteria> 12573 </criteria> 12574 </definition> 12575 <definition id="oval:org.opensuse.security:def:20100848" version="1" class="vulnerability"> 12576 <metadata> 12577 <title>CVE-2010-0848</title> 12578 <affected family="unix"> 12579 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12580 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12581 </affected> 12582 <reference ref_id="CVE-2010-0848" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0848" source="CVE"/> 12583 <description> 12584 Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. 12585 </description> 12586 </metadata> 12587 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 12588 <criteria operator="AND"> 12589 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12590 <criteria operator="OR"> 12591 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 12592 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 12593 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 12594 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 12595 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 12596 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 12597 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 12598 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 12599 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 12600 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 12601 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 12602 </criteria> 12603 </criteria> 12604 </definition> 12605 <definition id="oval:org.opensuse.security:def:20100849" version="1" class="vulnerability"> 12606 <metadata> 12607 <title>CVE-2010-0849</title> 12608 <affected family="unix"> 12609 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12610 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12611 </affected> 12612 <reference ref_id="CVE-2010-0849" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0849" source="CVE"/> 12613 <description> 12614 Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow in a decoding routine used by the JPEGImageDecoderImpl interface, which allows code execution via a crafted JPEG image. 12615 </description> 12616 </metadata> 12617 <!-- 3b591511d815dc7c85fac2e9b6b66d53 --> 12618 <criteria operator="AND"> 12619 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12620 <criteria operator="OR"> 12621 <criterion test_ref="oval:org.opensuse.security:tst:2009061143" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr11.2-0.4.1"/> 12622 <criterion test_ref="oval:org.opensuse.security:tst:2009061144" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr11.2-0.4.1"/> 12623 <criterion test_ref="oval:org.opensuse.security:tst:2009061145" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr11.2-0.4.1"/> 12624 <criterion test_ref="oval:org.opensuse.security:tst:2009061146" comment="java-1_5_0-ibm-demo less than 1.5.0_sr11.2-0.4.1"/> 12625 <criterion test_ref="oval:org.opensuse.security:tst:2009061147" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr11.2-0.4.1"/> 12626 <criterion test_ref="oval:org.opensuse.security:tst:2009061148" comment="java-1_5_0-ibm-devel less than 1.5.0_sr11.2-0.4.1"/> 12627 <criterion test_ref="oval:org.opensuse.security:tst:2009061149" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr11.2-0.4.1"/> 12628 <criterion test_ref="oval:org.opensuse.security:tst:2009061150" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr11.2-0.4.1"/> 12629 <criterion test_ref="oval:org.opensuse.security:tst:2009061151" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr11.2-0.4.1"/> 12630 <criterion test_ref="oval:org.opensuse.security:tst:2009061152" comment="java-1_5_0-ibm-src less than 1.5.0_sr11.2-0.4.1"/> 12631 <criterion test_ref="oval:org.opensuse.security:tst:2009061153" comment="java-1_5_0-ibm less than 1.5.0_sr11.2-0.4.1"/> 12632 </criteria> 12633 </criteria> 12634 </definition> 12635 <definition id="oval:org.opensuse.security:def:20100926" version="1" class="vulnerability"> 12636 <metadata> 12637 <title>CVE-2010-0926</title> 12638 <affected family="unix"> 12639 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12640 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12641 </affected> 12642 <reference ref_id="CVE-2010-0926" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0926" source="CVE"/> 12643 <description> 12644 The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create a symlink containing .. (dot dot) sequences, related to the combination of the unix extensions and wide links options. 12645 </description> 12646 </metadata> 12647 <!-- fa6455f54a922a4b9e9c2e1b755db9f5 --> 12648 <criteria operator="AND"> 12649 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12650 <criteria operator="OR"> 12651 <criterion test_ref="oval:org.opensuse.security:tst:2009059386" comment="cifs-mount less than 3.0.36-0.9.1"/> 12652 <criterion test_ref="oval:org.opensuse.security:tst:2009059387" comment="ldapsmb less than 1.34b-25.9.1"/> 12653 <criterion test_ref="oval:org.opensuse.security:tst:2009059388" comment="libsmbclient-32bit less than 3.0.36-0.9.1"/> 12654 <criterion test_ref="oval:org.opensuse.security:tst:2009059389" comment="libsmbclient-devel less than 3.0.36-0.9.1"/> 12655 <criterion test_ref="oval:org.opensuse.security:tst:2009059390" comment="libsmbclient less than 3.0.36-0.9.1"/> 12656 <criterion test_ref="oval:org.opensuse.security:tst:2009059391" comment="samba-32bit less than 3.0.36-0.9.1"/> 12657 <criterion test_ref="oval:org.opensuse.security:tst:2009059392" comment="samba-client-32bit less than 3.0.36-0.9.1"/> 12658 <criterion test_ref="oval:org.opensuse.security:tst:2009059393" comment="samba-client less than 3.0.36-0.9.1"/> 12659 <criterion test_ref="oval:org.opensuse.security:tst:2009059394" comment="samba-krb-printing less than 3.0.36-0.9.1"/> 12660 <criterion test_ref="oval:org.opensuse.security:tst:2009059395" comment="samba-vscan less than 0.3.6b-43.9.1"/> 12661 <criterion test_ref="oval:org.opensuse.security:tst:2009059396" comment="samba-winbind-32bit less than 3.0.36-0.9.1"/> 12662 <criterion test_ref="oval:org.opensuse.security:tst:2009059397" comment="samba-winbind less than 3.0.36-0.9.1"/> 12663 <criterion test_ref="oval:org.opensuse.security:tst:2009059398" comment="samba less than 3.0.36-0.9.1"/> 12664 </criteria> 12665 </criteria> 12666 </definition> 12667 <definition id="oval:org.opensuse.security:def:20101000" version="1" class="vulnerability"> 12668 <metadata> 12669 <title>CVE-2010-1000</title> 12670 <affected family="unix"> 12671 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12672 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12673 </affected> 12674 <reference ref_id="CVE-2010-1000" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1000" source="CVE"/> 12675 <description> 12676 Directory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file. 12677 </description> 12678 </metadata> 12679 <!-- 61a3b641a9c4e4c8f62b44bd9c2160a0 --> 12680 <criteria operator="AND"> 12681 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12682 <criteria operator="OR"> 12683 <criterion test_ref="oval:org.opensuse.security:tst:2009065300" comment="kdenetwork3-InstantMessenger less than 3.5.1-32.34.1"/> 12684 <criterion test_ref="oval:org.opensuse.security:tst:2009065301" comment="kdenetwork3-news less than 3.5.1-32.34.1"/> 12685 <criterion test_ref="oval:org.opensuse.security:tst:2009065302" comment="kdenetwork3-vnc less than 3.5.1-32.34.1"/> 12686 <criterion test_ref="oval:org.opensuse.security:tst:2009065303" comment="kdenetwork3 less than 3.5.1-32.34.1"/> 12687 </criteria> 12688 </criteria> 12689 </definition> 12690 <definition id="oval:org.opensuse.security:def:20101083" version="1" class="vulnerability"> 12691 <metadata> 12692 <title>CVE-2010-1083</title> 12693 <affected family="unix"> 12694 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12695 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12696 </affected> 12697 <reference ref_id="CVE-2010-1083" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1083" source="CVE"/> 12698 <description> 12699 The processcompl_compat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensitive information (kernel memory). 12700 </description> 12701 </metadata> 12702 <criteria operator="OR"> 12703 <!-- 30110847005ad3a7ea7c5d1efd067ce1 --> 12704 <criteria operator="AND"> 12705 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12706 <criteria operator="OR"> 12707 <criterion test_ref="oval:org.opensuse.security:tst:2009059203" comment="kernel-default less than 2.6.16.60-0.60.1"/> 12708 <criterion test_ref="oval:org.opensuse.security:tst:2009059217" comment="kernel-smp less than 2.6.16.60-0.60.1"/> 12709 <criterion test_ref="oval:org.opensuse.security:tst:2009059207" comment="kernel-source less than 2.6.16.60-0.60.1"/> 12710 <criterion test_ref="oval:org.opensuse.security:tst:2009059208" comment="kernel-syms less than 2.6.16.60-0.60.1"/> 12711 <criterion test_ref="oval:org.opensuse.security:tst:2009059218" comment="kernel-xen less than 2.6.16.60-0.60.1"/> 12712 </criteria> 12713 </criteria> 12714 <!-- 44be42f54c5e35e6e551e68351bbd0e1 --> 12715 <criteria operator="AND"> 12716 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12717 <criteria operator="OR"> 12718 <criterion test_ref="oval:org.opensuse.security:tst:2009059220" comment="kernel-bigsmp less than 2.6.16.60-0.60.1"/> 12719 <criterion test_ref="oval:org.opensuse.security:tst:2009059203" comment="kernel-default less than 2.6.16.60-0.60.1"/> 12720 <criterion test_ref="oval:org.opensuse.security:tst:2009059217" comment="kernel-smp less than 2.6.16.60-0.60.1"/> 12721 <criterion test_ref="oval:org.opensuse.security:tst:2009059207" comment="kernel-source less than 2.6.16.60-0.60.1"/> 12722 <criterion test_ref="oval:org.opensuse.security:tst:2009059208" comment="kernel-syms less than 2.6.16.60-0.60.1"/> 12723 <criterion test_ref="oval:org.opensuse.security:tst:2009059218" comment="kernel-xen less than 2.6.16.60-0.60.1"/> 12724 <criterion test_ref="oval:org.opensuse.security:tst:2009059221" comment="kernel-xenpae less than 2.6.16.60-0.60.1"/> 12725 </criteria> 12726 </criteria> 12727 </criteria> 12728 </definition> 12729 <definition id="oval:org.opensuse.security:def:20101086" version="1" class="vulnerability"> 12730 <metadata> 12731 <title>CVE-2010-1086</title> 12732 <affected family="unix"> 12733 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12734 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12735 </affected> 12736 <reference ref_id="CVE-2010-1086" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1086" source="CVE"/> 12737 <description> 12738 The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvb_net.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service (infinite loop) via a crafted MPEG2-TS frame, related to an invalid Payload Pointer ULE. 12739 </description> 12740 </metadata> 12741 <criteria operator="OR"> 12742 <!-- 30110847005ad3a7ea7c5d1efd067ce1 --> 12743 <criteria operator="AND"> 12744 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12745 <criteria operator="OR"> 12746 <criterion test_ref="oval:org.opensuse.security:tst:2009059203" comment="kernel-default less than 2.6.16.60-0.60.1"/> 12747 <criterion test_ref="oval:org.opensuse.security:tst:2009059217" comment="kernel-smp less than 2.6.16.60-0.60.1"/> 12748 <criterion test_ref="oval:org.opensuse.security:tst:2009059207" comment="kernel-source less than 2.6.16.60-0.60.1"/> 12749 <criterion test_ref="oval:org.opensuse.security:tst:2009059208" comment="kernel-syms less than 2.6.16.60-0.60.1"/> 12750 <criterion test_ref="oval:org.opensuse.security:tst:2009059218" comment="kernel-xen less than 2.6.16.60-0.60.1"/> 12751 </criteria> 12752 </criteria> 12753 <!-- 44be42f54c5e35e6e551e68351bbd0e1 --> 12754 <criteria operator="AND"> 12755 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12756 <criteria operator="OR"> 12757 <criterion test_ref="oval:org.opensuse.security:tst:2009059220" comment="kernel-bigsmp less than 2.6.16.60-0.60.1"/> 12758 <criterion test_ref="oval:org.opensuse.security:tst:2009059203" comment="kernel-default less than 2.6.16.60-0.60.1"/> 12759 <criterion test_ref="oval:org.opensuse.security:tst:2009059217" comment="kernel-smp less than 2.6.16.60-0.60.1"/> 12760 <criterion test_ref="oval:org.opensuse.security:tst:2009059207" comment="kernel-source less than 2.6.16.60-0.60.1"/> 12761 <criterion test_ref="oval:org.opensuse.security:tst:2009059208" comment="kernel-syms less than 2.6.16.60-0.60.1"/> 12762 <criterion test_ref="oval:org.opensuse.security:tst:2009059218" comment="kernel-xen less than 2.6.16.60-0.60.1"/> 12763 <criterion test_ref="oval:org.opensuse.security:tst:2009059221" comment="kernel-xenpae less than 2.6.16.60-0.60.1"/> 12764 </criteria> 12765 </criteria> 12766 </criteria> 12767 </definition> 12768 <definition id="oval:org.opensuse.security:def:20101087" version="1" class="vulnerability"> 12769 <metadata> 12770 <title>CVE-2010-1087</title> 12771 <affected family="unix"> 12772 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12773 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12774 </affected> 12775 <reference ref_id="CVE-2010-1087" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1087" source="CVE"/> 12776 <description> 12777 The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allows attackers to cause a denial of service (Oops) via unknown vectors related to truncating a file and an operation that is not interruptible. 12778 </description> 12779 </metadata> 12780 <criteria operator="OR"> 12781 <!-- 0a48d2bb88f09ec2cfa4e6dda5d9eeef --> 12782 <criteria operator="AND"> 12783 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12784 <criteria operator="OR"> 12785 <criterion test_ref="oval:org.opensuse.security:tst:2009061984" comment="kernel-default less than 2.6.16.60-0.67.1"/> 12786 <criterion test_ref="oval:org.opensuse.security:tst:2009061985" comment="kernel-smp less than 2.6.16.60-0.67.1"/> 12787 <criterion test_ref="oval:org.opensuse.security:tst:2009061986" comment="kernel-source less than 2.6.16.60-0.67.1"/> 12788 <criterion test_ref="oval:org.opensuse.security:tst:2009061987" comment="kernel-syms less than 2.6.16.60-0.67.1"/> 12789 <criterion test_ref="oval:org.opensuse.security:tst:2009061988" comment="kernel-xen less than 2.6.16.60-0.67.1"/> 12790 </criteria> 12791 </criteria> 12792 <!-- 3d5c445b4e7877667872f4260fcbae93 --> 12793 <criteria operator="AND"> 12794 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12795 <criteria operator="OR"> 12796 <criterion test_ref="oval:org.opensuse.security:tst:2009061993" comment="kernel-bigsmp less than 2.6.16.60-0.67.1"/> 12797 <criterion test_ref="oval:org.opensuse.security:tst:2009061984" comment="kernel-default less than 2.6.16.60-0.67.1"/> 12798 <criterion test_ref="oval:org.opensuse.security:tst:2009061985" comment="kernel-smp less than 2.6.16.60-0.67.1"/> 12799 <criterion test_ref="oval:org.opensuse.security:tst:2009061986" comment="kernel-source less than 2.6.16.60-0.67.1"/> 12800 <criterion test_ref="oval:org.opensuse.security:tst:2009061987" comment="kernel-syms less than 2.6.16.60-0.67.1"/> 12801 <criterion test_ref="oval:org.opensuse.security:tst:2009061988" comment="kernel-xen less than 2.6.16.60-0.67.1"/> 12802 <criterion test_ref="oval:org.opensuse.security:tst:2009061994" comment="kernel-xenpae less than 2.6.16.60-0.67.1"/> 12803 </criteria> 12804 </criteria> 12805 </criteria> 12806 </definition> 12807 <definition id="oval:org.opensuse.security:def:20101088" version="1" class="vulnerability"> 12808 <metadata> 12809 <title>CVE-2010-1088</title> 12810 <affected family="unix"> 12811 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12812 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12813 </affected> 12814 <reference ref_id="CVE-2010-1088" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1088" source="CVE"/> 12815 <description> 12816 fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount "symlinks," which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW. 12817 </description> 12818 </metadata> 12819 <criteria operator="OR"> 12820 <!-- 30110847005ad3a7ea7c5d1efd067ce1 --> 12821 <criteria operator="AND"> 12822 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12823 <criteria operator="OR"> 12824 <criterion test_ref="oval:org.opensuse.security:tst:2009059203" comment="kernel-default less than 2.6.16.60-0.60.1"/> 12825 <criterion test_ref="oval:org.opensuse.security:tst:2009059217" comment="kernel-smp less than 2.6.16.60-0.60.1"/> 12826 <criterion test_ref="oval:org.opensuse.security:tst:2009059207" comment="kernel-source less than 2.6.16.60-0.60.1"/> 12827 <criterion test_ref="oval:org.opensuse.security:tst:2009059208" comment="kernel-syms less than 2.6.16.60-0.60.1"/> 12828 <criterion test_ref="oval:org.opensuse.security:tst:2009059218" comment="kernel-xen less than 2.6.16.60-0.60.1"/> 12829 </criteria> 12830 </criteria> 12831 <!-- 44be42f54c5e35e6e551e68351bbd0e1 --> 12832 <criteria operator="AND"> 12833 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12834 <criteria operator="OR"> 12835 <criterion test_ref="oval:org.opensuse.security:tst:2009059220" comment="kernel-bigsmp less than 2.6.16.60-0.60.1"/> 12836 <criterion test_ref="oval:org.opensuse.security:tst:2009059203" comment="kernel-default less than 2.6.16.60-0.60.1"/> 12837 <criterion test_ref="oval:org.opensuse.security:tst:2009059217" comment="kernel-smp less than 2.6.16.60-0.60.1"/> 12838 <criterion test_ref="oval:org.opensuse.security:tst:2009059207" comment="kernel-source less than 2.6.16.60-0.60.1"/> 12839 <criterion test_ref="oval:org.opensuse.security:tst:2009059208" comment="kernel-syms less than 2.6.16.60-0.60.1"/> 12840 <criterion test_ref="oval:org.opensuse.security:tst:2009059218" comment="kernel-xen less than 2.6.16.60-0.60.1"/> 12841 <criterion test_ref="oval:org.opensuse.security:tst:2009059221" comment="kernel-xenpae less than 2.6.16.60-0.60.1"/> 12842 </criteria> 12843 </criteria> 12844 </criteria> 12845 </definition> 12846 <definition id="oval:org.opensuse.security:def:20101121" version="1" class="vulnerability"> 12847 <metadata> 12848 <title>CVE-2010-1121</title> 12849 <affected family="unix"> 12850 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12851 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12852 </affected> 12853 <reference ref_id="CVE-2010-1121" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1121" source="CVE"/> 12854 <description> 12855 Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection, as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010. 12856 </description> 12857 </metadata> 12858 <!-- a8d90b51fe9f6e085ade64278ece8e87 --> 12859 <criteria operator="AND"> 12860 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12861 <criteria operator="OR"> 12862 <criterion test_ref="oval:org.opensuse.security:tst:2009061260" comment="MozillaFirefox-translations less than 3.5.10-0.4.1"/> 12863 <criterion test_ref="oval:org.opensuse.security:tst:2009061261" comment="MozillaFirefox less than 3.5.10-0.4.1"/> 12864 <criterion test_ref="oval:org.opensuse.security:tst:2009061262" comment="mozilla-xulrunner191-32bit less than 1.9.1.10-1.4.1"/> 12865 <criterion test_ref="oval:org.opensuse.security:tst:2009061263" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.10-1.4.1"/> 12866 <criterion test_ref="oval:org.opensuse.security:tst:2009061264" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.10-1.4.1"/> 12867 <criterion test_ref="oval:org.opensuse.security:tst:2009061265" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.10-1.4.1"/> 12868 <criterion test_ref="oval:org.opensuse.security:tst:2009061266" comment="mozilla-xulrunner191-translations less than 1.9.1.10-1.4.1"/> 12869 <criterion test_ref="oval:org.opensuse.security:tst:2009061267" comment="mozilla-xulrunner191 less than 1.9.1.10-1.4.1"/> 12870 </criteria> 12871 </criteria> 12872 </definition> 12873 <definition id="oval:org.opensuse.security:def:20101125" version="1" class="vulnerability"> 12874 <metadata> 12875 <title>CVE-2010-1125</title> 12876 <affected family="unix"> 12877 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12878 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12879 </affected> 12880 <reference ref_id="CVE-2010-1125" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1125" source="CVE"/> 12881 <description> 12882 The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method. 12883 </description> 12884 </metadata> 12885 <!-- a8d90b51fe9f6e085ade64278ece8e87 --> 12886 <criteria operator="AND"> 12887 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12888 <criteria operator="OR"> 12889 <criterion test_ref="oval:org.opensuse.security:tst:2009061260" comment="MozillaFirefox-translations less than 3.5.10-0.4.1"/> 12890 <criterion test_ref="oval:org.opensuse.security:tst:2009061261" comment="MozillaFirefox less than 3.5.10-0.4.1"/> 12891 <criterion test_ref="oval:org.opensuse.security:tst:2009061262" comment="mozilla-xulrunner191-32bit less than 1.9.1.10-1.4.1"/> 12892 <criterion test_ref="oval:org.opensuse.security:tst:2009061263" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.10-1.4.1"/> 12893 <criterion test_ref="oval:org.opensuse.security:tst:2009061264" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.10-1.4.1"/> 12894 <criterion test_ref="oval:org.opensuse.security:tst:2009061265" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.10-1.4.1"/> 12895 <criterion test_ref="oval:org.opensuse.security:tst:2009061266" comment="mozilla-xulrunner191-translations less than 1.9.1.10-1.4.1"/> 12896 <criterion test_ref="oval:org.opensuse.security:tst:2009061267" comment="mozilla-xulrunner191 less than 1.9.1.10-1.4.1"/> 12897 </criteria> 12898 </criteria> 12899 </definition> 12900 <definition id="oval:org.opensuse.security:def:20101166" version="1" class="vulnerability"> 12901 <metadata> 12902 <title>CVE-2010-1166</title> 12903 <affected family="unix"> 12904 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12905 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12906 </affected> 12907 <reference ref_id="CVE-2010-1166" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1166" source="CVE"/> 12908 <description> 12909 The fbComposite function in fbpict.c in the Render extension in the X server in X.Org X11R7.1 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted request, related to an incorrect macro definition. 12910 </description> 12911 </metadata> 12912 <criteria operator="OR"> 12913 <!-- 7d857f13d5fd490cc6b79ed6f79d13f4 --> 12914 <criteria operator="AND"> 12915 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12916 <criteria operator="OR"> 12917 <criterion test_ref="oval:org.opensuse.security:tst:2009061233" comment="xorg-x11-Xnest less than 6.9.0-50.66.1"/> 12918 <criterion test_ref="oval:org.opensuse.security:tst:2009061234" comment="xorg-x11-Xvfb less than 6.9.0-50.66.1"/> 12919 <criterion test_ref="oval:org.opensuse.security:tst:2009061235" comment="xorg-x11-Xvnc less than 6.9.0-50.66.1"/> 12920 <criterion test_ref="oval:org.opensuse.security:tst:2009061236" comment="xorg-x11-devel-32bit less than 6.9.0-50.66.1"/> 12921 <criterion test_ref="oval:org.opensuse.security:tst:2009061237" comment="xorg-x11-devel less than 6.9.0-50.66.1"/> 12922 <criterion test_ref="oval:org.opensuse.security:tst:2009061238" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.66.1"/> 12923 <criterion test_ref="oval:org.opensuse.security:tst:2009061239" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.66.1"/> 12924 <criterion test_ref="oval:org.opensuse.security:tst:2009061240" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.66.1"/> 12925 <criterion test_ref="oval:org.opensuse.security:tst:2009061241" comment="xorg-x11-fonts-scalable less than 6.9.0-50.66.1"/> 12926 <criterion test_ref="oval:org.opensuse.security:tst:2009061242" comment="xorg-x11-fonts-syriac less than 6.9.0-50.66.1"/> 12927 <criterion test_ref="oval:org.opensuse.security:tst:2009061243" comment="xorg-x11-libs-32bit less than 6.9.0-50.66.1"/> 12928 <criterion test_ref="oval:org.opensuse.security:tst:2009061244" comment="xorg-x11-libs less than 6.9.0-50.66.1"/> 12929 <criterion test_ref="oval:org.opensuse.security:tst:2009061245" comment="xorg-x11-man less than 6.9.0-50.66.1"/> 12930 <criterion test_ref="oval:org.opensuse.security:tst:2009061246" comment="xorg-x11-server-glx less than 6.9.0-50.66.1"/> 12931 <criterion test_ref="oval:org.opensuse.security:tst:2009061247" comment="xorg-x11-server less than 6.9.0-50.66.1"/> 12932 <criterion test_ref="oval:org.opensuse.security:tst:2009061248" comment="xorg-x11 less than 6.9.0-50.66.1"/> 12933 </criteria> 12934 </criteria> 12935 <!-- ba31a309e8cde77800f42a751dbf7be3 --> 12936 <criteria operator="AND"> 12937 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12938 <criteria operator="OR"> 12939 <criterion test_ref="oval:org.opensuse.security:tst:2009063288" comment="xorg-x11-Xvnc less than 6.9.0-50.67.1"/> 12940 <criterion test_ref="oval:org.opensuse.security:tst:2009063289" comment="xorg-x11-server less than 6.9.0-50.67.1"/> 12941 </criteria> 12942 </criteria> 12943 </criteria> 12944 </definition> 12945 <definition id="oval:org.opensuse.security:def:20101168" version="1" class="vulnerability"> 12946 <metadata> 12947 <title>CVE-2010-1168</title> 12948 <affected family="unix"> 12949 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12950 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12951 </affected> 12952 <reference ref_id="CVE-2010-1168" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1168" source="CVE"/> 12953 <description> 12954 The Safe (aka Safe.pm) module before 2.25 for Perl allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed objects, as demonstrated by the (a) DESTROY and (b) AUTOLOAD methods, related to "automagic methods." 12955 </description> 12956 </metadata> 12957 <!-- 2f57d71a8b5aeb1c7fe200a680ffbc15 --> 12958 <criteria operator="AND"> 12959 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12960 <criteria operator="OR"> 12961 <criterion test_ref="oval:org.opensuse.security:tst:2009062015" comment="perl-32bit less than 5.8.8-14.15.1"/> 12962 <criterion test_ref="oval:org.opensuse.security:tst:2009062016" comment="perl less than 5.8.8-14.15.1"/> 12963 </criteria> 12964 </criteria> 12965 </definition> 12966 <definition id="oval:org.opensuse.security:def:20101169" version="1" class="vulnerability"> 12967 <metadata> 12968 <title>CVE-2010-1169</title> 12969 <affected family="unix"> 12970 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12971 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12972 </affected> 12973 <reference ref_id="CVE-2010-1169" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169" source="CVE"/> 12974 <description> 12975 PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447. 12976 </description> 12977 </metadata> 12978 <!-- 6bdf69d7fb74ed93841ee668250b20e3 --> 12979 <criteria operator="AND"> 12980 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 12981 <criteria operator="OR"> 12982 <criterion test_ref="oval:org.opensuse.security:tst:2009061294" comment="postgresql-devel less than 8.1.21-0.4.1"/> 12983 <criterion test_ref="oval:org.opensuse.security:tst:2009061295" comment="postgresql-libs-32bit less than 8.1.21-0.4.1"/> 12984 <criterion test_ref="oval:org.opensuse.security:tst:2009061296" comment="postgresql-libs less than 8.1.21-0.4.1"/> 12985 </criteria> 12986 </criteria> 12987 </definition> 12988 <definition id="oval:org.opensuse.security:def:20101170" version="1" class="vulnerability"> 12989 <metadata> 12990 <title>CVE-2010-1170</title> 12991 <affected family="unix"> 12992 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 12993 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 12994 </affected> 12995 <reference ref_id="CVE-2010-1170" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170" source="CVE"/> 12996 <description> 12997 The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltcl_modules table regardless of the table's ownership and permissions, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Tcl code by creating this table and inserting a crafted Tcl script. 12998 </description> 12999 </metadata> 13000 <!-- 6bdf69d7fb74ed93841ee668250b20e3 --> 13001 <criteria operator="AND"> 13002 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13003 <criteria operator="OR"> 13004 <criterion test_ref="oval:org.opensuse.security:tst:2009061294" comment="postgresql-devel less than 8.1.21-0.4.1"/> 13005 <criterion test_ref="oval:org.opensuse.security:tst:2009061295" comment="postgresql-libs-32bit less than 8.1.21-0.4.1"/> 13006 <criterion test_ref="oval:org.opensuse.security:tst:2009061296" comment="postgresql-libs less than 8.1.21-0.4.1"/> 13007 </criteria> 13008 </criteria> 13009 </definition> 13010 <definition id="oval:org.opensuse.security:def:20101173" version="1" class="vulnerability"> 13011 <metadata> 13012 <title>CVE-2010-1173</title> 13013 <affected family="unix"> 13014 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13015 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13016 </affected> 13017 <reference ref_id="CVE-2010-1173" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1173" source="CVE"/> 13018 <description> 13019 The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data. 13020 </description> 13021 </metadata> 13022 <criteria operator="OR"> 13023 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 13024 <criteria operator="AND"> 13025 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13026 <criteria operator="OR"> 13027 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 13028 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 13029 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 13030 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 13031 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 13032 </criteria> 13033 </criteria> 13034 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 13035 <criteria operator="AND"> 13036 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13037 <criteria operator="OR"> 13038 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 13039 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 13040 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 13041 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 13042 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 13043 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 13044 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 13045 </criteria> 13046 </criteria> 13047 </criteria> 13048 </definition> 13049 <definition id="oval:org.opensuse.security:def:20101196" version="1" class="vulnerability"> 13050 <metadata> 13051 <title>CVE-2010-1196</title> 13052 <affected family="unix"> 13053 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13054 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13055 </affected> 13056 <reference ref_id="CVE-2010-1196" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1196" source="CVE"/> 13057 <description> 13058 Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow. 13059 </description> 13060 </metadata> 13061 <!-- a8d90b51fe9f6e085ade64278ece8e87 --> 13062 <criteria operator="AND"> 13063 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13064 <criteria operator="OR"> 13065 <criterion test_ref="oval:org.opensuse.security:tst:2009061260" comment="MozillaFirefox-translations less than 3.5.10-0.4.1"/> 13066 <criterion test_ref="oval:org.opensuse.security:tst:2009061261" comment="MozillaFirefox less than 3.5.10-0.4.1"/> 13067 <criterion test_ref="oval:org.opensuse.security:tst:2009061262" comment="mozilla-xulrunner191-32bit less than 1.9.1.10-1.4.1"/> 13068 <criterion test_ref="oval:org.opensuse.security:tst:2009061263" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.10-1.4.1"/> 13069 <criterion test_ref="oval:org.opensuse.security:tst:2009061264" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.10-1.4.1"/> 13070 <criterion test_ref="oval:org.opensuse.security:tst:2009061265" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.10-1.4.1"/> 13071 <criterion test_ref="oval:org.opensuse.security:tst:2009061266" comment="mozilla-xulrunner191-translations less than 1.9.1.10-1.4.1"/> 13072 <criterion test_ref="oval:org.opensuse.security:tst:2009061267" comment="mozilla-xulrunner191 less than 1.9.1.10-1.4.1"/> 13073 </criteria> 13074 </criteria> 13075 </definition> 13076 <definition id="oval:org.opensuse.security:def:20101197" version="1" class="vulnerability"> 13077 <metadata> 13078 <title>CVE-2010-1197</title> 13079 <affected family="unix"> 13080 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13081 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13082 </affected> 13083 <reference ref_id="CVE-2010-1197" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1197" source="CVE"/> 13084 <description> 13085 Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both "Content-Disposition: attachment" and "Content-Type: multipart" are present in HTTP headers, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an uploaded HTML document. 13086 </description> 13087 </metadata> 13088 <!-- a8d90b51fe9f6e085ade64278ece8e87 --> 13089 <criteria operator="AND"> 13090 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13091 <criteria operator="OR"> 13092 <criterion test_ref="oval:org.opensuse.security:tst:2009061260" comment="MozillaFirefox-translations less than 3.5.10-0.4.1"/> 13093 <criterion test_ref="oval:org.opensuse.security:tst:2009061261" comment="MozillaFirefox less than 3.5.10-0.4.1"/> 13094 <criterion test_ref="oval:org.opensuse.security:tst:2009061262" comment="mozilla-xulrunner191-32bit less than 1.9.1.10-1.4.1"/> 13095 <criterion test_ref="oval:org.opensuse.security:tst:2009061263" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.10-1.4.1"/> 13096 <criterion test_ref="oval:org.opensuse.security:tst:2009061264" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.10-1.4.1"/> 13097 <criterion test_ref="oval:org.opensuse.security:tst:2009061265" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.10-1.4.1"/> 13098 <criterion test_ref="oval:org.opensuse.security:tst:2009061266" comment="mozilla-xulrunner191-translations less than 1.9.1.10-1.4.1"/> 13099 <criterion test_ref="oval:org.opensuse.security:tst:2009061267" comment="mozilla-xulrunner191 less than 1.9.1.10-1.4.1"/> 13100 </criteria> 13101 </criteria> 13102 </definition> 13103 <definition id="oval:org.opensuse.security:def:20101198" version="1" class="vulnerability"> 13104 <metadata> 13105 <title>CVE-2010-1198</title> 13106 <affected family="unix"> 13107 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13108 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13109 </affected> 13110 <reference ref_id="CVE-2010-1198" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1198" source="CVE"/> 13111 <description> 13112 Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances. 13113 </description> 13114 </metadata> 13115 <!-- a8d90b51fe9f6e085ade64278ece8e87 --> 13116 <criteria operator="AND"> 13117 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13118 <criteria operator="OR"> 13119 <criterion test_ref="oval:org.opensuse.security:tst:2009061260" comment="MozillaFirefox-translations less than 3.5.10-0.4.1"/> 13120 <criterion test_ref="oval:org.opensuse.security:tst:2009061261" comment="MozillaFirefox less than 3.5.10-0.4.1"/> 13121 <criterion test_ref="oval:org.opensuse.security:tst:2009061262" comment="mozilla-xulrunner191-32bit less than 1.9.1.10-1.4.1"/> 13122 <criterion test_ref="oval:org.opensuse.security:tst:2009061263" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.10-1.4.1"/> 13123 <criterion test_ref="oval:org.opensuse.security:tst:2009061264" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.10-1.4.1"/> 13124 <criterion test_ref="oval:org.opensuse.security:tst:2009061265" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.10-1.4.1"/> 13125 <criterion test_ref="oval:org.opensuse.security:tst:2009061266" comment="mozilla-xulrunner191-translations less than 1.9.1.10-1.4.1"/> 13126 <criterion test_ref="oval:org.opensuse.security:tst:2009061267" comment="mozilla-xulrunner191 less than 1.9.1.10-1.4.1"/> 13127 </criteria> 13128 </criteria> 13129 </definition> 13130 <definition id="oval:org.opensuse.security:def:20101199" version="1" class="vulnerability"> 13131 <metadata> 13132 <title>CVE-2010-1199</title> 13133 <affected family="unix"> 13134 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13135 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13136 </affected> 13137 <reference ref_id="CVE-2010-1199" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1199" source="CVE"/> 13138 <description> 13139 Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node. 13140 </description> 13141 </metadata> 13142 <!-- a8d90b51fe9f6e085ade64278ece8e87 --> 13143 <criteria operator="AND"> 13144 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13145 <criteria operator="OR"> 13146 <criterion test_ref="oval:org.opensuse.security:tst:2009061260" comment="MozillaFirefox-translations less than 3.5.10-0.4.1"/> 13147 <criterion test_ref="oval:org.opensuse.security:tst:2009061261" comment="MozillaFirefox less than 3.5.10-0.4.1"/> 13148 <criterion test_ref="oval:org.opensuse.security:tst:2009061262" comment="mozilla-xulrunner191-32bit less than 1.9.1.10-1.4.1"/> 13149 <criterion test_ref="oval:org.opensuse.security:tst:2009061263" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.10-1.4.1"/> 13150 <criterion test_ref="oval:org.opensuse.security:tst:2009061264" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.10-1.4.1"/> 13151 <criterion test_ref="oval:org.opensuse.security:tst:2009061265" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.10-1.4.1"/> 13152 <criterion test_ref="oval:org.opensuse.security:tst:2009061266" comment="mozilla-xulrunner191-translations less than 1.9.1.10-1.4.1"/> 13153 <criterion test_ref="oval:org.opensuse.security:tst:2009061267" comment="mozilla-xulrunner191 less than 1.9.1.10-1.4.1"/> 13154 </criteria> 13155 </criteria> 13156 </definition> 13157 <definition id="oval:org.opensuse.security:def:20101200" version="1" class="vulnerability"> 13158 <metadata> 13159 <title>CVE-2010-1200</title> 13160 <affected family="unix"> 13161 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13162 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13163 </affected> 13164 <reference ref_id="CVE-2010-1200" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1200" source="CVE"/> 13165 <description> 13166 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 13167 </description> 13168 </metadata> 13169 <!-- a8d90b51fe9f6e085ade64278ece8e87 --> 13170 <criteria operator="AND"> 13171 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13172 <criteria operator="OR"> 13173 <criterion test_ref="oval:org.opensuse.security:tst:2009061260" comment="MozillaFirefox-translations less than 3.5.10-0.4.1"/> 13174 <criterion test_ref="oval:org.opensuse.security:tst:2009061261" comment="MozillaFirefox less than 3.5.10-0.4.1"/> 13175 <criterion test_ref="oval:org.opensuse.security:tst:2009061262" comment="mozilla-xulrunner191-32bit less than 1.9.1.10-1.4.1"/> 13176 <criterion test_ref="oval:org.opensuse.security:tst:2009061263" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.10-1.4.1"/> 13177 <criterion test_ref="oval:org.opensuse.security:tst:2009061264" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.10-1.4.1"/> 13178 <criterion test_ref="oval:org.opensuse.security:tst:2009061265" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.10-1.4.1"/> 13179 <criterion test_ref="oval:org.opensuse.security:tst:2009061266" comment="mozilla-xulrunner191-translations less than 1.9.1.10-1.4.1"/> 13180 <criterion test_ref="oval:org.opensuse.security:tst:2009061267" comment="mozilla-xulrunner191 less than 1.9.1.10-1.4.1"/> 13181 </criteria> 13182 </criteria> 13183 </definition> 13184 <definition id="oval:org.opensuse.security:def:20101201" version="1" class="vulnerability"> 13185 <metadata> 13186 <title>CVE-2010-1201</title> 13187 <affected family="unix"> 13188 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13189 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13190 </affected> 13191 <reference ref_id="CVE-2010-1201" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1201" source="CVE"/> 13192 <description> 13193 Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.10, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 13194 </description> 13195 </metadata> 13196 <!-- a8d90b51fe9f6e085ade64278ece8e87 --> 13197 <criteria operator="AND"> 13198 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13199 <criteria operator="OR"> 13200 <criterion test_ref="oval:org.opensuse.security:tst:2009061260" comment="MozillaFirefox-translations less than 3.5.10-0.4.1"/> 13201 <criterion test_ref="oval:org.opensuse.security:tst:2009061261" comment="MozillaFirefox less than 3.5.10-0.4.1"/> 13202 <criterion test_ref="oval:org.opensuse.security:tst:2009061262" comment="mozilla-xulrunner191-32bit less than 1.9.1.10-1.4.1"/> 13203 <criterion test_ref="oval:org.opensuse.security:tst:2009061263" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.10-1.4.1"/> 13204 <criterion test_ref="oval:org.opensuse.security:tst:2009061264" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.10-1.4.1"/> 13205 <criterion test_ref="oval:org.opensuse.security:tst:2009061265" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.10-1.4.1"/> 13206 <criterion test_ref="oval:org.opensuse.security:tst:2009061266" comment="mozilla-xulrunner191-translations less than 1.9.1.10-1.4.1"/> 13207 <criterion test_ref="oval:org.opensuse.security:tst:2009061267" comment="mozilla-xulrunner191 less than 1.9.1.10-1.4.1"/> 13208 </criteria> 13209 </criteria> 13210 </definition> 13211 <definition id="oval:org.opensuse.security:def:20101202" version="1" class="vulnerability"> 13212 <metadata> 13213 <title>CVE-2010-1202</title> 13214 <affected family="unix"> 13215 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13216 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13217 </affected> 13218 <reference ref_id="CVE-2010-1202" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1202" source="CVE"/> 13219 <description> 13220 Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 13221 </description> 13222 </metadata> 13223 <!-- a8d90b51fe9f6e085ade64278ece8e87 --> 13224 <criteria operator="AND"> 13225 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13226 <criteria operator="OR"> 13227 <criterion test_ref="oval:org.opensuse.security:tst:2009061260" comment="MozillaFirefox-translations less than 3.5.10-0.4.1"/> 13228 <criterion test_ref="oval:org.opensuse.security:tst:2009061261" comment="MozillaFirefox less than 3.5.10-0.4.1"/> 13229 <criterion test_ref="oval:org.opensuse.security:tst:2009061262" comment="mozilla-xulrunner191-32bit less than 1.9.1.10-1.4.1"/> 13230 <criterion test_ref="oval:org.opensuse.security:tst:2009061263" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.10-1.4.1"/> 13231 <criterion test_ref="oval:org.opensuse.security:tst:2009061264" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.10-1.4.1"/> 13232 <criterion test_ref="oval:org.opensuse.security:tst:2009061265" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.10-1.4.1"/> 13233 <criterion test_ref="oval:org.opensuse.security:tst:2009061266" comment="mozilla-xulrunner191-translations less than 1.9.1.10-1.4.1"/> 13234 <criterion test_ref="oval:org.opensuse.security:tst:2009061267" comment="mozilla-xulrunner191 less than 1.9.1.10-1.4.1"/> 13235 </criteria> 13236 </criteria> 13237 </definition> 13238 <definition id="oval:org.opensuse.security:def:20101203" version="1" class="vulnerability"> 13239 <metadata> 13240 <title>CVE-2010-1203</title> 13241 <affected family="unix"> 13242 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13243 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13244 </affected> 13245 <reference ref_id="CVE-2010-1203" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1203" source="CVE"/> 13246 <description> 13247 The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp. 13248 </description> 13249 </metadata> 13250 <!-- a8d90b51fe9f6e085ade64278ece8e87 --> 13251 <criteria operator="AND"> 13252 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13253 <criteria operator="OR"> 13254 <criterion test_ref="oval:org.opensuse.security:tst:2009061260" comment="MozillaFirefox-translations less than 3.5.10-0.4.1"/> 13255 <criterion test_ref="oval:org.opensuse.security:tst:2009061261" comment="MozillaFirefox less than 3.5.10-0.4.1"/> 13256 <criterion test_ref="oval:org.opensuse.security:tst:2009061262" comment="mozilla-xulrunner191-32bit less than 1.9.1.10-1.4.1"/> 13257 <criterion test_ref="oval:org.opensuse.security:tst:2009061263" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.10-1.4.1"/> 13258 <criterion test_ref="oval:org.opensuse.security:tst:2009061264" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.10-1.4.1"/> 13259 <criterion test_ref="oval:org.opensuse.security:tst:2009061265" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.10-1.4.1"/> 13260 <criterion test_ref="oval:org.opensuse.security:tst:2009061266" comment="mozilla-xulrunner191-translations less than 1.9.1.10-1.4.1"/> 13261 <criterion test_ref="oval:org.opensuse.security:tst:2009061267" comment="mozilla-xulrunner191 less than 1.9.1.10-1.4.1"/> 13262 </criteria> 13263 </criteria> 13264 </definition> 13265 <definition id="oval:org.opensuse.security:def:20101205" version="1" class="vulnerability"> 13266 <metadata> 13267 <title>CVE-2010-1205</title> 13268 <affected family="unix"> 13269 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13270 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13271 </affected> 13272 <reference ref_id="CVE-2010-1205" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205" source="CVE"/> 13273 <description> 13274 Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. 13275 </description> 13276 </metadata> 13277 <criteria operator="OR"> 13278 <!-- 37055a3106d59423dce730c76401a58e --> 13279 <criteria operator="AND"> 13280 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13281 <criteria operator="OR"> 13282 <criterion test_ref="oval:org.opensuse.security:tst:2009062300" comment="libpng-32bit less than 1.2.8-19.29.1"/> 13283 <criterion test_ref="oval:org.opensuse.security:tst:2009062301" comment="libpng-devel-32bit less than 1.2.8-19.29.1"/> 13284 <criterion test_ref="oval:org.opensuse.security:tst:2009062302" comment="libpng-devel less than 1.2.8-19.29.1"/> 13285 <criterion test_ref="oval:org.opensuse.security:tst:2009062303" comment="libpng less than 1.2.8-19.29.1"/> 13286 </criteria> 13287 </criteria> 13288 <!-- 8b35218d04ea0b2f8a4fa600f61c669c --> 13289 <criteria operator="AND"> 13290 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13291 <criteria operator="OR"> 13292 <criterion test_ref="oval:org.opensuse.security:tst:2009061842" comment="MozillaFirefox-translations less than 3.5.11-0.4.1"/> 13293 <criterion test_ref="oval:org.opensuse.security:tst:2009061843" comment="MozillaFirefox less than 3.5.11-0.4.1"/> 13294 <criterion test_ref="oval:org.opensuse.security:tst:2009061844" comment="mozilla-xulrunner191-32bit less than 1.9.1.11-0.4.1"/> 13295 <criterion test_ref="oval:org.opensuse.security:tst:2009061845" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.11-0.4.1"/> 13296 <criterion test_ref="oval:org.opensuse.security:tst:2009061846" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.11-0.4.1"/> 13297 <criterion test_ref="oval:org.opensuse.security:tst:2009061847" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.11-0.4.1"/> 13298 <criterion test_ref="oval:org.opensuse.security:tst:2009061848" comment="mozilla-xulrunner191-translations less than 1.9.1.11-0.4.1"/> 13299 <criterion test_ref="oval:org.opensuse.security:tst:2009061849" comment="mozilla-xulrunner191 less than 1.9.1.11-0.4.1"/> 13300 </criteria> 13301 </criteria> 13302 </criteria> 13303 </definition> 13304 <definition id="oval:org.opensuse.security:def:20101206" version="1" class="vulnerability"> 13305 <metadata> 13306 <title>CVE-2010-1206</title> 13307 <affected family="unix"> 13308 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13309 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13310 </affected> 13311 <reference ref_id="CVE-2010-1206" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1206" source="CVE"/> 13312 <description> 13313 The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, does not properly implement the Same Origin Policy in certain circumstances related to the about:blank document and a document that is currently loading, which allows (1) remote web servers to conduct spoofing attacks via vectors involving a 204 (aka No Content) status code, and allows (2) remote attackers to conduct spoofing attacks via vectors involving a window.stop call. 13314 </description> 13315 </metadata> 13316 <!-- 8b35218d04ea0b2f8a4fa600f61c669c --> 13317 <criteria operator="AND"> 13318 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13319 <criteria operator="OR"> 13320 <criterion test_ref="oval:org.opensuse.security:tst:2009061842" comment="MozillaFirefox-translations less than 3.5.11-0.4.1"/> 13321 <criterion test_ref="oval:org.opensuse.security:tst:2009061843" comment="MozillaFirefox less than 3.5.11-0.4.1"/> 13322 <criterion test_ref="oval:org.opensuse.security:tst:2009061844" comment="mozilla-xulrunner191-32bit less than 1.9.1.11-0.4.1"/> 13323 <criterion test_ref="oval:org.opensuse.security:tst:2009061845" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.11-0.4.1"/> 13324 <criterion test_ref="oval:org.opensuse.security:tst:2009061846" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.11-0.4.1"/> 13325 <criterion test_ref="oval:org.opensuse.security:tst:2009061847" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.11-0.4.1"/> 13326 <criterion test_ref="oval:org.opensuse.security:tst:2009061848" comment="mozilla-xulrunner191-translations less than 1.9.1.11-0.4.1"/> 13327 <criterion test_ref="oval:org.opensuse.security:tst:2009061849" comment="mozilla-xulrunner191 less than 1.9.1.11-0.4.1"/> 13328 </criteria> 13329 </criteria> 13330 </definition> 13331 <definition id="oval:org.opensuse.security:def:20101208" version="1" class="vulnerability"> 13332 <metadata> 13333 <title>CVE-2010-1208</title> 13334 <affected family="unix"> 13335 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13336 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13337 </affected> 13338 <reference ref_id="CVE-2010-1208" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1208" source="CVE"/> 13339 <description> 13340 Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via vectors related to deletion of an event attribute node with a nonzero reference count. 13341 </description> 13342 </metadata> 13343 <!-- 8b35218d04ea0b2f8a4fa600f61c669c --> 13344 <criteria operator="AND"> 13345 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13346 <criteria operator="OR"> 13347 <criterion test_ref="oval:org.opensuse.security:tst:2009061842" comment="MozillaFirefox-translations less than 3.5.11-0.4.1"/> 13348 <criterion test_ref="oval:org.opensuse.security:tst:2009061843" comment="MozillaFirefox less than 3.5.11-0.4.1"/> 13349 <criterion test_ref="oval:org.opensuse.security:tst:2009061844" comment="mozilla-xulrunner191-32bit less than 1.9.1.11-0.4.1"/> 13350 <criterion test_ref="oval:org.opensuse.security:tst:2009061845" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.11-0.4.1"/> 13351 <criterion test_ref="oval:org.opensuse.security:tst:2009061846" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.11-0.4.1"/> 13352 <criterion test_ref="oval:org.opensuse.security:tst:2009061847" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.11-0.4.1"/> 13353 <criterion test_ref="oval:org.opensuse.security:tst:2009061848" comment="mozilla-xulrunner191-translations less than 1.9.1.11-0.4.1"/> 13354 <criterion test_ref="oval:org.opensuse.security:tst:2009061849" comment="mozilla-xulrunner191 less than 1.9.1.11-0.4.1"/> 13355 </criteria> 13356 </criteria> 13357 </definition> 13358 <definition id="oval:org.opensuse.security:def:20101209" version="1" class="vulnerability"> 13359 <metadata> 13360 <title>CVE-2010-1209</title> 13361 <affected family="unix"> 13362 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13363 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13364 </affected> 13365 <reference ref_id="CVE-2010-1209" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1209" source="CVE"/> 13366 <description> 13367 Use-after-free vulnerability in the NodeIterator implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via a crafted NodeFilter that detaches DOM nodes, related to the NodeIterator interface and a javascript callback. 13368 </description> 13369 </metadata> 13370 <!-- 8b35218d04ea0b2f8a4fa600f61c669c --> 13371 <criteria operator="AND"> 13372 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13373 <criteria operator="OR"> 13374 <criterion test_ref="oval:org.opensuse.security:tst:2009061842" comment="MozillaFirefox-translations less than 3.5.11-0.4.1"/> 13375 <criterion test_ref="oval:org.opensuse.security:tst:2009061843" comment="MozillaFirefox less than 3.5.11-0.4.1"/> 13376 <criterion test_ref="oval:org.opensuse.security:tst:2009061844" comment="mozilla-xulrunner191-32bit less than 1.9.1.11-0.4.1"/> 13377 <criterion test_ref="oval:org.opensuse.security:tst:2009061845" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.11-0.4.1"/> 13378 <criterion test_ref="oval:org.opensuse.security:tst:2009061846" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.11-0.4.1"/> 13379 <criterion test_ref="oval:org.opensuse.security:tst:2009061847" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.11-0.4.1"/> 13380 <criterion test_ref="oval:org.opensuse.security:tst:2009061848" comment="mozilla-xulrunner191-translations less than 1.9.1.11-0.4.1"/> 13381 <criterion test_ref="oval:org.opensuse.security:tst:2009061849" comment="mozilla-xulrunner191 less than 1.9.1.11-0.4.1"/> 13382 </criteria> 13383 </criteria> 13384 </definition> 13385 <definition id="oval:org.opensuse.security:def:20101211" version="1" class="vulnerability"> 13386 <metadata> 13387 <title>CVE-2010-1211</title> 13388 <affected family="unix"> 13389 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13390 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13391 </affected> 13392 <reference ref_id="CVE-2010-1211" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1211" source="CVE"/> 13393 <description> 13394 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 13395 </description> 13396 </metadata> 13397 <!-- 8b35218d04ea0b2f8a4fa600f61c669c --> 13398 <criteria operator="AND"> 13399 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13400 <criteria operator="OR"> 13401 <criterion test_ref="oval:org.opensuse.security:tst:2009061842" comment="MozillaFirefox-translations less than 3.5.11-0.4.1"/> 13402 <criterion test_ref="oval:org.opensuse.security:tst:2009061843" comment="MozillaFirefox less than 3.5.11-0.4.1"/> 13403 <criterion test_ref="oval:org.opensuse.security:tst:2009061844" comment="mozilla-xulrunner191-32bit less than 1.9.1.11-0.4.1"/> 13404 <criterion test_ref="oval:org.opensuse.security:tst:2009061845" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.11-0.4.1"/> 13405 <criterion test_ref="oval:org.opensuse.security:tst:2009061846" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.11-0.4.1"/> 13406 <criterion test_ref="oval:org.opensuse.security:tst:2009061847" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.11-0.4.1"/> 13407 <criterion test_ref="oval:org.opensuse.security:tst:2009061848" comment="mozilla-xulrunner191-translations less than 1.9.1.11-0.4.1"/> 13408 <criterion test_ref="oval:org.opensuse.security:tst:2009061849" comment="mozilla-xulrunner191 less than 1.9.1.11-0.4.1"/> 13409 </criteria> 13410 </criteria> 13411 </definition> 13412 <definition id="oval:org.opensuse.security:def:20101213" version="1" class="vulnerability"> 13413 <metadata> 13414 <title>CVE-2010-1213</title> 13415 <affected family="unix"> 13416 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13417 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13418 </affected> 13419 <reference ref_id="CVE-2010-1213" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1213" source="CVE"/> 13420 <description> 13421 The importScripts Web Worker method in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not verify that content is valid JavaScript code, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted HTML document. 13422 </description> 13423 </metadata> 13424 <!-- 8b35218d04ea0b2f8a4fa600f61c669c --> 13425 <criteria operator="AND"> 13426 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13427 <criteria operator="OR"> 13428 <criterion test_ref="oval:org.opensuse.security:tst:2009061842" comment="MozillaFirefox-translations less than 3.5.11-0.4.1"/> 13429 <criterion test_ref="oval:org.opensuse.security:tst:2009061843" comment="MozillaFirefox less than 3.5.11-0.4.1"/> 13430 <criterion test_ref="oval:org.opensuse.security:tst:2009061844" comment="mozilla-xulrunner191-32bit less than 1.9.1.11-0.4.1"/> 13431 <criterion test_ref="oval:org.opensuse.security:tst:2009061845" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.11-0.4.1"/> 13432 <criterion test_ref="oval:org.opensuse.security:tst:2009061846" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.11-0.4.1"/> 13433 <criterion test_ref="oval:org.opensuse.security:tst:2009061847" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.11-0.4.1"/> 13434 <criterion test_ref="oval:org.opensuse.security:tst:2009061848" comment="mozilla-xulrunner191-translations less than 1.9.1.11-0.4.1"/> 13435 <criterion test_ref="oval:org.opensuse.security:tst:2009061849" comment="mozilla-xulrunner191 less than 1.9.1.11-0.4.1"/> 13436 </criteria> 13437 </criteria> 13438 </definition> 13439 <definition id="oval:org.opensuse.security:def:20101214" version="1" class="vulnerability"> 13440 <metadata> 13441 <title>CVE-2010-1214</title> 13442 <affected family="unix"> 13443 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13444 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13445 </affected> 13446 <reference ref_id="CVE-2010-1214" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1214" source="CVE"/> 13447 <description> 13448 Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter elements. 13449 </description> 13450 </metadata> 13451 <!-- 8b35218d04ea0b2f8a4fa600f61c669c --> 13452 <criteria operator="AND"> 13453 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13454 <criteria operator="OR"> 13455 <criterion test_ref="oval:org.opensuse.security:tst:2009061842" comment="MozillaFirefox-translations less than 3.5.11-0.4.1"/> 13456 <criterion test_ref="oval:org.opensuse.security:tst:2009061843" comment="MozillaFirefox less than 3.5.11-0.4.1"/> 13457 <criterion test_ref="oval:org.opensuse.security:tst:2009061844" comment="mozilla-xulrunner191-32bit less than 1.9.1.11-0.4.1"/> 13458 <criterion test_ref="oval:org.opensuse.security:tst:2009061845" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.11-0.4.1"/> 13459 <criterion test_ref="oval:org.opensuse.security:tst:2009061846" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.11-0.4.1"/> 13460 <criterion test_ref="oval:org.opensuse.security:tst:2009061847" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.11-0.4.1"/> 13461 <criterion test_ref="oval:org.opensuse.security:tst:2009061848" comment="mozilla-xulrunner191-translations less than 1.9.1.11-0.4.1"/> 13462 <criterion test_ref="oval:org.opensuse.security:tst:2009061849" comment="mozilla-xulrunner191 less than 1.9.1.11-0.4.1"/> 13463 </criteria> 13464 </criteria> 13465 </definition> 13466 <definition id="oval:org.opensuse.security:def:20101240" version="1" class="vulnerability"> 13467 <metadata> 13468 <title>CVE-2010-1240</title> 13469 <affected family="unix"> 13470 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13471 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13472 </affected> 13473 <reference ref_id="CVE-2010-1240" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1240" source="CVE"/> 13474 <description> 13475 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PDF document, as demonstrated by a text field that claims that the Open button will enable the user to read an encrypted message. 13476 </description> 13477 </metadata> 13478 <criteria operator="OR"> 13479 <!-- 0dc88ee261caadcb967f90fbfd30e7f2 --> 13480 <criteria operator="AND"> 13481 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13482 <criteria operator="OR"> 13483 <criterion test_ref="oval:org.opensuse.security:tst:2009062195" comment="acroread-cmaps less than 9.3.4-0.5.1"/> 13484 <criterion test_ref="oval:org.opensuse.security:tst:2009062196" comment="acroread-fonts-ja less than 9.3.4-0.5.1"/> 13485 <criterion test_ref="oval:org.opensuse.security:tst:2009062197" comment="acroread-fonts-ko less than 9.3.4-0.5.1"/> 13486 <criterion test_ref="oval:org.opensuse.security:tst:2009062198" comment="acroread-fonts-zh_CN less than 9.3.4-0.5.1"/> 13487 <criterion test_ref="oval:org.opensuse.security:tst:2009062199" comment="acroread-fonts-zh_TW less than 9.3.4-0.5.1"/> 13488 <criterion test_ref="oval:org.opensuse.security:tst:2009062200" comment="acroread less than 9.3.4-0.5.1"/> 13489 </criteria> 13490 </criteria> 13491 <!-- 21e68a87c99667a745529ff35a06f5ee --> 13492 <criteria operator="AND"> 13493 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13494 <criteria operator="OR"> 13495 <criterion test_ref="oval:org.opensuse.security:tst:2009061121" comment="acroread-cmaps less than 9.3.3-0.4.1"/> 13496 <criterion test_ref="oval:org.opensuse.security:tst:2009061122" comment="acroread-fonts-ja less than 9.3.3-0.4.1"/> 13497 <criterion test_ref="oval:org.opensuse.security:tst:2009061123" comment="acroread-fonts-ko less than 9.3.3-0.4.1"/> 13498 <criterion test_ref="oval:org.opensuse.security:tst:2009061124" comment="acroread-fonts-zh_CN less than 9.3.3-0.4.1"/> 13499 <criterion test_ref="oval:org.opensuse.security:tst:2009061125" comment="acroread-fonts-zh_TW less than 9.3.3-0.4.1"/> 13500 <criterion test_ref="oval:org.opensuse.security:tst:2009061126" comment="acroread less than 9.3.3-0.4.1"/> 13501 </criteria> 13502 </criteria> 13503 <!-- 85ffca1ba54e883e18325b6a2ce98de9 --> 13504 <criteria operator="AND"> 13505 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13506 <criterion test_ref="oval:org.opensuse.security:tst:2009061134" comment="acroread_ja less than 9.3.3-0.4.1"/> 13507 </criteria> 13508 <!-- 8d6734b9845d252567cc853032034436 --> 13509 <criteria operator="AND"> 13510 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13511 <criterion test_ref="oval:org.opensuse.security:tst:2009062201" comment="acroread_ja less than 9.3.4-0.4.1"/> 13512 </criteria> 13513 </criteria> 13514 </definition> 13515 <definition id="oval:org.opensuse.security:def:20101241" version="1" class="vulnerability"> 13516 <metadata> 13517 <title>CVE-2010-1241</title> 13518 <affected family="unix"> 13519 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13520 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13521 </affected> 13522 <reference ref_id="CVE-2010-1241" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241" source="CVE"/> 13523 <description> 13524 Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, aka FG-VD-10-005. 13525 </description> 13526 </metadata> 13527 <criteria operator="OR"> 13528 <!-- 1a12ee072c929ca16f4fccdba35aff6f --> 13529 <criteria operator="AND"> 13530 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13531 <criterion test_ref="oval:org.opensuse.security:tst:2009059789" comment="acroread_ja less than 9.3.2-0.4.1"/> 13532 </criteria> 13533 <!-- ea122670adcd95514736ecbc647a5104 --> 13534 <criteria operator="AND"> 13535 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13536 <criteria operator="OR"> 13537 <criterion test_ref="oval:org.opensuse.security:tst:2009059802" comment="acroread-cmaps less than 9.3.2-0.4.1"/> 13538 <criterion test_ref="oval:org.opensuse.security:tst:2009059803" comment="acroread-fonts-ja less than 9.3.2-0.4.1"/> 13539 <criterion test_ref="oval:org.opensuse.security:tst:2009059804" comment="acroread-fonts-ko less than 9.3.2-0.4.1"/> 13540 <criterion test_ref="oval:org.opensuse.security:tst:2009059805" comment="acroread-fonts-zh_CN less than 9.3.2-0.4.1"/> 13541 <criterion test_ref="oval:org.opensuse.security:tst:2009059806" comment="acroread-fonts-zh_TW less than 9.3.2-0.4.1"/> 13542 <criterion test_ref="oval:org.opensuse.security:tst:2009059807" comment="acroread less than 9.3.2-0.4.1"/> 13543 </criteria> 13544 </criteria> 13545 </criteria> 13546 </definition> 13547 <definition id="oval:org.opensuse.security:def:20101285" version="1" class="vulnerability"> 13548 <metadata> 13549 <title>CVE-2010-1285</title> 13550 <affected family="unix"> 13551 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13552 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13553 </affected> 13554 <reference ref_id="CVE-2010-1285" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285" source="CVE"/> 13555 <description> 13556 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified manipulations involving the newclass (0x58) operator and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-2168 and CVE-2010-2201. 13557 </description> 13558 </metadata> 13559 <criteria operator="OR"> 13560 <!-- 21e68a87c99667a745529ff35a06f5ee --> 13561 <criteria operator="AND"> 13562 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13563 <criteria operator="OR"> 13564 <criterion test_ref="oval:org.opensuse.security:tst:2009061121" comment="acroread-cmaps less than 9.3.3-0.4.1"/> 13565 <criterion test_ref="oval:org.opensuse.security:tst:2009061122" comment="acroread-fonts-ja less than 9.3.3-0.4.1"/> 13566 <criterion test_ref="oval:org.opensuse.security:tst:2009061123" comment="acroread-fonts-ko less than 9.3.3-0.4.1"/> 13567 <criterion test_ref="oval:org.opensuse.security:tst:2009061124" comment="acroread-fonts-zh_CN less than 9.3.3-0.4.1"/> 13568 <criterion test_ref="oval:org.opensuse.security:tst:2009061125" comment="acroread-fonts-zh_TW less than 9.3.3-0.4.1"/> 13569 <criterion test_ref="oval:org.opensuse.security:tst:2009061126" comment="acroread less than 9.3.3-0.4.1"/> 13570 </criteria> 13571 </criteria> 13572 <!-- 85ffca1ba54e883e18325b6a2ce98de9 --> 13573 <criteria operator="AND"> 13574 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13575 <criterion test_ref="oval:org.opensuse.security:tst:2009061134" comment="acroread_ja less than 9.3.3-0.4.1"/> 13576 </criteria> 13577 </criteria> 13578 </definition> 13579 <definition id="oval:org.opensuse.security:def:20101295" version="1" class="vulnerability"> 13580 <metadata> 13581 <title>CVE-2010-1295</title> 13582 <affected family="unix"> 13583 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13584 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13585 </affected> 13586 <reference ref_id="CVE-2010-1295" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295" source="CVE"/> 13587 <description> 13588 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. 13589 </description> 13590 </metadata> 13591 <criteria operator="OR"> 13592 <!-- 21e68a87c99667a745529ff35a06f5ee --> 13593 <criteria operator="AND"> 13594 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13595 <criteria operator="OR"> 13596 <criterion test_ref="oval:org.opensuse.security:tst:2009061121" comment="acroread-cmaps less than 9.3.3-0.4.1"/> 13597 <criterion test_ref="oval:org.opensuse.security:tst:2009061122" comment="acroread-fonts-ja less than 9.3.3-0.4.1"/> 13598 <criterion test_ref="oval:org.opensuse.security:tst:2009061123" comment="acroread-fonts-ko less than 9.3.3-0.4.1"/> 13599 <criterion test_ref="oval:org.opensuse.security:tst:2009061124" comment="acroread-fonts-zh_CN less than 9.3.3-0.4.1"/> 13600 <criterion test_ref="oval:org.opensuse.security:tst:2009061125" comment="acroread-fonts-zh_TW less than 9.3.3-0.4.1"/> 13601 <criterion test_ref="oval:org.opensuse.security:tst:2009061126" comment="acroread less than 9.3.3-0.4.1"/> 13602 </criteria> 13603 </criteria> 13604 <!-- 85ffca1ba54e883e18325b6a2ce98de9 --> 13605 <criteria operator="AND"> 13606 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13607 <criterion test_ref="oval:org.opensuse.security:tst:2009061134" comment="acroread_ja less than 9.3.3-0.4.1"/> 13608 </criteria> 13609 </criteria> 13610 </definition> 13611 <definition id="oval:org.opensuse.security:def:20101297" version="1" class="vulnerability"> 13612 <metadata> 13613 <title>CVE-2010-1297</title> 13614 <affected family="unix"> 13615 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13616 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13617 </affected> 13618 <reference ref_id="CVE-2010-1297" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297" source="CVE"/> 13619 <description> 13620 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010. 13621 </description> 13622 </metadata> 13623 <criteria operator="OR"> 13624 <!-- 21e68a87c99667a745529ff35a06f5ee --> 13625 <criteria operator="AND"> 13626 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13627 <criteria operator="OR"> 13628 <criterion test_ref="oval:org.opensuse.security:tst:2009061121" comment="acroread-cmaps less than 9.3.3-0.4.1"/> 13629 <criterion test_ref="oval:org.opensuse.security:tst:2009061122" comment="acroread-fonts-ja less than 9.3.3-0.4.1"/> 13630 <criterion test_ref="oval:org.opensuse.security:tst:2009061123" comment="acroread-fonts-ko less than 9.3.3-0.4.1"/> 13631 <criterion test_ref="oval:org.opensuse.security:tst:2009061124" comment="acroread-fonts-zh_CN less than 9.3.3-0.4.1"/> 13632 <criterion test_ref="oval:org.opensuse.security:tst:2009061125" comment="acroread-fonts-zh_TW less than 9.3.3-0.4.1"/> 13633 <criterion test_ref="oval:org.opensuse.security:tst:2009061126" comment="acroread less than 9.3.3-0.4.1"/> 13634 </criteria> 13635 </criteria> 13636 <!-- 85ffca1ba54e883e18325b6a2ce98de9 --> 13637 <criteria operator="AND"> 13638 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13639 <criterion test_ref="oval:org.opensuse.security:tst:2009061134" comment="acroread_ja less than 9.3.3-0.4.1"/> 13640 </criteria> 13641 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 13642 <criteria operator="AND"> 13643 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13644 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 13645 </criteria> 13646 </criteria> 13647 </definition> 13648 <definition id="oval:org.opensuse.security:def:20101311" version="1" class="vulnerability"> 13649 <metadata> 13650 <title>CVE-2010-1311</title> 13651 <affected family="unix"> 13652 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13653 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13654 </affected> 13655 <reference ref_id="CVE-2010-1311" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1311" source="CVE"/> 13656 <description> 13657 The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: some of these details are obtained from third party information. 13658 </description> 13659 </metadata> 13660 <!-- 0fe0a47e2d9e4a6160a308a56172d457 --> 13661 <criteria operator="AND"> 13662 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13663 <criterion test_ref="oval:org.opensuse.security:tst:2009059973" comment="clamav less than 0.96-0.6.1"/> 13664 </criteria> 13665 </definition> 13666 <definition id="oval:org.opensuse.security:def:20101321" version="1" class="vulnerability"> 13667 <metadata> 13668 <title>CVE-2010-1321</title> 13669 <affected family="unix"> 13670 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13671 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13672 </affected> 13673 <reference ref_id="CVE-2010-1321" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321" source="CVE"/> 13674 <description> 13675 The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing. 13676 </description> 13677 </metadata> 13678 <criteria operator="OR"> 13679 <!-- 4b65ef8ab087bd6b69fba574b61214de --> 13680 <criteria operator="AND"> 13681 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13682 <criteria operator="OR"> 13683 <criterion test_ref="oval:org.opensuse.security:tst:2009070720" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.2-0.4.1"/> 13684 <criterion test_ref="oval:org.opensuse.security:tst:2009070721" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.2-0.4.1"/> 13685 <criterion test_ref="oval:org.opensuse.security:tst:2009070722" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.2-0.4.1"/> 13686 <criterion test_ref="oval:org.opensuse.security:tst:2009070723" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.2-0.4.1"/> 13687 <criterion test_ref="oval:org.opensuse.security:tst:2009070724" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.2-0.4.1"/> 13688 <criterion test_ref="oval:org.opensuse.security:tst:2009070725" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.2-0.4.1"/> 13689 <criterion test_ref="oval:org.opensuse.security:tst:2009070726" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.2-0.4.1"/> 13690 <criterion test_ref="oval:org.opensuse.security:tst:2009070727" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.2-0.4.1"/> 13691 <criterion test_ref="oval:org.opensuse.security:tst:2009070728" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.2-0.4.1"/> 13692 <criterion test_ref="oval:org.opensuse.security:tst:2009070729" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.2-0.4.1"/> 13693 <criterion test_ref="oval:org.opensuse.security:tst:2009070730" comment="java-1_5_0-ibm less than 1.5.0_sr12.2-0.4.1"/> 13694 </criteria> 13695 </criteria> 13696 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 13697 <criteria operator="AND"> 13698 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13699 <criteria operator="OR"> 13700 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 13701 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 13702 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 13703 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 13704 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 13705 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 13706 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 13707 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 13708 </criteria> 13709 </criteria> 13710 <!-- 98e73dbf4ebe271749566a160f8cbf53 --> 13711 <criteria operator="AND"> 13712 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13713 <criteria operator="OR"> 13714 <criterion test_ref="oval:org.opensuse.security:tst:2009060762" comment="krb5-32bit less than 1.4.3-19.45.1"/> 13715 <criterion test_ref="oval:org.opensuse.security:tst:2009060763" comment="krb5-client less than 1.4.3-19.45.1"/> 13716 <criterion test_ref="oval:org.opensuse.security:tst:2009060764" comment="krb5-devel-32bit less than 1.4.3-19.45.1"/> 13717 <criterion test_ref="oval:org.opensuse.security:tst:2009060765" comment="krb5-devel less than 1.4.3-19.45.1"/> 13718 <criterion test_ref="oval:org.opensuse.security:tst:2009060766" comment="krb5 less than 1.4.3-19.45.1"/> 13719 </criteria> 13720 </criteria> 13721 </criteria> 13722 </definition> 13723 <definition id="oval:org.opensuse.security:def:20101323" version="1" class="vulnerability"> 13724 <metadata> 13725 <title>CVE-2010-1323</title> 13726 <affected family="unix"> 13727 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13728 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13729 </affected> 13730 <reference ref_id="CVE-2010-1323" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323" source="CVE"/> 13731 <description> 13732 MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys. 13733 </description> 13734 </metadata> 13735 <!-- d0d5ba0d668fb6a84e2d0628a4a483b9 --> 13736 <criteria operator="AND"> 13737 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13738 <criteria operator="OR"> 13739 <criterion test_ref="oval:org.opensuse.security:tst:2009065137" comment="krb5-32bit less than 1.4.3-19.47.1"/> 13740 <criterion test_ref="oval:org.opensuse.security:tst:2009065138" comment="krb5-client less than 1.4.3-19.47.1"/> 13741 <criterion test_ref="oval:org.opensuse.security:tst:2009065139" comment="krb5-devel-32bit less than 1.4.3-19.47.1"/> 13742 <criterion test_ref="oval:org.opensuse.security:tst:2009065140" comment="krb5-devel less than 1.4.3-19.47.1"/> 13743 <criterion test_ref="oval:org.opensuse.security:tst:2009065141" comment="krb5 less than 1.4.3-19.47.1"/> 13744 </criteria> 13745 </criteria> 13746 </definition> 13747 <definition id="oval:org.opensuse.security:def:20101324" version="1" class="vulnerability"> 13748 <metadata> 13749 <title>CVE-2010-1324</title> 13750 <affected family="unix"> 13751 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13752 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13753 </affected> 13754 <reference ref_id="CVE-2010-1324" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1324" source="CVE"/> 13755 <description> 13756 MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key. 13757 </description> 13758 </metadata> 13759 <!-- d0d5ba0d668fb6a84e2d0628a4a483b9 --> 13760 <criteria operator="AND"> 13761 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13762 <criteria operator="OR"> 13763 <criterion test_ref="oval:org.opensuse.security:tst:2009065137" comment="krb5-32bit less than 1.4.3-19.47.1"/> 13764 <criterion test_ref="oval:org.opensuse.security:tst:2009065138" comment="krb5-client less than 1.4.3-19.47.1"/> 13765 <criterion test_ref="oval:org.opensuse.security:tst:2009065139" comment="krb5-devel-32bit less than 1.4.3-19.47.1"/> 13766 <criterion test_ref="oval:org.opensuse.security:tst:2009065140" comment="krb5-devel less than 1.4.3-19.47.1"/> 13767 <criterion test_ref="oval:org.opensuse.security:tst:2009065141" comment="krb5 less than 1.4.3-19.47.1"/> 13768 </criteria> 13769 </criteria> 13770 </definition> 13771 <definition id="oval:org.opensuse.security:def:20101411" version="1" class="vulnerability"> 13772 <metadata> 13773 <title>CVE-2010-1411</title> 13774 <affected family="unix"> 13775 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13776 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13777 </affected> 13778 <reference ref_id="CVE-2010-1411" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411" source="CVE"/> 13779 <description> 13780 Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow. 13781 </description> 13782 </metadata> 13783 <!-- a262f09279822d735ca844ce47ac50fc --> 13784 <criteria operator="AND"> 13785 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13786 <criteria operator="OR"> 13787 <criterion test_ref="oval:org.opensuse.security:tst:2009060874" comment="libtiff-32bit less than 3.8.2-5.18.1"/> 13788 <criterion test_ref="oval:org.opensuse.security:tst:2009060875" comment="libtiff-devel less than 3.8.2-5.18.1"/> 13789 <criterion test_ref="oval:org.opensuse.security:tst:2009060876" comment="libtiff less than 3.8.2-5.18.1"/> 13790 </criteria> 13791 </criteria> 13792 </definition> 13793 <definition id="oval:org.opensuse.security:def:20101440" version="1" class="vulnerability"> 13794 <metadata> 13795 <title>CVE-2010-1440</title> 13796 <affected family="unix"> 13797 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13798 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13799 </affected> 13800 <reference ref_id="CVE-2010-1440" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1440" source="CVE"/> 13801 <description> 13802 Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related to the (1) predospecial and (2) bbdospecial functions, a different vulnerability than CVE-2010-0739. 13803 </description> 13804 </metadata> 13805 <!-- fe2b0b79a120e78a91e39517628cfa61 --> 13806 <criteria operator="AND"> 13807 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13808 <criteria operator="OR"> 13809 <criterion test_ref="oval:org.opensuse.security:tst:2009060488" comment="te_ams less than 3.0-37.13.1"/> 13810 <criterion test_ref="oval:org.opensuse.security:tst:2009060489" comment="te_cont less than 3.0-37.13.1"/> 13811 <criterion test_ref="oval:org.opensuse.security:tst:2009060490" comment="te_dvilj less than 3.0-37.13.1"/> 13812 <criterion test_ref="oval:org.opensuse.security:tst:2009060491" comment="te_eplai less than 3.0-37.13.1"/> 13813 <criterion test_ref="oval:org.opensuse.security:tst:2009060492" comment="te_kpath less than 3.0-37.13.1"/> 13814 <criterion test_ref="oval:org.opensuse.security:tst:2009060493" comment="te_latex less than 3.0-37.13.1"/> 13815 <criterion test_ref="oval:org.opensuse.security:tst:2009060494" comment="te_mpost less than 3.0-37.13.1"/> 13816 <criterion test_ref="oval:org.opensuse.security:tst:2009060495" comment="te_omega less than 3.0-37.13.1"/> 13817 <criterion test_ref="oval:org.opensuse.security:tst:2009060496" comment="te_ptex less than 3.0-37.13.1"/> 13818 <criterion test_ref="oval:org.opensuse.security:tst:2009060497" comment="te_web less than 3.0-37.13.1"/> 13819 <criterion test_ref="oval:org.opensuse.security:tst:2009060498" comment="tetex less than 3.0-37.13.1"/> 13820 </criteria> 13821 </criteria> 13822 </definition> 13823 <definition id="oval:org.opensuse.security:def:20101447" version="1" class="vulnerability"> 13824 <metadata> 13825 <title>CVE-2010-1447</title> 13826 <affected family="unix"> 13827 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13828 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13829 </affected> 13830 <reference ref_id="CVE-2010-1447" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1447" source="CVE"/> 13831 <description> 13832 The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving subroutine references and delayed execution. 13833 </description> 13834 </metadata> 13835 <!-- 2f57d71a8b5aeb1c7fe200a680ffbc15 --> 13836 <criteria operator="AND"> 13837 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13838 <criteria operator="OR"> 13839 <criterion test_ref="oval:org.opensuse.security:tst:2009062015" comment="perl-32bit less than 5.8.8-14.15.1"/> 13840 <criterion test_ref="oval:org.opensuse.security:tst:2009062016" comment="perl less than 5.8.8-14.15.1"/> 13841 </criteria> 13842 </criteria> 13843 </definition> 13844 <definition id="oval:org.opensuse.security:def:20101449" version="1" class="vulnerability"> 13845 <metadata> 13846 <title>CVE-2010-1449</title> 13847 <affected family="unix"> 13848 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13849 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13850 </affected> 13851 <reference ref_id="CVE-2010-1449" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1449" source="CVE"/> 13852 <description> 13853 Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-3143.12. 13854 </description> 13855 </metadata> 13856 <!-- a2098cb2e3d51d63912dc55b837af4c0 --> 13857 <criteria operator="AND"> 13858 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13859 <criteria operator="OR"> 13860 <criterion test_ref="oval:org.opensuse.security:tst:2009065575" comment="python-32bit less than 2.4.2-18.32.5"/> 13861 <criterion test_ref="oval:org.opensuse.security:tst:2009065576" comment="python-curses less than 2.4.2-18.32.5"/> 13862 <criterion test_ref="oval:org.opensuse.security:tst:2009065577" comment="python-devel less than 2.4.2-18.32.5"/> 13863 <criterion test_ref="oval:org.opensuse.security:tst:2009065578" comment="python-gdbm less than 2.4.2-18.32.5"/> 13864 <criterion test_ref="oval:org.opensuse.security:tst:2009065579" comment="python-tk less than 2.4.2-18.32.5"/> 13865 <criterion test_ref="oval:org.opensuse.security:tst:2009065580" comment="python-xml less than 2.4.2-18.32.5"/> 13866 <criterion test_ref="oval:org.opensuse.security:tst:2009065581" comment="python less than 2.4.2-18.32.5"/> 13867 </criteria> 13868 </criteria> 13869 </definition> 13870 <definition id="oval:org.opensuse.security:def:20101450" version="1" class="vulnerability"> 13871 <metadata> 13872 <title>CVE-2010-1450</title> 13873 <affected family="unix"> 13874 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13875 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13876 </affected> 13877 <reference ref_id="CVE-2010-1450" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1450" source="CVE"/> 13878 <description> 13879 Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function. 13880 </description> 13881 </metadata> 13882 <!-- a2098cb2e3d51d63912dc55b837af4c0 --> 13883 <criteria operator="AND"> 13884 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13885 <criteria operator="OR"> 13886 <criterion test_ref="oval:org.opensuse.security:tst:2009065575" comment="python-32bit less than 2.4.2-18.32.5"/> 13887 <criterion test_ref="oval:org.opensuse.security:tst:2009065576" comment="python-curses less than 2.4.2-18.32.5"/> 13888 <criterion test_ref="oval:org.opensuse.security:tst:2009065577" comment="python-devel less than 2.4.2-18.32.5"/> 13889 <criterion test_ref="oval:org.opensuse.security:tst:2009065578" comment="python-gdbm less than 2.4.2-18.32.5"/> 13890 <criterion test_ref="oval:org.opensuse.security:tst:2009065579" comment="python-tk less than 2.4.2-18.32.5"/> 13891 <criterion test_ref="oval:org.opensuse.security:tst:2009065580" comment="python-xml less than 2.4.2-18.32.5"/> 13892 <criterion test_ref="oval:org.opensuse.security:tst:2009065581" comment="python less than 2.4.2-18.32.5"/> 13893 </criteria> 13894 </criteria> 13895 </definition> 13896 <definition id="oval:org.opensuse.security:def:20101455" version="1" class="vulnerability"> 13897 <metadata> 13898 <title>CVE-2010-1455</title> 13899 <affected family="unix"> 13900 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13901 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13902 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 13903 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 13904 </affected> 13905 <reference ref_id="CVE-2010-1455" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1455" source="CVE"/> 13906 <description> 13907 The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file. 13908 </description> 13909 </metadata> 13910 <criteria operator="OR"> 13911 <!-- 6f945ca7e512591223a153602859503d --> 13912 <criteria operator="AND"> 13913 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13914 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 13915 </criteria> 13916 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 13917 <criteria operator="AND"> 13918 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 13919 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 13920 </criteria> 13921 </criteria> 13922 </definition> 13923 <definition id="oval:org.opensuse.security:def:20101526" version="1" class="vulnerability"> 13924 <metadata> 13925 <title>CVE-2010-1526</title> 13926 <affected family="unix"> 13927 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13928 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13929 </affected> 13930 <reference ref_id="CVE-2010-1526" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1526" source="CVE"/> 13931 <description> 13932 Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via (1) a crafted TIFF file, related to the gdip_load_tiff_image function in tiffcodec.c; (2) a crafted JPEG file, related to the gdip_load_jpeg_image_internal function in jpegcodec.c; or (3) a crafted BMP file, related to the gdip_read_bmp_image function in bmpcodec.c, leading to heap-based buffer overflows. 13933 </description> 13934 </metadata> 13935 <!-- b3729a04803f0c515f7114062b30b7b5 --> 13936 <criteria operator="AND"> 13937 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13938 <criterion test_ref="oval:org.opensuse.security:tst:2009063152" comment="libgdiplus less than 1.2.2-13.20.1"/> 13939 </criteria> 13940 </definition> 13941 <definition id="oval:org.opensuse.security:def:20101585" version="1" class="vulnerability"> 13942 <metadata> 13943 <title>CVE-2010-1585</title> 13944 <affected family="unix"> 13945 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 13946 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 13947 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 13948 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 13949 </affected> 13950 <reference ref_id="CVE-2010-1585" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1585" source="CVE"/> 13951 <description> 13952 The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element. 13953 </description> 13954 </metadata> 13955 <criteria operator="OR"> 13956 <!-- 995cc8dae1f0571f2923cbf86e5c953f --> 13957 <criteria operator="AND"> 13958 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 13959 <criteria operator="OR"> 13960 <criterion test_ref="oval:org.opensuse.security:tst:2009067084" comment="MozillaFirefox less than 3.6.16-0.6.1"/> 13961 <criterion test_ref="oval:org.opensuse.security:tst:2009067085" comment="mozilla-xulrunner192-32bit less than 1.9.2.16-1.5.1"/> 13962 <criterion test_ref="oval:org.opensuse.security:tst:2009067086" comment="mozilla-xulrunner192 less than 1.9.2.16-1.5.1"/> 13963 </criteria> 13964 </criteria> 13965 <!-- cfadc4cf4463fa5757c18ebbf948c1f7 --> 13966 <criteria operator="AND"> 13967 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13968 <criteria operator="OR"> 13969 <criterion test_ref="oval:org.opensuse.security:tst:2009066217" comment="MozillaFirefox-translations less than 3.6.15-0.6.1"/> 13970 <criterion test_ref="oval:org.opensuse.security:tst:2009066218" comment="MozillaFirefox less than 3.6.15-0.6.1"/> 13971 <criterion test_ref="oval:org.opensuse.security:tst:2009066219" comment="mozilla-xulrunner192-32bit less than 1.9.2.15-0.5.1"/> 13972 <criterion test_ref="oval:org.opensuse.security:tst:2009066220" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.15-0.5.1"/> 13973 <criterion test_ref="oval:org.opensuse.security:tst:2009066221" comment="mozilla-xulrunner192-gnome less than 1.9.2.15-0.5.1"/> 13974 <criterion test_ref="oval:org.opensuse.security:tst:2009066222" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.15-0.5.1"/> 13975 <criterion test_ref="oval:org.opensuse.security:tst:2009066223" comment="mozilla-xulrunner192-translations less than 1.9.2.15-0.5.1"/> 13976 <criterion test_ref="oval:org.opensuse.security:tst:2009066224" comment="mozilla-xulrunner192 less than 1.9.2.15-0.5.1"/> 13977 </criteria> 13978 </criteria> 13979 <!-- dfc1c9be3c028f9bbbf92255dc104ab5 --> 13980 <criteria operator="AND"> 13981 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 13982 <criteria operator="OR"> 13983 <criterion test_ref="oval:org.opensuse.security:tst:2009066124" comment="mozilla-xulrunner191-32bit less than 1.9.1.17-0.5.1"/> 13984 <criterion test_ref="oval:org.opensuse.security:tst:2009066125" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.17-0.5.1"/> 13985 <criterion test_ref="oval:org.opensuse.security:tst:2009066126" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.17-0.5.1"/> 13986 <criterion test_ref="oval:org.opensuse.security:tst:2009066127" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.17-0.5.1"/> 13987 <criterion test_ref="oval:org.opensuse.security:tst:2009066128" comment="mozilla-xulrunner191-translations less than 1.9.1.17-0.5.1"/> 13988 <criterion test_ref="oval:org.opensuse.security:tst:2009066129" comment="mozilla-xulrunner191 less than 1.9.1.17-0.5.1"/> 13989 </criteria> 13990 </criteria> 13991 </criteria> 13992 </definition> 13993 <definition id="oval:org.opensuse.security:def:20101624" version="1" class="vulnerability"> 13994 <metadata> 13995 <title>CVE-2010-1624</title> 13996 <affected family="unix"> 13997 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 13998 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 13999 </affected> 14000 <reference ref_id="CVE-2010-1624" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1624" source="CVE"/> 14001 <description> 14002 The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a custom emoticon in a malformed SLP message. 14003 </description> 14004 </metadata> 14005 <!-- b2065553568c70babb437af6b08cc06e --> 14006 <criteria operator="AND"> 14007 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 14008 <criteria operator="OR"> 14009 <criterion test_ref="oval:org.opensuse.security:tst:2009071813" comment="finch less than 2.6.6-0.10.1"/> 14010 <criterion test_ref="oval:org.opensuse.security:tst:2009071814" comment="libpurple less than 2.6.6-0.10.1"/> 14011 <criterion test_ref="oval:org.opensuse.security:tst:2009071815" comment="pidgin less than 2.6.6-0.10.1"/> 14012 </criteria> 14013 </criteria> 14014 </definition> 14015 <definition id="oval:org.opensuse.security:def:20101626" version="1" class="vulnerability"> 14016 <metadata> 14017 <title>CVE-2010-1626</title> 14018 <affected family="unix"> 14019 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14020 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14021 </affected> 14022 <reference ref_id="CVE-2010-1626" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1626" source="CVE"/> 14023 <description> 14024 MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247. 14025 </description> 14026 </metadata> 14027 <!-- 826914f7f97a3f40f0cf58084177340b --> 14028 <criteria operator="AND"> 14029 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14030 <criteria operator="OR"> 14031 <criterion test_ref="oval:org.opensuse.security:tst:2009063559" comment="mysql-client less than 5.0.26-12.29.1"/> 14032 <criterion test_ref="oval:org.opensuse.security:tst:2009063560" comment="mysql-devel less than 5.0.26-12.29.1"/> 14033 <criterion test_ref="oval:org.opensuse.security:tst:2009063561" comment="mysql-shared-32bit less than 5.0.26-12.29.1"/> 14034 <criterion test_ref="oval:org.opensuse.security:tst:2009063562" comment="mysql-shared less than 5.0.26-12.29.1"/> 14035 <criterion test_ref="oval:org.opensuse.security:tst:2009063563" comment="mysql less than 5.0.26-12.29.1"/> 14036 </criteria> 14037 </criteria> 14038 </definition> 14039 <definition id="oval:org.opensuse.security:def:20101634" version="1" class="vulnerability"> 14040 <metadata> 14041 <title>CVE-2010-1634</title> 14042 <affected family="unix"> 14043 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14044 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14045 </affected> 14046 <reference ref_id="CVE-2010-1634" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1634" source="CVE"/> 14047 <description> 14048 Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5. 14049 </description> 14050 </metadata> 14051 <!-- a2098cb2e3d51d63912dc55b837af4c0 --> 14052 <criteria operator="AND"> 14053 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14054 <criteria operator="OR"> 14055 <criterion test_ref="oval:org.opensuse.security:tst:2009065575" comment="python-32bit less than 2.4.2-18.32.5"/> 14056 <criterion test_ref="oval:org.opensuse.security:tst:2009065576" comment="python-curses less than 2.4.2-18.32.5"/> 14057 <criterion test_ref="oval:org.opensuse.security:tst:2009065577" comment="python-devel less than 2.4.2-18.32.5"/> 14058 <criterion test_ref="oval:org.opensuse.security:tst:2009065578" comment="python-gdbm less than 2.4.2-18.32.5"/> 14059 <criterion test_ref="oval:org.opensuse.security:tst:2009065579" comment="python-tk less than 2.4.2-18.32.5"/> 14060 <criterion test_ref="oval:org.opensuse.security:tst:2009065580" comment="python-xml less than 2.4.2-18.32.5"/> 14061 <criterion test_ref="oval:org.opensuse.security:tst:2009065581" comment="python less than 2.4.2-18.32.5"/> 14062 </criteria> 14063 </criteria> 14064 </definition> 14065 <definition id="oval:org.opensuse.security:def:20101639" version="1" class="vulnerability"> 14066 <metadata> 14067 <title>CVE-2010-1639</title> 14068 <affected family="unix"> 14069 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14070 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14071 </affected> 14072 <reference ref_id="CVE-2010-1639" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1639" source="CVE"/> 14073 <description> 14074 The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length. 14075 </description> 14076 </metadata> 14077 <!-- 4848aa7c729bd3ea7adc21be1dee8683 --> 14078 <criteria operator="AND"> 14079 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14080 <criterion test_ref="oval:org.opensuse.security:tst:2009061757" comment="clamav less than 0.96.1-0.4.1"/> 14081 </criteria> 14082 </definition> 14083 <definition id="oval:org.opensuse.security:def:20101640" version="1" class="vulnerability"> 14084 <metadata> 14085 <title>CVE-2010-1640</title> 14086 <affected family="unix"> 14087 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14088 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14089 </affected> 14090 <reference ref_id="CVE-2010-1640" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1640" source="CVE"/> 14091 <description> 14092 Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote attackers to cause a denial of service (crash) via a crafted PE icon that triggers an out-of-bounds read, related to improper rounding during scaling. 14093 </description> 14094 </metadata> 14095 <!-- 4848aa7c729bd3ea7adc21be1dee8683 --> 14096 <criteria operator="AND"> 14097 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14098 <criterion test_ref="oval:org.opensuse.security:tst:2009061757" comment="clamav less than 0.96.1-0.4.1"/> 14099 </criteria> 14100 </definition> 14101 <definition id="oval:org.opensuse.security:def:20101748" version="1" class="vulnerability"> 14102 <metadata> 14103 <title>CVE-2010-1748</title> 14104 <affected family="unix"> 14105 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14106 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14107 </affected> 14108 <reference ref_id="CVE-2010-1748" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1748" source="CVE"/> 14109 <description> 14110 The cgi_initialize_string function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, does not properly handle parameter values containing a % (percent) character without two subsequent hex characters, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via a crafted request, as demonstrated by the (1) /admin?OP=redirect&URL=% and (2) /admin?URL=/admin/&OP=% URIs. 14111 </description> 14112 </metadata> 14113 <!-- d80f195def5f87d532c424567f8d8cea --> 14114 <criteria operator="AND"> 14115 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14116 <criteria operator="OR"> 14117 <criterion test_ref="oval:org.opensuse.security:tst:2009064812" comment="cups-client less than 1.1.23-40.60.12"/> 14118 <criterion test_ref="oval:org.opensuse.security:tst:2009064813" comment="cups-devel less than 1.1.23-40.60.12"/> 14119 <criterion test_ref="oval:org.opensuse.security:tst:2009064814" comment="cups-libs-32bit less than 1.1.23-40.60.12"/> 14120 <criterion test_ref="oval:org.opensuse.security:tst:2009064815" comment="cups-libs less than 1.1.23-40.60.12"/> 14121 <criterion test_ref="oval:org.opensuse.security:tst:2009064816" comment="cups less than 1.1.23-40.60.12"/> 14122 </criteria> 14123 </criteria> 14124 </definition> 14125 <definition id="oval:org.opensuse.security:def:20101797" version="1" class="vulnerability"> 14126 <metadata> 14127 <title>CVE-2010-1797</title> 14128 <affected family="unix"> 14129 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14130 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14131 </affected> 14132 <reference ref_id="CVE-2010-1797" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1797" source="CVE"/> 14133 <description> 14134 Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. NOTE: some of these details are obtained from third party information. 14135 </description> 14136 </metadata> 14137 <!-- 0f5e12625ac6384954079609270ebf9e --> 14138 <criteria operator="AND"> 14139 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14140 <criteria operator="OR"> 14141 <criterion test_ref="oval:org.opensuse.security:tst:2009062154" comment="freetype2-32bit less than 2.1.10-18.22.1"/> 14142 <criterion test_ref="oval:org.opensuse.security:tst:2009062155" comment="freetype2-devel-32bit less than 2.1.10-18.22.1"/> 14143 <criterion test_ref="oval:org.opensuse.security:tst:2009062156" comment="freetype2-devel less than 2.1.10-18.22.1"/> 14144 <criterion test_ref="oval:org.opensuse.security:tst:2009062157" comment="freetype2 less than 2.1.10-18.22.1"/> 14145 </criteria> 14146 </criteria> 14147 </definition> 14148 <definition id="oval:org.opensuse.security:def:20101848" version="1" class="vulnerability"> 14149 <metadata> 14150 <title>CVE-2010-1848</title> 14151 <affected family="unix"> 14152 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14153 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14154 </affected> 14155 <reference ref_id="CVE-2010-1848" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1848" source="CVE"/> 14156 <description> 14157 Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name. 14158 </description> 14159 </metadata> 14160 <!-- 826914f7f97a3f40f0cf58084177340b --> 14161 <criteria operator="AND"> 14162 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14163 <criteria operator="OR"> 14164 <criterion test_ref="oval:org.opensuse.security:tst:2009063559" comment="mysql-client less than 5.0.26-12.29.1"/> 14165 <criterion test_ref="oval:org.opensuse.security:tst:2009063560" comment="mysql-devel less than 5.0.26-12.29.1"/> 14166 <criterion test_ref="oval:org.opensuse.security:tst:2009063561" comment="mysql-shared-32bit less than 5.0.26-12.29.1"/> 14167 <criterion test_ref="oval:org.opensuse.security:tst:2009063562" comment="mysql-shared less than 5.0.26-12.29.1"/> 14168 <criterion test_ref="oval:org.opensuse.security:tst:2009063563" comment="mysql less than 5.0.26-12.29.1"/> 14169 </criteria> 14170 </criteria> 14171 </definition> 14172 <definition id="oval:org.opensuse.security:def:20101849" version="1" class="vulnerability"> 14173 <metadata> 14174 <title>CVE-2010-1849</title> 14175 <affected family="unix"> 14176 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14177 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14178 </affected> 14179 <reference ref_id="CVE-2010-1849" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1849" source="CVE"/> 14180 <description> 14181 The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length. 14182 </description> 14183 </metadata> 14184 <!-- 826914f7f97a3f40f0cf58084177340b --> 14185 <criteria operator="AND"> 14186 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14187 <criteria operator="OR"> 14188 <criterion test_ref="oval:org.opensuse.security:tst:2009063559" comment="mysql-client less than 5.0.26-12.29.1"/> 14189 <criterion test_ref="oval:org.opensuse.security:tst:2009063560" comment="mysql-devel less than 5.0.26-12.29.1"/> 14190 <criterion test_ref="oval:org.opensuse.security:tst:2009063561" comment="mysql-shared-32bit less than 5.0.26-12.29.1"/> 14191 <criterion test_ref="oval:org.opensuse.security:tst:2009063562" comment="mysql-shared less than 5.0.26-12.29.1"/> 14192 <criterion test_ref="oval:org.opensuse.security:tst:2009063563" comment="mysql less than 5.0.26-12.29.1"/> 14193 </criteria> 14194 </criteria> 14195 </definition> 14196 <definition id="oval:org.opensuse.security:def:20101850" version="1" class="vulnerability"> 14197 <metadata> 14198 <title>CVE-2010-1850</title> 14199 <affected family="unix"> 14200 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14201 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14202 </affected> 14203 <reference ref_id="CVE-2010-1850" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1850" source="CVE"/> 14204 <description> 14205 Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name. 14206 </description> 14207 </metadata> 14208 <!-- 826914f7f97a3f40f0cf58084177340b --> 14209 <criteria operator="AND"> 14210 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14211 <criteria operator="OR"> 14212 <criterion test_ref="oval:org.opensuse.security:tst:2009063559" comment="mysql-client less than 5.0.26-12.29.1"/> 14213 <criterion test_ref="oval:org.opensuse.security:tst:2009063560" comment="mysql-devel less than 5.0.26-12.29.1"/> 14214 <criterion test_ref="oval:org.opensuse.security:tst:2009063561" comment="mysql-shared-32bit less than 5.0.26-12.29.1"/> 14215 <criterion test_ref="oval:org.opensuse.security:tst:2009063562" comment="mysql-shared less than 5.0.26-12.29.1"/> 14216 <criterion test_ref="oval:org.opensuse.security:tst:2009063563" comment="mysql less than 5.0.26-12.29.1"/> 14217 </criteria> 14218 </criteria> 14219 </definition> 14220 <definition id="oval:org.opensuse.security:def:20101975" version="1" class="vulnerability"> 14221 <metadata> 14222 <title>CVE-2010-1975</title> 14223 <affected family="unix"> 14224 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14225 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14226 </affected> 14227 <reference ref_id="CVE-2010-1975" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1975" source="CVE"/> 14228 <description> 14229 PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, and 8.4 before 8.4.4 does not properly check privileges during certain RESET ALL operations, which allows remote authenticated users to remove arbitrary parameter settings via a (1) ALTER USER or (2) ALTER DATABASE statement. 14230 </description> 14231 </metadata> 14232 <!-- 6bdf69d7fb74ed93841ee668250b20e3 --> 14233 <criteria operator="AND"> 14234 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14235 <criteria operator="OR"> 14236 <criterion test_ref="oval:org.opensuse.security:tst:2009061294" comment="postgresql-devel less than 8.1.21-0.4.1"/> 14237 <criterion test_ref="oval:org.opensuse.security:tst:2009061295" comment="postgresql-libs-32bit less than 8.1.21-0.4.1"/> 14238 <criterion test_ref="oval:org.opensuse.security:tst:2009061296" comment="postgresql-libs less than 8.1.21-0.4.1"/> 14239 </criteria> 14240 </criteria> 14241 </definition> 14242 <definition id="oval:org.opensuse.security:def:20102059" version="1" class="vulnerability"> 14243 <metadata> 14244 <title>CVE-2010-2059</title> 14245 <affected family="unix"> 14246 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14247 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14248 </affected> 14249 <reference ref_id="CVE-2010-2059" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2059" source="CVE"/> 14250 <description> 14251 lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM before 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid or (2) setgid file. 14252 </description> 14253 </metadata> 14254 <!-- a7d1ee708733d0f39ed83acd3080c0f3 --> 14255 <criteria operator="AND"> 14256 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14257 <criteria operator="OR"> 14258 <criterion test_ref="oval:org.opensuse.security:tst:2009062713" comment="popt-32bit less than 1.7-271.36.1"/> 14259 <criterion test_ref="oval:org.opensuse.security:tst:2009062714" comment="popt-devel-32bit less than 1.7-271.36.1"/> 14260 <criterion test_ref="oval:org.opensuse.security:tst:2009062715" comment="popt-devel less than 1.7-271.36.1"/> 14261 <criterion test_ref="oval:org.opensuse.security:tst:2009062716" comment="popt less than 1.7-271.36.1"/> 14262 <criterion test_ref="oval:org.opensuse.security:tst:2009062717" comment="rpm-devel less than 4.4.2-43.36.1"/> 14263 <criterion test_ref="oval:org.opensuse.security:tst:2009062718" comment="rpm-python less than 4.4.2-43.36.1"/> 14264 <criterion test_ref="oval:org.opensuse.security:tst:2009062719" comment="rpm less than 4.4.2-43.36.1"/> 14265 </criteria> 14266 </criteria> 14267 </definition> 14268 <definition id="oval:org.opensuse.security:def:20102063" version="1" class="vulnerability"> 14269 <metadata> 14270 <title>CVE-2010-2063</title> 14271 <affected family="unix"> 14272 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14273 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14274 </affected> 14275 <reference ref_id="CVE-2010-2063" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063" source="CVE"/> 14276 <description> 14277 Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet. 14278 </description> 14279 </metadata> 14280 <!-- 29eb70d58d45c14009af67c3e137b8fe --> 14281 <criteria operator="AND"> 14282 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14283 <criteria operator="OR"> 14284 <criterion test_ref="oval:org.opensuse.security:tst:2009060962" comment="cifs-mount less than 3.0.36-0.11.1"/> 14285 <criterion test_ref="oval:org.opensuse.security:tst:2009060963" comment="ldapsmb less than 1.34b-25.11.1"/> 14286 <criterion test_ref="oval:org.opensuse.security:tst:2009060964" comment="libsmbclient-32bit less than 3.0.36-0.11.1"/> 14287 <criterion test_ref="oval:org.opensuse.security:tst:2009060965" comment="libsmbclient-devel less than 3.0.36-0.11.1"/> 14288 <criterion test_ref="oval:org.opensuse.security:tst:2009060966" comment="libsmbclient less than 3.0.36-0.11.1"/> 14289 <criterion test_ref="oval:org.opensuse.security:tst:2009060967" comment="samba-32bit less than 3.0.36-0.11.1"/> 14290 <criterion test_ref="oval:org.opensuse.security:tst:2009060968" comment="samba-client-32bit less than 3.0.36-0.11.1"/> 14291 <criterion test_ref="oval:org.opensuse.security:tst:2009060969" comment="samba-client less than 3.0.36-0.11.1"/> 14292 <criterion test_ref="oval:org.opensuse.security:tst:2009060970" comment="samba-krb-printing less than 3.0.36-0.11.1"/> 14293 <criterion test_ref="oval:org.opensuse.security:tst:2009060971" comment="samba-vscan less than 0.3.6b-43.11.1"/> 14294 <criterion test_ref="oval:org.opensuse.security:tst:2009060972" comment="samba-winbind-32bit less than 3.0.36-0.11.1"/> 14295 <criterion test_ref="oval:org.opensuse.security:tst:2009060973" comment="samba-winbind less than 3.0.36-0.11.1"/> 14296 <criterion test_ref="oval:org.opensuse.security:tst:2009060974" comment="samba less than 3.0.36-0.11.1"/> 14297 </criteria> 14298 </criteria> 14299 </definition> 14300 <definition id="oval:org.opensuse.security:def:20102074" version="1" class="vulnerability"> 14301 <metadata> 14302 <title>CVE-2010-2074</title> 14303 <affected family="unix"> 14304 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14305 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14306 </affected> 14307 <reference ref_id="CVE-2010-2074" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2074" source="CVE"/> 14308 <description> 14309 istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. 14310 </description> 14311 </metadata> 14312 <!-- d0a18107c31a7195c4751fed877b31e2 --> 14313 <criteria operator="AND"> 14314 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14315 <criterion test_ref="oval:org.opensuse.security:tst:2009061695" comment="w3m less than 0.5.1-19.10.1"/> 14316 </criteria> 14317 </definition> 14318 <definition id="oval:org.opensuse.security:def:20102077" version="1" class="vulnerability"> 14319 <metadata> 14320 <title>CVE-2010-2077</title> 14321 <affected family="unix"> 14322 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14323 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14324 </affected> 14325 <reference ref_id="CVE-2010-2077" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2077" source="CVE"/> 14326 <description> 14327 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1640. Reason: This candidate is a duplicate of CVE-2010-1640. Notes: All CVE users should reference CVE-2010-1640 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. 14328 </description> 14329 </metadata> 14330 <!-- 4848aa7c729bd3ea7adc21be1dee8683 --> 14331 <criteria operator="AND"> 14332 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14333 <criterion test_ref="oval:org.opensuse.security:tst:2009061757" comment="clamav less than 0.96.1-0.4.1"/> 14334 </criteria> 14335 </definition> 14336 <definition id="oval:org.opensuse.security:def:20102089" version="1" class="vulnerability"> 14337 <metadata> 14338 <title>CVE-2010-2089</title> 14339 <affected family="unix"> 14340 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14341 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14342 </affected> 14343 <reference ref_id="CVE-2010-2089" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089" source="CVE"/> 14344 <description> 14345 The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634. 14346 </description> 14347 </metadata> 14348 <!-- a2098cb2e3d51d63912dc55b837af4c0 --> 14349 <criteria operator="AND"> 14350 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14351 <criteria operator="OR"> 14352 <criterion test_ref="oval:org.opensuse.security:tst:2009065575" comment="python-32bit less than 2.4.2-18.32.5"/> 14353 <criterion test_ref="oval:org.opensuse.security:tst:2009065576" comment="python-curses less than 2.4.2-18.32.5"/> 14354 <criterion test_ref="oval:org.opensuse.security:tst:2009065577" comment="python-devel less than 2.4.2-18.32.5"/> 14355 <criterion test_ref="oval:org.opensuse.security:tst:2009065578" comment="python-gdbm less than 2.4.2-18.32.5"/> 14356 <criterion test_ref="oval:org.opensuse.security:tst:2009065579" comment="python-tk less than 2.4.2-18.32.5"/> 14357 <criterion test_ref="oval:org.opensuse.security:tst:2009065580" comment="python-xml less than 2.4.2-18.32.5"/> 14358 <criterion test_ref="oval:org.opensuse.security:tst:2009065581" comment="python less than 2.4.2-18.32.5"/> 14359 </criteria> 14360 </criteria> 14361 </definition> 14362 <definition id="oval:org.opensuse.security:def:20102160" version="1" class="vulnerability"> 14363 <metadata> 14364 <title>CVE-2010-2160</title> 14365 <affected family="unix"> 14366 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14367 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14368 </affected> 14369 <reference ref_id="CVE-2010-2160" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2160" source="CVE"/> 14370 <description> 14371 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an invalid offset in an unspecified undocumented opcode in ActionScript Virtual Machine 2, related to getouterscope, a different vulnerability than CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. 14372 </description> 14373 </metadata> 14374 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14375 <criteria operator="AND"> 14376 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14377 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14378 </criteria> 14379 </definition> 14380 <definition id="oval:org.opensuse.security:def:20102161" version="1" class="vulnerability"> 14381 <metadata> 14382 <title>CVE-2010-2161</title> 14383 <affected family="unix"> 14384 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14385 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14386 </affected> 14387 <reference ref_id="CVE-2010-2161" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2161" source="CVE"/> 14388 <description> 14389 Array index error in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified "types of Adobe Flash code." 14390 </description> 14391 </metadata> 14392 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14393 <criteria operator="AND"> 14394 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14395 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14396 </criteria> 14397 </definition> 14398 <definition id="oval:org.opensuse.security:def:20102162" version="1" class="vulnerability"> 14399 <metadata> 14400 <title>CVE-2010-2162</title> 14401 <affected family="unix"> 14402 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14403 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14404 </affected> 14405 <reference ref_id="CVE-2010-2162" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2162" source="CVE"/> 14406 <description> 14407 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors related to improper length calculation and the (1) STSC, (2) STSZ, and (3) STCO atoms. 14408 </description> 14409 </metadata> 14410 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14411 <criteria operator="AND"> 14412 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14413 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14414 </criteria> 14415 </definition> 14416 <definition id="oval:org.opensuse.security:def:20102163" version="1" class="vulnerability"> 14417 <metadata> 14418 <title>CVE-2010-2163</title> 14419 <affected family="unix"> 14420 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14421 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14422 </affected> 14423 <reference ref_id="CVE-2010-2163" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2163" source="CVE"/> 14424 <description> 14425 Multiple unspecified vulnerabilities in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unknown vectors. 14426 </description> 14427 </metadata> 14428 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14429 <criteria operator="AND"> 14430 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14431 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14432 </criteria> 14433 </definition> 14434 <definition id="oval:org.opensuse.security:def:20102164" version="1" class="vulnerability"> 14435 <metadata> 14436 <title>CVE-2010-2164</title> 14437 <affected family="unix"> 14438 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14439 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14440 </affected> 14441 <reference ref_id="CVE-2010-2164" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2164" source="CVE"/> 14442 <description> 14443 Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to an unspecified "image type within a certain function." 14444 </description> 14445 </metadata> 14446 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14447 <criteria operator="AND"> 14448 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14449 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14450 </criteria> 14451 </definition> 14452 <definition id="oval:org.opensuse.security:def:20102165" version="1" class="vulnerability"> 14453 <metadata> 14454 <title>CVE-2010-2165</title> 14455 <affected family="unix"> 14456 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14457 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14458 </affected> 14459 <reference ref_id="CVE-2010-2165" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2165" source="CVE"/> 14460 <description> 14461 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. 14462 </description> 14463 </metadata> 14464 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14465 <criteria operator="AND"> 14466 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14467 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14468 </criteria> 14469 </definition> 14470 <definition id="oval:org.opensuse.security:def:20102166" version="1" class="vulnerability"> 14471 <metadata> 14472 <title>CVE-2010-2166</title> 14473 <affected family="unix"> 14474 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14475 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14476 </affected> 14477 <reference ref_id="CVE-2010-2166" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2166" source="CVE"/> 14478 <description> 14479 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. 14480 </description> 14481 </metadata> 14482 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14483 <criteria operator="AND"> 14484 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14485 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14486 </criteria> 14487 </definition> 14488 <definition id="oval:org.opensuse.security:def:20102167" version="1" class="vulnerability"> 14489 <metadata> 14490 <title>CVE-2010-2167</title> 14491 <affected family="unix"> 14492 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14493 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14494 </affected> 14495 <reference ref_id="CVE-2010-2167" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2167" source="CVE"/> 14496 <description> 14497 Multiple heap-based buffer overflows in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to malformed (1) GIF or (2) JPEG data. 14498 </description> 14499 </metadata> 14500 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14501 <criteria operator="AND"> 14502 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14503 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14504 </criteria> 14505 </definition> 14506 <definition id="oval:org.opensuse.security:def:20102168" version="1" class="vulnerability"> 14507 <metadata> 14508 <title>CVE-2010-2168</title> 14509 <affected family="unix"> 14510 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14511 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14512 </affected> 14513 <reference ref_id="CVE-2010-2168" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168" source="CVE"/> 14514 <description> 14515 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content, involving the newfunction (0x44) operator and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-1285 and CVE-2010-2201. 14516 </description> 14517 </metadata> 14518 <criteria operator="OR"> 14519 <!-- 21e68a87c99667a745529ff35a06f5ee --> 14520 <criteria operator="AND"> 14521 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14522 <criteria operator="OR"> 14523 <criterion test_ref="oval:org.opensuse.security:tst:2009061121" comment="acroread-cmaps less than 9.3.3-0.4.1"/> 14524 <criterion test_ref="oval:org.opensuse.security:tst:2009061122" comment="acroread-fonts-ja less than 9.3.3-0.4.1"/> 14525 <criterion test_ref="oval:org.opensuse.security:tst:2009061123" comment="acroread-fonts-ko less than 9.3.3-0.4.1"/> 14526 <criterion test_ref="oval:org.opensuse.security:tst:2009061124" comment="acroread-fonts-zh_CN less than 9.3.3-0.4.1"/> 14527 <criterion test_ref="oval:org.opensuse.security:tst:2009061125" comment="acroread-fonts-zh_TW less than 9.3.3-0.4.1"/> 14528 <criterion test_ref="oval:org.opensuse.security:tst:2009061126" comment="acroread less than 9.3.3-0.4.1"/> 14529 </criteria> 14530 </criteria> 14531 <!-- 85ffca1ba54e883e18325b6a2ce98de9 --> 14532 <criteria operator="AND"> 14533 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14534 <criterion test_ref="oval:org.opensuse.security:tst:2009061134" comment="acroread_ja less than 9.3.3-0.4.1"/> 14535 </criteria> 14536 </criteria> 14537 </definition> 14538 <definition id="oval:org.opensuse.security:def:20102169" version="1" class="vulnerability"> 14539 <metadata> 14540 <title>CVE-2010-2169</title> 14541 <affected family="unix"> 14542 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14543 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14544 </affected> 14545 <reference ref_id="CVE-2010-2169" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2169" source="CVE"/> 14546 <description> 14547 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allow attackers to cause a denial of service (pointer memory corruption) or possibly execute arbitrary code via unspecified vectors. 14548 </description> 14549 </metadata> 14550 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14551 <criteria operator="AND"> 14552 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14553 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14554 </criteria> 14555 </definition> 14556 <definition id="oval:org.opensuse.security:def:20102170" version="1" class="vulnerability"> 14557 <metadata> 14558 <title>CVE-2010-2170</title> 14559 <affected family="unix"> 14560 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14561 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14562 </affected> 14563 <reference ref_id="CVE-2010-2170" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2170" source="CVE"/> 14564 <description> 14565 Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2181 and CVE-2010-2183. 14566 </description> 14567 </metadata> 14568 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14569 <criteria operator="AND"> 14570 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14571 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14572 </criteria> 14573 </definition> 14574 <definition id="oval:org.opensuse.security:def:20102171" version="1" class="vulnerability"> 14575 <metadata> 14576 <title>CVE-2010-2171</title> 14577 <affected family="unix"> 14578 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14579 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14580 </affected> 14581 <reference ref_id="CVE-2010-2171" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2171" source="CVE"/> 14582 <description> 14583 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors related to SWF files, decompression of embedded JPEG image data, and the DefineBits and other unspecified tags, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. 14584 </description> 14585 </metadata> 14586 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14587 <criteria operator="AND"> 14588 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14589 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14590 </criteria> 14591 </definition> 14592 <definition id="oval:org.opensuse.security:def:20102172" version="1" class="vulnerability"> 14593 <metadata> 14594 <title>CVE-2010-2172</title> 14595 <affected family="unix"> 14596 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14597 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14598 </affected> 14599 <reference ref_id="CVE-2010-2172" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2172" source="CVE"/> 14600 <description> 14601 Adobe Flash Player 9 before 9.0.277.0 on unspecified UNIX platforms allows attackers to cause a denial of service via unknown vectors. 14602 </description> 14603 </metadata> 14604 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14605 <criteria operator="AND"> 14606 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14607 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14608 </criteria> 14609 </definition> 14610 <definition id="oval:org.opensuse.security:def:20102173" version="1" class="vulnerability"> 14611 <metadata> 14612 <title>CVE-2010-2173</title> 14613 <affected family="unix"> 14614 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14615 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14616 </affected> 14617 <reference ref_id="CVE-2010-2173" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2173" source="CVE"/> 14618 <description> 14619 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newclass (0x58) operator, a different vulnerability than CVE-2010-2174. 14620 </description> 14621 </metadata> 14622 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14623 <criteria operator="AND"> 14624 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14625 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14626 </criteria> 14627 </definition> 14628 <definition id="oval:org.opensuse.security:def:20102174" version="1" class="vulnerability"> 14629 <metadata> 14630 <title>CVE-2010-2174</title> 14631 <affected family="unix"> 14632 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14633 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14634 </affected> 14635 <reference ref_id="CVE-2010-2174" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2174" source="CVE"/> 14636 <description> 14637 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newfunction (0x44) operator, a different vulnerability than CVE-2010-2173. 14638 </description> 14639 </metadata> 14640 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14641 <criteria operator="AND"> 14642 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14643 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14644 </criteria> 14645 </definition> 14646 <definition id="oval:org.opensuse.security:def:20102175" version="1" class="vulnerability"> 14647 <metadata> 14648 <title>CVE-2010-2175</title> 14649 <affected family="unix"> 14650 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14651 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14652 </affected> 14653 <reference ref_id="CVE-2010-2175" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2175" source="CVE"/> 14654 <description> 14655 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. 14656 </description> 14657 </metadata> 14658 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14659 <criteria operator="AND"> 14660 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14661 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14662 </criteria> 14663 </definition> 14664 <definition id="oval:org.opensuse.security:def:20102176" version="1" class="vulnerability"> 14665 <metadata> 14666 <title>CVE-2010-2176</title> 14667 <affected family="unix"> 14668 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14669 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14670 </affected> 14671 <reference ref_id="CVE-2010-2176" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2176" source="CVE"/> 14672 <description> 14673 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. 14674 </description> 14675 </metadata> 14676 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14677 <criteria operator="AND"> 14678 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14679 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14680 </criteria> 14681 </definition> 14682 <definition id="oval:org.opensuse.security:def:20102177" version="1" class="vulnerability"> 14683 <metadata> 14684 <title>CVE-2010-2177</title> 14685 <affected family="unix"> 14686 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14687 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14688 </affected> 14689 <reference ref_id="CVE-2010-2177" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2177" source="CVE"/> 14690 <description> 14691 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. 14692 </description> 14693 </metadata> 14694 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14695 <criteria operator="AND"> 14696 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14697 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14698 </criteria> 14699 </definition> 14700 <definition id="oval:org.opensuse.security:def:20102178" version="1" class="vulnerability"> 14701 <metadata> 14702 <title>CVE-2010-2178</title> 14703 <affected family="unix"> 14704 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14705 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14706 </affected> 14707 <reference ref_id="CVE-2010-2178" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2178" source="CVE"/> 14708 <description> 14709 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. 14710 </description> 14711 </metadata> 14712 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14713 <criteria operator="AND"> 14714 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14715 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14716 </criteria> 14717 </definition> 14718 <definition id="oval:org.opensuse.security:def:20102179" version="1" class="vulnerability"> 14719 <metadata> 14720 <title>CVE-2010-2179</title> 14721 <affected family="unix"> 14722 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14723 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14724 </affected> 14725 <reference ref_id="CVE-2010-2179" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2179" source="CVE"/> 14726 <description> 14727 Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing. 14728 </description> 14729 </metadata> 14730 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14731 <criteria operator="AND"> 14732 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14733 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14734 </criteria> 14735 </definition> 14736 <definition id="oval:org.opensuse.security:def:20102180" version="1" class="vulnerability"> 14737 <metadata> 14738 <title>CVE-2010-2180</title> 14739 <affected family="unix"> 14740 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14741 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14742 </affected> 14743 <reference ref_id="CVE-2010-2180" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2180" source="CVE"/> 14744 <description> 14745 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. 14746 </description> 14747 </metadata> 14748 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14749 <criteria operator="AND"> 14750 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14751 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14752 </criteria> 14753 </definition> 14754 <definition id="oval:org.opensuse.security:def:20102181" version="1" class="vulnerability"> 14755 <metadata> 14756 <title>CVE-2010-2181</title> 14757 <affected family="unix"> 14758 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14759 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14760 </affected> 14761 <reference ref_id="CVE-2010-2181" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2181" source="CVE"/> 14762 <description> 14763 Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2183. 14764 </description> 14765 </metadata> 14766 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14767 <criteria operator="AND"> 14768 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14769 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14770 </criteria> 14771 </definition> 14772 <definition id="oval:org.opensuse.security:def:20102182" version="1" class="vulnerability"> 14773 <metadata> 14774 <title>CVE-2010-2182</title> 14775 <affected family="unix"> 14776 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14777 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14778 </affected> 14779 <reference ref_id="CVE-2010-2182" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2182" source="CVE"/> 14780 <description> 14781 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. 14782 </description> 14783 </metadata> 14784 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14785 <criteria operator="AND"> 14786 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14787 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14788 </criteria> 14789 </definition> 14790 <definition id="oval:org.opensuse.security:def:20102183" version="1" class="vulnerability"> 14791 <metadata> 14792 <title>CVE-2010-2183</title> 14793 <affected family="unix"> 14794 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14795 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14796 </affected> 14797 <reference ref_id="CVE-2010-2183" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2183" source="CVE"/> 14798 <description> 14799 Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2181. 14800 </description> 14801 </metadata> 14802 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14803 <criteria operator="AND"> 14804 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14805 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14806 </criteria> 14807 </definition> 14808 <definition id="oval:org.opensuse.security:def:20102184" version="1" class="vulnerability"> 14809 <metadata> 14810 <title>CVE-2010-2184</title> 14811 <affected family="unix"> 14812 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14813 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14814 </affected> 14815 <reference ref_id="CVE-2010-2184" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2184" source="CVE"/> 14816 <description> 14817 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2187, and CVE-2010-2188. 14818 </description> 14819 </metadata> 14820 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14821 <criteria operator="AND"> 14822 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14823 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14824 </criteria> 14825 </definition> 14826 <definition id="oval:org.opensuse.security:def:20102185" version="1" class="vulnerability"> 14827 <metadata> 14828 <title>CVE-2010-2185</title> 14829 <affected family="unix"> 14830 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14831 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14832 </affected> 14833 <reference ref_id="CVE-2010-2185" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2185" source="CVE"/> 14834 <description> 14835 Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors. 14836 </description> 14837 </metadata> 14838 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14839 <criteria operator="AND"> 14840 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14841 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14842 </criteria> 14843 </definition> 14844 <definition id="oval:org.opensuse.security:def:20102186" version="1" class="vulnerability"> 14845 <metadata> 14846 <title>CVE-2010-2186</title> 14847 <affected family="unix"> 14848 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14849 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14850 </affected> 14851 <reference ref_id="CVE-2010-2186" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2186" source="CVE"/> 14852 <description> 14853 Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. 14854 </description> 14855 </metadata> 14856 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14857 <criteria operator="AND"> 14858 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14859 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14860 </criteria> 14861 </definition> 14862 <definition id="oval:org.opensuse.security:def:20102187" version="1" class="vulnerability"> 14863 <metadata> 14864 <title>CVE-2010-2187</title> 14865 <affected family="unix"> 14866 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14867 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14868 </affected> 14869 <reference ref_id="CVE-2010-2187" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2187" source="CVE"/> 14870 <description> 14871 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2188. 14872 </description> 14873 </metadata> 14874 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14875 <criteria operator="AND"> 14876 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14877 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14878 </criteria> 14879 </definition> 14880 <definition id="oval:org.opensuse.security:def:20102188" version="1" class="vulnerability"> 14881 <metadata> 14882 <title>CVE-2010-2188</title> 14883 <affected family="unix"> 14884 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14885 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14886 </affected> 14887 <reference ref_id="CVE-2010-2188" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2188" source="CVE"/> 14888 <description> 14889 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by calling the ActionScript native object 2200 connect method multiple times with different arguments, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2187. 14890 </description> 14891 </metadata> 14892 <criteria operator="OR"> 14893 <!-- 0dc88ee261caadcb967f90fbfd30e7f2 --> 14894 <criteria operator="AND"> 14895 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14896 <criteria operator="OR"> 14897 <criterion test_ref="oval:org.opensuse.security:tst:2009062195" comment="acroread-cmaps less than 9.3.4-0.5.1"/> 14898 <criterion test_ref="oval:org.opensuse.security:tst:2009062196" comment="acroread-fonts-ja less than 9.3.4-0.5.1"/> 14899 <criterion test_ref="oval:org.opensuse.security:tst:2009062197" comment="acroread-fonts-ko less than 9.3.4-0.5.1"/> 14900 <criterion test_ref="oval:org.opensuse.security:tst:2009062198" comment="acroread-fonts-zh_CN less than 9.3.4-0.5.1"/> 14901 <criterion test_ref="oval:org.opensuse.security:tst:2009062199" comment="acroread-fonts-zh_TW less than 9.3.4-0.5.1"/> 14902 <criterion test_ref="oval:org.opensuse.security:tst:2009062200" comment="acroread less than 9.3.4-0.5.1"/> 14903 </criteria> 14904 </criteria> 14905 <!-- 4f2b033e0413b46d025beb15797c544d --> 14906 <criteria operator="AND"> 14907 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14908 <criterion test_ref="oval:org.opensuse.security:tst:2009061983" comment="flash-player less than 9.0.280.0-0.4.1"/> 14909 </criteria> 14910 <!-- 8d6734b9845d252567cc853032034436 --> 14911 <criteria operator="AND"> 14912 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14913 <criterion test_ref="oval:org.opensuse.security:tst:2009062201" comment="acroread_ja less than 9.3.4-0.4.1"/> 14914 </criteria> 14915 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14916 <criteria operator="AND"> 14917 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14918 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14919 </criteria> 14920 </criteria> 14921 </definition> 14922 <definition id="oval:org.opensuse.security:def:20102189" version="1" class="vulnerability"> 14923 <metadata> 14924 <title>CVE-2010-2189</title> 14925 <affected family="unix"> 14926 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14927 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14928 </affected> 14929 <reference ref_id="CVE-2010-2189" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2189" source="CVE"/> 14930 <description> 14931 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when used in conjunction with VMWare Tools on a VMWare platform, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. 14932 </description> 14933 </metadata> 14934 <!-- 95c1970351eaad8ec7445af7b6974ebe --> 14935 <criteria operator="AND"> 14936 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14937 <criterion test_ref="oval:org.opensuse.security:tst:2009060849" comment="flash-player less than 9.0.277.0-0.4.1"/> 14938 </criteria> 14939 </definition> 14940 <definition id="oval:org.opensuse.security:def:20102201" version="1" class="vulnerability"> 14941 <metadata> 14942 <title>CVE-2010-2201</title> 14943 <affected family="unix"> 14944 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14945 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14946 </affected> 14947 <reference ref_id="CVE-2010-2201" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201" source="CVE"/> 14948 <description> 14949 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content involving the (1) pushstring (0x2C) operator, (2) debugfile (0xF1) operator, and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-1285 and CVE-2010-2168. 14950 </description> 14951 </metadata> 14952 <criteria operator="OR"> 14953 <!-- 21e68a87c99667a745529ff35a06f5ee --> 14954 <criteria operator="AND"> 14955 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14956 <criteria operator="OR"> 14957 <criterion test_ref="oval:org.opensuse.security:tst:2009061121" comment="acroread-cmaps less than 9.3.3-0.4.1"/> 14958 <criterion test_ref="oval:org.opensuse.security:tst:2009061122" comment="acroread-fonts-ja less than 9.3.3-0.4.1"/> 14959 <criterion test_ref="oval:org.opensuse.security:tst:2009061123" comment="acroread-fonts-ko less than 9.3.3-0.4.1"/> 14960 <criterion test_ref="oval:org.opensuse.security:tst:2009061124" comment="acroread-fonts-zh_CN less than 9.3.3-0.4.1"/> 14961 <criterion test_ref="oval:org.opensuse.security:tst:2009061125" comment="acroread-fonts-zh_TW less than 9.3.3-0.4.1"/> 14962 <criterion test_ref="oval:org.opensuse.security:tst:2009061126" comment="acroread less than 9.3.3-0.4.1"/> 14963 </criteria> 14964 </criteria> 14965 <!-- 85ffca1ba54e883e18325b6a2ce98de9 --> 14966 <criteria operator="AND"> 14967 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14968 <criterion test_ref="oval:org.opensuse.security:tst:2009061134" comment="acroread_ja less than 9.3.3-0.4.1"/> 14969 </criteria> 14970 </criteria> 14971 </definition> 14972 <definition id="oval:org.opensuse.security:def:20102202" version="1" class="vulnerability"> 14973 <metadata> 14974 <title>CVE-2010-2202</title> 14975 <affected family="unix"> 14976 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 14977 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 14978 </affected> 14979 <reference ref_id="CVE-2010-2202" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202" source="CVE"/> 14980 <description> 14981 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. 14982 </description> 14983 </metadata> 14984 <criteria operator="OR"> 14985 <!-- 21e68a87c99667a745529ff35a06f5ee --> 14986 <criteria operator="AND"> 14987 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 14988 <criteria operator="OR"> 14989 <criterion test_ref="oval:org.opensuse.security:tst:2009061121" comment="acroread-cmaps less than 9.3.3-0.4.1"/> 14990 <criterion test_ref="oval:org.opensuse.security:tst:2009061122" comment="acroread-fonts-ja less than 9.3.3-0.4.1"/> 14991 <criterion test_ref="oval:org.opensuse.security:tst:2009061123" comment="acroread-fonts-ko less than 9.3.3-0.4.1"/> 14992 <criterion test_ref="oval:org.opensuse.security:tst:2009061124" comment="acroread-fonts-zh_CN less than 9.3.3-0.4.1"/> 14993 <criterion test_ref="oval:org.opensuse.security:tst:2009061125" comment="acroread-fonts-zh_TW less than 9.3.3-0.4.1"/> 14994 <criterion test_ref="oval:org.opensuse.security:tst:2009061126" comment="acroread less than 9.3.3-0.4.1"/> 14995 </criteria> 14996 </criteria> 14997 <!-- 85ffca1ba54e883e18325b6a2ce98de9 --> 14998 <criteria operator="AND"> 14999 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15000 <criterion test_ref="oval:org.opensuse.security:tst:2009061134" comment="acroread_ja less than 9.3.3-0.4.1"/> 15001 </criteria> 15002 </criteria> 15003 </definition> 15004 <definition id="oval:org.opensuse.security:def:20102203" version="1" class="vulnerability"> 15005 <metadata> 15006 <title>CVE-2010-2203</title> 15007 <affected family="unix"> 15008 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15009 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15010 </affected> 15011 <reference ref_id="CVE-2010-2203" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203" source="CVE"/> 15012 <description> 15013 Adobe Reader and Acrobat 9.x before 9.3.3 on UNIX allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. 15014 </description> 15015 </metadata> 15016 <criteria operator="OR"> 15017 <!-- 21e68a87c99667a745529ff35a06f5ee --> 15018 <criteria operator="AND"> 15019 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15020 <criteria operator="OR"> 15021 <criterion test_ref="oval:org.opensuse.security:tst:2009061121" comment="acroread-cmaps less than 9.3.3-0.4.1"/> 15022 <criterion test_ref="oval:org.opensuse.security:tst:2009061122" comment="acroread-fonts-ja less than 9.3.3-0.4.1"/> 15023 <criterion test_ref="oval:org.opensuse.security:tst:2009061123" comment="acroread-fonts-ko less than 9.3.3-0.4.1"/> 15024 <criterion test_ref="oval:org.opensuse.security:tst:2009061124" comment="acroread-fonts-zh_CN less than 9.3.3-0.4.1"/> 15025 <criterion test_ref="oval:org.opensuse.security:tst:2009061125" comment="acroread-fonts-zh_TW less than 9.3.3-0.4.1"/> 15026 <criterion test_ref="oval:org.opensuse.security:tst:2009061126" comment="acroread less than 9.3.3-0.4.1"/> 15027 </criteria> 15028 </criteria> 15029 <!-- 85ffca1ba54e883e18325b6a2ce98de9 --> 15030 <criteria operator="AND"> 15031 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15032 <criterion test_ref="oval:org.opensuse.security:tst:2009061134" comment="acroread_ja less than 9.3.3-0.4.1"/> 15033 </criteria> 15034 </criteria> 15035 </definition> 15036 <definition id="oval:org.opensuse.security:def:20102204" version="1" class="vulnerability"> 15037 <metadata> 15038 <title>CVE-2010-2204</title> 15039 <affected family="unix"> 15040 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15041 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15042 </affected> 15043 <reference ref_id="CVE-2010-2204" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204" source="CVE"/> 15044 <description> 15045 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors. 15046 </description> 15047 </metadata> 15048 <criteria operator="OR"> 15049 <!-- 21e68a87c99667a745529ff35a06f5ee --> 15050 <criteria operator="AND"> 15051 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15052 <criteria operator="OR"> 15053 <criterion test_ref="oval:org.opensuse.security:tst:2009061121" comment="acroread-cmaps less than 9.3.3-0.4.1"/> 15054 <criterion test_ref="oval:org.opensuse.security:tst:2009061122" comment="acroread-fonts-ja less than 9.3.3-0.4.1"/> 15055 <criterion test_ref="oval:org.opensuse.security:tst:2009061123" comment="acroread-fonts-ko less than 9.3.3-0.4.1"/> 15056 <criterion test_ref="oval:org.opensuse.security:tst:2009061124" comment="acroread-fonts-zh_CN less than 9.3.3-0.4.1"/> 15057 <criterion test_ref="oval:org.opensuse.security:tst:2009061125" comment="acroread-fonts-zh_TW less than 9.3.3-0.4.1"/> 15058 <criterion test_ref="oval:org.opensuse.security:tst:2009061126" comment="acroread less than 9.3.3-0.4.1"/> 15059 </criteria> 15060 </criteria> 15061 <!-- 85ffca1ba54e883e18325b6a2ce98de9 --> 15062 <criteria operator="AND"> 15063 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15064 <criterion test_ref="oval:org.opensuse.security:tst:2009061134" comment="acroread_ja less than 9.3.3-0.4.1"/> 15065 </criteria> 15066 </criteria> 15067 </definition> 15068 <definition id="oval:org.opensuse.security:def:20102205" version="1" class="vulnerability"> 15069 <metadata> 15070 <title>CVE-2010-2205</title> 15071 <affected family="unix"> 15072 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15073 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15074 </affected> 15075 <reference ref_id="CVE-2010-2205" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205" source="CVE"/> 15076 <description> 15077 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, access uninitialized memory, which allows attackers to execute arbitrary code via unspecified vectors. 15078 </description> 15079 </metadata> 15080 <criteria operator="OR"> 15081 <!-- 21e68a87c99667a745529ff35a06f5ee --> 15082 <criteria operator="AND"> 15083 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15084 <criteria operator="OR"> 15085 <criterion test_ref="oval:org.opensuse.security:tst:2009061121" comment="acroread-cmaps less than 9.3.3-0.4.1"/> 15086 <criterion test_ref="oval:org.opensuse.security:tst:2009061122" comment="acroread-fonts-ja less than 9.3.3-0.4.1"/> 15087 <criterion test_ref="oval:org.opensuse.security:tst:2009061123" comment="acroread-fonts-ko less than 9.3.3-0.4.1"/> 15088 <criterion test_ref="oval:org.opensuse.security:tst:2009061124" comment="acroread-fonts-zh_CN less than 9.3.3-0.4.1"/> 15089 <criterion test_ref="oval:org.opensuse.security:tst:2009061125" comment="acroread-fonts-zh_TW less than 9.3.3-0.4.1"/> 15090 <criterion test_ref="oval:org.opensuse.security:tst:2009061126" comment="acroread less than 9.3.3-0.4.1"/> 15091 </criteria> 15092 </criteria> 15093 <!-- 85ffca1ba54e883e18325b6a2ce98de9 --> 15094 <criteria operator="AND"> 15095 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15096 <criterion test_ref="oval:org.opensuse.security:tst:2009061134" comment="acroread_ja less than 9.3.3-0.4.1"/> 15097 </criteria> 15098 </criteria> 15099 </definition> 15100 <definition id="oval:org.opensuse.security:def:20102206" version="1" class="vulnerability"> 15101 <metadata> 15102 <title>CVE-2010-2206</title> 15103 <affected family="unix"> 15104 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15105 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15106 </affected> 15107 <reference ref_id="CVE-2010-2206" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206" source="CVE"/> 15108 <description> 15109 Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted GIF image in a PDF file, which bypasses a size check and triggers a heap-based buffer overflow. 15110 </description> 15111 </metadata> 15112 <criteria operator="OR"> 15113 <!-- 21e68a87c99667a745529ff35a06f5ee --> 15114 <criteria operator="AND"> 15115 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15116 <criteria operator="OR"> 15117 <criterion test_ref="oval:org.opensuse.security:tst:2009061121" comment="acroread-cmaps less than 9.3.3-0.4.1"/> 15118 <criterion test_ref="oval:org.opensuse.security:tst:2009061122" comment="acroread-fonts-ja less than 9.3.3-0.4.1"/> 15119 <criterion test_ref="oval:org.opensuse.security:tst:2009061123" comment="acroread-fonts-ko less than 9.3.3-0.4.1"/> 15120 <criterion test_ref="oval:org.opensuse.security:tst:2009061124" comment="acroread-fonts-zh_CN less than 9.3.3-0.4.1"/> 15121 <criterion test_ref="oval:org.opensuse.security:tst:2009061125" comment="acroread-fonts-zh_TW less than 9.3.3-0.4.1"/> 15122 <criterion test_ref="oval:org.opensuse.security:tst:2009061126" comment="acroread less than 9.3.3-0.4.1"/> 15123 </criteria> 15124 </criteria> 15125 <!-- 85ffca1ba54e883e18325b6a2ce98de9 --> 15126 <criteria operator="AND"> 15127 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15128 <criterion test_ref="oval:org.opensuse.security:tst:2009061134" comment="acroread_ja less than 9.3.3-0.4.1"/> 15129 </criteria> 15130 </criteria> 15131 </definition> 15132 <definition id="oval:org.opensuse.security:def:20102207" version="1" class="vulnerability"> 15133 <metadata> 15134 <title>CVE-2010-2207</title> 15135 <affected family="unix"> 15136 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15137 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15138 </affected> 15139 <reference ref_id="CVE-2010-2207" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207" source="CVE"/> 15140 <description> 15141 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. 15142 </description> 15143 </metadata> 15144 <criteria operator="OR"> 15145 <!-- 21e68a87c99667a745529ff35a06f5ee --> 15146 <criteria operator="AND"> 15147 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15148 <criteria operator="OR"> 15149 <criterion test_ref="oval:org.opensuse.security:tst:2009061121" comment="acroread-cmaps less than 9.3.3-0.4.1"/> 15150 <criterion test_ref="oval:org.opensuse.security:tst:2009061122" comment="acroread-fonts-ja less than 9.3.3-0.4.1"/> 15151 <criterion test_ref="oval:org.opensuse.security:tst:2009061123" comment="acroread-fonts-ko less than 9.3.3-0.4.1"/> 15152 <criterion test_ref="oval:org.opensuse.security:tst:2009061124" comment="acroread-fonts-zh_CN less than 9.3.3-0.4.1"/> 15153 <criterion test_ref="oval:org.opensuse.security:tst:2009061125" comment="acroread-fonts-zh_TW less than 9.3.3-0.4.1"/> 15154 <criterion test_ref="oval:org.opensuse.security:tst:2009061126" comment="acroread less than 9.3.3-0.4.1"/> 15155 </criteria> 15156 </criteria> 15157 <!-- 85ffca1ba54e883e18325b6a2ce98de9 --> 15158 <criteria operator="AND"> 15159 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15160 <criterion test_ref="oval:org.opensuse.security:tst:2009061134" comment="acroread_ja less than 9.3.3-0.4.1"/> 15161 </criteria> 15162 </criteria> 15163 </definition> 15164 <definition id="oval:org.opensuse.security:def:20102208" version="1" class="vulnerability"> 15165 <metadata> 15166 <title>CVE-2010-2208</title> 15167 <affected family="unix"> 15168 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15169 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15170 </affected> 15171 <reference ref_id="CVE-2010-2208" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208" source="CVE"/> 15172 <description> 15173 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, dereference a heap object after this object's deletion, which allows attackers to execute arbitrary code via unspecified vectors. 15174 </description> 15175 </metadata> 15176 <criteria operator="OR"> 15177 <!-- 21e68a87c99667a745529ff35a06f5ee --> 15178 <criteria operator="AND"> 15179 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15180 <criteria operator="OR"> 15181 <criterion test_ref="oval:org.opensuse.security:tst:2009061121" comment="acroread-cmaps less than 9.3.3-0.4.1"/> 15182 <criterion test_ref="oval:org.opensuse.security:tst:2009061122" comment="acroread-fonts-ja less than 9.3.3-0.4.1"/> 15183 <criterion test_ref="oval:org.opensuse.security:tst:2009061123" comment="acroread-fonts-ko less than 9.3.3-0.4.1"/> 15184 <criterion test_ref="oval:org.opensuse.security:tst:2009061124" comment="acroread-fonts-zh_CN less than 9.3.3-0.4.1"/> 15185 <criterion test_ref="oval:org.opensuse.security:tst:2009061125" comment="acroread-fonts-zh_TW less than 9.3.3-0.4.1"/> 15186 <criterion test_ref="oval:org.opensuse.security:tst:2009061126" comment="acroread less than 9.3.3-0.4.1"/> 15187 </criteria> 15188 </criteria> 15189 <!-- 85ffca1ba54e883e18325b6a2ce98de9 --> 15190 <criteria operator="AND"> 15191 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15192 <criterion test_ref="oval:org.opensuse.security:tst:2009061134" comment="acroread_ja less than 9.3.3-0.4.1"/> 15193 </criteria> 15194 </criteria> 15195 </definition> 15196 <definition id="oval:org.opensuse.security:def:20102209" version="1" class="vulnerability"> 15197 <metadata> 15198 <title>CVE-2010-2209</title> 15199 <affected family="unix"> 15200 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15201 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15202 </affected> 15203 <reference ref_id="CVE-2010-2209" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209" source="CVE"/> 15204 <description> 15205 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. 15206 </description> 15207 </metadata> 15208 <criteria operator="OR"> 15209 <!-- 21e68a87c99667a745529ff35a06f5ee --> 15210 <criteria operator="AND"> 15211 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15212 <criteria operator="OR"> 15213 <criterion test_ref="oval:org.opensuse.security:tst:2009061121" comment="acroread-cmaps less than 9.3.3-0.4.1"/> 15214 <criterion test_ref="oval:org.opensuse.security:tst:2009061122" comment="acroread-fonts-ja less than 9.3.3-0.4.1"/> 15215 <criterion test_ref="oval:org.opensuse.security:tst:2009061123" comment="acroread-fonts-ko less than 9.3.3-0.4.1"/> 15216 <criterion test_ref="oval:org.opensuse.security:tst:2009061124" comment="acroread-fonts-zh_CN less than 9.3.3-0.4.1"/> 15217 <criterion test_ref="oval:org.opensuse.security:tst:2009061125" comment="acroread-fonts-zh_TW less than 9.3.3-0.4.1"/> 15218 <criterion test_ref="oval:org.opensuse.security:tst:2009061126" comment="acroread less than 9.3.3-0.4.1"/> 15219 </criteria> 15220 </criteria> 15221 <!-- 85ffca1ba54e883e18325b6a2ce98de9 --> 15222 <criteria operator="AND"> 15223 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15224 <criterion test_ref="oval:org.opensuse.security:tst:2009061134" comment="acroread_ja less than 9.3.3-0.4.1"/> 15225 </criteria> 15226 </criteria> 15227 </definition> 15228 <definition id="oval:org.opensuse.security:def:20102210" version="1" class="vulnerability"> 15229 <metadata> 15230 <title>CVE-2010-2210</title> 15231 <affected family="unix"> 15232 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15233 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15234 </affected> 15235 <reference ref_id="CVE-2010-2210" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210" source="CVE"/> 15236 <description> 15237 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2211, and CVE-2010-2212. 15238 </description> 15239 </metadata> 15240 <criteria operator="OR"> 15241 <!-- 21e68a87c99667a745529ff35a06f5ee --> 15242 <criteria operator="AND"> 15243 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15244 <criteria operator="OR"> 15245 <criterion test_ref="oval:org.opensuse.security:tst:2009061121" comment="acroread-cmaps less than 9.3.3-0.4.1"/> 15246 <criterion test_ref="oval:org.opensuse.security:tst:2009061122" comment="acroread-fonts-ja less than 9.3.3-0.4.1"/> 15247 <criterion test_ref="oval:org.opensuse.security:tst:2009061123" comment="acroread-fonts-ko less than 9.3.3-0.4.1"/> 15248 <criterion test_ref="oval:org.opensuse.security:tst:2009061124" comment="acroread-fonts-zh_CN less than 9.3.3-0.4.1"/> 15249 <criterion test_ref="oval:org.opensuse.security:tst:2009061125" comment="acroread-fonts-zh_TW less than 9.3.3-0.4.1"/> 15250 <criterion test_ref="oval:org.opensuse.security:tst:2009061126" comment="acroread less than 9.3.3-0.4.1"/> 15251 </criteria> 15252 </criteria> 15253 <!-- 85ffca1ba54e883e18325b6a2ce98de9 --> 15254 <criteria operator="AND"> 15255 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15256 <criterion test_ref="oval:org.opensuse.security:tst:2009061134" comment="acroread_ja less than 9.3.3-0.4.1"/> 15257 </criteria> 15258 </criteria> 15259 </definition> 15260 <definition id="oval:org.opensuse.security:def:20102211" version="1" class="vulnerability"> 15261 <metadata> 15262 <title>CVE-2010-2211</title> 15263 <affected family="unix"> 15264 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15265 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15266 </affected> 15267 <reference ref_id="CVE-2010-2211" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211" source="CVE"/> 15268 <description> 15269 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2212. 15270 </description> 15271 </metadata> 15272 <criteria operator="OR"> 15273 <!-- 21e68a87c99667a745529ff35a06f5ee --> 15274 <criteria operator="AND"> 15275 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15276 <criteria operator="OR"> 15277 <criterion test_ref="oval:org.opensuse.security:tst:2009061121" comment="acroread-cmaps less than 9.3.3-0.4.1"/> 15278 <criterion test_ref="oval:org.opensuse.security:tst:2009061122" comment="acroread-fonts-ja less than 9.3.3-0.4.1"/> 15279 <criterion test_ref="oval:org.opensuse.security:tst:2009061123" comment="acroread-fonts-ko less than 9.3.3-0.4.1"/> 15280 <criterion test_ref="oval:org.opensuse.security:tst:2009061124" comment="acroread-fonts-zh_CN less than 9.3.3-0.4.1"/> 15281 <criterion test_ref="oval:org.opensuse.security:tst:2009061125" comment="acroread-fonts-zh_TW less than 9.3.3-0.4.1"/> 15282 <criterion test_ref="oval:org.opensuse.security:tst:2009061126" comment="acroread less than 9.3.3-0.4.1"/> 15283 </criteria> 15284 </criteria> 15285 <!-- 85ffca1ba54e883e18325b6a2ce98de9 --> 15286 <criteria operator="AND"> 15287 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15288 <criterion test_ref="oval:org.opensuse.security:tst:2009061134" comment="acroread_ja less than 9.3.3-0.4.1"/> 15289 </criteria> 15290 </criteria> 15291 </definition> 15292 <definition id="oval:org.opensuse.security:def:20102212" version="1" class="vulnerability"> 15293 <metadata> 15294 <title>CVE-2010-2212</title> 15295 <affected family="unix"> 15296 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15297 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15298 </affected> 15299 <reference ref_id="CVE-2010-2212" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212" source="CVE"/> 15300 <description> 15301 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PDF file containing Flash content with a crafted #1023 (3FFh) tag, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2211. 15302 </description> 15303 </metadata> 15304 <criteria operator="OR"> 15305 <!-- 21e68a87c99667a745529ff35a06f5ee --> 15306 <criteria operator="AND"> 15307 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15308 <criteria operator="OR"> 15309 <criterion test_ref="oval:org.opensuse.security:tst:2009061121" comment="acroread-cmaps less than 9.3.3-0.4.1"/> 15310 <criterion test_ref="oval:org.opensuse.security:tst:2009061122" comment="acroread-fonts-ja less than 9.3.3-0.4.1"/> 15311 <criterion test_ref="oval:org.opensuse.security:tst:2009061123" comment="acroread-fonts-ko less than 9.3.3-0.4.1"/> 15312 <criterion test_ref="oval:org.opensuse.security:tst:2009061124" comment="acroread-fonts-zh_CN less than 9.3.3-0.4.1"/> 15313 <criterion test_ref="oval:org.opensuse.security:tst:2009061125" comment="acroread-fonts-zh_TW less than 9.3.3-0.4.1"/> 15314 <criterion test_ref="oval:org.opensuse.security:tst:2009061126" comment="acroread less than 9.3.3-0.4.1"/> 15315 </criteria> 15316 </criteria> 15317 <!-- 85ffca1ba54e883e18325b6a2ce98de9 --> 15318 <criteria operator="AND"> 15319 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15320 <criterion test_ref="oval:org.opensuse.security:tst:2009061134" comment="acroread_ja less than 9.3.3-0.4.1"/> 15321 </criteria> 15322 </criteria> 15323 </definition> 15324 <definition id="oval:org.opensuse.security:def:20102213" version="1" class="vulnerability"> 15325 <metadata> 15326 <title>CVE-2010-2213</title> 15327 <affected family="unix"> 15328 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15329 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15330 </affected> 15331 <reference ref_id="CVE-2010-2213" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2213" source="CVE"/> 15332 <description> 15333 Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2214, and CVE-2010-2216. 15334 </description> 15335 </metadata> 15336 <criteria operator="OR"> 15337 <!-- 0dc88ee261caadcb967f90fbfd30e7f2 --> 15338 <criteria operator="AND"> 15339 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15340 <criteria operator="OR"> 15341 <criterion test_ref="oval:org.opensuse.security:tst:2009062195" comment="acroread-cmaps less than 9.3.4-0.5.1"/> 15342 <criterion test_ref="oval:org.opensuse.security:tst:2009062196" comment="acroread-fonts-ja less than 9.3.4-0.5.1"/> 15343 <criterion test_ref="oval:org.opensuse.security:tst:2009062197" comment="acroread-fonts-ko less than 9.3.4-0.5.1"/> 15344 <criterion test_ref="oval:org.opensuse.security:tst:2009062198" comment="acroread-fonts-zh_CN less than 9.3.4-0.5.1"/> 15345 <criterion test_ref="oval:org.opensuse.security:tst:2009062199" comment="acroread-fonts-zh_TW less than 9.3.4-0.5.1"/> 15346 <criterion test_ref="oval:org.opensuse.security:tst:2009062200" comment="acroread less than 9.3.4-0.5.1"/> 15347 </criteria> 15348 </criteria> 15349 <!-- 4f2b033e0413b46d025beb15797c544d --> 15350 <criteria operator="AND"> 15351 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15352 <criterion test_ref="oval:org.opensuse.security:tst:2009061983" comment="flash-player less than 9.0.280.0-0.4.1"/> 15353 </criteria> 15354 <!-- 8d6734b9845d252567cc853032034436 --> 15355 <criteria operator="AND"> 15356 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15357 <criterion test_ref="oval:org.opensuse.security:tst:2009062201" comment="acroread_ja less than 9.3.4-0.4.1"/> 15358 </criteria> 15359 </criteria> 15360 </definition> 15361 <definition id="oval:org.opensuse.security:def:20102214" version="1" class="vulnerability"> 15362 <metadata> 15363 <title>CVE-2010-2214</title> 15364 <affected family="unix"> 15365 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15366 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15367 </affected> 15368 <reference ref_id="CVE-2010-2214" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2214" source="CVE"/> 15369 <description> 15370 Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2216. 15371 </description> 15372 </metadata> 15373 <criteria operator="OR"> 15374 <!-- 0dc88ee261caadcb967f90fbfd30e7f2 --> 15375 <criteria operator="AND"> 15376 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15377 <criteria operator="OR"> 15378 <criterion test_ref="oval:org.opensuse.security:tst:2009062195" comment="acroread-cmaps less than 9.3.4-0.5.1"/> 15379 <criterion test_ref="oval:org.opensuse.security:tst:2009062196" comment="acroread-fonts-ja less than 9.3.4-0.5.1"/> 15380 <criterion test_ref="oval:org.opensuse.security:tst:2009062197" comment="acroread-fonts-ko less than 9.3.4-0.5.1"/> 15381 <criterion test_ref="oval:org.opensuse.security:tst:2009062198" comment="acroread-fonts-zh_CN less than 9.3.4-0.5.1"/> 15382 <criterion test_ref="oval:org.opensuse.security:tst:2009062199" comment="acroread-fonts-zh_TW less than 9.3.4-0.5.1"/> 15383 <criterion test_ref="oval:org.opensuse.security:tst:2009062200" comment="acroread less than 9.3.4-0.5.1"/> 15384 </criteria> 15385 </criteria> 15386 <!-- 4f2b033e0413b46d025beb15797c544d --> 15387 <criteria operator="AND"> 15388 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15389 <criterion test_ref="oval:org.opensuse.security:tst:2009061983" comment="flash-player less than 9.0.280.0-0.4.1"/> 15390 </criteria> 15391 <!-- 8d6734b9845d252567cc853032034436 --> 15392 <criteria operator="AND"> 15393 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15394 <criterion test_ref="oval:org.opensuse.security:tst:2009062201" comment="acroread_ja less than 9.3.4-0.4.1"/> 15395 </criteria> 15396 </criteria> 15397 </definition> 15398 <definition id="oval:org.opensuse.security:def:20102215" version="1" class="vulnerability"> 15399 <metadata> 15400 <title>CVE-2010-2215</title> 15401 <affected family="unix"> 15402 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15403 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15404 </affected> 15405 <reference ref_id="CVE-2010-2215" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2215" source="CVE"/> 15406 <description> 15407 Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "click-jacking" issue. 15408 </description> 15409 </metadata> 15410 <criteria operator="OR"> 15411 <!-- 0dc88ee261caadcb967f90fbfd30e7f2 --> 15412 <criteria operator="AND"> 15413 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15414 <criteria operator="OR"> 15415 <criterion test_ref="oval:org.opensuse.security:tst:2009062195" comment="acroread-cmaps less than 9.3.4-0.5.1"/> 15416 <criterion test_ref="oval:org.opensuse.security:tst:2009062196" comment="acroread-fonts-ja less than 9.3.4-0.5.1"/> 15417 <criterion test_ref="oval:org.opensuse.security:tst:2009062197" comment="acroread-fonts-ko less than 9.3.4-0.5.1"/> 15418 <criterion test_ref="oval:org.opensuse.security:tst:2009062198" comment="acroread-fonts-zh_CN less than 9.3.4-0.5.1"/> 15419 <criterion test_ref="oval:org.opensuse.security:tst:2009062199" comment="acroread-fonts-zh_TW less than 9.3.4-0.5.1"/> 15420 <criterion test_ref="oval:org.opensuse.security:tst:2009062200" comment="acroread less than 9.3.4-0.5.1"/> 15421 </criteria> 15422 </criteria> 15423 <!-- 4f2b033e0413b46d025beb15797c544d --> 15424 <criteria operator="AND"> 15425 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15426 <criterion test_ref="oval:org.opensuse.security:tst:2009061983" comment="flash-player less than 9.0.280.0-0.4.1"/> 15427 </criteria> 15428 <!-- 8d6734b9845d252567cc853032034436 --> 15429 <criteria operator="AND"> 15430 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15431 <criterion test_ref="oval:org.opensuse.security:tst:2009062201" comment="acroread_ja less than 9.3.4-0.4.1"/> 15432 </criteria> 15433 </criteria> 15434 </definition> 15435 <definition id="oval:org.opensuse.security:def:20102216" version="1" class="vulnerability"> 15436 <metadata> 15437 <title>CVE-2010-2216</title> 15438 <affected family="unix"> 15439 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15440 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15441 </affected> 15442 <reference ref_id="CVE-2010-2216" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2216" source="CVE"/> 15443 <description> 15444 Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2214. 15445 </description> 15446 </metadata> 15447 <criteria operator="OR"> 15448 <!-- 0dc88ee261caadcb967f90fbfd30e7f2 --> 15449 <criteria operator="AND"> 15450 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15451 <criteria operator="OR"> 15452 <criterion test_ref="oval:org.opensuse.security:tst:2009062195" comment="acroread-cmaps less than 9.3.4-0.5.1"/> 15453 <criterion test_ref="oval:org.opensuse.security:tst:2009062196" comment="acroread-fonts-ja less than 9.3.4-0.5.1"/> 15454 <criterion test_ref="oval:org.opensuse.security:tst:2009062197" comment="acroread-fonts-ko less than 9.3.4-0.5.1"/> 15455 <criterion test_ref="oval:org.opensuse.security:tst:2009062198" comment="acroread-fonts-zh_CN less than 9.3.4-0.5.1"/> 15456 <criterion test_ref="oval:org.opensuse.security:tst:2009062199" comment="acroread-fonts-zh_TW less than 9.3.4-0.5.1"/> 15457 <criterion test_ref="oval:org.opensuse.security:tst:2009062200" comment="acroread less than 9.3.4-0.5.1"/> 15458 </criteria> 15459 </criteria> 15460 <!-- 4f2b033e0413b46d025beb15797c544d --> 15461 <criteria operator="AND"> 15462 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15463 <criterion test_ref="oval:org.opensuse.security:tst:2009061983" comment="flash-player less than 9.0.280.0-0.4.1"/> 15464 </criteria> 15465 <!-- 8d6734b9845d252567cc853032034436 --> 15466 <criteria operator="AND"> 15467 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15468 <criterion test_ref="oval:org.opensuse.security:tst:2009062201" comment="acroread_ja less than 9.3.4-0.4.1"/> 15469 </criteria> 15470 </criteria> 15471 </definition> 15472 <definition id="oval:org.opensuse.security:def:20102226" version="1" class="vulnerability"> 15473 <metadata> 15474 <title>CVE-2010-2226</title> 15475 <affected family="unix"> 15476 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15477 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15478 </affected> 15479 <reference ref_id="CVE-2010-2226" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2226" source="CVE"/> 15480 <description> 15481 The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file. 15482 </description> 15483 </metadata> 15484 <criteria operator="OR"> 15485 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 15486 <criteria operator="AND"> 15487 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15488 <criteria operator="OR"> 15489 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 15490 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 15491 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 15492 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 15493 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 15494 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 15495 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 15496 </criteria> 15497 </criteria> 15498 <!-- 674eb707cae3a31be66788e116641a9a --> 15499 <criteria operator="AND"> 15500 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15501 <criteria operator="OR"> 15502 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 15503 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 15504 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 15505 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 15506 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 15507 </criteria> 15508 </criteria> 15509 </criteria> 15510 </definition> 15511 <definition id="oval:org.opensuse.security:def:20102240" version="1" class="vulnerability"> 15512 <metadata> 15513 <title>CVE-2010-2240</title> 15514 <affected family="unix"> 15515 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15516 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15517 </affected> 15518 <reference ref_id="CVE-2010-2240" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2240" source="CVE"/> 15519 <description> 15520 The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server. 15521 </description> 15522 </metadata> 15523 <criteria operator="OR"> 15524 <!-- 1c1d30cf9b3bc83062b6206fa78832a8 --> 15525 <criteria operator="AND"> 15526 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15527 <criteria operator="OR"> 15528 <criterion test_ref="oval:org.opensuse.security:tst:2009062208" comment="kernel-bigsmp less than 2.6.16.60-0.68.1"/> 15529 <criterion test_ref="oval:org.opensuse.security:tst:2009062209" comment="kernel-default less than 2.6.16.60-0.68.1"/> 15530 <criterion test_ref="oval:org.opensuse.security:tst:2009062210" comment="kernel-smp less than 2.6.16.60-0.68.1"/> 15531 <criterion test_ref="oval:org.opensuse.security:tst:2009062211" comment="kernel-source less than 2.6.16.60-0.68.1"/> 15532 <criterion test_ref="oval:org.opensuse.security:tst:2009062212" comment="kernel-syms less than 2.6.16.60-0.68.1"/> 15533 <criterion test_ref="oval:org.opensuse.security:tst:2009062213" comment="kernel-xen less than 2.6.16.60-0.68.1"/> 15534 <criterion test_ref="oval:org.opensuse.security:tst:2009062214" comment="kernel-xenpae less than 2.6.16.60-0.68.1"/> 15535 </criteria> 15536 </criteria> 15537 <!-- 230218bf314de48afa7d4578b047bc67 --> 15538 <criteria operator="AND"> 15539 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15540 <criteria operator="OR"> 15541 <criterion test_ref="oval:org.opensuse.security:tst:2009062209" comment="kernel-default less than 2.6.16.60-0.68.1"/> 15542 <criterion test_ref="oval:org.opensuse.security:tst:2009062210" comment="kernel-smp less than 2.6.16.60-0.68.1"/> 15543 <criterion test_ref="oval:org.opensuse.security:tst:2009062211" comment="kernel-source less than 2.6.16.60-0.68.1"/> 15544 <criterion test_ref="oval:org.opensuse.security:tst:2009062212" comment="kernel-syms less than 2.6.16.60-0.68.1"/> 15545 <criterion test_ref="oval:org.opensuse.security:tst:2009062213" comment="kernel-xen less than 2.6.16.60-0.68.1"/> 15546 </criteria> 15547 </criteria> 15548 <!-- ba31a309e8cde77800f42a751dbf7be3 --> 15549 <criteria operator="AND"> 15550 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15551 <criteria operator="OR"> 15552 <criterion test_ref="oval:org.opensuse.security:tst:2009063288" comment="xorg-x11-Xvnc less than 6.9.0-50.67.1"/> 15553 <criterion test_ref="oval:org.opensuse.security:tst:2009063289" comment="xorg-x11-server less than 6.9.0-50.67.1"/> 15554 </criteria> 15555 </criteria> 15556 </criteria> 15557 </definition> 15558 <definition id="oval:org.opensuse.security:def:20102242" version="1" class="vulnerability"> 15559 <metadata> 15560 <title>CVE-2010-2242</title> 15561 <affected family="unix"> 15562 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15563 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15564 </affected> 15565 <reference ref_id="CVE-2010-2242" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2242" source="CVE"/> 15566 <description> 15567 Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS directory tree. 15568 </description> 15569 </metadata> 15570 <!-- 1785c19e5aa936f999b1e248d3a7f8bf --> 15571 <criteria operator="AND"> 15572 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15573 <criteria operator="OR"> 15574 <criterion test_ref="oval:org.opensuse.security:tst:2009062737" comment="libvirt-python less than 0.3.3-18.18.1"/> 15575 <criterion test_ref="oval:org.opensuse.security:tst:2009062738" comment="libvirt less than 0.3.3-18.18.1"/> 15576 </criteria> 15577 </criteria> 15578 </definition> 15579 <definition id="oval:org.opensuse.security:def:20102248" version="1" class="vulnerability"> 15580 <metadata> 15581 <title>CVE-2010-2248</title> 15582 <affected family="unix"> 15583 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15584 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15585 </affected> 15586 <reference ref_id="CVE-2010-2248" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2248" source="CVE"/> 15587 <description> 15588 fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel before 2.6.34-rc4 allows remote attackers to cause a denial of service (panic) via an SMB response packet with an invalid CountHigh value, as demonstrated by a response from an OS/2 server, related to the CIFSSMBWrite and CIFSSMBWrite2 functions. 15589 </description> 15590 </metadata> 15591 <criteria operator="OR"> 15592 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 15593 <criteria operator="AND"> 15594 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15595 <criteria operator="OR"> 15596 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 15597 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 15598 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 15599 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 15600 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 15601 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 15602 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 15603 </criteria> 15604 </criteria> 15605 <!-- 674eb707cae3a31be66788e116641a9a --> 15606 <criteria operator="AND"> 15607 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15608 <criteria operator="OR"> 15609 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 15610 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 15611 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 15612 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 15613 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 15614 </criteria> 15615 </criteria> 15616 </criteria> 15617 </definition> 15618 <definition id="oval:org.opensuse.security:def:20102249" version="1" class="vulnerability"> 15619 <metadata> 15620 <title>CVE-2010-2249</title> 15621 <affected family="unix"> 15622 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15623 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15624 </affected> 15625 <reference ref_id="CVE-2010-2249" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249" source="CVE"/> 15626 <description> 15627 Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. 15628 </description> 15629 </metadata> 15630 <!-- 37055a3106d59423dce730c76401a58e --> 15631 <criteria operator="AND"> 15632 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15633 <criteria operator="OR"> 15634 <criterion test_ref="oval:org.opensuse.security:tst:2009062300" comment="libpng-32bit less than 1.2.8-19.29.1"/> 15635 <criterion test_ref="oval:org.opensuse.security:tst:2009062301" comment="libpng-devel-32bit less than 1.2.8-19.29.1"/> 15636 <criterion test_ref="oval:org.opensuse.security:tst:2009062302" comment="libpng-devel less than 1.2.8-19.29.1"/> 15637 <criterion test_ref="oval:org.opensuse.security:tst:2009062303" comment="libpng less than 1.2.8-19.29.1"/> 15638 </criteria> 15639 </criteria> 15640 </definition> 15641 <definition id="oval:org.opensuse.security:def:20102283" version="1" class="vulnerability"> 15642 <metadata> 15643 <title>CVE-2010-2283</title> 15644 <affected family="unix"> 15645 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15646 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15647 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 15648 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 15649 </affected> 15650 <reference ref_id="CVE-2010-2283" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2283" source="CVE"/> 15651 <description> 15652 The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. 15653 </description> 15654 </metadata> 15655 <criteria operator="OR"> 15656 <!-- 6f945ca7e512591223a153602859503d --> 15657 <criteria operator="AND"> 15658 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15659 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 15660 </criteria> 15661 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 15662 <criteria operator="AND"> 15663 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 15664 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 15665 </criteria> 15666 </criteria> 15667 </definition> 15668 <definition id="oval:org.opensuse.security:def:20102284" version="1" class="vulnerability"> 15669 <metadata> 15670 <title>CVE-2010-2284</title> 15671 <affected family="unix"> 15672 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15673 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15674 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 15675 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 15676 </affected> 15677 <reference ref_id="CVE-2010-2284" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2284" source="CVE"/> 15678 <description> 15679 Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. 15680 </description> 15681 </metadata> 15682 <criteria operator="OR"> 15683 <!-- 6f945ca7e512591223a153602859503d --> 15684 <criteria operator="AND"> 15685 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15686 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 15687 </criteria> 15688 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 15689 <criteria operator="AND"> 15690 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 15691 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 15692 </criteria> 15693 </criteria> 15694 </definition> 15695 <definition id="oval:org.opensuse.security:def:20102285" version="1" class="vulnerability"> 15696 <metadata> 15697 <title>CVE-2010-2285</title> 15698 <affected family="unix"> 15699 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15700 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15701 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 15702 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 15703 </affected> 15704 <reference ref_id="CVE-2010-2285" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2285" source="CVE"/> 15705 <description> 15706 The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. 15707 </description> 15708 </metadata> 15709 <criteria operator="OR"> 15710 <!-- 6f945ca7e512591223a153602859503d --> 15711 <criteria operator="AND"> 15712 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15713 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 15714 </criteria> 15715 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 15716 <criteria operator="AND"> 15717 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 15718 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 15719 </criteria> 15720 </criteria> 15721 </definition> 15722 <definition id="oval:org.opensuse.security:def:20102286" version="1" class="vulnerability"> 15723 <metadata> 15724 <title>CVE-2010-2286</title> 15725 <affected family="unix"> 15726 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15727 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15728 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 15729 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 15730 </affected> 15731 <reference ref_id="CVE-2010-2286" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2286" source="CVE"/> 15732 <description> 15733 The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. 15734 </description> 15735 </metadata> 15736 <criteria operator="OR"> 15737 <!-- 6f945ca7e512591223a153602859503d --> 15738 <criteria operator="AND"> 15739 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15740 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 15741 </criteria> 15742 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 15743 <criteria operator="AND"> 15744 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 15745 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 15746 </criteria> 15747 </criteria> 15748 </definition> 15749 <definition id="oval:org.opensuse.security:def:20102287" version="1" class="vulnerability"> 15750 <metadata> 15751 <title>CVE-2010-2287</title> 15752 <affected family="unix"> 15753 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15754 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15755 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 15756 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 15757 </affected> 15758 <reference ref_id="CVE-2010-2287" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2287" source="CVE"/> 15759 <description> 15760 Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. 15761 </description> 15762 </metadata> 15763 <criteria operator="OR"> 15764 <!-- 6f945ca7e512591223a153602859503d --> 15765 <criteria operator="AND"> 15766 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15767 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 15768 </criteria> 15769 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 15770 <criteria operator="AND"> 15771 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 15772 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 15773 </criteria> 15774 </criteria> 15775 </definition> 15776 <definition id="oval:org.opensuse.security:def:20102431" version="1" class="vulnerability"> 15777 <metadata> 15778 <title>CVE-2010-2431</title> 15779 <affected family="unix"> 15780 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 15781 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 15782 </affected> 15783 <reference ref_id="CVE-2010-2431" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2431" source="CVE"/> 15784 <description> 15785 The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file. 15786 </description> 15787 </metadata> 15788 <!-- 58f92f1602b118d40cc39ae74d76028f --> 15789 <criteria operator="AND"> 15790 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 15791 <criteria operator="OR"> 15792 <criterion test_ref="oval:org.opensuse.security:tst:2009071180" comment="cups-client less than 1.1.23-40.62.1"/> 15793 <criterion test_ref="oval:org.opensuse.security:tst:2009071181" comment="cups-devel less than 1.1.23-40.62.1"/> 15794 <criterion test_ref="oval:org.opensuse.security:tst:2009071182" comment="cups-libs-32bit less than 1.1.23-40.62.1"/> 15795 <criterion test_ref="oval:org.opensuse.security:tst:2009071183" comment="cups-libs less than 1.1.23-40.62.1"/> 15796 <criterion test_ref="oval:org.opensuse.security:tst:2009071184" comment="cups less than 1.1.23-40.62.1"/> 15797 </criteria> 15798 </criteria> 15799 </definition> 15800 <definition id="oval:org.opensuse.security:def:20102497" version="1" class="vulnerability"> 15801 <metadata> 15802 <title>CVE-2010-2497</title> 15803 <affected family="unix"> 15804 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15805 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15806 </affected> 15807 <reference ref_id="CVE-2010-2497" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2497" source="CVE"/> 15808 <description> 15809 Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. 15810 </description> 15811 </metadata> 15812 <!-- 0f5e12625ac6384954079609270ebf9e --> 15813 <criteria operator="AND"> 15814 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15815 <criteria operator="OR"> 15816 <criterion test_ref="oval:org.opensuse.security:tst:2009062154" comment="freetype2-32bit less than 2.1.10-18.22.1"/> 15817 <criterion test_ref="oval:org.opensuse.security:tst:2009062155" comment="freetype2-devel-32bit less than 2.1.10-18.22.1"/> 15818 <criterion test_ref="oval:org.opensuse.security:tst:2009062156" comment="freetype2-devel less than 2.1.10-18.22.1"/> 15819 <criterion test_ref="oval:org.opensuse.security:tst:2009062157" comment="freetype2 less than 2.1.10-18.22.1"/> 15820 </criteria> 15821 </criteria> 15822 </definition> 15823 <definition id="oval:org.opensuse.security:def:20102498" version="1" class="vulnerability"> 15824 <metadata> 15825 <title>CVE-2010-2498</title> 15826 <affected family="unix"> 15827 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15828 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15829 </affected> 15830 <reference ref_id="CVE-2010-2498" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2498" source="CVE"/> 15831 <description> 15832 The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation. 15833 </description> 15834 </metadata> 15835 <!-- 0f5e12625ac6384954079609270ebf9e --> 15836 <criteria operator="AND"> 15837 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15838 <criteria operator="OR"> 15839 <criterion test_ref="oval:org.opensuse.security:tst:2009062154" comment="freetype2-32bit less than 2.1.10-18.22.1"/> 15840 <criterion test_ref="oval:org.opensuse.security:tst:2009062155" comment="freetype2-devel-32bit less than 2.1.10-18.22.1"/> 15841 <criterion test_ref="oval:org.opensuse.security:tst:2009062156" comment="freetype2-devel less than 2.1.10-18.22.1"/> 15842 <criterion test_ref="oval:org.opensuse.security:tst:2009062157" comment="freetype2 less than 2.1.10-18.22.1"/> 15843 </criteria> 15844 </criteria> 15845 </definition> 15846 <definition id="oval:org.opensuse.security:def:20102499" version="1" class="vulnerability"> 15847 <metadata> 15848 <title>CVE-2010-2499</title> 15849 <affected family="unix"> 15850 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15851 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15852 </affected> 15853 <reference ref_id="CVE-2010-2499" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2499" source="CVE"/> 15854 <description> 15855 Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LaserWriter PS font file with an embedded PFB fragment. 15856 </description> 15857 </metadata> 15858 <!-- 0f5e12625ac6384954079609270ebf9e --> 15859 <criteria operator="AND"> 15860 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15861 <criteria operator="OR"> 15862 <criterion test_ref="oval:org.opensuse.security:tst:2009062154" comment="freetype2-32bit less than 2.1.10-18.22.1"/> 15863 <criterion test_ref="oval:org.opensuse.security:tst:2009062155" comment="freetype2-devel-32bit less than 2.1.10-18.22.1"/> 15864 <criterion test_ref="oval:org.opensuse.security:tst:2009062156" comment="freetype2-devel less than 2.1.10-18.22.1"/> 15865 <criterion test_ref="oval:org.opensuse.security:tst:2009062157" comment="freetype2 less than 2.1.10-18.22.1"/> 15866 </criteria> 15867 </criteria> 15868 </definition> 15869 <definition id="oval:org.opensuse.security:def:20102500" version="1" class="vulnerability"> 15870 <metadata> 15871 <title>CVE-2010-2500</title> 15872 <affected family="unix"> 15873 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15874 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15875 </affected> 15876 <reference ref_id="CVE-2010-2500" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2500" source="CVE"/> 15877 <description> 15878 Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. 15879 </description> 15880 </metadata> 15881 <!-- 0f5e12625ac6384954079609270ebf9e --> 15882 <criteria operator="AND"> 15883 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15884 <criteria operator="OR"> 15885 <criterion test_ref="oval:org.opensuse.security:tst:2009062154" comment="freetype2-32bit less than 2.1.10-18.22.1"/> 15886 <criterion test_ref="oval:org.opensuse.security:tst:2009062155" comment="freetype2-devel-32bit less than 2.1.10-18.22.1"/> 15887 <criterion test_ref="oval:org.opensuse.security:tst:2009062156" comment="freetype2-devel less than 2.1.10-18.22.1"/> 15888 <criterion test_ref="oval:org.opensuse.security:tst:2009062157" comment="freetype2 less than 2.1.10-18.22.1"/> 15889 </criteria> 15890 </criteria> 15891 </definition> 15892 <definition id="oval:org.opensuse.security:def:20102519" version="1" class="vulnerability"> 15893 <metadata> 15894 <title>CVE-2010-2519</title> 15895 <affected family="unix"> 15896 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15897 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15898 </affected> 15899 <reference ref_id="CVE-2010-2519" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2519" source="CVE"/> 15900 <description> 15901 Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file. 15902 </description> 15903 </metadata> 15904 <!-- 0f5e12625ac6384954079609270ebf9e --> 15905 <criteria operator="AND"> 15906 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15907 <criteria operator="OR"> 15908 <criterion test_ref="oval:org.opensuse.security:tst:2009062154" comment="freetype2-32bit less than 2.1.10-18.22.1"/> 15909 <criterion test_ref="oval:org.opensuse.security:tst:2009062155" comment="freetype2-devel-32bit less than 2.1.10-18.22.1"/> 15910 <criterion test_ref="oval:org.opensuse.security:tst:2009062156" comment="freetype2-devel less than 2.1.10-18.22.1"/> 15911 <criterion test_ref="oval:org.opensuse.security:tst:2009062157" comment="freetype2 less than 2.1.10-18.22.1"/> 15912 </criteria> 15913 </criteria> 15914 </definition> 15915 <definition id="oval:org.opensuse.security:def:20102520" version="1" class="vulnerability"> 15916 <metadata> 15917 <title>CVE-2010-2520</title> 15918 <affected family="unix"> 15919 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15920 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15921 </affected> 15922 <reference ref_id="CVE-2010-2520" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2520" source="CVE"/> 15923 <description> 15924 Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. 15925 </description> 15926 </metadata> 15927 <!-- 0f5e12625ac6384954079609270ebf9e --> 15928 <criteria operator="AND"> 15929 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15930 <criteria operator="OR"> 15931 <criterion test_ref="oval:org.opensuse.security:tst:2009062154" comment="freetype2-32bit less than 2.1.10-18.22.1"/> 15932 <criterion test_ref="oval:org.opensuse.security:tst:2009062155" comment="freetype2-devel-32bit less than 2.1.10-18.22.1"/> 15933 <criterion test_ref="oval:org.opensuse.security:tst:2009062156" comment="freetype2-devel less than 2.1.10-18.22.1"/> 15934 <criterion test_ref="oval:org.opensuse.security:tst:2009062157" comment="freetype2 less than 2.1.10-18.22.1"/> 15935 </criteria> 15936 </criteria> 15937 </definition> 15938 <definition id="oval:org.opensuse.security:def:20102521" version="1" class="vulnerability"> 15939 <metadata> 15940 <title>CVE-2010-2521</title> 15941 <affected family="unix"> 15942 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15943 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15944 </affected> 15945 <reference ref_id="CVE-2010-2521" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2521" source="CVE"/> 15946 <description> 15947 Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel before 2.6.34-rc6 allow remote attackers to cause a denial of service (panic) or possibly execute arbitrary code via a crafted NFSv4 compound WRITE request, related to the read_buf and nfsd4_decode_compound functions. 15948 </description> 15949 </metadata> 15950 <criteria operator="OR"> 15951 <!-- 1c1d30cf9b3bc83062b6206fa78832a8 --> 15952 <criteria operator="AND"> 15953 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15954 <criteria operator="OR"> 15955 <criterion test_ref="oval:org.opensuse.security:tst:2009062208" comment="kernel-bigsmp less than 2.6.16.60-0.68.1"/> 15956 <criterion test_ref="oval:org.opensuse.security:tst:2009062209" comment="kernel-default less than 2.6.16.60-0.68.1"/> 15957 <criterion test_ref="oval:org.opensuse.security:tst:2009062210" comment="kernel-smp less than 2.6.16.60-0.68.1"/> 15958 <criterion test_ref="oval:org.opensuse.security:tst:2009062211" comment="kernel-source less than 2.6.16.60-0.68.1"/> 15959 <criterion test_ref="oval:org.opensuse.security:tst:2009062212" comment="kernel-syms less than 2.6.16.60-0.68.1"/> 15960 <criterion test_ref="oval:org.opensuse.security:tst:2009062213" comment="kernel-xen less than 2.6.16.60-0.68.1"/> 15961 <criterion test_ref="oval:org.opensuse.security:tst:2009062214" comment="kernel-xenpae less than 2.6.16.60-0.68.1"/> 15962 </criteria> 15963 </criteria> 15964 <!-- 230218bf314de48afa7d4578b047bc67 --> 15965 <criteria operator="AND"> 15966 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15967 <criteria operator="OR"> 15968 <criterion test_ref="oval:org.opensuse.security:tst:2009062209" comment="kernel-default less than 2.6.16.60-0.68.1"/> 15969 <criterion test_ref="oval:org.opensuse.security:tst:2009062210" comment="kernel-smp less than 2.6.16.60-0.68.1"/> 15970 <criterion test_ref="oval:org.opensuse.security:tst:2009062211" comment="kernel-source less than 2.6.16.60-0.68.1"/> 15971 <criterion test_ref="oval:org.opensuse.security:tst:2009062212" comment="kernel-syms less than 2.6.16.60-0.68.1"/> 15972 <criterion test_ref="oval:org.opensuse.security:tst:2009062213" comment="kernel-xen less than 2.6.16.60-0.68.1"/> 15973 </criteria> 15974 </criteria> 15975 </criteria> 15976 </definition> 15977 <definition id="oval:org.opensuse.security:def:20102527" version="1" class="vulnerability"> 15978 <metadata> 15979 <title>CVE-2010-2527</title> 15980 <affected family="unix"> 15981 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 15982 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 15983 </affected> 15984 <reference ref_id="CVE-2010-2527" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2527" source="CVE"/> 15985 <description> 15986 Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. 15987 </description> 15988 </metadata> 15989 <!-- 0f5e12625ac6384954079609270ebf9e --> 15990 <criteria operator="AND"> 15991 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 15992 <criteria operator="OR"> 15993 <criterion test_ref="oval:org.opensuse.security:tst:2009062154" comment="freetype2-32bit less than 2.1.10-18.22.1"/> 15994 <criterion test_ref="oval:org.opensuse.security:tst:2009062155" comment="freetype2-devel-32bit less than 2.1.10-18.22.1"/> 15995 <criterion test_ref="oval:org.opensuse.security:tst:2009062156" comment="freetype2-devel less than 2.1.10-18.22.1"/> 15996 <criterion test_ref="oval:org.opensuse.security:tst:2009062157" comment="freetype2 less than 2.1.10-18.22.1"/> 15997 </criteria> 15998 </criteria> 15999 </definition> 16000 <definition id="oval:org.opensuse.security:def:20102541" version="1" class="vulnerability"> 16001 <metadata> 16002 <title>CVE-2010-2541</title> 16003 <affected family="unix"> 16004 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16005 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16006 </affected> 16007 <reference ref_id="CVE-2010-2541" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2541" source="CVE"/> 16008 <description> 16009 Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. 16010 </description> 16011 </metadata> 16012 <!-- 0f5e12625ac6384954079609270ebf9e --> 16013 <criteria operator="AND"> 16014 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16015 <criteria operator="OR"> 16016 <criterion test_ref="oval:org.opensuse.security:tst:2009062154" comment="freetype2-32bit less than 2.1.10-18.22.1"/> 16017 <criterion test_ref="oval:org.opensuse.security:tst:2009062155" comment="freetype2-devel-32bit less than 2.1.10-18.22.1"/> 16018 <criterion test_ref="oval:org.opensuse.security:tst:2009062156" comment="freetype2-devel less than 2.1.10-18.22.1"/> 16019 <criterion test_ref="oval:org.opensuse.security:tst:2009062157" comment="freetype2 less than 2.1.10-18.22.1"/> 16020 </criteria> 16021 </criteria> 16022 </definition> 16023 <definition id="oval:org.opensuse.security:def:20102547" version="1" class="vulnerability"> 16024 <metadata> 16025 <title>CVE-2010-2547</title> 16026 <affected family="unix"> 16027 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16028 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16029 </affected> 16030 <reference ref_id="CVE-2010-2547" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2547" source="CVE"/> 16031 <description> 16032 Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not properly handled in a realloc operation when importing the certificate or verifying its signature. 16033 </description> 16034 </metadata> 16035 <!-- 43be6b4ccd31b0dd00d0838b3b5792f3 --> 16036 <criteria operator="AND"> 16037 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16038 <criterion test_ref="oval:org.opensuse.security:tst:2009061960" comment="gpg2 less than 1.9.18-17.21.1"/> 16039 </criteria> 16040 </definition> 16041 <definition id="oval:org.opensuse.security:def:20102640" version="1" class="vulnerability"> 16042 <metadata> 16043 <title>CVE-2010-2640</title> 16044 <affected family="unix"> 16045 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16046 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16047 </affected> 16048 <reference ref_id="CVE-2010-2640" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2640" source="CVE"/> 16049 <description> 16050 Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer. 16051 </description> 16052 </metadata> 16053 <!-- 18eb91dcadeb46f14626af7001412509 --> 16054 <criteria operator="AND"> 16055 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16056 <criterion test_ref="oval:org.opensuse.security:tst:2009070745" comment="evince less than 0.4.0-25.13.4"/> 16057 </criteria> 16058 </definition> 16059 <definition id="oval:org.opensuse.security:def:20102641" version="1" class="vulnerability"> 16060 <metadata> 16061 <title>CVE-2010-2641</title> 16062 <affected family="unix"> 16063 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16064 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16065 </affected> 16066 <reference ref_id="CVE-2010-2641" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2641" source="CVE"/> 16067 <description> 16068 Array index error in the VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer. 16069 </description> 16070 </metadata> 16071 <!-- 18eb91dcadeb46f14626af7001412509 --> 16072 <criteria operator="AND"> 16073 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16074 <criterion test_ref="oval:org.opensuse.security:tst:2009070745" comment="evince less than 0.4.0-25.13.4"/> 16075 </criteria> 16076 </definition> 16077 <definition id="oval:org.opensuse.security:def:20102642" version="1" class="vulnerability"> 16078 <metadata> 16079 <title>CVE-2010-2642</title> 16080 <affected family="unix"> 16081 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16082 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16083 </affected> 16084 <reference ref_id="CVE-2010-2642" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642" source="CVE"/> 16085 <description> 16086 Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer. 16087 </description> 16088 </metadata> 16089 <!-- 18eb91dcadeb46f14626af7001412509 --> 16090 <criteria operator="AND"> 16091 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16092 <criterion test_ref="oval:org.opensuse.security:tst:2009070745" comment="evince less than 0.4.0-25.13.4"/> 16093 </criteria> 16094 </definition> 16095 <definition id="oval:org.opensuse.security:def:20102643" version="1" class="vulnerability"> 16096 <metadata> 16097 <title>CVE-2010-2643</title> 16098 <affected family="unix"> 16099 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16100 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16101 </affected> 16102 <reference ref_id="CVE-2010-2643" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2643" source="CVE"/> 16103 <description> 16104 Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer. 16105 </description> 16106 </metadata> 16107 <!-- 18eb91dcadeb46f14626af7001412509 --> 16108 <criteria operator="AND"> 16109 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16110 <criterion test_ref="oval:org.opensuse.security:tst:2009070745" comment="evince less than 0.4.0-25.13.4"/> 16111 </criteria> 16112 </definition> 16113 <definition id="oval:org.opensuse.security:def:20102751" version="1" class="vulnerability"> 16114 <metadata> 16115 <title>CVE-2010-2751</title> 16116 <affected family="unix"> 16117 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16118 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16119 </affected> 16120 <reference ref_id="CVE-2010-2751" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2751" source="CVE"/> 16121 <description> 16122 The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to spoof the SSL security status of a document via vectors involving multiple requests, a redirect, and the history.back and history.forward JavaScript functions. 16123 </description> 16124 </metadata> 16125 <!-- 8b35218d04ea0b2f8a4fa600f61c669c --> 16126 <criteria operator="AND"> 16127 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16128 <criteria operator="OR"> 16129 <criterion test_ref="oval:org.opensuse.security:tst:2009061842" comment="MozillaFirefox-translations less than 3.5.11-0.4.1"/> 16130 <criterion test_ref="oval:org.opensuse.security:tst:2009061843" comment="MozillaFirefox less than 3.5.11-0.4.1"/> 16131 <criterion test_ref="oval:org.opensuse.security:tst:2009061844" comment="mozilla-xulrunner191-32bit less than 1.9.1.11-0.4.1"/> 16132 <criterion test_ref="oval:org.opensuse.security:tst:2009061845" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.11-0.4.1"/> 16133 <criterion test_ref="oval:org.opensuse.security:tst:2009061846" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.11-0.4.1"/> 16134 <criterion test_ref="oval:org.opensuse.security:tst:2009061847" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.11-0.4.1"/> 16135 <criterion test_ref="oval:org.opensuse.security:tst:2009061848" comment="mozilla-xulrunner191-translations less than 1.9.1.11-0.4.1"/> 16136 <criterion test_ref="oval:org.opensuse.security:tst:2009061849" comment="mozilla-xulrunner191 less than 1.9.1.11-0.4.1"/> 16137 </criteria> 16138 </criteria> 16139 </definition> 16140 <definition id="oval:org.opensuse.security:def:20102752" version="1" class="vulnerability"> 16141 <metadata> 16142 <title>CVE-2010-2752</title> 16143 <affected family="unix"> 16144 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16145 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16146 </affected> 16147 <reference ref_id="CVE-2010-2752" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2752" source="CVE"/> 16148 <description> 16149 Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) values in an array, related to references to external font resources and an inconsistency between 16-bit and 32-bit integers. 16150 </description> 16151 </metadata> 16152 <!-- 8b35218d04ea0b2f8a4fa600f61c669c --> 16153 <criteria operator="AND"> 16154 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16155 <criteria operator="OR"> 16156 <criterion test_ref="oval:org.opensuse.security:tst:2009061842" comment="MozillaFirefox-translations less than 3.5.11-0.4.1"/> 16157 <criterion test_ref="oval:org.opensuse.security:tst:2009061843" comment="MozillaFirefox less than 3.5.11-0.4.1"/> 16158 <criterion test_ref="oval:org.opensuse.security:tst:2009061844" comment="mozilla-xulrunner191-32bit less than 1.9.1.11-0.4.1"/> 16159 <criterion test_ref="oval:org.opensuse.security:tst:2009061845" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.11-0.4.1"/> 16160 <criterion test_ref="oval:org.opensuse.security:tst:2009061846" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.11-0.4.1"/> 16161 <criterion test_ref="oval:org.opensuse.security:tst:2009061847" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.11-0.4.1"/> 16162 <criterion test_ref="oval:org.opensuse.security:tst:2009061848" comment="mozilla-xulrunner191-translations less than 1.9.1.11-0.4.1"/> 16163 <criterion test_ref="oval:org.opensuse.security:tst:2009061849" comment="mozilla-xulrunner191 less than 1.9.1.11-0.4.1"/> 16164 </criteria> 16165 </criteria> 16166 </definition> 16167 <definition id="oval:org.opensuse.security:def:20102753" version="1" class="vulnerability"> 16168 <metadata> 16169 <title>CVE-2010-2753</title> 16170 <affected family="unix"> 16171 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16172 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16173 </affected> 16174 <reference ref_id="CVE-2010-2753" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2753" source="CVE"/> 16175 <description> 16176 Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-free. 16177 </description> 16178 </metadata> 16179 <criteria operator="OR"> 16180 <!-- 8b35218d04ea0b2f8a4fa600f61c669c --> 16181 <criteria operator="AND"> 16182 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16183 <criteria operator="OR"> 16184 <criterion test_ref="oval:org.opensuse.security:tst:2009061842" comment="MozillaFirefox-translations less than 3.5.11-0.4.1"/> 16185 <criterion test_ref="oval:org.opensuse.security:tst:2009061843" comment="MozillaFirefox less than 3.5.11-0.4.1"/> 16186 <criterion test_ref="oval:org.opensuse.security:tst:2009061844" comment="mozilla-xulrunner191-32bit less than 1.9.1.11-0.4.1"/> 16187 <criterion test_ref="oval:org.opensuse.security:tst:2009061845" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.11-0.4.1"/> 16188 <criterion test_ref="oval:org.opensuse.security:tst:2009061846" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.11-0.4.1"/> 16189 <criterion test_ref="oval:org.opensuse.security:tst:2009061847" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.11-0.4.1"/> 16190 <criterion test_ref="oval:org.opensuse.security:tst:2009061848" comment="mozilla-xulrunner191-translations less than 1.9.1.11-0.4.1"/> 16191 <criterion test_ref="oval:org.opensuse.security:tst:2009061849" comment="mozilla-xulrunner191 less than 1.9.1.11-0.4.1"/> 16192 </criteria> 16193 </criteria> 16194 <!-- ae6e95010633fc3aaeda46196d97e650 --> 16195 <criteria operator="AND"> 16196 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16197 <criteria operator="OR"> 16198 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 16199 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 16200 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 16201 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 16202 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 16203 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 16204 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 16205 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 16206 </criteria> 16207 </criteria> 16208 </criteria> 16209 </definition> 16210 <definition id="oval:org.opensuse.security:def:20102754" version="1" class="vulnerability"> 16211 <metadata> 16212 <title>CVE-2010-2754</title> 16213 <affected family="unix"> 16214 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16215 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16216 </affected> 16217 <reference ref_id="CVE-2010-2754" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2754" source="CVE"/> 16218 <description> 16219 dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler. 16220 </description> 16221 </metadata> 16222 <!-- 8b35218d04ea0b2f8a4fa600f61c669c --> 16223 <criteria operator="AND"> 16224 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16225 <criteria operator="OR"> 16226 <criterion test_ref="oval:org.opensuse.security:tst:2009061842" comment="MozillaFirefox-translations less than 3.5.11-0.4.1"/> 16227 <criterion test_ref="oval:org.opensuse.security:tst:2009061843" comment="MozillaFirefox less than 3.5.11-0.4.1"/> 16228 <criterion test_ref="oval:org.opensuse.security:tst:2009061844" comment="mozilla-xulrunner191-32bit less than 1.9.1.11-0.4.1"/> 16229 <criterion test_ref="oval:org.opensuse.security:tst:2009061845" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.11-0.4.1"/> 16230 <criterion test_ref="oval:org.opensuse.security:tst:2009061846" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.11-0.4.1"/> 16231 <criterion test_ref="oval:org.opensuse.security:tst:2009061847" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.11-0.4.1"/> 16232 <criterion test_ref="oval:org.opensuse.security:tst:2009061848" comment="mozilla-xulrunner191-translations less than 1.9.1.11-0.4.1"/> 16233 <criterion test_ref="oval:org.opensuse.security:tst:2009061849" comment="mozilla-xulrunner191 less than 1.9.1.11-0.4.1"/> 16234 </criteria> 16235 </criteria> 16236 </definition> 16237 <definition id="oval:org.opensuse.security:def:20102760" version="1" class="vulnerability"> 16238 <metadata> 16239 <title>CVE-2010-2760</title> 16240 <affected family="unix"> 16241 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16242 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16243 </affected> 16244 <reference ref_id="CVE-2010-2760" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2760" source="CVE"/> 16245 <description> 16246 Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via vectors involving a XUL tree selection, related to a "dangling pointer vulnerability." NOTE: this issue exists because of an incomplete fix for CVE-2010-2753. 16247 </description> 16248 </metadata> 16249 <!-- ae6e95010633fc3aaeda46196d97e650 --> 16250 <criteria operator="AND"> 16251 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16252 <criteria operator="OR"> 16253 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 16254 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 16255 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 16256 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 16257 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 16258 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 16259 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 16260 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 16261 </criteria> 16262 </criteria> 16263 </definition> 16264 <definition id="oval:org.opensuse.security:def:20102761" version="1" class="vulnerability"> 16265 <metadata> 16266 <title>CVE-2010-2761</title> 16267 <affected family="unix"> 16268 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16269 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16270 </affected> 16271 <reference ref_id="CVE-2010-2761" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2761" source="CVE"/> 16272 <description> 16273 The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input that contains this value, a different vulnerability than CVE-2010-3172. 16274 </description> 16275 </metadata> 16276 <!-- aa08850f4b8bd72b4cd28674c6bdf3d6 --> 16277 <criteria operator="AND"> 16278 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16279 <criteria operator="OR"> 16280 <criterion test_ref="oval:org.opensuse.security:tst:2009065606" comment="perl-32bit less than 5.8.8-14.17.15"/> 16281 <criterion test_ref="oval:org.opensuse.security:tst:2009065607" comment="perl less than 5.8.8-14.17.15"/> 16282 </criteria> 16283 </criteria> 16284 </definition> 16285 <definition id="oval:org.opensuse.security:def:20102762" version="1" class="vulnerability"> 16286 <metadata> 16287 <title>CVE-2010-2762</title> 16288 <affected family="unix"> 16289 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16290 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16291 </affected> 16292 <reference ref_id="CVE-2010-2762" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2762" source="CVE"/> 16293 <description> 16294 The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox 3.6.x before 3.6.9 and Thunderbird 3.1.x before 3.1.3 does not properly restrict objects at the end of scope chains, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to a chrome privileged object and a chain ending in an outer object. 16295 </description> 16296 </metadata> 16297 <!-- ae6e95010633fc3aaeda46196d97e650 --> 16298 <criteria operator="AND"> 16299 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16300 <criteria operator="OR"> 16301 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 16302 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 16303 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 16304 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 16305 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 16306 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 16307 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 16308 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 16309 </criteria> 16310 </criteria> 16311 </definition> 16312 <definition id="oval:org.opensuse.security:def:20102763" version="1" class="vulnerability"> 16313 <metadata> 16314 <title>CVE-2010-2763</title> 16315 <affected family="unix"> 16316 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16317 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16318 </affected> 16319 <reference ref_id="CVE-2010-2763" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2763" source="CVE"/> 16320 <description> 16321 The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox before 3.5.12, Thunderbird before 3.0.7, and SeaMonkey before 2.0.7 does not properly restrict scripted functions, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted function. 16322 </description> 16323 </metadata> 16324 <!-- ae6e95010633fc3aaeda46196d97e650 --> 16325 <criteria operator="AND"> 16326 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16327 <criteria operator="OR"> 16328 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 16329 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 16330 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 16331 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 16332 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 16333 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 16334 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 16335 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 16336 </criteria> 16337 </criteria> 16338 </definition> 16339 <definition id="oval:org.opensuse.security:def:20102764" version="1" class="vulnerability"> 16340 <metadata> 16341 <title>CVE-2010-2764</title> 16342 <affected family="unix"> 16343 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16344 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16345 </affected> 16346 <reference ref_id="CVE-2010-2764" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2764" source="CVE"/> 16347 <description> 16348 Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests. 16349 </description> 16350 </metadata> 16351 <!-- ae6e95010633fc3aaeda46196d97e650 --> 16352 <criteria operator="AND"> 16353 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16354 <criteria operator="OR"> 16355 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 16356 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 16357 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 16358 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 16359 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 16360 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 16361 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 16362 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 16363 </criteria> 16364 </criteria> 16365 </definition> 16366 <definition id="oval:org.opensuse.security:def:20102765" version="1" class="vulnerability"> 16367 <metadata> 16368 <title>CVE-2010-2765</title> 16369 <affected family="unix"> 16370 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16371 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16372 </affected> 16373 <reference ref_id="CVE-2010-2765" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2765" source="CVE"/> 16374 <description> 16375 Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a large number of values in the cols (aka columns) attribute, leading to a heap-based buffer overflow. 16376 </description> 16377 </metadata> 16378 <!-- ae6e95010633fc3aaeda46196d97e650 --> 16379 <criteria operator="AND"> 16380 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16381 <criteria operator="OR"> 16382 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 16383 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 16384 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 16385 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 16386 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 16387 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 16388 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 16389 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 16390 </criteria> 16391 </criteria> 16392 </definition> 16393 <definition id="oval:org.opensuse.security:def:20102766" version="1" class="vulnerability"> 16394 <metadata> 16395 <title>CVE-2010-2766</title> 16396 <affected family="unix"> 16397 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16398 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16399 </affected> 16400 <reference ref_id="CVE-2010-2766" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2766" source="CVE"/> 16401 <description> 16402 The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code via vectors involving access to a deleted object. 16403 </description> 16404 </metadata> 16405 <!-- ae6e95010633fc3aaeda46196d97e650 --> 16406 <criteria operator="AND"> 16407 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16408 <criteria operator="OR"> 16409 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 16410 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 16411 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 16412 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 16413 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 16414 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 16415 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 16416 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 16417 </criteria> 16418 </criteria> 16419 </definition> 16420 <definition id="oval:org.opensuse.security:def:20102767" version="1" class="vulnerability"> 16421 <metadata> 16422 <title>CVE-2010-2767</title> 16423 <affected family="unix"> 16424 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16425 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16426 </affected> 16427 <reference ref_id="CVE-2010-2767" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2767" source="CVE"/> 16428 <description> 16429 The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted access to the navigator object, related to a "dangling pointer vulnerability." 16430 </description> 16431 </metadata> 16432 <!-- ae6e95010633fc3aaeda46196d97e650 --> 16433 <criteria operator="AND"> 16434 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16435 <criteria operator="OR"> 16436 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 16437 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 16438 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 16439 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 16440 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 16441 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 16442 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 16443 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 16444 </criteria> 16445 </criteria> 16446 </definition> 16447 <definition id="oval:org.opensuse.security:def:20102768" version="1" class="vulnerability"> 16448 <metadata> 16449 <title>CVE-2010-2768</title> 16450 <affected family="unix"> 16451 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16452 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16453 </affected> 16454 <reference ref_id="CVE-2010-2768" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2768" source="CVE"/> 16455 <description> 16456 Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict use of the type attribute of an OBJECT element to set a document's charset, which allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms via UTF-7 encoding. 16457 </description> 16458 </metadata> 16459 <!-- ae6e95010633fc3aaeda46196d97e650 --> 16460 <criteria operator="AND"> 16461 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16462 <criteria operator="OR"> 16463 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 16464 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 16465 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 16466 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 16467 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 16468 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 16469 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 16470 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 16471 </criteria> 16472 </criteria> 16473 </definition> 16474 <definition id="oval:org.opensuse.security:def:20102769" version="1" class="vulnerability"> 16475 <metadata> 16476 <title>CVE-2010-2769</title> 16477 <affected family="unix"> 16478 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16479 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16480 </affected> 16481 <reference ref_id="CVE-2010-2769" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2769" source="CVE"/> 16482 <description> 16483 Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML via a selection that is added to a document in which the designMode property is enabled. 16484 </description> 16485 </metadata> 16486 <!-- ae6e95010633fc3aaeda46196d97e650 --> 16487 <criteria operator="AND"> 16488 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16489 <criteria operator="OR"> 16490 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 16491 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 16492 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 16493 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 16494 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 16495 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 16496 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 16497 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 16498 </criteria> 16499 </criteria> 16500 </definition> 16501 <definition id="oval:org.opensuse.security:def:20102770" version="1" class="vulnerability"> 16502 <metadata> 16503 <title>CVE-2010-2770</title> 16504 <affected family="unix"> 16505 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16506 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16507 </affected> 16508 <reference ref_id="CVE-2010-2770" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2770" source="CVE"/> 16509 <description> 16510 Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 on Mac OS X allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted font in a data: URL. 16511 </description> 16512 </metadata> 16513 <!-- ae6e95010633fc3aaeda46196d97e650 --> 16514 <criteria operator="AND"> 16515 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16516 <criteria operator="OR"> 16517 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 16518 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 16519 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 16520 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 16521 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 16522 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 16523 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 16524 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 16525 </criteria> 16526 </criteria> 16527 </definition> 16528 <definition id="oval:org.opensuse.security:def:20102799" version="1" class="vulnerability"> 16529 <metadata> 16530 <title>CVE-2010-2799</title> 16531 <affected family="unix"> 16532 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 16533 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 16534 </affected> 16535 <reference ref_id="CVE-2010-2799" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2799" source="CVE"/> 16536 <description> 16537 Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay is enabled, allows context-dependent attackers to execute arbitrary code via long command-line arguments. 16538 </description> 16539 </metadata> 16540 <!-- 26d6956b5e38b37b8fb00575dde970ba --> 16541 <criteria operator="AND"> 16542 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 16543 <criterion test_ref="oval:org.opensuse.security:tst:2009074797" comment="socat less than 1.7.0.0-1.10.1"/> 16544 </criteria> 16545 </definition> 16546 <definition id="oval:org.opensuse.security:def:20102805" version="1" class="vulnerability"> 16547 <metadata> 16548 <title>CVE-2010-2805</title> 16549 <affected family="unix"> 16550 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16551 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16552 </affected> 16553 <reference ref_id="CVE-2010-2805" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2805" source="CVE"/> 16554 <description> 16555 The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. 16556 </description> 16557 </metadata> 16558 <!-- 0f5e12625ac6384954079609270ebf9e --> 16559 <criteria operator="AND"> 16560 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16561 <criteria operator="OR"> 16562 <criterion test_ref="oval:org.opensuse.security:tst:2009062154" comment="freetype2-32bit less than 2.1.10-18.22.1"/> 16563 <criterion test_ref="oval:org.opensuse.security:tst:2009062155" comment="freetype2-devel-32bit less than 2.1.10-18.22.1"/> 16564 <criterion test_ref="oval:org.opensuse.security:tst:2009062156" comment="freetype2-devel less than 2.1.10-18.22.1"/> 16565 <criterion test_ref="oval:org.opensuse.security:tst:2009062157" comment="freetype2 less than 2.1.10-18.22.1"/> 16566 </criteria> 16567 </criteria> 16568 </definition> 16569 <definition id="oval:org.opensuse.security:def:20102806" version="1" class="vulnerability"> 16570 <metadata> 16571 <title>CVE-2010-2806</title> 16572 <affected family="unix"> 16573 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16574 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16575 </affected> 16576 <reference ref_id="CVE-2010-2806" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2806" source="CVE"/> 16577 <description> 16578 Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow. 16579 </description> 16580 </metadata> 16581 <!-- 0f5e12625ac6384954079609270ebf9e --> 16582 <criteria operator="AND"> 16583 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16584 <criteria operator="OR"> 16585 <criterion test_ref="oval:org.opensuse.security:tst:2009062154" comment="freetype2-32bit less than 2.1.10-18.22.1"/> 16586 <criterion test_ref="oval:org.opensuse.security:tst:2009062155" comment="freetype2-devel-32bit less than 2.1.10-18.22.1"/> 16587 <criterion test_ref="oval:org.opensuse.security:tst:2009062156" comment="freetype2-devel less than 2.1.10-18.22.1"/> 16588 <criterion test_ref="oval:org.opensuse.security:tst:2009062157" comment="freetype2 less than 2.1.10-18.22.1"/> 16589 </criteria> 16590 </criteria> 16591 </definition> 16592 <definition id="oval:org.opensuse.security:def:20102807" version="1" class="vulnerability"> 16593 <metadata> 16594 <title>CVE-2010-2807</title> 16595 <affected family="unix"> 16596 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16597 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16598 </affected> 16599 <reference ref_id="CVE-2010-2807" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2807" source="CVE"/> 16600 <description> 16601 FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. 16602 </description> 16603 </metadata> 16604 <!-- 0f5e12625ac6384954079609270ebf9e --> 16605 <criteria operator="AND"> 16606 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16607 <criteria operator="OR"> 16608 <criterion test_ref="oval:org.opensuse.security:tst:2009062154" comment="freetype2-32bit less than 2.1.10-18.22.1"/> 16609 <criterion test_ref="oval:org.opensuse.security:tst:2009062155" comment="freetype2-devel-32bit less than 2.1.10-18.22.1"/> 16610 <criterion test_ref="oval:org.opensuse.security:tst:2009062156" comment="freetype2-devel less than 2.1.10-18.22.1"/> 16611 <criterion test_ref="oval:org.opensuse.security:tst:2009062157" comment="freetype2 less than 2.1.10-18.22.1"/> 16612 </criteria> 16613 </criteria> 16614 </definition> 16615 <definition id="oval:org.opensuse.security:def:20102808" version="1" class="vulnerability"> 16616 <metadata> 16617 <title>CVE-2010-2808</title> 16618 <affected family="unix"> 16619 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16620 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16621 </affected> 16622 <reference ref_id="CVE-2010-2808" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2808" source="CVE"/> 16623 <description> 16624 Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font. 16625 </description> 16626 </metadata> 16627 <!-- 0f5e12625ac6384954079609270ebf9e --> 16628 <criteria operator="AND"> 16629 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16630 <criteria operator="OR"> 16631 <criterion test_ref="oval:org.opensuse.security:tst:2009062154" comment="freetype2-32bit less than 2.1.10-18.22.1"/> 16632 <criterion test_ref="oval:org.opensuse.security:tst:2009062155" comment="freetype2-devel-32bit less than 2.1.10-18.22.1"/> 16633 <criterion test_ref="oval:org.opensuse.security:tst:2009062156" comment="freetype2-devel less than 2.1.10-18.22.1"/> 16634 <criterion test_ref="oval:org.opensuse.security:tst:2009062157" comment="freetype2 less than 2.1.10-18.22.1"/> 16635 </criteria> 16636 </criteria> 16637 </definition> 16638 <definition id="oval:org.opensuse.security:def:20102862" version="1" class="vulnerability"> 16639 <metadata> 16640 <title>CVE-2010-2862</title> 16641 <affected family="unix"> 16642 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16643 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16644 </affected> 16645 <reference ref_id="CVE-2010-2862" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2862" source="CVE"/> 16646 <description> 16647 Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a TrueType font with a large maxCompositePoints value in a Maximum Profile (maxp) table. 16648 </description> 16649 </metadata> 16650 <criteria operator="OR"> 16651 <!-- 0dc88ee261caadcb967f90fbfd30e7f2 --> 16652 <criteria operator="AND"> 16653 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16654 <criteria operator="OR"> 16655 <criterion test_ref="oval:org.opensuse.security:tst:2009062195" comment="acroread-cmaps less than 9.3.4-0.5.1"/> 16656 <criterion test_ref="oval:org.opensuse.security:tst:2009062196" comment="acroread-fonts-ja less than 9.3.4-0.5.1"/> 16657 <criterion test_ref="oval:org.opensuse.security:tst:2009062197" comment="acroread-fonts-ko less than 9.3.4-0.5.1"/> 16658 <criterion test_ref="oval:org.opensuse.security:tst:2009062198" comment="acroread-fonts-zh_CN less than 9.3.4-0.5.1"/> 16659 <criterion test_ref="oval:org.opensuse.security:tst:2009062199" comment="acroread-fonts-zh_TW less than 9.3.4-0.5.1"/> 16660 <criterion test_ref="oval:org.opensuse.security:tst:2009062200" comment="acroread less than 9.3.4-0.5.1"/> 16661 </criteria> 16662 </criteria> 16663 <!-- 8d6734b9845d252567cc853032034436 --> 16664 <criteria operator="AND"> 16665 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16666 <criterion test_ref="oval:org.opensuse.security:tst:2009062201" comment="acroread_ja less than 9.3.4-0.4.1"/> 16667 </criteria> 16668 </criteria> 16669 </definition> 16670 <definition id="oval:org.opensuse.security:def:20102883" version="1" class="vulnerability"> 16671 <metadata> 16672 <title>CVE-2010-2883</title> 16673 <affected family="unix"> 16674 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16675 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16676 </affected> 16677 <reference ref_id="CVE-2010-2883" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2883" source="CVE"/> 16678 <description> 16679 Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information. 16680 </description> 16681 </metadata> 16682 <criteria operator="OR"> 16683 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 16684 <criteria operator="AND"> 16685 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16686 <criteria operator="OR"> 16687 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 16688 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 16689 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 16690 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 16691 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 16692 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 16693 </criteria> 16694 </criteria> 16695 <!-- c98bea71d14572098aa8cbba15453e6e --> 16696 <criteria operator="AND"> 16697 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16698 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 16699 </criteria> 16700 </criteria> 16701 </definition> 16702 <definition id="oval:org.opensuse.security:def:20102884" version="1" class="vulnerability"> 16703 <metadata> 16704 <title>CVE-2010-2884</title> 16705 <affected family="unix"> 16706 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16707 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16708 </affected> 16709 <reference ref_id="CVE-2010-2884" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884" source="CVE"/> 16710 <description> 16711 Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010. 16712 </description> 16713 </metadata> 16714 <criteria operator="OR"> 16715 <!-- 634486b868d5f248bbd71985405ecbd2 --> 16716 <criteria operator="AND"> 16717 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16718 <criterion test_ref="oval:org.opensuse.security:tst:2009063019" comment="flash-player less than 9.0.283.0-0.4.1"/> 16719 </criteria> 16720 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 16721 <criteria operator="AND"> 16722 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16723 <criteria operator="OR"> 16724 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 16725 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 16726 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 16727 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 16728 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 16729 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 16730 </criteria> 16731 </criteria> 16732 <!-- c98bea71d14572098aa8cbba15453e6e --> 16733 <criteria operator="AND"> 16734 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16735 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 16736 </criteria> 16737 </criteria> 16738 </definition> 16739 <definition id="oval:org.opensuse.security:def:20102887" version="1" class="vulnerability"> 16740 <metadata> 16741 <title>CVE-2010-2887</title> 16742 <affected family="unix"> 16743 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16744 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16745 </affected> 16746 <reference ref_id="CVE-2010-2887" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2887" source="CVE"/> 16747 <description> 16748 Multiple unspecified vulnerabilities in Adobe Reader and Acrobat 9.x before 9.4 on Linux allow attackers to gain privileges via unknown vectors. 16749 </description> 16750 </metadata> 16751 <criteria operator="OR"> 16752 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 16753 <criteria operator="AND"> 16754 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16755 <criteria operator="OR"> 16756 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 16757 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 16758 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 16759 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 16760 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 16761 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 16762 </criteria> 16763 </criteria> 16764 <!-- c98bea71d14572098aa8cbba15453e6e --> 16765 <criteria operator="AND"> 16766 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16767 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 16768 </criteria> 16769 </criteria> 16770 </definition> 16771 <definition id="oval:org.opensuse.security:def:20102889" version="1" class="vulnerability"> 16772 <metadata> 16773 <title>CVE-2010-2889</title> 16774 <affected family="unix"> 16775 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16776 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16777 </affected> 16778 <reference ref_id="CVE-2010-2889" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2889" source="CVE"/> 16779 <description> 16780 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted font, a different vulnerability than CVE-2010-3626. 16781 </description> 16782 </metadata> 16783 <criteria operator="OR"> 16784 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 16785 <criteria operator="AND"> 16786 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16787 <criteria operator="OR"> 16788 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 16789 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 16790 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 16791 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 16792 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 16793 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 16794 </criteria> 16795 </criteria> 16796 <!-- c98bea71d14572098aa8cbba15453e6e --> 16797 <criteria operator="AND"> 16798 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16799 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 16800 </criteria> 16801 </criteria> 16802 </definition> 16803 <definition id="oval:org.opensuse.security:def:20102890" version="1" class="vulnerability"> 16804 <metadata> 16805 <title>CVE-2010-2890</title> 16806 <affected family="unix"> 16807 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16808 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16809 </affected> 16810 <reference ref_id="CVE-2010-2890" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2890" source="CVE"/> 16811 <description> 16812 Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658. 16813 </description> 16814 </metadata> 16815 <criteria operator="OR"> 16816 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 16817 <criteria operator="AND"> 16818 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16819 <criteria operator="OR"> 16820 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 16821 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 16822 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 16823 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 16824 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 16825 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 16826 </criteria> 16827 </criteria> 16828 <!-- c98bea71d14572098aa8cbba15453e6e --> 16829 <criteria operator="AND"> 16830 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16831 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 16832 </criteria> 16833 </criteria> 16834 </definition> 16835 <definition id="oval:org.opensuse.security:def:20102935" version="1" class="vulnerability"> 16836 <metadata> 16837 <title>CVE-2010-2935</title> 16838 <affected family="unix"> 16839 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16840 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16841 </affected> 16842 <reference ref_id="CVE-2010-2935" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2935" source="CVE"/> 16843 <description> 16844 simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an "integer truncation error." 16845 </description> 16846 </metadata> 16847 <criteria operator="OR"> 16848 <!-- 20a43a6236ae3ea36fc8d8e3dabff428 --> 16849 <criteria operator="AND"> 16850 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16851 <criteria operator="OR"> 16852 <criterion test_ref="oval:org.opensuse.security:tst:2009063582" comment="OpenOffice_org-af less than 3.2.1-0.5.1"/> 16853 <criterion test_ref="oval:org.opensuse.security:tst:2009063583" comment="OpenOffice_org-ar less than 3.2.1-0.5.1"/> 16854 <criterion test_ref="oval:org.opensuse.security:tst:2009063584" comment="OpenOffice_org-ca less than 3.2.1-0.5.1"/> 16855 <criterion test_ref="oval:org.opensuse.security:tst:2009063585" comment="OpenOffice_org-cs less than 3.2.1-0.5.1"/> 16856 <criterion test_ref="oval:org.opensuse.security:tst:2009063586" comment="OpenOffice_org-da less than 3.2.1-0.5.1"/> 16857 <criterion test_ref="oval:org.opensuse.security:tst:2009063587" comment="OpenOffice_org-de less than 3.2.1-0.5.1"/> 16858 <criterion test_ref="oval:org.opensuse.security:tst:2009063588" comment="OpenOffice_org-el less than 3.2.1-0.5.1"/> 16859 <criterion test_ref="oval:org.opensuse.security:tst:2009063589" comment="OpenOffice_org-en-GB less than 3.2.1-0.5.1"/> 16860 <criterion test_ref="oval:org.opensuse.security:tst:2009063590" comment="OpenOffice_org-es less than 3.2.1-0.5.1"/> 16861 <criterion test_ref="oval:org.opensuse.security:tst:2009063591" comment="OpenOffice_org-fi less than 3.2.1-0.5.1"/> 16862 <criterion test_ref="oval:org.opensuse.security:tst:2009063592" comment="OpenOffice_org-fr less than 3.2.1-0.5.1"/> 16863 <criterion test_ref="oval:org.opensuse.security:tst:2009063593" comment="OpenOffice_org-galleries less than 3.2.1-0.5.1"/> 16864 <criterion test_ref="oval:org.opensuse.security:tst:2009063594" comment="OpenOffice_org-gnome less than 3.2.1-0.5.1"/> 16865 <criterion test_ref="oval:org.opensuse.security:tst:2009063595" comment="OpenOffice_org-gu-IN less than 3.2.1-0.5.1"/> 16866 <criterion test_ref="oval:org.opensuse.security:tst:2009063596" comment="OpenOffice_org-hi-IN less than 3.2.1-0.5.1"/> 16867 <criterion test_ref="oval:org.opensuse.security:tst:2009063597" comment="OpenOffice_org-hu less than 3.2.1-0.5.1"/> 16868 <criterion test_ref="oval:org.opensuse.security:tst:2009063598" comment="OpenOffice_org-it less than 3.2.1-0.5.1"/> 16869 <criterion test_ref="oval:org.opensuse.security:tst:2009063599" comment="OpenOffice_org-ja less than 3.2.1-0.5.1"/> 16870 <criterion test_ref="oval:org.opensuse.security:tst:2009063600" comment="OpenOffice_org-kde less than 3.2.1-0.5.1"/> 16871 <criterion test_ref="oval:org.opensuse.security:tst:2009063601" comment="OpenOffice_org-ko less than 3.2.1-0.5.1"/> 16872 <criterion test_ref="oval:org.opensuse.security:tst:2009063602" comment="OpenOffice_org-mono less than 3.2.1-0.5.1"/> 16873 <criterion test_ref="oval:org.opensuse.security:tst:2009063603" comment="OpenOffice_org-nb less than 3.2.1-0.5.1"/> 16874 <criterion test_ref="oval:org.opensuse.security:tst:2009063604" comment="OpenOffice_org-nl less than 3.2.1-0.5.1"/> 16875 <criterion test_ref="oval:org.opensuse.security:tst:2009063605" comment="OpenOffice_org-nld less than 3.2.1-0.5.1"/> 16876 <criterion test_ref="oval:org.opensuse.security:tst:2009063606" comment="OpenOffice_org-nn less than 3.2.1-0.5.1"/> 16877 <criterion test_ref="oval:org.opensuse.security:tst:2009063607" comment="OpenOffice_org-pl less than 3.2.1-0.5.1"/> 16878 <criterion test_ref="oval:org.opensuse.security:tst:2009063608" comment="OpenOffice_org-pt-BR less than 3.2.1-0.5.1"/> 16879 <criterion test_ref="oval:org.opensuse.security:tst:2009063609" comment="OpenOffice_org-ru less than 3.2.1-0.5.1"/> 16880 <criterion test_ref="oval:org.opensuse.security:tst:2009063610" comment="OpenOffice_org-sk less than 3.2.1-0.5.1"/> 16881 <criterion test_ref="oval:org.opensuse.security:tst:2009063611" comment="OpenOffice_org-sv less than 3.2.1-0.5.1"/> 16882 <criterion test_ref="oval:org.opensuse.security:tst:2009063612" comment="OpenOffice_org-xh less than 3.2.1-0.5.1"/> 16883 <criterion test_ref="oval:org.opensuse.security:tst:2009063613" comment="OpenOffice_org-zh-CN less than 3.2.1-0.5.1"/> 16884 <criterion test_ref="oval:org.opensuse.security:tst:2009063614" comment="OpenOffice_org-zh-TW less than 3.2.1-0.5.1"/> 16885 <criterion test_ref="oval:org.opensuse.security:tst:2009063615" comment="OpenOffice_org-zu less than 3.2.1-0.5.1"/> 16886 <criterion test_ref="oval:org.opensuse.security:tst:2009063616" comment="OpenOffice_org less than 3.2.1-0.5.1"/> 16887 </criteria> 16888 </criteria> 16889 <!-- 620ba2655e733f37c547ce340f0bdce6 --> 16890 <criteria operator="AND"> 16891 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16892 <criteria operator="OR"> 16893 <criterion test_ref="oval:org.opensuse.security:tst:2009070746" comment="boost-32bit less than 1.33.1-17.13.2.1"/> 16894 <criterion test_ref="oval:org.opensuse.security:tst:2009070747" comment="boost less than 1.33.1-17.13.2.1"/> 16895 <criterion test_ref="oval:org.opensuse.security:tst:2009070748" comment="libreoffice-af less than 3.3.1.2-1.6.2.2"/> 16896 <criterion test_ref="oval:org.opensuse.security:tst:2009070749" comment="libreoffice-ar less than 3.3.1.2-1.6.2.2"/> 16897 <criterion test_ref="oval:org.opensuse.security:tst:2009070750" comment="libreoffice-ca less than 3.3.1.2-1.6.2.2"/> 16898 <criterion test_ref="oval:org.opensuse.security:tst:2009070751" comment="libreoffice-cs less than 3.3.1.2-1.6.2.2"/> 16899 <criterion test_ref="oval:org.opensuse.security:tst:2009070752" comment="libreoffice-da less than 3.3.1.2-1.6.2.2"/> 16900 <criterion test_ref="oval:org.opensuse.security:tst:2009070753" comment="libreoffice-de-templates less than 8.2.1-0.5.1"/> 16901 <criterion test_ref="oval:org.opensuse.security:tst:2009070754" comment="libreoffice-de less than 3.3.1.2-1.6.2.2"/> 16902 <criterion test_ref="oval:org.opensuse.security:tst:2009070755" comment="libreoffice-el less than 3.3.1.2-1.6.2.2"/> 16903 <criterion test_ref="oval:org.opensuse.security:tst:2009070756" comment="libreoffice-en-GB less than 3.3.1.2-1.6.2.2"/> 16904 <criterion test_ref="oval:org.opensuse.security:tst:2009070757" comment="libreoffice-es less than 3.3.1.2-1.6.2.2"/> 16905 <criterion test_ref="oval:org.opensuse.security:tst:2009070758" comment="libreoffice-fi less than 3.3.1.2-1.6.2.2"/> 16906 <criterion test_ref="oval:org.opensuse.security:tst:2009070759" comment="libreoffice-fr less than 3.3.1.2-1.6.2.2"/> 16907 <criterion test_ref="oval:org.opensuse.security:tst:2009070760" comment="libreoffice-galleries less than 3.3.1.2-1.6.2.2"/> 16908 <criterion test_ref="oval:org.opensuse.security:tst:2009070761" comment="libreoffice-gnome less than 3.3.1.2-1.6.2.2"/> 16909 <criterion test_ref="oval:org.opensuse.security:tst:2009070762" comment="libreoffice-gu-IN less than 3.3.1.2-1.6.2.2"/> 16910 <criterion test_ref="oval:org.opensuse.security:tst:2009070763" comment="libreoffice-hi-IN less than 3.3.1.2-1.6.2.2"/> 16911 <criterion test_ref="oval:org.opensuse.security:tst:2009070764" comment="libreoffice-hu less than 3.3.1.2-1.6.2.2"/> 16912 <criterion test_ref="oval:org.opensuse.security:tst:2009070765" comment="libreoffice-it less than 3.3.1.2-1.6.2.2"/> 16913 <criterion test_ref="oval:org.opensuse.security:tst:2009070766" comment="libreoffice-ja less than 3.3.1.2-1.6.2.2"/> 16914 <criterion test_ref="oval:org.opensuse.security:tst:2009070767" comment="libreoffice-kde less than 3.3.1.2-1.6.2.2"/> 16915 <criterion test_ref="oval:org.opensuse.security:tst:2009070768" comment="libreoffice-ko less than 3.3.1.2-1.6.2.2"/> 16916 <criterion test_ref="oval:org.opensuse.security:tst:2009070769" comment="libreoffice-mono less than 3.3.1.2-1.6.2.2"/> 16917 <criterion test_ref="oval:org.opensuse.security:tst:2009070770" comment="libreoffice-nb less than 3.3.1.2-1.6.2.2"/> 16918 <criterion test_ref="oval:org.opensuse.security:tst:2009070771" comment="libreoffice-nl less than 3.3.1.2-1.6.2.2"/> 16919 <criterion test_ref="oval:org.opensuse.security:tst:2009070772" comment="libreoffice-nn less than 3.3.1.2-1.6.2.2"/> 16920 <criterion test_ref="oval:org.opensuse.security:tst:2009070773" comment="libreoffice-pl less than 3.3.1.2-1.6.2.2"/> 16921 <criterion test_ref="oval:org.opensuse.security:tst:2009070774" comment="libreoffice-pt-BR less than 3.3.1.2-1.6.2.2"/> 16922 <criterion test_ref="oval:org.opensuse.security:tst:2009070775" comment="libreoffice-ru less than 3.3.1.2-1.6.2.2"/> 16923 <criterion test_ref="oval:org.opensuse.security:tst:2009070776" comment="libreoffice-sk less than 3.3.1.2-1.6.2.2"/> 16924 <criterion test_ref="oval:org.opensuse.security:tst:2009070777" comment="libreoffice-sv less than 3.3.1.2-1.6.2.2"/> 16925 <criterion test_ref="oval:org.opensuse.security:tst:2009070778" comment="libreoffice-xh less than 3.3.1.2-1.6.2.2"/> 16926 <criterion test_ref="oval:org.opensuse.security:tst:2009070779" comment="libreoffice-zh-CN less than 3.3.1.2-1.6.2.2"/> 16927 <criterion test_ref="oval:org.opensuse.security:tst:2009070780" comment="libreoffice-zh-TW less than 3.3.1.2-1.6.2.2"/> 16928 <criterion test_ref="oval:org.opensuse.security:tst:2009070781" comment="libreoffice-zu less than 3.3.1.2-1.6.2.2"/> 16929 <criterion test_ref="oval:org.opensuse.security:tst:2009070782" comment="libreoffice less than 3.3.1.2-1.6.2.2"/> 16930 <criterion test_ref="oval:org.opensuse.security:tst:2009070783" comment="myspell-african less than 20040727-33.3.1"/> 16931 <criterion test_ref="oval:org.opensuse.security:tst:2009070784" comment="myspell-american less than 20040623-33.3.1"/> 16932 <criterion test_ref="oval:org.opensuse.security:tst:2009070785" comment="myspell-brazilian less than 20020806-33.3.1"/> 16933 <criterion test_ref="oval:org.opensuse.security:tst:2009070786" comment="myspell-british less than 20050526-27.3.1"/> 16934 <criterion test_ref="oval:org.opensuse.security:tst:2009070787" comment="myspell-catalan less than 0.1-248.3.1"/> 16935 <criterion test_ref="oval:org.opensuse.security:tst:2009070788" comment="myspell-czech less than 20030907-59.3.1"/> 16936 <criterion test_ref="oval:org.opensuse.security:tst:2009070789" comment="myspell-danish less than 20050421-27.3.1"/> 16937 <criterion test_ref="oval:org.opensuse.security:tst:2009070790" comment="myspell-dutch less than 20050719-22.14.3.1"/> 16938 <criterion test_ref="oval:org.opensuse.security:tst:2009070791" comment="myspell-french less than 1.0.1.1-26.14.3.1"/> 16939 <criterion test_ref="oval:org.opensuse.security:tst:2009070792" comment="myspell-german less than 20051213-19.14.3.1"/> 16940 <criterion test_ref="oval:org.opensuse.security:tst:2009070793" comment="myspell-greek less than 20041220-26.14.3.1"/> 16941 <criterion test_ref="oval:org.opensuse.security:tst:2009070794" comment="myspell-gujarati less than 20060929-20.12.3.1"/> 16942 <criterion test_ref="oval:org.opensuse.security:tst:2009070795" comment="myspell-hindi less than 0.1-20.12.3.1"/> 16943 <criterion test_ref="oval:org.opensuse.security:tst:2009070796" comment="myspell-italian less than 20050711-22.14.3.1"/> 16944 <criterion test_ref="oval:org.opensuse.security:tst:2009070797" comment="myspell-lithuanian less than 20031231-26.14.3.1"/> 16945 <criterion test_ref="oval:org.opensuse.security:tst:2009070798" comment="myspell-marathi less than 0.1-20.12.3.1"/> 16946 <criterion test_ref="oval:org.opensuse.security:tst:2009070799" comment="myspell-norsk-bokmaal less than 20050308-22.14.3.1"/> 16947 <criterion test_ref="oval:org.opensuse.security:tst:2009070800" comment="myspell-norsk-nynorsk less than 20041208-26.14.3.1"/> 16948 <criterion test_ref="oval:org.opensuse.security:tst:2009070801" comment="myspell-polish less than 20051016-20.14.3.1"/> 16949 <criterion test_ref="oval:org.opensuse.security:tst:2009070802" comment="myspell-portuguese less than 20020629-243.14.3.1"/> 16950 <criterion test_ref="oval:org.opensuse.security:tst:2009070803" comment="myspell-russian less than 20040406-28.14.3.1"/> 16951 <criterion test_ref="oval:org.opensuse.security:tst:2009070804" comment="myspell-slovak less than 20050901-20.14.3.1"/> 16952 <criterion test_ref="oval:org.opensuse.security:tst:2009070805" comment="myspell-slovene less than 20030907-54.14.3.1"/> 16953 <criterion test_ref="oval:org.opensuse.security:tst:2009070806" comment="myspell-spanish less than 20051029-20.14.3.1"/> 16954 <criterion test_ref="oval:org.opensuse.security:tst:2009070807" comment="myspell-swedish less than 20061207-1.12.3.1"/> 16955 <criterion test_ref="oval:org.opensuse.security:tst:2009070808" comment="myspell-xhosa less than 20060123-20.12.3.1"/> 16956 <criterion test_ref="oval:org.opensuse.security:tst:2009070809" comment="myspell-zulu less than 0.2-26.14.3.1"/> 16957 </criteria> 16958 </criteria> 16959 </criteria> 16960 </definition> 16961 <definition id="oval:org.opensuse.security:def:20102936" version="1" class="vulnerability"> 16962 <metadata> 16963 <title>CVE-2010-2936</title> 16964 <affected family="unix"> 16965 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 16966 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 16967 </affected> 16968 <reference ref_id="CVE-2010-2936" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2936" source="CVE"/> 16969 <description> 16970 Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow. 16971 </description> 16972 </metadata> 16973 <criteria operator="OR"> 16974 <!-- 20a43a6236ae3ea36fc8d8e3dabff428 --> 16975 <criteria operator="AND"> 16976 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 16977 <criteria operator="OR"> 16978 <criterion test_ref="oval:org.opensuse.security:tst:2009063582" comment="OpenOffice_org-af less than 3.2.1-0.5.1"/> 16979 <criterion test_ref="oval:org.opensuse.security:tst:2009063583" comment="OpenOffice_org-ar less than 3.2.1-0.5.1"/> 16980 <criterion test_ref="oval:org.opensuse.security:tst:2009063584" comment="OpenOffice_org-ca less than 3.2.1-0.5.1"/> 16981 <criterion test_ref="oval:org.opensuse.security:tst:2009063585" comment="OpenOffice_org-cs less than 3.2.1-0.5.1"/> 16982 <criterion test_ref="oval:org.opensuse.security:tst:2009063586" comment="OpenOffice_org-da less than 3.2.1-0.5.1"/> 16983 <criterion test_ref="oval:org.opensuse.security:tst:2009063587" comment="OpenOffice_org-de less than 3.2.1-0.5.1"/> 16984 <criterion test_ref="oval:org.opensuse.security:tst:2009063588" comment="OpenOffice_org-el less than 3.2.1-0.5.1"/> 16985 <criterion test_ref="oval:org.opensuse.security:tst:2009063589" comment="OpenOffice_org-en-GB less than 3.2.1-0.5.1"/> 16986 <criterion test_ref="oval:org.opensuse.security:tst:2009063590" comment="OpenOffice_org-es less than 3.2.1-0.5.1"/> 16987 <criterion test_ref="oval:org.opensuse.security:tst:2009063591" comment="OpenOffice_org-fi less than 3.2.1-0.5.1"/> 16988 <criterion test_ref="oval:org.opensuse.security:tst:2009063592" comment="OpenOffice_org-fr less than 3.2.1-0.5.1"/> 16989 <criterion test_ref="oval:org.opensuse.security:tst:2009063593" comment="OpenOffice_org-galleries less than 3.2.1-0.5.1"/> 16990 <criterion test_ref="oval:org.opensuse.security:tst:2009063594" comment="OpenOffice_org-gnome less than 3.2.1-0.5.1"/> 16991 <criterion test_ref="oval:org.opensuse.security:tst:2009063595" comment="OpenOffice_org-gu-IN less than 3.2.1-0.5.1"/> 16992 <criterion test_ref="oval:org.opensuse.security:tst:2009063596" comment="OpenOffice_org-hi-IN less than 3.2.1-0.5.1"/> 16993 <criterion test_ref="oval:org.opensuse.security:tst:2009063597" comment="OpenOffice_org-hu less than 3.2.1-0.5.1"/> 16994 <criterion test_ref="oval:org.opensuse.security:tst:2009063598" comment="OpenOffice_org-it less than 3.2.1-0.5.1"/> 16995 <criterion test_ref="oval:org.opensuse.security:tst:2009063599" comment="OpenOffice_org-ja less than 3.2.1-0.5.1"/> 16996 <criterion test_ref="oval:org.opensuse.security:tst:2009063600" comment="OpenOffice_org-kde less than 3.2.1-0.5.1"/> 16997 <criterion test_ref="oval:org.opensuse.security:tst:2009063601" comment="OpenOffice_org-ko less than 3.2.1-0.5.1"/> 16998 <criterion test_ref="oval:org.opensuse.security:tst:2009063602" comment="OpenOffice_org-mono less than 3.2.1-0.5.1"/> 16999 <criterion test_ref="oval:org.opensuse.security:tst:2009063603" comment="OpenOffice_org-nb less than 3.2.1-0.5.1"/> 17000 <criterion test_ref="oval:org.opensuse.security:tst:2009063604" comment="OpenOffice_org-nl less than 3.2.1-0.5.1"/> 17001 <criterion test_ref="oval:org.opensuse.security:tst:2009063605" comment="OpenOffice_org-nld less than 3.2.1-0.5.1"/> 17002 <criterion test_ref="oval:org.opensuse.security:tst:2009063606" comment="OpenOffice_org-nn less than 3.2.1-0.5.1"/> 17003 <criterion test_ref="oval:org.opensuse.security:tst:2009063607" comment="OpenOffice_org-pl less than 3.2.1-0.5.1"/> 17004 <criterion test_ref="oval:org.opensuse.security:tst:2009063608" comment="OpenOffice_org-pt-BR less than 3.2.1-0.5.1"/> 17005 <criterion test_ref="oval:org.opensuse.security:tst:2009063609" comment="OpenOffice_org-ru less than 3.2.1-0.5.1"/> 17006 <criterion test_ref="oval:org.opensuse.security:tst:2009063610" comment="OpenOffice_org-sk less than 3.2.1-0.5.1"/> 17007 <criterion test_ref="oval:org.opensuse.security:tst:2009063611" comment="OpenOffice_org-sv less than 3.2.1-0.5.1"/> 17008 <criterion test_ref="oval:org.opensuse.security:tst:2009063612" comment="OpenOffice_org-xh less than 3.2.1-0.5.1"/> 17009 <criterion test_ref="oval:org.opensuse.security:tst:2009063613" comment="OpenOffice_org-zh-CN less than 3.2.1-0.5.1"/> 17010 <criterion test_ref="oval:org.opensuse.security:tst:2009063614" comment="OpenOffice_org-zh-TW less than 3.2.1-0.5.1"/> 17011 <criterion test_ref="oval:org.opensuse.security:tst:2009063615" comment="OpenOffice_org-zu less than 3.2.1-0.5.1"/> 17012 <criterion test_ref="oval:org.opensuse.security:tst:2009063616" comment="OpenOffice_org less than 3.2.1-0.5.1"/> 17013 </criteria> 17014 </criteria> 17015 <!-- 620ba2655e733f37c547ce340f0bdce6 --> 17016 <criteria operator="AND"> 17017 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17018 <criteria operator="OR"> 17019 <criterion test_ref="oval:org.opensuse.security:tst:2009070746" comment="boost-32bit less than 1.33.1-17.13.2.1"/> 17020 <criterion test_ref="oval:org.opensuse.security:tst:2009070747" comment="boost less than 1.33.1-17.13.2.1"/> 17021 <criterion test_ref="oval:org.opensuse.security:tst:2009070748" comment="libreoffice-af less than 3.3.1.2-1.6.2.2"/> 17022 <criterion test_ref="oval:org.opensuse.security:tst:2009070749" comment="libreoffice-ar less than 3.3.1.2-1.6.2.2"/> 17023 <criterion test_ref="oval:org.opensuse.security:tst:2009070750" comment="libreoffice-ca less than 3.3.1.2-1.6.2.2"/> 17024 <criterion test_ref="oval:org.opensuse.security:tst:2009070751" comment="libreoffice-cs less than 3.3.1.2-1.6.2.2"/> 17025 <criterion test_ref="oval:org.opensuse.security:tst:2009070752" comment="libreoffice-da less than 3.3.1.2-1.6.2.2"/> 17026 <criterion test_ref="oval:org.opensuse.security:tst:2009070753" comment="libreoffice-de-templates less than 8.2.1-0.5.1"/> 17027 <criterion test_ref="oval:org.opensuse.security:tst:2009070754" comment="libreoffice-de less than 3.3.1.2-1.6.2.2"/> 17028 <criterion test_ref="oval:org.opensuse.security:tst:2009070755" comment="libreoffice-el less than 3.3.1.2-1.6.2.2"/> 17029 <criterion test_ref="oval:org.opensuse.security:tst:2009070756" comment="libreoffice-en-GB less than 3.3.1.2-1.6.2.2"/> 17030 <criterion test_ref="oval:org.opensuse.security:tst:2009070757" comment="libreoffice-es less than 3.3.1.2-1.6.2.2"/> 17031 <criterion test_ref="oval:org.opensuse.security:tst:2009070758" comment="libreoffice-fi less than 3.3.1.2-1.6.2.2"/> 17032 <criterion test_ref="oval:org.opensuse.security:tst:2009070759" comment="libreoffice-fr less than 3.3.1.2-1.6.2.2"/> 17033 <criterion test_ref="oval:org.opensuse.security:tst:2009070760" comment="libreoffice-galleries less than 3.3.1.2-1.6.2.2"/> 17034 <criterion test_ref="oval:org.opensuse.security:tst:2009070761" comment="libreoffice-gnome less than 3.3.1.2-1.6.2.2"/> 17035 <criterion test_ref="oval:org.opensuse.security:tst:2009070762" comment="libreoffice-gu-IN less than 3.3.1.2-1.6.2.2"/> 17036 <criterion test_ref="oval:org.opensuse.security:tst:2009070763" comment="libreoffice-hi-IN less than 3.3.1.2-1.6.2.2"/> 17037 <criterion test_ref="oval:org.opensuse.security:tst:2009070764" comment="libreoffice-hu less than 3.3.1.2-1.6.2.2"/> 17038 <criterion test_ref="oval:org.opensuse.security:tst:2009070765" comment="libreoffice-it less than 3.3.1.2-1.6.2.2"/> 17039 <criterion test_ref="oval:org.opensuse.security:tst:2009070766" comment="libreoffice-ja less than 3.3.1.2-1.6.2.2"/> 17040 <criterion test_ref="oval:org.opensuse.security:tst:2009070767" comment="libreoffice-kde less than 3.3.1.2-1.6.2.2"/> 17041 <criterion test_ref="oval:org.opensuse.security:tst:2009070768" comment="libreoffice-ko less than 3.3.1.2-1.6.2.2"/> 17042 <criterion test_ref="oval:org.opensuse.security:tst:2009070769" comment="libreoffice-mono less than 3.3.1.2-1.6.2.2"/> 17043 <criterion test_ref="oval:org.opensuse.security:tst:2009070770" comment="libreoffice-nb less than 3.3.1.2-1.6.2.2"/> 17044 <criterion test_ref="oval:org.opensuse.security:tst:2009070771" comment="libreoffice-nl less than 3.3.1.2-1.6.2.2"/> 17045 <criterion test_ref="oval:org.opensuse.security:tst:2009070772" comment="libreoffice-nn less than 3.3.1.2-1.6.2.2"/> 17046 <criterion test_ref="oval:org.opensuse.security:tst:2009070773" comment="libreoffice-pl less than 3.3.1.2-1.6.2.2"/> 17047 <criterion test_ref="oval:org.opensuse.security:tst:2009070774" comment="libreoffice-pt-BR less than 3.3.1.2-1.6.2.2"/> 17048 <criterion test_ref="oval:org.opensuse.security:tst:2009070775" comment="libreoffice-ru less than 3.3.1.2-1.6.2.2"/> 17049 <criterion test_ref="oval:org.opensuse.security:tst:2009070776" comment="libreoffice-sk less than 3.3.1.2-1.6.2.2"/> 17050 <criterion test_ref="oval:org.opensuse.security:tst:2009070777" comment="libreoffice-sv less than 3.3.1.2-1.6.2.2"/> 17051 <criterion test_ref="oval:org.opensuse.security:tst:2009070778" comment="libreoffice-xh less than 3.3.1.2-1.6.2.2"/> 17052 <criterion test_ref="oval:org.opensuse.security:tst:2009070779" comment="libreoffice-zh-CN less than 3.3.1.2-1.6.2.2"/> 17053 <criterion test_ref="oval:org.opensuse.security:tst:2009070780" comment="libreoffice-zh-TW less than 3.3.1.2-1.6.2.2"/> 17054 <criterion test_ref="oval:org.opensuse.security:tst:2009070781" comment="libreoffice-zu less than 3.3.1.2-1.6.2.2"/> 17055 <criterion test_ref="oval:org.opensuse.security:tst:2009070782" comment="libreoffice less than 3.3.1.2-1.6.2.2"/> 17056 <criterion test_ref="oval:org.opensuse.security:tst:2009070783" comment="myspell-african less than 20040727-33.3.1"/> 17057 <criterion test_ref="oval:org.opensuse.security:tst:2009070784" comment="myspell-american less than 20040623-33.3.1"/> 17058 <criterion test_ref="oval:org.opensuse.security:tst:2009070785" comment="myspell-brazilian less than 20020806-33.3.1"/> 17059 <criterion test_ref="oval:org.opensuse.security:tst:2009070786" comment="myspell-british less than 20050526-27.3.1"/> 17060 <criterion test_ref="oval:org.opensuse.security:tst:2009070787" comment="myspell-catalan less than 0.1-248.3.1"/> 17061 <criterion test_ref="oval:org.opensuse.security:tst:2009070788" comment="myspell-czech less than 20030907-59.3.1"/> 17062 <criterion test_ref="oval:org.opensuse.security:tst:2009070789" comment="myspell-danish less than 20050421-27.3.1"/> 17063 <criterion test_ref="oval:org.opensuse.security:tst:2009070790" comment="myspell-dutch less than 20050719-22.14.3.1"/> 17064 <criterion test_ref="oval:org.opensuse.security:tst:2009070791" comment="myspell-french less than 1.0.1.1-26.14.3.1"/> 17065 <criterion test_ref="oval:org.opensuse.security:tst:2009070792" comment="myspell-german less than 20051213-19.14.3.1"/> 17066 <criterion test_ref="oval:org.opensuse.security:tst:2009070793" comment="myspell-greek less than 20041220-26.14.3.1"/> 17067 <criterion test_ref="oval:org.opensuse.security:tst:2009070794" comment="myspell-gujarati less than 20060929-20.12.3.1"/> 17068 <criterion test_ref="oval:org.opensuse.security:tst:2009070795" comment="myspell-hindi less than 0.1-20.12.3.1"/> 17069 <criterion test_ref="oval:org.opensuse.security:tst:2009070796" comment="myspell-italian less than 20050711-22.14.3.1"/> 17070 <criterion test_ref="oval:org.opensuse.security:tst:2009070797" comment="myspell-lithuanian less than 20031231-26.14.3.1"/> 17071 <criterion test_ref="oval:org.opensuse.security:tst:2009070798" comment="myspell-marathi less than 0.1-20.12.3.1"/> 17072 <criterion test_ref="oval:org.opensuse.security:tst:2009070799" comment="myspell-norsk-bokmaal less than 20050308-22.14.3.1"/> 17073 <criterion test_ref="oval:org.opensuse.security:tst:2009070800" comment="myspell-norsk-nynorsk less than 20041208-26.14.3.1"/> 17074 <criterion test_ref="oval:org.opensuse.security:tst:2009070801" comment="myspell-polish less than 20051016-20.14.3.1"/> 17075 <criterion test_ref="oval:org.opensuse.security:tst:2009070802" comment="myspell-portuguese less than 20020629-243.14.3.1"/> 17076 <criterion test_ref="oval:org.opensuse.security:tst:2009070803" comment="myspell-russian less than 20040406-28.14.3.1"/> 17077 <criterion test_ref="oval:org.opensuse.security:tst:2009070804" comment="myspell-slovak less than 20050901-20.14.3.1"/> 17078 <criterion test_ref="oval:org.opensuse.security:tst:2009070805" comment="myspell-slovene less than 20030907-54.14.3.1"/> 17079 <criterion test_ref="oval:org.opensuse.security:tst:2009070806" comment="myspell-spanish less than 20051029-20.14.3.1"/> 17080 <criterion test_ref="oval:org.opensuse.security:tst:2009070807" comment="myspell-swedish less than 20061207-1.12.3.1"/> 17081 <criterion test_ref="oval:org.opensuse.security:tst:2009070808" comment="myspell-xhosa less than 20060123-20.12.3.1"/> 17082 <criterion test_ref="oval:org.opensuse.security:tst:2009070809" comment="myspell-zulu less than 0.2-26.14.3.1"/> 17083 </criteria> 17084 </criteria> 17085 </criteria> 17086 </definition> 17087 <definition id="oval:org.opensuse.security:def:20102939" version="1" class="vulnerability"> 17088 <metadata> 17089 <title>CVE-2010-2939</title> 17090 <affected family="unix"> 17091 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17092 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17093 </affected> 17094 <reference ref_id="CVE-2010-2939" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939" source="CVE"/> 17095 <description> 17096 Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client (ssl/s3_clnt.c) in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted private key with an invalid prime. NOTE: some sources refer to this as a use-after-free issue. 17097 </description> 17098 </metadata> 17099 <!-- 9402e64690b1a9a7f760ca687f37f7aa --> 17100 <criteria operator="AND"> 17101 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17102 <criteria operator="OR"> 17103 <criterion test_ref="oval:org.opensuse.security:tst:2009064327" comment="openssl-32bit less than 0.9.8a-18.43.1"/> 17104 <criterion test_ref="oval:org.opensuse.security:tst:2009064328" comment="openssl-devel-32bit less than 0.9.8a-18.43.1"/> 17105 <criterion test_ref="oval:org.opensuse.security:tst:2009064329" comment="openssl-devel less than 0.9.8a-18.43.1"/> 17106 <criterion test_ref="oval:org.opensuse.security:tst:2009064330" comment="openssl less than 0.9.8a-18.43.1"/> 17107 </criteria> 17108 </criteria> 17109 </definition> 17110 <definition id="oval:org.opensuse.security:def:20102942" version="1" class="vulnerability"> 17111 <metadata> 17112 <title>CVE-2010-2942</title> 17113 <affected family="unix"> 17114 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17115 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17116 </affected> 17117 <reference ref_id="CVE-2010-2942" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2942" source="CVE"/> 17118 <description> 17119 The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c. 17120 </description> 17121 </metadata> 17122 <criteria operator="OR"> 17123 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 17124 <criteria operator="AND"> 17125 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17126 <criteria operator="OR"> 17127 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 17128 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 17129 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 17130 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 17131 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 17132 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 17133 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 17134 </criteria> 17135 </criteria> 17136 <!-- 674eb707cae3a31be66788e116641a9a --> 17137 <criteria operator="AND"> 17138 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17139 <criteria operator="OR"> 17140 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 17141 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 17142 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 17143 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 17144 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 17145 </criteria> 17146 </criteria> 17147 </criteria> 17148 </definition> 17149 <definition id="oval:org.opensuse.security:def:20102946" version="1" class="vulnerability"> 17150 <metadata> 17151 <title>CVE-2010-2946</title> 17152 <affected family="unix"> 17153 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17154 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17155 </affected> 17156 <reference ref_id="CVE-2010-2946" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2946" source="CVE"/> 17157 <description> 17158 fs/jfs/xattr.c in the Linux kernel before 2.6.35.2 does not properly handle a certain legacy format for storage of extended attributes, which might allow local users by bypass intended xattr namespace restrictions via an "os2." substring at the beginning of a name. 17159 </description> 17160 </metadata> 17161 <criteria operator="OR"> 17162 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 17163 <criteria operator="AND"> 17164 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17165 <criteria operator="OR"> 17166 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 17167 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 17168 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 17169 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 17170 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 17171 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 17172 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 17173 </criteria> 17174 </criteria> 17175 <!-- 674eb707cae3a31be66788e116641a9a --> 17176 <criteria operator="AND"> 17177 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17178 <criteria operator="OR"> 17179 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 17180 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 17181 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 17182 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 17183 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 17184 </criteria> 17185 </criteria> 17186 </criteria> 17187 </definition> 17188 <definition id="oval:org.opensuse.security:def:20102955" version="1" class="vulnerability"> 17189 <metadata> 17190 <title>CVE-2010-2955</title> 17191 <affected family="unix"> 17192 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17193 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17194 </affected> 17195 <reference ref_id="CVE-2010-2955" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2955" source="CVE"/> 17196 <description> 17197 The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in net/wireless/wext-core.c, and obtain potentially sensitive information from kernel heap memory, via vectors involving an SIOCGIWESSID ioctl call that specifies a large buffer size. 17198 </description> 17199 </metadata> 17200 <criteria operator="OR"> 17201 <!-- b1e006fd7d91b808f69f71171dedecd5 --> 17202 <criteria operator="AND"> 17203 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17204 <criteria operator="OR"> 17205 <criterion test_ref="oval:org.opensuse.security:tst:2009063020" comment="kernel-default less than 2.6.16.60-0.69.1"/> 17206 <criterion test_ref="oval:org.opensuse.security:tst:2009063035" comment="kernel-smp less than 2.6.16.60-0.69.1"/> 17207 <criterion test_ref="oval:org.opensuse.security:tst:2009063024" comment="kernel-source less than 2.6.16.60-0.69.1"/> 17208 <criterion test_ref="oval:org.opensuse.security:tst:2009063025" comment="kernel-syms less than 2.6.16.60-0.69.1"/> 17209 <criterion test_ref="oval:org.opensuse.security:tst:2009063036" comment="kernel-xen less than 2.6.16.60-0.69.1"/> 17210 </criteria> 17211 </criteria> 17212 <!-- d66f802cf2fe007b89049126e4774cb3 --> 17213 <criteria operator="AND"> 17214 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17215 <criteria operator="OR"> 17216 <criterion test_ref="oval:org.opensuse.security:tst:2009063037" comment="kernel-bigsmp less than 2.6.16.60-0.69.1"/> 17217 <criterion test_ref="oval:org.opensuse.security:tst:2009063020" comment="kernel-default less than 2.6.16.60-0.69.1"/> 17218 <criterion test_ref="oval:org.opensuse.security:tst:2009063035" comment="kernel-smp less than 2.6.16.60-0.69.1"/> 17219 <criterion test_ref="oval:org.opensuse.security:tst:2009063024" comment="kernel-source less than 2.6.16.60-0.69.1"/> 17220 <criterion test_ref="oval:org.opensuse.security:tst:2009063025" comment="kernel-syms less than 2.6.16.60-0.69.1"/> 17221 <criterion test_ref="oval:org.opensuse.security:tst:2009063036" comment="kernel-xen less than 2.6.16.60-0.69.1"/> 17222 <criterion test_ref="oval:org.opensuse.security:tst:2009063038" comment="kernel-xenpae less than 2.6.16.60-0.69.1"/> 17223 </criteria> 17224 </criteria> 17225 </criteria> 17226 </definition> 17227 <definition id="oval:org.opensuse.security:def:20102992" version="1" class="vulnerability"> 17228 <metadata> 17229 <title>CVE-2010-2992</title> 17230 <affected family="unix"> 17231 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17232 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17233 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 17234 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 17235 </affected> 17236 <reference ref_id="CVE-2010-2992" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2992" source="CVE"/> 17237 <description> 17238 packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through 1.2.9 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference. 17239 </description> 17240 </metadata> 17241 <criteria operator="OR"> 17242 <!-- 6f945ca7e512591223a153602859503d --> 17243 <criteria operator="AND"> 17244 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17245 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 17246 </criteria> 17247 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 17248 <criteria operator="AND"> 17249 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 17250 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 17251 </criteria> 17252 </criteria> 17253 </definition> 17254 <definition id="oval:org.opensuse.security:def:20102993" version="1" class="vulnerability"> 17255 <metadata> 17256 <title>CVE-2010-2993</title> 17257 <affected family="unix"> 17258 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17259 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17260 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 17261 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 17262 </affected> 17263 <reference ref_id="CVE-2010-2993" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2993" source="CVE"/> 17264 <description> 17265 The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. 17266 </description> 17267 </metadata> 17268 <criteria operator="OR"> 17269 <!-- 6f945ca7e512591223a153602859503d --> 17270 <criteria operator="AND"> 17271 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17272 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 17273 </criteria> 17274 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 17275 <criteria operator="AND"> 17276 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 17277 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 17278 </criteria> 17279 </criteria> 17280 </definition> 17281 <definition id="oval:org.opensuse.security:def:20102994" version="1" class="vulnerability"> 17282 <metadata> 17283 <title>CVE-2010-2994</title> 17284 <affected family="unix"> 17285 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17286 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17287 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 17288 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 17289 </affected> 17290 <reference ref_id="CVE-2010-2994" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2994" source="CVE"/> 17291 <description> 17292 Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression. 17293 </description> 17294 </metadata> 17295 <criteria operator="OR"> 17296 <!-- 6f945ca7e512591223a153602859503d --> 17297 <criteria operator="AND"> 17298 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17299 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 17300 </criteria> 17301 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 17302 <criteria operator="AND"> 17303 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 17304 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 17305 </criteria> 17306 </criteria> 17307 </definition> 17308 <definition id="oval:org.opensuse.security:def:20102995" version="1" class="vulnerability"> 17309 <metadata> 17310 <title>CVE-2010-2995</title> 17311 <affected family="unix"> 17312 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17313 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17314 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 17315 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 17316 </affected> 17317 <reference ref_id="CVE-2010-2995" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2995" source="CVE"/> 17318 <description> 17319 The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287. 17320 </description> 17321 </metadata> 17322 <criteria operator="OR"> 17323 <!-- 6f945ca7e512591223a153602859503d --> 17324 <criteria operator="AND"> 17325 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17326 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 17327 </criteria> 17328 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 17329 <criteria operator="AND"> 17330 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 17331 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 17332 </criteria> 17333 </criteria> 17334 </definition> 17335 <definition id="oval:org.opensuse.security:def:20103053" version="1" class="vulnerability"> 17336 <metadata> 17337 <title>CVE-2010-3053</title> 17338 <affected family="unix"> 17339 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17340 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17341 </affected> 17342 <reference ref_id="CVE-2010-3053" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3053" source="CVE"/> 17343 <description> 17344 bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) via a crafted BDF font file, related to an attempted modification of a value in a static string. 17345 </description> 17346 </metadata> 17347 <!-- c5e42e1428c24098b25949e9b361ea93 --> 17348 <criteria operator="AND"> 17349 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17350 <criteria operator="OR"> 17351 <criterion test_ref="oval:org.opensuse.security:tst:2009063379" comment="freetype2-32bit less than 2.1.10-18.23.1"/> 17352 <criterion test_ref="oval:org.opensuse.security:tst:2009063380" comment="freetype2-devel-32bit less than 2.1.10-18.23.1"/> 17353 <criterion test_ref="oval:org.opensuse.security:tst:2009063381" comment="freetype2-devel less than 2.1.10-18.23.1"/> 17354 <criterion test_ref="oval:org.opensuse.security:tst:2009063382" comment="freetype2 less than 2.1.10-18.23.1"/> 17355 </criteria> 17356 </criteria> 17357 </definition> 17358 <definition id="oval:org.opensuse.security:def:20103054" version="1" class="vulnerability"> 17359 <metadata> 17360 <title>CVE-2010-3054</title> 17361 <affected family="unix"> 17362 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17363 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17364 </affected> 17365 <reference ref_id="CVE-2010-3054" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3054" source="CVE"/> 17366 <description> 17367 Unspecified vulnerability in FreeType 2.3.9, and other versions before 2.4.2, allows remote attackers to cause a denial of service via vectors involving nested Standard Encoding Accented Character (aka seac) calls, related to psaux.h, cffgload.c, cffgload.h, and t1decode.c. 17368 </description> 17369 </metadata> 17370 <!-- c5e42e1428c24098b25949e9b361ea93 --> 17371 <criteria operator="AND"> 17372 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17373 <criteria operator="OR"> 17374 <criterion test_ref="oval:org.opensuse.security:tst:2009063379" comment="freetype2-32bit less than 2.1.10-18.23.1"/> 17375 <criterion test_ref="oval:org.opensuse.security:tst:2009063380" comment="freetype2-devel-32bit less than 2.1.10-18.23.1"/> 17376 <criterion test_ref="oval:org.opensuse.security:tst:2009063381" comment="freetype2-devel less than 2.1.10-18.23.1"/> 17377 <criterion test_ref="oval:org.opensuse.security:tst:2009063382" comment="freetype2 less than 2.1.10-18.23.1"/> 17378 </criteria> 17379 </criteria> 17380 </definition> 17381 <definition id="oval:org.opensuse.security:def:20103067" version="1" class="vulnerability"> 17382 <metadata> 17383 <title>CVE-2010-3067</title> 17384 <affected family="unix"> 17385 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17386 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17387 </affected> 17388 <reference ref_id="CVE-2010-3067" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3067" source="CVE"/> 17389 <description> 17390 Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call. 17391 </description> 17392 </metadata> 17393 <criteria operator="OR"> 17394 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 17395 <criteria operator="AND"> 17396 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17397 <criteria operator="OR"> 17398 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 17399 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 17400 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 17401 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 17402 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 17403 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 17404 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 17405 </criteria> 17406 </criteria> 17407 <!-- 674eb707cae3a31be66788e116641a9a --> 17408 <criteria operator="AND"> 17409 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17410 <criteria operator="OR"> 17411 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 17412 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 17413 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 17414 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 17415 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 17416 </criteria> 17417 </criteria> 17418 </criteria> 17419 </definition> 17420 <definition id="oval:org.opensuse.security:def:20103069" version="1" class="vulnerability"> 17421 <metadata> 17422 <title>CVE-2010-3069</title> 17423 <affected family="unix"> 17424 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17425 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17426 </affected> 17427 <reference ref_id="CVE-2010-3069" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3069" source="CVE"/> 17428 <description> 17429 Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share. 17430 </description> 17431 </metadata> 17432 <!-- 264c86fa1307ebb3a47108bc872729cf --> 17433 <criteria operator="AND"> 17434 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17435 <criteria operator="OR"> 17436 <criterion test_ref="oval:org.opensuse.security:tst:2009063158" comment="cifs-mount less than 3.0.36-0.13.12.1"/> 17437 <criterion test_ref="oval:org.opensuse.security:tst:2009063159" comment="ldapsmb less than 1.34b-25.13.12.1"/> 17438 <criterion test_ref="oval:org.opensuse.security:tst:2009063160" comment="libsmbclient-32bit less than 3.0.36-0.13.12.1"/> 17439 <criterion test_ref="oval:org.opensuse.security:tst:2009063161" comment="libsmbclient-devel less than 3.0.36-0.13.12.1"/> 17440 <criterion test_ref="oval:org.opensuse.security:tst:2009063162" comment="libsmbclient less than 3.0.36-0.13.12.1"/> 17441 <criterion test_ref="oval:org.opensuse.security:tst:2009063163" comment="samba-32bit less than 3.0.36-0.13.12.1"/> 17442 <criterion test_ref="oval:org.opensuse.security:tst:2009063164" comment="samba-client-32bit less than 3.0.36-0.13.12.1"/> 17443 <criterion test_ref="oval:org.opensuse.security:tst:2009063165" comment="samba-client less than 3.0.36-0.13.12.1"/> 17444 <criterion test_ref="oval:org.opensuse.security:tst:2009063166" comment="samba-krb-printing less than 3.0.36-0.13.12.1"/> 17445 <criterion test_ref="oval:org.opensuse.security:tst:2009063167" comment="samba-vscan less than 0.3.6b-43.13.12.1"/> 17446 <criterion test_ref="oval:org.opensuse.security:tst:2009063168" comment="samba-winbind-32bit less than 3.0.36-0.13.12.1"/> 17447 <criterion test_ref="oval:org.opensuse.security:tst:2009063169" comment="samba-winbind less than 3.0.36-0.13.12.1"/> 17448 <criterion test_ref="oval:org.opensuse.security:tst:2009063170" comment="samba less than 3.0.36-0.13.12.1"/> 17449 </criteria> 17450 </criteria> 17451 </definition> 17452 <definition id="oval:org.opensuse.security:def:20103078" version="1" class="vulnerability"> 17453 <metadata> 17454 <title>CVE-2010-3078</title> 17455 <affected family="unix"> 17456 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17457 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17458 </affected> 17459 <reference ref_id="CVE-2010-3078" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3078" source="CVE"/> 17460 <description> 17461 The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call. 17462 </description> 17463 </metadata> 17464 <criteria operator="OR"> 17465 <!-- b1e006fd7d91b808f69f71171dedecd5 --> 17466 <criteria operator="AND"> 17467 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17468 <criteria operator="OR"> 17469 <criterion test_ref="oval:org.opensuse.security:tst:2009063020" comment="kernel-default less than 2.6.16.60-0.69.1"/> 17470 <criterion test_ref="oval:org.opensuse.security:tst:2009063035" comment="kernel-smp less than 2.6.16.60-0.69.1"/> 17471 <criterion test_ref="oval:org.opensuse.security:tst:2009063024" comment="kernel-source less than 2.6.16.60-0.69.1"/> 17472 <criterion test_ref="oval:org.opensuse.security:tst:2009063025" comment="kernel-syms less than 2.6.16.60-0.69.1"/> 17473 <criterion test_ref="oval:org.opensuse.security:tst:2009063036" comment="kernel-xen less than 2.6.16.60-0.69.1"/> 17474 </criteria> 17475 </criteria> 17476 <!-- d66f802cf2fe007b89049126e4774cb3 --> 17477 <criteria operator="AND"> 17478 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17479 <criteria operator="OR"> 17480 <criterion test_ref="oval:org.opensuse.security:tst:2009063037" comment="kernel-bigsmp less than 2.6.16.60-0.69.1"/> 17481 <criterion test_ref="oval:org.opensuse.security:tst:2009063020" comment="kernel-default less than 2.6.16.60-0.69.1"/> 17482 <criterion test_ref="oval:org.opensuse.security:tst:2009063035" comment="kernel-smp less than 2.6.16.60-0.69.1"/> 17483 <criterion test_ref="oval:org.opensuse.security:tst:2009063024" comment="kernel-source less than 2.6.16.60-0.69.1"/> 17484 <criterion test_ref="oval:org.opensuse.security:tst:2009063025" comment="kernel-syms less than 2.6.16.60-0.69.1"/> 17485 <criterion test_ref="oval:org.opensuse.security:tst:2009063036" comment="kernel-xen less than 2.6.16.60-0.69.1"/> 17486 <criterion test_ref="oval:org.opensuse.security:tst:2009063038" comment="kernel-xenpae less than 2.6.16.60-0.69.1"/> 17487 </criteria> 17488 </criteria> 17489 </criteria> 17490 </definition> 17491 <definition id="oval:org.opensuse.security:def:20103081" version="1" class="vulnerability"> 17492 <metadata> 17493 <title>CVE-2010-3081</title> 17494 <affected family="unix"> 17495 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17496 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17497 </affected> 17498 <reference ref_id="CVE-2010-3081" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081" source="CVE"/> 17499 <description> 17500 The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010. 17501 </description> 17502 </metadata> 17503 <criteria operator="OR"> 17504 <!-- b1e006fd7d91b808f69f71171dedecd5 --> 17505 <criteria operator="AND"> 17506 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17507 <criteria operator="OR"> 17508 <criterion test_ref="oval:org.opensuse.security:tst:2009063020" comment="kernel-default less than 2.6.16.60-0.69.1"/> 17509 <criterion test_ref="oval:org.opensuse.security:tst:2009063035" comment="kernel-smp less than 2.6.16.60-0.69.1"/> 17510 <criterion test_ref="oval:org.opensuse.security:tst:2009063024" comment="kernel-source less than 2.6.16.60-0.69.1"/> 17511 <criterion test_ref="oval:org.opensuse.security:tst:2009063025" comment="kernel-syms less than 2.6.16.60-0.69.1"/> 17512 <criterion test_ref="oval:org.opensuse.security:tst:2009063036" comment="kernel-xen less than 2.6.16.60-0.69.1"/> 17513 </criteria> 17514 </criteria> 17515 <!-- d66f802cf2fe007b89049126e4774cb3 --> 17516 <criteria operator="AND"> 17517 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17518 <criteria operator="OR"> 17519 <criterion test_ref="oval:org.opensuse.security:tst:2009063037" comment="kernel-bigsmp less than 2.6.16.60-0.69.1"/> 17520 <criterion test_ref="oval:org.opensuse.security:tst:2009063020" comment="kernel-default less than 2.6.16.60-0.69.1"/> 17521 <criterion test_ref="oval:org.opensuse.security:tst:2009063035" comment="kernel-smp less than 2.6.16.60-0.69.1"/> 17522 <criterion test_ref="oval:org.opensuse.security:tst:2009063024" comment="kernel-source less than 2.6.16.60-0.69.1"/> 17523 <criterion test_ref="oval:org.opensuse.security:tst:2009063025" comment="kernel-syms less than 2.6.16.60-0.69.1"/> 17524 <criterion test_ref="oval:org.opensuse.security:tst:2009063036" comment="kernel-xen less than 2.6.16.60-0.69.1"/> 17525 <criterion test_ref="oval:org.opensuse.security:tst:2009063038" comment="kernel-xenpae less than 2.6.16.60-0.69.1"/> 17526 </criteria> 17527 </criteria> 17528 </criteria> 17529 </definition> 17530 <definition id="oval:org.opensuse.security:def:20103086" version="1" class="vulnerability"> 17531 <metadata> 17532 <title>CVE-2010-3086</title> 17533 <affected family="unix"> 17534 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17535 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17536 </affected> 17537 <reference ref_id="CVE-2010-3086" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3086" source="CVE"/> 17538 <description> 17539 include/asm-x86/futex.h in the Linux kernel before 2.6.25 does not properly implement exception fixup, which allows local users to cause a denial of service (panic) via an invalid application that triggers a page fault. 17540 </description> 17541 </metadata> 17542 <criteria operator="OR"> 17543 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 17544 <criteria operator="AND"> 17545 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17546 <criteria operator="OR"> 17547 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 17548 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 17549 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 17550 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 17551 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 17552 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 17553 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 17554 </criteria> 17555 </criteria> 17556 <!-- 674eb707cae3a31be66788e116641a9a --> 17557 <criteria operator="AND"> 17558 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17559 <criteria operator="OR"> 17560 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 17561 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 17562 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 17563 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 17564 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 17565 </criteria> 17566 </criteria> 17567 </criteria> 17568 </definition> 17569 <definition id="oval:org.opensuse.security:def:20103131" version="1" class="vulnerability"> 17570 <metadata> 17571 <title>CVE-2010-3131</title> 17572 <affected family="unix"> 17573 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17574 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17575 </affected> 17576 <reference ref_id="CVE-2010-3131" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3131" source="CVE"/> 17577 <description> 17578 Untrusted search path vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 on Windows XP allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .htm, .html, .jtx, .mfp, or .eml file. 17579 </description> 17580 </metadata> 17581 <!-- ae6e95010633fc3aaeda46196d97e650 --> 17582 <criteria operator="AND"> 17583 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17584 <criteria operator="OR"> 17585 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 17586 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 17587 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 17588 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 17589 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 17590 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 17591 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 17592 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 17593 </criteria> 17594 </criteria> 17595 </definition> 17596 <definition id="oval:org.opensuse.security:def:20103166" version="1" class="vulnerability"> 17597 <metadata> 17598 <title>CVE-2010-3166</title> 17599 <affected family="unix"> 17600 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17601 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17602 </affected> 17603 <reference ref_id="CVE-2010-3166" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3166" source="CVE"/> 17604 <description> 17605 Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a bidirectional text run. 17606 </description> 17607 </metadata> 17608 <!-- ae6e95010633fc3aaeda46196d97e650 --> 17609 <criteria operator="AND"> 17610 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17611 <criteria operator="OR"> 17612 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 17613 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 17614 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 17615 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 17616 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 17617 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 17618 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 17619 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 17620 </criteria> 17621 </criteria> 17622 </definition> 17623 <definition id="oval:org.opensuse.security:def:20103167" version="1" class="vulnerability"> 17624 <metadata> 17625 <title>CVE-2010-3167</title> 17626 <affected family="unix"> 17627 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17628 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17629 </affected> 17630 <reference ref_id="CVE-2010-3167" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3167" source="CVE"/> 17631 <description> 17632 The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a "dangling pointer vulnerability." 17633 </description> 17634 </metadata> 17635 <!-- ae6e95010633fc3aaeda46196d97e650 --> 17636 <criteria operator="AND"> 17637 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17638 <criteria operator="OR"> 17639 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 17640 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 17641 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 17642 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 17643 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 17644 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 17645 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 17646 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 17647 </criteria> 17648 </criteria> 17649 </definition> 17650 <definition id="oval:org.opensuse.security:def:20103168" version="1" class="vulnerability"> 17651 <metadata> 17652 <title>CVE-2010-3168</title> 17653 <affected family="unix"> 17654 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17655 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17656 </affected> 17657 <reference ref_id="CVE-2010-3168" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3168" source="CVE"/> 17658 <description> 17659 Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties. 17660 </description> 17661 </metadata> 17662 <!-- ae6e95010633fc3aaeda46196d97e650 --> 17663 <criteria operator="AND"> 17664 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17665 <criteria operator="OR"> 17666 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 17667 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 17668 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 17669 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 17670 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 17671 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 17672 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 17673 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 17674 </criteria> 17675 </criteria> 17676 </definition> 17677 <definition id="oval:org.opensuse.security:def:20103169" version="1" class="vulnerability"> 17678 <metadata> 17679 <title>CVE-2010-3169</title> 17680 <affected family="unix"> 17681 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17682 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17683 </affected> 17684 <reference ref_id="CVE-2010-3169" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3169" source="CVE"/> 17685 <description> 17686 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 17687 </description> 17688 </metadata> 17689 <!-- ae6e95010633fc3aaeda46196d97e650 --> 17690 <criteria operator="AND"> 17691 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17692 <criteria operator="OR"> 17693 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 17694 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 17695 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 17696 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 17697 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 17698 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 17699 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 17700 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 17701 </criteria> 17702 </criteria> 17703 </definition> 17704 <definition id="oval:org.opensuse.security:def:20103170" version="1" class="vulnerability"> 17705 <metadata> 17706 <title>CVE-2010-3170</title> 17707 <affected family="unix"> 17708 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17709 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17710 </affected> 17711 <reference ref_id="CVE-2010-3170" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3170" source="CVE"/> 17712 <description> 17713 Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. 17714 </description> 17715 </metadata> 17716 <criteria operator="OR"> 17717 <!-- 7ae00681519411e94c06aee5c9b407ab --> 17718 <criteria operator="AND"> 17719 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17720 <criteria operator="OR"> 17721 <criterion test_ref="oval:org.opensuse.security:tst:2009064199" comment="mozilla-nspr-32bit less than 4.8.6-1.6.1"/> 17722 <criterion test_ref="oval:org.opensuse.security:tst:2009064200" comment="mozilla-nspr-devel less than 4.8.6-1.6.1"/> 17723 <criterion test_ref="oval:org.opensuse.security:tst:2009064201" comment="mozilla-nspr less than 4.8.6-1.6.1"/> 17724 <criterion test_ref="oval:org.opensuse.security:tst:2009064202" comment="mozilla-nss-32bit less than 3.12.8-1.4.1"/> 17725 <criterion test_ref="oval:org.opensuse.security:tst:2009064203" comment="mozilla-nss-devel less than 3.12.8-1.4.1"/> 17726 <criterion test_ref="oval:org.opensuse.security:tst:2009064204" comment="mozilla-nss-tools less than 3.12.8-1.4.1"/> 17727 <criterion test_ref="oval:org.opensuse.security:tst:2009064205" comment="mozilla-nss less than 3.12.8-1.4.1"/> 17728 </criteria> 17729 </criteria> 17730 <!-- ae6e95010633fc3aaeda46196d97e650 --> 17731 <criteria operator="AND"> 17732 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17733 <criteria operator="OR"> 17734 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 17735 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 17736 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 17737 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 17738 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 17739 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 17740 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 17741 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 17742 </criteria> 17743 </criteria> 17744 </criteria> 17745 </definition> 17746 <definition id="oval:org.opensuse.security:def:20103172" version="1" class="vulnerability"> 17747 <metadata> 17748 <title>CVE-2010-3172</title> 17749 <affected family="unix"> 17750 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17751 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17752 </affected> 17753 <reference ref_id="CVE-2010-3172" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172" source="CVE"/> 17754 <description> 17755 CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, when Server Push is enabled in a web browser, allows remote attackers to inject arbitrary HTTP headers and content, and conduct HTTP response splitting attacks, via a crafted URL. 17756 </description> 17757 </metadata> 17758 <!-- aa08850f4b8bd72b4cd28674c6bdf3d6 --> 17759 <criteria operator="AND"> 17760 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17761 <criteria operator="OR"> 17762 <criterion test_ref="oval:org.opensuse.security:tst:2009065606" comment="perl-32bit less than 5.8.8-14.17.15"/> 17763 <criterion test_ref="oval:org.opensuse.security:tst:2009065607" comment="perl less than 5.8.8-14.17.15"/> 17764 </criteria> 17765 </criteria> 17766 </definition> 17767 <definition id="oval:org.opensuse.security:def:20103173" version="1" class="vulnerability"> 17768 <metadata> 17769 <title>CVE-2010-3173</title> 17770 <affected family="unix"> 17771 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17772 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17773 </affected> 17774 <reference ref_id="CVE-2010-3173" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3173" source="CVE"/> 17775 <description> 17776 The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. 17777 </description> 17778 </metadata> 17779 <!-- 7ae00681519411e94c06aee5c9b407ab --> 17780 <criteria operator="AND"> 17781 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17782 <criteria operator="OR"> 17783 <criterion test_ref="oval:org.opensuse.security:tst:2009064199" comment="mozilla-nspr-32bit less than 4.8.6-1.6.1"/> 17784 <criterion test_ref="oval:org.opensuse.security:tst:2009064200" comment="mozilla-nspr-devel less than 4.8.6-1.6.1"/> 17785 <criterion test_ref="oval:org.opensuse.security:tst:2009064201" comment="mozilla-nspr less than 4.8.6-1.6.1"/> 17786 <criterion test_ref="oval:org.opensuse.security:tst:2009064202" comment="mozilla-nss-32bit less than 3.12.8-1.4.1"/> 17787 <criterion test_ref="oval:org.opensuse.security:tst:2009064203" comment="mozilla-nss-devel less than 3.12.8-1.4.1"/> 17788 <criterion test_ref="oval:org.opensuse.security:tst:2009064204" comment="mozilla-nss-tools less than 3.12.8-1.4.1"/> 17789 <criterion test_ref="oval:org.opensuse.security:tst:2009064205" comment="mozilla-nss less than 3.12.8-1.4.1"/> 17790 </criteria> 17791 </criteria> 17792 </definition> 17793 <definition id="oval:org.opensuse.security:def:20103174" version="1" class="vulnerability"> 17794 <metadata> 17795 <title>CVE-2010-3174</title> 17796 <affected family="unix"> 17797 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17798 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17799 </affected> 17800 <reference ref_id="CVE-2010-3174" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3174" source="CVE"/> 17801 <description> 17802 Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 17803 </description> 17804 </metadata> 17805 <!-- ae6e95010633fc3aaeda46196d97e650 --> 17806 <criteria operator="AND"> 17807 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17808 <criteria operator="OR"> 17809 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 17810 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 17811 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 17812 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 17813 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 17814 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 17815 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 17816 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 17817 </criteria> 17818 </criteria> 17819 </definition> 17820 <definition id="oval:org.opensuse.security:def:20103175" version="1" class="vulnerability"> 17821 <metadata> 17822 <title>CVE-2010-3175</title> 17823 <affected family="unix"> 17824 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17825 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17826 </affected> 17827 <reference ref_id="CVE-2010-3175" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3175" source="CVE"/> 17828 <description> 17829 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.11 and Thunderbird 3.1.x before 3.1.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 17830 </description> 17831 </metadata> 17832 <!-- ae6e95010633fc3aaeda46196d97e650 --> 17833 <criteria operator="AND"> 17834 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17835 <criteria operator="OR"> 17836 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 17837 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 17838 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 17839 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 17840 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 17841 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 17842 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 17843 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 17844 </criteria> 17845 </criteria> 17846 </definition> 17847 <definition id="oval:org.opensuse.security:def:20103176" version="1" class="vulnerability"> 17848 <metadata> 17849 <title>CVE-2010-3176</title> 17850 <affected family="unix"> 17851 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17852 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17853 </affected> 17854 <reference ref_id="CVE-2010-3176" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3176" source="CVE"/> 17855 <description> 17856 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 17857 </description> 17858 </metadata> 17859 <!-- ae6e95010633fc3aaeda46196d97e650 --> 17860 <criteria operator="AND"> 17861 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17862 <criteria operator="OR"> 17863 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 17864 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 17865 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 17866 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 17867 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 17868 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 17869 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 17870 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 17871 </criteria> 17872 </criteria> 17873 </definition> 17874 <definition id="oval:org.opensuse.security:def:20103177" version="1" class="vulnerability"> 17875 <metadata> 17876 <title>CVE-2010-3177</title> 17877 <affected family="unix"> 17878 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17879 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17880 </affected> 17881 <reference ref_id="CVE-2010-3177" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3177" source="CVE"/> 17882 <description> 17883 Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server. 17884 </description> 17885 </metadata> 17886 <!-- ae6e95010633fc3aaeda46196d97e650 --> 17887 <criteria operator="AND"> 17888 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17889 <criteria operator="OR"> 17890 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 17891 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 17892 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 17893 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 17894 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 17895 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 17896 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 17897 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 17898 </criteria> 17899 </criteria> 17900 </definition> 17901 <definition id="oval:org.opensuse.security:def:20103178" version="1" class="vulnerability"> 17902 <metadata> 17903 <title>CVE-2010-3178</title> 17904 <affected family="unix"> 17905 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17906 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17907 </affected> 17908 <reference ref_id="CVE-2010-3178" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3178" source="CVE"/> 17909 <description> 17910 Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document. 17911 </description> 17912 </metadata> 17913 <!-- ae6e95010633fc3aaeda46196d97e650 --> 17914 <criteria operator="AND"> 17915 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17916 <criteria operator="OR"> 17917 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 17918 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 17919 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 17920 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 17921 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 17922 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 17923 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 17924 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 17925 </criteria> 17926 </criteria> 17927 </definition> 17928 <definition id="oval:org.opensuse.security:def:20103179" version="1" class="vulnerability"> 17929 <metadata> 17930 <title>CVE-2010-3179</title> 17931 <affected family="unix"> 17932 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17933 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17934 </affected> 17935 <reference ref_id="CVE-2010-3179" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3179" source="CVE"/> 17936 <description> 17937 Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method. 17938 </description> 17939 </metadata> 17940 <!-- ae6e95010633fc3aaeda46196d97e650 --> 17941 <criteria operator="AND"> 17942 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17943 <criteria operator="OR"> 17944 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 17945 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 17946 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 17947 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 17948 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 17949 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 17950 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 17951 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 17952 </criteria> 17953 </criteria> 17954 </definition> 17955 <definition id="oval:org.opensuse.security:def:20103180" version="1" class="vulnerability"> 17956 <metadata> 17957 <title>CVE-2010-3180</title> 17958 <affected family="unix"> 17959 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17960 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17961 </affected> 17962 <reference ref_id="CVE-2010-3180" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3180" source="CVE"/> 17963 <description> 17964 Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window. 17965 </description> 17966 </metadata> 17967 <!-- ae6e95010633fc3aaeda46196d97e650 --> 17968 <criteria operator="AND"> 17969 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17970 <criteria operator="OR"> 17971 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 17972 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 17973 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 17974 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 17975 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 17976 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 17977 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 17978 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 17979 </criteria> 17980 </criteria> 17981 </definition> 17982 <definition id="oval:org.opensuse.security:def:20103182" version="1" class="vulnerability"> 17983 <metadata> 17984 <title>CVE-2010-3182</title> 17985 <affected family="unix"> 17986 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 17987 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 17988 </affected> 17989 <reference ref_id="CVE-2010-3182" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3182" source="CVE"/> 17990 <description> 17991 A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. 17992 </description> 17993 </metadata> 17994 <!-- ae6e95010633fc3aaeda46196d97e650 --> 17995 <criteria operator="AND"> 17996 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 17997 <criteria operator="OR"> 17998 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 17999 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 18000 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 18001 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 18002 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 18003 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 18004 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 18005 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 18006 </criteria> 18007 </criteria> 18008 </definition> 18009 <definition id="oval:org.opensuse.security:def:20103183" version="1" class="vulnerability"> 18010 <metadata> 18011 <title>CVE-2010-3183</title> 18012 <affected family="unix"> 18013 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18014 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18015 </affected> 18016 <reference ref_id="CVE-2010-3183" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3183" source="CVE"/> 18017 <description> 18018 The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via vectors involving a "dangling pointer" and the JS_ValueToId function. 18019 </description> 18020 </metadata> 18021 <!-- ae6e95010633fc3aaeda46196d97e650 --> 18022 <criteria operator="AND"> 18023 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18024 <criteria operator="OR"> 18025 <criterion test_ref="oval:org.opensuse.security:tst:2009064188" comment="MozillaFirefox-translations less than 3.5.15-0.7.1"/> 18026 <criterion test_ref="oval:org.opensuse.security:tst:2009064189" comment="MozillaFirefox less than 3.5.15-0.7.1"/> 18027 <criterion test_ref="oval:org.opensuse.security:tst:2009064190" comment="mozilla-xulrunner191-32bit less than 1.9.1.15-0.5.1"/> 18028 <criterion test_ref="oval:org.opensuse.security:tst:2009064191" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.15-0.5.1"/> 18029 <criterion test_ref="oval:org.opensuse.security:tst:2009064192" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.15-0.5.1"/> 18030 <criterion test_ref="oval:org.opensuse.security:tst:2009064193" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.15-0.5.1"/> 18031 <criterion test_ref="oval:org.opensuse.security:tst:2009064194" comment="mozilla-xulrunner191-translations less than 1.9.1.15-0.5.1"/> 18032 <criterion test_ref="oval:org.opensuse.security:tst:2009064195" comment="mozilla-xulrunner191 less than 1.9.1.15-0.5.1"/> 18033 </criteria> 18034 </criteria> 18035 </definition> 18036 <definition id="oval:org.opensuse.security:def:20103297" version="1" class="vulnerability"> 18037 <metadata> 18038 <title>CVE-2010-3297</title> 18039 <affected family="unix"> 18040 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18041 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18042 </affected> 18043 <reference ref_id="CVE-2010-3297" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3297" source="CVE"/> 18044 <description> 18045 The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL_GETMASTRCFG ioctl call. 18046 </description> 18047 </metadata> 18048 <criteria operator="OR"> 18049 <!-- b1e006fd7d91b808f69f71171dedecd5 --> 18050 <criteria operator="AND"> 18051 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18052 <criteria operator="OR"> 18053 <criterion test_ref="oval:org.opensuse.security:tst:2009063020" comment="kernel-default less than 2.6.16.60-0.69.1"/> 18054 <criterion test_ref="oval:org.opensuse.security:tst:2009063035" comment="kernel-smp less than 2.6.16.60-0.69.1"/> 18055 <criterion test_ref="oval:org.opensuse.security:tst:2009063024" comment="kernel-source less than 2.6.16.60-0.69.1"/> 18056 <criterion test_ref="oval:org.opensuse.security:tst:2009063025" comment="kernel-syms less than 2.6.16.60-0.69.1"/> 18057 <criterion test_ref="oval:org.opensuse.security:tst:2009063036" comment="kernel-xen less than 2.6.16.60-0.69.1"/> 18058 </criteria> 18059 </criteria> 18060 <!-- d66f802cf2fe007b89049126e4774cb3 --> 18061 <criteria operator="AND"> 18062 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18063 <criteria operator="OR"> 18064 <criterion test_ref="oval:org.opensuse.security:tst:2009063037" comment="kernel-bigsmp less than 2.6.16.60-0.69.1"/> 18065 <criterion test_ref="oval:org.opensuse.security:tst:2009063020" comment="kernel-default less than 2.6.16.60-0.69.1"/> 18066 <criterion test_ref="oval:org.opensuse.security:tst:2009063035" comment="kernel-smp less than 2.6.16.60-0.69.1"/> 18067 <criterion test_ref="oval:org.opensuse.security:tst:2009063024" comment="kernel-source less than 2.6.16.60-0.69.1"/> 18068 <criterion test_ref="oval:org.opensuse.security:tst:2009063025" comment="kernel-syms less than 2.6.16.60-0.69.1"/> 18069 <criterion test_ref="oval:org.opensuse.security:tst:2009063036" comment="kernel-xen less than 2.6.16.60-0.69.1"/> 18070 <criterion test_ref="oval:org.opensuse.security:tst:2009063038" comment="kernel-xenpae less than 2.6.16.60-0.69.1"/> 18071 </criteria> 18072 </criteria> 18073 </criteria> 18074 </definition> 18075 <definition id="oval:org.opensuse.security:def:20103310" version="1" class="vulnerability"> 18076 <metadata> 18077 <title>CVE-2010-3310</title> 18078 <affected family="unix"> 18079 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18080 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18081 </affected> 18082 <reference ref_id="CVE-2010-3310" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3310" source="CVE"/> 18083 <description> 18084 Multiple integer signedness errors in net/rose/af_rose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a rose_getname function call, related to the rose_bind and rose_connect functions. 18085 </description> 18086 </metadata> 18087 <criteria operator="OR"> 18088 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 18089 <criteria operator="AND"> 18090 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18091 <criteria operator="OR"> 18092 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 18093 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 18094 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 18095 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 18096 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 18097 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 18098 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 18099 </criteria> 18100 </criteria> 18101 <!-- 674eb707cae3a31be66788e116641a9a --> 18102 <criteria operator="AND"> 18103 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18104 <criteria operator="OR"> 18105 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 18106 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 18107 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 18108 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 18109 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 18110 </criteria> 18111 </criteria> 18112 </criteria> 18113 </definition> 18114 <definition id="oval:org.opensuse.security:def:20103311" version="1" class="vulnerability"> 18115 <metadata> 18116 <title>CVE-2010-3311</title> 18117 <affected family="unix"> 18118 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18119 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18120 </affected> 18121 <reference ref_id="CVE-2010-3311" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3311" source="CVE"/> 18122 <description> 18123 Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file that triggers a heap-based buffer overflow, related to an "input stream position error" issue, a different vulnerability than CVE-2010-1797. 18124 </description> 18125 </metadata> 18126 <!-- c5e42e1428c24098b25949e9b361ea93 --> 18127 <criteria operator="AND"> 18128 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18129 <criteria operator="OR"> 18130 <criterion test_ref="oval:org.opensuse.security:tst:2009063379" comment="freetype2-32bit less than 2.1.10-18.23.1"/> 18131 <criterion test_ref="oval:org.opensuse.security:tst:2009063380" comment="freetype2-devel-32bit less than 2.1.10-18.23.1"/> 18132 <criterion test_ref="oval:org.opensuse.security:tst:2009063381" comment="freetype2-devel less than 2.1.10-18.23.1"/> 18133 <criterion test_ref="oval:org.opensuse.security:tst:2009063382" comment="freetype2 less than 2.1.10-18.23.1"/> 18134 </criteria> 18135 </criteria> 18136 </definition> 18137 <definition id="oval:org.opensuse.security:def:20103316" version="1" class="vulnerability"> 18138 <metadata> 18139 <title>CVE-2010-3316</title> 18140 <affected family="unix"> 18141 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 18142 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 18143 </affected> 18144 <reference ref_id="CVE-2010-3316" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3316" source="CVE"/> 18145 <description> 18146 The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pam_xauth PAM check. 18147 </description> 18148 </metadata> 18149 <!-- ba74f77a051fc5825c4e8658b8fadde6 --> 18150 <criteria operator="AND"> 18151 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 18152 <criteria operator="OR"> 18153 <criterion test_ref="oval:org.opensuse.security:tst:2009071652" comment="pam-32bit less than 0.99.6.3-28.25.4"/> 18154 <criterion test_ref="oval:org.opensuse.security:tst:2009071653" comment="pam-devel less than 0.99.6.3-28.25.4"/> 18155 <criterion test_ref="oval:org.opensuse.security:tst:2009071654" comment="pam less than 0.99.6.3-28.25.4"/> 18156 </criteria> 18157 </criteria> 18158 </definition> 18159 <definition id="oval:org.opensuse.security:def:20103332" version="1" class="vulnerability"> 18160 <metadata> 18161 <title>CVE-2010-3332</title> 18162 <affected family="unix"> 18163 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 18164 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 18165 </affected> 18166 <reference ref_id="CVE-2010-3332" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3332" source="CVE"/> 18167 <description> 18168 Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption attempts, which allows remote attackers to decrypt and modify encrypted View State (aka __VIEWSTATE) form data, and possibly forge cookies or read application files, via a padding oracle attack, aka "ASP.NET Padding Oracle Vulnerability." 18169 </description> 18170 </metadata> 18171 <!-- acf3e342c719d9e5ee642a15f5422903 --> 18172 <criteria operator="AND"> 18173 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 18174 <criteria operator="OR"> 18175 <criterion test_ref="oval:org.opensuse.security:tst:2009073283" comment="bytefx-data-mysql less than 1.2.2-12.32.1"/> 18176 <criterion test_ref="oval:org.opensuse.security:tst:2009073284" comment="ibm-data-db2 less than 1.2.2-12.32.1"/> 18177 <criterion test_ref="oval:org.opensuse.security:tst:2009073285" comment="mono-core-32bit less than 1.2.2-12.32.1"/> 18178 <criterion test_ref="oval:org.opensuse.security:tst:2009073286" comment="mono-core less than 1.2.2-12.32.1"/> 18179 <criterion test_ref="oval:org.opensuse.security:tst:2009073287" comment="mono-data-firebird less than 1.2.2-12.32.1"/> 18180 <criterion test_ref="oval:org.opensuse.security:tst:2009073288" comment="mono-data-oracle less than 1.2.2-12.32.1"/> 18181 <criterion test_ref="oval:org.opensuse.security:tst:2009073289" comment="mono-data-postgresql less than 1.2.2-12.32.1"/> 18182 <criterion test_ref="oval:org.opensuse.security:tst:2009073290" comment="mono-data-sqlite less than 1.2.2-12.32.1"/> 18183 <criterion test_ref="oval:org.opensuse.security:tst:2009073291" comment="mono-data-sybase less than 1.2.2-12.32.1"/> 18184 <criterion test_ref="oval:org.opensuse.security:tst:2009073292" comment="mono-data less than 1.2.2-12.32.1"/> 18185 <criterion test_ref="oval:org.opensuse.security:tst:2009073293" comment="mono-devel less than 1.2.2-12.32.1"/> 18186 <criterion test_ref="oval:org.opensuse.security:tst:2009073294" comment="mono-extras less than 1.2.2-12.32.1"/> 18187 <criterion test_ref="oval:org.opensuse.security:tst:2009073295" comment="mono-locale-extras less than 1.2.2-12.32.1"/> 18188 <criterion test_ref="oval:org.opensuse.security:tst:2009073296" comment="mono-nunit less than 1.2.2-12.32.1"/> 18189 <criterion test_ref="oval:org.opensuse.security:tst:2009073297" comment="mono-web less than 1.2.2-12.32.1"/> 18190 <criterion test_ref="oval:org.opensuse.security:tst:2009073298" comment="mono-winforms less than 1.2.2-12.32.1"/> 18191 </criteria> 18192 </criteria> 18193 </definition> 18194 <definition id="oval:org.opensuse.security:def:20103433" version="1" class="vulnerability"> 18195 <metadata> 18196 <title>CVE-2010-3433</title> 18197 <affected family="unix"> 18198 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18199 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18200 </affected> 18201 <reference ref_id="CVE-2010-3433" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433" source="CVE"/> 18202 <description> 18203 The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, as demonstrated by (1) redefining standard functions or (2) redefining operators, a different vulnerability than CVE-2010-1168, CVE-2010-1169, CVE-2010-1170, and CVE-2010-1447. 18204 </description> 18205 </metadata> 18206 <!-- 86b2fde0e104de1a0641c015efc6c9cc --> 18207 <criteria operator="AND"> 18208 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18209 <criteria operator="OR"> 18210 <criterion test_ref="oval:org.opensuse.security:tst:2009063804" comment="postgresql-devel less than 8.1.22-0.4.1"/> 18211 <criterion test_ref="oval:org.opensuse.security:tst:2009063805" comment="postgresql-libs-32bit less than 8.1.22-0.4.1"/> 18212 <criterion test_ref="oval:org.opensuse.security:tst:2009063806" comment="postgresql-libs less than 8.1.22-0.4.1"/> 18213 </criteria> 18214 </criteria> 18215 </definition> 18216 <definition id="oval:org.opensuse.security:def:20103434" version="1" class="vulnerability"> 18217 <metadata> 18218 <title>CVE-2010-3434</title> 18219 <affected family="unix"> 18220 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18221 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18222 </affected> 18223 <reference ref_id="CVE-2010-3434" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3434" source="CVE"/> 18224 <description> 18225 Buffer overflow in the find_stream_bounds function in pdf.c in libclamav in ClamAV before 0.96.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. NOTE: some of these details are obtained from third party information. 18226 </description> 18227 </metadata> 18228 <!-- 9602fa7ae6caf7a89457073f091acfb9 --> 18229 <criteria operator="AND"> 18230 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18231 <criterion test_ref="oval:org.opensuse.security:tst:2009064568" comment="clamav less than 0.96.4-0.4.1"/> 18232 </criteria> 18233 </definition> 18234 <definition id="oval:org.opensuse.security:def:20103437" version="1" class="vulnerability"> 18235 <metadata> 18236 <title>CVE-2010-3437</title> 18237 <affected family="unix"> 18238 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18239 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18240 </affected> 18241 <reference ref_id="CVE-2010-3437" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3437" source="CVE"/> 18242 <description> 18243 Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call. 18244 </description> 18245 </metadata> 18246 <criteria operator="OR"> 18247 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 18248 <criteria operator="AND"> 18249 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18250 <criteria operator="OR"> 18251 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 18252 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 18253 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 18254 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 18255 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 18256 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 18257 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 18258 </criteria> 18259 </criteria> 18260 <!-- 674eb707cae3a31be66788e116641a9a --> 18261 <criteria operator="AND"> 18262 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18263 <criteria operator="OR"> 18264 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 18265 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 18266 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 18267 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 18268 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 18269 </criteria> 18270 </criteria> 18271 </criteria> 18272 </definition> 18273 <definition id="oval:org.opensuse.security:def:20103442" version="1" class="vulnerability"> 18274 <metadata> 18275 <title>CVE-2010-3442</title> 18276 <affected family="unix"> 18277 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18278 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18279 </affected> 18280 <reference ref_id="CVE-2010-3442" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3442" source="CVE"/> 18281 <description> 18282 Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call. 18283 </description> 18284 </metadata> 18285 <criteria operator="OR"> 18286 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 18287 <criteria operator="AND"> 18288 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18289 <criteria operator="OR"> 18290 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 18291 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 18292 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 18293 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 18294 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 18295 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 18296 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 18297 </criteria> 18298 </criteria> 18299 <!-- 674eb707cae3a31be66788e116641a9a --> 18300 <criteria operator="AND"> 18301 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18302 <criteria operator="OR"> 18303 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 18304 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 18305 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 18306 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 18307 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 18308 </criteria> 18309 </criteria> 18310 </criteria> 18311 </definition> 18312 <definition id="oval:org.opensuse.security:def:20103445" version="1" class="vulnerability"> 18313 <metadata> 18314 <title>CVE-2010-3445</title> 18315 <affected family="unix"> 18316 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18317 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18318 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 18319 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 18320 </affected> 18321 <reference ref_id="CVE-2010-3445" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3445" source="CVE"/> 18322 <description> 18323 Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP. 18324 </description> 18325 </metadata> 18326 <criteria operator="OR"> 18327 <!-- 6f945ca7e512591223a153602859503d --> 18328 <criteria operator="AND"> 18329 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18330 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 18331 </criteria> 18332 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 18333 <criteria operator="AND"> 18334 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 18335 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 18336 </criteria> 18337 </criteria> 18338 </definition> 18339 <definition id="oval:org.opensuse.security:def:20103450" version="1" class="vulnerability"> 18340 <metadata> 18341 <title>CVE-2010-3450</title> 18342 <affected family="unix"> 18343 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18344 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18345 </affected> 18346 <reference ref_id="CVE-2010-3450" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3450" source="CVE"/> 18347 <description> 18348 Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP files. 18349 </description> 18350 </metadata> 18351 <!-- 620ba2655e733f37c547ce340f0bdce6 --> 18352 <criteria operator="AND"> 18353 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18354 <criteria operator="OR"> 18355 <criterion test_ref="oval:org.opensuse.security:tst:2009070746" comment="boost-32bit less than 1.33.1-17.13.2.1"/> 18356 <criterion test_ref="oval:org.opensuse.security:tst:2009070747" comment="boost less than 1.33.1-17.13.2.1"/> 18357 <criterion test_ref="oval:org.opensuse.security:tst:2009070748" comment="libreoffice-af less than 3.3.1.2-1.6.2.2"/> 18358 <criterion test_ref="oval:org.opensuse.security:tst:2009070749" comment="libreoffice-ar less than 3.3.1.2-1.6.2.2"/> 18359 <criterion test_ref="oval:org.opensuse.security:tst:2009070750" comment="libreoffice-ca less than 3.3.1.2-1.6.2.2"/> 18360 <criterion test_ref="oval:org.opensuse.security:tst:2009070751" comment="libreoffice-cs less than 3.3.1.2-1.6.2.2"/> 18361 <criterion test_ref="oval:org.opensuse.security:tst:2009070752" comment="libreoffice-da less than 3.3.1.2-1.6.2.2"/> 18362 <criterion test_ref="oval:org.opensuse.security:tst:2009070753" comment="libreoffice-de-templates less than 8.2.1-0.5.1"/> 18363 <criterion test_ref="oval:org.opensuse.security:tst:2009070754" comment="libreoffice-de less than 3.3.1.2-1.6.2.2"/> 18364 <criterion test_ref="oval:org.opensuse.security:tst:2009070755" comment="libreoffice-el less than 3.3.1.2-1.6.2.2"/> 18365 <criterion test_ref="oval:org.opensuse.security:tst:2009070756" comment="libreoffice-en-GB less than 3.3.1.2-1.6.2.2"/> 18366 <criterion test_ref="oval:org.opensuse.security:tst:2009070757" comment="libreoffice-es less than 3.3.1.2-1.6.2.2"/> 18367 <criterion test_ref="oval:org.opensuse.security:tst:2009070758" comment="libreoffice-fi less than 3.3.1.2-1.6.2.2"/> 18368 <criterion test_ref="oval:org.opensuse.security:tst:2009070759" comment="libreoffice-fr less than 3.3.1.2-1.6.2.2"/> 18369 <criterion test_ref="oval:org.opensuse.security:tst:2009070760" comment="libreoffice-galleries less than 3.3.1.2-1.6.2.2"/> 18370 <criterion test_ref="oval:org.opensuse.security:tst:2009070761" comment="libreoffice-gnome less than 3.3.1.2-1.6.2.2"/> 18371 <criterion test_ref="oval:org.opensuse.security:tst:2009070762" comment="libreoffice-gu-IN less than 3.3.1.2-1.6.2.2"/> 18372 <criterion test_ref="oval:org.opensuse.security:tst:2009070763" comment="libreoffice-hi-IN less than 3.3.1.2-1.6.2.2"/> 18373 <criterion test_ref="oval:org.opensuse.security:tst:2009070764" comment="libreoffice-hu less than 3.3.1.2-1.6.2.2"/> 18374 <criterion test_ref="oval:org.opensuse.security:tst:2009070765" comment="libreoffice-it less than 3.3.1.2-1.6.2.2"/> 18375 <criterion test_ref="oval:org.opensuse.security:tst:2009070766" comment="libreoffice-ja less than 3.3.1.2-1.6.2.2"/> 18376 <criterion test_ref="oval:org.opensuse.security:tst:2009070767" comment="libreoffice-kde less than 3.3.1.2-1.6.2.2"/> 18377 <criterion test_ref="oval:org.opensuse.security:tst:2009070768" comment="libreoffice-ko less than 3.3.1.2-1.6.2.2"/> 18378 <criterion test_ref="oval:org.opensuse.security:tst:2009070769" comment="libreoffice-mono less than 3.3.1.2-1.6.2.2"/> 18379 <criterion test_ref="oval:org.opensuse.security:tst:2009070770" comment="libreoffice-nb less than 3.3.1.2-1.6.2.2"/> 18380 <criterion test_ref="oval:org.opensuse.security:tst:2009070771" comment="libreoffice-nl less than 3.3.1.2-1.6.2.2"/> 18381 <criterion test_ref="oval:org.opensuse.security:tst:2009070772" comment="libreoffice-nn less than 3.3.1.2-1.6.2.2"/> 18382 <criterion test_ref="oval:org.opensuse.security:tst:2009070773" comment="libreoffice-pl less than 3.3.1.2-1.6.2.2"/> 18383 <criterion test_ref="oval:org.opensuse.security:tst:2009070774" comment="libreoffice-pt-BR less than 3.3.1.2-1.6.2.2"/> 18384 <criterion test_ref="oval:org.opensuse.security:tst:2009070775" comment="libreoffice-ru less than 3.3.1.2-1.6.2.2"/> 18385 <criterion test_ref="oval:org.opensuse.security:tst:2009070776" comment="libreoffice-sk less than 3.3.1.2-1.6.2.2"/> 18386 <criterion test_ref="oval:org.opensuse.security:tst:2009070777" comment="libreoffice-sv less than 3.3.1.2-1.6.2.2"/> 18387 <criterion test_ref="oval:org.opensuse.security:tst:2009070778" comment="libreoffice-xh less than 3.3.1.2-1.6.2.2"/> 18388 <criterion test_ref="oval:org.opensuse.security:tst:2009070779" comment="libreoffice-zh-CN less than 3.3.1.2-1.6.2.2"/> 18389 <criterion test_ref="oval:org.opensuse.security:tst:2009070780" comment="libreoffice-zh-TW less than 3.3.1.2-1.6.2.2"/> 18390 <criterion test_ref="oval:org.opensuse.security:tst:2009070781" comment="libreoffice-zu less than 3.3.1.2-1.6.2.2"/> 18391 <criterion test_ref="oval:org.opensuse.security:tst:2009070782" comment="libreoffice less than 3.3.1.2-1.6.2.2"/> 18392 <criterion test_ref="oval:org.opensuse.security:tst:2009070783" comment="myspell-african less than 20040727-33.3.1"/> 18393 <criterion test_ref="oval:org.opensuse.security:tst:2009070784" comment="myspell-american less than 20040623-33.3.1"/> 18394 <criterion test_ref="oval:org.opensuse.security:tst:2009070785" comment="myspell-brazilian less than 20020806-33.3.1"/> 18395 <criterion test_ref="oval:org.opensuse.security:tst:2009070786" comment="myspell-british less than 20050526-27.3.1"/> 18396 <criterion test_ref="oval:org.opensuse.security:tst:2009070787" comment="myspell-catalan less than 0.1-248.3.1"/> 18397 <criterion test_ref="oval:org.opensuse.security:tst:2009070788" comment="myspell-czech less than 20030907-59.3.1"/> 18398 <criterion test_ref="oval:org.opensuse.security:tst:2009070789" comment="myspell-danish less than 20050421-27.3.1"/> 18399 <criterion test_ref="oval:org.opensuse.security:tst:2009070790" comment="myspell-dutch less than 20050719-22.14.3.1"/> 18400 <criterion test_ref="oval:org.opensuse.security:tst:2009070791" comment="myspell-french less than 1.0.1.1-26.14.3.1"/> 18401 <criterion test_ref="oval:org.opensuse.security:tst:2009070792" comment="myspell-german less than 20051213-19.14.3.1"/> 18402 <criterion test_ref="oval:org.opensuse.security:tst:2009070793" comment="myspell-greek less than 20041220-26.14.3.1"/> 18403 <criterion test_ref="oval:org.opensuse.security:tst:2009070794" comment="myspell-gujarati less than 20060929-20.12.3.1"/> 18404 <criterion test_ref="oval:org.opensuse.security:tst:2009070795" comment="myspell-hindi less than 0.1-20.12.3.1"/> 18405 <criterion test_ref="oval:org.opensuse.security:tst:2009070796" comment="myspell-italian less than 20050711-22.14.3.1"/> 18406 <criterion test_ref="oval:org.opensuse.security:tst:2009070797" comment="myspell-lithuanian less than 20031231-26.14.3.1"/> 18407 <criterion test_ref="oval:org.opensuse.security:tst:2009070798" comment="myspell-marathi less than 0.1-20.12.3.1"/> 18408 <criterion test_ref="oval:org.opensuse.security:tst:2009070799" comment="myspell-norsk-bokmaal less than 20050308-22.14.3.1"/> 18409 <criterion test_ref="oval:org.opensuse.security:tst:2009070800" comment="myspell-norsk-nynorsk less than 20041208-26.14.3.1"/> 18410 <criterion test_ref="oval:org.opensuse.security:tst:2009070801" comment="myspell-polish less than 20051016-20.14.3.1"/> 18411 <criterion test_ref="oval:org.opensuse.security:tst:2009070802" comment="myspell-portuguese less than 20020629-243.14.3.1"/> 18412 <criterion test_ref="oval:org.opensuse.security:tst:2009070803" comment="myspell-russian less than 20040406-28.14.3.1"/> 18413 <criterion test_ref="oval:org.opensuse.security:tst:2009070804" comment="myspell-slovak less than 20050901-20.14.3.1"/> 18414 <criterion test_ref="oval:org.opensuse.security:tst:2009070805" comment="myspell-slovene less than 20030907-54.14.3.1"/> 18415 <criterion test_ref="oval:org.opensuse.security:tst:2009070806" comment="myspell-spanish less than 20051029-20.14.3.1"/> 18416 <criterion test_ref="oval:org.opensuse.security:tst:2009070807" comment="myspell-swedish less than 20061207-1.12.3.1"/> 18417 <criterion test_ref="oval:org.opensuse.security:tst:2009070808" comment="myspell-xhosa less than 20060123-20.12.3.1"/> 18418 <criterion test_ref="oval:org.opensuse.security:tst:2009070809" comment="myspell-zulu less than 0.2-26.14.3.1"/> 18419 </criteria> 18420 </criteria> 18421 </definition> 18422 <definition id="oval:org.opensuse.security:def:20103451" version="1" class="vulnerability"> 18423 <metadata> 18424 <title>CVE-2010-3451</title> 18425 <affected family="unix"> 18426 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18427 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18428 </affected> 18429 <reference ref_id="CVE-2010-3451" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3451" source="CVE"/> 18430 <description> 18431 Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed tables in an RTF document. 18432 </description> 18433 </metadata> 18434 <!-- 620ba2655e733f37c547ce340f0bdce6 --> 18435 <criteria operator="AND"> 18436 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18437 <criteria operator="OR"> 18438 <criterion test_ref="oval:org.opensuse.security:tst:2009070746" comment="boost-32bit less than 1.33.1-17.13.2.1"/> 18439 <criterion test_ref="oval:org.opensuse.security:tst:2009070747" comment="boost less than 1.33.1-17.13.2.1"/> 18440 <criterion test_ref="oval:org.opensuse.security:tst:2009070748" comment="libreoffice-af less than 3.3.1.2-1.6.2.2"/> 18441 <criterion test_ref="oval:org.opensuse.security:tst:2009070749" comment="libreoffice-ar less than 3.3.1.2-1.6.2.2"/> 18442 <criterion test_ref="oval:org.opensuse.security:tst:2009070750" comment="libreoffice-ca less than 3.3.1.2-1.6.2.2"/> 18443 <criterion test_ref="oval:org.opensuse.security:tst:2009070751" comment="libreoffice-cs less than 3.3.1.2-1.6.2.2"/> 18444 <criterion test_ref="oval:org.opensuse.security:tst:2009070752" comment="libreoffice-da less than 3.3.1.2-1.6.2.2"/> 18445 <criterion test_ref="oval:org.opensuse.security:tst:2009070753" comment="libreoffice-de-templates less than 8.2.1-0.5.1"/> 18446 <criterion test_ref="oval:org.opensuse.security:tst:2009070754" comment="libreoffice-de less than 3.3.1.2-1.6.2.2"/> 18447 <criterion test_ref="oval:org.opensuse.security:tst:2009070755" comment="libreoffice-el less than 3.3.1.2-1.6.2.2"/> 18448 <criterion test_ref="oval:org.opensuse.security:tst:2009070756" comment="libreoffice-en-GB less than 3.3.1.2-1.6.2.2"/> 18449 <criterion test_ref="oval:org.opensuse.security:tst:2009070757" comment="libreoffice-es less than 3.3.1.2-1.6.2.2"/> 18450 <criterion test_ref="oval:org.opensuse.security:tst:2009070758" comment="libreoffice-fi less than 3.3.1.2-1.6.2.2"/> 18451 <criterion test_ref="oval:org.opensuse.security:tst:2009070759" comment="libreoffice-fr less than 3.3.1.2-1.6.2.2"/> 18452 <criterion test_ref="oval:org.opensuse.security:tst:2009070760" comment="libreoffice-galleries less than 3.3.1.2-1.6.2.2"/> 18453 <criterion test_ref="oval:org.opensuse.security:tst:2009070761" comment="libreoffice-gnome less than 3.3.1.2-1.6.2.2"/> 18454 <criterion test_ref="oval:org.opensuse.security:tst:2009070762" comment="libreoffice-gu-IN less than 3.3.1.2-1.6.2.2"/> 18455 <criterion test_ref="oval:org.opensuse.security:tst:2009070763" comment="libreoffice-hi-IN less than 3.3.1.2-1.6.2.2"/> 18456 <criterion test_ref="oval:org.opensuse.security:tst:2009070764" comment="libreoffice-hu less than 3.3.1.2-1.6.2.2"/> 18457 <criterion test_ref="oval:org.opensuse.security:tst:2009070765" comment="libreoffice-it less than 3.3.1.2-1.6.2.2"/> 18458 <criterion test_ref="oval:org.opensuse.security:tst:2009070766" comment="libreoffice-ja less than 3.3.1.2-1.6.2.2"/> 18459 <criterion test_ref="oval:org.opensuse.security:tst:2009070767" comment="libreoffice-kde less than 3.3.1.2-1.6.2.2"/> 18460 <criterion test_ref="oval:org.opensuse.security:tst:2009070768" comment="libreoffice-ko less than 3.3.1.2-1.6.2.2"/> 18461 <criterion test_ref="oval:org.opensuse.security:tst:2009070769" comment="libreoffice-mono less than 3.3.1.2-1.6.2.2"/> 18462 <criterion test_ref="oval:org.opensuse.security:tst:2009070770" comment="libreoffice-nb less than 3.3.1.2-1.6.2.2"/> 18463 <criterion test_ref="oval:org.opensuse.security:tst:2009070771" comment="libreoffice-nl less than 3.3.1.2-1.6.2.2"/> 18464 <criterion test_ref="oval:org.opensuse.security:tst:2009070772" comment="libreoffice-nn less than 3.3.1.2-1.6.2.2"/> 18465 <criterion test_ref="oval:org.opensuse.security:tst:2009070773" comment="libreoffice-pl less than 3.3.1.2-1.6.2.2"/> 18466 <criterion test_ref="oval:org.opensuse.security:tst:2009070774" comment="libreoffice-pt-BR less than 3.3.1.2-1.6.2.2"/> 18467 <criterion test_ref="oval:org.opensuse.security:tst:2009070775" comment="libreoffice-ru less than 3.3.1.2-1.6.2.2"/> 18468 <criterion test_ref="oval:org.opensuse.security:tst:2009070776" comment="libreoffice-sk less than 3.3.1.2-1.6.2.2"/> 18469 <criterion test_ref="oval:org.opensuse.security:tst:2009070777" comment="libreoffice-sv less than 3.3.1.2-1.6.2.2"/> 18470 <criterion test_ref="oval:org.opensuse.security:tst:2009070778" comment="libreoffice-xh less than 3.3.1.2-1.6.2.2"/> 18471 <criterion test_ref="oval:org.opensuse.security:tst:2009070779" comment="libreoffice-zh-CN less than 3.3.1.2-1.6.2.2"/> 18472 <criterion test_ref="oval:org.opensuse.security:tst:2009070780" comment="libreoffice-zh-TW less than 3.3.1.2-1.6.2.2"/> 18473 <criterion test_ref="oval:org.opensuse.security:tst:2009070781" comment="libreoffice-zu less than 3.3.1.2-1.6.2.2"/> 18474 <criterion test_ref="oval:org.opensuse.security:tst:2009070782" comment="libreoffice less than 3.3.1.2-1.6.2.2"/> 18475 <criterion test_ref="oval:org.opensuse.security:tst:2009070783" comment="myspell-african less than 20040727-33.3.1"/> 18476 <criterion test_ref="oval:org.opensuse.security:tst:2009070784" comment="myspell-american less than 20040623-33.3.1"/> 18477 <criterion test_ref="oval:org.opensuse.security:tst:2009070785" comment="myspell-brazilian less than 20020806-33.3.1"/> 18478 <criterion test_ref="oval:org.opensuse.security:tst:2009070786" comment="myspell-british less than 20050526-27.3.1"/> 18479 <criterion test_ref="oval:org.opensuse.security:tst:2009070787" comment="myspell-catalan less than 0.1-248.3.1"/> 18480 <criterion test_ref="oval:org.opensuse.security:tst:2009070788" comment="myspell-czech less than 20030907-59.3.1"/> 18481 <criterion test_ref="oval:org.opensuse.security:tst:2009070789" comment="myspell-danish less than 20050421-27.3.1"/> 18482 <criterion test_ref="oval:org.opensuse.security:tst:2009070790" comment="myspell-dutch less than 20050719-22.14.3.1"/> 18483 <criterion test_ref="oval:org.opensuse.security:tst:2009070791" comment="myspell-french less than 1.0.1.1-26.14.3.1"/> 18484 <criterion test_ref="oval:org.opensuse.security:tst:2009070792" comment="myspell-german less than 20051213-19.14.3.1"/> 18485 <criterion test_ref="oval:org.opensuse.security:tst:2009070793" comment="myspell-greek less than 20041220-26.14.3.1"/> 18486 <criterion test_ref="oval:org.opensuse.security:tst:2009070794" comment="myspell-gujarati less than 20060929-20.12.3.1"/> 18487 <criterion test_ref="oval:org.opensuse.security:tst:2009070795" comment="myspell-hindi less than 0.1-20.12.3.1"/> 18488 <criterion test_ref="oval:org.opensuse.security:tst:2009070796" comment="myspell-italian less than 20050711-22.14.3.1"/> 18489 <criterion test_ref="oval:org.opensuse.security:tst:2009070797" comment="myspell-lithuanian less than 20031231-26.14.3.1"/> 18490 <criterion test_ref="oval:org.opensuse.security:tst:2009070798" comment="myspell-marathi less than 0.1-20.12.3.1"/> 18491 <criterion test_ref="oval:org.opensuse.security:tst:2009070799" comment="myspell-norsk-bokmaal less than 20050308-22.14.3.1"/> 18492 <criterion test_ref="oval:org.opensuse.security:tst:2009070800" comment="myspell-norsk-nynorsk less than 20041208-26.14.3.1"/> 18493 <criterion test_ref="oval:org.opensuse.security:tst:2009070801" comment="myspell-polish less than 20051016-20.14.3.1"/> 18494 <criterion test_ref="oval:org.opensuse.security:tst:2009070802" comment="myspell-portuguese less than 20020629-243.14.3.1"/> 18495 <criterion test_ref="oval:org.opensuse.security:tst:2009070803" comment="myspell-russian less than 20040406-28.14.3.1"/> 18496 <criterion test_ref="oval:org.opensuse.security:tst:2009070804" comment="myspell-slovak less than 20050901-20.14.3.1"/> 18497 <criterion test_ref="oval:org.opensuse.security:tst:2009070805" comment="myspell-slovene less than 20030907-54.14.3.1"/> 18498 <criterion test_ref="oval:org.opensuse.security:tst:2009070806" comment="myspell-spanish less than 20051029-20.14.3.1"/> 18499 <criterion test_ref="oval:org.opensuse.security:tst:2009070807" comment="myspell-swedish less than 20061207-1.12.3.1"/> 18500 <criterion test_ref="oval:org.opensuse.security:tst:2009070808" comment="myspell-xhosa less than 20060123-20.12.3.1"/> 18501 <criterion test_ref="oval:org.opensuse.security:tst:2009070809" comment="myspell-zulu less than 0.2-26.14.3.1"/> 18502 </criteria> 18503 </criteria> 18504 </definition> 18505 <definition id="oval:org.opensuse.security:def:20103452" version="1" class="vulnerability"> 18506 <metadata> 18507 <title>CVE-2010-3452</title> 18508 <affected family="unix"> 18509 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18510 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18511 </affected> 18512 <reference ref_id="CVE-2010-3452" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3452" source="CVE"/> 18513 <description> 18514 Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted tags in an RTF document. 18515 </description> 18516 </metadata> 18517 <!-- 620ba2655e733f37c547ce340f0bdce6 --> 18518 <criteria operator="AND"> 18519 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18520 <criteria operator="OR"> 18521 <criterion test_ref="oval:org.opensuse.security:tst:2009070746" comment="boost-32bit less than 1.33.1-17.13.2.1"/> 18522 <criterion test_ref="oval:org.opensuse.security:tst:2009070747" comment="boost less than 1.33.1-17.13.2.1"/> 18523 <criterion test_ref="oval:org.opensuse.security:tst:2009070748" comment="libreoffice-af less than 3.3.1.2-1.6.2.2"/> 18524 <criterion test_ref="oval:org.opensuse.security:tst:2009070749" comment="libreoffice-ar less than 3.3.1.2-1.6.2.2"/> 18525 <criterion test_ref="oval:org.opensuse.security:tst:2009070750" comment="libreoffice-ca less than 3.3.1.2-1.6.2.2"/> 18526 <criterion test_ref="oval:org.opensuse.security:tst:2009070751" comment="libreoffice-cs less than 3.3.1.2-1.6.2.2"/> 18527 <criterion test_ref="oval:org.opensuse.security:tst:2009070752" comment="libreoffice-da less than 3.3.1.2-1.6.2.2"/> 18528 <criterion test_ref="oval:org.opensuse.security:tst:2009070753" comment="libreoffice-de-templates less than 8.2.1-0.5.1"/> 18529 <criterion test_ref="oval:org.opensuse.security:tst:2009070754" comment="libreoffice-de less than 3.3.1.2-1.6.2.2"/> 18530 <criterion test_ref="oval:org.opensuse.security:tst:2009070755" comment="libreoffice-el less than 3.3.1.2-1.6.2.2"/> 18531 <criterion test_ref="oval:org.opensuse.security:tst:2009070756" comment="libreoffice-en-GB less than 3.3.1.2-1.6.2.2"/> 18532 <criterion test_ref="oval:org.opensuse.security:tst:2009070757" comment="libreoffice-es less than 3.3.1.2-1.6.2.2"/> 18533 <criterion test_ref="oval:org.opensuse.security:tst:2009070758" comment="libreoffice-fi less than 3.3.1.2-1.6.2.2"/> 18534 <criterion test_ref="oval:org.opensuse.security:tst:2009070759" comment="libreoffice-fr less than 3.3.1.2-1.6.2.2"/> 18535 <criterion test_ref="oval:org.opensuse.security:tst:2009070760" comment="libreoffice-galleries less than 3.3.1.2-1.6.2.2"/> 18536 <criterion test_ref="oval:org.opensuse.security:tst:2009070761" comment="libreoffice-gnome less than 3.3.1.2-1.6.2.2"/> 18537 <criterion test_ref="oval:org.opensuse.security:tst:2009070762" comment="libreoffice-gu-IN less than 3.3.1.2-1.6.2.2"/> 18538 <criterion test_ref="oval:org.opensuse.security:tst:2009070763" comment="libreoffice-hi-IN less than 3.3.1.2-1.6.2.2"/> 18539 <criterion test_ref="oval:org.opensuse.security:tst:2009070764" comment="libreoffice-hu less than 3.3.1.2-1.6.2.2"/> 18540 <criterion test_ref="oval:org.opensuse.security:tst:2009070765" comment="libreoffice-it less than 3.3.1.2-1.6.2.2"/> 18541 <criterion test_ref="oval:org.opensuse.security:tst:2009070766" comment="libreoffice-ja less than 3.3.1.2-1.6.2.2"/> 18542 <criterion test_ref="oval:org.opensuse.security:tst:2009070767" comment="libreoffice-kde less than 3.3.1.2-1.6.2.2"/> 18543 <criterion test_ref="oval:org.opensuse.security:tst:2009070768" comment="libreoffice-ko less than 3.3.1.2-1.6.2.2"/> 18544 <criterion test_ref="oval:org.opensuse.security:tst:2009070769" comment="libreoffice-mono less than 3.3.1.2-1.6.2.2"/> 18545 <criterion test_ref="oval:org.opensuse.security:tst:2009070770" comment="libreoffice-nb less than 3.3.1.2-1.6.2.2"/> 18546 <criterion test_ref="oval:org.opensuse.security:tst:2009070771" comment="libreoffice-nl less than 3.3.1.2-1.6.2.2"/> 18547 <criterion test_ref="oval:org.opensuse.security:tst:2009070772" comment="libreoffice-nn less than 3.3.1.2-1.6.2.2"/> 18548 <criterion test_ref="oval:org.opensuse.security:tst:2009070773" comment="libreoffice-pl less than 3.3.1.2-1.6.2.2"/> 18549 <criterion test_ref="oval:org.opensuse.security:tst:2009070774" comment="libreoffice-pt-BR less than 3.3.1.2-1.6.2.2"/> 18550 <criterion test_ref="oval:org.opensuse.security:tst:2009070775" comment="libreoffice-ru less than 3.3.1.2-1.6.2.2"/> 18551 <criterion test_ref="oval:org.opensuse.security:tst:2009070776" comment="libreoffice-sk less than 3.3.1.2-1.6.2.2"/> 18552 <criterion test_ref="oval:org.opensuse.security:tst:2009070777" comment="libreoffice-sv less than 3.3.1.2-1.6.2.2"/> 18553 <criterion test_ref="oval:org.opensuse.security:tst:2009070778" comment="libreoffice-xh less than 3.3.1.2-1.6.2.2"/> 18554 <criterion test_ref="oval:org.opensuse.security:tst:2009070779" comment="libreoffice-zh-CN less than 3.3.1.2-1.6.2.2"/> 18555 <criterion test_ref="oval:org.opensuse.security:tst:2009070780" comment="libreoffice-zh-TW less than 3.3.1.2-1.6.2.2"/> 18556 <criterion test_ref="oval:org.opensuse.security:tst:2009070781" comment="libreoffice-zu less than 3.3.1.2-1.6.2.2"/> 18557 <criterion test_ref="oval:org.opensuse.security:tst:2009070782" comment="libreoffice less than 3.3.1.2-1.6.2.2"/> 18558 <criterion test_ref="oval:org.opensuse.security:tst:2009070783" comment="myspell-african less than 20040727-33.3.1"/> 18559 <criterion test_ref="oval:org.opensuse.security:tst:2009070784" comment="myspell-american less than 20040623-33.3.1"/> 18560 <criterion test_ref="oval:org.opensuse.security:tst:2009070785" comment="myspell-brazilian less than 20020806-33.3.1"/> 18561 <criterion test_ref="oval:org.opensuse.security:tst:2009070786" comment="myspell-british less than 20050526-27.3.1"/> 18562 <criterion test_ref="oval:org.opensuse.security:tst:2009070787" comment="myspell-catalan less than 0.1-248.3.1"/> 18563 <criterion test_ref="oval:org.opensuse.security:tst:2009070788" comment="myspell-czech less than 20030907-59.3.1"/> 18564 <criterion test_ref="oval:org.opensuse.security:tst:2009070789" comment="myspell-danish less than 20050421-27.3.1"/> 18565 <criterion test_ref="oval:org.opensuse.security:tst:2009070790" comment="myspell-dutch less than 20050719-22.14.3.1"/> 18566 <criterion test_ref="oval:org.opensuse.security:tst:2009070791" comment="myspell-french less than 1.0.1.1-26.14.3.1"/> 18567 <criterion test_ref="oval:org.opensuse.security:tst:2009070792" comment="myspell-german less than 20051213-19.14.3.1"/> 18568 <criterion test_ref="oval:org.opensuse.security:tst:2009070793" comment="myspell-greek less than 20041220-26.14.3.1"/> 18569 <criterion test_ref="oval:org.opensuse.security:tst:2009070794" comment="myspell-gujarati less than 20060929-20.12.3.1"/> 18570 <criterion test_ref="oval:org.opensuse.security:tst:2009070795" comment="myspell-hindi less than 0.1-20.12.3.1"/> 18571 <criterion test_ref="oval:org.opensuse.security:tst:2009070796" comment="myspell-italian less than 20050711-22.14.3.1"/> 18572 <criterion test_ref="oval:org.opensuse.security:tst:2009070797" comment="myspell-lithuanian less than 20031231-26.14.3.1"/> 18573 <criterion test_ref="oval:org.opensuse.security:tst:2009070798" comment="myspell-marathi less than 0.1-20.12.3.1"/> 18574 <criterion test_ref="oval:org.opensuse.security:tst:2009070799" comment="myspell-norsk-bokmaal less than 20050308-22.14.3.1"/> 18575 <criterion test_ref="oval:org.opensuse.security:tst:2009070800" comment="myspell-norsk-nynorsk less than 20041208-26.14.3.1"/> 18576 <criterion test_ref="oval:org.opensuse.security:tst:2009070801" comment="myspell-polish less than 20051016-20.14.3.1"/> 18577 <criterion test_ref="oval:org.opensuse.security:tst:2009070802" comment="myspell-portuguese less than 20020629-243.14.3.1"/> 18578 <criterion test_ref="oval:org.opensuse.security:tst:2009070803" comment="myspell-russian less than 20040406-28.14.3.1"/> 18579 <criterion test_ref="oval:org.opensuse.security:tst:2009070804" comment="myspell-slovak less than 20050901-20.14.3.1"/> 18580 <criterion test_ref="oval:org.opensuse.security:tst:2009070805" comment="myspell-slovene less than 20030907-54.14.3.1"/> 18581 <criterion test_ref="oval:org.opensuse.security:tst:2009070806" comment="myspell-spanish less than 20051029-20.14.3.1"/> 18582 <criterion test_ref="oval:org.opensuse.security:tst:2009070807" comment="myspell-swedish less than 20061207-1.12.3.1"/> 18583 <criterion test_ref="oval:org.opensuse.security:tst:2009070808" comment="myspell-xhosa less than 20060123-20.12.3.1"/> 18584 <criterion test_ref="oval:org.opensuse.security:tst:2009070809" comment="myspell-zulu less than 0.2-26.14.3.1"/> 18585 </criteria> 18586 </criteria> 18587 </definition> 18588 <definition id="oval:org.opensuse.security:def:20103453" version="1" class="vulnerability"> 18589 <metadata> 18590 <title>CVE-2010-3453</title> 18591 <affected family="unix"> 18592 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18593 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18594 </affected> 18595 <reference ref_id="CVE-2010-3453" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3453" source="CVE"/> 18596 <description> 18597 The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .DOC file that triggers an out-of-bounds write. 18598 </description> 18599 </metadata> 18600 <!-- 620ba2655e733f37c547ce340f0bdce6 --> 18601 <criteria operator="AND"> 18602 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18603 <criteria operator="OR"> 18604 <criterion test_ref="oval:org.opensuse.security:tst:2009070746" comment="boost-32bit less than 1.33.1-17.13.2.1"/> 18605 <criterion test_ref="oval:org.opensuse.security:tst:2009070747" comment="boost less than 1.33.1-17.13.2.1"/> 18606 <criterion test_ref="oval:org.opensuse.security:tst:2009070748" comment="libreoffice-af less than 3.3.1.2-1.6.2.2"/> 18607 <criterion test_ref="oval:org.opensuse.security:tst:2009070749" comment="libreoffice-ar less than 3.3.1.2-1.6.2.2"/> 18608 <criterion test_ref="oval:org.opensuse.security:tst:2009070750" comment="libreoffice-ca less than 3.3.1.2-1.6.2.2"/> 18609 <criterion test_ref="oval:org.opensuse.security:tst:2009070751" comment="libreoffice-cs less than 3.3.1.2-1.6.2.2"/> 18610 <criterion test_ref="oval:org.opensuse.security:tst:2009070752" comment="libreoffice-da less than 3.3.1.2-1.6.2.2"/> 18611 <criterion test_ref="oval:org.opensuse.security:tst:2009070753" comment="libreoffice-de-templates less than 8.2.1-0.5.1"/> 18612 <criterion test_ref="oval:org.opensuse.security:tst:2009070754" comment="libreoffice-de less than 3.3.1.2-1.6.2.2"/> 18613 <criterion test_ref="oval:org.opensuse.security:tst:2009070755" comment="libreoffice-el less than 3.3.1.2-1.6.2.2"/> 18614 <criterion test_ref="oval:org.opensuse.security:tst:2009070756" comment="libreoffice-en-GB less than 3.3.1.2-1.6.2.2"/> 18615 <criterion test_ref="oval:org.opensuse.security:tst:2009070757" comment="libreoffice-es less than 3.3.1.2-1.6.2.2"/> 18616 <criterion test_ref="oval:org.opensuse.security:tst:2009070758" comment="libreoffice-fi less than 3.3.1.2-1.6.2.2"/> 18617 <criterion test_ref="oval:org.opensuse.security:tst:2009070759" comment="libreoffice-fr less than 3.3.1.2-1.6.2.2"/> 18618 <criterion test_ref="oval:org.opensuse.security:tst:2009070760" comment="libreoffice-galleries less than 3.3.1.2-1.6.2.2"/> 18619 <criterion test_ref="oval:org.opensuse.security:tst:2009070761" comment="libreoffice-gnome less than 3.3.1.2-1.6.2.2"/> 18620 <criterion test_ref="oval:org.opensuse.security:tst:2009070762" comment="libreoffice-gu-IN less than 3.3.1.2-1.6.2.2"/> 18621 <criterion test_ref="oval:org.opensuse.security:tst:2009070763" comment="libreoffice-hi-IN less than 3.3.1.2-1.6.2.2"/> 18622 <criterion test_ref="oval:org.opensuse.security:tst:2009070764" comment="libreoffice-hu less than 3.3.1.2-1.6.2.2"/> 18623 <criterion test_ref="oval:org.opensuse.security:tst:2009070765" comment="libreoffice-it less than 3.3.1.2-1.6.2.2"/> 18624 <criterion test_ref="oval:org.opensuse.security:tst:2009070766" comment="libreoffice-ja less than 3.3.1.2-1.6.2.2"/> 18625 <criterion test_ref="oval:org.opensuse.security:tst:2009070767" comment="libreoffice-kde less than 3.3.1.2-1.6.2.2"/> 18626 <criterion test_ref="oval:org.opensuse.security:tst:2009070768" comment="libreoffice-ko less than 3.3.1.2-1.6.2.2"/> 18627 <criterion test_ref="oval:org.opensuse.security:tst:2009070769" comment="libreoffice-mono less than 3.3.1.2-1.6.2.2"/> 18628 <criterion test_ref="oval:org.opensuse.security:tst:2009070770" comment="libreoffice-nb less than 3.3.1.2-1.6.2.2"/> 18629 <criterion test_ref="oval:org.opensuse.security:tst:2009070771" comment="libreoffice-nl less than 3.3.1.2-1.6.2.2"/> 18630 <criterion test_ref="oval:org.opensuse.security:tst:2009070772" comment="libreoffice-nn less than 3.3.1.2-1.6.2.2"/> 18631 <criterion test_ref="oval:org.opensuse.security:tst:2009070773" comment="libreoffice-pl less than 3.3.1.2-1.6.2.2"/> 18632 <criterion test_ref="oval:org.opensuse.security:tst:2009070774" comment="libreoffice-pt-BR less than 3.3.1.2-1.6.2.2"/> 18633 <criterion test_ref="oval:org.opensuse.security:tst:2009070775" comment="libreoffice-ru less than 3.3.1.2-1.6.2.2"/> 18634 <criterion test_ref="oval:org.opensuse.security:tst:2009070776" comment="libreoffice-sk less than 3.3.1.2-1.6.2.2"/> 18635 <criterion test_ref="oval:org.opensuse.security:tst:2009070777" comment="libreoffice-sv less than 3.3.1.2-1.6.2.2"/> 18636 <criterion test_ref="oval:org.opensuse.security:tst:2009070778" comment="libreoffice-xh less than 3.3.1.2-1.6.2.2"/> 18637 <criterion test_ref="oval:org.opensuse.security:tst:2009070779" comment="libreoffice-zh-CN less than 3.3.1.2-1.6.2.2"/> 18638 <criterion test_ref="oval:org.opensuse.security:tst:2009070780" comment="libreoffice-zh-TW less than 3.3.1.2-1.6.2.2"/> 18639 <criterion test_ref="oval:org.opensuse.security:tst:2009070781" comment="libreoffice-zu less than 3.3.1.2-1.6.2.2"/> 18640 <criterion test_ref="oval:org.opensuse.security:tst:2009070782" comment="libreoffice less than 3.3.1.2-1.6.2.2"/> 18641 <criterion test_ref="oval:org.opensuse.security:tst:2009070783" comment="myspell-african less than 20040727-33.3.1"/> 18642 <criterion test_ref="oval:org.opensuse.security:tst:2009070784" comment="myspell-american less than 20040623-33.3.1"/> 18643 <criterion test_ref="oval:org.opensuse.security:tst:2009070785" comment="myspell-brazilian less than 20020806-33.3.1"/> 18644 <criterion test_ref="oval:org.opensuse.security:tst:2009070786" comment="myspell-british less than 20050526-27.3.1"/> 18645 <criterion test_ref="oval:org.opensuse.security:tst:2009070787" comment="myspell-catalan less than 0.1-248.3.1"/> 18646 <criterion test_ref="oval:org.opensuse.security:tst:2009070788" comment="myspell-czech less than 20030907-59.3.1"/> 18647 <criterion test_ref="oval:org.opensuse.security:tst:2009070789" comment="myspell-danish less than 20050421-27.3.1"/> 18648 <criterion test_ref="oval:org.opensuse.security:tst:2009070790" comment="myspell-dutch less than 20050719-22.14.3.1"/> 18649 <criterion test_ref="oval:org.opensuse.security:tst:2009070791" comment="myspell-french less than 1.0.1.1-26.14.3.1"/> 18650 <criterion test_ref="oval:org.opensuse.security:tst:2009070792" comment="myspell-german less than 20051213-19.14.3.1"/> 18651 <criterion test_ref="oval:org.opensuse.security:tst:2009070793" comment="myspell-greek less than 20041220-26.14.3.1"/> 18652 <criterion test_ref="oval:org.opensuse.security:tst:2009070794" comment="myspell-gujarati less than 20060929-20.12.3.1"/> 18653 <criterion test_ref="oval:org.opensuse.security:tst:2009070795" comment="myspell-hindi less than 0.1-20.12.3.1"/> 18654 <criterion test_ref="oval:org.opensuse.security:tst:2009070796" comment="myspell-italian less than 20050711-22.14.3.1"/> 18655 <criterion test_ref="oval:org.opensuse.security:tst:2009070797" comment="myspell-lithuanian less than 20031231-26.14.3.1"/> 18656 <criterion test_ref="oval:org.opensuse.security:tst:2009070798" comment="myspell-marathi less than 0.1-20.12.3.1"/> 18657 <criterion test_ref="oval:org.opensuse.security:tst:2009070799" comment="myspell-norsk-bokmaal less than 20050308-22.14.3.1"/> 18658 <criterion test_ref="oval:org.opensuse.security:tst:2009070800" comment="myspell-norsk-nynorsk less than 20041208-26.14.3.1"/> 18659 <criterion test_ref="oval:org.opensuse.security:tst:2009070801" comment="myspell-polish less than 20051016-20.14.3.1"/> 18660 <criterion test_ref="oval:org.opensuse.security:tst:2009070802" comment="myspell-portuguese less than 20020629-243.14.3.1"/> 18661 <criterion test_ref="oval:org.opensuse.security:tst:2009070803" comment="myspell-russian less than 20040406-28.14.3.1"/> 18662 <criterion test_ref="oval:org.opensuse.security:tst:2009070804" comment="myspell-slovak less than 20050901-20.14.3.1"/> 18663 <criterion test_ref="oval:org.opensuse.security:tst:2009070805" comment="myspell-slovene less than 20030907-54.14.3.1"/> 18664 <criterion test_ref="oval:org.opensuse.security:tst:2009070806" comment="myspell-spanish less than 20051029-20.14.3.1"/> 18665 <criterion test_ref="oval:org.opensuse.security:tst:2009070807" comment="myspell-swedish less than 20061207-1.12.3.1"/> 18666 <criterion test_ref="oval:org.opensuse.security:tst:2009070808" comment="myspell-xhosa less than 20060123-20.12.3.1"/> 18667 <criterion test_ref="oval:org.opensuse.security:tst:2009070809" comment="myspell-zulu less than 0.2-26.14.3.1"/> 18668 </criteria> 18669 </criteria> 18670 </definition> 18671 <definition id="oval:org.opensuse.security:def:20103454" version="1" class="vulnerability"> 18672 <metadata> 18673 <title>CVE-2010-3454</title> 18674 <affected family="unix"> 18675 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18676 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18677 </affected> 18678 <reference ref_id="CVE-2010-3454" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3454" source="CVE"/> 18679 <description> 18680 Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC file that triggers an out-of-bounds write. 18681 </description> 18682 </metadata> 18683 <!-- 620ba2655e733f37c547ce340f0bdce6 --> 18684 <criteria operator="AND"> 18685 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18686 <criteria operator="OR"> 18687 <criterion test_ref="oval:org.opensuse.security:tst:2009070746" comment="boost-32bit less than 1.33.1-17.13.2.1"/> 18688 <criterion test_ref="oval:org.opensuse.security:tst:2009070747" comment="boost less than 1.33.1-17.13.2.1"/> 18689 <criterion test_ref="oval:org.opensuse.security:tst:2009070748" comment="libreoffice-af less than 3.3.1.2-1.6.2.2"/> 18690 <criterion test_ref="oval:org.opensuse.security:tst:2009070749" comment="libreoffice-ar less than 3.3.1.2-1.6.2.2"/> 18691 <criterion test_ref="oval:org.opensuse.security:tst:2009070750" comment="libreoffice-ca less than 3.3.1.2-1.6.2.2"/> 18692 <criterion test_ref="oval:org.opensuse.security:tst:2009070751" comment="libreoffice-cs less than 3.3.1.2-1.6.2.2"/> 18693 <criterion test_ref="oval:org.opensuse.security:tst:2009070752" comment="libreoffice-da less than 3.3.1.2-1.6.2.2"/> 18694 <criterion test_ref="oval:org.opensuse.security:tst:2009070753" comment="libreoffice-de-templates less than 8.2.1-0.5.1"/> 18695 <criterion test_ref="oval:org.opensuse.security:tst:2009070754" comment="libreoffice-de less than 3.3.1.2-1.6.2.2"/> 18696 <criterion test_ref="oval:org.opensuse.security:tst:2009070755" comment="libreoffice-el less than 3.3.1.2-1.6.2.2"/> 18697 <criterion test_ref="oval:org.opensuse.security:tst:2009070756" comment="libreoffice-en-GB less than 3.3.1.2-1.6.2.2"/> 18698 <criterion test_ref="oval:org.opensuse.security:tst:2009070757" comment="libreoffice-es less than 3.3.1.2-1.6.2.2"/> 18699 <criterion test_ref="oval:org.opensuse.security:tst:2009070758" comment="libreoffice-fi less than 3.3.1.2-1.6.2.2"/> 18700 <criterion test_ref="oval:org.opensuse.security:tst:2009070759" comment="libreoffice-fr less than 3.3.1.2-1.6.2.2"/> 18701 <criterion test_ref="oval:org.opensuse.security:tst:2009070760" comment="libreoffice-galleries less than 3.3.1.2-1.6.2.2"/> 18702 <criterion test_ref="oval:org.opensuse.security:tst:2009070761" comment="libreoffice-gnome less than 3.3.1.2-1.6.2.2"/> 18703 <criterion test_ref="oval:org.opensuse.security:tst:2009070762" comment="libreoffice-gu-IN less than 3.3.1.2-1.6.2.2"/> 18704 <criterion test_ref="oval:org.opensuse.security:tst:2009070763" comment="libreoffice-hi-IN less than 3.3.1.2-1.6.2.2"/> 18705 <criterion test_ref="oval:org.opensuse.security:tst:2009070764" comment="libreoffice-hu less than 3.3.1.2-1.6.2.2"/> 18706 <criterion test_ref="oval:org.opensuse.security:tst:2009070765" comment="libreoffice-it less than 3.3.1.2-1.6.2.2"/> 18707 <criterion test_ref="oval:org.opensuse.security:tst:2009070766" comment="libreoffice-ja less than 3.3.1.2-1.6.2.2"/> 18708 <criterion test_ref="oval:org.opensuse.security:tst:2009070767" comment="libreoffice-kde less than 3.3.1.2-1.6.2.2"/> 18709 <criterion test_ref="oval:org.opensuse.security:tst:2009070768" comment="libreoffice-ko less than 3.3.1.2-1.6.2.2"/> 18710 <criterion test_ref="oval:org.opensuse.security:tst:2009070769" comment="libreoffice-mono less than 3.3.1.2-1.6.2.2"/> 18711 <criterion test_ref="oval:org.opensuse.security:tst:2009070770" comment="libreoffice-nb less than 3.3.1.2-1.6.2.2"/> 18712 <criterion test_ref="oval:org.opensuse.security:tst:2009070771" comment="libreoffice-nl less than 3.3.1.2-1.6.2.2"/> 18713 <criterion test_ref="oval:org.opensuse.security:tst:2009070772" comment="libreoffice-nn less than 3.3.1.2-1.6.2.2"/> 18714 <criterion test_ref="oval:org.opensuse.security:tst:2009070773" comment="libreoffice-pl less than 3.3.1.2-1.6.2.2"/> 18715 <criterion test_ref="oval:org.opensuse.security:tst:2009070774" comment="libreoffice-pt-BR less than 3.3.1.2-1.6.2.2"/> 18716 <criterion test_ref="oval:org.opensuse.security:tst:2009070775" comment="libreoffice-ru less than 3.3.1.2-1.6.2.2"/> 18717 <criterion test_ref="oval:org.opensuse.security:tst:2009070776" comment="libreoffice-sk less than 3.3.1.2-1.6.2.2"/> 18718 <criterion test_ref="oval:org.opensuse.security:tst:2009070777" comment="libreoffice-sv less than 3.3.1.2-1.6.2.2"/> 18719 <criterion test_ref="oval:org.opensuse.security:tst:2009070778" comment="libreoffice-xh less than 3.3.1.2-1.6.2.2"/> 18720 <criterion test_ref="oval:org.opensuse.security:tst:2009070779" comment="libreoffice-zh-CN less than 3.3.1.2-1.6.2.2"/> 18721 <criterion test_ref="oval:org.opensuse.security:tst:2009070780" comment="libreoffice-zh-TW less than 3.3.1.2-1.6.2.2"/> 18722 <criterion test_ref="oval:org.opensuse.security:tst:2009070781" comment="libreoffice-zu less than 3.3.1.2-1.6.2.2"/> 18723 <criterion test_ref="oval:org.opensuse.security:tst:2009070782" comment="libreoffice less than 3.3.1.2-1.6.2.2"/> 18724 <criterion test_ref="oval:org.opensuse.security:tst:2009070783" comment="myspell-african less than 20040727-33.3.1"/> 18725 <criterion test_ref="oval:org.opensuse.security:tst:2009070784" comment="myspell-american less than 20040623-33.3.1"/> 18726 <criterion test_ref="oval:org.opensuse.security:tst:2009070785" comment="myspell-brazilian less than 20020806-33.3.1"/> 18727 <criterion test_ref="oval:org.opensuse.security:tst:2009070786" comment="myspell-british less than 20050526-27.3.1"/> 18728 <criterion test_ref="oval:org.opensuse.security:tst:2009070787" comment="myspell-catalan less than 0.1-248.3.1"/> 18729 <criterion test_ref="oval:org.opensuse.security:tst:2009070788" comment="myspell-czech less than 20030907-59.3.1"/> 18730 <criterion test_ref="oval:org.opensuse.security:tst:2009070789" comment="myspell-danish less than 20050421-27.3.1"/> 18731 <criterion test_ref="oval:org.opensuse.security:tst:2009070790" comment="myspell-dutch less than 20050719-22.14.3.1"/> 18732 <criterion test_ref="oval:org.opensuse.security:tst:2009070791" comment="myspell-french less than 1.0.1.1-26.14.3.1"/> 18733 <criterion test_ref="oval:org.opensuse.security:tst:2009070792" comment="myspell-german less than 20051213-19.14.3.1"/> 18734 <criterion test_ref="oval:org.opensuse.security:tst:2009070793" comment="myspell-greek less than 20041220-26.14.3.1"/> 18735 <criterion test_ref="oval:org.opensuse.security:tst:2009070794" comment="myspell-gujarati less than 20060929-20.12.3.1"/> 18736 <criterion test_ref="oval:org.opensuse.security:tst:2009070795" comment="myspell-hindi less than 0.1-20.12.3.1"/> 18737 <criterion test_ref="oval:org.opensuse.security:tst:2009070796" comment="myspell-italian less than 20050711-22.14.3.1"/> 18738 <criterion test_ref="oval:org.opensuse.security:tst:2009070797" comment="myspell-lithuanian less than 20031231-26.14.3.1"/> 18739 <criterion test_ref="oval:org.opensuse.security:tst:2009070798" comment="myspell-marathi less than 0.1-20.12.3.1"/> 18740 <criterion test_ref="oval:org.opensuse.security:tst:2009070799" comment="myspell-norsk-bokmaal less than 20050308-22.14.3.1"/> 18741 <criterion test_ref="oval:org.opensuse.security:tst:2009070800" comment="myspell-norsk-nynorsk less than 20041208-26.14.3.1"/> 18742 <criterion test_ref="oval:org.opensuse.security:tst:2009070801" comment="myspell-polish less than 20051016-20.14.3.1"/> 18743 <criterion test_ref="oval:org.opensuse.security:tst:2009070802" comment="myspell-portuguese less than 20020629-243.14.3.1"/> 18744 <criterion test_ref="oval:org.opensuse.security:tst:2009070803" comment="myspell-russian less than 20040406-28.14.3.1"/> 18745 <criterion test_ref="oval:org.opensuse.security:tst:2009070804" comment="myspell-slovak less than 20050901-20.14.3.1"/> 18746 <criterion test_ref="oval:org.opensuse.security:tst:2009070805" comment="myspell-slovene less than 20030907-54.14.3.1"/> 18747 <criterion test_ref="oval:org.opensuse.security:tst:2009070806" comment="myspell-spanish less than 20051029-20.14.3.1"/> 18748 <criterion test_ref="oval:org.opensuse.security:tst:2009070807" comment="myspell-swedish less than 20061207-1.12.3.1"/> 18749 <criterion test_ref="oval:org.opensuse.security:tst:2009070808" comment="myspell-xhosa less than 20060123-20.12.3.1"/> 18750 <criterion test_ref="oval:org.opensuse.security:tst:2009070809" comment="myspell-zulu less than 0.2-26.14.3.1"/> 18751 </criteria> 18752 </criteria> 18753 </definition> 18754 <definition id="oval:org.opensuse.security:def:20103493" version="1" class="vulnerability"> 18755 <metadata> 18756 <title>CVE-2010-3493</title> 18757 <affected family="unix"> 18758 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18759 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18760 </affected> 18761 <reference ref_id="CVE-2010-3493" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3493" source="CVE"/> 18762 <description> 18763 Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, or the getpeername function having an ENOTCONN error, a related issue to CVE-2010-3492. 18764 </description> 18765 </metadata> 18766 <!-- a2098cb2e3d51d63912dc55b837af4c0 --> 18767 <criteria operator="AND"> 18768 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18769 <criteria operator="OR"> 18770 <criterion test_ref="oval:org.opensuse.security:tst:2009065575" comment="python-32bit less than 2.4.2-18.32.5"/> 18771 <criterion test_ref="oval:org.opensuse.security:tst:2009065576" comment="python-curses less than 2.4.2-18.32.5"/> 18772 <criterion test_ref="oval:org.opensuse.security:tst:2009065577" comment="python-devel less than 2.4.2-18.32.5"/> 18773 <criterion test_ref="oval:org.opensuse.security:tst:2009065578" comment="python-gdbm less than 2.4.2-18.32.5"/> 18774 <criterion test_ref="oval:org.opensuse.security:tst:2009065579" comment="python-tk less than 2.4.2-18.32.5"/> 18775 <criterion test_ref="oval:org.opensuse.security:tst:2009065580" comment="python-xml less than 2.4.2-18.32.5"/> 18776 <criterion test_ref="oval:org.opensuse.security:tst:2009065581" comment="python less than 2.4.2-18.32.5"/> 18777 </criteria> 18778 </criteria> 18779 </definition> 18780 <definition id="oval:org.opensuse.security:def:20103541" version="1" class="vulnerability"> 18781 <metadata> 18782 <title>CVE-2010-3541</title> 18783 <affected family="unix"> 18784 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18785 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18786 </affected> 18787 <reference ref_id="CVE-2010-3541" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3541" source="CVE"/> 18788 <description> 18789 Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, which allows remote attackers to bypass the intended security policy. 18790 </description> 18791 </metadata> 18792 <criteria operator="OR"> 18793 <!-- 4b65ef8ab087bd6b69fba574b61214de --> 18794 <criteria operator="AND"> 18795 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18796 <criteria operator="OR"> 18797 <criterion test_ref="oval:org.opensuse.security:tst:2009070720" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.2-0.4.1"/> 18798 <criterion test_ref="oval:org.opensuse.security:tst:2009070721" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.2-0.4.1"/> 18799 <criterion test_ref="oval:org.opensuse.security:tst:2009070722" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.2-0.4.1"/> 18800 <criterion test_ref="oval:org.opensuse.security:tst:2009070723" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.2-0.4.1"/> 18801 <criterion test_ref="oval:org.opensuse.security:tst:2009070724" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.2-0.4.1"/> 18802 <criterion test_ref="oval:org.opensuse.security:tst:2009070725" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.2-0.4.1"/> 18803 <criterion test_ref="oval:org.opensuse.security:tst:2009070726" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.2-0.4.1"/> 18804 <criterion test_ref="oval:org.opensuse.security:tst:2009070727" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.2-0.4.1"/> 18805 <criterion test_ref="oval:org.opensuse.security:tst:2009070728" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.2-0.4.1"/> 18806 <criterion test_ref="oval:org.opensuse.security:tst:2009070729" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.2-0.4.1"/> 18807 <criterion test_ref="oval:org.opensuse.security:tst:2009070730" comment="java-1_5_0-ibm less than 1.5.0_sr12.2-0.4.1"/> 18808 </criteria> 18809 </criteria> 18810 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 18811 <criteria operator="AND"> 18812 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18813 <criteria operator="OR"> 18814 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 18815 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 18816 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 18817 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 18818 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 18819 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 18820 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 18821 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 18822 </criteria> 18823 </criteria> 18824 </criteria> 18825 </definition> 18826 <definition id="oval:org.opensuse.security:def:20103548" version="1" class="vulnerability"> 18827 <metadata> 18828 <title>CVE-2010-3548</title> 18829 <affected family="unix"> 18830 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18831 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18832 </affected> 18833 <reference ref_id="CVE-2010-3548" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3548" source="CVE"/> 18834 <description> 18835 Unspecified vulnerability in the Java Naming and Directory Interface (JNDI) component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to determine internal IP addresses or "otherwise-protected internal network names." 18836 </description> 18837 </metadata> 18838 <criteria operator="OR"> 18839 <!-- 4b65ef8ab087bd6b69fba574b61214de --> 18840 <criteria operator="AND"> 18841 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18842 <criteria operator="OR"> 18843 <criterion test_ref="oval:org.opensuse.security:tst:2009070720" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.2-0.4.1"/> 18844 <criterion test_ref="oval:org.opensuse.security:tst:2009070721" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.2-0.4.1"/> 18845 <criterion test_ref="oval:org.opensuse.security:tst:2009070722" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.2-0.4.1"/> 18846 <criterion test_ref="oval:org.opensuse.security:tst:2009070723" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.2-0.4.1"/> 18847 <criterion test_ref="oval:org.opensuse.security:tst:2009070724" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.2-0.4.1"/> 18848 <criterion test_ref="oval:org.opensuse.security:tst:2009070725" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.2-0.4.1"/> 18849 <criterion test_ref="oval:org.opensuse.security:tst:2009070726" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.2-0.4.1"/> 18850 <criterion test_ref="oval:org.opensuse.security:tst:2009070727" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.2-0.4.1"/> 18851 <criterion test_ref="oval:org.opensuse.security:tst:2009070728" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.2-0.4.1"/> 18852 <criterion test_ref="oval:org.opensuse.security:tst:2009070729" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.2-0.4.1"/> 18853 <criterion test_ref="oval:org.opensuse.security:tst:2009070730" comment="java-1_5_0-ibm less than 1.5.0_sr12.2-0.4.1"/> 18854 </criteria> 18855 </criteria> 18856 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 18857 <criteria operator="AND"> 18858 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18859 <criteria operator="OR"> 18860 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 18861 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 18862 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 18863 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 18864 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 18865 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 18866 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 18867 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 18868 </criteria> 18869 </criteria> 18870 </criteria> 18871 </definition> 18872 <definition id="oval:org.opensuse.security:def:20103549" version="1" class="vulnerability"> 18873 <metadata> 18874 <title>CVE-2010-3549</title> 18875 <affected family="unix"> 18876 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18877 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18878 </affected> 18879 <reference ref_id="CVE-2010-3549" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3549" source="CVE"/> 18880 <description> 18881 Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is an HTTP request splitting vulnerability involving the handling of the chunked transfer encoding method by the HttpURLConnection class. 18882 </description> 18883 </metadata> 18884 <criteria operator="OR"> 18885 <!-- 4b65ef8ab087bd6b69fba574b61214de --> 18886 <criteria operator="AND"> 18887 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18888 <criteria operator="OR"> 18889 <criterion test_ref="oval:org.opensuse.security:tst:2009070720" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.2-0.4.1"/> 18890 <criterion test_ref="oval:org.opensuse.security:tst:2009070721" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.2-0.4.1"/> 18891 <criterion test_ref="oval:org.opensuse.security:tst:2009070722" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.2-0.4.1"/> 18892 <criterion test_ref="oval:org.opensuse.security:tst:2009070723" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.2-0.4.1"/> 18893 <criterion test_ref="oval:org.opensuse.security:tst:2009070724" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.2-0.4.1"/> 18894 <criterion test_ref="oval:org.opensuse.security:tst:2009070725" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.2-0.4.1"/> 18895 <criterion test_ref="oval:org.opensuse.security:tst:2009070726" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.2-0.4.1"/> 18896 <criterion test_ref="oval:org.opensuse.security:tst:2009070727" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.2-0.4.1"/> 18897 <criterion test_ref="oval:org.opensuse.security:tst:2009070728" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.2-0.4.1"/> 18898 <criterion test_ref="oval:org.opensuse.security:tst:2009070729" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.2-0.4.1"/> 18899 <criterion test_ref="oval:org.opensuse.security:tst:2009070730" comment="java-1_5_0-ibm less than 1.5.0_sr12.2-0.4.1"/> 18900 </criteria> 18901 </criteria> 18902 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 18903 <criteria operator="AND"> 18904 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18905 <criteria operator="OR"> 18906 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 18907 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 18908 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 18909 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 18910 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 18911 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 18912 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 18913 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 18914 </criteria> 18915 </criteria> 18916 </criteria> 18917 </definition> 18918 <definition id="oval:org.opensuse.security:def:20103550" version="1" class="vulnerability"> 18919 <metadata> 18920 <title>CVE-2010-3550</title> 18921 <affected family="unix"> 18922 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18923 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18924 </affected> 18925 <reference ref_id="CVE-2010-3550" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3550" source="CVE"/> 18926 <description> 18927 Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. 18928 </description> 18929 </metadata> 18930 <criteria operator="OR"> 18931 <!-- 4b65ef8ab087bd6b69fba574b61214de --> 18932 <criteria operator="AND"> 18933 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18934 <criteria operator="OR"> 18935 <criterion test_ref="oval:org.opensuse.security:tst:2009070720" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.2-0.4.1"/> 18936 <criterion test_ref="oval:org.opensuse.security:tst:2009070721" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.2-0.4.1"/> 18937 <criterion test_ref="oval:org.opensuse.security:tst:2009070722" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.2-0.4.1"/> 18938 <criterion test_ref="oval:org.opensuse.security:tst:2009070723" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.2-0.4.1"/> 18939 <criterion test_ref="oval:org.opensuse.security:tst:2009070724" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.2-0.4.1"/> 18940 <criterion test_ref="oval:org.opensuse.security:tst:2009070725" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.2-0.4.1"/> 18941 <criterion test_ref="oval:org.opensuse.security:tst:2009070726" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.2-0.4.1"/> 18942 <criterion test_ref="oval:org.opensuse.security:tst:2009070727" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.2-0.4.1"/> 18943 <criterion test_ref="oval:org.opensuse.security:tst:2009070728" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.2-0.4.1"/> 18944 <criterion test_ref="oval:org.opensuse.security:tst:2009070729" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.2-0.4.1"/> 18945 <criterion test_ref="oval:org.opensuse.security:tst:2009070730" comment="java-1_5_0-ibm less than 1.5.0_sr12.2-0.4.1"/> 18946 </criteria> 18947 </criteria> 18948 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 18949 <criteria operator="AND"> 18950 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18951 <criteria operator="OR"> 18952 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 18953 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 18954 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 18955 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 18956 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 18957 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 18958 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 18959 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 18960 </criteria> 18961 </criteria> 18962 </criteria> 18963 </definition> 18964 <definition id="oval:org.opensuse.security:def:20103551" version="1" class="vulnerability"> 18965 <metadata> 18966 <title>CVE-2010-3551</title> 18967 <affected family="unix"> 18968 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 18969 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 18970 </affected> 18971 <reference ref_id="CVE-2010-3551" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3551" source="CVE"/> 18972 <description> 18973 Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. 18974 </description> 18975 </metadata> 18976 <criteria operator="OR"> 18977 <!-- 4b65ef8ab087bd6b69fba574b61214de --> 18978 <criteria operator="AND"> 18979 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18980 <criteria operator="OR"> 18981 <criterion test_ref="oval:org.opensuse.security:tst:2009070720" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.2-0.4.1"/> 18982 <criterion test_ref="oval:org.opensuse.security:tst:2009070721" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.2-0.4.1"/> 18983 <criterion test_ref="oval:org.opensuse.security:tst:2009070722" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.2-0.4.1"/> 18984 <criterion test_ref="oval:org.opensuse.security:tst:2009070723" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.2-0.4.1"/> 18985 <criterion test_ref="oval:org.opensuse.security:tst:2009070724" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.2-0.4.1"/> 18986 <criterion test_ref="oval:org.opensuse.security:tst:2009070725" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.2-0.4.1"/> 18987 <criterion test_ref="oval:org.opensuse.security:tst:2009070726" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.2-0.4.1"/> 18988 <criterion test_ref="oval:org.opensuse.security:tst:2009070727" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.2-0.4.1"/> 18989 <criterion test_ref="oval:org.opensuse.security:tst:2009070728" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.2-0.4.1"/> 18990 <criterion test_ref="oval:org.opensuse.security:tst:2009070729" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.2-0.4.1"/> 18991 <criterion test_ref="oval:org.opensuse.security:tst:2009070730" comment="java-1_5_0-ibm less than 1.5.0_sr12.2-0.4.1"/> 18992 </criteria> 18993 </criteria> 18994 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 18995 <criteria operator="AND"> 18996 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 18997 <criteria operator="OR"> 18998 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 18999 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19000 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19001 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19002 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19003 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19004 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19005 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19006 </criteria> 19007 </criteria> 19008 </criteria> 19009 </definition> 19010 <definition id="oval:org.opensuse.security:def:20103552" version="1" class="vulnerability"> 19011 <metadata> 19012 <title>CVE-2010-3552</title> 19013 <affected family="unix"> 19014 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19015 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19016 </affected> 19017 <reference ref_id="CVE-2010-3552" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3552" source="CVE"/> 19018 <description> 19019 Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. 19020 </description> 19021 </metadata> 19022 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19023 <criteria operator="AND"> 19024 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19025 <criteria operator="OR"> 19026 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19027 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19028 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19029 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19030 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19031 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19032 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19033 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19034 </criteria> 19035 </criteria> 19036 </definition> 19037 <definition id="oval:org.opensuse.security:def:20103553" version="1" class="vulnerability"> 19038 <metadata> 19039 <title>CVE-2010-3553</title> 19040 <affected family="unix"> 19041 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19042 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19043 </affected> 19044 <reference ref_id="CVE-2010-3553" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3553" source="CVE"/> 19045 <description> 19046 Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class. 19047 </description> 19048 </metadata> 19049 <criteria operator="OR"> 19050 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19051 <criteria operator="AND"> 19052 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19053 <criteria operator="OR"> 19054 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19055 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19056 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19057 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19058 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19059 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19060 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19061 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19062 </criteria> 19063 </criteria> 19064 <!-- ac2e446384cdeb74511d6cd5eb10eb59 --> 19065 <criteria operator="AND"> 19066 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19067 <criteria operator="OR"> 19068 <criterion test_ref="oval:org.opensuse.security:tst:2009066377" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.3-0.7.1"/> 19069 <criterion test_ref="oval:org.opensuse.security:tst:2009066378" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.3-0.7.1"/> 19070 <criterion test_ref="oval:org.opensuse.security:tst:2009066379" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.3-0.7.1"/> 19071 <criterion test_ref="oval:org.opensuse.security:tst:2009066380" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.3-0.7.1"/> 19072 <criterion test_ref="oval:org.opensuse.security:tst:2009066381" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.3-0.7.1"/> 19073 <criterion test_ref="oval:org.opensuse.security:tst:2009066382" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.3-0.7.1"/> 19074 <criterion test_ref="oval:org.opensuse.security:tst:2009066383" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.3-0.7.1"/> 19075 <criterion test_ref="oval:org.opensuse.security:tst:2009066384" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.3-0.7.1"/> 19076 <criterion test_ref="oval:org.opensuse.security:tst:2009066385" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.3-0.7.1"/> 19077 <criterion test_ref="oval:org.opensuse.security:tst:2009066386" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.3-0.7.1"/> 19078 <criterion test_ref="oval:org.opensuse.security:tst:2009066387" comment="java-1_5_0-ibm less than 1.5.0_sr12.3-0.7.1"/> 19079 </criteria> 19080 </criteria> 19081 </criteria> 19082 </definition> 19083 <definition id="oval:org.opensuse.security:def:20103554" version="1" class="vulnerability"> 19084 <metadata> 19085 <title>CVE-2010-3554</title> 19086 <affected family="unix"> 19087 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19088 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19089 </affected> 19090 <reference ref_id="CVE-2010-3554" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3554" source="CVE"/> 19091 <description> 19092 Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to "permissions granted to certain system objects." 19093 </description> 19094 </metadata> 19095 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19096 <criteria operator="AND"> 19097 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19098 <criteria operator="OR"> 19099 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19100 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19101 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19102 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19103 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19104 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19105 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19106 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19107 </criteria> 19108 </criteria> 19109 </definition> 19110 <definition id="oval:org.opensuse.security:def:20103555" version="1" class="vulnerability"> 19111 <metadata> 19112 <title>CVE-2010-3555</title> 19113 <affected family="unix"> 19114 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19115 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19116 </affected> 19117 <reference ref_id="CVE-2010-3555" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3555" source="CVE"/> 19118 <description> 19119 Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that the ActiveX Plugin does not properly initialize an object field that is used as a window handle, which allows attackers to execute arbitrary code. 19120 </description> 19121 </metadata> 19122 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19123 <criteria operator="AND"> 19124 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19125 <criteria operator="OR"> 19126 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19127 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19128 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19129 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19130 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19131 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19132 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19133 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19134 </criteria> 19135 </criteria> 19136 </definition> 19137 <definition id="oval:org.opensuse.security:def:20103556" version="1" class="vulnerability"> 19138 <metadata> 19139 <title>CVE-2010-3556</title> 19140 <affected family="unix"> 19141 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19142 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19143 </affected> 19144 <reference ref_id="CVE-2010-3556" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3556" source="CVE"/> 19145 <description> 19146 Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. 19147 </description> 19148 </metadata> 19149 <criteria operator="OR"> 19150 <!-- 4b65ef8ab087bd6b69fba574b61214de --> 19151 <criteria operator="AND"> 19152 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19153 <criteria operator="OR"> 19154 <criterion test_ref="oval:org.opensuse.security:tst:2009070720" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.2-0.4.1"/> 19155 <criterion test_ref="oval:org.opensuse.security:tst:2009070721" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.2-0.4.1"/> 19156 <criterion test_ref="oval:org.opensuse.security:tst:2009070722" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.2-0.4.1"/> 19157 <criterion test_ref="oval:org.opensuse.security:tst:2009070723" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.2-0.4.1"/> 19158 <criterion test_ref="oval:org.opensuse.security:tst:2009070724" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.2-0.4.1"/> 19159 <criterion test_ref="oval:org.opensuse.security:tst:2009070725" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.2-0.4.1"/> 19160 <criterion test_ref="oval:org.opensuse.security:tst:2009070726" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.2-0.4.1"/> 19161 <criterion test_ref="oval:org.opensuse.security:tst:2009070727" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.2-0.4.1"/> 19162 <criterion test_ref="oval:org.opensuse.security:tst:2009070728" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.2-0.4.1"/> 19163 <criterion test_ref="oval:org.opensuse.security:tst:2009070729" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.2-0.4.1"/> 19164 <criterion test_ref="oval:org.opensuse.security:tst:2009070730" comment="java-1_5_0-ibm less than 1.5.0_sr12.2-0.4.1"/> 19165 </criteria> 19166 </criteria> 19167 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19168 <criteria operator="AND"> 19169 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19170 <criteria operator="OR"> 19171 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19172 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19173 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19174 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19175 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19176 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19177 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19178 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19179 </criteria> 19180 </criteria> 19181 </criteria> 19182 </definition> 19183 <definition id="oval:org.opensuse.security:def:20103557" version="1" class="vulnerability"> 19184 <metadata> 19185 <title>CVE-2010-3557</title> 19186 <affected family="unix"> 19187 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19188 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19189 </affected> 19190 <reference ref_id="CVE-2010-3557" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3557" source="CVE"/> 19191 <description> 19192 Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to the modification of "behavior and state of certain JDK classes" and "mutable static." 19193 </description> 19194 </metadata> 19195 <criteria operator="OR"> 19196 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19197 <criteria operator="AND"> 19198 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19199 <criteria operator="OR"> 19200 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19201 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19202 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19203 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19204 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19205 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19206 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19207 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19208 </criteria> 19209 </criteria> 19210 <!-- ac2e446384cdeb74511d6cd5eb10eb59 --> 19211 <criteria operator="AND"> 19212 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19213 <criteria operator="OR"> 19214 <criterion test_ref="oval:org.opensuse.security:tst:2009066377" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.3-0.7.1"/> 19215 <criterion test_ref="oval:org.opensuse.security:tst:2009066378" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.3-0.7.1"/> 19216 <criterion test_ref="oval:org.opensuse.security:tst:2009066379" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.3-0.7.1"/> 19217 <criterion test_ref="oval:org.opensuse.security:tst:2009066380" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.3-0.7.1"/> 19218 <criterion test_ref="oval:org.opensuse.security:tst:2009066381" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.3-0.7.1"/> 19219 <criterion test_ref="oval:org.opensuse.security:tst:2009066382" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.3-0.7.1"/> 19220 <criterion test_ref="oval:org.opensuse.security:tst:2009066383" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.3-0.7.1"/> 19221 <criterion test_ref="oval:org.opensuse.security:tst:2009066384" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.3-0.7.1"/> 19222 <criterion test_ref="oval:org.opensuse.security:tst:2009066385" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.3-0.7.1"/> 19223 <criterion test_ref="oval:org.opensuse.security:tst:2009066386" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.3-0.7.1"/> 19224 <criterion test_ref="oval:org.opensuse.security:tst:2009066387" comment="java-1_5_0-ibm less than 1.5.0_sr12.3-0.7.1"/> 19225 </criteria> 19226 </criteria> 19227 </criteria> 19228 </definition> 19229 <definition id="oval:org.opensuse.security:def:20103558" version="1" class="vulnerability"> 19230 <metadata> 19231 <title>CVE-2010-3558</title> 19232 <affected family="unix"> 19233 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19234 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19235 </affected> 19236 <reference ref_id="CVE-2010-3558" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3558" source="CVE"/> 19237 <description> 19238 Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. 19239 </description> 19240 </metadata> 19241 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19242 <criteria operator="AND"> 19243 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19244 <criteria operator="OR"> 19245 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19246 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19247 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19248 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19249 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19250 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19251 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19252 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19253 </criteria> 19254 </criteria> 19255 </definition> 19256 <definition id="oval:org.opensuse.security:def:20103559" version="1" class="vulnerability"> 19257 <metadata> 19258 <title>CVE-2010-3559</title> 19259 <affected family="unix"> 19260 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19261 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19262 </affected> 19263 <reference ref_id="CVE-2010-3559" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3559" source="CVE"/> 19264 <description> 19265 Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this involves an incorrect sign extension in the HeadspaceSoundbank.nGetName function, which allows attackers to execute arbitrary code via a crafted BANK record that leads to a buffer overflow. 19266 </description> 19267 </metadata> 19268 <criteria operator="OR"> 19269 <!-- 4b65ef8ab087bd6b69fba574b61214de --> 19270 <criteria operator="AND"> 19271 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19272 <criteria operator="OR"> 19273 <criterion test_ref="oval:org.opensuse.security:tst:2009070720" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.2-0.4.1"/> 19274 <criterion test_ref="oval:org.opensuse.security:tst:2009070721" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.2-0.4.1"/> 19275 <criterion test_ref="oval:org.opensuse.security:tst:2009070722" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.2-0.4.1"/> 19276 <criterion test_ref="oval:org.opensuse.security:tst:2009070723" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.2-0.4.1"/> 19277 <criterion test_ref="oval:org.opensuse.security:tst:2009070724" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.2-0.4.1"/> 19278 <criterion test_ref="oval:org.opensuse.security:tst:2009070725" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.2-0.4.1"/> 19279 <criterion test_ref="oval:org.opensuse.security:tst:2009070726" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.2-0.4.1"/> 19280 <criterion test_ref="oval:org.opensuse.security:tst:2009070727" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.2-0.4.1"/> 19281 <criterion test_ref="oval:org.opensuse.security:tst:2009070728" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.2-0.4.1"/> 19282 <criterion test_ref="oval:org.opensuse.security:tst:2009070729" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.2-0.4.1"/> 19283 <criterion test_ref="oval:org.opensuse.security:tst:2009070730" comment="java-1_5_0-ibm less than 1.5.0_sr12.2-0.4.1"/> 19284 </criteria> 19285 </criteria> 19286 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19287 <criteria operator="AND"> 19288 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19289 <criteria operator="OR"> 19290 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19291 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19292 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19293 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19294 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19295 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19296 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19297 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19298 </criteria> 19299 </criteria> 19300 </criteria> 19301 </definition> 19302 <definition id="oval:org.opensuse.security:def:20103560" version="1" class="vulnerability"> 19303 <metadata> 19304 <title>CVE-2010-3560</title> 19305 <affected family="unix"> 19306 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19307 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19308 </affected> 19309 <reference ref_id="CVE-2010-3560" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3560" source="CVE"/> 19310 <description> 19311 Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality via unknown vectors. 19312 </description> 19313 </metadata> 19314 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19315 <criteria operator="AND"> 19316 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19317 <criteria operator="OR"> 19318 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19319 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19320 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19321 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19322 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19323 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19324 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19325 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19326 </criteria> 19327 </criteria> 19328 </definition> 19329 <definition id="oval:org.opensuse.security:def:20103561" version="1" class="vulnerability"> 19330 <metadata> 19331 <title>CVE-2010-3561</title> 19332 <affected family="unix"> 19333 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19334 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19335 </affected> 19336 <reference ref_id="CVE-2010-3561" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3561" source="CVE"/> 19337 <description> 19338 Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this involves the use of the privileged accept method in the ServerSocket class, which does not limit which hosts can connect and allows remote attackers to bypass intended network access restrictions. 19339 </description> 19340 </metadata> 19341 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19342 <criteria operator="AND"> 19343 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19344 <criteria operator="OR"> 19345 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19346 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19347 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19348 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19349 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19350 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19351 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19352 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19353 </criteria> 19354 </criteria> 19355 </definition> 19356 <definition id="oval:org.opensuse.security:def:20103562" version="1" class="vulnerability"> 19357 <metadata> 19358 <title>CVE-2010-3562</title> 19359 <affected family="unix"> 19360 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19361 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19362 </affected> 19363 <reference ref_id="CVE-2010-3562" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3562" source="CVE"/> 19364 <description> 19365 Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a double free vulnerability in IndexColorModel that allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. 19366 </description> 19367 </metadata> 19368 <criteria operator="OR"> 19369 <!-- 4b65ef8ab087bd6b69fba574b61214de --> 19370 <criteria operator="AND"> 19371 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19372 <criteria operator="OR"> 19373 <criterion test_ref="oval:org.opensuse.security:tst:2009070720" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.2-0.4.1"/> 19374 <criterion test_ref="oval:org.opensuse.security:tst:2009070721" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.2-0.4.1"/> 19375 <criterion test_ref="oval:org.opensuse.security:tst:2009070722" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.2-0.4.1"/> 19376 <criterion test_ref="oval:org.opensuse.security:tst:2009070723" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.2-0.4.1"/> 19377 <criterion test_ref="oval:org.opensuse.security:tst:2009070724" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.2-0.4.1"/> 19378 <criterion test_ref="oval:org.opensuse.security:tst:2009070725" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.2-0.4.1"/> 19379 <criterion test_ref="oval:org.opensuse.security:tst:2009070726" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.2-0.4.1"/> 19380 <criterion test_ref="oval:org.opensuse.security:tst:2009070727" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.2-0.4.1"/> 19381 <criterion test_ref="oval:org.opensuse.security:tst:2009070728" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.2-0.4.1"/> 19382 <criterion test_ref="oval:org.opensuse.security:tst:2009070729" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.2-0.4.1"/> 19383 <criterion test_ref="oval:org.opensuse.security:tst:2009070730" comment="java-1_5_0-ibm less than 1.5.0_sr12.2-0.4.1"/> 19384 </criteria> 19385 </criteria> 19386 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19387 <criteria operator="AND"> 19388 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19389 <criteria operator="OR"> 19390 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19391 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19392 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19393 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19394 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19395 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19396 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19397 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19398 </criteria> 19399 </criteria> 19400 </criteria> 19401 </definition> 19402 <definition id="oval:org.opensuse.security:def:20103563" version="1" class="vulnerability"> 19403 <metadata> 19404 <title>CVE-2010-3563</title> 19405 <affected family="unix"> 19406 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19407 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19408 </affected> 19409 <reference ref_id="CVE-2010-3563" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3563" source="CVE"/> 19410 <description> 19411 Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to "how Web Start retrieves security policies," BasicServiceImpl, and forged policies that bypass sandbox restrictions. 19412 </description> 19413 </metadata> 19414 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19415 <criteria operator="AND"> 19416 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19417 <criteria operator="OR"> 19418 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19419 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19420 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19421 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19422 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19423 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19424 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19425 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19426 </criteria> 19427 </criteria> 19428 </definition> 19429 <definition id="oval:org.opensuse.security:def:20103565" version="1" class="vulnerability"> 19430 <metadata> 19431 <title>CVE-2010-3565</title> 19432 <affected family="unix"> 19433 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19434 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19435 </affected> 19436 <reference ref_id="CVE-2010-3565" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3565" source="CVE"/> 19437 <description> 19438 Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that triggers memory corruption via large values in a subsample of a JPEG image, related to JPEGImageWriter.writeImage in the imageio API. 19439 </description> 19440 </metadata> 19441 <criteria operator="OR"> 19442 <!-- 4b65ef8ab087bd6b69fba574b61214de --> 19443 <criteria operator="AND"> 19444 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19445 <criteria operator="OR"> 19446 <criterion test_ref="oval:org.opensuse.security:tst:2009070720" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.2-0.4.1"/> 19447 <criterion test_ref="oval:org.opensuse.security:tst:2009070721" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.2-0.4.1"/> 19448 <criterion test_ref="oval:org.opensuse.security:tst:2009070722" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.2-0.4.1"/> 19449 <criterion test_ref="oval:org.opensuse.security:tst:2009070723" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.2-0.4.1"/> 19450 <criterion test_ref="oval:org.opensuse.security:tst:2009070724" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.2-0.4.1"/> 19451 <criterion test_ref="oval:org.opensuse.security:tst:2009070725" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.2-0.4.1"/> 19452 <criterion test_ref="oval:org.opensuse.security:tst:2009070726" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.2-0.4.1"/> 19453 <criterion test_ref="oval:org.opensuse.security:tst:2009070727" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.2-0.4.1"/> 19454 <criterion test_ref="oval:org.opensuse.security:tst:2009070728" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.2-0.4.1"/> 19455 <criterion test_ref="oval:org.opensuse.security:tst:2009070729" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.2-0.4.1"/> 19456 <criterion test_ref="oval:org.opensuse.security:tst:2009070730" comment="java-1_5_0-ibm less than 1.5.0_sr12.2-0.4.1"/> 19457 </criteria> 19458 </criteria> 19459 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19460 <criteria operator="AND"> 19461 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19462 <criteria operator="OR"> 19463 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19464 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19465 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19466 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19467 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19468 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19469 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19470 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19471 </criteria> 19472 </criteria> 19473 </criteria> 19474 </definition> 19475 <definition id="oval:org.opensuse.security:def:20103566" version="1" class="vulnerability"> 19476 <metadata> 19477 <title>CVE-2010-3566</title> 19478 <affected family="unix"> 19479 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19480 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19481 </affected> 19482 <reference ref_id="CVE-2010-3566" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3566" source="CVE"/> 19483 <description> 19484 Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that leads to a buffer overflow via a crafted devs (device information) tag structure in a color profile. 19485 </description> 19486 </metadata> 19487 <criteria operator="OR"> 19488 <!-- 4b65ef8ab087bd6b69fba574b61214de --> 19489 <criteria operator="AND"> 19490 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19491 <criteria operator="OR"> 19492 <criterion test_ref="oval:org.opensuse.security:tst:2009070720" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.2-0.4.1"/> 19493 <criterion test_ref="oval:org.opensuse.security:tst:2009070721" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.2-0.4.1"/> 19494 <criterion test_ref="oval:org.opensuse.security:tst:2009070722" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.2-0.4.1"/> 19495 <criterion test_ref="oval:org.opensuse.security:tst:2009070723" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.2-0.4.1"/> 19496 <criterion test_ref="oval:org.opensuse.security:tst:2009070724" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.2-0.4.1"/> 19497 <criterion test_ref="oval:org.opensuse.security:tst:2009070725" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.2-0.4.1"/> 19498 <criterion test_ref="oval:org.opensuse.security:tst:2009070726" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.2-0.4.1"/> 19499 <criterion test_ref="oval:org.opensuse.security:tst:2009070727" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.2-0.4.1"/> 19500 <criterion test_ref="oval:org.opensuse.security:tst:2009070728" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.2-0.4.1"/> 19501 <criterion test_ref="oval:org.opensuse.security:tst:2009070729" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.2-0.4.1"/> 19502 <criterion test_ref="oval:org.opensuse.security:tst:2009070730" comment="java-1_5_0-ibm less than 1.5.0_sr12.2-0.4.1"/> 19503 </criteria> 19504 </criteria> 19505 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19506 <criteria operator="AND"> 19507 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19508 <criteria operator="OR"> 19509 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19510 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19511 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19512 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19513 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19514 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19515 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19516 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19517 </criteria> 19518 </criteria> 19519 </criteria> 19520 </definition> 19521 <definition id="oval:org.opensuse.security:def:20103567" version="1" class="vulnerability"> 19522 <metadata> 19523 <title>CVE-2010-3567</title> 19524 <affected family="unix"> 19525 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19526 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19527 </affected> 19528 <reference ref_id="CVE-2010-3567" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3567" source="CVE"/> 19529 <description> 19530 Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to a calculation error in right-to-left text character counts for the ICU OpenType font rendering implementation, which triggers an out-of-bounds memory access. 19531 </description> 19532 </metadata> 19533 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19534 <criteria operator="AND"> 19535 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19536 <criteria operator="OR"> 19537 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19538 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19539 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19540 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19541 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19542 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19543 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19544 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19545 </criteria> 19546 </criteria> 19547 </definition> 19548 <definition id="oval:org.opensuse.security:def:20103568" version="1" class="vulnerability"> 19549 <metadata> 19550 <title>CVE-2010-3568</title> 19551 <affected family="unix"> 19552 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19553 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19554 </affected> 19555 <reference ref_id="CVE-2010-3568" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3568" source="CVE"/> 19556 <description> 19557 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a race condition related to deserialization. 19558 </description> 19559 </metadata> 19560 <criteria operator="OR"> 19561 <!-- 4b65ef8ab087bd6b69fba574b61214de --> 19562 <criteria operator="AND"> 19563 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19564 <criteria operator="OR"> 19565 <criterion test_ref="oval:org.opensuse.security:tst:2009070720" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.2-0.4.1"/> 19566 <criterion test_ref="oval:org.opensuse.security:tst:2009070721" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.2-0.4.1"/> 19567 <criterion test_ref="oval:org.opensuse.security:tst:2009070722" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.2-0.4.1"/> 19568 <criterion test_ref="oval:org.opensuse.security:tst:2009070723" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.2-0.4.1"/> 19569 <criterion test_ref="oval:org.opensuse.security:tst:2009070724" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.2-0.4.1"/> 19570 <criterion test_ref="oval:org.opensuse.security:tst:2009070725" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.2-0.4.1"/> 19571 <criterion test_ref="oval:org.opensuse.security:tst:2009070726" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.2-0.4.1"/> 19572 <criterion test_ref="oval:org.opensuse.security:tst:2009070727" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.2-0.4.1"/> 19573 <criterion test_ref="oval:org.opensuse.security:tst:2009070728" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.2-0.4.1"/> 19574 <criterion test_ref="oval:org.opensuse.security:tst:2009070729" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.2-0.4.1"/> 19575 <criterion test_ref="oval:org.opensuse.security:tst:2009070730" comment="java-1_5_0-ibm less than 1.5.0_sr12.2-0.4.1"/> 19576 </criteria> 19577 </criteria> 19578 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19579 <criteria operator="AND"> 19580 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19581 <criteria operator="OR"> 19582 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19583 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19584 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19585 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19586 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19587 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19588 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19589 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19590 </criteria> 19591 </criteria> 19592 </criteria> 19593 </definition> 19594 <definition id="oval:org.opensuse.security:def:20103569" version="1" class="vulnerability"> 19595 <metadata> 19596 <title>CVE-2010-3569</title> 19597 <affected family="unix"> 19598 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19599 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19600 </affected> 19601 <reference ref_id="CVE-2010-3569" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3569" source="CVE"/> 19602 <description> 19603 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to execute arbitrary code by causing the defaultReadObject method in the Serialization API to set a volatile field multiple times. 19604 </description> 19605 </metadata> 19606 <criteria operator="OR"> 19607 <!-- 4b65ef8ab087bd6b69fba574b61214de --> 19608 <criteria operator="AND"> 19609 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19610 <criteria operator="OR"> 19611 <criterion test_ref="oval:org.opensuse.security:tst:2009070720" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.2-0.4.1"/> 19612 <criterion test_ref="oval:org.opensuse.security:tst:2009070721" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.2-0.4.1"/> 19613 <criterion test_ref="oval:org.opensuse.security:tst:2009070722" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.2-0.4.1"/> 19614 <criterion test_ref="oval:org.opensuse.security:tst:2009070723" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.2-0.4.1"/> 19615 <criterion test_ref="oval:org.opensuse.security:tst:2009070724" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.2-0.4.1"/> 19616 <criterion test_ref="oval:org.opensuse.security:tst:2009070725" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.2-0.4.1"/> 19617 <criterion test_ref="oval:org.opensuse.security:tst:2009070726" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.2-0.4.1"/> 19618 <criterion test_ref="oval:org.opensuse.security:tst:2009070727" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.2-0.4.1"/> 19619 <criterion test_ref="oval:org.opensuse.security:tst:2009070728" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.2-0.4.1"/> 19620 <criterion test_ref="oval:org.opensuse.security:tst:2009070729" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.2-0.4.1"/> 19621 <criterion test_ref="oval:org.opensuse.security:tst:2009070730" comment="java-1_5_0-ibm less than 1.5.0_sr12.2-0.4.1"/> 19622 </criteria> 19623 </criteria> 19624 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19625 <criteria operator="AND"> 19626 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19627 <criteria operator="OR"> 19628 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19629 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19630 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19631 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19632 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19633 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19634 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19635 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19636 </criteria> 19637 </criteria> 19638 </criteria> 19639 </definition> 19640 <definition id="oval:org.opensuse.security:def:20103570" version="1" class="vulnerability"> 19641 <metadata> 19642 <title>CVE-2010-3570</title> 19643 <affected family="unix"> 19644 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19645 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19646 </affected> 19647 <reference ref_id="CVE-2010-3570" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3570" source="CVE"/> 19648 <description> 19649 Unspecified vulnerability in the Deployment Toolkit component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. 19650 </description> 19651 </metadata> 19652 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19653 <criteria operator="AND"> 19654 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19655 <criteria operator="OR"> 19656 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19657 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19658 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19659 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19660 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19661 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19662 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19663 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19664 </criteria> 19665 </criteria> 19666 </definition> 19667 <definition id="oval:org.opensuse.security:def:20103571" version="1" class="vulnerability"> 19668 <metadata> 19669 <title>CVE-2010-3571</title> 19670 <affected family="unix"> 19671 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19672 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19673 </affected> 19674 <reference ref_id="CVE-2010-3571" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3571" source="CVE"/> 19675 <description> 19676 Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the color profile parser that allows remote attackers to execute arbitrary code via a crafted Tag structure in a color profile. 19677 </description> 19678 </metadata> 19679 <criteria operator="OR"> 19680 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19681 <criteria operator="AND"> 19682 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19683 <criteria operator="OR"> 19684 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19685 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19686 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19687 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19688 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19689 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19690 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19691 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19692 </criteria> 19693 </criteria> 19694 <!-- ac2e446384cdeb74511d6cd5eb10eb59 --> 19695 <criteria operator="AND"> 19696 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19697 <criteria operator="OR"> 19698 <criterion test_ref="oval:org.opensuse.security:tst:2009066377" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.3-0.7.1"/> 19699 <criterion test_ref="oval:org.opensuse.security:tst:2009066378" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.3-0.7.1"/> 19700 <criterion test_ref="oval:org.opensuse.security:tst:2009066379" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.3-0.7.1"/> 19701 <criterion test_ref="oval:org.opensuse.security:tst:2009066380" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.3-0.7.1"/> 19702 <criterion test_ref="oval:org.opensuse.security:tst:2009066381" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.3-0.7.1"/> 19703 <criterion test_ref="oval:org.opensuse.security:tst:2009066382" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.3-0.7.1"/> 19704 <criterion test_ref="oval:org.opensuse.security:tst:2009066383" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.3-0.7.1"/> 19705 <criterion test_ref="oval:org.opensuse.security:tst:2009066384" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.3-0.7.1"/> 19706 <criterion test_ref="oval:org.opensuse.security:tst:2009066385" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.3-0.7.1"/> 19707 <criterion test_ref="oval:org.opensuse.security:tst:2009066386" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.3-0.7.1"/> 19708 <criterion test_ref="oval:org.opensuse.security:tst:2009066387" comment="java-1_5_0-ibm less than 1.5.0_sr12.3-0.7.1"/> 19709 </criteria> 19710 </criteria> 19711 </criteria> 19712 </definition> 19713 <definition id="oval:org.opensuse.security:def:20103572" version="1" class="vulnerability"> 19714 <metadata> 19715 <title>CVE-2010-3572</title> 19716 <affected family="unix"> 19717 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19718 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19719 </affected> 19720 <reference ref_id="CVE-2010-3572" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3572" source="CVE"/> 19721 <description> 19722 Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. 19723 </description> 19724 </metadata> 19725 <criteria operator="OR"> 19726 <!-- 4b65ef8ab087bd6b69fba574b61214de --> 19727 <criteria operator="AND"> 19728 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19729 <criteria operator="OR"> 19730 <criterion test_ref="oval:org.opensuse.security:tst:2009070720" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.2-0.4.1"/> 19731 <criterion test_ref="oval:org.opensuse.security:tst:2009070721" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.2-0.4.1"/> 19732 <criterion test_ref="oval:org.opensuse.security:tst:2009070722" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.2-0.4.1"/> 19733 <criterion test_ref="oval:org.opensuse.security:tst:2009070723" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.2-0.4.1"/> 19734 <criterion test_ref="oval:org.opensuse.security:tst:2009070724" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.2-0.4.1"/> 19735 <criterion test_ref="oval:org.opensuse.security:tst:2009070725" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.2-0.4.1"/> 19736 <criterion test_ref="oval:org.opensuse.security:tst:2009070726" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.2-0.4.1"/> 19737 <criterion test_ref="oval:org.opensuse.security:tst:2009070727" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.2-0.4.1"/> 19738 <criterion test_ref="oval:org.opensuse.security:tst:2009070728" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.2-0.4.1"/> 19739 <criterion test_ref="oval:org.opensuse.security:tst:2009070729" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.2-0.4.1"/> 19740 <criterion test_ref="oval:org.opensuse.security:tst:2009070730" comment="java-1_5_0-ibm less than 1.5.0_sr12.2-0.4.1"/> 19741 </criteria> 19742 </criteria> 19743 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19744 <criteria operator="AND"> 19745 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19746 <criteria operator="OR"> 19747 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19748 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19749 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19750 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19751 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19752 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19753 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19754 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19755 </criteria> 19756 </criteria> 19757 </criteria> 19758 </definition> 19759 <definition id="oval:org.opensuse.security:def:20103573" version="1" class="vulnerability"> 19760 <metadata> 19761 <title>CVE-2010-3573</title> 19762 <affected family="unix"> 19763 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19764 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19765 </affected> 19766 <reference ref_id="CVE-2010-3573" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3573" source="CVE"/> 19767 <description> 19768 Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, which allows remote attackers to bypass the intended security policy. 19769 </description> 19770 </metadata> 19771 <criteria operator="OR"> 19772 <!-- 4b65ef8ab087bd6b69fba574b61214de --> 19773 <criteria operator="AND"> 19774 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19775 <criteria operator="OR"> 19776 <criterion test_ref="oval:org.opensuse.security:tst:2009070720" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.2-0.4.1"/> 19777 <criterion test_ref="oval:org.opensuse.security:tst:2009070721" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.2-0.4.1"/> 19778 <criterion test_ref="oval:org.opensuse.security:tst:2009070722" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.2-0.4.1"/> 19779 <criterion test_ref="oval:org.opensuse.security:tst:2009070723" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.2-0.4.1"/> 19780 <criterion test_ref="oval:org.opensuse.security:tst:2009070724" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.2-0.4.1"/> 19781 <criterion test_ref="oval:org.opensuse.security:tst:2009070725" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.2-0.4.1"/> 19782 <criterion test_ref="oval:org.opensuse.security:tst:2009070726" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.2-0.4.1"/> 19783 <criterion test_ref="oval:org.opensuse.security:tst:2009070727" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.2-0.4.1"/> 19784 <criterion test_ref="oval:org.opensuse.security:tst:2009070728" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.2-0.4.1"/> 19785 <criterion test_ref="oval:org.opensuse.security:tst:2009070729" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.2-0.4.1"/> 19786 <criterion test_ref="oval:org.opensuse.security:tst:2009070730" comment="java-1_5_0-ibm less than 1.5.0_sr12.2-0.4.1"/> 19787 </criteria> 19788 </criteria> 19789 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19790 <criteria operator="AND"> 19791 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19792 <criteria operator="OR"> 19793 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19794 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19795 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19796 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19797 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19798 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19799 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19800 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19801 </criteria> 19802 </criteria> 19803 </criteria> 19804 </definition> 19805 <definition id="oval:org.opensuse.security:def:20103574" version="1" class="vulnerability"> 19806 <metadata> 19807 <title>CVE-2010-3574</title> 19808 <affected family="unix"> 19809 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19810 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19811 </affected> 19812 <reference ref_id="CVE-2010-3574" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3574" source="CVE"/> 19813 <description> 19814 Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that HttpURLConnection does not properly check for the allowHttpTrace permission, which allows untrusted code to perform HTTP TRACE requests. 19815 </description> 19816 </metadata> 19817 <criteria operator="OR"> 19818 <!-- 4b65ef8ab087bd6b69fba574b61214de --> 19819 <criteria operator="AND"> 19820 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19821 <criteria operator="OR"> 19822 <criterion test_ref="oval:org.opensuse.security:tst:2009070720" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.2-0.4.1"/> 19823 <criterion test_ref="oval:org.opensuse.security:tst:2009070721" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.2-0.4.1"/> 19824 <criterion test_ref="oval:org.opensuse.security:tst:2009070722" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.2-0.4.1"/> 19825 <criterion test_ref="oval:org.opensuse.security:tst:2009070723" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.2-0.4.1"/> 19826 <criterion test_ref="oval:org.opensuse.security:tst:2009070724" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.2-0.4.1"/> 19827 <criterion test_ref="oval:org.opensuse.security:tst:2009070725" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.2-0.4.1"/> 19828 <criterion test_ref="oval:org.opensuse.security:tst:2009070726" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.2-0.4.1"/> 19829 <criterion test_ref="oval:org.opensuse.security:tst:2009070727" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.2-0.4.1"/> 19830 <criterion test_ref="oval:org.opensuse.security:tst:2009070728" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.2-0.4.1"/> 19831 <criterion test_ref="oval:org.opensuse.security:tst:2009070729" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.2-0.4.1"/> 19832 <criterion test_ref="oval:org.opensuse.security:tst:2009070730" comment="java-1_5_0-ibm less than 1.5.0_sr12.2-0.4.1"/> 19833 </criteria> 19834 </criteria> 19835 <!-- 856583fc7b46e3b0d3455fdb1cc2341b --> 19836 <criteria operator="AND"> 19837 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19838 <criteria operator="OR"> 19839 <criterion test_ref="oval:org.opensuse.security:tst:2009064403" comment="java-1_6_0-sun-32bit less than 1.6.0.u22-1.8.1"/> 19840 <criterion test_ref="oval:org.opensuse.security:tst:2009064404" comment="java-1_6_0-sun-alsa less than 1.6.0.u22-1.8.1"/> 19841 <criterion test_ref="oval:org.opensuse.security:tst:2009064405" comment="java-1_6_0-sun-demo less than 1.6.0.u22-1.8.1"/> 19842 <criterion test_ref="oval:org.opensuse.security:tst:2009064406" comment="java-1_6_0-sun-jdbc less than 1.6.0.u22-1.8.1"/> 19843 <criterion test_ref="oval:org.opensuse.security:tst:2009064407" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u22-1.8.1"/> 19844 <criterion test_ref="oval:org.opensuse.security:tst:2009064408" comment="java-1_6_0-sun-plugin less than 1.6.0.u22-1.8.1"/> 19845 <criterion test_ref="oval:org.opensuse.security:tst:2009064409" comment="java-1_6_0-sun-src less than 1.6.0.u22-1.8.1"/> 19846 <criterion test_ref="oval:org.opensuse.security:tst:2009064410" comment="java-1_6_0-sun less than 1.6.0.u22-1.8.1"/> 19847 </criteria> 19848 </criteria> 19849 </criteria> 19850 </definition> 19851 <definition id="oval:org.opensuse.security:def:20103609" version="1" class="vulnerability"> 19852 <metadata> 19853 <title>CVE-2010-3609</title> 19854 <affected family="unix"> 19855 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19856 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19857 </affected> 19858 <reference ref_id="CVE-2010-3609" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3609" source="CVE"/> 19859 <description> 19860 The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon (SLPD) in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, allows remote attackers to cause a denial of service (infinite loop) via a packet with a "next extension offset" that references this extension or a previous extension. NOTE: some of these details are obtained from third party information. 19861 </description> 19862 </metadata> 19863 <!-- e08ec1ea6584207d6d25917d592ea815 --> 19864 <criteria operator="AND"> 19865 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19866 <criteria operator="OR"> 19867 <criterion test_ref="oval:org.opensuse.security:tst:2009064548" comment="openslp-32bit less than 1.2.0-22.31.1"/> 19868 <criterion test_ref="oval:org.opensuse.security:tst:2009064549" comment="openslp-devel less than 1.2.0-22.31.1"/> 19869 <criterion test_ref="oval:org.opensuse.security:tst:2009064550" comment="openslp less than 1.2.0-22.31.1"/> 19870 </criteria> 19871 </criteria> 19872 </definition> 19873 <definition id="oval:org.opensuse.security:def:20103619" version="1" class="vulnerability"> 19874 <metadata> 19875 <title>CVE-2010-3619</title> 19876 <affected family="unix"> 19877 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19878 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19879 </affected> 19880 <reference ref_id="CVE-2010-3619" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3619" source="CVE"/> 19881 <description> 19882 Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658. 19883 </description> 19884 </metadata> 19885 <criteria operator="OR"> 19886 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 19887 <criteria operator="AND"> 19888 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19889 <criteria operator="OR"> 19890 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 19891 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 19892 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 19893 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 19894 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 19895 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 19896 </criteria> 19897 </criteria> 19898 <!-- c98bea71d14572098aa8cbba15453e6e --> 19899 <criteria operator="AND"> 19900 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19901 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 19902 </criteria> 19903 </criteria> 19904 </definition> 19905 <definition id="oval:org.opensuse.security:def:20103620" version="1" class="vulnerability"> 19906 <metadata> 19907 <title>CVE-2010-3620</title> 19908 <affected family="unix"> 19909 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19910 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19911 </affected> 19912 <reference ref_id="CVE-2010-3620" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3620" source="CVE"/> 19913 <description> 19914 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3629. 19915 </description> 19916 </metadata> 19917 <criteria operator="OR"> 19918 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 19919 <criteria operator="AND"> 19920 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19921 <criteria operator="OR"> 19922 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 19923 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 19924 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 19925 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 19926 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 19927 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 19928 </criteria> 19929 </criteria> 19930 <!-- c98bea71d14572098aa8cbba15453e6e --> 19931 <criteria operator="AND"> 19932 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19933 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 19934 </criteria> 19935 </criteria> 19936 </definition> 19937 <definition id="oval:org.opensuse.security:def:20103621" version="1" class="vulnerability"> 19938 <metadata> 19939 <title>CVE-2010-3621</title> 19940 <affected family="unix"> 19941 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19942 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19943 </affected> 19944 <reference ref_id="CVE-2010-3621" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3621" source="CVE"/> 19945 <description> 19946 Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658. 19947 </description> 19948 </metadata> 19949 <criteria operator="OR"> 19950 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 19951 <criteria operator="AND"> 19952 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19953 <criteria operator="OR"> 19954 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 19955 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 19956 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 19957 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 19958 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 19959 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 19960 </criteria> 19961 </criteria> 19962 <!-- c98bea71d14572098aa8cbba15453e6e --> 19963 <criteria operator="AND"> 19964 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19965 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 19966 </criteria> 19967 </criteria> 19968 </definition> 19969 <definition id="oval:org.opensuse.security:def:20103622" version="1" class="vulnerability"> 19970 <metadata> 19971 <title>CVE-2010-3622</title> 19972 <affected family="unix"> 19973 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 19974 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 19975 </affected> 19976 <reference ref_id="CVE-2010-3622" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3622" source="CVE"/> 19977 <description> 19978 Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658. 19979 </description> 19980 </metadata> 19981 <criteria operator="OR"> 19982 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 19983 <criteria operator="AND"> 19984 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19985 <criteria operator="OR"> 19986 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 19987 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 19988 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 19989 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 19990 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 19991 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 19992 </criteria> 19993 </criteria> 19994 <!-- c98bea71d14572098aa8cbba15453e6e --> 19995 <criteria operator="AND"> 19996 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 19997 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 19998 </criteria> 19999 </criteria> 20000 </definition> 20001 <definition id="oval:org.opensuse.security:def:20103623" version="1" class="vulnerability"> 20002 <metadata> 20003 <title>CVE-2010-3623</title> 20004 <affected family="unix"> 20005 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20006 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20007 </affected> 20008 <reference ref_id="CVE-2010-3623" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3623" source="CVE"/> 20009 <description> 20010 Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. 20011 </description> 20012 </metadata> 20013 <criteria operator="OR"> 20014 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 20015 <criteria operator="AND"> 20016 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20017 <criteria operator="OR"> 20018 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 20019 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 20020 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 20021 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 20022 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 20023 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 20024 </criteria> 20025 </criteria> 20026 <!-- c98bea71d14572098aa8cbba15453e6e --> 20027 <criteria operator="AND"> 20028 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20029 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 20030 </criteria> 20031 </criteria> 20032 </definition> 20033 <definition id="oval:org.opensuse.security:def:20103624" version="1" class="vulnerability"> 20034 <metadata> 20035 <title>CVE-2010-3624</title> 20036 <affected family="unix"> 20037 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20038 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20039 </affected> 20040 <reference ref_id="CVE-2010-3624" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3624" source="CVE"/> 20041 <description> 20042 Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allows attackers to execute arbitrary code via a crafted image. 20043 </description> 20044 </metadata> 20045 <criteria operator="OR"> 20046 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 20047 <criteria operator="AND"> 20048 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20049 <criteria operator="OR"> 20050 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 20051 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 20052 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 20053 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 20054 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 20055 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 20056 </criteria> 20057 </criteria> 20058 <!-- c98bea71d14572098aa8cbba15453e6e --> 20059 <criteria operator="AND"> 20060 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20061 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 20062 </criteria> 20063 </criteria> 20064 </definition> 20065 <definition id="oval:org.opensuse.security:def:20103625" version="1" class="vulnerability"> 20066 <metadata> 20067 <title>CVE-2010-3625</title> 20068 <affected family="unix"> 20069 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20070 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20071 </affected> 20072 <reference ref_id="CVE-2010-3625" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3625" source="CVE"/> 20073 <description> 20074 Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability." 20075 </description> 20076 </metadata> 20077 <criteria operator="OR"> 20078 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 20079 <criteria operator="AND"> 20080 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20081 <criteria operator="OR"> 20082 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 20083 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 20084 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 20085 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 20086 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 20087 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 20088 </criteria> 20089 </criteria> 20090 <!-- c98bea71d14572098aa8cbba15453e6e --> 20091 <criteria operator="AND"> 20092 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20093 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 20094 </criteria> 20095 </criteria> 20096 </definition> 20097 <definition id="oval:org.opensuse.security:def:20103626" version="1" class="vulnerability"> 20098 <metadata> 20099 <title>CVE-2010-3626</title> 20100 <affected family="unix"> 20101 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20102 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20103 </affected> 20104 <reference ref_id="CVE-2010-3626" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3626" source="CVE"/> 20105 <description> 20106 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted font, a different vulnerability than CVE-2010-2889. 20107 </description> 20108 </metadata> 20109 <criteria operator="OR"> 20110 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 20111 <criteria operator="AND"> 20112 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20113 <criteria operator="OR"> 20114 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 20115 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 20116 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 20117 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 20118 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 20119 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 20120 </criteria> 20121 </criteria> 20122 <!-- c98bea71d14572098aa8cbba15453e6e --> 20123 <criteria operator="AND"> 20124 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20125 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 20126 </criteria> 20127 </criteria> 20128 </definition> 20129 <definition id="oval:org.opensuse.security:def:20103627" version="1" class="vulnerability"> 20130 <metadata> 20131 <title>CVE-2010-3627</title> 20132 <affected family="unix"> 20133 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20134 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20135 </affected> 20136 <reference ref_id="CVE-2010-3627" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3627" source="CVE"/> 20137 <description> 20138 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via unknown vectors. 20139 </description> 20140 </metadata> 20141 <criteria operator="OR"> 20142 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 20143 <criteria operator="AND"> 20144 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20145 <criteria operator="OR"> 20146 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 20147 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 20148 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 20149 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 20150 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 20151 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 20152 </criteria> 20153 </criteria> 20154 <!-- c98bea71d14572098aa8cbba15453e6e --> 20155 <criteria operator="AND"> 20156 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20157 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 20158 </criteria> 20159 </criteria> 20160 </definition> 20161 <definition id="oval:org.opensuse.security:def:20103628" version="1" class="vulnerability"> 20162 <metadata> 20163 <title>CVE-2010-3628</title> 20164 <affected family="unix"> 20165 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20166 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20167 </affected> 20168 <reference ref_id="CVE-2010-3628" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3628" source="CVE"/> 20169 <description> 20170 Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3632, and CVE-2010-3658. 20171 </description> 20172 </metadata> 20173 <criteria operator="OR"> 20174 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 20175 <criteria operator="AND"> 20176 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20177 <criteria operator="OR"> 20178 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 20179 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 20180 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 20181 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 20182 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 20183 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 20184 </criteria> 20185 </criteria> 20186 <!-- c98bea71d14572098aa8cbba15453e6e --> 20187 <criteria operator="AND"> 20188 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20189 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 20190 </criteria> 20191 </criteria> 20192 </definition> 20193 <definition id="oval:org.opensuse.security:def:20103629" version="1" class="vulnerability"> 20194 <metadata> 20195 <title>CVE-2010-3629</title> 20196 <affected family="unix"> 20197 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20198 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20199 </affected> 20200 <reference ref_id="CVE-2010-3629" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3629" source="CVE"/> 20201 <description> 20202 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3620. 20203 </description> 20204 </metadata> 20205 <criteria operator="OR"> 20206 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 20207 <criteria operator="AND"> 20208 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20209 <criteria operator="OR"> 20210 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 20211 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 20212 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 20213 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 20214 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 20215 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 20216 </criteria> 20217 </criteria> 20218 <!-- c98bea71d14572098aa8cbba15453e6e --> 20219 <criteria operator="AND"> 20220 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20221 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 20222 </criteria> 20223 </criteria> 20224 </definition> 20225 <definition id="oval:org.opensuse.security:def:20103630" version="1" class="vulnerability"> 20226 <metadata> 20227 <title>CVE-2010-3630</title> 20228 <affected family="unix"> 20229 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20230 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20231 </affected> 20232 <reference ref_id="CVE-2010-3630" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3630" source="CVE"/> 20233 <description> 20234 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors. 20235 </description> 20236 </metadata> 20237 <criteria operator="OR"> 20238 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 20239 <criteria operator="AND"> 20240 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20241 <criteria operator="OR"> 20242 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 20243 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 20244 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 20245 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 20246 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 20247 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 20248 </criteria> 20249 </criteria> 20250 <!-- c98bea71d14572098aa8cbba15453e6e --> 20251 <criteria operator="AND"> 20252 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20253 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 20254 </criteria> 20255 </criteria> 20256 </definition> 20257 <definition id="oval:org.opensuse.security:def:20103631" version="1" class="vulnerability"> 20258 <metadata> 20259 <title>CVE-2010-3631</title> 20260 <affected family="unix"> 20261 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20262 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20263 </affected> 20264 <reference ref_id="CVE-2010-3631" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3631" source="CVE"/> 20265 <description> 20266 Array index error in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allows attackers to execute arbitrary code via unspecified vectors. 20267 </description> 20268 </metadata> 20269 <criteria operator="OR"> 20270 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 20271 <criteria operator="AND"> 20272 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20273 <criteria operator="OR"> 20274 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 20275 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 20276 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 20277 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 20278 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 20279 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 20280 </criteria> 20281 </criteria> 20282 <!-- c98bea71d14572098aa8cbba15453e6e --> 20283 <criteria operator="AND"> 20284 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20285 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 20286 </criteria> 20287 </criteria> 20288 </definition> 20289 <definition id="oval:org.opensuse.security:def:20103632" version="1" class="vulnerability"> 20290 <metadata> 20291 <title>CVE-2010-3632</title> 20292 <affected family="unix"> 20293 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20294 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20295 </affected> 20296 <reference ref_id="CVE-2010-3632" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3632" source="CVE"/> 20297 <description> 20298 Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3658. 20299 </description> 20300 </metadata> 20301 <criteria operator="OR"> 20302 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 20303 <criteria operator="AND"> 20304 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20305 <criteria operator="OR"> 20306 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 20307 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 20308 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 20309 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 20310 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 20311 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 20312 </criteria> 20313 </criteria> 20314 <!-- c98bea71d14572098aa8cbba15453e6e --> 20315 <criteria operator="AND"> 20316 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20317 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 20318 </criteria> 20319 </criteria> 20320 </definition> 20321 <definition id="oval:org.opensuse.security:def:20103654" version="1" class="vulnerability"> 20322 <metadata> 20323 <title>CVE-2010-3654</title> 20324 <affected family="unix"> 20325 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20326 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20327 </affected> 20328 <reference ref_id="CVE-2010-3654" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654" source="CVE"/> 20329 <description> 20330 Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010. 20331 </description> 20332 </metadata> 20333 <criteria operator="OR"> 20334 <!-- 34246c4efba2dacfca1e33872cf42d89 --> 20335 <criteria operator="AND"> 20336 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20337 <criterion test_ref="oval:org.opensuse.security:tst:2009064942" comment="acroread less than 9.4.1-0.4.1"/> 20338 </criteria> 20339 <!-- 754ac44f54866ef5d17c66c57c7e2683 --> 20340 <criteria operator="AND"> 20341 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20342 <criterion test_ref="oval:org.opensuse.security:tst:2009064943" comment="acroread_ja less than 9.4.1-0.4.1"/> 20343 </criteria> 20344 <!-- bb437d0c41d18bbb6f28721070902cc0 --> 20345 <criteria operator="AND"> 20346 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20347 <criterion test_ref="oval:org.opensuse.security:tst:2009064337" comment="flash-player less than 9.0.289.0-0.4.1"/> 20348 </criteria> 20349 </criteria> 20350 </definition> 20351 <definition id="oval:org.opensuse.security:def:20103656" version="1" class="vulnerability"> 20352 <metadata> 20353 <title>CVE-2010-3656</title> 20354 <affected family="unix"> 20355 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20356 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20357 </affected> 20358 <reference ref_id="CVE-2010-3656" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3656" source="CVE"/> 20359 <description> 20360 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3657. 20361 </description> 20362 </metadata> 20363 <criteria operator="OR"> 20364 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 20365 <criteria operator="AND"> 20366 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20367 <criteria operator="OR"> 20368 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 20369 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 20370 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 20371 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 20372 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 20373 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 20374 </criteria> 20375 </criteria> 20376 <!-- c98bea71d14572098aa8cbba15453e6e --> 20377 <criteria operator="AND"> 20378 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20379 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 20380 </criteria> 20381 </criteria> 20382 </definition> 20383 <definition id="oval:org.opensuse.security:def:20103657" version="1" class="vulnerability"> 20384 <metadata> 20385 <title>CVE-2010-3657</title> 20386 <affected family="unix"> 20387 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20388 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20389 </affected> 20390 <reference ref_id="CVE-2010-3657" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3657" source="CVE"/> 20391 <description> 20392 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3656. 20393 </description> 20394 </metadata> 20395 <criteria operator="OR"> 20396 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 20397 <criteria operator="AND"> 20398 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20399 <criteria operator="OR"> 20400 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 20401 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 20402 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 20403 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 20404 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 20405 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 20406 </criteria> 20407 </criteria> 20408 <!-- c98bea71d14572098aa8cbba15453e6e --> 20409 <criteria operator="AND"> 20410 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20411 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 20412 </criteria> 20413 </criteria> 20414 </definition> 20415 <definition id="oval:org.opensuse.security:def:20103658" version="1" class="vulnerability"> 20416 <metadata> 20417 <title>CVE-2010-3658</title> 20418 <affected family="unix"> 20419 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20420 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20421 </affected> 20422 <reference ref_id="CVE-2010-3658" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3658" source="CVE"/> 20423 <description> 20424 Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3632. 20425 </description> 20426 </metadata> 20427 <criteria operator="OR"> 20428 <!-- 71f8951f19d4b343293922d8b70eaca9 --> 20429 <criteria operator="AND"> 20430 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20431 <criteria operator="OR"> 20432 <criterion test_ref="oval:org.opensuse.security:tst:2009063370" comment="acroread-cmaps less than 9.4-0.4.1"/> 20433 <criterion test_ref="oval:org.opensuse.security:tst:2009063371" comment="acroread-fonts-ja less than 9.4-0.4.1"/> 20434 <criterion test_ref="oval:org.opensuse.security:tst:2009063372" comment="acroread-fonts-ko less than 9.4-0.4.1"/> 20435 <criterion test_ref="oval:org.opensuse.security:tst:2009063373" comment="acroread-fonts-zh_CN less than 9.4-0.4.1"/> 20436 <criterion test_ref="oval:org.opensuse.security:tst:2009063374" comment="acroread-fonts-zh_TW less than 9.4-0.4.1"/> 20437 <criterion test_ref="oval:org.opensuse.security:tst:2009063375" comment="acroread less than 9.4-0.4.1"/> 20438 </criteria> 20439 </criteria> 20440 <!-- c98bea71d14572098aa8cbba15453e6e --> 20441 <criteria operator="AND"> 20442 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20443 <criterion test_ref="oval:org.opensuse.security:tst:2009063376" comment="acroread_ja less than 9.4-0.4.1"/> 20444 </criteria> 20445 </criteria> 20446 </definition> 20447 <definition id="oval:org.opensuse.security:def:20103677" version="1" class="vulnerability"> 20448 <metadata> 20449 <title>CVE-2010-3677</title> 20450 <affected family="unix"> 20451 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20452 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20453 </affected> 20454 <reference ref_id="CVE-2010-3677" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3677" source="CVE"/> 20455 <description> 20456 Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column. 20457 </description> 20458 </metadata> 20459 <!-- 826914f7f97a3f40f0cf58084177340b --> 20460 <criteria operator="AND"> 20461 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20462 <criteria operator="OR"> 20463 <criterion test_ref="oval:org.opensuse.security:tst:2009063559" comment="mysql-client less than 5.0.26-12.29.1"/> 20464 <criterion test_ref="oval:org.opensuse.security:tst:2009063560" comment="mysql-devel less than 5.0.26-12.29.1"/> 20465 <criterion test_ref="oval:org.opensuse.security:tst:2009063561" comment="mysql-shared-32bit less than 5.0.26-12.29.1"/> 20466 <criterion test_ref="oval:org.opensuse.security:tst:2009063562" comment="mysql-shared less than 5.0.26-12.29.1"/> 20467 <criterion test_ref="oval:org.opensuse.security:tst:2009063563" comment="mysql less than 5.0.26-12.29.1"/> 20468 </criteria> 20469 </criteria> 20470 </definition> 20471 <definition id="oval:org.opensuse.security:def:20103678" version="1" class="vulnerability"> 20472 <metadata> 20473 <title>CVE-2010-3678</title> 20474 <affected family="unix"> 20475 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20476 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20477 </affected> 20478 <reference ref_id="CVE-2010-3678" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3678" source="CVE"/> 20479 <description> 20480 Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier. 20481 </description> 20482 </metadata> 20483 <!-- 826914f7f97a3f40f0cf58084177340b --> 20484 <criteria operator="AND"> 20485 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20486 <criteria operator="OR"> 20487 <criterion test_ref="oval:org.opensuse.security:tst:2009063559" comment="mysql-client less than 5.0.26-12.29.1"/> 20488 <criterion test_ref="oval:org.opensuse.security:tst:2009063560" comment="mysql-devel less than 5.0.26-12.29.1"/> 20489 <criterion test_ref="oval:org.opensuse.security:tst:2009063561" comment="mysql-shared-32bit less than 5.0.26-12.29.1"/> 20490 <criterion test_ref="oval:org.opensuse.security:tst:2009063562" comment="mysql-shared less than 5.0.26-12.29.1"/> 20491 <criterion test_ref="oval:org.opensuse.security:tst:2009063563" comment="mysql less than 5.0.26-12.29.1"/> 20492 </criteria> 20493 </criteria> 20494 </definition> 20495 <definition id="oval:org.opensuse.security:def:20103681" version="1" class="vulnerability"> 20496 <metadata> 20497 <title>CVE-2010-3681</title> 20498 <affected family="unix"> 20499 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20500 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20501 </affected> 20502 <reference ref_id="CVE-2010-3681" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3681" source="CVE"/> 20503 <description> 20504 Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure. 20505 </description> 20506 </metadata> 20507 <!-- 826914f7f97a3f40f0cf58084177340b --> 20508 <criteria operator="AND"> 20509 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20510 <criteria operator="OR"> 20511 <criterion test_ref="oval:org.opensuse.security:tst:2009063559" comment="mysql-client less than 5.0.26-12.29.1"/> 20512 <criterion test_ref="oval:org.opensuse.security:tst:2009063560" comment="mysql-devel less than 5.0.26-12.29.1"/> 20513 <criterion test_ref="oval:org.opensuse.security:tst:2009063561" comment="mysql-shared-32bit less than 5.0.26-12.29.1"/> 20514 <criterion test_ref="oval:org.opensuse.security:tst:2009063562" comment="mysql-shared less than 5.0.26-12.29.1"/> 20515 <criterion test_ref="oval:org.opensuse.security:tst:2009063563" comment="mysql less than 5.0.26-12.29.1"/> 20516 </criteria> 20517 </criteria> 20518 </definition> 20519 <definition id="oval:org.opensuse.security:def:20103682" version="1" class="vulnerability"> 20520 <metadata> 20521 <title>CVE-2010-3682</title> 20522 <affected family="unix"> 20523 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20524 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20525 </affected> 20526 <reference ref_id="CVE-2010-3682" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3682" source="CVE"/> 20527 <description> 20528 Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function. 20529 </description> 20530 </metadata> 20531 <!-- 826914f7f97a3f40f0cf58084177340b --> 20532 <criteria operator="AND"> 20533 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20534 <criteria operator="OR"> 20535 <criterion test_ref="oval:org.opensuse.security:tst:2009063559" comment="mysql-client less than 5.0.26-12.29.1"/> 20536 <criterion test_ref="oval:org.opensuse.security:tst:2009063560" comment="mysql-devel less than 5.0.26-12.29.1"/> 20537 <criterion test_ref="oval:org.opensuse.security:tst:2009063561" comment="mysql-shared-32bit less than 5.0.26-12.29.1"/> 20538 <criterion test_ref="oval:org.opensuse.security:tst:2009063562" comment="mysql-shared less than 5.0.26-12.29.1"/> 20539 <criterion test_ref="oval:org.opensuse.security:tst:2009063563" comment="mysql less than 5.0.26-12.29.1"/> 20540 </criteria> 20541 </criteria> 20542 </definition> 20543 <definition id="oval:org.opensuse.security:def:20103683" version="1" class="vulnerability"> 20544 <metadata> 20545 <title>CVE-2010-3683</title> 20546 <affected family="unix"> 20547 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20548 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20549 </affected> 20550 <reference ref_id="CVE-2010-3683" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3683" source="CVE"/> 20551 <description> 20552 Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request. 20553 </description> 20554 </metadata> 20555 <!-- 826914f7f97a3f40f0cf58084177340b --> 20556 <criteria operator="AND"> 20557 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20558 <criteria operator="OR"> 20559 <criterion test_ref="oval:org.opensuse.security:tst:2009063559" comment="mysql-client less than 5.0.26-12.29.1"/> 20560 <criterion test_ref="oval:org.opensuse.security:tst:2009063560" comment="mysql-devel less than 5.0.26-12.29.1"/> 20561 <criterion test_ref="oval:org.opensuse.security:tst:2009063561" comment="mysql-shared-32bit less than 5.0.26-12.29.1"/> 20562 <criterion test_ref="oval:org.opensuse.security:tst:2009063562" comment="mysql-shared less than 5.0.26-12.29.1"/> 20563 <criterion test_ref="oval:org.opensuse.security:tst:2009063563" comment="mysql less than 5.0.26-12.29.1"/> 20564 </criteria> 20565 </criteria> 20566 </definition> 20567 <definition id="oval:org.opensuse.security:def:20103689" version="1" class="vulnerability"> 20568 <metadata> 20569 <title>CVE-2010-3689</title> 20570 <affected family="unix"> 20571 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20572 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20573 </affected> 20574 <reference ref_id="CVE-2010-3689" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3689" source="CVE"/> 20575 <description> 20576 soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. 20577 </description> 20578 </metadata> 20579 <!-- 620ba2655e733f37c547ce340f0bdce6 --> 20580 <criteria operator="AND"> 20581 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20582 <criteria operator="OR"> 20583 <criterion test_ref="oval:org.opensuse.security:tst:2009070746" comment="boost-32bit less than 1.33.1-17.13.2.1"/> 20584 <criterion test_ref="oval:org.opensuse.security:tst:2009070747" comment="boost less than 1.33.1-17.13.2.1"/> 20585 <criterion test_ref="oval:org.opensuse.security:tst:2009070748" comment="libreoffice-af less than 3.3.1.2-1.6.2.2"/> 20586 <criterion test_ref="oval:org.opensuse.security:tst:2009070749" comment="libreoffice-ar less than 3.3.1.2-1.6.2.2"/> 20587 <criterion test_ref="oval:org.opensuse.security:tst:2009070750" comment="libreoffice-ca less than 3.3.1.2-1.6.2.2"/> 20588 <criterion test_ref="oval:org.opensuse.security:tst:2009070751" comment="libreoffice-cs less than 3.3.1.2-1.6.2.2"/> 20589 <criterion test_ref="oval:org.opensuse.security:tst:2009070752" comment="libreoffice-da less than 3.3.1.2-1.6.2.2"/> 20590 <criterion test_ref="oval:org.opensuse.security:tst:2009070753" comment="libreoffice-de-templates less than 8.2.1-0.5.1"/> 20591 <criterion test_ref="oval:org.opensuse.security:tst:2009070754" comment="libreoffice-de less than 3.3.1.2-1.6.2.2"/> 20592 <criterion test_ref="oval:org.opensuse.security:tst:2009070755" comment="libreoffice-el less than 3.3.1.2-1.6.2.2"/> 20593 <criterion test_ref="oval:org.opensuse.security:tst:2009070756" comment="libreoffice-en-GB less than 3.3.1.2-1.6.2.2"/> 20594 <criterion test_ref="oval:org.opensuse.security:tst:2009070757" comment="libreoffice-es less than 3.3.1.2-1.6.2.2"/> 20595 <criterion test_ref="oval:org.opensuse.security:tst:2009070758" comment="libreoffice-fi less than 3.3.1.2-1.6.2.2"/> 20596 <criterion test_ref="oval:org.opensuse.security:tst:2009070759" comment="libreoffice-fr less than 3.3.1.2-1.6.2.2"/> 20597 <criterion test_ref="oval:org.opensuse.security:tst:2009070760" comment="libreoffice-galleries less than 3.3.1.2-1.6.2.2"/> 20598 <criterion test_ref="oval:org.opensuse.security:tst:2009070761" comment="libreoffice-gnome less than 3.3.1.2-1.6.2.2"/> 20599 <criterion test_ref="oval:org.opensuse.security:tst:2009070762" comment="libreoffice-gu-IN less than 3.3.1.2-1.6.2.2"/> 20600 <criterion test_ref="oval:org.opensuse.security:tst:2009070763" comment="libreoffice-hi-IN less than 3.3.1.2-1.6.2.2"/> 20601 <criterion test_ref="oval:org.opensuse.security:tst:2009070764" comment="libreoffice-hu less than 3.3.1.2-1.6.2.2"/> 20602 <criterion test_ref="oval:org.opensuse.security:tst:2009070765" comment="libreoffice-it less than 3.3.1.2-1.6.2.2"/> 20603 <criterion test_ref="oval:org.opensuse.security:tst:2009070766" comment="libreoffice-ja less than 3.3.1.2-1.6.2.2"/> 20604 <criterion test_ref="oval:org.opensuse.security:tst:2009070767" comment="libreoffice-kde less than 3.3.1.2-1.6.2.2"/> 20605 <criterion test_ref="oval:org.opensuse.security:tst:2009070768" comment="libreoffice-ko less than 3.3.1.2-1.6.2.2"/> 20606 <criterion test_ref="oval:org.opensuse.security:tst:2009070769" comment="libreoffice-mono less than 3.3.1.2-1.6.2.2"/> 20607 <criterion test_ref="oval:org.opensuse.security:tst:2009070770" comment="libreoffice-nb less than 3.3.1.2-1.6.2.2"/> 20608 <criterion test_ref="oval:org.opensuse.security:tst:2009070771" comment="libreoffice-nl less than 3.3.1.2-1.6.2.2"/> 20609 <criterion test_ref="oval:org.opensuse.security:tst:2009070772" comment="libreoffice-nn less than 3.3.1.2-1.6.2.2"/> 20610 <criterion test_ref="oval:org.opensuse.security:tst:2009070773" comment="libreoffice-pl less than 3.3.1.2-1.6.2.2"/> 20611 <criterion test_ref="oval:org.opensuse.security:tst:2009070774" comment="libreoffice-pt-BR less than 3.3.1.2-1.6.2.2"/> 20612 <criterion test_ref="oval:org.opensuse.security:tst:2009070775" comment="libreoffice-ru less than 3.3.1.2-1.6.2.2"/> 20613 <criterion test_ref="oval:org.opensuse.security:tst:2009070776" comment="libreoffice-sk less than 3.3.1.2-1.6.2.2"/> 20614 <criterion test_ref="oval:org.opensuse.security:tst:2009070777" comment="libreoffice-sv less than 3.3.1.2-1.6.2.2"/> 20615 <criterion test_ref="oval:org.opensuse.security:tst:2009070778" comment="libreoffice-xh less than 3.3.1.2-1.6.2.2"/> 20616 <criterion test_ref="oval:org.opensuse.security:tst:2009070779" comment="libreoffice-zh-CN less than 3.3.1.2-1.6.2.2"/> 20617 <criterion test_ref="oval:org.opensuse.security:tst:2009070780" comment="libreoffice-zh-TW less than 3.3.1.2-1.6.2.2"/> 20618 <criterion test_ref="oval:org.opensuse.security:tst:2009070781" comment="libreoffice-zu less than 3.3.1.2-1.6.2.2"/> 20619 <criterion test_ref="oval:org.opensuse.security:tst:2009070782" comment="libreoffice less than 3.3.1.2-1.6.2.2"/> 20620 <criterion test_ref="oval:org.opensuse.security:tst:2009070783" comment="myspell-african less than 20040727-33.3.1"/> 20621 <criterion test_ref="oval:org.opensuse.security:tst:2009070784" comment="myspell-american less than 20040623-33.3.1"/> 20622 <criterion test_ref="oval:org.opensuse.security:tst:2009070785" comment="myspell-brazilian less than 20020806-33.3.1"/> 20623 <criterion test_ref="oval:org.opensuse.security:tst:2009070786" comment="myspell-british less than 20050526-27.3.1"/> 20624 <criterion test_ref="oval:org.opensuse.security:tst:2009070787" comment="myspell-catalan less than 0.1-248.3.1"/> 20625 <criterion test_ref="oval:org.opensuse.security:tst:2009070788" comment="myspell-czech less than 20030907-59.3.1"/> 20626 <criterion test_ref="oval:org.opensuse.security:tst:2009070789" comment="myspell-danish less than 20050421-27.3.1"/> 20627 <criterion test_ref="oval:org.opensuse.security:tst:2009070790" comment="myspell-dutch less than 20050719-22.14.3.1"/> 20628 <criterion test_ref="oval:org.opensuse.security:tst:2009070791" comment="myspell-french less than 1.0.1.1-26.14.3.1"/> 20629 <criterion test_ref="oval:org.opensuse.security:tst:2009070792" comment="myspell-german less than 20051213-19.14.3.1"/> 20630 <criterion test_ref="oval:org.opensuse.security:tst:2009070793" comment="myspell-greek less than 20041220-26.14.3.1"/> 20631 <criterion test_ref="oval:org.opensuse.security:tst:2009070794" comment="myspell-gujarati less than 20060929-20.12.3.1"/> 20632 <criterion test_ref="oval:org.opensuse.security:tst:2009070795" comment="myspell-hindi less than 0.1-20.12.3.1"/> 20633 <criterion test_ref="oval:org.opensuse.security:tst:2009070796" comment="myspell-italian less than 20050711-22.14.3.1"/> 20634 <criterion test_ref="oval:org.opensuse.security:tst:2009070797" comment="myspell-lithuanian less than 20031231-26.14.3.1"/> 20635 <criterion test_ref="oval:org.opensuse.security:tst:2009070798" comment="myspell-marathi less than 0.1-20.12.3.1"/> 20636 <criterion test_ref="oval:org.opensuse.security:tst:2009070799" comment="myspell-norsk-bokmaal less than 20050308-22.14.3.1"/> 20637 <criterion test_ref="oval:org.opensuse.security:tst:2009070800" comment="myspell-norsk-nynorsk less than 20041208-26.14.3.1"/> 20638 <criterion test_ref="oval:org.opensuse.security:tst:2009070801" comment="myspell-polish less than 20051016-20.14.3.1"/> 20639 <criterion test_ref="oval:org.opensuse.security:tst:2009070802" comment="myspell-portuguese less than 20020629-243.14.3.1"/> 20640 <criterion test_ref="oval:org.opensuse.security:tst:2009070803" comment="myspell-russian less than 20040406-28.14.3.1"/> 20641 <criterion test_ref="oval:org.opensuse.security:tst:2009070804" comment="myspell-slovak less than 20050901-20.14.3.1"/> 20642 <criterion test_ref="oval:org.opensuse.security:tst:2009070805" comment="myspell-slovene less than 20030907-54.14.3.1"/> 20643 <criterion test_ref="oval:org.opensuse.security:tst:2009070806" comment="myspell-spanish less than 20051029-20.14.3.1"/> 20644 <criterion test_ref="oval:org.opensuse.security:tst:2009070807" comment="myspell-swedish less than 20061207-1.12.3.1"/> 20645 <criterion test_ref="oval:org.opensuse.security:tst:2009070808" comment="myspell-xhosa less than 20060123-20.12.3.1"/> 20646 <criterion test_ref="oval:org.opensuse.security:tst:2009070809" comment="myspell-zulu less than 0.2-26.14.3.1"/> 20647 </criteria> 20648 </criteria> 20649 </definition> 20650 <definition id="oval:org.opensuse.security:def:20103699" version="1" class="vulnerability"> 20651 <metadata> 20652 <title>CVE-2010-3699</title> 20653 <affected family="unix"> 20654 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20655 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20656 </affected> 20657 <reference ref_id="CVE-2010-3699" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3699" source="CVE"/> 20658 <description> 20659 The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, related to (1) netback, (2) blkback, or (3) blktap. 20660 </description> 20661 </metadata> 20662 <criteria operator="OR"> 20663 <!-- 8b70aa4d05f245a4b664290a8bf4da13 --> 20664 <criteria operator="AND"> 20665 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20666 <criteria operator="OR"> 20667 <criterion test_ref="oval:org.opensuse.security:tst:2009065639" comment="kernel-bigsmp less than 2.6.16.60-0.76.8"/> 20668 <criterion test_ref="oval:org.opensuse.security:tst:2009065640" comment="kernel-default less than 2.6.16.60-0.76.8"/> 20669 <criterion test_ref="oval:org.opensuse.security:tst:2009065641" comment="kernel-smp less than 2.6.16.60-0.76.8"/> 20670 <criterion test_ref="oval:org.opensuse.security:tst:2009065642" comment="kernel-source less than 2.6.16.60-0.76.8"/> 20671 <criterion test_ref="oval:org.opensuse.security:tst:2009065643" comment="kernel-syms less than 2.6.16.60-0.76.8"/> 20672 <criterion test_ref="oval:org.opensuse.security:tst:2009065644" comment="kernel-xen less than 2.6.16.60-0.76.8"/> 20673 <criterion test_ref="oval:org.opensuse.security:tst:2009065645" comment="kernel-xenpae less than 2.6.16.60-0.76.8"/> 20674 </criteria> 20675 </criteria> 20676 <!-- f715eb6e5d39ac340637af52966bcd6e --> 20677 <criteria operator="AND"> 20678 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20679 <criteria operator="OR"> 20680 <criterion test_ref="oval:org.opensuse.security:tst:2009065640" comment="kernel-default less than 2.6.16.60-0.76.8"/> 20681 <criterion test_ref="oval:org.opensuse.security:tst:2009065641" comment="kernel-smp less than 2.6.16.60-0.76.8"/> 20682 <criterion test_ref="oval:org.opensuse.security:tst:2009065642" comment="kernel-source less than 2.6.16.60-0.76.8"/> 20683 <criterion test_ref="oval:org.opensuse.security:tst:2009065643" comment="kernel-syms less than 2.6.16.60-0.76.8"/> 20684 <criterion test_ref="oval:org.opensuse.security:tst:2009065644" comment="kernel-xen less than 2.6.16.60-0.76.8"/> 20685 </criteria> 20686 </criteria> 20687 </criteria> 20688 </definition> 20689 <definition id="oval:org.opensuse.security:def:20103702" version="1" class="vulnerability"> 20690 <metadata> 20691 <title>CVE-2010-3702</title> 20692 <affected family="unix"> 20693 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20694 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20695 </affected> 20696 <reference ref_id="CVE-2010-3702" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702" source="CVE"/> 20697 <description> 20698 The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference. 20699 </description> 20700 </metadata> 20701 <criteria operator="OR"> 20702 <!-- 119a425a677ce6074c20048f08d6bb1b --> 20703 <criteria operator="AND"> 20704 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20705 <criterion test_ref="oval:org.opensuse.security:tst:2009065317" comment="xpdf-tools less than 3.01-21.24.1"/> 20706 </criteria> 20707 <!-- 620ba2655e733f37c547ce340f0bdce6 --> 20708 <criteria operator="AND"> 20709 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20710 <criteria operator="OR"> 20711 <criterion test_ref="oval:org.opensuse.security:tst:2009070746" comment="boost-32bit less than 1.33.1-17.13.2.1"/> 20712 <criterion test_ref="oval:org.opensuse.security:tst:2009070747" comment="boost less than 1.33.1-17.13.2.1"/> 20713 <criterion test_ref="oval:org.opensuse.security:tst:2009070748" comment="libreoffice-af less than 3.3.1.2-1.6.2.2"/> 20714 <criterion test_ref="oval:org.opensuse.security:tst:2009070749" comment="libreoffice-ar less than 3.3.1.2-1.6.2.2"/> 20715 <criterion test_ref="oval:org.opensuse.security:tst:2009070750" comment="libreoffice-ca less than 3.3.1.2-1.6.2.2"/> 20716 <criterion test_ref="oval:org.opensuse.security:tst:2009070751" comment="libreoffice-cs less than 3.3.1.2-1.6.2.2"/> 20717 <criterion test_ref="oval:org.opensuse.security:tst:2009070752" comment="libreoffice-da less than 3.3.1.2-1.6.2.2"/> 20718 <criterion test_ref="oval:org.opensuse.security:tst:2009070753" comment="libreoffice-de-templates less than 8.2.1-0.5.1"/> 20719 <criterion test_ref="oval:org.opensuse.security:tst:2009070754" comment="libreoffice-de less than 3.3.1.2-1.6.2.2"/> 20720 <criterion test_ref="oval:org.opensuse.security:tst:2009070755" comment="libreoffice-el less than 3.3.1.2-1.6.2.2"/> 20721 <criterion test_ref="oval:org.opensuse.security:tst:2009070756" comment="libreoffice-en-GB less than 3.3.1.2-1.6.2.2"/> 20722 <criterion test_ref="oval:org.opensuse.security:tst:2009070757" comment="libreoffice-es less than 3.3.1.2-1.6.2.2"/> 20723 <criterion test_ref="oval:org.opensuse.security:tst:2009070758" comment="libreoffice-fi less than 3.3.1.2-1.6.2.2"/> 20724 <criterion test_ref="oval:org.opensuse.security:tst:2009070759" comment="libreoffice-fr less than 3.3.1.2-1.6.2.2"/> 20725 <criterion test_ref="oval:org.opensuse.security:tst:2009070760" comment="libreoffice-galleries less than 3.3.1.2-1.6.2.2"/> 20726 <criterion test_ref="oval:org.opensuse.security:tst:2009070761" comment="libreoffice-gnome less than 3.3.1.2-1.6.2.2"/> 20727 <criterion test_ref="oval:org.opensuse.security:tst:2009070762" comment="libreoffice-gu-IN less than 3.3.1.2-1.6.2.2"/> 20728 <criterion test_ref="oval:org.opensuse.security:tst:2009070763" comment="libreoffice-hi-IN less than 3.3.1.2-1.6.2.2"/> 20729 <criterion test_ref="oval:org.opensuse.security:tst:2009070764" comment="libreoffice-hu less than 3.3.1.2-1.6.2.2"/> 20730 <criterion test_ref="oval:org.opensuse.security:tst:2009070765" comment="libreoffice-it less than 3.3.1.2-1.6.2.2"/> 20731 <criterion test_ref="oval:org.opensuse.security:tst:2009070766" comment="libreoffice-ja less than 3.3.1.2-1.6.2.2"/> 20732 <criterion test_ref="oval:org.opensuse.security:tst:2009070767" comment="libreoffice-kde less than 3.3.1.2-1.6.2.2"/> 20733 <criterion test_ref="oval:org.opensuse.security:tst:2009070768" comment="libreoffice-ko less than 3.3.1.2-1.6.2.2"/> 20734 <criterion test_ref="oval:org.opensuse.security:tst:2009070769" comment="libreoffice-mono less than 3.3.1.2-1.6.2.2"/> 20735 <criterion test_ref="oval:org.opensuse.security:tst:2009070770" comment="libreoffice-nb less than 3.3.1.2-1.6.2.2"/> 20736 <criterion test_ref="oval:org.opensuse.security:tst:2009070771" comment="libreoffice-nl less than 3.3.1.2-1.6.2.2"/> 20737 <criterion test_ref="oval:org.opensuse.security:tst:2009070772" comment="libreoffice-nn less than 3.3.1.2-1.6.2.2"/> 20738 <criterion test_ref="oval:org.opensuse.security:tst:2009070773" comment="libreoffice-pl less than 3.3.1.2-1.6.2.2"/> 20739 <criterion test_ref="oval:org.opensuse.security:tst:2009070774" comment="libreoffice-pt-BR less than 3.3.1.2-1.6.2.2"/> 20740 <criterion test_ref="oval:org.opensuse.security:tst:2009070775" comment="libreoffice-ru less than 3.3.1.2-1.6.2.2"/> 20741 <criterion test_ref="oval:org.opensuse.security:tst:2009070776" comment="libreoffice-sk less than 3.3.1.2-1.6.2.2"/> 20742 <criterion test_ref="oval:org.opensuse.security:tst:2009070777" comment="libreoffice-sv less than 3.3.1.2-1.6.2.2"/> 20743 <criterion test_ref="oval:org.opensuse.security:tst:2009070778" comment="libreoffice-xh less than 3.3.1.2-1.6.2.2"/> 20744 <criterion test_ref="oval:org.opensuse.security:tst:2009070779" comment="libreoffice-zh-CN less than 3.3.1.2-1.6.2.2"/> 20745 <criterion test_ref="oval:org.opensuse.security:tst:2009070780" comment="libreoffice-zh-TW less than 3.3.1.2-1.6.2.2"/> 20746 <criterion test_ref="oval:org.opensuse.security:tst:2009070781" comment="libreoffice-zu less than 3.3.1.2-1.6.2.2"/> 20747 <criterion test_ref="oval:org.opensuse.security:tst:2009070782" comment="libreoffice less than 3.3.1.2-1.6.2.2"/> 20748 <criterion test_ref="oval:org.opensuse.security:tst:2009070783" comment="myspell-african less than 20040727-33.3.1"/> 20749 <criterion test_ref="oval:org.opensuse.security:tst:2009070784" comment="myspell-american less than 20040623-33.3.1"/> 20750 <criterion test_ref="oval:org.opensuse.security:tst:2009070785" comment="myspell-brazilian less than 20020806-33.3.1"/> 20751 <criterion test_ref="oval:org.opensuse.security:tst:2009070786" comment="myspell-british less than 20050526-27.3.1"/> 20752 <criterion test_ref="oval:org.opensuse.security:tst:2009070787" comment="myspell-catalan less than 0.1-248.3.1"/> 20753 <criterion test_ref="oval:org.opensuse.security:tst:2009070788" comment="myspell-czech less than 20030907-59.3.1"/> 20754 <criterion test_ref="oval:org.opensuse.security:tst:2009070789" comment="myspell-danish less than 20050421-27.3.1"/> 20755 <criterion test_ref="oval:org.opensuse.security:tst:2009070790" comment="myspell-dutch less than 20050719-22.14.3.1"/> 20756 <criterion test_ref="oval:org.opensuse.security:tst:2009070791" comment="myspell-french less than 1.0.1.1-26.14.3.1"/> 20757 <criterion test_ref="oval:org.opensuse.security:tst:2009070792" comment="myspell-german less than 20051213-19.14.3.1"/> 20758 <criterion test_ref="oval:org.opensuse.security:tst:2009070793" comment="myspell-greek less than 20041220-26.14.3.1"/> 20759 <criterion test_ref="oval:org.opensuse.security:tst:2009070794" comment="myspell-gujarati less than 20060929-20.12.3.1"/> 20760 <criterion test_ref="oval:org.opensuse.security:tst:2009070795" comment="myspell-hindi less than 0.1-20.12.3.1"/> 20761 <criterion test_ref="oval:org.opensuse.security:tst:2009070796" comment="myspell-italian less than 20050711-22.14.3.1"/> 20762 <criterion test_ref="oval:org.opensuse.security:tst:2009070797" comment="myspell-lithuanian less than 20031231-26.14.3.1"/> 20763 <criterion test_ref="oval:org.opensuse.security:tst:2009070798" comment="myspell-marathi less than 0.1-20.12.3.1"/> 20764 <criterion test_ref="oval:org.opensuse.security:tst:2009070799" comment="myspell-norsk-bokmaal less than 20050308-22.14.3.1"/> 20765 <criterion test_ref="oval:org.opensuse.security:tst:2009070800" comment="myspell-norsk-nynorsk less than 20041208-26.14.3.1"/> 20766 <criterion test_ref="oval:org.opensuse.security:tst:2009070801" comment="myspell-polish less than 20051016-20.14.3.1"/> 20767 <criterion test_ref="oval:org.opensuse.security:tst:2009070802" comment="myspell-portuguese less than 20020629-243.14.3.1"/> 20768 <criterion test_ref="oval:org.opensuse.security:tst:2009070803" comment="myspell-russian less than 20040406-28.14.3.1"/> 20769 <criterion test_ref="oval:org.opensuse.security:tst:2009070804" comment="myspell-slovak less than 20050901-20.14.3.1"/> 20770 <criterion test_ref="oval:org.opensuse.security:tst:2009070805" comment="myspell-slovene less than 20030907-54.14.3.1"/> 20771 <criterion test_ref="oval:org.opensuse.security:tst:2009070806" comment="myspell-spanish less than 20051029-20.14.3.1"/> 20772 <criterion test_ref="oval:org.opensuse.security:tst:2009070807" comment="myspell-swedish less than 20061207-1.12.3.1"/> 20773 <criterion test_ref="oval:org.opensuse.security:tst:2009070808" comment="myspell-xhosa less than 20060123-20.12.3.1"/> 20774 <criterion test_ref="oval:org.opensuse.security:tst:2009070809" comment="myspell-zulu less than 0.2-26.14.3.1"/> 20775 </criteria> 20776 </criteria> 20777 <!-- a1156f03440c35ab9d5e6925edc94791 --> 20778 <criteria operator="AND"> 20779 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20780 <criteria operator="OR"> 20781 <criterion test_ref="oval:org.opensuse.security:tst:2009064503" comment="poppler-devel less than 0.4.4-19.27.1"/> 20782 <criterion test_ref="oval:org.opensuse.security:tst:2009064504" comment="poppler-glib less than 0.4.4-19.27.1"/> 20783 <criterion test_ref="oval:org.opensuse.security:tst:2009064505" comment="poppler-qt less than 0.4.4-19.27.1"/> 20784 <criterion test_ref="oval:org.opensuse.security:tst:2009064506" comment="poppler less than 0.4.4-19.27.1"/> 20785 </criteria> 20786 </criteria> 20787 <!-- d80f195def5f87d532c424567f8d8cea --> 20788 <criteria operator="AND"> 20789 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20790 <criteria operator="OR"> 20791 <criterion test_ref="oval:org.opensuse.security:tst:2009064812" comment="cups-client less than 1.1.23-40.60.12"/> 20792 <criterion test_ref="oval:org.opensuse.security:tst:2009064813" comment="cups-devel less than 1.1.23-40.60.12"/> 20793 <criterion test_ref="oval:org.opensuse.security:tst:2009064814" comment="cups-libs-32bit less than 1.1.23-40.60.12"/> 20794 <criterion test_ref="oval:org.opensuse.security:tst:2009064815" comment="cups-libs less than 1.1.23-40.60.12"/> 20795 <criterion test_ref="oval:org.opensuse.security:tst:2009064816" comment="cups less than 1.1.23-40.60.12"/> 20796 </criteria> 20797 </criteria> 20798 <!-- e3ee5f3465bf28ff10fa73651f8a68a3 --> 20799 <criteria operator="AND"> 20800 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20801 <criteria operator="OR"> 20802 <criterion test_ref="oval:org.opensuse.security:tst:2009064972" comment="kdegraphics3-devel less than 3.5.1-23.30.4"/> 20803 <criterion test_ref="oval:org.opensuse.security:tst:2009064973" comment="kdegraphics3-fax less than 3.5.1-23.30.4"/> 20804 <criterion test_ref="oval:org.opensuse.security:tst:2009064974" comment="kdegraphics3-kamera less than 3.5.1-23.30.4"/> 20805 <criterion test_ref="oval:org.opensuse.security:tst:2009064975" comment="kdegraphics3-pdf less than 3.5.1-23.30.4"/> 20806 <criterion test_ref="oval:org.opensuse.security:tst:2009064976" comment="kdegraphics3-postscript less than 3.5.1-23.30.4"/> 20807 <criterion test_ref="oval:org.opensuse.security:tst:2009064977" comment="kdegraphics3-scan less than 3.5.1-23.30.4"/> 20808 <criterion test_ref="oval:org.opensuse.security:tst:2009064978" comment="kdegraphics3 less than 3.5.1-23.30.4"/> 20809 </criteria> 20810 </criteria> 20811 </criteria> 20812 </definition> 20813 <definition id="oval:org.opensuse.security:def:20103703" version="1" class="vulnerability"> 20814 <metadata> 20815 <title>CVE-2010-3703</title> 20816 <affected family="unix"> 20817 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20818 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20819 </affected> 20820 <reference ref_id="CVE-2010-3703" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703" source="CVE"/> 20821 <description> 20822 The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference. 20823 </description> 20824 </metadata> 20825 <criteria operator="OR"> 20826 <!-- 119a425a677ce6074c20048f08d6bb1b --> 20827 <criteria operator="AND"> 20828 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20829 <criterion test_ref="oval:org.opensuse.security:tst:2009065317" comment="xpdf-tools less than 3.01-21.24.1"/> 20830 </criteria> 20831 <!-- d80f195def5f87d532c424567f8d8cea --> 20832 <criteria operator="AND"> 20833 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20834 <criteria operator="OR"> 20835 <criterion test_ref="oval:org.opensuse.security:tst:2009064812" comment="cups-client less than 1.1.23-40.60.12"/> 20836 <criterion test_ref="oval:org.opensuse.security:tst:2009064813" comment="cups-devel less than 1.1.23-40.60.12"/> 20837 <criterion test_ref="oval:org.opensuse.security:tst:2009064814" comment="cups-libs-32bit less than 1.1.23-40.60.12"/> 20838 <criterion test_ref="oval:org.opensuse.security:tst:2009064815" comment="cups-libs less than 1.1.23-40.60.12"/> 20839 <criterion test_ref="oval:org.opensuse.security:tst:2009064816" comment="cups less than 1.1.23-40.60.12"/> 20840 </criteria> 20841 </criteria> 20842 <!-- e3ee5f3465bf28ff10fa73651f8a68a3 --> 20843 <criteria operator="AND"> 20844 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20845 <criteria operator="OR"> 20846 <criterion test_ref="oval:org.opensuse.security:tst:2009064972" comment="kdegraphics3-devel less than 3.5.1-23.30.4"/> 20847 <criterion test_ref="oval:org.opensuse.security:tst:2009064973" comment="kdegraphics3-fax less than 3.5.1-23.30.4"/> 20848 <criterion test_ref="oval:org.opensuse.security:tst:2009064974" comment="kdegraphics3-kamera less than 3.5.1-23.30.4"/> 20849 <criterion test_ref="oval:org.opensuse.security:tst:2009064975" comment="kdegraphics3-pdf less than 3.5.1-23.30.4"/> 20850 <criterion test_ref="oval:org.opensuse.security:tst:2009064976" comment="kdegraphics3-postscript less than 3.5.1-23.30.4"/> 20851 <criterion test_ref="oval:org.opensuse.security:tst:2009064977" comment="kdegraphics3-scan less than 3.5.1-23.30.4"/> 20852 <criterion test_ref="oval:org.opensuse.security:tst:2009064978" comment="kdegraphics3 less than 3.5.1-23.30.4"/> 20853 </criteria> 20854 </criteria> 20855 </criteria> 20856 </definition> 20857 <definition id="oval:org.opensuse.security:def:20103704" version="1" class="vulnerability"> 20858 <metadata> 20859 <title>CVE-2010-3704</title> 20860 <affected family="unix"> 20861 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20862 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20863 </affected> 20864 <reference ref_id="CVE-2010-3704" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704" source="CVE"/> 20865 <description> 20866 The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption. 20867 </description> 20868 </metadata> 20869 <criteria operator="OR"> 20870 <!-- 119a425a677ce6074c20048f08d6bb1b --> 20871 <criteria operator="AND"> 20872 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20873 <criterion test_ref="oval:org.opensuse.security:tst:2009065317" comment="xpdf-tools less than 3.01-21.24.1"/> 20874 </criteria> 20875 <!-- 620ba2655e733f37c547ce340f0bdce6 --> 20876 <criteria operator="AND"> 20877 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20878 <criteria operator="OR"> 20879 <criterion test_ref="oval:org.opensuse.security:tst:2009070746" comment="boost-32bit less than 1.33.1-17.13.2.1"/> 20880 <criterion test_ref="oval:org.opensuse.security:tst:2009070747" comment="boost less than 1.33.1-17.13.2.1"/> 20881 <criterion test_ref="oval:org.opensuse.security:tst:2009070748" comment="libreoffice-af less than 3.3.1.2-1.6.2.2"/> 20882 <criterion test_ref="oval:org.opensuse.security:tst:2009070749" comment="libreoffice-ar less than 3.3.1.2-1.6.2.2"/> 20883 <criterion test_ref="oval:org.opensuse.security:tst:2009070750" comment="libreoffice-ca less than 3.3.1.2-1.6.2.2"/> 20884 <criterion test_ref="oval:org.opensuse.security:tst:2009070751" comment="libreoffice-cs less than 3.3.1.2-1.6.2.2"/> 20885 <criterion test_ref="oval:org.opensuse.security:tst:2009070752" comment="libreoffice-da less than 3.3.1.2-1.6.2.2"/> 20886 <criterion test_ref="oval:org.opensuse.security:tst:2009070753" comment="libreoffice-de-templates less than 8.2.1-0.5.1"/> 20887 <criterion test_ref="oval:org.opensuse.security:tst:2009070754" comment="libreoffice-de less than 3.3.1.2-1.6.2.2"/> 20888 <criterion test_ref="oval:org.opensuse.security:tst:2009070755" comment="libreoffice-el less than 3.3.1.2-1.6.2.2"/> 20889 <criterion test_ref="oval:org.opensuse.security:tst:2009070756" comment="libreoffice-en-GB less than 3.3.1.2-1.6.2.2"/> 20890 <criterion test_ref="oval:org.opensuse.security:tst:2009070757" comment="libreoffice-es less than 3.3.1.2-1.6.2.2"/> 20891 <criterion test_ref="oval:org.opensuse.security:tst:2009070758" comment="libreoffice-fi less than 3.3.1.2-1.6.2.2"/> 20892 <criterion test_ref="oval:org.opensuse.security:tst:2009070759" comment="libreoffice-fr less than 3.3.1.2-1.6.2.2"/> 20893 <criterion test_ref="oval:org.opensuse.security:tst:2009070760" comment="libreoffice-galleries less than 3.3.1.2-1.6.2.2"/> 20894 <criterion test_ref="oval:org.opensuse.security:tst:2009070761" comment="libreoffice-gnome less than 3.3.1.2-1.6.2.2"/> 20895 <criterion test_ref="oval:org.opensuse.security:tst:2009070762" comment="libreoffice-gu-IN less than 3.3.1.2-1.6.2.2"/> 20896 <criterion test_ref="oval:org.opensuse.security:tst:2009070763" comment="libreoffice-hi-IN less than 3.3.1.2-1.6.2.2"/> 20897 <criterion test_ref="oval:org.opensuse.security:tst:2009070764" comment="libreoffice-hu less than 3.3.1.2-1.6.2.2"/> 20898 <criterion test_ref="oval:org.opensuse.security:tst:2009070765" comment="libreoffice-it less than 3.3.1.2-1.6.2.2"/> 20899 <criterion test_ref="oval:org.opensuse.security:tst:2009070766" comment="libreoffice-ja less than 3.3.1.2-1.6.2.2"/> 20900 <criterion test_ref="oval:org.opensuse.security:tst:2009070767" comment="libreoffice-kde less than 3.3.1.2-1.6.2.2"/> 20901 <criterion test_ref="oval:org.opensuse.security:tst:2009070768" comment="libreoffice-ko less than 3.3.1.2-1.6.2.2"/> 20902 <criterion test_ref="oval:org.opensuse.security:tst:2009070769" comment="libreoffice-mono less than 3.3.1.2-1.6.2.2"/> 20903 <criterion test_ref="oval:org.opensuse.security:tst:2009070770" comment="libreoffice-nb less than 3.3.1.2-1.6.2.2"/> 20904 <criterion test_ref="oval:org.opensuse.security:tst:2009070771" comment="libreoffice-nl less than 3.3.1.2-1.6.2.2"/> 20905 <criterion test_ref="oval:org.opensuse.security:tst:2009070772" comment="libreoffice-nn less than 3.3.1.2-1.6.2.2"/> 20906 <criterion test_ref="oval:org.opensuse.security:tst:2009070773" comment="libreoffice-pl less than 3.3.1.2-1.6.2.2"/> 20907 <criterion test_ref="oval:org.opensuse.security:tst:2009070774" comment="libreoffice-pt-BR less than 3.3.1.2-1.6.2.2"/> 20908 <criterion test_ref="oval:org.opensuse.security:tst:2009070775" comment="libreoffice-ru less than 3.3.1.2-1.6.2.2"/> 20909 <criterion test_ref="oval:org.opensuse.security:tst:2009070776" comment="libreoffice-sk less than 3.3.1.2-1.6.2.2"/> 20910 <criterion test_ref="oval:org.opensuse.security:tst:2009070777" comment="libreoffice-sv less than 3.3.1.2-1.6.2.2"/> 20911 <criterion test_ref="oval:org.opensuse.security:tst:2009070778" comment="libreoffice-xh less than 3.3.1.2-1.6.2.2"/> 20912 <criterion test_ref="oval:org.opensuse.security:tst:2009070779" comment="libreoffice-zh-CN less than 3.3.1.2-1.6.2.2"/> 20913 <criterion test_ref="oval:org.opensuse.security:tst:2009070780" comment="libreoffice-zh-TW less than 3.3.1.2-1.6.2.2"/> 20914 <criterion test_ref="oval:org.opensuse.security:tst:2009070781" comment="libreoffice-zu less than 3.3.1.2-1.6.2.2"/> 20915 <criterion test_ref="oval:org.opensuse.security:tst:2009070782" comment="libreoffice less than 3.3.1.2-1.6.2.2"/> 20916 <criterion test_ref="oval:org.opensuse.security:tst:2009070783" comment="myspell-african less than 20040727-33.3.1"/> 20917 <criterion test_ref="oval:org.opensuse.security:tst:2009070784" comment="myspell-american less than 20040623-33.3.1"/> 20918 <criterion test_ref="oval:org.opensuse.security:tst:2009070785" comment="myspell-brazilian less than 20020806-33.3.1"/> 20919 <criterion test_ref="oval:org.opensuse.security:tst:2009070786" comment="myspell-british less than 20050526-27.3.1"/> 20920 <criterion test_ref="oval:org.opensuse.security:tst:2009070787" comment="myspell-catalan less than 0.1-248.3.1"/> 20921 <criterion test_ref="oval:org.opensuse.security:tst:2009070788" comment="myspell-czech less than 20030907-59.3.1"/> 20922 <criterion test_ref="oval:org.opensuse.security:tst:2009070789" comment="myspell-danish less than 20050421-27.3.1"/> 20923 <criterion test_ref="oval:org.opensuse.security:tst:2009070790" comment="myspell-dutch less than 20050719-22.14.3.1"/> 20924 <criterion test_ref="oval:org.opensuse.security:tst:2009070791" comment="myspell-french less than 1.0.1.1-26.14.3.1"/> 20925 <criterion test_ref="oval:org.opensuse.security:tst:2009070792" comment="myspell-german less than 20051213-19.14.3.1"/> 20926 <criterion test_ref="oval:org.opensuse.security:tst:2009070793" comment="myspell-greek less than 20041220-26.14.3.1"/> 20927 <criterion test_ref="oval:org.opensuse.security:tst:2009070794" comment="myspell-gujarati less than 20060929-20.12.3.1"/> 20928 <criterion test_ref="oval:org.opensuse.security:tst:2009070795" comment="myspell-hindi less than 0.1-20.12.3.1"/> 20929 <criterion test_ref="oval:org.opensuse.security:tst:2009070796" comment="myspell-italian less than 20050711-22.14.3.1"/> 20930 <criterion test_ref="oval:org.opensuse.security:tst:2009070797" comment="myspell-lithuanian less than 20031231-26.14.3.1"/> 20931 <criterion test_ref="oval:org.opensuse.security:tst:2009070798" comment="myspell-marathi less than 0.1-20.12.3.1"/> 20932 <criterion test_ref="oval:org.opensuse.security:tst:2009070799" comment="myspell-norsk-bokmaal less than 20050308-22.14.3.1"/> 20933 <criterion test_ref="oval:org.opensuse.security:tst:2009070800" comment="myspell-norsk-nynorsk less than 20041208-26.14.3.1"/> 20934 <criterion test_ref="oval:org.opensuse.security:tst:2009070801" comment="myspell-polish less than 20051016-20.14.3.1"/> 20935 <criterion test_ref="oval:org.opensuse.security:tst:2009070802" comment="myspell-portuguese less than 20020629-243.14.3.1"/> 20936 <criterion test_ref="oval:org.opensuse.security:tst:2009070803" comment="myspell-russian less than 20040406-28.14.3.1"/> 20937 <criterion test_ref="oval:org.opensuse.security:tst:2009070804" comment="myspell-slovak less than 20050901-20.14.3.1"/> 20938 <criterion test_ref="oval:org.opensuse.security:tst:2009070805" comment="myspell-slovene less than 20030907-54.14.3.1"/> 20939 <criterion test_ref="oval:org.opensuse.security:tst:2009070806" comment="myspell-spanish less than 20051029-20.14.3.1"/> 20940 <criterion test_ref="oval:org.opensuse.security:tst:2009070807" comment="myspell-swedish less than 20061207-1.12.3.1"/> 20941 <criterion test_ref="oval:org.opensuse.security:tst:2009070808" comment="myspell-xhosa less than 20060123-20.12.3.1"/> 20942 <criterion test_ref="oval:org.opensuse.security:tst:2009070809" comment="myspell-zulu less than 0.2-26.14.3.1"/> 20943 </criteria> 20944 </criteria> 20945 <!-- e3ee5f3465bf28ff10fa73651f8a68a3 --> 20946 <criteria operator="AND"> 20947 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20948 <criteria operator="OR"> 20949 <criterion test_ref="oval:org.opensuse.security:tst:2009064972" comment="kdegraphics3-devel less than 3.5.1-23.30.4"/> 20950 <criterion test_ref="oval:org.opensuse.security:tst:2009064973" comment="kdegraphics3-fax less than 3.5.1-23.30.4"/> 20951 <criterion test_ref="oval:org.opensuse.security:tst:2009064974" comment="kdegraphics3-kamera less than 3.5.1-23.30.4"/> 20952 <criterion test_ref="oval:org.opensuse.security:tst:2009064975" comment="kdegraphics3-pdf less than 3.5.1-23.30.4"/> 20953 <criterion test_ref="oval:org.opensuse.security:tst:2009064976" comment="kdegraphics3-postscript less than 3.5.1-23.30.4"/> 20954 <criterion test_ref="oval:org.opensuse.security:tst:2009064977" comment="kdegraphics3-scan less than 3.5.1-23.30.4"/> 20955 <criterion test_ref="oval:org.opensuse.security:tst:2009064978" comment="kdegraphics3 less than 3.5.1-23.30.4"/> 20956 </criteria> 20957 </criteria> 20958 </criteria> 20959 </definition> 20960 <definition id="oval:org.opensuse.security:def:20103711" version="1" class="vulnerability"> 20961 <metadata> 20962 <title>CVE-2010-3711</title> 20963 <affected family="unix"> 20964 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 20965 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 20966 </affected> 20967 <reference ref_id="CVE-2010-3711" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3711" source="CVE"/> 20968 <description> 20969 libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted message, related to the plugins for MSN, MySpaceIM, XMPP, and Yahoo! and the NTLM authentication support. 20970 </description> 20971 </metadata> 20972 <!-- b2065553568c70babb437af6b08cc06e --> 20973 <criteria operator="AND"> 20974 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 20975 <criteria operator="OR"> 20976 <criterion test_ref="oval:org.opensuse.security:tst:2009071813" comment="finch less than 2.6.6-0.10.1"/> 20977 <criterion test_ref="oval:org.opensuse.security:tst:2009071814" comment="libpurple less than 2.6.6-0.10.1"/> 20978 <criterion test_ref="oval:org.opensuse.security:tst:2009071815" comment="pidgin less than 2.6.6-0.10.1"/> 20979 </criteria> 20980 </criteria> 20981 </definition> 20982 <definition id="oval:org.opensuse.security:def:20103766" version="1" class="vulnerability"> 20983 <metadata> 20984 <title>CVE-2010-3766</title> 20985 <affected family="unix"> 20986 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 20987 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 20988 </affected> 20989 <reference ref_id="CVE-2010-3766" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3766" source="CVE"/> 20990 <description> 20991 Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via vectors involving a change to an nsDOMAttribute node. 20992 </description> 20993 </metadata> 20994 <!-- 61e0860309635831b6c4f3a30dccd608 --> 20995 <criteria operator="AND"> 20996 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 20997 <criteria operator="OR"> 20998 <criterion test_ref="oval:org.opensuse.security:tst:2009065407" comment="MozillaFirefox-translations less than 3.5.16-0.4.1"/> 20999 <criterion test_ref="oval:org.opensuse.security:tst:2009065408" comment="MozillaFirefox less than 3.5.16-0.4.1"/> 21000 <criterion test_ref="oval:org.opensuse.security:tst:2009065409" comment="mozilla-xulrunner191-32bit less than 1.9.1.16-0.4.1"/> 21001 <criterion test_ref="oval:org.opensuse.security:tst:2009065410" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.16-0.4.1"/> 21002 <criterion test_ref="oval:org.opensuse.security:tst:2009065411" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.16-0.4.1"/> 21003 <criterion test_ref="oval:org.opensuse.security:tst:2009065412" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.16-0.4.1"/> 21004 <criterion test_ref="oval:org.opensuse.security:tst:2009065413" comment="mozilla-xulrunner191-translations less than 1.9.1.16-0.4.1"/> 21005 <criterion test_ref="oval:org.opensuse.security:tst:2009065414" comment="mozilla-xulrunner191 less than 1.9.1.16-0.4.1"/> 21006 </criteria> 21007 </criteria> 21008 </definition> 21009 <definition id="oval:org.opensuse.security:def:20103767" version="1" class="vulnerability"> 21010 <metadata> 21011 <title>CVE-2010-3767</title> 21012 <affected family="unix"> 21013 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21014 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21015 </affected> 21016 <reference ref_id="CVE-2010-3767" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3767" source="CVE"/> 21017 <description> 21018 Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via a JavaScript array with many elements. 21019 </description> 21020 </metadata> 21021 <!-- 61e0860309635831b6c4f3a30dccd608 --> 21022 <criteria operator="AND"> 21023 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21024 <criteria operator="OR"> 21025 <criterion test_ref="oval:org.opensuse.security:tst:2009065407" comment="MozillaFirefox-translations less than 3.5.16-0.4.1"/> 21026 <criterion test_ref="oval:org.opensuse.security:tst:2009065408" comment="MozillaFirefox less than 3.5.16-0.4.1"/> 21027 <criterion test_ref="oval:org.opensuse.security:tst:2009065409" comment="mozilla-xulrunner191-32bit less than 1.9.1.16-0.4.1"/> 21028 <criterion test_ref="oval:org.opensuse.security:tst:2009065410" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.16-0.4.1"/> 21029 <criterion test_ref="oval:org.opensuse.security:tst:2009065411" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.16-0.4.1"/> 21030 <criterion test_ref="oval:org.opensuse.security:tst:2009065412" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.16-0.4.1"/> 21031 <criterion test_ref="oval:org.opensuse.security:tst:2009065413" comment="mozilla-xulrunner191-translations less than 1.9.1.16-0.4.1"/> 21032 <criterion test_ref="oval:org.opensuse.security:tst:2009065414" comment="mozilla-xulrunner191 less than 1.9.1.16-0.4.1"/> 21033 </criteria> 21034 </criteria> 21035 </definition> 21036 <definition id="oval:org.opensuse.security:def:20103768" version="1" class="vulnerability"> 21037 <metadata> 21038 <title>CVE-2010-3768</title> 21039 <affected family="unix"> 21040 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21041 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21042 </affected> 21043 <reference ref_id="CVE-2010-3768" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3768" source="CVE"/> 21044 <description> 21045 Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets (CSS) rules. 21046 </description> 21047 </metadata> 21048 <!-- 61e0860309635831b6c4f3a30dccd608 --> 21049 <criteria operator="AND"> 21050 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21051 <criteria operator="OR"> 21052 <criterion test_ref="oval:org.opensuse.security:tst:2009065407" comment="MozillaFirefox-translations less than 3.5.16-0.4.1"/> 21053 <criterion test_ref="oval:org.opensuse.security:tst:2009065408" comment="MozillaFirefox less than 3.5.16-0.4.1"/> 21054 <criterion test_ref="oval:org.opensuse.security:tst:2009065409" comment="mozilla-xulrunner191-32bit less than 1.9.1.16-0.4.1"/> 21055 <criterion test_ref="oval:org.opensuse.security:tst:2009065410" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.16-0.4.1"/> 21056 <criterion test_ref="oval:org.opensuse.security:tst:2009065411" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.16-0.4.1"/> 21057 <criterion test_ref="oval:org.opensuse.security:tst:2009065412" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.16-0.4.1"/> 21058 <criterion test_ref="oval:org.opensuse.security:tst:2009065413" comment="mozilla-xulrunner191-translations less than 1.9.1.16-0.4.1"/> 21059 <criterion test_ref="oval:org.opensuse.security:tst:2009065414" comment="mozilla-xulrunner191 less than 1.9.1.16-0.4.1"/> 21060 </criteria> 21061 </criteria> 21062 </definition> 21063 <definition id="oval:org.opensuse.security:def:20103769" version="1" class="vulnerability"> 21064 <metadata> 21065 <title>CVE-2010-3769</title> 21066 <affected family="unix"> 21067 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21068 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21069 </affected> 21070 <reference ref_id="CVE-2010-3769" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3769" source="CVE"/> 21071 <description> 21072 The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers to execute arbitrary code via a crafted document.write call that triggers a buffer over-read. 21073 </description> 21074 </metadata> 21075 <!-- 61e0860309635831b6c4f3a30dccd608 --> 21076 <criteria operator="AND"> 21077 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21078 <criteria operator="OR"> 21079 <criterion test_ref="oval:org.opensuse.security:tst:2009065407" comment="MozillaFirefox-translations less than 3.5.16-0.4.1"/> 21080 <criterion test_ref="oval:org.opensuse.security:tst:2009065408" comment="MozillaFirefox less than 3.5.16-0.4.1"/> 21081 <criterion test_ref="oval:org.opensuse.security:tst:2009065409" comment="mozilla-xulrunner191-32bit less than 1.9.1.16-0.4.1"/> 21082 <criterion test_ref="oval:org.opensuse.security:tst:2009065410" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.16-0.4.1"/> 21083 <criterion test_ref="oval:org.opensuse.security:tst:2009065411" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.16-0.4.1"/> 21084 <criterion test_ref="oval:org.opensuse.security:tst:2009065412" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.16-0.4.1"/> 21085 <criterion test_ref="oval:org.opensuse.security:tst:2009065413" comment="mozilla-xulrunner191-translations less than 1.9.1.16-0.4.1"/> 21086 <criterion test_ref="oval:org.opensuse.security:tst:2009065414" comment="mozilla-xulrunner191 less than 1.9.1.16-0.4.1"/> 21087 </criteria> 21088 </criteria> 21089 </definition> 21090 <definition id="oval:org.opensuse.security:def:20103770" version="1" class="vulnerability"> 21091 <metadata> 21092 <title>CVE-2010-3770</title> 21093 <affected family="unix"> 21094 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21095 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21096 </affected> 21097 <reference ref_id="CVE-2010-3770" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3770" source="CVE"/> 21098 <description> 21099 Multiple cross-site scripting (XSS) vulnerabilities in the rendering engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allow remote attackers to inject arbitrary web script or HTML via (1) x-mac-arabic, (2) x-mac-farsi, or (3) x-mac-hebrew characters that may be converted to angle brackets during rendering. 21100 </description> 21101 </metadata> 21102 <!-- 61e0860309635831b6c4f3a30dccd608 --> 21103 <criteria operator="AND"> 21104 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21105 <criteria operator="OR"> 21106 <criterion test_ref="oval:org.opensuse.security:tst:2009065407" comment="MozillaFirefox-translations less than 3.5.16-0.4.1"/> 21107 <criterion test_ref="oval:org.opensuse.security:tst:2009065408" comment="MozillaFirefox less than 3.5.16-0.4.1"/> 21108 <criterion test_ref="oval:org.opensuse.security:tst:2009065409" comment="mozilla-xulrunner191-32bit less than 1.9.1.16-0.4.1"/> 21109 <criterion test_ref="oval:org.opensuse.security:tst:2009065410" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.16-0.4.1"/> 21110 <criterion test_ref="oval:org.opensuse.security:tst:2009065411" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.16-0.4.1"/> 21111 <criterion test_ref="oval:org.opensuse.security:tst:2009065412" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.16-0.4.1"/> 21112 <criterion test_ref="oval:org.opensuse.security:tst:2009065413" comment="mozilla-xulrunner191-translations less than 1.9.1.16-0.4.1"/> 21113 <criterion test_ref="oval:org.opensuse.security:tst:2009065414" comment="mozilla-xulrunner191 less than 1.9.1.16-0.4.1"/> 21114 </criteria> 21115 </criteria> 21116 </definition> 21117 <definition id="oval:org.opensuse.security:def:20103771" version="1" class="vulnerability"> 21118 <metadata> 21119 <title>CVE-2010-3771</title> 21120 <affected family="unix"> 21121 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21122 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21123 </affected> 21124 <reference ref_id="CVE-2010-3771" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3771" source="CVE"/> 21125 <description> 21126 Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to redirection to a chrome: URI. 21127 </description> 21128 </metadata> 21129 <!-- 61e0860309635831b6c4f3a30dccd608 --> 21130 <criteria operator="AND"> 21131 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21132 <criteria operator="OR"> 21133 <criterion test_ref="oval:org.opensuse.security:tst:2009065407" comment="MozillaFirefox-translations less than 3.5.16-0.4.1"/> 21134 <criterion test_ref="oval:org.opensuse.security:tst:2009065408" comment="MozillaFirefox less than 3.5.16-0.4.1"/> 21135 <criterion test_ref="oval:org.opensuse.security:tst:2009065409" comment="mozilla-xulrunner191-32bit less than 1.9.1.16-0.4.1"/> 21136 <criterion test_ref="oval:org.opensuse.security:tst:2009065410" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.16-0.4.1"/> 21137 <criterion test_ref="oval:org.opensuse.security:tst:2009065411" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.16-0.4.1"/> 21138 <criterion test_ref="oval:org.opensuse.security:tst:2009065412" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.16-0.4.1"/> 21139 <criterion test_ref="oval:org.opensuse.security:tst:2009065413" comment="mozilla-xulrunner191-translations less than 1.9.1.16-0.4.1"/> 21140 <criterion test_ref="oval:org.opensuse.security:tst:2009065414" comment="mozilla-xulrunner191 less than 1.9.1.16-0.4.1"/> 21141 </criteria> 21142 </criteria> 21143 </definition> 21144 <definition id="oval:org.opensuse.security:def:20103772" version="1" class="vulnerability"> 21145 <metadata> 21146 <title>CVE-2010-3772</title> 21147 <affected family="unix"> 21148 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21149 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21150 </affected> 21151 <reference ref_id="CVE-2010-3772" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3772" source="CVE"/> 21152 <description> 21153 Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to execute arbitrary code via vectors involving a DIV element within a treechildren element. 21154 </description> 21155 </metadata> 21156 <!-- 61e0860309635831b6c4f3a30dccd608 --> 21157 <criteria operator="AND"> 21158 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21159 <criteria operator="OR"> 21160 <criterion test_ref="oval:org.opensuse.security:tst:2009065407" comment="MozillaFirefox-translations less than 3.5.16-0.4.1"/> 21161 <criterion test_ref="oval:org.opensuse.security:tst:2009065408" comment="MozillaFirefox less than 3.5.16-0.4.1"/> 21162 <criterion test_ref="oval:org.opensuse.security:tst:2009065409" comment="mozilla-xulrunner191-32bit less than 1.9.1.16-0.4.1"/> 21163 <criterion test_ref="oval:org.opensuse.security:tst:2009065410" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.16-0.4.1"/> 21164 <criterion test_ref="oval:org.opensuse.security:tst:2009065411" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.16-0.4.1"/> 21165 <criterion test_ref="oval:org.opensuse.security:tst:2009065412" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.16-0.4.1"/> 21166 <criterion test_ref="oval:org.opensuse.security:tst:2009065413" comment="mozilla-xulrunner191-translations less than 1.9.1.16-0.4.1"/> 21167 <criterion test_ref="oval:org.opensuse.security:tst:2009065414" comment="mozilla-xulrunner191 less than 1.9.1.16-0.4.1"/> 21168 </criteria> 21169 </criteria> 21170 </definition> 21171 <definition id="oval:org.opensuse.security:def:20103773" version="1" class="vulnerability"> 21172 <metadata> 21173 <title>CVE-2010-3773</title> 21174 <affected family="unix"> 21175 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21176 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21177 </affected> 21178 <reference ref_id="CVE-2010-3773" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3773" source="CVE"/> 21179 <description> 21180 Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0179. 21181 </description> 21182 </metadata> 21183 <!-- 61e0860309635831b6c4f3a30dccd608 --> 21184 <criteria operator="AND"> 21185 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21186 <criteria operator="OR"> 21187 <criterion test_ref="oval:org.opensuse.security:tst:2009065407" comment="MozillaFirefox-translations less than 3.5.16-0.4.1"/> 21188 <criterion test_ref="oval:org.opensuse.security:tst:2009065408" comment="MozillaFirefox less than 3.5.16-0.4.1"/> 21189 <criterion test_ref="oval:org.opensuse.security:tst:2009065409" comment="mozilla-xulrunner191-32bit less than 1.9.1.16-0.4.1"/> 21190 <criterion test_ref="oval:org.opensuse.security:tst:2009065410" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.16-0.4.1"/> 21191 <criterion test_ref="oval:org.opensuse.security:tst:2009065411" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.16-0.4.1"/> 21192 <criterion test_ref="oval:org.opensuse.security:tst:2009065412" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.16-0.4.1"/> 21193 <criterion test_ref="oval:org.opensuse.security:tst:2009065413" comment="mozilla-xulrunner191-translations less than 1.9.1.16-0.4.1"/> 21194 <criterion test_ref="oval:org.opensuse.security:tst:2009065414" comment="mozilla-xulrunner191 less than 1.9.1.16-0.4.1"/> 21195 </criteria> 21196 </criteria> 21197 </definition> 21198 <definition id="oval:org.opensuse.security:def:20103774" version="1" class="vulnerability"> 21199 <metadata> 21200 <title>CVE-2010-3774</title> 21201 <affected family="unix"> 21202 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21203 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21204 </affected> 21205 <reference ref_id="CVE-2010-3774" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3774" source="CVE"/> 21206 <description> 21207 The NS_SecurityCompareURIs function in netwerk/base/public/nsNetUtil.h in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle (1) about:neterror and (2) about:certerror pages, which allows remote attackers to spoof the location bar via a crafted web site. 21208 </description> 21209 </metadata> 21210 <!-- 61e0860309635831b6c4f3a30dccd608 --> 21211 <criteria operator="AND"> 21212 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21213 <criteria operator="OR"> 21214 <criterion test_ref="oval:org.opensuse.security:tst:2009065407" comment="MozillaFirefox-translations less than 3.5.16-0.4.1"/> 21215 <criterion test_ref="oval:org.opensuse.security:tst:2009065408" comment="MozillaFirefox less than 3.5.16-0.4.1"/> 21216 <criterion test_ref="oval:org.opensuse.security:tst:2009065409" comment="mozilla-xulrunner191-32bit less than 1.9.1.16-0.4.1"/> 21217 <criterion test_ref="oval:org.opensuse.security:tst:2009065410" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.16-0.4.1"/> 21218 <criterion test_ref="oval:org.opensuse.security:tst:2009065411" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.16-0.4.1"/> 21219 <criterion test_ref="oval:org.opensuse.security:tst:2009065412" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.16-0.4.1"/> 21220 <criterion test_ref="oval:org.opensuse.security:tst:2009065413" comment="mozilla-xulrunner191-translations less than 1.9.1.16-0.4.1"/> 21221 <criterion test_ref="oval:org.opensuse.security:tst:2009065414" comment="mozilla-xulrunner191 less than 1.9.1.16-0.4.1"/> 21222 </criteria> 21223 </criteria> 21224 </definition> 21225 <definition id="oval:org.opensuse.security:def:20103775" version="1" class="vulnerability"> 21226 <metadata> 21227 <title>CVE-2010-3775</title> 21228 <affected family="unix"> 21229 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21230 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21231 </affected> 21232 <reference ref_id="CVE-2010-3775" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3775" source="CVE"/> 21233 <description> 21234 Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle certain redirections involving data: URLs and Java LiveConnect scripts, which allows remote attackers to start processes, read arbitrary local files, and establish network connections via vectors involving a refresh value in the http-equiv attribute of a META element, which causes the wrong security principal to be used. 21235 </description> 21236 </metadata> 21237 <!-- 61e0860309635831b6c4f3a30dccd608 --> 21238 <criteria operator="AND"> 21239 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21240 <criteria operator="OR"> 21241 <criterion test_ref="oval:org.opensuse.security:tst:2009065407" comment="MozillaFirefox-translations less than 3.5.16-0.4.1"/> 21242 <criterion test_ref="oval:org.opensuse.security:tst:2009065408" comment="MozillaFirefox less than 3.5.16-0.4.1"/> 21243 <criterion test_ref="oval:org.opensuse.security:tst:2009065409" comment="mozilla-xulrunner191-32bit less than 1.9.1.16-0.4.1"/> 21244 <criterion test_ref="oval:org.opensuse.security:tst:2009065410" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.16-0.4.1"/> 21245 <criterion test_ref="oval:org.opensuse.security:tst:2009065411" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.16-0.4.1"/> 21246 <criterion test_ref="oval:org.opensuse.security:tst:2009065412" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.16-0.4.1"/> 21247 <criterion test_ref="oval:org.opensuse.security:tst:2009065413" comment="mozilla-xulrunner191-translations less than 1.9.1.16-0.4.1"/> 21248 <criterion test_ref="oval:org.opensuse.security:tst:2009065414" comment="mozilla-xulrunner191 less than 1.9.1.16-0.4.1"/> 21249 </criteria> 21250 </criteria> 21251 </definition> 21252 <definition id="oval:org.opensuse.security:def:20103776" version="1" class="vulnerability"> 21253 <metadata> 21254 <title>CVE-2010-3776</title> 21255 <affected family="unix"> 21256 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21257 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21258 </affected> 21259 <reference ref_id="CVE-2010-3776" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3776" source="CVE"/> 21260 <description> 21261 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 21262 </description> 21263 </metadata> 21264 <!-- 61e0860309635831b6c4f3a30dccd608 --> 21265 <criteria operator="AND"> 21266 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21267 <criteria operator="OR"> 21268 <criterion test_ref="oval:org.opensuse.security:tst:2009065407" comment="MozillaFirefox-translations less than 3.5.16-0.4.1"/> 21269 <criterion test_ref="oval:org.opensuse.security:tst:2009065408" comment="MozillaFirefox less than 3.5.16-0.4.1"/> 21270 <criterion test_ref="oval:org.opensuse.security:tst:2009065409" comment="mozilla-xulrunner191-32bit less than 1.9.1.16-0.4.1"/> 21271 <criterion test_ref="oval:org.opensuse.security:tst:2009065410" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.16-0.4.1"/> 21272 <criterion test_ref="oval:org.opensuse.security:tst:2009065411" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.16-0.4.1"/> 21273 <criterion test_ref="oval:org.opensuse.security:tst:2009065412" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.16-0.4.1"/> 21274 <criterion test_ref="oval:org.opensuse.security:tst:2009065413" comment="mozilla-xulrunner191-translations less than 1.9.1.16-0.4.1"/> 21275 <criterion test_ref="oval:org.opensuse.security:tst:2009065414" comment="mozilla-xulrunner191 less than 1.9.1.16-0.4.1"/> 21276 </criteria> 21277 </criteria> 21278 </definition> 21279 <definition id="oval:org.opensuse.security:def:20103777" version="1" class="vulnerability"> 21280 <metadata> 21281 <title>CVE-2010-3777</title> 21282 <affected family="unix"> 21283 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21284 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21285 </affected> 21286 <reference ref_id="CVE-2010-3777" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3777" source="CVE"/> 21287 <description> 21288 Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and Thunderbird 3.1.x before 3.1.7 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 21289 </description> 21290 </metadata> 21291 <criteria operator="OR"> 21292 <!-- 61e0860309635831b6c4f3a30dccd608 --> 21293 <criteria operator="AND"> 21294 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21295 <criteria operator="OR"> 21296 <criterion test_ref="oval:org.opensuse.security:tst:2009065407" comment="MozillaFirefox-translations less than 3.5.16-0.4.1"/> 21297 <criterion test_ref="oval:org.opensuse.security:tst:2009065408" comment="MozillaFirefox less than 3.5.16-0.4.1"/> 21298 <criterion test_ref="oval:org.opensuse.security:tst:2009065409" comment="mozilla-xulrunner191-32bit less than 1.9.1.16-0.4.1"/> 21299 <criterion test_ref="oval:org.opensuse.security:tst:2009065410" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.16-0.4.1"/> 21300 <criterion test_ref="oval:org.opensuse.security:tst:2009065411" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.16-0.4.1"/> 21301 <criterion test_ref="oval:org.opensuse.security:tst:2009065412" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.16-0.4.1"/> 21302 <criterion test_ref="oval:org.opensuse.security:tst:2009065413" comment="mozilla-xulrunner191-translations less than 1.9.1.16-0.4.1"/> 21303 <criterion test_ref="oval:org.opensuse.security:tst:2009065414" comment="mozilla-xulrunner191 less than 1.9.1.16-0.4.1"/> 21304 </criteria> 21305 </criteria> 21306 <!-- dfc1c9be3c028f9bbbf92255dc104ab5 --> 21307 <criteria operator="AND"> 21308 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21309 <criteria operator="OR"> 21310 <criterion test_ref="oval:org.opensuse.security:tst:2009066124" comment="mozilla-xulrunner191-32bit less than 1.9.1.17-0.5.1"/> 21311 <criterion test_ref="oval:org.opensuse.security:tst:2009066125" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.17-0.5.1"/> 21312 <criterion test_ref="oval:org.opensuse.security:tst:2009066126" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.17-0.5.1"/> 21313 <criterion test_ref="oval:org.opensuse.security:tst:2009066127" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.17-0.5.1"/> 21314 <criterion test_ref="oval:org.opensuse.security:tst:2009066128" comment="mozilla-xulrunner191-translations less than 1.9.1.17-0.5.1"/> 21315 <criterion test_ref="oval:org.opensuse.security:tst:2009066129" comment="mozilla-xulrunner191 less than 1.9.1.17-0.5.1"/> 21316 </criteria> 21317 </criteria> 21318 </criteria> 21319 </definition> 21320 <definition id="oval:org.opensuse.security:def:20103778" version="1" class="vulnerability"> 21321 <metadata> 21322 <title>CVE-2010-3778</title> 21323 <affected family="unix"> 21324 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21325 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21326 </affected> 21327 <reference ref_id="CVE-2010-3778" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3778" source="CVE"/> 21328 <description> 21329 Unspecified vulnerability in Mozilla Firefox 3.5.x before 3.5.16, Thunderbird before 3.0.11, and SeaMonkey before 2.0.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 21330 </description> 21331 </metadata> 21332 <!-- 61e0860309635831b6c4f3a30dccd608 --> 21333 <criteria operator="AND"> 21334 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21335 <criteria operator="OR"> 21336 <criterion test_ref="oval:org.opensuse.security:tst:2009065407" comment="MozillaFirefox-translations less than 3.5.16-0.4.1"/> 21337 <criterion test_ref="oval:org.opensuse.security:tst:2009065408" comment="MozillaFirefox less than 3.5.16-0.4.1"/> 21338 <criterion test_ref="oval:org.opensuse.security:tst:2009065409" comment="mozilla-xulrunner191-32bit less than 1.9.1.16-0.4.1"/> 21339 <criterion test_ref="oval:org.opensuse.security:tst:2009065410" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.16-0.4.1"/> 21340 <criterion test_ref="oval:org.opensuse.security:tst:2009065411" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.16-0.4.1"/> 21341 <criterion test_ref="oval:org.opensuse.security:tst:2009065412" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.16-0.4.1"/> 21342 <criterion test_ref="oval:org.opensuse.security:tst:2009065413" comment="mozilla-xulrunner191-translations less than 1.9.1.16-0.4.1"/> 21343 <criterion test_ref="oval:org.opensuse.security:tst:2009065414" comment="mozilla-xulrunner191 less than 1.9.1.16-0.4.1"/> 21344 </criteria> 21345 </criteria> 21346 </definition> 21347 <definition id="oval:org.opensuse.security:def:20103814" version="1" class="vulnerability"> 21348 <metadata> 21349 <title>CVE-2010-3814</title> 21350 <affected family="unix"> 21351 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21352 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21353 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 21354 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 21355 </affected> 21356 <reference ref_id="CVE-2010-3814" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3814" source="CVE"/> 21357 <description> 21358 Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in FreeType 2.4.3 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SHZ bytecode instruction, related to TrueType opcodes, as demonstrated by a PDF document with a crafted embedded font. 21359 </description> 21360 </metadata> 21361 <criteria operator="OR"> 21362 <!-- 8e613813376cd82ca7e15523f13bfa7e --> 21363 <criteria operator="AND"> 21364 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21365 <criteria operator="OR"> 21366 <criterion test_ref="oval:org.opensuse.security:tst:2009067752" comment="freetype2-32bit less than 2.1.10-18.25.11"/> 21367 <criterion test_ref="oval:org.opensuse.security:tst:2009067753" comment="freetype2-devel-32bit less than 2.1.10-18.25.11"/> 21368 <criterion test_ref="oval:org.opensuse.security:tst:2009067754" comment="freetype2-devel less than 2.1.10-18.25.11"/> 21369 <criterion test_ref="oval:org.opensuse.security:tst:2009067755" comment="freetype2 less than 2.1.10-18.25.11"/> 21370 </criteria> 21371 </criteria> 21372 <!-- a4b2ad9796d6e3860ce0ff169310f2cd --> 21373 <criteria operator="AND"> 21374 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 21375 <criteria operator="OR"> 21376 <criterion test_ref="oval:org.opensuse.security:tst:2009067752" comment="freetype2-32bit less than 2.1.10-18.25.11"/> 21377 <criterion test_ref="oval:org.opensuse.security:tst:2009067753" comment="freetype2-devel-32bit less than 2.1.10-18.25.11"/> 21378 <criterion test_ref="oval:org.opensuse.security:tst:2009067754" comment="freetype2-devel less than 2.1.10-18.25.11"/> 21379 <criterion test_ref="oval:org.opensuse.security:tst:2009067755" comment="freetype2 less than 2.1.10-18.25.11"/> 21380 </criteria> 21381 </criteria> 21382 </criteria> 21383 </definition> 21384 <definition id="oval:org.opensuse.security:def:20103847" version="1" class="vulnerability"> 21385 <metadata> 21386 <title>CVE-2010-3847</title> 21387 <affected family="unix"> 21388 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21389 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21390 </affected> 21391 <reference ref_id="CVE-2010-3847" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847" source="CVE"/> 21392 <description> 21393 elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory. 21394 </description> 21395 </metadata> 21396 <!-- a7e1bffd1e2cae6bb5c9bbff3d3f9de2 --> 21397 <criteria operator="AND"> 21398 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21399 <criteria operator="OR"> 21400 <criterion test_ref="oval:org.opensuse.security:tst:2009070508" comment="glibc-32bit less than 2.4-31.77.76.1"/> 21401 <criterion test_ref="oval:org.opensuse.security:tst:2009070509" comment="glibc-devel-32bit less than 2.4-31.77.76.1"/> 21402 <criterion test_ref="oval:org.opensuse.security:tst:2009070510" comment="glibc-devel less than 2.4-31.77.76.1"/> 21403 <criterion test_ref="oval:org.opensuse.security:tst:2009070511" comment="glibc-html less than 2.4-31.77.76.1"/> 21404 <criterion test_ref="oval:org.opensuse.security:tst:2009070512" comment="glibc-i18ndata less than 2.4-31.77.76.1"/> 21405 <criterion test_ref="oval:org.opensuse.security:tst:2009070513" comment="glibc-info less than 2.4-31.77.76.1"/> 21406 <criterion test_ref="oval:org.opensuse.security:tst:2009070514" comment="glibc-locale-32bit less than 2.4-31.77.76.1"/> 21407 <criterion test_ref="oval:org.opensuse.security:tst:2009070515" comment="glibc-locale less than 2.4-31.77.76.1"/> 21408 <criterion test_ref="oval:org.opensuse.security:tst:2009070516" comment="glibc less than 2.4-31.77.76.1"/> 21409 <criterion test_ref="oval:org.opensuse.security:tst:2009070517" comment="nscd less than 2.4-31.77.76.1"/> 21410 </criteria> 21411 </criteria> 21412 </definition> 21413 <definition id="oval:org.opensuse.security:def:20103848" version="1" class="vulnerability"> 21414 <metadata> 21415 <title>CVE-2010-3848</title> 21416 <affected family="unix"> 21417 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21418 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21419 </affected> 21420 <reference ref_id="CVE-2010-3848" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3848" source="CVE"/> 21421 <description> 21422 Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures. 21423 </description> 21424 </metadata> 21425 <criteria operator="OR"> 21426 <!-- 8b70aa4d05f245a4b664290a8bf4da13 --> 21427 <criteria operator="AND"> 21428 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21429 <criteria operator="OR"> 21430 <criterion test_ref="oval:org.opensuse.security:tst:2009065639" comment="kernel-bigsmp less than 2.6.16.60-0.76.8"/> 21431 <criterion test_ref="oval:org.opensuse.security:tst:2009065640" comment="kernel-default less than 2.6.16.60-0.76.8"/> 21432 <criterion test_ref="oval:org.opensuse.security:tst:2009065641" comment="kernel-smp less than 2.6.16.60-0.76.8"/> 21433 <criterion test_ref="oval:org.opensuse.security:tst:2009065642" comment="kernel-source less than 2.6.16.60-0.76.8"/> 21434 <criterion test_ref="oval:org.opensuse.security:tst:2009065643" comment="kernel-syms less than 2.6.16.60-0.76.8"/> 21435 <criterion test_ref="oval:org.opensuse.security:tst:2009065644" comment="kernel-xen less than 2.6.16.60-0.76.8"/> 21436 <criterion test_ref="oval:org.opensuse.security:tst:2009065645" comment="kernel-xenpae less than 2.6.16.60-0.76.8"/> 21437 </criteria> 21438 </criteria> 21439 <!-- f715eb6e5d39ac340637af52966bcd6e --> 21440 <criteria operator="AND"> 21441 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21442 <criteria operator="OR"> 21443 <criterion test_ref="oval:org.opensuse.security:tst:2009065640" comment="kernel-default less than 2.6.16.60-0.76.8"/> 21444 <criterion test_ref="oval:org.opensuse.security:tst:2009065641" comment="kernel-smp less than 2.6.16.60-0.76.8"/> 21445 <criterion test_ref="oval:org.opensuse.security:tst:2009065642" comment="kernel-source less than 2.6.16.60-0.76.8"/> 21446 <criterion test_ref="oval:org.opensuse.security:tst:2009065643" comment="kernel-syms less than 2.6.16.60-0.76.8"/> 21447 <criterion test_ref="oval:org.opensuse.security:tst:2009065644" comment="kernel-xen less than 2.6.16.60-0.76.8"/> 21448 </criteria> 21449 </criteria> 21450 </criteria> 21451 </definition> 21452 <definition id="oval:org.opensuse.security:def:20103849" version="1" class="vulnerability"> 21453 <metadata> 21454 <title>CVE-2010-3849</title> 21455 <affected family="unix"> 21456 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21457 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21458 </affected> 21459 <reference ref_id="CVE-2010-3849" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3849" source="CVE"/> 21460 <description> 21461 The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a NULL value for the remote address field. 21462 </description> 21463 </metadata> 21464 <criteria operator="OR"> 21465 <!-- 8b70aa4d05f245a4b664290a8bf4da13 --> 21466 <criteria operator="AND"> 21467 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21468 <criteria operator="OR"> 21469 <criterion test_ref="oval:org.opensuse.security:tst:2009065639" comment="kernel-bigsmp less than 2.6.16.60-0.76.8"/> 21470 <criterion test_ref="oval:org.opensuse.security:tst:2009065640" comment="kernel-default less than 2.6.16.60-0.76.8"/> 21471 <criterion test_ref="oval:org.opensuse.security:tst:2009065641" comment="kernel-smp less than 2.6.16.60-0.76.8"/> 21472 <criterion test_ref="oval:org.opensuse.security:tst:2009065642" comment="kernel-source less than 2.6.16.60-0.76.8"/> 21473 <criterion test_ref="oval:org.opensuse.security:tst:2009065643" comment="kernel-syms less than 2.6.16.60-0.76.8"/> 21474 <criterion test_ref="oval:org.opensuse.security:tst:2009065644" comment="kernel-xen less than 2.6.16.60-0.76.8"/> 21475 <criterion test_ref="oval:org.opensuse.security:tst:2009065645" comment="kernel-xenpae less than 2.6.16.60-0.76.8"/> 21476 </criteria> 21477 </criteria> 21478 <!-- f715eb6e5d39ac340637af52966bcd6e --> 21479 <criteria operator="AND"> 21480 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21481 <criteria operator="OR"> 21482 <criterion test_ref="oval:org.opensuse.security:tst:2009065640" comment="kernel-default less than 2.6.16.60-0.76.8"/> 21483 <criterion test_ref="oval:org.opensuse.security:tst:2009065641" comment="kernel-smp less than 2.6.16.60-0.76.8"/> 21484 <criterion test_ref="oval:org.opensuse.security:tst:2009065642" comment="kernel-source less than 2.6.16.60-0.76.8"/> 21485 <criterion test_ref="oval:org.opensuse.security:tst:2009065643" comment="kernel-syms less than 2.6.16.60-0.76.8"/> 21486 <criterion test_ref="oval:org.opensuse.security:tst:2009065644" comment="kernel-xen less than 2.6.16.60-0.76.8"/> 21487 </criteria> 21488 </criteria> 21489 </criteria> 21490 </definition> 21491 <definition id="oval:org.opensuse.security:def:20103850" version="1" class="vulnerability"> 21492 <metadata> 21493 <title>CVE-2010-3850</title> 21494 <affected family="unix"> 21495 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21496 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21497 </affected> 21498 <reference ref_id="CVE-2010-3850" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3850" source="CVE"/> 21499 <description> 21500 The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call. 21501 </description> 21502 </metadata> 21503 <criteria operator="OR"> 21504 <!-- 8b70aa4d05f245a4b664290a8bf4da13 --> 21505 <criteria operator="AND"> 21506 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21507 <criteria operator="OR"> 21508 <criterion test_ref="oval:org.opensuse.security:tst:2009065639" comment="kernel-bigsmp less than 2.6.16.60-0.76.8"/> 21509 <criterion test_ref="oval:org.opensuse.security:tst:2009065640" comment="kernel-default less than 2.6.16.60-0.76.8"/> 21510 <criterion test_ref="oval:org.opensuse.security:tst:2009065641" comment="kernel-smp less than 2.6.16.60-0.76.8"/> 21511 <criterion test_ref="oval:org.opensuse.security:tst:2009065642" comment="kernel-source less than 2.6.16.60-0.76.8"/> 21512 <criterion test_ref="oval:org.opensuse.security:tst:2009065643" comment="kernel-syms less than 2.6.16.60-0.76.8"/> 21513 <criterion test_ref="oval:org.opensuse.security:tst:2009065644" comment="kernel-xen less than 2.6.16.60-0.76.8"/> 21514 <criterion test_ref="oval:org.opensuse.security:tst:2009065645" comment="kernel-xenpae less than 2.6.16.60-0.76.8"/> 21515 </criteria> 21516 </criteria> 21517 <!-- f715eb6e5d39ac340637af52966bcd6e --> 21518 <criteria operator="AND"> 21519 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21520 <criteria operator="OR"> 21521 <criterion test_ref="oval:org.opensuse.security:tst:2009065640" comment="kernel-default less than 2.6.16.60-0.76.8"/> 21522 <criterion test_ref="oval:org.opensuse.security:tst:2009065641" comment="kernel-smp less than 2.6.16.60-0.76.8"/> 21523 <criterion test_ref="oval:org.opensuse.security:tst:2009065642" comment="kernel-source less than 2.6.16.60-0.76.8"/> 21524 <criterion test_ref="oval:org.opensuse.security:tst:2009065643" comment="kernel-syms less than 2.6.16.60-0.76.8"/> 21525 <criterion test_ref="oval:org.opensuse.security:tst:2009065644" comment="kernel-xen less than 2.6.16.60-0.76.8"/> 21526 </criteria> 21527 </criteria> 21528 </criteria> 21529 </definition> 21530 <definition id="oval:org.opensuse.security:def:20103855" version="1" class="vulnerability"> 21531 <metadata> 21532 <title>CVE-2010-3855</title> 21533 <affected family="unix"> 21534 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21535 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21536 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 21537 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 21538 </affected> 21539 <reference ref_id="CVE-2010-3855" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3855" source="CVE"/> 21540 <description> 21541 Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font. 21542 </description> 21543 </metadata> 21544 <criteria operator="OR"> 21545 <!-- 8e613813376cd82ca7e15523f13bfa7e --> 21546 <criteria operator="AND"> 21547 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21548 <criteria operator="OR"> 21549 <criterion test_ref="oval:org.opensuse.security:tst:2009067752" comment="freetype2-32bit less than 2.1.10-18.25.11"/> 21550 <criterion test_ref="oval:org.opensuse.security:tst:2009067753" comment="freetype2-devel-32bit less than 2.1.10-18.25.11"/> 21551 <criterion test_ref="oval:org.opensuse.security:tst:2009067754" comment="freetype2-devel less than 2.1.10-18.25.11"/> 21552 <criterion test_ref="oval:org.opensuse.security:tst:2009067755" comment="freetype2 less than 2.1.10-18.25.11"/> 21553 </criteria> 21554 </criteria> 21555 <!-- a4b2ad9796d6e3860ce0ff169310f2cd --> 21556 <criteria operator="AND"> 21557 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 21558 <criteria operator="OR"> 21559 <criterion test_ref="oval:org.opensuse.security:tst:2009067752" comment="freetype2-32bit less than 2.1.10-18.25.11"/> 21560 <criterion test_ref="oval:org.opensuse.security:tst:2009067753" comment="freetype2-devel-32bit less than 2.1.10-18.25.11"/> 21561 <criterion test_ref="oval:org.opensuse.security:tst:2009067754" comment="freetype2-devel less than 2.1.10-18.25.11"/> 21562 <criterion test_ref="oval:org.opensuse.security:tst:2009067755" comment="freetype2 less than 2.1.10-18.25.11"/> 21563 </criteria> 21564 </criteria> 21565 </criteria> 21566 </definition> 21567 <definition id="oval:org.opensuse.security:def:20103856" version="1" class="vulnerability"> 21568 <metadata> 21569 <title>CVE-2010-3856</title> 21570 <affected family="unix"> 21571 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21572 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21573 </affected> 21574 <reference ref_id="CVE-2010-3856" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856" source="CVE"/> 21575 <description> 21576 ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so. 21577 </description> 21578 </metadata> 21579 <!-- a7e1bffd1e2cae6bb5c9bbff3d3f9de2 --> 21580 <criteria operator="AND"> 21581 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21582 <criteria operator="OR"> 21583 <criterion test_ref="oval:org.opensuse.security:tst:2009070508" comment="glibc-32bit less than 2.4-31.77.76.1"/> 21584 <criterion test_ref="oval:org.opensuse.security:tst:2009070509" comment="glibc-devel-32bit less than 2.4-31.77.76.1"/> 21585 <criterion test_ref="oval:org.opensuse.security:tst:2009070510" comment="glibc-devel less than 2.4-31.77.76.1"/> 21586 <criterion test_ref="oval:org.opensuse.security:tst:2009070511" comment="glibc-html less than 2.4-31.77.76.1"/> 21587 <criterion test_ref="oval:org.opensuse.security:tst:2009070512" comment="glibc-i18ndata less than 2.4-31.77.76.1"/> 21588 <criterion test_ref="oval:org.opensuse.security:tst:2009070513" comment="glibc-info less than 2.4-31.77.76.1"/> 21589 <criterion test_ref="oval:org.opensuse.security:tst:2009070514" comment="glibc-locale-32bit less than 2.4-31.77.76.1"/> 21590 <criterion test_ref="oval:org.opensuse.security:tst:2009070515" comment="glibc-locale less than 2.4-31.77.76.1"/> 21591 <criterion test_ref="oval:org.opensuse.security:tst:2009070516" comment="glibc less than 2.4-31.77.76.1"/> 21592 <criterion test_ref="oval:org.opensuse.security:tst:2009070517" comment="nscd less than 2.4-31.77.76.1"/> 21593 </criteria> 21594 </criteria> 21595 </definition> 21596 <definition id="oval:org.opensuse.security:def:20103873" version="1" class="vulnerability"> 21597 <metadata> 21598 <title>CVE-2010-3873</title> 21599 <affected family="unix"> 21600 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 21601 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 21602 </affected> 21603 <reference ref_id="CVE-2010-3873" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3873" source="CVE"/> 21604 <description> 21605 The X.25 implementation in the Linux kernel before 2.6.36.2 does not properly parse facilities, which allows remote attackers to cause a denial of service (heap memory corruption and panic) or possibly have unspecified other impact via malformed (1) X25_FAC_CALLING_AE or (2) X25_FAC_CALLED_AE data, related to net/x25/x25_facilities.c and net/x25/x25_in.c, a different vulnerability than CVE-2010-4164. 21606 </description> 21607 </metadata> 21608 <criteria operator="OR"> 21609 <!-- 04c790b378855fb45cf8fbe69ba4bbc1 --> 21610 <criteria operator="AND"> 21611 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 21612 <criteria operator="OR"> 21613 <criterion test_ref="oval:org.opensuse.security:tst:2009072709" comment="kernel-bigsmp less than 2.6.16.60-0.93.1"/> 21614 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 21615 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 21616 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 21617 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 21618 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 21619 <criterion test_ref="oval:org.opensuse.security:tst:2009072715" comment="kernel-xenpae less than 2.6.16.60-0.93.1"/> 21620 </criteria> 21621 </criteria> 21622 <!-- 2a3c70bd23d91ad0dd11094f7e71f27a --> 21623 <criteria operator="AND"> 21624 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 21625 <criteria operator="OR"> 21626 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 21627 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 21628 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 21629 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 21630 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 21631 </criteria> 21632 </criteria> 21633 </criteria> 21634 </definition> 21635 <definition id="oval:org.opensuse.security:def:20103875" version="1" class="vulnerability"> 21636 <metadata> 21637 <title>CVE-2010-3875</title> 21638 <affected family="unix"> 21639 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21640 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21641 </affected> 21642 <reference ref_id="CVE-2010-3875" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3875" source="CVE"/> 21643 <description> 21644 The ax25_getname function in net/ax25/af_ax25.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this structure. 21645 </description> 21646 </metadata> 21647 <criteria operator="OR"> 21648 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 21649 <criteria operator="AND"> 21650 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21651 <criteria operator="OR"> 21652 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 21653 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 21654 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 21655 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 21656 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 21657 </criteria> 21658 </criteria> 21659 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 21660 <criteria operator="AND"> 21661 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21662 <criteria operator="OR"> 21663 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 21664 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 21665 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 21666 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 21667 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 21668 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 21669 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 21670 </criteria> 21671 </criteria> 21672 </criteria> 21673 </definition> 21674 <definition id="oval:org.opensuse.security:def:20103876" version="1" class="vulnerability"> 21675 <metadata> 21676 <title>CVE-2010-3876</title> 21677 <affected family="unix"> 21678 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21679 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21680 </affected> 21681 <reference ref_id="CVE-2010-3876" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3876" source="CVE"/> 21682 <description> 21683 net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to read copies of the applicable structures. 21684 </description> 21685 </metadata> 21686 <criteria operator="OR"> 21687 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 21688 <criteria operator="AND"> 21689 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21690 <criteria operator="OR"> 21691 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 21692 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 21693 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 21694 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 21695 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 21696 </criteria> 21697 </criteria> 21698 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 21699 <criteria operator="AND"> 21700 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21701 <criteria operator="OR"> 21702 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 21703 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 21704 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 21705 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 21706 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 21707 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 21708 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 21709 </criteria> 21710 </criteria> 21711 </criteria> 21712 </definition> 21713 <definition id="oval:org.opensuse.security:def:20103877" version="1" class="vulnerability"> 21714 <metadata> 21715 <title>CVE-2010-3877</title> 21716 <affected family="unix"> 21717 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21718 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21719 </affected> 21720 <reference ref_id="CVE-2010-3877" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3877" source="CVE"/> 21721 <description> 21722 The get_name function in net/tipc/socket.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this structure. 21723 </description> 21724 </metadata> 21725 <criteria operator="OR"> 21726 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 21727 <criteria operator="AND"> 21728 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21729 <criteria operator="OR"> 21730 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 21731 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 21732 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 21733 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 21734 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 21735 </criteria> 21736 </criteria> 21737 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 21738 <criteria operator="AND"> 21739 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21740 <criteria operator="OR"> 21741 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 21742 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 21743 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 21744 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 21745 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 21746 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 21747 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 21748 </criteria> 21749 </criteria> 21750 </criteria> 21751 </definition> 21752 <definition id="oval:org.opensuse.security:def:20103879" version="1" class="vulnerability"> 21753 <metadata> 21754 <title>CVE-2010-3879</title> 21755 <affected family="unix"> 21756 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21757 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21758 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 21759 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 21760 </affected> 21761 <reference ref_id="CVE-2010-3879" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3879" source="CVE"/> 21762 <description> 21763 FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-0789. 21764 </description> 21765 </metadata> 21766 <criteria operator="OR"> 21767 <!-- 7b2fb9f684a28e8120a1bdce990ad5fe --> 21768 <criteria operator="AND"> 21769 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21770 <criteria operator="OR"> 21771 <criterion test_ref="oval:org.opensuse.security:tst:2009066711" comment="fuse-devel less than 2.7.2-15.10.11.1"/> 21772 <criterion test_ref="oval:org.opensuse.security:tst:2009066712" comment="fuse less than 2.7.2-15.10.11.1"/> 21773 <criterion test_ref="oval:org.opensuse.security:tst:2009066713" comment="libfuse2 less than 2.7.2-15.10.11.1"/> 21774 <criterion test_ref="oval:org.opensuse.security:tst:2009066714" comment="util-linux less than 2.12r-35.41.43.7"/> 21775 </criteria> 21776 </criteria> 21777 <!-- 9844c158be14e3a6350b6dbf6348ca73 --> 21778 <criteria operator="AND"> 21779 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 21780 <criteria operator="OR"> 21781 <criterion test_ref="oval:org.opensuse.security:tst:2009067089" comment="fuse-devel less than 2.7.2-15.10.11.10"/> 21782 <criterion test_ref="oval:org.opensuse.security:tst:2009067090" comment="fuse less than 2.7.2-15.10.11.10"/> 21783 <criterion test_ref="oval:org.opensuse.security:tst:2009067091" comment="libfuse2 less than 2.7.2-15.10.11.10"/> 21784 </criteria> 21785 </criteria> 21786 </criteria> 21787 </definition> 21788 <definition id="oval:org.opensuse.security:def:20103912" version="1" class="vulnerability"> 21789 <metadata> 21790 <title>CVE-2010-3912</title> 21791 <affected family="unix"> 21792 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21793 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21794 </affected> 21795 <reference ref_id="CVE-2010-3912" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3912" source="CVE"/> 21796 <description> 21797 The supportconfig script in supportutils in SUSE Linux Enterprise 11 SP1 and 10 SP3 does not "disguise passwords" in configuration files, which has unknown impact and attack vectors. 21798 </description> 21799 </metadata> 21800 <!-- e7adf72b8c900fa6fdfde03604b70e7b --> 21801 <criteria operator="AND"> 21802 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21803 <criterion test_ref="oval:org.opensuse.security:tst:2009065453" comment="supportutils less than 1.20-0.7.6.1"/> 21804 </criteria> 21805 </definition> 21806 <definition id="oval:org.opensuse.security:def:20104008" version="1" class="vulnerability"> 21807 <metadata> 21808 <title>CVE-2010-4008</title> 21809 <affected family="unix"> 21810 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21811 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21812 </affected> 21813 <reference ref_id="CVE-2010-4008" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008" source="CVE"/> 21814 <description> 21815 libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. 21816 </description> 21817 </metadata> 21818 <!-- 3efe402116f13a34d20f8da17a6118fb --> 21819 <criteria operator="AND"> 21820 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21821 <criteria operator="OR"> 21822 <criterion test_ref="oval:org.opensuse.security:tst:2009064589" comment="libxml2-32bit less than 2.6.23-15.23.13"/> 21823 <criterion test_ref="oval:org.opensuse.security:tst:2009064590" comment="libxml2-devel-32bit less than 2.6.23-15.23.13"/> 21824 <criterion test_ref="oval:org.opensuse.security:tst:2009064591" comment="libxml2-devel less than 2.6.23-15.23.13"/> 21825 <criterion test_ref="oval:org.opensuse.security:tst:2009064592" comment="libxml2 less than 2.6.23-15.23.13"/> 21826 </criteria> 21827 </criteria> 21828 </definition> 21829 <definition id="oval:org.opensuse.security:def:20104014" version="1" class="vulnerability"> 21830 <metadata> 21831 <title>CVE-2010-4014</title> 21832 <affected family="unix"> 21833 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21834 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21835 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 21836 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 21837 </affected> 21838 <reference ref_id="CVE-2010-4014" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4014" source="CVE"/> 21839 <description> 21840 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 21841 </description> 21842 </metadata> 21843 <criteria operator="OR"> 21844 <!-- 21568d23e4ef4a4e89013a0702d00426 --> 21845 <criteria operator="AND"> 21846 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21847 <criteria operator="OR"> 21848 <criterion test_ref="oval:org.opensuse.security:tst:2009066643" comment="postgresql-devel less than 8.1.22-0.6.1"/> 21849 <criterion test_ref="oval:org.opensuse.security:tst:2009066644" comment="postgresql-libs-32bit less than 8.1.22-0.6.1"/> 21850 <criterion test_ref="oval:org.opensuse.security:tst:2009066645" comment="postgresql-libs less than 8.1.22-0.6.1"/> 21851 </criteria> 21852 </criteria> 21853 <!-- 5109394251782bc1cad672fa0c8120a9 --> 21854 <criteria operator="AND"> 21855 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 21856 <criteria operator="OR"> 21857 <criterion test_ref="oval:org.opensuse.security:tst:2009067092" comment="postgresql-devel less than 8.1.22-0.6.4"/> 21858 <criterion test_ref="oval:org.opensuse.security:tst:2009067093" comment="postgresql-libs-32bit less than 8.1.22-0.6.4"/> 21859 <criterion test_ref="oval:org.opensuse.security:tst:2009067094" comment="postgresql-libs less than 8.1.22-0.6.4"/> 21860 </criteria> 21861 </criteria> 21862 </criteria> 21863 </definition> 21864 <definition id="oval:org.opensuse.security:def:20104015" version="1" class="vulnerability"> 21865 <metadata> 21866 <title>CVE-2010-4015</title> 21867 <affected family="unix"> 21868 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21869 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21870 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 21871 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 21872 </affected> 21873 <reference ref_id="CVE-2010-4015" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015" source="CVE"/> 21874 <description> 21875 Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions. 21876 </description> 21877 </metadata> 21878 <criteria operator="OR"> 21879 <!-- 21568d23e4ef4a4e89013a0702d00426 --> 21880 <criteria operator="AND"> 21881 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21882 <criteria operator="OR"> 21883 <criterion test_ref="oval:org.opensuse.security:tst:2009066643" comment="postgresql-devel less than 8.1.22-0.6.1"/> 21884 <criterion test_ref="oval:org.opensuse.security:tst:2009066644" comment="postgresql-libs-32bit less than 8.1.22-0.6.1"/> 21885 <criterion test_ref="oval:org.opensuse.security:tst:2009066645" comment="postgresql-libs less than 8.1.22-0.6.1"/> 21886 </criteria> 21887 </criteria> 21888 <!-- 5109394251782bc1cad672fa0c8120a9 --> 21889 <criteria operator="AND"> 21890 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 21891 <criteria operator="OR"> 21892 <criterion test_ref="oval:org.opensuse.security:tst:2009067092" comment="postgresql-devel less than 8.1.22-0.6.4"/> 21893 <criterion test_ref="oval:org.opensuse.security:tst:2009067093" comment="postgresql-libs-32bit less than 8.1.22-0.6.4"/> 21894 <criterion test_ref="oval:org.opensuse.security:tst:2009067094" comment="postgresql-libs less than 8.1.22-0.6.4"/> 21895 </criteria> 21896 </criteria> 21897 </criteria> 21898 </definition> 21899 <definition id="oval:org.opensuse.security:def:20104020" version="1" class="vulnerability"> 21900 <metadata> 21901 <title>CVE-2010-4020</title> 21902 <affected family="unix"> 21903 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21904 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21905 </affected> 21906 <reference ref_id="CVE-2010-4020" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4020" source="CVE"/> 21907 <description> 21908 MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 key-derivation checksums, which might allow remote authenticated users to forge a (1) AD-SIGNEDPATH or (2) AD-KDC-ISSUED signature, and possibly gain privileges, by leveraging the small key space that results from certain one-byte stream-cipher operations. 21909 </description> 21910 </metadata> 21911 <!-- d0d5ba0d668fb6a84e2d0628a4a483b9 --> 21912 <criteria operator="AND"> 21913 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21914 <criteria operator="OR"> 21915 <criterion test_ref="oval:org.opensuse.security:tst:2009065137" comment="krb5-32bit less than 1.4.3-19.47.1"/> 21916 <criterion test_ref="oval:org.opensuse.security:tst:2009065138" comment="krb5-client less than 1.4.3-19.47.1"/> 21917 <criterion test_ref="oval:org.opensuse.security:tst:2009065139" comment="krb5-devel-32bit less than 1.4.3-19.47.1"/> 21918 <criterion test_ref="oval:org.opensuse.security:tst:2009065140" comment="krb5-devel less than 1.4.3-19.47.1"/> 21919 <criterion test_ref="oval:org.opensuse.security:tst:2009065141" comment="krb5 less than 1.4.3-19.47.1"/> 21920 </criteria> 21921 </criteria> 21922 </definition> 21923 <definition id="oval:org.opensuse.security:def:20104021" version="1" class="vulnerability"> 21924 <metadata> 21925 <title>CVE-2010-4021</title> 21926 <affected family="unix"> 21927 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21928 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21929 </affected> 21930 <reference ref_id="CVE-2010-4021" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4021" source="CVE"/> 21931 <description> 21932 The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a client by rewriting an inner request, aka a "KrbFastReq forgery issue." 21933 </description> 21934 </metadata> 21935 <!-- d0d5ba0d668fb6a84e2d0628a4a483b9 --> 21936 <criteria operator="AND"> 21937 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21938 <criteria operator="OR"> 21939 <criterion test_ref="oval:org.opensuse.security:tst:2009065137" comment="krb5-32bit less than 1.4.3-19.47.1"/> 21940 <criterion test_ref="oval:org.opensuse.security:tst:2009065138" comment="krb5-client less than 1.4.3-19.47.1"/> 21941 <criterion test_ref="oval:org.opensuse.security:tst:2009065139" comment="krb5-devel-32bit less than 1.4.3-19.47.1"/> 21942 <criterion test_ref="oval:org.opensuse.security:tst:2009065140" comment="krb5-devel less than 1.4.3-19.47.1"/> 21943 <criterion test_ref="oval:org.opensuse.security:tst:2009065141" comment="krb5 less than 1.4.3-19.47.1"/> 21944 </criteria> 21945 </criteria> 21946 </definition> 21947 <definition id="oval:org.opensuse.security:def:20104054" version="1" class="vulnerability"> 21948 <metadata> 21949 <title>CVE-2010-4054</title> 21950 <affected family="unix"> 21951 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 21952 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 21953 </affected> 21954 <reference ref_id="CVE-2010-4054" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4054" source="CVE"/> 21955 <description> 21956 The gs_type2_interpret function in Ghostscript allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) via crafted font data in a compressed data stream, aka bug 691043. 21957 </description> 21958 </metadata> 21959 <!-- ed33b07c67b3e3c685b564c2b6d267ec --> 21960 <criteria operator="AND"> 21961 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 21962 <criteria operator="OR"> 21963 <criterion test_ref="oval:org.opensuse.security:tst:2009073813" comment="ghostscript-fonts-other less than 8.15.4-16.14.1"/> 21964 <criterion test_ref="oval:org.opensuse.security:tst:2009073814" comment="ghostscript-fonts-std less than 8.15.4-16.14.1"/> 21965 <criterion test_ref="oval:org.opensuse.security:tst:2009073815" comment="ghostscript-library less than 8.15.4-16.14.1"/> 21966 <criterion test_ref="oval:org.opensuse.security:tst:2009073816" comment="ghostscript-x11 less than 8.15.4-16.14.1"/> 21967 <criterion test_ref="oval:org.opensuse.security:tst:2009073817" comment="libgimpprint less than 4.2.7-62.14.1"/> 21968 </criteria> 21969 </criteria> 21970 </definition> 21971 <definition id="oval:org.opensuse.security:def:20104072" version="1" class="vulnerability"> 21972 <metadata> 21973 <title>CVE-2010-4072</title> 21974 <affected family="unix"> 21975 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 21976 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 21977 </affected> 21978 <reference ref_id="CVE-2010-4072" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4072" source="CVE"/> 21979 <description> 21980 The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the "old shm interface." 21981 </description> 21982 </metadata> 21983 <criteria operator="OR"> 21984 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 21985 <criteria operator="AND"> 21986 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 21987 <criteria operator="OR"> 21988 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 21989 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 21990 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 21991 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 21992 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 21993 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 21994 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 21995 </criteria> 21996 </criteria> 21997 <!-- 674eb707cae3a31be66788e116641a9a --> 21998 <criteria operator="AND"> 21999 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22000 <criteria operator="OR"> 22001 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22002 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22003 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22004 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22005 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22006 </criteria> 22007 </criteria> 22008 </criteria> 22009 </definition> 22010 <definition id="oval:org.opensuse.security:def:20104073" version="1" class="vulnerability"> 22011 <metadata> 22012 <title>CVE-2010-4073</title> 22013 <affected family="unix"> 22014 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22015 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22016 </affected> 22017 <reference ref_id="CVE-2010-4073" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4073" source="CVE"/> 22018 <description> 22019 The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3) compat_sys_shmctl functions in ipc/compat.c; and the (4) compat_sys_mq_open and (5) compat_sys_mq_getsetattr functions in ipc/compat_mq.c. 22020 </description> 22021 </metadata> 22022 <criteria operator="OR"> 22023 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 22024 <criteria operator="AND"> 22025 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22026 <criteria operator="OR"> 22027 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 22028 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22029 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22030 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22031 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22032 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22033 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 22034 </criteria> 22035 </criteria> 22036 <!-- 674eb707cae3a31be66788e116641a9a --> 22037 <criteria operator="AND"> 22038 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22039 <criteria operator="OR"> 22040 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22041 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22042 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22043 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22044 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22045 </criteria> 22046 </criteria> 22047 </criteria> 22048 </definition> 22049 <definition id="oval:org.opensuse.security:def:20104075" version="1" class="vulnerability"> 22050 <metadata> 22051 <title>CVE-2010-4075</title> 22052 <affected family="unix"> 22053 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22054 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22055 </affected> 22056 <reference ref_id="CVE-2010-4075" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4075" source="CVE"/> 22057 <description> 22058 The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. 22059 </description> 22060 </metadata> 22061 <criteria operator="OR"> 22062 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 22063 <criteria operator="AND"> 22064 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22065 <criteria operator="OR"> 22066 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 22067 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 22068 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 22069 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 22070 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 22071 </criteria> 22072 </criteria> 22073 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 22074 <criteria operator="AND"> 22075 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22076 <criteria operator="OR"> 22077 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 22078 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 22079 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 22080 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 22081 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 22082 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 22083 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 22084 </criteria> 22085 </criteria> 22086 </criteria> 22087 </definition> 22088 <definition id="oval:org.opensuse.security:def:20104076" version="1" class="vulnerability"> 22089 <metadata> 22090 <title>CVE-2010-4076</title> 22091 <affected family="unix"> 22092 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22093 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22094 </affected> 22095 <reference ref_id="CVE-2010-4076" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4076" source="CVE"/> 22096 <description> 22097 The rs_ioctl function in drivers/char/amiserial.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. 22098 </description> 22099 </metadata> 22100 <criteria operator="OR"> 22101 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 22102 <criteria operator="AND"> 22103 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22104 <criteria operator="OR"> 22105 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 22106 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 22107 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 22108 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 22109 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 22110 </criteria> 22111 </criteria> 22112 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 22113 <criteria operator="AND"> 22114 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22115 <criteria operator="OR"> 22116 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 22117 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 22118 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 22119 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 22120 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 22121 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 22122 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 22123 </criteria> 22124 </criteria> 22125 </criteria> 22126 </definition> 22127 <definition id="oval:org.opensuse.security:def:20104077" version="1" class="vulnerability"> 22128 <metadata> 22129 <title>CVE-2010-4077</title> 22130 <affected family="unix"> 22131 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22132 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22133 </affected> 22134 <reference ref_id="CVE-2010-4077" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4077" source="CVE"/> 22135 <description> 22136 The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. 22137 </description> 22138 </metadata> 22139 <criteria operator="OR"> 22140 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 22141 <criteria operator="AND"> 22142 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22143 <criteria operator="OR"> 22144 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 22145 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 22146 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 22147 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 22148 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 22149 </criteria> 22150 </criteria> 22151 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 22152 <criteria operator="AND"> 22153 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22154 <criteria operator="OR"> 22155 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 22156 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 22157 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 22158 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 22159 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 22160 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 22161 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 22162 </criteria> 22163 </criteria> 22164 </criteria> 22165 </definition> 22166 <definition id="oval:org.opensuse.security:def:20104078" version="1" class="vulnerability"> 22167 <metadata> 22168 <title>CVE-2010-4078</title> 22169 <affected family="unix"> 22170 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22171 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22172 </affected> 22173 <reference ref_id="CVE-2010-4078" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4078" source="CVE"/> 22174 <description> 22175 The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call. 22176 </description> 22177 </metadata> 22178 <criteria operator="OR"> 22179 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 22180 <criteria operator="AND"> 22181 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22182 <criteria operator="OR"> 22183 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 22184 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22185 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22186 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22187 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22188 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22189 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 22190 </criteria> 22191 </criteria> 22192 <!-- 674eb707cae3a31be66788e116641a9a --> 22193 <criteria operator="AND"> 22194 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22195 <criteria operator="OR"> 22196 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22197 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22198 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22199 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22200 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22201 </criteria> 22202 </criteria> 22203 </criteria> 22204 </definition> 22205 <definition id="oval:org.opensuse.security:def:20104080" version="1" class="vulnerability"> 22206 <metadata> 22207 <title>CVE-2010-4080</title> 22208 <affected family="unix"> 22209 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22210 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22211 </affected> 22212 <reference ref_id="CVE-2010-4080" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4080" source="CVE"/> 22213 <description> 22214 The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call. 22215 </description> 22216 </metadata> 22217 <criteria operator="OR"> 22218 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 22219 <criteria operator="AND"> 22220 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22221 <criteria operator="OR"> 22222 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 22223 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22224 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22225 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22226 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22227 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22228 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 22229 </criteria> 22230 </criteria> 22231 <!-- 674eb707cae3a31be66788e116641a9a --> 22232 <criteria operator="AND"> 22233 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22234 <criteria operator="OR"> 22235 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22236 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22237 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22238 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22239 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22240 </criteria> 22241 </criteria> 22242 </criteria> 22243 </definition> 22244 <definition id="oval:org.opensuse.security:def:20104081" version="1" class="vulnerability"> 22245 <metadata> 22246 <title>CVE-2010-4081</title> 22247 <affected family="unix"> 22248 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22249 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22250 </affected> 22251 <reference ref_id="CVE-2010-4081" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4081" source="CVE"/> 22252 <description> 22253 The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO ioctl call. 22254 </description> 22255 </metadata> 22256 <criteria operator="OR"> 22257 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 22258 <criteria operator="AND"> 22259 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22260 <criteria operator="OR"> 22261 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 22262 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22263 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22264 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22265 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22266 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22267 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 22268 </criteria> 22269 </criteria> 22270 <!-- 674eb707cae3a31be66788e116641a9a --> 22271 <criteria operator="AND"> 22272 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22273 <criteria operator="OR"> 22274 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22275 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22276 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22277 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22278 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22279 </criteria> 22280 </criteria> 22281 </criteria> 22282 </definition> 22283 <definition id="oval:org.opensuse.security:def:20104083" version="1" class="vulnerability"> 22284 <metadata> 22285 <title>CVE-2010-4083</title> 22286 <affected family="unix"> 22287 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22288 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22289 </affected> 22290 <reference ref_id="CVE-2010-4083" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4083" source="CVE"/> 22291 <description> 22292 The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) IPC_INFO, (2) SEM_INFO, (3) IPC_STAT, or (4) SEM_STAT command in a semctl system call. 22293 </description> 22294 </metadata> 22295 <criteria operator="OR"> 22296 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 22297 <criteria operator="AND"> 22298 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22299 <criteria operator="OR"> 22300 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 22301 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22302 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22303 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22304 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22305 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22306 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 22307 </criteria> 22308 </criteria> 22309 <!-- 674eb707cae3a31be66788e116641a9a --> 22310 <criteria operator="AND"> 22311 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22312 <criteria operator="OR"> 22313 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22314 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22315 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22316 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22317 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22318 </criteria> 22319 </criteria> 22320 </criteria> 22321 </definition> 22322 <definition id="oval:org.opensuse.security:def:20104091" version="1" class="vulnerability"> 22323 <metadata> 22324 <title>CVE-2010-4091</title> 22325 <affected family="unix"> 22326 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22327 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22328 </affected> 22329 <reference ref_id="CVE-2010-4091" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4091" source="CVE"/> 22330 <description> 22331 The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information. 22332 </description> 22333 </metadata> 22334 <criteria operator="OR"> 22335 <!-- 23decf3a05ed243b6585bc17331cc559 --> 22336 <criteria operator="AND"> 22337 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22338 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 22339 </criteria> 22340 <!-- 34246c4efba2dacfca1e33872cf42d89 --> 22341 <criteria operator="AND"> 22342 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22343 <criterion test_ref="oval:org.opensuse.security:tst:2009064942" comment="acroread less than 9.4.1-0.4.1"/> 22344 </criteria> 22345 <!-- 754ac44f54866ef5d17c66c57c7e2683 --> 22346 <criteria operator="AND"> 22347 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22348 <criterion test_ref="oval:org.opensuse.security:tst:2009064943" comment="acroread_ja less than 9.4.1-0.4.1"/> 22349 </criteria> 22350 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 22351 <criteria operator="AND"> 22352 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22353 <criteria operator="OR"> 22354 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 22355 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 22356 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 22357 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 22358 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 22359 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 22360 </criteria> 22361 </criteria> 22362 </criteria> 22363 </definition> 22364 <definition id="oval:org.opensuse.security:def:20104157" version="1" class="vulnerability"> 22365 <metadata> 22366 <title>CVE-2010-4157</title> 22367 <affected family="unix"> 22368 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22369 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22370 </affected> 22371 <reference ref_id="CVE-2010-4157" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4157" source="CVE"/> 22372 <description> 22373 Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large argument in an ioctl call. 22374 </description> 22375 </metadata> 22376 <criteria operator="OR"> 22377 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 22378 <criteria operator="AND"> 22379 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22380 <criteria operator="OR"> 22381 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 22382 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22383 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22384 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22385 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22386 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22387 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 22388 </criteria> 22389 </criteria> 22390 <!-- 674eb707cae3a31be66788e116641a9a --> 22391 <criteria operator="AND"> 22392 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22393 <criteria operator="OR"> 22394 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22395 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22396 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22397 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22398 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22399 </criteria> 22400 </criteria> 22401 </criteria> 22402 </definition> 22403 <definition id="oval:org.opensuse.security:def:20104158" version="1" class="vulnerability"> 22404 <metadata> 22405 <title>CVE-2010-4158</title> 22406 <affected family="unix"> 22407 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22408 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22409 </affected> 22410 <reference ref_id="CVE-2010-4158" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4158" source="CVE"/> 22411 <description> 22412 The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter. 22413 </description> 22414 </metadata> 22415 <criteria operator="OR"> 22416 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 22417 <criteria operator="AND"> 22418 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22419 <criteria operator="OR"> 22420 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 22421 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22422 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22423 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22424 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22425 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22426 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 22427 </criteria> 22428 </criteria> 22429 <!-- 674eb707cae3a31be66788e116641a9a --> 22430 <criteria operator="AND"> 22431 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22432 <criteria operator="OR"> 22433 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22434 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22435 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22436 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22437 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22438 </criteria> 22439 </criteria> 22440 </criteria> 22441 </definition> 22442 <definition id="oval:org.opensuse.security:def:20104159" version="1" class="vulnerability"> 22443 <metadata> 22444 <title>CVE-2010-4159</title> 22445 <affected family="unix"> 22446 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22447 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22448 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 22449 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 22450 </affected> 22451 <reference ref_id="CVE-2010-4159" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4159" source="CVE"/> 22452 <description> 22453 Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 and earlier allows local users to gain privileges via a Trojan horse shared library in the current working directory. 22454 </description> 22455 </metadata> 22456 <criteria operator="OR"> 22457 <!-- 25377b3023006da1c0af5164dd40ab70 --> 22458 <criteria operator="AND"> 22459 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22460 <criteria operator="OR"> 22461 <criterion test_ref="oval:org.opensuse.security:tst:2009067824" comment="bytefx-data-mysql less than 1.2.2-12.30.14"/> 22462 <criterion test_ref="oval:org.opensuse.security:tst:2009067825" comment="ibm-data-db2 less than 1.2.2-12.30.14"/> 22463 <criterion test_ref="oval:org.opensuse.security:tst:2009067826" comment="mono-core-32bit less than 1.2.2-12.30.14"/> 22464 <criterion test_ref="oval:org.opensuse.security:tst:2009067827" comment="mono-core less than 1.2.2-12.30.14"/> 22465 <criterion test_ref="oval:org.opensuse.security:tst:2009067828" comment="mono-data-firebird less than 1.2.2-12.30.14"/> 22466 <criterion test_ref="oval:org.opensuse.security:tst:2009067829" comment="mono-data-oracle less than 1.2.2-12.30.14"/> 22467 <criterion test_ref="oval:org.opensuse.security:tst:2009067830" comment="mono-data-postgresql less than 1.2.2-12.30.14"/> 22468 <criterion test_ref="oval:org.opensuse.security:tst:2009067831" comment="mono-data-sqlite less than 1.2.2-12.30.14"/> 22469 <criterion test_ref="oval:org.opensuse.security:tst:2009067832" comment="mono-data-sybase less than 1.2.2-12.30.14"/> 22470 <criterion test_ref="oval:org.opensuse.security:tst:2009067833" comment="mono-data less than 1.2.2-12.30.14"/> 22471 <criterion test_ref="oval:org.opensuse.security:tst:2009067834" comment="mono-devel less than 1.2.2-12.30.14"/> 22472 <criterion test_ref="oval:org.opensuse.security:tst:2009067835" comment="mono-extras less than 1.2.2-12.30.14"/> 22473 <criterion test_ref="oval:org.opensuse.security:tst:2009067836" comment="mono-locale-extras less than 1.2.2-12.30.14"/> 22474 <criterion test_ref="oval:org.opensuse.security:tst:2009067837" comment="mono-nunit less than 1.2.2-12.30.14"/> 22475 <criterion test_ref="oval:org.opensuse.security:tst:2009067838" comment="mono-web less than 1.2.2-12.30.14"/> 22476 <criterion test_ref="oval:org.opensuse.security:tst:2009067839" comment="mono-winforms less than 1.2.2-12.30.14"/> 22477 </criteria> 22478 </criteria> 22479 <!-- bf099e5a282cf118b8b9ed19383ea0e1 --> 22480 <criteria operator="AND"> 22481 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 22482 <criteria operator="OR"> 22483 <criterion test_ref="oval:org.opensuse.security:tst:2009068077" comment="bytefx-data-mysql less than 1.2.2-12.30.16"/> 22484 <criterion test_ref="oval:org.opensuse.security:tst:2009068078" comment="ibm-data-db2 less than 1.2.2-12.30.16"/> 22485 <criterion test_ref="oval:org.opensuse.security:tst:2009068079" comment="mono-core-32bit less than 1.2.2-12.30.16"/> 22486 <criterion test_ref="oval:org.opensuse.security:tst:2009068080" comment="mono-core less than 1.2.2-12.30.16"/> 22487 <criterion test_ref="oval:org.opensuse.security:tst:2009068081" comment="mono-data-firebird less than 1.2.2-12.30.16"/> 22488 <criterion test_ref="oval:org.opensuse.security:tst:2009068082" comment="mono-data-oracle less than 1.2.2-12.30.16"/> 22489 <criterion test_ref="oval:org.opensuse.security:tst:2009068083" comment="mono-data-postgresql less than 1.2.2-12.30.16"/> 22490 <criterion test_ref="oval:org.opensuse.security:tst:2009068084" comment="mono-data-sqlite less than 1.2.2-12.30.16"/> 22491 <criterion test_ref="oval:org.opensuse.security:tst:2009068085" comment="mono-data-sybase less than 1.2.2-12.30.16"/> 22492 <criterion test_ref="oval:org.opensuse.security:tst:2009068086" comment="mono-data less than 1.2.2-12.30.16"/> 22493 <criterion test_ref="oval:org.opensuse.security:tst:2009068087" comment="mono-devel less than 1.2.2-12.30.16"/> 22494 <criterion test_ref="oval:org.opensuse.security:tst:2009068088" comment="mono-extras less than 1.2.2-12.30.16"/> 22495 <criterion test_ref="oval:org.opensuse.security:tst:2009068089" comment="mono-locale-extras less than 1.2.2-12.30.16"/> 22496 <criterion test_ref="oval:org.opensuse.security:tst:2009068090" comment="mono-nunit less than 1.2.2-12.30.16"/> 22497 <criterion test_ref="oval:org.opensuse.security:tst:2009068091" comment="mono-web less than 1.2.2-12.30.16"/> 22498 <criterion test_ref="oval:org.opensuse.security:tst:2009068092" comment="mono-winforms less than 1.2.2-12.30.16"/> 22499 </criteria> 22500 </criteria> 22501 </criteria> 22502 </definition> 22503 <definition id="oval:org.opensuse.security:def:20104160" version="1" class="vulnerability"> 22504 <metadata> 22505 <title>CVE-2010-4160</title> 22506 <affected family="unix"> 22507 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22508 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22509 </affected> 22510 <reference ref_id="CVE-2010-4160" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4160" source="CVE"/> 22511 <description> 22512 Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in net/l2tp/l2tp_ip.c, in the PPPoL2TP and IPoL2TP implementations in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (heap memory corruption and panic) or possibly gain privileges via a crafted sendto call. 22513 </description> 22514 </metadata> 22515 <criteria operator="OR"> 22516 <!-- 8b70aa4d05f245a4b664290a8bf4da13 --> 22517 <criteria operator="AND"> 22518 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22519 <criteria operator="OR"> 22520 <criterion test_ref="oval:org.opensuse.security:tst:2009065639" comment="kernel-bigsmp less than 2.6.16.60-0.76.8"/> 22521 <criterion test_ref="oval:org.opensuse.security:tst:2009065640" comment="kernel-default less than 2.6.16.60-0.76.8"/> 22522 <criterion test_ref="oval:org.opensuse.security:tst:2009065641" comment="kernel-smp less than 2.6.16.60-0.76.8"/> 22523 <criterion test_ref="oval:org.opensuse.security:tst:2009065642" comment="kernel-source less than 2.6.16.60-0.76.8"/> 22524 <criterion test_ref="oval:org.opensuse.security:tst:2009065643" comment="kernel-syms less than 2.6.16.60-0.76.8"/> 22525 <criterion test_ref="oval:org.opensuse.security:tst:2009065644" comment="kernel-xen less than 2.6.16.60-0.76.8"/> 22526 <criterion test_ref="oval:org.opensuse.security:tst:2009065645" comment="kernel-xenpae less than 2.6.16.60-0.76.8"/> 22527 </criteria> 22528 </criteria> 22529 <!-- f715eb6e5d39ac340637af52966bcd6e --> 22530 <criteria operator="AND"> 22531 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22532 <criteria operator="OR"> 22533 <criterion test_ref="oval:org.opensuse.security:tst:2009065640" comment="kernel-default less than 2.6.16.60-0.76.8"/> 22534 <criterion test_ref="oval:org.opensuse.security:tst:2009065641" comment="kernel-smp less than 2.6.16.60-0.76.8"/> 22535 <criterion test_ref="oval:org.opensuse.security:tst:2009065642" comment="kernel-source less than 2.6.16.60-0.76.8"/> 22536 <criterion test_ref="oval:org.opensuse.security:tst:2009065643" comment="kernel-syms less than 2.6.16.60-0.76.8"/> 22537 <criterion test_ref="oval:org.opensuse.security:tst:2009065644" comment="kernel-xen less than 2.6.16.60-0.76.8"/> 22538 </criteria> 22539 </criteria> 22540 </criteria> 22541 </definition> 22542 <definition id="oval:org.opensuse.security:def:20104162" version="1" class="vulnerability"> 22543 <metadata> 22544 <title>CVE-2010-4162</title> 22545 <affected family="unix"> 22546 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22547 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22548 </affected> 22549 <reference ref_id="CVE-2010-4162" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4162" source="CVE"/> 22550 <description> 22551 Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device. 22552 </description> 22553 </metadata> 22554 <criteria operator="OR"> 22555 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 22556 <criteria operator="AND"> 22557 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22558 <criteria operator="OR"> 22559 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 22560 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22561 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22562 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22563 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22564 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22565 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 22566 </criteria> 22567 </criteria> 22568 <!-- 674eb707cae3a31be66788e116641a9a --> 22569 <criteria operator="AND"> 22570 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22571 <criteria operator="OR"> 22572 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22573 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22574 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22575 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22576 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22577 </criteria> 22578 </criteria> 22579 </criteria> 22580 </definition> 22581 <definition id="oval:org.opensuse.security:def:20104163" version="1" class="vulnerability"> 22582 <metadata> 22583 <title>CVE-2010-4163</title> 22584 <affected family="unix"> 22585 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22586 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22587 </affected> 22588 <reference ref_id="CVE-2010-4163" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4163" source="CVE"/> 22589 <description> 22590 The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.36.2 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device. 22591 </description> 22592 </metadata> 22593 <criteria operator="OR"> 22594 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 22595 <criteria operator="AND"> 22596 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22597 <criteria operator="OR"> 22598 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 22599 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 22600 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 22601 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 22602 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 22603 </criteria> 22604 </criteria> 22605 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 22606 <criteria operator="AND"> 22607 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22608 <criteria operator="OR"> 22609 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 22610 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 22611 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 22612 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 22613 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 22614 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 22615 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 22616 </criteria> 22617 </criteria> 22618 </criteria> 22619 </definition> 22620 <definition id="oval:org.opensuse.security:def:20104164" version="1" class="vulnerability"> 22621 <metadata> 22622 <title>CVE-2010-4164</title> 22623 <affected family="unix"> 22624 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22625 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22626 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 22627 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 22628 </affected> 22629 <reference ref_id="CVE-2010-4164" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4164" source="CVE"/> 22630 <description> 22631 Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CLASS_B, (3) X25_FAC_CLASS_C, or (4) X25_FAC_CLASS_D facility data, a different vulnerability than CVE-2010-3873. 22632 </description> 22633 </metadata> 22634 <criteria operator="OR"> 22635 <!-- 04c790b378855fb45cf8fbe69ba4bbc1 --> 22636 <criteria operator="AND"> 22637 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 22638 <criteria operator="OR"> 22639 <criterion test_ref="oval:org.opensuse.security:tst:2009072709" comment="kernel-bigsmp less than 2.6.16.60-0.93.1"/> 22640 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 22641 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 22642 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 22643 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 22644 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 22645 <criterion test_ref="oval:org.opensuse.security:tst:2009072715" comment="kernel-xenpae less than 2.6.16.60-0.93.1"/> 22646 </criteria> 22647 </criteria> 22648 <!-- 2a3c70bd23d91ad0dd11094f7e71f27a --> 22649 <criteria operator="AND"> 22650 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 22651 <criteria operator="OR"> 22652 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 22653 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 22654 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 22655 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 22656 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 22657 </criteria> 22658 </criteria> 22659 <!-- 2d433ce13217ec9e95c2b22bce28b8ed --> 22660 <criteria operator="AND"> 22661 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22662 <criteria operator="OR"> 22663 <criterion test_ref="oval:org.opensuse.security:tst:2009065148" comment="kernel-bigsmp less than 2.6.16.60-0.74.7"/> 22664 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22665 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22666 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22667 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22668 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22669 <criterion test_ref="oval:org.opensuse.security:tst:2009065154" comment="kernel-xenpae less than 2.6.16.60-0.74.7"/> 22670 </criteria> 22671 </criteria> 22672 <!-- 674eb707cae3a31be66788e116641a9a --> 22673 <criteria operator="AND"> 22674 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22675 <criteria operator="OR"> 22676 <criterion test_ref="oval:org.opensuse.security:tst:2009065149" comment="kernel-default less than 2.6.16.60-0.74.7"/> 22677 <criterion test_ref="oval:org.opensuse.security:tst:2009065150" comment="kernel-smp less than 2.6.16.60-0.74.7"/> 22678 <criterion test_ref="oval:org.opensuse.security:tst:2009065151" comment="kernel-source less than 2.6.16.60-0.74.7"/> 22679 <criterion test_ref="oval:org.opensuse.security:tst:2009065152" comment="kernel-syms less than 2.6.16.60-0.74.7"/> 22680 <criterion test_ref="oval:org.opensuse.security:tst:2009065153" comment="kernel-xen less than 2.6.16.60-0.74.7"/> 22681 </criteria> 22682 </criteria> 22683 </criteria> 22684 </definition> 22685 <definition id="oval:org.opensuse.security:def:20104180" version="1" class="vulnerability"> 22686 <metadata> 22687 <title>CVE-2010-4180</title> 22688 <affected family="unix"> 22689 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 22690 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 22691 </affected> 22692 <reference ref_id="CVE-2010-4180" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180" source="CVE"/> 22693 <description> 22694 OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. 22695 </description> 22696 </metadata> 22697 <criteria operator="OR"> 22698 <!-- 6deef59a2e94ee7d0f87aa2f497078c7 --> 22699 <criteria operator="AND"> 22700 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 22701 <criteria operator="OR"> 22702 <criterion test_ref="oval:org.opensuse.security:tst:2009069579" comment="compat-openssl097g-32bit less than 0.9.7g-13.21.1"/> 22703 <criterion test_ref="oval:org.opensuse.security:tst:2009069580" comment="compat-openssl097g less than 0.9.7g-13.21.1"/> 22704 </criteria> 22705 </criteria> 22706 <!-- ad2c03e5db24ef9c3d0c1c789a0f12fc --> 22707 <criteria operator="AND"> 22708 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 22709 <criteria operator="OR"> 22710 <criterion test_ref="oval:org.opensuse.security:tst:2009068103" comment="openssl-32bit less than 0.9.8a-18.50.1"/> 22711 <criterion test_ref="oval:org.opensuse.security:tst:2009068104" comment="openssl-devel-32bit less than 0.9.8a-18.50.1"/> 22712 <criterion test_ref="oval:org.opensuse.security:tst:2009068105" comment="openssl-devel less than 0.9.8a-18.50.1"/> 22713 <criterion test_ref="oval:org.opensuse.security:tst:2009068106" comment="openssl less than 0.9.8a-18.50.1"/> 22714 </criteria> 22715 </criteria> 22716 <!-- e3950ab87a0b449a0d3d8313b4086042 --> 22717 <criteria operator="AND"> 22718 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 22719 <criteria operator="OR"> 22720 <criterion test_ref="oval:org.opensuse.security:tst:2009077556" comment="libcurl4-32bit less than 7.19.0-11.6.1"/> 22721 <criterion test_ref="oval:org.opensuse.security:tst:2009077557" comment="libcurl4 less than 7.19.0-11.6.1"/> 22722 </criteria> 22723 </criteria> 22724 </criteria> 22725 </definition> 22726 <definition id="oval:org.opensuse.security:def:20104226" version="1" class="vulnerability"> 22727 <metadata> 22728 <title>CVE-2010-4226</title> 22729 <affected family="unix"> 22730 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22731 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22732 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 22733 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 22734 </affected> 22735 <reference ref_id="CVE-2010-4226" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4226" source="CVE"/> 22736 <description> 22737 cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers to overwrite arbitrary files via a symlink within an RPM package archive. 22738 </description> 22739 </metadata> 22740 <criteria operator="OR"> 22741 <!-- 01aa176a6b475fa60eef966d72e3024a --> 22742 <criteria operator="AND"> 22743 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 22744 <criterion test_ref="oval:org.opensuse.security:tst:2009066654" comment="build less than 2007.05.10-0.16.1"/> 22745 </criteria> 22746 <!-- 679b825d6e5f56a1fc59146d045b9cd0 --> 22747 <criteria operator="AND"> 22748 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22749 <criterion test_ref="oval:org.opensuse.security:tst:2009066654" comment="build less than 2007.05.10-0.16.1"/> 22750 </criteria> 22751 </criteria> 22752 </definition> 22753 <definition id="oval:org.opensuse.security:def:20104242" version="1" class="vulnerability"> 22754 <metadata> 22755 <title>CVE-2010-4242</title> 22756 <affected family="unix"> 22757 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22758 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22759 </affected> 22760 <reference ref_id="CVE-2010-4242" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4242" source="CVE"/> 22761 <description> 22762 The hci_uart_tty_open function in the HCI UART driver (drivers/bluetooth/hci_ldisc.c) in the Linux kernel 2.6.36, and possibly other versions, does not verify whether the tty has a write operation, which allows local users to cause a denial of service (NULL pointer dereference) via vectors related to the Bluetooth driver. 22763 </description> 22764 </metadata> 22765 <criteria operator="OR"> 22766 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 22767 <criteria operator="AND"> 22768 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22769 <criteria operator="OR"> 22770 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 22771 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 22772 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 22773 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 22774 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 22775 </criteria> 22776 </criteria> 22777 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 22778 <criteria operator="AND"> 22779 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22780 <criteria operator="OR"> 22781 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 22782 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 22783 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 22784 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 22785 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 22786 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 22787 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 22788 </criteria> 22789 </criteria> 22790 </criteria> 22791 </definition> 22792 <definition id="oval:org.opensuse.security:def:20104248" version="1" class="vulnerability"> 22793 <metadata> 22794 <title>CVE-2010-4248</title> 22795 <affected family="unix"> 22796 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22797 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22798 </affected> 22799 <reference ref_id="CVE-2010-4248" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4248" source="CVE"/> 22800 <description> 22801 Race condition in the __exit_signal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader in the de_thread function in fs/exec.c. 22802 </description> 22803 </metadata> 22804 <criteria operator="OR"> 22805 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 22806 <criteria operator="AND"> 22807 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22808 <criteria operator="OR"> 22809 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 22810 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 22811 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 22812 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 22813 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 22814 </criteria> 22815 </criteria> 22816 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 22817 <criteria operator="AND"> 22818 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22819 <criteria operator="OR"> 22820 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 22821 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 22822 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 22823 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 22824 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 22825 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 22826 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 22827 </criteria> 22828 </criteria> 22829 </criteria> 22830 </definition> 22831 <definition id="oval:org.opensuse.security:def:20104249" version="1" class="vulnerability"> 22832 <metadata> 22833 <title>CVE-2010-4249</title> 22834 <affected family="unix"> 22835 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 22836 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 22837 </affected> 22838 <reference ref_id="CVE-2010-4249" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4249" source="CVE"/> 22839 <description> 22840 The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets. 22841 </description> 22842 </metadata> 22843 <criteria operator="OR"> 22844 <!-- 04c790b378855fb45cf8fbe69ba4bbc1 --> 22845 <criteria operator="AND"> 22846 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 22847 <criteria operator="OR"> 22848 <criterion test_ref="oval:org.opensuse.security:tst:2009072709" comment="kernel-bigsmp less than 2.6.16.60-0.93.1"/> 22849 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 22850 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 22851 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 22852 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 22853 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 22854 <criterion test_ref="oval:org.opensuse.security:tst:2009072715" comment="kernel-xenpae less than 2.6.16.60-0.93.1"/> 22855 </criteria> 22856 </criteria> 22857 <!-- 2a3c70bd23d91ad0dd11094f7e71f27a --> 22858 <criteria operator="AND"> 22859 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 22860 <criteria operator="OR"> 22861 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 22862 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 22863 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 22864 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 22865 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 22866 </criteria> 22867 </criteria> 22868 </criteria> 22869 </definition> 22870 <definition id="oval:org.opensuse.security:def:20104251" version="1" class="vulnerability"> 22871 <metadata> 22872 <title>CVE-2010-4251</title> 22873 <affected family="unix"> 22874 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 22875 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 22876 </affected> 22877 <reference ref_id="CVE-2010-4251" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4251" source="CVE"/> 22878 <description> 22879 The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests. 22880 </description> 22881 </metadata> 22882 <criteria operator="OR"> 22883 <!-- 754d5abd3666eec2fbee9b225156757d --> 22884 <criteria operator="AND"> 22885 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 22886 <criteria operator="OR"> 22887 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 22888 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 22889 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 22890 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 22891 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 22892 </criteria> 22893 </criteria> 22894 <!-- c44206b33270f7a4715bc2a20553ccb8 --> 22895 <criteria operator="AND"> 22896 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 22897 <criteria operator="OR"> 22898 <criterion test_ref="oval:org.opensuse.security:tst:2009070734" comment="kernel-bigsmp less than 2.6.16.60-0.87.1"/> 22899 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 22900 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 22901 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 22902 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 22903 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 22904 <criterion test_ref="oval:org.opensuse.security:tst:2009070735" comment="kernel-xenpae less than 2.6.16.60-0.87.1"/> 22905 </criteria> 22906 </criteria> 22907 </criteria> 22908 </definition> 22909 <definition id="oval:org.opensuse.security:def:20104253" version="1" class="vulnerability"> 22910 <metadata> 22911 <title>CVE-2010-4253</title> 22912 <affected family="unix"> 22913 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22914 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22915 </affected> 22916 <reference ref_id="CVE-2010-4253" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4253" source="CVE"/> 22917 <description> 22918 Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file in an ODF or Microsoft Office document, as demonstrated by a PowerPoint (aka PPT) document. 22919 </description> 22920 </metadata> 22921 <!-- 620ba2655e733f37c547ce340f0bdce6 --> 22922 <criteria operator="AND"> 22923 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 22924 <criteria operator="OR"> 22925 <criterion test_ref="oval:org.opensuse.security:tst:2009070746" comment="boost-32bit less than 1.33.1-17.13.2.1"/> 22926 <criterion test_ref="oval:org.opensuse.security:tst:2009070747" comment="boost less than 1.33.1-17.13.2.1"/> 22927 <criterion test_ref="oval:org.opensuse.security:tst:2009070748" comment="libreoffice-af less than 3.3.1.2-1.6.2.2"/> 22928 <criterion test_ref="oval:org.opensuse.security:tst:2009070749" comment="libreoffice-ar less than 3.3.1.2-1.6.2.2"/> 22929 <criterion test_ref="oval:org.opensuse.security:tst:2009070750" comment="libreoffice-ca less than 3.3.1.2-1.6.2.2"/> 22930 <criterion test_ref="oval:org.opensuse.security:tst:2009070751" comment="libreoffice-cs less than 3.3.1.2-1.6.2.2"/> 22931 <criterion test_ref="oval:org.opensuse.security:tst:2009070752" comment="libreoffice-da less than 3.3.1.2-1.6.2.2"/> 22932 <criterion test_ref="oval:org.opensuse.security:tst:2009070753" comment="libreoffice-de-templates less than 8.2.1-0.5.1"/> 22933 <criterion test_ref="oval:org.opensuse.security:tst:2009070754" comment="libreoffice-de less than 3.3.1.2-1.6.2.2"/> 22934 <criterion test_ref="oval:org.opensuse.security:tst:2009070755" comment="libreoffice-el less than 3.3.1.2-1.6.2.2"/> 22935 <criterion test_ref="oval:org.opensuse.security:tst:2009070756" comment="libreoffice-en-GB less than 3.3.1.2-1.6.2.2"/> 22936 <criterion test_ref="oval:org.opensuse.security:tst:2009070757" comment="libreoffice-es less than 3.3.1.2-1.6.2.2"/> 22937 <criterion test_ref="oval:org.opensuse.security:tst:2009070758" comment="libreoffice-fi less than 3.3.1.2-1.6.2.2"/> 22938 <criterion test_ref="oval:org.opensuse.security:tst:2009070759" comment="libreoffice-fr less than 3.3.1.2-1.6.2.2"/> 22939 <criterion test_ref="oval:org.opensuse.security:tst:2009070760" comment="libreoffice-galleries less than 3.3.1.2-1.6.2.2"/> 22940 <criterion test_ref="oval:org.opensuse.security:tst:2009070761" comment="libreoffice-gnome less than 3.3.1.2-1.6.2.2"/> 22941 <criterion test_ref="oval:org.opensuse.security:tst:2009070762" comment="libreoffice-gu-IN less than 3.3.1.2-1.6.2.2"/> 22942 <criterion test_ref="oval:org.opensuse.security:tst:2009070763" comment="libreoffice-hi-IN less than 3.3.1.2-1.6.2.2"/> 22943 <criterion test_ref="oval:org.opensuse.security:tst:2009070764" comment="libreoffice-hu less than 3.3.1.2-1.6.2.2"/> 22944 <criterion test_ref="oval:org.opensuse.security:tst:2009070765" comment="libreoffice-it less than 3.3.1.2-1.6.2.2"/> 22945 <criterion test_ref="oval:org.opensuse.security:tst:2009070766" comment="libreoffice-ja less than 3.3.1.2-1.6.2.2"/> 22946 <criterion test_ref="oval:org.opensuse.security:tst:2009070767" comment="libreoffice-kde less than 3.3.1.2-1.6.2.2"/> 22947 <criterion test_ref="oval:org.opensuse.security:tst:2009070768" comment="libreoffice-ko less than 3.3.1.2-1.6.2.2"/> 22948 <criterion test_ref="oval:org.opensuse.security:tst:2009070769" comment="libreoffice-mono less than 3.3.1.2-1.6.2.2"/> 22949 <criterion test_ref="oval:org.opensuse.security:tst:2009070770" comment="libreoffice-nb less than 3.3.1.2-1.6.2.2"/> 22950 <criterion test_ref="oval:org.opensuse.security:tst:2009070771" comment="libreoffice-nl less than 3.3.1.2-1.6.2.2"/> 22951 <criterion test_ref="oval:org.opensuse.security:tst:2009070772" comment="libreoffice-nn less than 3.3.1.2-1.6.2.2"/> 22952 <criterion test_ref="oval:org.opensuse.security:tst:2009070773" comment="libreoffice-pl less than 3.3.1.2-1.6.2.2"/> 22953 <criterion test_ref="oval:org.opensuse.security:tst:2009070774" comment="libreoffice-pt-BR less than 3.3.1.2-1.6.2.2"/> 22954 <criterion test_ref="oval:org.opensuse.security:tst:2009070775" comment="libreoffice-ru less than 3.3.1.2-1.6.2.2"/> 22955 <criterion test_ref="oval:org.opensuse.security:tst:2009070776" comment="libreoffice-sk less than 3.3.1.2-1.6.2.2"/> 22956 <criterion test_ref="oval:org.opensuse.security:tst:2009070777" comment="libreoffice-sv less than 3.3.1.2-1.6.2.2"/> 22957 <criterion test_ref="oval:org.opensuse.security:tst:2009070778" comment="libreoffice-xh less than 3.3.1.2-1.6.2.2"/> 22958 <criterion test_ref="oval:org.opensuse.security:tst:2009070779" comment="libreoffice-zh-CN less than 3.3.1.2-1.6.2.2"/> 22959 <criterion test_ref="oval:org.opensuse.security:tst:2009070780" comment="libreoffice-zh-TW less than 3.3.1.2-1.6.2.2"/> 22960 <criterion test_ref="oval:org.opensuse.security:tst:2009070781" comment="libreoffice-zu less than 3.3.1.2-1.6.2.2"/> 22961 <criterion test_ref="oval:org.opensuse.security:tst:2009070782" comment="libreoffice less than 3.3.1.2-1.6.2.2"/> 22962 <criterion test_ref="oval:org.opensuse.security:tst:2009070783" comment="myspell-african less than 20040727-33.3.1"/> 22963 <criterion test_ref="oval:org.opensuse.security:tst:2009070784" comment="myspell-american less than 20040623-33.3.1"/> 22964 <criterion test_ref="oval:org.opensuse.security:tst:2009070785" comment="myspell-brazilian less than 20020806-33.3.1"/> 22965 <criterion test_ref="oval:org.opensuse.security:tst:2009070786" comment="myspell-british less than 20050526-27.3.1"/> 22966 <criterion test_ref="oval:org.opensuse.security:tst:2009070787" comment="myspell-catalan less than 0.1-248.3.1"/> 22967 <criterion test_ref="oval:org.opensuse.security:tst:2009070788" comment="myspell-czech less than 20030907-59.3.1"/> 22968 <criterion test_ref="oval:org.opensuse.security:tst:2009070789" comment="myspell-danish less than 20050421-27.3.1"/> 22969 <criterion test_ref="oval:org.opensuse.security:tst:2009070790" comment="myspell-dutch less than 20050719-22.14.3.1"/> 22970 <criterion test_ref="oval:org.opensuse.security:tst:2009070791" comment="myspell-french less than 1.0.1.1-26.14.3.1"/> 22971 <criterion test_ref="oval:org.opensuse.security:tst:2009070792" comment="myspell-german less than 20051213-19.14.3.1"/> 22972 <criterion test_ref="oval:org.opensuse.security:tst:2009070793" comment="myspell-greek less than 20041220-26.14.3.1"/> 22973 <criterion test_ref="oval:org.opensuse.security:tst:2009070794" comment="myspell-gujarati less than 20060929-20.12.3.1"/> 22974 <criterion test_ref="oval:org.opensuse.security:tst:2009070795" comment="myspell-hindi less than 0.1-20.12.3.1"/> 22975 <criterion test_ref="oval:org.opensuse.security:tst:2009070796" comment="myspell-italian less than 20050711-22.14.3.1"/> 22976 <criterion test_ref="oval:org.opensuse.security:tst:2009070797" comment="myspell-lithuanian less than 20031231-26.14.3.1"/> 22977 <criterion test_ref="oval:org.opensuse.security:tst:2009070798" comment="myspell-marathi less than 0.1-20.12.3.1"/> 22978 <criterion test_ref="oval:org.opensuse.security:tst:2009070799" comment="myspell-norsk-bokmaal less than 20050308-22.14.3.1"/> 22979 <criterion test_ref="oval:org.opensuse.security:tst:2009070800" comment="myspell-norsk-nynorsk less than 20041208-26.14.3.1"/> 22980 <criterion test_ref="oval:org.opensuse.security:tst:2009070801" comment="myspell-polish less than 20051016-20.14.3.1"/> 22981 <criterion test_ref="oval:org.opensuse.security:tst:2009070802" comment="myspell-portuguese less than 20020629-243.14.3.1"/> 22982 <criterion test_ref="oval:org.opensuse.security:tst:2009070803" comment="myspell-russian less than 20040406-28.14.3.1"/> 22983 <criterion test_ref="oval:org.opensuse.security:tst:2009070804" comment="myspell-slovak less than 20050901-20.14.3.1"/> 22984 <criterion test_ref="oval:org.opensuse.security:tst:2009070805" comment="myspell-slovene less than 20030907-54.14.3.1"/> 22985 <criterion test_ref="oval:org.opensuse.security:tst:2009070806" comment="myspell-spanish less than 20051029-20.14.3.1"/> 22986 <criterion test_ref="oval:org.opensuse.security:tst:2009070807" comment="myspell-swedish less than 20061207-1.12.3.1"/> 22987 <criterion test_ref="oval:org.opensuse.security:tst:2009070808" comment="myspell-xhosa less than 20060123-20.12.3.1"/> 22988 <criterion test_ref="oval:org.opensuse.security:tst:2009070809" comment="myspell-zulu less than 0.2-26.14.3.1"/> 22989 </criteria> 22990 </criteria> 22991 </definition> 22992 <definition id="oval:org.opensuse.security:def:20104255" version="1" class="vulnerability"> 22993 <metadata> 22994 <title>CVE-2010-4255</title> 22995 <affected family="unix"> 22996 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 22997 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 22998 </affected> 22999 <reference ref_id="CVE-2010-4255" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4255" source="CVE"/> 23000 <description> 23001 The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access. 23002 </description> 23003 </metadata> 23004 <!-- bfb73bc4eccf58e02a14ae841699467c --> 23005 <criteria operator="AND"> 23006 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23007 <criteria operator="OR"> 23008 <criterion test_ref="oval:org.opensuse.security:tst:2009069159" comment="virt-manager less than 0.5.3-0.33.32.14"/> 23009 <criterion test_ref="oval:org.opensuse.security:tst:2009069160" comment="xen-devel less than 3.2.3_17040_24-0.4.1"/> 23010 <criterion test_ref="oval:org.opensuse.security:tst:2009069161" comment="xen-doc-html less than 3.2.3_17040_24-0.4.1"/> 23011 <criterion test_ref="oval:org.opensuse.security:tst:2009069162" comment="xen-doc-pdf less than 3.2.3_17040_24-0.4.1"/> 23012 <criterion test_ref="oval:org.opensuse.security:tst:2009069163" comment="xen-doc-ps less than 3.2.3_17040_24-0.4.1"/> 23013 <criterion test_ref="oval:org.opensuse.security:tst:2009069164" comment="xen-kmp-bigsmp less than 3.2.3_17040_24_2.6.16.60_0.74.7-0.4.1"/> 23014 <criterion test_ref="oval:org.opensuse.security:tst:2009069165" comment="xen-kmp-default less than 3.2.3_17040_24_2.6.16.60_0.74.7-0.4.1"/> 23015 <criterion test_ref="oval:org.opensuse.security:tst:2009069166" comment="xen-kmp-smp less than 3.2.3_17040_24_2.6.16.60_0.74.7-0.4.1"/> 23016 <criterion test_ref="oval:org.opensuse.security:tst:2009069167" comment="xen-libs-32bit less than 3.2.3_17040_24-0.4.1"/> 23017 <criterion test_ref="oval:org.opensuse.security:tst:2009069168" comment="xen-libs less than 3.2.3_17040_24-0.4.1"/> 23018 <criterion test_ref="oval:org.opensuse.security:tst:2009069169" comment="xen-tools-domU less than 3.2.3_17040_24-0.4.1"/> 23019 <criterion test_ref="oval:org.opensuse.security:tst:2009069170" comment="xen-tools-ioemu less than 3.2.3_17040_24-0.4.1"/> 23020 <criterion test_ref="oval:org.opensuse.security:tst:2009069171" comment="xen-tools less than 3.2.3_17040_24-0.4.1"/> 23021 <criterion test_ref="oval:org.opensuse.security:tst:2009069172" comment="xen less than 3.2.3_17040_24-0.4.1"/> 23022 </criteria> 23023 </criteria> 23024 </definition> 23025 <definition id="oval:org.opensuse.security:def:20104258" version="1" class="vulnerability"> 23026 <metadata> 23027 <title>CVE-2010-4258</title> 23028 <affected family="unix"> 23029 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23030 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23031 </affected> 23032 <reference ref_id="CVE-2010-4258" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4258" source="CVE"/> 23033 <description> 23034 The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a (1) BUG, (2) NULL pointer dereference, or (3) page fault, as demonstrated by vectors involving the clear_child_tid feature and the splice system call. 23035 </description> 23036 </metadata> 23037 <criteria operator="OR"> 23038 <!-- 8b70aa4d05f245a4b664290a8bf4da13 --> 23039 <criteria operator="AND"> 23040 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23041 <criteria operator="OR"> 23042 <criterion test_ref="oval:org.opensuse.security:tst:2009065639" comment="kernel-bigsmp less than 2.6.16.60-0.76.8"/> 23043 <criterion test_ref="oval:org.opensuse.security:tst:2009065640" comment="kernel-default less than 2.6.16.60-0.76.8"/> 23044 <criterion test_ref="oval:org.opensuse.security:tst:2009065641" comment="kernel-smp less than 2.6.16.60-0.76.8"/> 23045 <criterion test_ref="oval:org.opensuse.security:tst:2009065642" comment="kernel-source less than 2.6.16.60-0.76.8"/> 23046 <criterion test_ref="oval:org.opensuse.security:tst:2009065643" comment="kernel-syms less than 2.6.16.60-0.76.8"/> 23047 <criterion test_ref="oval:org.opensuse.security:tst:2009065644" comment="kernel-xen less than 2.6.16.60-0.76.8"/> 23048 <criterion test_ref="oval:org.opensuse.security:tst:2009065645" comment="kernel-xenpae less than 2.6.16.60-0.76.8"/> 23049 </criteria> 23050 </criteria> 23051 <!-- f715eb6e5d39ac340637af52966bcd6e --> 23052 <criteria operator="AND"> 23053 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23054 <criteria operator="OR"> 23055 <criterion test_ref="oval:org.opensuse.security:tst:2009065640" comment="kernel-default less than 2.6.16.60-0.76.8"/> 23056 <criterion test_ref="oval:org.opensuse.security:tst:2009065641" comment="kernel-smp less than 2.6.16.60-0.76.8"/> 23057 <criterion test_ref="oval:org.opensuse.security:tst:2009065642" comment="kernel-source less than 2.6.16.60-0.76.8"/> 23058 <criterion test_ref="oval:org.opensuse.security:tst:2009065643" comment="kernel-syms less than 2.6.16.60-0.76.8"/> 23059 <criterion test_ref="oval:org.opensuse.security:tst:2009065644" comment="kernel-xen less than 2.6.16.60-0.76.8"/> 23060 </criteria> 23061 </criteria> 23062 </criteria> 23063 </definition> 23064 <definition id="oval:org.opensuse.security:def:20104260" version="1" class="vulnerability"> 23065 <metadata> 23066 <title>CVE-2010-4260</title> 23067 <affected family="unix"> 23068 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23069 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23070 </affected> 23071 <reference ref_id="CVE-2010-4260" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4260" source="CVE"/> 23072 <description> 23073 Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka (1) "bb #2358" and (2) "bb #2396." 23074 </description> 23075 </metadata> 23076 <!-- a9212582ff8997026a854501e8d121e9 --> 23077 <criteria operator="AND"> 23078 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23079 <criterion test_ref="oval:org.opensuse.security:tst:2009065079" comment="clamav less than 0.96.5-0.4.2"/> 23080 </criteria> 23081 </definition> 23082 <definition id="oval:org.opensuse.security:def:20104261" version="1" class="vulnerability"> 23083 <metadata> 23084 <title>CVE-2010-4261</title> 23085 <affected family="unix"> 23086 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23087 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23088 </affected> 23089 <reference ref_id="CVE-2010-4261" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4261" source="CVE"/> 23090 <description> 23091 Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information. 23092 </description> 23093 </metadata> 23094 <!-- a9212582ff8997026a854501e8d121e9 --> 23095 <criteria operator="AND"> 23096 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23097 <criterion test_ref="oval:org.opensuse.security:tst:2009065079" comment="clamav less than 0.96.5-0.4.2"/> 23098 </criteria> 23099 </definition> 23100 <definition id="oval:org.opensuse.security:def:20104300" version="1" class="vulnerability"> 23101 <metadata> 23102 <title>CVE-2010-4300</title> 23103 <affected family="unix"> 23104 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23105 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23106 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 23107 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 23108 </affected> 23109 <reference ref_id="CVE-2010-4300" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4300" source="CVE"/> 23110 <description> 23111 Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption. 23112 </description> 23113 </metadata> 23114 <criteria operator="OR"> 23115 <!-- 6f945ca7e512591223a153602859503d --> 23116 <criteria operator="AND"> 23117 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23118 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 23119 </criteria> 23120 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 23121 <criteria operator="AND"> 23122 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 23123 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 23124 </criteria> 23125 </criteria> 23126 </definition> 23127 <definition id="oval:org.opensuse.security:def:20104301" version="1" class="vulnerability"> 23128 <metadata> 23129 <title>CVE-2010-4301</title> 23130 <affected family="unix"> 23131 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23132 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23133 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 23134 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 23135 </affected> 23136 <reference ref_id="CVE-2010-4301" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4301" source="CVE"/> 23137 <description> 23138 epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes. 23139 </description> 23140 </metadata> 23141 <criteria operator="OR"> 23142 <!-- 6f945ca7e512591223a153602859503d --> 23143 <criteria operator="AND"> 23144 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23145 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 23146 </criteria> 23147 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 23148 <criteria operator="AND"> 23149 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 23150 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 23151 </criteria> 23152 </criteria> 23153 </definition> 23154 <definition id="oval:org.opensuse.security:def:20104342" version="1" class="vulnerability"> 23155 <metadata> 23156 <title>CVE-2010-4342</title> 23157 <affected family="unix"> 23158 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23159 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23160 </affected> 23161 <reference ref_id="CVE-2010-4342" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4342" source="CVE"/> 23162 <description> 23163 The aun_incoming function in net/econet/af_econet.c in the Linux kernel before 2.6.37-rc6, when Econet is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending an Acorn Universal Networking (AUN) packet over UDP. 23164 </description> 23165 </metadata> 23166 <criteria operator="OR"> 23167 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 23168 <criteria operator="AND"> 23169 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23170 <criteria operator="OR"> 23171 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 23172 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 23173 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 23174 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 23175 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 23176 </criteria> 23177 </criteria> 23178 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 23179 <criteria operator="AND"> 23180 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23181 <criteria operator="OR"> 23182 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 23183 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 23184 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 23185 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 23186 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 23187 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 23188 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 23189 </criteria> 23190 </criteria> 23191 </criteria> 23192 </definition> 23193 <definition id="oval:org.opensuse.security:def:20104352" version="1" class="vulnerability"> 23194 <metadata> 23195 <title>CVE-2010-4352</title> 23196 <affected family="unix"> 23197 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 23198 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 23199 </affected> 23200 <reference ref_id="CVE-2010-4352" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4352" source="CVE"/> 23201 <description> 23202 Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allows local users to cause a denial of service (daemon crash) via a message containing many nested variants. 23203 </description> 23204 </metadata> 23205 <!-- dde20c718132c54e40619cef79c34890 --> 23206 <criteria operator="AND"> 23207 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 23208 <criteria operator="OR"> 23209 <criterion test_ref="oval:org.opensuse.security:tst:2009068047" comment="dbus-1-32bit less than 0.60-33.29.1"/> 23210 <criterion test_ref="oval:org.opensuse.security:tst:2009068049" comment="dbus-1-devel less than 0.60-33.29.1"/> 23211 <criterion test_ref="oval:org.opensuse.security:tst:2009068050" comment="dbus-1-glib-32bit less than 0.60-33.29.1"/> 23212 <criterion test_ref="oval:org.opensuse.security:tst:2009068053" comment="dbus-1-glib less than 0.60-33.29.1"/> 23213 <criterion test_ref="oval:org.opensuse.security:tst:2009068054" comment="dbus-1-gtk less than 0.60-33.29.1"/> 23214 <criterion test_ref="oval:org.opensuse.security:tst:2009068056" comment="dbus-1-mono less than 0.60-33.29.1"/> 23215 <criterion test_ref="oval:org.opensuse.security:tst:2009068057" comment="dbus-1-python less than 0.60-33.29.1"/> 23216 <criterion test_ref="oval:org.opensuse.security:tst:2009068058" comment="dbus-1-qt3-32bit less than 0.60-33.29.1"/> 23217 <criterion test_ref="oval:org.opensuse.security:tst:2009068060" comment="dbus-1-qt3-devel less than 0.60-33.29.1"/> 23218 <criterion test_ref="oval:org.opensuse.security:tst:2009068062" comment="dbus-1-qt3 less than 0.60-33.29.1"/> 23219 <criterion test_ref="oval:org.opensuse.security:tst:2009068063" comment="dbus-1-x11 less than 0.60-33.29.1"/> 23220 <criterion test_ref="oval:org.opensuse.security:tst:2009068065" comment="dbus-1 less than 0.60-33.29.1"/> 23221 </criteria> 23222 </criteria> 23223 </definition> 23224 <definition id="oval:org.opensuse.security:def:20104409" version="1" class="vulnerability"> 23225 <metadata> 23226 <title>CVE-2010-4409</title> 23227 <affected family="unix"> 23228 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 23229 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 23230 </affected> 23231 <reference ref_id="CVE-2010-4409" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4409" source="CVE"/> 23232 <description> 23233 Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and earlier allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument. 23234 </description> 23235 </metadata> 23236 <!-- e7ea96f0f245f1bd2f74770ba314e188 --> 23237 <criteria operator="AND"> 23238 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 23239 <criteria operator="OR"> 23240 <criterion test_ref="oval:org.opensuse.security:tst:2009107272" comment="icu less than 3.4-16.13.2"/> 23241 <criterion test_ref="oval:org.opensuse.security:tst:2009107273" comment="libicu-32bit less than 3.4-16.13.2"/> 23242 <criterion test_ref="oval:org.opensuse.security:tst:2009107274" comment="libicu less than 3.4-16.13.2"/> 23243 </criteria> 23244 </criteria> 23245 </definition> 23246 <definition id="oval:org.opensuse.security:def:20104410" version="1" class="vulnerability"> 23247 <metadata> 23248 <title>CVE-2010-4410</title> 23249 <affected family="unix"> 23250 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23251 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23252 </affected> 23253 <reference ref_id="CVE-2010-4410" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4410" source="CVE"/> 23254 <description> 23255 CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline characters, a different vulnerability than CVE-2010-2761 and CVE-2010-3172. 23256 </description> 23257 </metadata> 23258 <!-- aa08850f4b8bd72b4cd28674c6bdf3d6 --> 23259 <criteria operator="AND"> 23260 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23261 <criteria operator="OR"> 23262 <criterion test_ref="oval:org.opensuse.security:tst:2009065606" comment="perl-32bit less than 5.8.8-14.17.15"/> 23263 <criterion test_ref="oval:org.opensuse.security:tst:2009065607" comment="perl less than 5.8.8-14.17.15"/> 23264 </criteria> 23265 </criteria> 23266 </definition> 23267 <definition id="oval:org.opensuse.security:def:20104411" version="1" class="vulnerability"> 23268 <metadata> 23269 <title>CVE-2010-4411</title> 23270 <affected family="unix"> 23271 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23272 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23273 </affected> 23274 <reference ref_id="CVE-2010-4411" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4411" source="CVE"/> 23275 <description> 23276 Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761. 23277 </description> 23278 </metadata> 23279 <!-- aa08850f4b8bd72b4cd28674c6bdf3d6 --> 23280 <criteria operator="AND"> 23281 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23282 <criteria operator="OR"> 23283 <criterion test_ref="oval:org.opensuse.security:tst:2009065606" comment="perl-32bit less than 5.8.8-14.17.15"/> 23284 <criterion test_ref="oval:org.opensuse.security:tst:2009065607" comment="perl less than 5.8.8-14.17.15"/> 23285 </criteria> 23286 </criteria> 23287 </definition> 23288 <definition id="oval:org.opensuse.security:def:20104422" version="1" class="vulnerability"> 23289 <metadata> 23290 <title>CVE-2010-4422</title> 23291 <affected family="unix"> 23292 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23293 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23294 </affected> 23295 <reference ref_id="CVE-2010-4422" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4422" source="CVE"/> 23296 <description> 23297 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. 23298 </description> 23299 </metadata> 23300 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 23301 <criteria operator="AND"> 23302 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23303 <criteria operator="OR"> 23304 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 23305 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 23306 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 23307 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 23308 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 23309 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 23310 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 23311 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 23312 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 23313 </criteria> 23314 </criteria> 23315 </definition> 23316 <definition id="oval:org.opensuse.security:def:20104447" version="1" class="vulnerability"> 23317 <metadata> 23318 <title>CVE-2010-4447</title> 23319 <affected family="unix"> 23320 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23321 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23322 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 23323 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 23324 </affected> 23325 <reference ref_id="CVE-2010-4447" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4447" source="CVE"/> 23326 <description> 23327 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Deployment. 23328 </description> 23329 </metadata> 23330 <criteria operator="OR"> 23331 <!-- 5cdbae1443b7790944a7d5df3a40ab00 --> 23332 <criteria operator="AND"> 23333 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 23334 <criteria operator="OR"> 23335 <criterion test_ref="oval:org.opensuse.security:tst:2009067770" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.18"/> 23336 <criterion test_ref="oval:org.opensuse.security:tst:2009067771" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.18"/> 23337 <criterion test_ref="oval:org.opensuse.security:tst:2009067772" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.18"/> 23338 <criterion test_ref="oval:org.opensuse.security:tst:2009067773" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.18"/> 23339 <criterion test_ref="oval:org.opensuse.security:tst:2009067774" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.18"/> 23340 <criterion test_ref="oval:org.opensuse.security:tst:2009067775" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.18"/> 23341 <criterion test_ref="oval:org.opensuse.security:tst:2009067776" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.18"/> 23342 <criterion test_ref="oval:org.opensuse.security:tst:2009067777" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.18"/> 23343 <criterion test_ref="oval:org.opensuse.security:tst:2009067778" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.18"/> 23344 <criterion test_ref="oval:org.opensuse.security:tst:2009067779" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.18"/> 23345 <criterion test_ref="oval:org.opensuse.security:tst:2009067780" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.18"/> 23346 </criteria> 23347 </criteria> 23348 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 23349 <criteria operator="AND"> 23350 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23351 <criteria operator="OR"> 23352 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 23353 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 23354 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 23355 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 23356 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 23357 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 23358 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 23359 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 23360 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 23361 </criteria> 23362 </criteria> 23363 <!-- d25bbf65a6a2b3926117126bf2da1942 --> 23364 <criteria operator="AND"> 23365 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23366 <criteria operator="OR"> 23367 <criterion test_ref="oval:org.opensuse.security:tst:2009066655" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.1"/> 23368 <criterion test_ref="oval:org.opensuse.security:tst:2009066656" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.1"/> 23369 <criterion test_ref="oval:org.opensuse.security:tst:2009066657" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.1"/> 23370 <criterion test_ref="oval:org.opensuse.security:tst:2009066658" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.1"/> 23371 <criterion test_ref="oval:org.opensuse.security:tst:2009066659" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.1"/> 23372 <criterion test_ref="oval:org.opensuse.security:tst:2009066660" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.1"/> 23373 <criterion test_ref="oval:org.opensuse.security:tst:2009066661" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.1"/> 23374 <criterion test_ref="oval:org.opensuse.security:tst:2009066662" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.1"/> 23375 <criterion test_ref="oval:org.opensuse.security:tst:2009066663" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.1"/> 23376 <criterion test_ref="oval:org.opensuse.security:tst:2009066664" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.1"/> 23377 <criterion test_ref="oval:org.opensuse.security:tst:2009066665" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.1"/> 23378 </criteria> 23379 </criteria> 23380 </criteria> 23381 </definition> 23382 <definition id="oval:org.opensuse.security:def:20104448" version="1" class="vulnerability"> 23383 <metadata> 23384 <title>CVE-2010-4448</title> 23385 <affected family="unix"> 23386 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23387 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23388 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 23389 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 23390 </affected> 23391 <reference ref_id="CVE-2010-4448" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4448" source="CVE"/> 23392 <description> 23393 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Networking. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves "DNS cache poisoning by untrusted applets." 23394 </description> 23395 </metadata> 23396 <criteria operator="OR"> 23397 <!-- 5cdbae1443b7790944a7d5df3a40ab00 --> 23398 <criteria operator="AND"> 23399 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 23400 <criteria operator="OR"> 23401 <criterion test_ref="oval:org.opensuse.security:tst:2009067770" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.18"/> 23402 <criterion test_ref="oval:org.opensuse.security:tst:2009067771" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.18"/> 23403 <criterion test_ref="oval:org.opensuse.security:tst:2009067772" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.18"/> 23404 <criterion test_ref="oval:org.opensuse.security:tst:2009067773" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.18"/> 23405 <criterion test_ref="oval:org.opensuse.security:tst:2009067774" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.18"/> 23406 <criterion test_ref="oval:org.opensuse.security:tst:2009067775" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.18"/> 23407 <criterion test_ref="oval:org.opensuse.security:tst:2009067776" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.18"/> 23408 <criterion test_ref="oval:org.opensuse.security:tst:2009067777" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.18"/> 23409 <criterion test_ref="oval:org.opensuse.security:tst:2009067778" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.18"/> 23410 <criterion test_ref="oval:org.opensuse.security:tst:2009067779" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.18"/> 23411 <criterion test_ref="oval:org.opensuse.security:tst:2009067780" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.18"/> 23412 </criteria> 23413 </criteria> 23414 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 23415 <criteria operator="AND"> 23416 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23417 <criteria operator="OR"> 23418 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 23419 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 23420 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 23421 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 23422 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 23423 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 23424 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 23425 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 23426 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 23427 </criteria> 23428 </criteria> 23429 <!-- d25bbf65a6a2b3926117126bf2da1942 --> 23430 <criteria operator="AND"> 23431 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23432 <criteria operator="OR"> 23433 <criterion test_ref="oval:org.opensuse.security:tst:2009066655" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.1"/> 23434 <criterion test_ref="oval:org.opensuse.security:tst:2009066656" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.1"/> 23435 <criterion test_ref="oval:org.opensuse.security:tst:2009066657" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.1"/> 23436 <criterion test_ref="oval:org.opensuse.security:tst:2009066658" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.1"/> 23437 <criterion test_ref="oval:org.opensuse.security:tst:2009066659" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.1"/> 23438 <criterion test_ref="oval:org.opensuse.security:tst:2009066660" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.1"/> 23439 <criterion test_ref="oval:org.opensuse.security:tst:2009066661" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.1"/> 23440 <criterion test_ref="oval:org.opensuse.security:tst:2009066662" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.1"/> 23441 <criterion test_ref="oval:org.opensuse.security:tst:2009066663" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.1"/> 23442 <criterion test_ref="oval:org.opensuse.security:tst:2009066664" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.1"/> 23443 <criterion test_ref="oval:org.opensuse.security:tst:2009066665" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.1"/> 23444 </criteria> 23445 </criteria> 23446 </criteria> 23447 </definition> 23448 <definition id="oval:org.opensuse.security:def:20104450" version="1" class="vulnerability"> 23449 <metadata> 23450 <title>CVE-2010-4450</title> 23451 <affected family="unix"> 23452 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23453 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23454 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 23455 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 23456 </affected> 23457 <reference ref_id="CVE-2010-4450" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4450" source="CVE"/> 23458 <description> 23459 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows local standalone applications to affect confidentiality, integrity, and availability via unknown vectors related to Launcher. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is an untrusted search path vulnerability involving an empty LD_LIBRARY_PATH environment variable. 23460 </description> 23461 </metadata> 23462 <criteria operator="OR"> 23463 <!-- 5cdbae1443b7790944a7d5df3a40ab00 --> 23464 <criteria operator="AND"> 23465 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 23466 <criteria operator="OR"> 23467 <criterion test_ref="oval:org.opensuse.security:tst:2009067770" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.18"/> 23468 <criterion test_ref="oval:org.opensuse.security:tst:2009067771" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.18"/> 23469 <criterion test_ref="oval:org.opensuse.security:tst:2009067772" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.18"/> 23470 <criterion test_ref="oval:org.opensuse.security:tst:2009067773" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.18"/> 23471 <criterion test_ref="oval:org.opensuse.security:tst:2009067774" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.18"/> 23472 <criterion test_ref="oval:org.opensuse.security:tst:2009067775" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.18"/> 23473 <criterion test_ref="oval:org.opensuse.security:tst:2009067776" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.18"/> 23474 <criterion test_ref="oval:org.opensuse.security:tst:2009067777" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.18"/> 23475 <criterion test_ref="oval:org.opensuse.security:tst:2009067778" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.18"/> 23476 <criterion test_ref="oval:org.opensuse.security:tst:2009067779" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.18"/> 23477 <criterion test_ref="oval:org.opensuse.security:tst:2009067780" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.18"/> 23478 </criteria> 23479 </criteria> 23480 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 23481 <criteria operator="AND"> 23482 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23483 <criteria operator="OR"> 23484 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 23485 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 23486 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 23487 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 23488 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 23489 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 23490 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 23491 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 23492 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 23493 </criteria> 23494 </criteria> 23495 <!-- d25bbf65a6a2b3926117126bf2da1942 --> 23496 <criteria operator="AND"> 23497 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23498 <criteria operator="OR"> 23499 <criterion test_ref="oval:org.opensuse.security:tst:2009066655" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.1"/> 23500 <criterion test_ref="oval:org.opensuse.security:tst:2009066656" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.1"/> 23501 <criterion test_ref="oval:org.opensuse.security:tst:2009066657" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.1"/> 23502 <criterion test_ref="oval:org.opensuse.security:tst:2009066658" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.1"/> 23503 <criterion test_ref="oval:org.opensuse.security:tst:2009066659" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.1"/> 23504 <criterion test_ref="oval:org.opensuse.security:tst:2009066660" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.1"/> 23505 <criterion test_ref="oval:org.opensuse.security:tst:2009066661" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.1"/> 23506 <criterion test_ref="oval:org.opensuse.security:tst:2009066662" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.1"/> 23507 <criterion test_ref="oval:org.opensuse.security:tst:2009066663" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.1"/> 23508 <criterion test_ref="oval:org.opensuse.security:tst:2009066664" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.1"/> 23509 <criterion test_ref="oval:org.opensuse.security:tst:2009066665" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.1"/> 23510 </criteria> 23511 </criteria> 23512 </criteria> 23513 </definition> 23514 <definition id="oval:org.opensuse.security:def:20104451" version="1" class="vulnerability"> 23515 <metadata> 23516 <title>CVE-2010-4451</title> 23517 <affected family="unix"> 23518 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23519 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23520 </affected> 23521 <reference ref_id="CVE-2010-4451" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4451" source="CVE"/> 23522 <description> 23523 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Windows, when using Java Update, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install. 23524 </description> 23525 </metadata> 23526 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 23527 <criteria operator="AND"> 23528 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23529 <criteria operator="OR"> 23530 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 23531 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 23532 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 23533 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 23534 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 23535 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 23536 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 23537 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 23538 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 23539 </criteria> 23540 </criteria> 23541 </definition> 23542 <definition id="oval:org.opensuse.security:def:20104452" version="1" class="vulnerability"> 23543 <metadata> 23544 <title>CVE-2010-4452</title> 23545 <affected family="unix"> 23546 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23547 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23548 </affected> 23549 <reference ref_id="CVE-2010-4452" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4452" source="CVE"/> 23550 <description> 23551 Unspecified vulnerability in the Deployment component in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors. 23552 </description> 23553 </metadata> 23554 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 23555 <criteria operator="AND"> 23556 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23557 <criteria operator="OR"> 23558 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 23559 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 23560 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 23561 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 23562 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 23563 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 23564 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 23565 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 23566 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 23567 </criteria> 23568 </criteria> 23569 </definition> 23570 <definition id="oval:org.opensuse.security:def:20104454" version="1" class="vulnerability"> 23571 <metadata> 23572 <title>CVE-2010-4454</title> 23573 <affected family="unix"> 23574 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23575 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23576 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 23577 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 23578 </affected> 23579 <reference ref_id="CVE-2010-4454" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4454" source="CVE"/> 23580 <description> 23581 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs. 23582 </description> 23583 </metadata> 23584 <criteria operator="OR"> 23585 <!-- 5cdbae1443b7790944a7d5df3a40ab00 --> 23586 <criteria operator="AND"> 23587 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 23588 <criteria operator="OR"> 23589 <criterion test_ref="oval:org.opensuse.security:tst:2009067770" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.18"/> 23590 <criterion test_ref="oval:org.opensuse.security:tst:2009067771" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.18"/> 23591 <criterion test_ref="oval:org.opensuse.security:tst:2009067772" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.18"/> 23592 <criterion test_ref="oval:org.opensuse.security:tst:2009067773" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.18"/> 23593 <criterion test_ref="oval:org.opensuse.security:tst:2009067774" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.18"/> 23594 <criterion test_ref="oval:org.opensuse.security:tst:2009067775" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.18"/> 23595 <criterion test_ref="oval:org.opensuse.security:tst:2009067776" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.18"/> 23596 <criterion test_ref="oval:org.opensuse.security:tst:2009067777" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.18"/> 23597 <criterion test_ref="oval:org.opensuse.security:tst:2009067778" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.18"/> 23598 <criterion test_ref="oval:org.opensuse.security:tst:2009067779" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.18"/> 23599 <criterion test_ref="oval:org.opensuse.security:tst:2009067780" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.18"/> 23600 </criteria> 23601 </criteria> 23602 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 23603 <criteria operator="AND"> 23604 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23605 <criteria operator="OR"> 23606 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 23607 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 23608 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 23609 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 23610 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 23611 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 23612 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 23613 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 23614 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 23615 </criteria> 23616 </criteria> 23617 <!-- d25bbf65a6a2b3926117126bf2da1942 --> 23618 <criteria operator="AND"> 23619 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23620 <criteria operator="OR"> 23621 <criterion test_ref="oval:org.opensuse.security:tst:2009066655" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.1"/> 23622 <criterion test_ref="oval:org.opensuse.security:tst:2009066656" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.1"/> 23623 <criterion test_ref="oval:org.opensuse.security:tst:2009066657" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.1"/> 23624 <criterion test_ref="oval:org.opensuse.security:tst:2009066658" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.1"/> 23625 <criterion test_ref="oval:org.opensuse.security:tst:2009066659" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.1"/> 23626 <criterion test_ref="oval:org.opensuse.security:tst:2009066660" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.1"/> 23627 <criterion test_ref="oval:org.opensuse.security:tst:2009066661" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.1"/> 23628 <criterion test_ref="oval:org.opensuse.security:tst:2009066662" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.1"/> 23629 <criterion test_ref="oval:org.opensuse.security:tst:2009066663" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.1"/> 23630 <criterion test_ref="oval:org.opensuse.security:tst:2009066664" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.1"/> 23631 <criterion test_ref="oval:org.opensuse.security:tst:2009066665" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.1"/> 23632 </criteria> 23633 </criteria> 23634 </criteria> 23635 </definition> 23636 <definition id="oval:org.opensuse.security:def:20104462" version="1" class="vulnerability"> 23637 <metadata> 23638 <title>CVE-2010-4462</title> 23639 <affected family="unix"> 23640 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23641 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23642 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 23643 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 23644 </affected> 23645 <reference ref_id="CVE-2010-4462" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4462" source="CVE"/> 23646 <description> 23647 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs. 23648 </description> 23649 </metadata> 23650 <criteria operator="OR"> 23651 <!-- 5cdbae1443b7790944a7d5df3a40ab00 --> 23652 <criteria operator="AND"> 23653 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 23654 <criteria operator="OR"> 23655 <criterion test_ref="oval:org.opensuse.security:tst:2009067770" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.18"/> 23656 <criterion test_ref="oval:org.opensuse.security:tst:2009067771" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.18"/> 23657 <criterion test_ref="oval:org.opensuse.security:tst:2009067772" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.18"/> 23658 <criterion test_ref="oval:org.opensuse.security:tst:2009067773" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.18"/> 23659 <criterion test_ref="oval:org.opensuse.security:tst:2009067774" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.18"/> 23660 <criterion test_ref="oval:org.opensuse.security:tst:2009067775" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.18"/> 23661 <criterion test_ref="oval:org.opensuse.security:tst:2009067776" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.18"/> 23662 <criterion test_ref="oval:org.opensuse.security:tst:2009067777" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.18"/> 23663 <criterion test_ref="oval:org.opensuse.security:tst:2009067778" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.18"/> 23664 <criterion test_ref="oval:org.opensuse.security:tst:2009067779" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.18"/> 23665 <criterion test_ref="oval:org.opensuse.security:tst:2009067780" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.18"/> 23666 </criteria> 23667 </criteria> 23668 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 23669 <criteria operator="AND"> 23670 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23671 <criteria operator="OR"> 23672 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 23673 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 23674 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 23675 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 23676 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 23677 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 23678 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 23679 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 23680 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 23681 </criteria> 23682 </criteria> 23683 <!-- d25bbf65a6a2b3926117126bf2da1942 --> 23684 <criteria operator="AND"> 23685 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23686 <criteria operator="OR"> 23687 <criterion test_ref="oval:org.opensuse.security:tst:2009066655" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.1"/> 23688 <criterion test_ref="oval:org.opensuse.security:tst:2009066656" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.1"/> 23689 <criterion test_ref="oval:org.opensuse.security:tst:2009066657" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.1"/> 23690 <criterion test_ref="oval:org.opensuse.security:tst:2009066658" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.1"/> 23691 <criterion test_ref="oval:org.opensuse.security:tst:2009066659" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.1"/> 23692 <criterion test_ref="oval:org.opensuse.security:tst:2009066660" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.1"/> 23693 <criterion test_ref="oval:org.opensuse.security:tst:2009066661" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.1"/> 23694 <criterion test_ref="oval:org.opensuse.security:tst:2009066662" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.1"/> 23695 <criterion test_ref="oval:org.opensuse.security:tst:2009066663" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.1"/> 23696 <criterion test_ref="oval:org.opensuse.security:tst:2009066664" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.1"/> 23697 <criterion test_ref="oval:org.opensuse.security:tst:2009066665" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.1"/> 23698 </criteria> 23699 </criteria> 23700 </criteria> 23701 </definition> 23702 <definition id="oval:org.opensuse.security:def:20104463" version="1" class="vulnerability"> 23703 <metadata> 23704 <title>CVE-2010-4463</title> 23705 <affected family="unix"> 23706 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23707 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23708 </affected> 23709 <reference ref_id="CVE-2010-4463" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4463" source="CVE"/> 23710 <description> 23711 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 21 through 6 Update 23 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. 23712 </description> 23713 </metadata> 23714 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 23715 <criteria operator="AND"> 23716 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23717 <criteria operator="OR"> 23718 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 23719 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 23720 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 23721 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 23722 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 23723 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 23724 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 23725 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 23726 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 23727 </criteria> 23728 </criteria> 23729 </definition> 23730 <definition id="oval:org.opensuse.security:def:20104465" version="1" class="vulnerability"> 23731 <metadata> 23732 <title>CVE-2010-4465</title> 23733 <affected family="unix"> 23734 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23735 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23736 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 23737 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 23738 </affected> 23739 <reference ref_id="CVE-2010-4465" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4465" source="CVE"/> 23740 <description> 23741 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the lack of framework support by AWT event dispatch, and/or "clipboard access in Applets." 23742 </description> 23743 </metadata> 23744 <criteria operator="OR"> 23745 <!-- 5cdbae1443b7790944a7d5df3a40ab00 --> 23746 <criteria operator="AND"> 23747 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 23748 <criteria operator="OR"> 23749 <criterion test_ref="oval:org.opensuse.security:tst:2009067770" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.18"/> 23750 <criterion test_ref="oval:org.opensuse.security:tst:2009067771" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.18"/> 23751 <criterion test_ref="oval:org.opensuse.security:tst:2009067772" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.18"/> 23752 <criterion test_ref="oval:org.opensuse.security:tst:2009067773" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.18"/> 23753 <criterion test_ref="oval:org.opensuse.security:tst:2009067774" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.18"/> 23754 <criterion test_ref="oval:org.opensuse.security:tst:2009067775" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.18"/> 23755 <criterion test_ref="oval:org.opensuse.security:tst:2009067776" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.18"/> 23756 <criterion test_ref="oval:org.opensuse.security:tst:2009067777" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.18"/> 23757 <criterion test_ref="oval:org.opensuse.security:tst:2009067778" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.18"/> 23758 <criterion test_ref="oval:org.opensuse.security:tst:2009067779" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.18"/> 23759 <criterion test_ref="oval:org.opensuse.security:tst:2009067780" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.18"/> 23760 </criteria> 23761 </criteria> 23762 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 23763 <criteria operator="AND"> 23764 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23765 <criteria operator="OR"> 23766 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 23767 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 23768 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 23769 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 23770 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 23771 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 23772 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 23773 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 23774 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 23775 </criteria> 23776 </criteria> 23777 <!-- d25bbf65a6a2b3926117126bf2da1942 --> 23778 <criteria operator="AND"> 23779 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23780 <criteria operator="OR"> 23781 <criterion test_ref="oval:org.opensuse.security:tst:2009066655" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.1"/> 23782 <criterion test_ref="oval:org.opensuse.security:tst:2009066656" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.1"/> 23783 <criterion test_ref="oval:org.opensuse.security:tst:2009066657" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.1"/> 23784 <criterion test_ref="oval:org.opensuse.security:tst:2009066658" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.1"/> 23785 <criterion test_ref="oval:org.opensuse.security:tst:2009066659" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.1"/> 23786 <criterion test_ref="oval:org.opensuse.security:tst:2009066660" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.1"/> 23787 <criterion test_ref="oval:org.opensuse.security:tst:2009066661" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.1"/> 23788 <criterion test_ref="oval:org.opensuse.security:tst:2009066662" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.1"/> 23789 <criterion test_ref="oval:org.opensuse.security:tst:2009066663" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.1"/> 23790 <criterion test_ref="oval:org.opensuse.security:tst:2009066664" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.1"/> 23791 <criterion test_ref="oval:org.opensuse.security:tst:2009066665" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.1"/> 23792 </criteria> 23793 </criteria> 23794 </criteria> 23795 </definition> 23796 <definition id="oval:org.opensuse.security:def:20104466" version="1" class="vulnerability"> 23797 <metadata> 23798 <title>CVE-2010-4466</title> 23799 <affected family="unix"> 23800 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23801 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23802 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 23803 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 23804 </affected> 23805 <reference ref_id="CVE-2010-4466" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4466" source="CVE"/> 23806 <description> 23807 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Windows, Solaris, and, Linux; 5.0 Update 27 and earlier for Windows; and 1.4.2_29 and earlier for Windows allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Deployment. 23808 </description> 23809 </metadata> 23810 <criteria operator="OR"> 23811 <!-- 5cdbae1443b7790944a7d5df3a40ab00 --> 23812 <criteria operator="AND"> 23813 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 23814 <criteria operator="OR"> 23815 <criterion test_ref="oval:org.opensuse.security:tst:2009067770" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.18"/> 23816 <criterion test_ref="oval:org.opensuse.security:tst:2009067771" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.18"/> 23817 <criterion test_ref="oval:org.opensuse.security:tst:2009067772" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.18"/> 23818 <criterion test_ref="oval:org.opensuse.security:tst:2009067773" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.18"/> 23819 <criterion test_ref="oval:org.opensuse.security:tst:2009067774" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.18"/> 23820 <criterion test_ref="oval:org.opensuse.security:tst:2009067775" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.18"/> 23821 <criterion test_ref="oval:org.opensuse.security:tst:2009067776" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.18"/> 23822 <criterion test_ref="oval:org.opensuse.security:tst:2009067777" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.18"/> 23823 <criterion test_ref="oval:org.opensuse.security:tst:2009067778" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.18"/> 23824 <criterion test_ref="oval:org.opensuse.security:tst:2009067779" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.18"/> 23825 <criterion test_ref="oval:org.opensuse.security:tst:2009067780" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.18"/> 23826 </criteria> 23827 </criteria> 23828 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 23829 <criteria operator="AND"> 23830 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23831 <criteria operator="OR"> 23832 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 23833 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 23834 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 23835 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 23836 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 23837 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 23838 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 23839 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 23840 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 23841 </criteria> 23842 </criteria> 23843 <!-- d25bbf65a6a2b3926117126bf2da1942 --> 23844 <criteria operator="AND"> 23845 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23846 <criteria operator="OR"> 23847 <criterion test_ref="oval:org.opensuse.security:tst:2009066655" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.1"/> 23848 <criterion test_ref="oval:org.opensuse.security:tst:2009066656" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.1"/> 23849 <criterion test_ref="oval:org.opensuse.security:tst:2009066657" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.1"/> 23850 <criterion test_ref="oval:org.opensuse.security:tst:2009066658" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.1"/> 23851 <criterion test_ref="oval:org.opensuse.security:tst:2009066659" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.1"/> 23852 <criterion test_ref="oval:org.opensuse.security:tst:2009066660" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.1"/> 23853 <criterion test_ref="oval:org.opensuse.security:tst:2009066661" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.1"/> 23854 <criterion test_ref="oval:org.opensuse.security:tst:2009066662" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.1"/> 23855 <criterion test_ref="oval:org.opensuse.security:tst:2009066663" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.1"/> 23856 <criterion test_ref="oval:org.opensuse.security:tst:2009066664" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.1"/> 23857 <criterion test_ref="oval:org.opensuse.security:tst:2009066665" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.1"/> 23858 </criteria> 23859 </criteria> 23860 </criteria> 23861 </definition> 23862 <definition id="oval:org.opensuse.security:def:20104467" version="1" class="vulnerability"> 23863 <metadata> 23864 <title>CVE-2010-4467</title> 23865 <affected family="unix"> 23866 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23867 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23868 </affected> 23869 <reference ref_id="CVE-2010-4467" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4467" source="CVE"/> 23870 <description> 23871 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 10 through 6 Update 23 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. 23872 </description> 23873 </metadata> 23874 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 23875 <criteria operator="AND"> 23876 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23877 <criteria operator="OR"> 23878 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 23879 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 23880 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 23881 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 23882 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 23883 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 23884 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 23885 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 23886 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 23887 </criteria> 23888 </criteria> 23889 </definition> 23890 <definition id="oval:org.opensuse.security:def:20104468" version="1" class="vulnerability"> 23891 <metadata> 23892 <title>CVE-2010-4468</title> 23893 <affected family="unix"> 23894 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23895 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23896 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 23897 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 23898 </affected> 23899 <reference ref_id="CVE-2010-4468" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4468" source="CVE"/> 23900 <description> 23901 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity via unknown vectors related to JDBC. 23902 </description> 23903 </metadata> 23904 <criteria operator="OR"> 23905 <!-- 5cdbae1443b7790944a7d5df3a40ab00 --> 23906 <criteria operator="AND"> 23907 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 23908 <criteria operator="OR"> 23909 <criterion test_ref="oval:org.opensuse.security:tst:2009067770" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.18"/> 23910 <criterion test_ref="oval:org.opensuse.security:tst:2009067771" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.18"/> 23911 <criterion test_ref="oval:org.opensuse.security:tst:2009067772" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.18"/> 23912 <criterion test_ref="oval:org.opensuse.security:tst:2009067773" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.18"/> 23913 <criterion test_ref="oval:org.opensuse.security:tst:2009067774" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.18"/> 23914 <criterion test_ref="oval:org.opensuse.security:tst:2009067775" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.18"/> 23915 <criterion test_ref="oval:org.opensuse.security:tst:2009067776" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.18"/> 23916 <criterion test_ref="oval:org.opensuse.security:tst:2009067777" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.18"/> 23917 <criterion test_ref="oval:org.opensuse.security:tst:2009067778" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.18"/> 23918 <criterion test_ref="oval:org.opensuse.security:tst:2009067779" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.18"/> 23919 <criterion test_ref="oval:org.opensuse.security:tst:2009067780" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.18"/> 23920 </criteria> 23921 </criteria> 23922 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 23923 <criteria operator="AND"> 23924 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23925 <criteria operator="OR"> 23926 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 23927 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 23928 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 23929 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 23930 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 23931 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 23932 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 23933 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 23934 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 23935 </criteria> 23936 </criteria> 23937 <!-- d25bbf65a6a2b3926117126bf2da1942 --> 23938 <criteria operator="AND"> 23939 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23940 <criteria operator="OR"> 23941 <criterion test_ref="oval:org.opensuse.security:tst:2009066655" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.1"/> 23942 <criterion test_ref="oval:org.opensuse.security:tst:2009066656" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.1"/> 23943 <criterion test_ref="oval:org.opensuse.security:tst:2009066657" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.1"/> 23944 <criterion test_ref="oval:org.opensuse.security:tst:2009066658" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.1"/> 23945 <criterion test_ref="oval:org.opensuse.security:tst:2009066659" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.1"/> 23946 <criterion test_ref="oval:org.opensuse.security:tst:2009066660" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.1"/> 23947 <criterion test_ref="oval:org.opensuse.security:tst:2009066661" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.1"/> 23948 <criterion test_ref="oval:org.opensuse.security:tst:2009066662" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.1"/> 23949 <criterion test_ref="oval:org.opensuse.security:tst:2009066663" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.1"/> 23950 <criterion test_ref="oval:org.opensuse.security:tst:2009066664" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.1"/> 23951 <criterion test_ref="oval:org.opensuse.security:tst:2009066665" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.1"/> 23952 </criteria> 23953 </criteria> 23954 </criteria> 23955 </definition> 23956 <definition id="oval:org.opensuse.security:def:20104469" version="1" class="vulnerability"> 23957 <metadata> 23958 <title>CVE-2010-4469</title> 23959 <affected family="unix"> 23960 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23961 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23962 </affected> 23963 <reference ref_id="CVE-2010-4469" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4469" source="CVE"/> 23964 <description> 23965 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is heap corruption related to the Verifier and "backward jsrs." 23966 </description> 23967 </metadata> 23968 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 23969 <criteria operator="AND"> 23970 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23971 <criteria operator="OR"> 23972 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 23973 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 23974 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 23975 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 23976 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 23977 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 23978 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 23979 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 23980 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 23981 </criteria> 23982 </criteria> 23983 </definition> 23984 <definition id="oval:org.opensuse.security:def:20104470" version="1" class="vulnerability"> 23985 <metadata> 23986 <title>CVE-2010-4470</title> 23987 <affected family="unix"> 23988 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 23989 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 23990 </affected> 23991 <reference ref_id="CVE-2010-4470" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4470" source="CVE"/> 23992 <description> 23993 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to "Features set on SchemaFactory not inherited by Validator." 23994 </description> 23995 </metadata> 23996 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 23997 <criteria operator="AND"> 23998 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 23999 <criteria operator="OR"> 24000 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 24001 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 24002 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 24003 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 24004 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 24005 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 24006 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 24007 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 24008 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 24009 </criteria> 24010 </criteria> 24011 </definition> 24012 <definition id="oval:org.opensuse.security:def:20104471" version="1" class="vulnerability"> 24013 <metadata> 24014 <title>CVE-2010-4471</title> 24015 <affected family="unix"> 24016 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24017 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24018 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 24019 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 24020 </affected> 24021 <reference ref_id="CVE-2010-4471" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4471" source="CVE"/> 24022 <description> 24023 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to 2D. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the exposure of system properties via vectors related to Font.createFont and exception text. 24024 </description> 24025 </metadata> 24026 <criteria operator="OR"> 24027 <!-- 5cdbae1443b7790944a7d5df3a40ab00 --> 24028 <criteria operator="AND"> 24029 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 24030 <criteria operator="OR"> 24031 <criterion test_ref="oval:org.opensuse.security:tst:2009067770" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.18"/> 24032 <criterion test_ref="oval:org.opensuse.security:tst:2009067771" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.18"/> 24033 <criterion test_ref="oval:org.opensuse.security:tst:2009067772" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.18"/> 24034 <criterion test_ref="oval:org.opensuse.security:tst:2009067773" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.18"/> 24035 <criterion test_ref="oval:org.opensuse.security:tst:2009067774" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.18"/> 24036 <criterion test_ref="oval:org.opensuse.security:tst:2009067775" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.18"/> 24037 <criterion test_ref="oval:org.opensuse.security:tst:2009067776" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.18"/> 24038 <criterion test_ref="oval:org.opensuse.security:tst:2009067777" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.18"/> 24039 <criterion test_ref="oval:org.opensuse.security:tst:2009067778" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.18"/> 24040 <criterion test_ref="oval:org.opensuse.security:tst:2009067779" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.18"/> 24041 <criterion test_ref="oval:org.opensuse.security:tst:2009067780" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.18"/> 24042 </criteria> 24043 </criteria> 24044 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 24045 <criteria operator="AND"> 24046 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24047 <criteria operator="OR"> 24048 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 24049 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 24050 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 24051 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 24052 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 24053 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 24054 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 24055 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 24056 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 24057 </criteria> 24058 </criteria> 24059 <!-- d25bbf65a6a2b3926117126bf2da1942 --> 24060 <criteria operator="AND"> 24061 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24062 <criteria operator="OR"> 24063 <criterion test_ref="oval:org.opensuse.security:tst:2009066655" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.1"/> 24064 <criterion test_ref="oval:org.opensuse.security:tst:2009066656" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.1"/> 24065 <criterion test_ref="oval:org.opensuse.security:tst:2009066657" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.1"/> 24066 <criterion test_ref="oval:org.opensuse.security:tst:2009066658" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.1"/> 24067 <criterion test_ref="oval:org.opensuse.security:tst:2009066659" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.1"/> 24068 <criterion test_ref="oval:org.opensuse.security:tst:2009066660" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.1"/> 24069 <criterion test_ref="oval:org.opensuse.security:tst:2009066661" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.1"/> 24070 <criterion test_ref="oval:org.opensuse.security:tst:2009066662" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.1"/> 24071 <criterion test_ref="oval:org.opensuse.security:tst:2009066663" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.1"/> 24072 <criterion test_ref="oval:org.opensuse.security:tst:2009066664" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.1"/> 24073 <criterion test_ref="oval:org.opensuse.security:tst:2009066665" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.1"/> 24074 </criteria> 24075 </criteria> 24076 </criteria> 24077 </definition> 24078 <definition id="oval:org.opensuse.security:def:20104472" version="1" class="vulnerability"> 24079 <metadata> 24080 <title>CVE-2010-4472</title> 24081 <affected family="unix"> 24082 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24083 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24084 </affected> 24085 <reference ref_id="CVE-2010-4472" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4472" source="CVE"/> 24086 <description> 24087 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves the replacement of the "XML DSig Transform or C14N algorithm implementations." 24088 </description> 24089 </metadata> 24090 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 24091 <criteria operator="AND"> 24092 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24093 <criteria operator="OR"> 24094 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 24095 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 24096 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 24097 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 24098 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 24099 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 24100 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 24101 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 24102 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 24103 </criteria> 24104 </criteria> 24105 </definition> 24106 <definition id="oval:org.opensuse.security:def:20104473" version="1" class="vulnerability"> 24107 <metadata> 24108 <title>CVE-2010-4473</title> 24109 <affected family="unix"> 24110 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24111 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24112 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 24113 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 24114 </affected> 24115 <reference ref_id="CVE-2010-4473" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4473" source="CVE"/> 24116 <description> 24117 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs. 24118 </description> 24119 </metadata> 24120 <criteria operator="OR"> 24121 <!-- 5cdbae1443b7790944a7d5df3a40ab00 --> 24122 <criteria operator="AND"> 24123 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 24124 <criteria operator="OR"> 24125 <criterion test_ref="oval:org.opensuse.security:tst:2009067770" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.18"/> 24126 <criterion test_ref="oval:org.opensuse.security:tst:2009067771" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.18"/> 24127 <criterion test_ref="oval:org.opensuse.security:tst:2009067772" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.18"/> 24128 <criterion test_ref="oval:org.opensuse.security:tst:2009067773" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.18"/> 24129 <criterion test_ref="oval:org.opensuse.security:tst:2009067774" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.18"/> 24130 <criterion test_ref="oval:org.opensuse.security:tst:2009067775" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.18"/> 24131 <criterion test_ref="oval:org.opensuse.security:tst:2009067776" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.18"/> 24132 <criterion test_ref="oval:org.opensuse.security:tst:2009067777" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.18"/> 24133 <criterion test_ref="oval:org.opensuse.security:tst:2009067778" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.18"/> 24134 <criterion test_ref="oval:org.opensuse.security:tst:2009067779" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.18"/> 24135 <criterion test_ref="oval:org.opensuse.security:tst:2009067780" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.18"/> 24136 </criteria> 24137 </criteria> 24138 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 24139 <criteria operator="AND"> 24140 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24141 <criteria operator="OR"> 24142 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 24143 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 24144 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 24145 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 24146 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 24147 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 24148 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 24149 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 24150 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 24151 </criteria> 24152 </criteria> 24153 <!-- d25bbf65a6a2b3926117126bf2da1942 --> 24154 <criteria operator="AND"> 24155 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24156 <criteria operator="OR"> 24157 <criterion test_ref="oval:org.opensuse.security:tst:2009066655" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.1"/> 24158 <criterion test_ref="oval:org.opensuse.security:tst:2009066656" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.1"/> 24159 <criterion test_ref="oval:org.opensuse.security:tst:2009066657" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.1"/> 24160 <criterion test_ref="oval:org.opensuse.security:tst:2009066658" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.1"/> 24161 <criterion test_ref="oval:org.opensuse.security:tst:2009066659" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.1"/> 24162 <criterion test_ref="oval:org.opensuse.security:tst:2009066660" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.1"/> 24163 <criterion test_ref="oval:org.opensuse.security:tst:2009066661" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.1"/> 24164 <criterion test_ref="oval:org.opensuse.security:tst:2009066662" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.1"/> 24165 <criterion test_ref="oval:org.opensuse.security:tst:2009066663" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.1"/> 24166 <criterion test_ref="oval:org.opensuse.security:tst:2009066664" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.1"/> 24167 <criterion test_ref="oval:org.opensuse.security:tst:2009066665" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.1"/> 24168 </criteria> 24169 </criteria> 24170 </criteria> 24171 </definition> 24172 <definition id="oval:org.opensuse.security:def:20104474" version="1" class="vulnerability"> 24173 <metadata> 24174 <title>CVE-2010-4474</title> 24175 <affected family="unix"> 24176 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24177 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24178 </affected> 24179 <reference ref_id="CVE-2010-4474" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4474" source="CVE"/> 24180 <description> 24181 Unspecified vulnerability in the Java DB component in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows local users to affect confidentiality via unknown vectors related to Security, a similar vulnerability to CVE-2009-4269. 24182 </description> 24183 </metadata> 24184 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 24185 <criteria operator="AND"> 24186 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24187 <criteria operator="OR"> 24188 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 24189 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 24190 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 24191 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 24192 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 24193 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 24194 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 24195 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 24196 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 24197 </criteria> 24198 </criteria> 24199 </definition> 24200 <definition id="oval:org.opensuse.security:def:20104475" version="1" class="vulnerability"> 24201 <metadata> 24202 <title>CVE-2010-4475</title> 24203 <affected family="unix"> 24204 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24205 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24206 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 24207 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 24208 </affected> 24209 <reference ref_id="CVE-2010-4475" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4475" source="CVE"/> 24210 <description> 24211 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Deployment. 24212 </description> 24213 </metadata> 24214 <criteria operator="OR"> 24215 <!-- 5cdbae1443b7790944a7d5df3a40ab00 --> 24216 <criteria operator="AND"> 24217 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 24218 <criteria operator="OR"> 24219 <criterion test_ref="oval:org.opensuse.security:tst:2009067770" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.18"/> 24220 <criterion test_ref="oval:org.opensuse.security:tst:2009067771" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.18"/> 24221 <criterion test_ref="oval:org.opensuse.security:tst:2009067772" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.18"/> 24222 <criterion test_ref="oval:org.opensuse.security:tst:2009067773" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.18"/> 24223 <criterion test_ref="oval:org.opensuse.security:tst:2009067774" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.18"/> 24224 <criterion test_ref="oval:org.opensuse.security:tst:2009067775" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.18"/> 24225 <criterion test_ref="oval:org.opensuse.security:tst:2009067776" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.18"/> 24226 <criterion test_ref="oval:org.opensuse.security:tst:2009067777" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.18"/> 24227 <criterion test_ref="oval:org.opensuse.security:tst:2009067778" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.18"/> 24228 <criterion test_ref="oval:org.opensuse.security:tst:2009067779" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.18"/> 24229 <criterion test_ref="oval:org.opensuse.security:tst:2009067780" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.18"/> 24230 </criteria> 24231 </criteria> 24232 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 24233 <criteria operator="AND"> 24234 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24235 <criteria operator="OR"> 24236 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 24237 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 24238 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 24239 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 24240 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 24241 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 24242 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 24243 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 24244 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 24245 </criteria> 24246 </criteria> 24247 <!-- d25bbf65a6a2b3926117126bf2da1942 --> 24248 <criteria operator="AND"> 24249 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24250 <criteria operator="OR"> 24251 <criterion test_ref="oval:org.opensuse.security:tst:2009066655" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.1"/> 24252 <criterion test_ref="oval:org.opensuse.security:tst:2009066656" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.1"/> 24253 <criterion test_ref="oval:org.opensuse.security:tst:2009066657" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.1"/> 24254 <criterion test_ref="oval:org.opensuse.security:tst:2009066658" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.1"/> 24255 <criterion test_ref="oval:org.opensuse.security:tst:2009066659" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.1"/> 24256 <criterion test_ref="oval:org.opensuse.security:tst:2009066660" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.1"/> 24257 <criterion test_ref="oval:org.opensuse.security:tst:2009066661" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.1"/> 24258 <criterion test_ref="oval:org.opensuse.security:tst:2009066662" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.1"/> 24259 <criterion test_ref="oval:org.opensuse.security:tst:2009066663" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.1"/> 24260 <criterion test_ref="oval:org.opensuse.security:tst:2009066664" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.1"/> 24261 <criterion test_ref="oval:org.opensuse.security:tst:2009066665" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.1"/> 24262 </criteria> 24263 </criteria> 24264 </criteria> 24265 </definition> 24266 <definition id="oval:org.opensuse.security:def:20104476" version="1" class="vulnerability"> 24267 <metadata> 24268 <title>CVE-2010-4476</title> 24269 <affected family="unix"> 24270 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24271 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24272 </affected> 24273 <reference ref_id="CVE-2010-4476" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476" source="CVE"/> 24274 <description> 24275 The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308. 24276 </description> 24277 </metadata> 24278 <criteria operator="OR"> 24279 <!-- 8e9755f37706d7c7daa876e587e1bc55 --> 24280 <criteria operator="AND"> 24281 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24282 <criteria operator="OR"> 24283 <criterion test_ref="oval:org.opensuse.security:tst:2009065840" comment="java-1_6_0-sun-32bit less than 1.6.0.u24-0.5.1"/> 24284 <criterion test_ref="oval:org.opensuse.security:tst:2009065841" comment="java-1_6_0-sun-alsa less than 1.6.0.u24-0.5.1"/> 24285 <criterion test_ref="oval:org.opensuse.security:tst:2009065842" comment="java-1_6_0-sun-demo less than 1.6.0.u24-0.5.1"/> 24286 <criterion test_ref="oval:org.opensuse.security:tst:2009065843" comment="java-1_6_0-sun-devel less than 1.6.0.u24-0.5.1"/> 24287 <criterion test_ref="oval:org.opensuse.security:tst:2009065844" comment="java-1_6_0-sun-jdbc less than 1.6.0.u24-0.5.1"/> 24288 <criterion test_ref="oval:org.opensuse.security:tst:2009065845" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u24-0.5.1"/> 24289 <criterion test_ref="oval:org.opensuse.security:tst:2009065846" comment="java-1_6_0-sun-plugin less than 1.6.0.u24-0.5.1"/> 24290 <criterion test_ref="oval:org.opensuse.security:tst:2009065847" comment="java-1_6_0-sun-src less than 1.6.0.u24-0.5.1"/> 24291 <criterion test_ref="oval:org.opensuse.security:tst:2009065848" comment="java-1_6_0-sun less than 1.6.0.u24-0.5.1"/> 24292 </criteria> 24293 </criteria> 24294 <!-- ac2e446384cdeb74511d6cd5eb10eb59 --> 24295 <criteria operator="AND"> 24296 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24297 <criteria operator="OR"> 24298 <criterion test_ref="oval:org.opensuse.security:tst:2009066377" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.3-0.7.1"/> 24299 <criterion test_ref="oval:org.opensuse.security:tst:2009066378" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.3-0.7.1"/> 24300 <criterion test_ref="oval:org.opensuse.security:tst:2009066379" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.3-0.7.1"/> 24301 <criterion test_ref="oval:org.opensuse.security:tst:2009066380" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.3-0.7.1"/> 24302 <criterion test_ref="oval:org.opensuse.security:tst:2009066381" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.3-0.7.1"/> 24303 <criterion test_ref="oval:org.opensuse.security:tst:2009066382" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.3-0.7.1"/> 24304 <criterion test_ref="oval:org.opensuse.security:tst:2009066383" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.3-0.7.1"/> 24305 <criterion test_ref="oval:org.opensuse.security:tst:2009066384" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.3-0.7.1"/> 24306 <criterion test_ref="oval:org.opensuse.security:tst:2009066385" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.3-0.7.1"/> 24307 <criterion test_ref="oval:org.opensuse.security:tst:2009066386" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.3-0.7.1"/> 24308 <criterion test_ref="oval:org.opensuse.security:tst:2009066387" comment="java-1_5_0-ibm less than 1.5.0_sr12.3-0.7.1"/> 24309 </criteria> 24310 </criteria> 24311 </criteria> 24312 </definition> 24313 <definition id="oval:org.opensuse.security:def:20104526" version="1" class="vulnerability"> 24314 <metadata> 24315 <title>CVE-2010-4526</title> 24316 <affected family="unix"> 24317 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24318 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24319 </affected> 24320 <reference ref_id="CVE-2010-4526" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4526" source="CVE"/> 24321 <description> 24322 Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function. 24323 </description> 24324 </metadata> 24325 <criteria operator="OR"> 24326 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 24327 <criteria operator="AND"> 24328 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24329 <criteria operator="OR"> 24330 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 24331 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 24332 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 24333 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 24334 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 24335 </criteria> 24336 </criteria> 24337 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 24338 <criteria operator="AND"> 24339 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24340 <criteria operator="OR"> 24341 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 24342 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 24343 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 24344 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 24345 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 24346 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 24347 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 24348 </criteria> 24349 </criteria> 24350 </criteria> 24351 </definition> 24352 <definition id="oval:org.opensuse.security:def:20104527" version="1" class="vulnerability"> 24353 <metadata> 24354 <title>CVE-2010-4527</title> 24355 <affected family="unix"> 24356 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24357 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24358 </affected> 24359 <reference ref_id="CVE-2010-4527" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4527" source="CVE"/> 24360 <description> 24361 The load_mixer_volumes function in sound/oss/soundcard.c in the OSS sound subsystem in the Linux kernel before 2.6.37 incorrectly expects that a certain name field ends with a '\0' character, which allows local users to conduct buffer overflow attacks and gain privileges, or possibly obtain sensitive information from kernel memory, via a SOUND_MIXER_SETLEVELS ioctl call. 24362 </description> 24363 </metadata> 24364 <criteria operator="OR"> 24365 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 24366 <criteria operator="AND"> 24367 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24368 <criteria operator="OR"> 24369 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 24370 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 24371 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 24372 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 24373 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 24374 </criteria> 24375 </criteria> 24376 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 24377 <criteria operator="AND"> 24378 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24379 <criteria operator="OR"> 24380 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 24381 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 24382 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 24383 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 24384 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 24385 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 24386 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 24387 </criteria> 24388 </criteria> 24389 </criteria> 24390 </definition> 24391 <definition id="oval:org.opensuse.security:def:20104529" version="1" class="vulnerability"> 24392 <metadata> 24393 <title>CVE-2010-4529</title> 24394 <affected family="unix"> 24395 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24396 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24397 </affected> 24398 <reference ref_id="CVE-2010-4529" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4529" source="CVE"/> 24399 <description> 24400 Integer underflow in the irda_getsockopt function in net/irda/af_irda.c in the Linux kernel before 2.6.37 on platforms other than x86 allows local users to obtain potentially sensitive information from kernel heap memory via an IRLMP_ENUMDEVICES getsockopt call. 24401 </description> 24402 </metadata> 24403 <criteria operator="OR"> 24404 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 24405 <criteria operator="AND"> 24406 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24407 <criteria operator="OR"> 24408 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 24409 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 24410 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 24411 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 24412 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 24413 </criteria> 24414 </criteria> 24415 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 24416 <criteria operator="AND"> 24417 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24418 <criteria operator="OR"> 24419 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 24420 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 24421 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 24422 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 24423 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 24424 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 24425 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 24426 </criteria> 24427 </criteria> 24428 </criteria> 24429 </definition> 24430 <definition id="oval:org.opensuse.security:def:20104530" version="1" class="vulnerability"> 24431 <metadata> 24432 <title>CVE-2010-4530</title> 24433 <affected family="unix"> 24434 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24435 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24436 </affected> 24437 <reference ref_id="CVE-2010-4530" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4530" source="CVE"/> 24438 <description> 24439 Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negative value to be used in a memcpy operation, which triggers a buffer overflow. NOTE: some sources refer to this issue as an integer overflow. 24440 </description> 24441 </metadata> 24442 <!-- c499a38a32197f61e21a5e8675b87308 --> 24443 <criteria operator="AND"> 24444 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24445 <criteria operator="OR"> 24446 <criterion test_ref="oval:org.opensuse.security:tst:2009065699" comment="pcsc-lite-devel less than 1.2.9_beta9-17.19.1"/> 24447 <criterion test_ref="oval:org.opensuse.security:tst:2009065700" comment="pcsc-lite less than 1.2.9_beta9-17.19.1"/> 24448 </criteria> 24449 </criteria> 24450 </definition> 24451 <definition id="oval:org.opensuse.security:def:20104531" version="1" class="vulnerability"> 24452 <metadata> 24453 <title>CVE-2010-4531</title> 24454 <affected family="unix"> 24455 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24456 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24457 </affected> 24458 <reference ref_id="CVE-2010-4531" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4531" source="CVE"/> 24459 <description> 24460 Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service (crash) and possibly execute arbitrary code via a smart card with an ATR message containing a long attribute value. 24461 </description> 24462 </metadata> 24463 <!-- c499a38a32197f61e21a5e8675b87308 --> 24464 <criteria operator="AND"> 24465 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24466 <criteria operator="OR"> 24467 <criterion test_ref="oval:org.opensuse.security:tst:2009065699" comment="pcsc-lite-devel less than 1.2.9_beta9-17.19.1"/> 24468 <criterion test_ref="oval:org.opensuse.security:tst:2009065700" comment="pcsc-lite less than 1.2.9_beta9-17.19.1"/> 24469 </criteria> 24470 </criteria> 24471 </definition> 24472 <definition id="oval:org.opensuse.security:def:20104538" version="1" class="vulnerability"> 24473 <metadata> 24474 <title>CVE-2010-4538</title> 24475 <affected family="unix"> 24476 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24477 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24478 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 24479 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 24480 </affected> 24481 <reference ref_id="CVE-2010-4538" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4538" source="CVE"/> 24482 <description> 24483 Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression. 24484 </description> 24485 </metadata> 24486 <criteria operator="OR"> 24487 <!-- 6f945ca7e512591223a153602859503d --> 24488 <criteria operator="AND"> 24489 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24490 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 24491 </criteria> 24492 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 24493 <criteria operator="AND"> 24494 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 24495 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 24496 </criteria> 24497 </criteria> 24498 </definition> 24499 <definition id="oval:org.opensuse.security:def:20104539" version="1" class="vulnerability"> 24500 <metadata> 24501 <title>CVE-2010-4539</title> 24502 <affected family="unix"> 24503 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24504 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24505 </affected> 24506 <reference ref_id="CVE-2010-4539" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4539" source="CVE"/> 24507 <description> 24508 The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections. 24509 </description> 24510 </metadata> 24511 <!-- 78744d5d0617a4128e10cb2ec6385755 --> 24512 <criteria operator="AND"> 24513 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24514 <criteria operator="OR"> 24515 <criterion test_ref="oval:org.opensuse.security:tst:2009065889" comment="subversion-devel less than 1.3.1-1.16.1"/> 24516 <criterion test_ref="oval:org.opensuse.security:tst:2009065890" comment="subversion less than 1.3.1-1.16.1"/> 24517 </criteria> 24518 </criteria> 24519 </definition> 24520 <definition id="oval:org.opensuse.security:def:20104540" version="1" class="vulnerability"> 24521 <metadata> 24522 <title>CVE-2010-4540</title> 24523 <affected family="unix"> 24524 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24525 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24526 </affected> 24527 <reference ref_id="CVE-2010-4540" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4540" source="CVE"/> 24528 <description> 24529 Stack-based buffer overflow in the load_preset_response function in plug-ins/lighting/lighting-ui.c in the "LIGHTING EFFECTS > LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Position field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. NOTE: some of these details are obtained from third party information. 24530 </description> 24531 </metadata> 24532 <!-- a5549dac4cabcae467e69f8fa1654a7d --> 24533 <criteria operator="AND"> 24534 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24535 <criteria operator="OR"> 24536 <criterion test_ref="oval:org.opensuse.security:tst:2009066550" comment="gimp-devel less than 2.2.10-22.35.34.1"/> 24537 <criterion test_ref="oval:org.opensuse.security:tst:2009066551" comment="gimp less than 2.2.10-22.35.34.1"/> 24538 </criteria> 24539 </criteria> 24540 </definition> 24541 <definition id="oval:org.opensuse.security:def:20104541" version="1" class="vulnerability"> 24542 <metadata> 24543 <title>CVE-2010-4541</title> 24544 <affected family="unix"> 24545 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24546 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24547 </affected> 24548 <reference ref_id="CVE-2010-4541" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4541" source="CVE"/> 24549 <description> 24550 Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long "Number of lights" field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. 24551 </description> 24552 </metadata> 24553 <!-- a5549dac4cabcae467e69f8fa1654a7d --> 24554 <criteria operator="AND"> 24555 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24556 <criteria operator="OR"> 24557 <criterion test_ref="oval:org.opensuse.security:tst:2009066550" comment="gimp-devel less than 2.2.10-22.35.34.1"/> 24558 <criterion test_ref="oval:org.opensuse.security:tst:2009066551" comment="gimp less than 2.2.10-22.35.34.1"/> 24559 </criteria> 24560 </criteria> 24561 </definition> 24562 <definition id="oval:org.opensuse.security:def:20104542" version="1" class="vulnerability"> 24563 <metadata> 24564 <title>CVE-2010-4542</title> 24565 <affected family="unix"> 24566 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24567 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24568 </affected> 24569 <reference ref_id="CVE-2010-4542" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4542" source="CVE"/> 24570 <description> 24571 Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb function in plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Foreground field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. NOTE: some of these details are obtained from third party information. 24572 </description> 24573 </metadata> 24574 <!-- a5549dac4cabcae467e69f8fa1654a7d --> 24575 <criteria operator="AND"> 24576 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24577 <criteria operator="OR"> 24578 <criterion test_ref="oval:org.opensuse.security:tst:2009066550" comment="gimp-devel less than 2.2.10-22.35.34.1"/> 24579 <criterion test_ref="oval:org.opensuse.security:tst:2009066551" comment="gimp less than 2.2.10-22.35.34.1"/> 24580 </criteria> 24581 </criteria> 24582 </definition> 24583 <definition id="oval:org.opensuse.security:def:20104543" version="1" class="vulnerability"> 24584 <metadata> 24585 <title>CVE-2010-4543</title> 24586 <affected family="unix"> 24587 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24588 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24589 </affected> 24590 <reference ref_id="CVE-2010-4543" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4543" source="CVE"/> 24591 <description> 24592 Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PSP) plugin in GIMP 2.6.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a PSP_COMP_RLE (aka RLE compression) image file that begins a long run count at the end of the image. NOTE: some of these details are obtained from third party information. 24593 </description> 24594 </metadata> 24595 <!-- a5549dac4cabcae467e69f8fa1654a7d --> 24596 <criteria operator="AND"> 24597 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24598 <criteria operator="OR"> 24599 <criterion test_ref="oval:org.opensuse.security:tst:2009066550" comment="gimp-devel less than 2.2.10-22.35.34.1"/> 24600 <criterion test_ref="oval:org.opensuse.security:tst:2009066551" comment="gimp less than 2.2.10-22.35.34.1"/> 24601 </criteria> 24602 </criteria> 24603 </definition> 24604 <definition id="oval:org.opensuse.security:def:20104643" version="1" class="vulnerability"> 24605 <metadata> 24606 <title>CVE-2010-4643</title> 24607 <affected family="unix"> 24608 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24609 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24610 </affected> 24611 <reference ref_id="CVE-2010-4643" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4643" source="CVE"/> 24612 <description> 24613 Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file in an ODF or Microsoft Office document. 24614 </description> 24615 </metadata> 24616 <!-- 620ba2655e733f37c547ce340f0bdce6 --> 24617 <criteria operator="AND"> 24618 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24619 <criteria operator="OR"> 24620 <criterion test_ref="oval:org.opensuse.security:tst:2009070746" comment="boost-32bit less than 1.33.1-17.13.2.1"/> 24621 <criterion test_ref="oval:org.opensuse.security:tst:2009070747" comment="boost less than 1.33.1-17.13.2.1"/> 24622 <criterion test_ref="oval:org.opensuse.security:tst:2009070748" comment="libreoffice-af less than 3.3.1.2-1.6.2.2"/> 24623 <criterion test_ref="oval:org.opensuse.security:tst:2009070749" comment="libreoffice-ar less than 3.3.1.2-1.6.2.2"/> 24624 <criterion test_ref="oval:org.opensuse.security:tst:2009070750" comment="libreoffice-ca less than 3.3.1.2-1.6.2.2"/> 24625 <criterion test_ref="oval:org.opensuse.security:tst:2009070751" comment="libreoffice-cs less than 3.3.1.2-1.6.2.2"/> 24626 <criterion test_ref="oval:org.opensuse.security:tst:2009070752" comment="libreoffice-da less than 3.3.1.2-1.6.2.2"/> 24627 <criterion test_ref="oval:org.opensuse.security:tst:2009070753" comment="libreoffice-de-templates less than 8.2.1-0.5.1"/> 24628 <criterion test_ref="oval:org.opensuse.security:tst:2009070754" comment="libreoffice-de less than 3.3.1.2-1.6.2.2"/> 24629 <criterion test_ref="oval:org.opensuse.security:tst:2009070755" comment="libreoffice-el less than 3.3.1.2-1.6.2.2"/> 24630 <criterion test_ref="oval:org.opensuse.security:tst:2009070756" comment="libreoffice-en-GB less than 3.3.1.2-1.6.2.2"/> 24631 <criterion test_ref="oval:org.opensuse.security:tst:2009070757" comment="libreoffice-es less than 3.3.1.2-1.6.2.2"/> 24632 <criterion test_ref="oval:org.opensuse.security:tst:2009070758" comment="libreoffice-fi less than 3.3.1.2-1.6.2.2"/> 24633 <criterion test_ref="oval:org.opensuse.security:tst:2009070759" comment="libreoffice-fr less than 3.3.1.2-1.6.2.2"/> 24634 <criterion test_ref="oval:org.opensuse.security:tst:2009070760" comment="libreoffice-galleries less than 3.3.1.2-1.6.2.2"/> 24635 <criterion test_ref="oval:org.opensuse.security:tst:2009070761" comment="libreoffice-gnome less than 3.3.1.2-1.6.2.2"/> 24636 <criterion test_ref="oval:org.opensuse.security:tst:2009070762" comment="libreoffice-gu-IN less than 3.3.1.2-1.6.2.2"/> 24637 <criterion test_ref="oval:org.opensuse.security:tst:2009070763" comment="libreoffice-hi-IN less than 3.3.1.2-1.6.2.2"/> 24638 <criterion test_ref="oval:org.opensuse.security:tst:2009070764" comment="libreoffice-hu less than 3.3.1.2-1.6.2.2"/> 24639 <criterion test_ref="oval:org.opensuse.security:tst:2009070765" comment="libreoffice-it less than 3.3.1.2-1.6.2.2"/> 24640 <criterion test_ref="oval:org.opensuse.security:tst:2009070766" comment="libreoffice-ja less than 3.3.1.2-1.6.2.2"/> 24641 <criterion test_ref="oval:org.opensuse.security:tst:2009070767" comment="libreoffice-kde less than 3.3.1.2-1.6.2.2"/> 24642 <criterion test_ref="oval:org.opensuse.security:tst:2009070768" comment="libreoffice-ko less than 3.3.1.2-1.6.2.2"/> 24643 <criterion test_ref="oval:org.opensuse.security:tst:2009070769" comment="libreoffice-mono less than 3.3.1.2-1.6.2.2"/> 24644 <criterion test_ref="oval:org.opensuse.security:tst:2009070770" comment="libreoffice-nb less than 3.3.1.2-1.6.2.2"/> 24645 <criterion test_ref="oval:org.opensuse.security:tst:2009070771" comment="libreoffice-nl less than 3.3.1.2-1.6.2.2"/> 24646 <criterion test_ref="oval:org.opensuse.security:tst:2009070772" comment="libreoffice-nn less than 3.3.1.2-1.6.2.2"/> 24647 <criterion test_ref="oval:org.opensuse.security:tst:2009070773" comment="libreoffice-pl less than 3.3.1.2-1.6.2.2"/> 24648 <criterion test_ref="oval:org.opensuse.security:tst:2009070774" comment="libreoffice-pt-BR less than 3.3.1.2-1.6.2.2"/> 24649 <criterion test_ref="oval:org.opensuse.security:tst:2009070775" comment="libreoffice-ru less than 3.3.1.2-1.6.2.2"/> 24650 <criterion test_ref="oval:org.opensuse.security:tst:2009070776" comment="libreoffice-sk less than 3.3.1.2-1.6.2.2"/> 24651 <criterion test_ref="oval:org.opensuse.security:tst:2009070777" comment="libreoffice-sv less than 3.3.1.2-1.6.2.2"/> 24652 <criterion test_ref="oval:org.opensuse.security:tst:2009070778" comment="libreoffice-xh less than 3.3.1.2-1.6.2.2"/> 24653 <criterion test_ref="oval:org.opensuse.security:tst:2009070779" comment="libreoffice-zh-CN less than 3.3.1.2-1.6.2.2"/> 24654 <criterion test_ref="oval:org.opensuse.security:tst:2009070780" comment="libreoffice-zh-TW less than 3.3.1.2-1.6.2.2"/> 24655 <criterion test_ref="oval:org.opensuse.security:tst:2009070781" comment="libreoffice-zu less than 3.3.1.2-1.6.2.2"/> 24656 <criterion test_ref="oval:org.opensuse.security:tst:2009070782" comment="libreoffice less than 3.3.1.2-1.6.2.2"/> 24657 <criterion test_ref="oval:org.opensuse.security:tst:2009070783" comment="myspell-african less than 20040727-33.3.1"/> 24658 <criterion test_ref="oval:org.opensuse.security:tst:2009070784" comment="myspell-american less than 20040623-33.3.1"/> 24659 <criterion test_ref="oval:org.opensuse.security:tst:2009070785" comment="myspell-brazilian less than 20020806-33.3.1"/> 24660 <criterion test_ref="oval:org.opensuse.security:tst:2009070786" comment="myspell-british less than 20050526-27.3.1"/> 24661 <criterion test_ref="oval:org.opensuse.security:tst:2009070787" comment="myspell-catalan less than 0.1-248.3.1"/> 24662 <criterion test_ref="oval:org.opensuse.security:tst:2009070788" comment="myspell-czech less than 20030907-59.3.1"/> 24663 <criterion test_ref="oval:org.opensuse.security:tst:2009070789" comment="myspell-danish less than 20050421-27.3.1"/> 24664 <criterion test_ref="oval:org.opensuse.security:tst:2009070790" comment="myspell-dutch less than 20050719-22.14.3.1"/> 24665 <criterion test_ref="oval:org.opensuse.security:tst:2009070791" comment="myspell-french less than 1.0.1.1-26.14.3.1"/> 24666 <criterion test_ref="oval:org.opensuse.security:tst:2009070792" comment="myspell-german less than 20051213-19.14.3.1"/> 24667 <criterion test_ref="oval:org.opensuse.security:tst:2009070793" comment="myspell-greek less than 20041220-26.14.3.1"/> 24668 <criterion test_ref="oval:org.opensuse.security:tst:2009070794" comment="myspell-gujarati less than 20060929-20.12.3.1"/> 24669 <criterion test_ref="oval:org.opensuse.security:tst:2009070795" comment="myspell-hindi less than 0.1-20.12.3.1"/> 24670 <criterion test_ref="oval:org.opensuse.security:tst:2009070796" comment="myspell-italian less than 20050711-22.14.3.1"/> 24671 <criterion test_ref="oval:org.opensuse.security:tst:2009070797" comment="myspell-lithuanian less than 20031231-26.14.3.1"/> 24672 <criterion test_ref="oval:org.opensuse.security:tst:2009070798" comment="myspell-marathi less than 0.1-20.12.3.1"/> 24673 <criterion test_ref="oval:org.opensuse.security:tst:2009070799" comment="myspell-norsk-bokmaal less than 20050308-22.14.3.1"/> 24674 <criterion test_ref="oval:org.opensuse.security:tst:2009070800" comment="myspell-norsk-nynorsk less than 20041208-26.14.3.1"/> 24675 <criterion test_ref="oval:org.opensuse.security:tst:2009070801" comment="myspell-polish less than 20051016-20.14.3.1"/> 24676 <criterion test_ref="oval:org.opensuse.security:tst:2009070802" comment="myspell-portuguese less than 20020629-243.14.3.1"/> 24677 <criterion test_ref="oval:org.opensuse.security:tst:2009070803" comment="myspell-russian less than 20040406-28.14.3.1"/> 24678 <criterion test_ref="oval:org.opensuse.security:tst:2009070804" comment="myspell-slovak less than 20050901-20.14.3.1"/> 24679 <criterion test_ref="oval:org.opensuse.security:tst:2009070805" comment="myspell-slovene less than 20030907-54.14.3.1"/> 24680 <criterion test_ref="oval:org.opensuse.security:tst:2009070806" comment="myspell-spanish less than 20051029-20.14.3.1"/> 24681 <criterion test_ref="oval:org.opensuse.security:tst:2009070807" comment="myspell-swedish less than 20061207-1.12.3.1"/> 24682 <criterion test_ref="oval:org.opensuse.security:tst:2009070808" comment="myspell-xhosa less than 20060123-20.12.3.1"/> 24683 <criterion test_ref="oval:org.opensuse.security:tst:2009070809" comment="myspell-zulu less than 0.2-26.14.3.1"/> 24684 </criteria> 24685 </criteria> 24686 </definition> 24687 <definition id="oval:org.opensuse.security:def:20104644" version="1" class="vulnerability"> 24688 <metadata> 24689 <title>CVE-2010-4644</title> 24690 <affected family="unix"> 24691 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24692 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24693 </affected> 24694 <reference ref_id="CVE-2010-4644" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4644" source="CVE"/> 24695 <description> 24696 Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command. 24697 </description> 24698 </metadata> 24699 <!-- 78744d5d0617a4128e10cb2ec6385755 --> 24700 <criteria operator="AND"> 24701 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24702 <criteria operator="OR"> 24703 <criterion test_ref="oval:org.opensuse.security:tst:2009065889" comment="subversion-devel less than 1.3.1-1.16.1"/> 24704 <criterion test_ref="oval:org.opensuse.security:tst:2009065890" comment="subversion less than 1.3.1-1.16.1"/> 24705 </criteria> 24706 </criteria> 24707 </definition> 24708 <definition id="oval:org.opensuse.security:def:20104649" version="1" class="vulnerability"> 24709 <metadata> 24710 <title>CVE-2010-4649</title> 24711 <affected family="unix"> 24712 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 24713 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 24714 </affected> 24715 <reference ref_id="CVE-2010-4649" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4649" source="CVE"/> 24716 <description> 24717 Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large value of a certain structure member. 24718 </description> 24719 </metadata> 24720 <criteria operator="OR"> 24721 <!-- 9dc087603b172b449aa9a07b548bf3cf --> 24722 <criteria operator="AND"> 24723 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 24724 <criteria operator="OR"> 24725 <criterion test_ref="oval:org.opensuse.security:tst:2009075850" comment="kernel-bigsmp less than 2.6.16.60-0.99.1"/> 24726 <criterion test_ref="oval:org.opensuse.security:tst:2009075851" comment="kernel-default less than 2.6.16.60-0.99.1"/> 24727 <criterion test_ref="oval:org.opensuse.security:tst:2009075852" comment="kernel-smp less than 2.6.16.60-0.99.1"/> 24728 <criterion test_ref="oval:org.opensuse.security:tst:2009075853" comment="kernel-source less than 2.6.16.60-0.99.1"/> 24729 <criterion test_ref="oval:org.opensuse.security:tst:2009075854" comment="kernel-syms less than 2.6.16.60-0.99.1"/> 24730 <criterion test_ref="oval:org.opensuse.security:tst:2009075855" comment="kernel-xen less than 2.6.16.60-0.99.1"/> 24731 <criterion test_ref="oval:org.opensuse.security:tst:2009075856" comment="kernel-xenpae less than 2.6.16.60-0.99.1"/> 24732 </criteria> 24733 </criteria> 24734 <!-- c77cfcc87d8e54df006cb42c12c2fadb --> 24735 <criteria operator="AND"> 24736 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 24737 <criteria operator="OR"> 24738 <criterion test_ref="oval:org.opensuse.security:tst:2009075851" comment="kernel-default less than 2.6.16.60-0.99.1"/> 24739 <criterion test_ref="oval:org.opensuse.security:tst:2009075852" comment="kernel-smp less than 2.6.16.60-0.99.1"/> 24740 <criterion test_ref="oval:org.opensuse.security:tst:2009075853" comment="kernel-source less than 2.6.16.60-0.99.1"/> 24741 <criterion test_ref="oval:org.opensuse.security:tst:2009075854" comment="kernel-syms less than 2.6.16.60-0.99.1"/> 24742 <criterion test_ref="oval:org.opensuse.security:tst:2009075855" comment="kernel-xen less than 2.6.16.60-0.99.1"/> 24743 </criteria> 24744 </criteria> 24745 </criteria> 24746 </definition> 24747 <definition id="oval:org.opensuse.security:def:20104655" version="1" class="vulnerability"> 24748 <metadata> 24749 <title>CVE-2010-4655</title> 24750 <affected family="unix"> 24751 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24752 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24753 </affected> 24754 <reference ref_id="CVE-2010-4655" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4655" source="CVE"/> 24755 <description> 24756 net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability for an ethtool ioctl call. 24757 </description> 24758 </metadata> 24759 <criteria operator="OR"> 24760 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 24761 <criteria operator="AND"> 24762 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24763 <criteria operator="OR"> 24764 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 24765 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 24766 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 24767 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 24768 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 24769 </criteria> 24770 </criteria> 24771 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 24772 <criteria operator="AND"> 24773 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24774 <criteria operator="OR"> 24775 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 24776 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 24777 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 24778 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 24779 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 24780 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 24781 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 24782 </criteria> 24783 </criteria> 24784 </criteria> 24785 </definition> 24786 <definition id="oval:org.opensuse.security:def:20104665" version="1" class="vulnerability"> 24787 <metadata> 24788 <title>CVE-2010-4665</title> 24789 <affected family="unix"> 24790 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 24791 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 24792 </affected> 24793 <reference ref_id="CVE-2010-4665" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4665" source="CVE"/> 24794 <description> 24795 Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with many directory entries. 24796 </description> 24797 </metadata> 24798 <!-- 5f984c45fd590a060e94e0d63e5e2fae --> 24799 <criteria operator="AND"> 24800 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 24801 <criteria operator="OR"> 24802 <criterion test_ref="oval:org.opensuse.security:tst:2009068148" comment="libtiff-32bit less than 3.8.2-5.24.1"/> 24803 <criterion test_ref="oval:org.opensuse.security:tst:2009068152" comment="libtiff-devel less than 3.8.2-5.24.1"/> 24804 <criterion test_ref="oval:org.opensuse.security:tst:2009068154" comment="libtiff less than 3.8.2-5.24.1"/> 24805 </criteria> 24806 </criteria> 24807 </definition> 24808 <definition id="oval:org.opensuse.security:def:20104668" version="1" class="vulnerability"> 24809 <metadata> 24810 <title>CVE-2010-4668</title> 24811 <affected family="unix"> 24812 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24813 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24814 </affected> 24815 <reference ref_id="CVE-2010-4668" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4668" source="CVE"/> 24816 <description> 24817 The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.37-rc7 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device, related to an unaligned map. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4163. 24818 </description> 24819 </metadata> 24820 <criteria operator="OR"> 24821 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 24822 <criteria operator="AND"> 24823 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24824 <criteria operator="OR"> 24825 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 24826 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 24827 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 24828 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 24829 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 24830 </criteria> 24831 </criteria> 24832 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 24833 <criteria operator="AND"> 24834 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24835 <criteria operator="OR"> 24836 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 24837 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 24838 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 24839 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 24840 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 24841 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 24842 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 24843 </criteria> 24844 </criteria> 24845 </criteria> 24846 </definition> 24847 <definition id="oval:org.opensuse.security:def:20104818" version="1" class="vulnerability"> 24848 <metadata> 24849 <title>CVE-2010-4818</title> 24850 <affected family="unix"> 24851 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 24852 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 24853 </affected> 24854 <reference ref_id="CVE-2010-4818" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4818" source="CVE"/> 24855 <description> 24856 The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via (1) a crafted request that triggers a client swap in glx/glxcmdsswap.c; or (2) a crafted length or (3) a negative value in the screen field in a request to glx/glxcmds.c. 24857 </description> 24858 </metadata> 24859 <!-- 926559701859ebd386944eb1075ad07e --> 24860 <criteria operator="AND"> 24861 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 24862 <criteria operator="OR"> 24863 <criterion test_ref="oval:org.opensuse.security:tst:2009073080" comment="xorg-x11-Xnest less than 6.9.0-50.78.5"/> 24864 <criterion test_ref="oval:org.opensuse.security:tst:2009073081" comment="xorg-x11-Xvfb less than 6.9.0-50.78.5"/> 24865 <criterion test_ref="oval:org.opensuse.security:tst:2009073082" comment="xorg-x11-Xvnc less than 6.9.0-50.78.5"/> 24866 <criterion test_ref="oval:org.opensuse.security:tst:2009073083" comment="xorg-x11-devel-32bit less than 6.9.0-50.78.5"/> 24867 <criterion test_ref="oval:org.opensuse.security:tst:2009073084" comment="xorg-x11-devel less than 6.9.0-50.78.5"/> 24868 <criterion test_ref="oval:org.opensuse.security:tst:2009073085" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.78.5"/> 24869 <criterion test_ref="oval:org.opensuse.security:tst:2009073086" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.78.5"/> 24870 <criterion test_ref="oval:org.opensuse.security:tst:2009073087" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.78.5"/> 24871 <criterion test_ref="oval:org.opensuse.security:tst:2009073088" comment="xorg-x11-fonts-scalable less than 6.9.0-50.78.5"/> 24872 <criterion test_ref="oval:org.opensuse.security:tst:2009073089" comment="xorg-x11-fonts-syriac less than 6.9.0-50.78.5"/> 24873 <criterion test_ref="oval:org.opensuse.security:tst:2009073090" comment="xorg-x11-libs-32bit less than 6.9.0-50.78.5"/> 24874 <criterion test_ref="oval:org.opensuse.security:tst:2009073091" comment="xorg-x11-libs less than 6.9.0-50.78.5"/> 24875 <criterion test_ref="oval:org.opensuse.security:tst:2009073092" comment="xorg-x11-man less than 6.9.0-50.78.5"/> 24876 <criterion test_ref="oval:org.opensuse.security:tst:2009073093" comment="xorg-x11-server-glx less than 6.9.0-50.78.5"/> 24877 <criterion test_ref="oval:org.opensuse.security:tst:2009073094" comment="xorg-x11-server less than 6.9.0-50.78.5"/> 24878 <criterion test_ref="oval:org.opensuse.security:tst:2009073095" comment="xorg-x11 less than 6.9.0-50.78.5"/> 24879 </criteria> 24880 </criteria> 24881 </definition> 24882 <definition id="oval:org.opensuse.security:def:20104819" version="1" class="vulnerability"> 24883 <metadata> 24884 <title>CVE-2010-4819</title> 24885 <affected family="unix"> 24886 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 24887 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 24888 </affected> 24889 <reference ref_id="CVE-2010-4819" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4819" source="CVE"/> 24890 <description> 24891 The ProcRenderAddGlyphs function in the Render extension (render/render.c) in X.Org xserver 1.7.7 and earlier allows local users to read arbitrary memory and possibly cause a denial of service (server crash) via unspecified vectors related to an "input sanitization flaw." 24892 </description> 24893 </metadata> 24894 <!-- 926559701859ebd386944eb1075ad07e --> 24895 <criteria operator="AND"> 24896 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 24897 <criteria operator="OR"> 24898 <criterion test_ref="oval:org.opensuse.security:tst:2009073080" comment="xorg-x11-Xnest less than 6.9.0-50.78.5"/> 24899 <criterion test_ref="oval:org.opensuse.security:tst:2009073081" comment="xorg-x11-Xvfb less than 6.9.0-50.78.5"/> 24900 <criterion test_ref="oval:org.opensuse.security:tst:2009073082" comment="xorg-x11-Xvnc less than 6.9.0-50.78.5"/> 24901 <criterion test_ref="oval:org.opensuse.security:tst:2009073083" comment="xorg-x11-devel-32bit less than 6.9.0-50.78.5"/> 24902 <criterion test_ref="oval:org.opensuse.security:tst:2009073084" comment="xorg-x11-devel less than 6.9.0-50.78.5"/> 24903 <criterion test_ref="oval:org.opensuse.security:tst:2009073085" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.78.5"/> 24904 <criterion test_ref="oval:org.opensuse.security:tst:2009073086" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.78.5"/> 24905 <criterion test_ref="oval:org.opensuse.security:tst:2009073087" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.78.5"/> 24906 <criterion test_ref="oval:org.opensuse.security:tst:2009073088" comment="xorg-x11-fonts-scalable less than 6.9.0-50.78.5"/> 24907 <criterion test_ref="oval:org.opensuse.security:tst:2009073089" comment="xorg-x11-fonts-syriac less than 6.9.0-50.78.5"/> 24908 <criterion test_ref="oval:org.opensuse.security:tst:2009073090" comment="xorg-x11-libs-32bit less than 6.9.0-50.78.5"/> 24909 <criterion test_ref="oval:org.opensuse.security:tst:2009073091" comment="xorg-x11-libs less than 6.9.0-50.78.5"/> 24910 <criterion test_ref="oval:org.opensuse.security:tst:2009073092" comment="xorg-x11-man less than 6.9.0-50.78.5"/> 24911 <criterion test_ref="oval:org.opensuse.security:tst:2009073093" comment="xorg-x11-server-glx less than 6.9.0-50.78.5"/> 24912 <criterion test_ref="oval:org.opensuse.security:tst:2009073094" comment="xorg-x11-server less than 6.9.0-50.78.5"/> 24913 <criterion test_ref="oval:org.opensuse.security:tst:2009073095" comment="xorg-x11 less than 6.9.0-50.78.5"/> 24914 </criteria> 24915 </criteria> 24916 </definition> 24917 <definition id="oval:org.opensuse.security:def:20110020" version="1" class="vulnerability"> 24918 <metadata> 24919 <title>CVE-2011-0020</title> 24920 <affected family="unix"> 24921 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24922 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24923 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 24924 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 24925 </affected> 24926 <reference ref_id="CVE-2011-0020" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0020" source="CVE"/> 24927 <description> 24928 Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object. 24929 </description> 24930 </metadata> 24931 <criteria operator="OR"> 24932 <!-- 19b402e1327101e776e41e2f05acc81e --> 24933 <criteria operator="AND"> 24934 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24935 <criteria operator="OR"> 24936 <criterion test_ref="oval:org.opensuse.security:tst:2009068519" comment="firefox3-pango-32bit less than 1.14.5-0.12.1"/> 24937 <criterion test_ref="oval:org.opensuse.security:tst:2009068520" comment="firefox3-pango less than 1.14.5-0.12.1"/> 24938 </criteria> 24939 </criteria> 24940 <!-- 4e22ec364f226773949514c5cc614ec3 --> 24941 <criteria operator="AND"> 24942 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 24943 <criteria operator="OR"> 24944 <criterion test_ref="oval:org.opensuse.security:tst:2009068519" comment="firefox3-pango-32bit less than 1.14.5-0.12.1"/> 24945 <criterion test_ref="oval:org.opensuse.security:tst:2009068520" comment="firefox3-pango less than 1.14.5-0.12.1"/> 24946 </criteria> 24947 </criteria> 24948 </criteria> 24949 </definition> 24950 <definition id="oval:org.opensuse.security:def:20110051" version="1" class="vulnerability"> 24951 <metadata> 24952 <title>CVE-2011-0051</title> 24953 <affected family="unix"> 24954 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 24955 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 24956 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 24957 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 24958 </affected> 24959 <reference ref_id="CVE-2011-0051" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0051" source="CVE"/> 24960 <description> 24961 Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properly handle certain recursive eval calls, which makes it easier for remote attackers to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges. 24962 </description> 24963 </metadata> 24964 <criteria operator="OR"> 24965 <!-- 995cc8dae1f0571f2923cbf86e5c953f --> 24966 <criteria operator="AND"> 24967 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 24968 <criteria operator="OR"> 24969 <criterion test_ref="oval:org.opensuse.security:tst:2009067084" comment="MozillaFirefox less than 3.6.16-0.6.1"/> 24970 <criterion test_ref="oval:org.opensuse.security:tst:2009067085" comment="mozilla-xulrunner192-32bit less than 1.9.2.16-1.5.1"/> 24971 <criterion test_ref="oval:org.opensuse.security:tst:2009067086" comment="mozilla-xulrunner192 less than 1.9.2.16-1.5.1"/> 24972 </criteria> 24973 </criteria> 24974 <!-- cfadc4cf4463fa5757c18ebbf948c1f7 --> 24975 <criteria operator="AND"> 24976 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24977 <criteria operator="OR"> 24978 <criterion test_ref="oval:org.opensuse.security:tst:2009066217" comment="MozillaFirefox-translations less than 3.6.15-0.6.1"/> 24979 <criterion test_ref="oval:org.opensuse.security:tst:2009066218" comment="MozillaFirefox less than 3.6.15-0.6.1"/> 24980 <criterion test_ref="oval:org.opensuse.security:tst:2009066219" comment="mozilla-xulrunner192-32bit less than 1.9.2.15-0.5.1"/> 24981 <criterion test_ref="oval:org.opensuse.security:tst:2009066220" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.15-0.5.1"/> 24982 <criterion test_ref="oval:org.opensuse.security:tst:2009066221" comment="mozilla-xulrunner192-gnome less than 1.9.2.15-0.5.1"/> 24983 <criterion test_ref="oval:org.opensuse.security:tst:2009066222" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.15-0.5.1"/> 24984 <criterion test_ref="oval:org.opensuse.security:tst:2009066223" comment="mozilla-xulrunner192-translations less than 1.9.2.15-0.5.1"/> 24985 <criterion test_ref="oval:org.opensuse.security:tst:2009066224" comment="mozilla-xulrunner192 less than 1.9.2.15-0.5.1"/> 24986 </criteria> 24987 </criteria> 24988 <!-- dfc1c9be3c028f9bbbf92255dc104ab5 --> 24989 <criteria operator="AND"> 24990 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 24991 <criteria operator="OR"> 24992 <criterion test_ref="oval:org.opensuse.security:tst:2009066124" comment="mozilla-xulrunner191-32bit less than 1.9.1.17-0.5.1"/> 24993 <criterion test_ref="oval:org.opensuse.security:tst:2009066125" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.17-0.5.1"/> 24994 <criterion test_ref="oval:org.opensuse.security:tst:2009066126" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.17-0.5.1"/> 24995 <criterion test_ref="oval:org.opensuse.security:tst:2009066127" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.17-0.5.1"/> 24996 <criterion test_ref="oval:org.opensuse.security:tst:2009066128" comment="mozilla-xulrunner191-translations less than 1.9.1.17-0.5.1"/> 24997 <criterion test_ref="oval:org.opensuse.security:tst:2009066129" comment="mozilla-xulrunner191 less than 1.9.1.17-0.5.1"/> 24998 </criteria> 24999 </criteria> 25000 </criteria> 25001 </definition> 25002 <definition id="oval:org.opensuse.security:def:20110053" version="1" class="vulnerability"> 25003 <metadata> 25004 <title>CVE-2011-0053</title> 25005 <affected family="unix"> 25006 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 25007 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 25008 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25009 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25010 </affected> 25011 <reference ref_id="CVE-2011-0053" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0053" source="CVE"/> 25012 <description> 25013 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 25014 </description> 25015 </metadata> 25016 <criteria operator="OR"> 25017 <!-- 995cc8dae1f0571f2923cbf86e5c953f --> 25018 <criteria operator="AND"> 25019 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25020 <criteria operator="OR"> 25021 <criterion test_ref="oval:org.opensuse.security:tst:2009067084" comment="MozillaFirefox less than 3.6.16-0.6.1"/> 25022 <criterion test_ref="oval:org.opensuse.security:tst:2009067085" comment="mozilla-xulrunner192-32bit less than 1.9.2.16-1.5.1"/> 25023 <criterion test_ref="oval:org.opensuse.security:tst:2009067086" comment="mozilla-xulrunner192 less than 1.9.2.16-1.5.1"/> 25024 </criteria> 25025 </criteria> 25026 <!-- cfadc4cf4463fa5757c18ebbf948c1f7 --> 25027 <criteria operator="AND"> 25028 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 25029 <criteria operator="OR"> 25030 <criterion test_ref="oval:org.opensuse.security:tst:2009066217" comment="MozillaFirefox-translations less than 3.6.15-0.6.1"/> 25031 <criterion test_ref="oval:org.opensuse.security:tst:2009066218" comment="MozillaFirefox less than 3.6.15-0.6.1"/> 25032 <criterion test_ref="oval:org.opensuse.security:tst:2009066219" comment="mozilla-xulrunner192-32bit less than 1.9.2.15-0.5.1"/> 25033 <criterion test_ref="oval:org.opensuse.security:tst:2009066220" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.15-0.5.1"/> 25034 <criterion test_ref="oval:org.opensuse.security:tst:2009066221" comment="mozilla-xulrunner192-gnome less than 1.9.2.15-0.5.1"/> 25035 <criterion test_ref="oval:org.opensuse.security:tst:2009066222" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.15-0.5.1"/> 25036 <criterion test_ref="oval:org.opensuse.security:tst:2009066223" comment="mozilla-xulrunner192-translations less than 1.9.2.15-0.5.1"/> 25037 <criterion test_ref="oval:org.opensuse.security:tst:2009066224" comment="mozilla-xulrunner192 less than 1.9.2.15-0.5.1"/> 25038 </criteria> 25039 </criteria> 25040 <!-- dfc1c9be3c028f9bbbf92255dc104ab5 --> 25041 <criteria operator="AND"> 25042 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 25043 <criteria operator="OR"> 25044 <criterion test_ref="oval:org.opensuse.security:tst:2009066124" comment="mozilla-xulrunner191-32bit less than 1.9.1.17-0.5.1"/> 25045 <criterion test_ref="oval:org.opensuse.security:tst:2009066125" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.17-0.5.1"/> 25046 <criterion test_ref="oval:org.opensuse.security:tst:2009066126" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.17-0.5.1"/> 25047 <criterion test_ref="oval:org.opensuse.security:tst:2009066127" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.17-0.5.1"/> 25048 <criterion test_ref="oval:org.opensuse.security:tst:2009066128" comment="mozilla-xulrunner191-translations less than 1.9.1.17-0.5.1"/> 25049 <criterion test_ref="oval:org.opensuse.security:tst:2009066129" comment="mozilla-xulrunner191 less than 1.9.1.17-0.5.1"/> 25050 </criteria> 25051 </criteria> 25052 </criteria> 25053 </definition> 25054 <definition id="oval:org.opensuse.security:def:20110054" version="1" class="vulnerability"> 25055 <metadata> 25056 <title>CVE-2011-0054</title> 25057 <affected family="unix"> 25058 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 25059 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 25060 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25061 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25062 </affected> 25063 <reference ref_id="CVE-2011-0054" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0054" source="CVE"/> 25064 <description> 25065 Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving non-local JavaScript variables, aka an "upvarMap" issue. 25066 </description> 25067 </metadata> 25068 <criteria operator="OR"> 25069 <!-- 995cc8dae1f0571f2923cbf86e5c953f --> 25070 <criteria operator="AND"> 25071 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25072 <criteria operator="OR"> 25073 <criterion test_ref="oval:org.opensuse.security:tst:2009067084" comment="MozillaFirefox less than 3.6.16-0.6.1"/> 25074 <criterion test_ref="oval:org.opensuse.security:tst:2009067085" comment="mozilla-xulrunner192-32bit less than 1.9.2.16-1.5.1"/> 25075 <criterion test_ref="oval:org.opensuse.security:tst:2009067086" comment="mozilla-xulrunner192 less than 1.9.2.16-1.5.1"/> 25076 </criteria> 25077 </criteria> 25078 <!-- cfadc4cf4463fa5757c18ebbf948c1f7 --> 25079 <criteria operator="AND"> 25080 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 25081 <criteria operator="OR"> 25082 <criterion test_ref="oval:org.opensuse.security:tst:2009066217" comment="MozillaFirefox-translations less than 3.6.15-0.6.1"/> 25083 <criterion test_ref="oval:org.opensuse.security:tst:2009066218" comment="MozillaFirefox less than 3.6.15-0.6.1"/> 25084 <criterion test_ref="oval:org.opensuse.security:tst:2009066219" comment="mozilla-xulrunner192-32bit less than 1.9.2.15-0.5.1"/> 25085 <criterion test_ref="oval:org.opensuse.security:tst:2009066220" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.15-0.5.1"/> 25086 <criterion test_ref="oval:org.opensuse.security:tst:2009066221" comment="mozilla-xulrunner192-gnome less than 1.9.2.15-0.5.1"/> 25087 <criterion test_ref="oval:org.opensuse.security:tst:2009066222" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.15-0.5.1"/> 25088 <criterion test_ref="oval:org.opensuse.security:tst:2009066223" comment="mozilla-xulrunner192-translations less than 1.9.2.15-0.5.1"/> 25089 <criterion test_ref="oval:org.opensuse.security:tst:2009066224" comment="mozilla-xulrunner192 less than 1.9.2.15-0.5.1"/> 25090 </criteria> 25091 </criteria> 25092 <!-- dfc1c9be3c028f9bbbf92255dc104ab5 --> 25093 <criteria operator="AND"> 25094 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 25095 <criteria operator="OR"> 25096 <criterion test_ref="oval:org.opensuse.security:tst:2009066124" comment="mozilla-xulrunner191-32bit less than 1.9.1.17-0.5.1"/> 25097 <criterion test_ref="oval:org.opensuse.security:tst:2009066125" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.17-0.5.1"/> 25098 <criterion test_ref="oval:org.opensuse.security:tst:2009066126" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.17-0.5.1"/> 25099 <criterion test_ref="oval:org.opensuse.security:tst:2009066127" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.17-0.5.1"/> 25100 <criterion test_ref="oval:org.opensuse.security:tst:2009066128" comment="mozilla-xulrunner191-translations less than 1.9.1.17-0.5.1"/> 25101 <criterion test_ref="oval:org.opensuse.security:tst:2009066129" comment="mozilla-xulrunner191 less than 1.9.1.17-0.5.1"/> 25102 </criteria> 25103 </criteria> 25104 </criteria> 25105 </definition> 25106 <definition id="oval:org.opensuse.security:def:20110055" version="1" class="vulnerability"> 25107 <metadata> 25108 <title>CVE-2011-0055</title> 25109 <affected family="unix"> 25110 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 25111 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 25112 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25113 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25114 </affected> 25115 <reference ref_id="CVE-2011-0055" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0055" source="CVE"/> 25116 <description> 25117 Use-after-free vulnerability in the JSON.stringify method in js3250.dll in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via unspecified vectors related to the js_HasOwnProperty function and garbage collection. 25118 </description> 25119 </metadata> 25120 <criteria operator="OR"> 25121 <!-- 995cc8dae1f0571f2923cbf86e5c953f --> 25122 <criteria operator="AND"> 25123 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25124 <criteria operator="OR"> 25125 <criterion test_ref="oval:org.opensuse.security:tst:2009067084" comment="MozillaFirefox less than 3.6.16-0.6.1"/> 25126 <criterion test_ref="oval:org.opensuse.security:tst:2009067085" comment="mozilla-xulrunner192-32bit less than 1.9.2.16-1.5.1"/> 25127 <criterion test_ref="oval:org.opensuse.security:tst:2009067086" comment="mozilla-xulrunner192 less than 1.9.2.16-1.5.1"/> 25128 </criteria> 25129 </criteria> 25130 <!-- cfadc4cf4463fa5757c18ebbf948c1f7 --> 25131 <criteria operator="AND"> 25132 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 25133 <criteria operator="OR"> 25134 <criterion test_ref="oval:org.opensuse.security:tst:2009066217" comment="MozillaFirefox-translations less than 3.6.15-0.6.1"/> 25135 <criterion test_ref="oval:org.opensuse.security:tst:2009066218" comment="MozillaFirefox less than 3.6.15-0.6.1"/> 25136 <criterion test_ref="oval:org.opensuse.security:tst:2009066219" comment="mozilla-xulrunner192-32bit less than 1.9.2.15-0.5.1"/> 25137 <criterion test_ref="oval:org.opensuse.security:tst:2009066220" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.15-0.5.1"/> 25138 <criterion test_ref="oval:org.opensuse.security:tst:2009066221" comment="mozilla-xulrunner192-gnome less than 1.9.2.15-0.5.1"/> 25139 <criterion test_ref="oval:org.opensuse.security:tst:2009066222" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.15-0.5.1"/> 25140 <criterion test_ref="oval:org.opensuse.security:tst:2009066223" comment="mozilla-xulrunner192-translations less than 1.9.2.15-0.5.1"/> 25141 <criterion test_ref="oval:org.opensuse.security:tst:2009066224" comment="mozilla-xulrunner192 less than 1.9.2.15-0.5.1"/> 25142 </criteria> 25143 </criteria> 25144 <!-- dfc1c9be3c028f9bbbf92255dc104ab5 --> 25145 <criteria operator="AND"> 25146 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 25147 <criteria operator="OR"> 25148 <criterion test_ref="oval:org.opensuse.security:tst:2009066124" comment="mozilla-xulrunner191-32bit less than 1.9.1.17-0.5.1"/> 25149 <criterion test_ref="oval:org.opensuse.security:tst:2009066125" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.17-0.5.1"/> 25150 <criterion test_ref="oval:org.opensuse.security:tst:2009066126" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.17-0.5.1"/> 25151 <criterion test_ref="oval:org.opensuse.security:tst:2009066127" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.17-0.5.1"/> 25152 <criterion test_ref="oval:org.opensuse.security:tst:2009066128" comment="mozilla-xulrunner191-translations less than 1.9.1.17-0.5.1"/> 25153 <criterion test_ref="oval:org.opensuse.security:tst:2009066129" comment="mozilla-xulrunner191 less than 1.9.1.17-0.5.1"/> 25154 </criteria> 25155 </criteria> 25156 </criteria> 25157 </definition> 25158 <definition id="oval:org.opensuse.security:def:20110056" version="1" class="vulnerability"> 25159 <metadata> 25160 <title>CVE-2011-0056</title> 25161 <affected family="unix"> 25162 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 25163 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 25164 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25165 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25166 </affected> 25167 <reference ref_id="CVE-2011-0056" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0056" source="CVE"/> 25168 <description> 25169 Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving exception timing and a large number of string values, aka an "atom map" issue. 25170 </description> 25171 </metadata> 25172 <criteria operator="OR"> 25173 <!-- 995cc8dae1f0571f2923cbf86e5c953f --> 25174 <criteria operator="AND"> 25175 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25176 <criteria operator="OR"> 25177 <criterion test_ref="oval:org.opensuse.security:tst:2009067084" comment="MozillaFirefox less than 3.6.16-0.6.1"/> 25178 <criterion test_ref="oval:org.opensuse.security:tst:2009067085" comment="mozilla-xulrunner192-32bit less than 1.9.2.16-1.5.1"/> 25179 <criterion test_ref="oval:org.opensuse.security:tst:2009067086" comment="mozilla-xulrunner192 less than 1.9.2.16-1.5.1"/> 25180 </criteria> 25181 </criteria> 25182 <!-- cfadc4cf4463fa5757c18ebbf948c1f7 --> 25183 <criteria operator="AND"> 25184 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 25185 <criteria operator="OR"> 25186 <criterion test_ref="oval:org.opensuse.security:tst:2009066217" comment="MozillaFirefox-translations less than 3.6.15-0.6.1"/> 25187 <criterion test_ref="oval:org.opensuse.security:tst:2009066218" comment="MozillaFirefox less than 3.6.15-0.6.1"/> 25188 <criterion test_ref="oval:org.opensuse.security:tst:2009066219" comment="mozilla-xulrunner192-32bit less than 1.9.2.15-0.5.1"/> 25189 <criterion test_ref="oval:org.opensuse.security:tst:2009066220" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.15-0.5.1"/> 25190 <criterion test_ref="oval:org.opensuse.security:tst:2009066221" comment="mozilla-xulrunner192-gnome less than 1.9.2.15-0.5.1"/> 25191 <criterion test_ref="oval:org.opensuse.security:tst:2009066222" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.15-0.5.1"/> 25192 <criterion test_ref="oval:org.opensuse.security:tst:2009066223" comment="mozilla-xulrunner192-translations less than 1.9.2.15-0.5.1"/> 25193 <criterion test_ref="oval:org.opensuse.security:tst:2009066224" comment="mozilla-xulrunner192 less than 1.9.2.15-0.5.1"/> 25194 </criteria> 25195 </criteria> 25196 <!-- dfc1c9be3c028f9bbbf92255dc104ab5 --> 25197 <criteria operator="AND"> 25198 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 25199 <criteria operator="OR"> 25200 <criterion test_ref="oval:org.opensuse.security:tst:2009066124" comment="mozilla-xulrunner191-32bit less than 1.9.1.17-0.5.1"/> 25201 <criterion test_ref="oval:org.opensuse.security:tst:2009066125" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.17-0.5.1"/> 25202 <criterion test_ref="oval:org.opensuse.security:tst:2009066126" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.17-0.5.1"/> 25203 <criterion test_ref="oval:org.opensuse.security:tst:2009066127" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.17-0.5.1"/> 25204 <criterion test_ref="oval:org.opensuse.security:tst:2009066128" comment="mozilla-xulrunner191-translations less than 1.9.1.17-0.5.1"/> 25205 <criterion test_ref="oval:org.opensuse.security:tst:2009066129" comment="mozilla-xulrunner191 less than 1.9.1.17-0.5.1"/> 25206 </criteria> 25207 </criteria> 25208 </criteria> 25209 </definition> 25210 <definition id="oval:org.opensuse.security:def:20110057" version="1" class="vulnerability"> 25211 <metadata> 25212 <title>CVE-2011-0057</title> 25213 <affected family="unix"> 25214 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 25215 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 25216 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25217 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25218 </affected> 25219 <reference ref_id="CVE-2011-0057" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0057" source="CVE"/> 25220 <description> 25221 Use-after-free vulnerability in the Web Workers implementation in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to execute arbitrary code via vectors related to a JavaScript Worker and garbage collection. 25222 </description> 25223 </metadata> 25224 <criteria operator="OR"> 25225 <!-- 995cc8dae1f0571f2923cbf86e5c953f --> 25226 <criteria operator="AND"> 25227 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25228 <criteria operator="OR"> 25229 <criterion test_ref="oval:org.opensuse.security:tst:2009067084" comment="MozillaFirefox less than 3.6.16-0.6.1"/> 25230 <criterion test_ref="oval:org.opensuse.security:tst:2009067085" comment="mozilla-xulrunner192-32bit less than 1.9.2.16-1.5.1"/> 25231 <criterion test_ref="oval:org.opensuse.security:tst:2009067086" comment="mozilla-xulrunner192 less than 1.9.2.16-1.5.1"/> 25232 </criteria> 25233 </criteria> 25234 <!-- cfadc4cf4463fa5757c18ebbf948c1f7 --> 25235 <criteria operator="AND"> 25236 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 25237 <criteria operator="OR"> 25238 <criterion test_ref="oval:org.opensuse.security:tst:2009066217" comment="MozillaFirefox-translations less than 3.6.15-0.6.1"/> 25239 <criterion test_ref="oval:org.opensuse.security:tst:2009066218" comment="MozillaFirefox less than 3.6.15-0.6.1"/> 25240 <criterion test_ref="oval:org.opensuse.security:tst:2009066219" comment="mozilla-xulrunner192-32bit less than 1.9.2.15-0.5.1"/> 25241 <criterion test_ref="oval:org.opensuse.security:tst:2009066220" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.15-0.5.1"/> 25242 <criterion test_ref="oval:org.opensuse.security:tst:2009066221" comment="mozilla-xulrunner192-gnome less than 1.9.2.15-0.5.1"/> 25243 <criterion test_ref="oval:org.opensuse.security:tst:2009066222" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.15-0.5.1"/> 25244 <criterion test_ref="oval:org.opensuse.security:tst:2009066223" comment="mozilla-xulrunner192-translations less than 1.9.2.15-0.5.1"/> 25245 <criterion test_ref="oval:org.opensuse.security:tst:2009066224" comment="mozilla-xulrunner192 less than 1.9.2.15-0.5.1"/> 25246 </criteria> 25247 </criteria> 25248 <!-- dfc1c9be3c028f9bbbf92255dc104ab5 --> 25249 <criteria operator="AND"> 25250 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 25251 <criteria operator="OR"> 25252 <criterion test_ref="oval:org.opensuse.security:tst:2009066124" comment="mozilla-xulrunner191-32bit less than 1.9.1.17-0.5.1"/> 25253 <criterion test_ref="oval:org.opensuse.security:tst:2009066125" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.17-0.5.1"/> 25254 <criterion test_ref="oval:org.opensuse.security:tst:2009066126" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.17-0.5.1"/> 25255 <criterion test_ref="oval:org.opensuse.security:tst:2009066127" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.17-0.5.1"/> 25256 <criterion test_ref="oval:org.opensuse.security:tst:2009066128" comment="mozilla-xulrunner191-translations less than 1.9.1.17-0.5.1"/> 25257 <criterion test_ref="oval:org.opensuse.security:tst:2009066129" comment="mozilla-xulrunner191 less than 1.9.1.17-0.5.1"/> 25258 </criteria> 25259 </criteria> 25260 </criteria> 25261 </definition> 25262 <definition id="oval:org.opensuse.security:def:20110058" version="1" class="vulnerability"> 25263 <metadata> 25264 <title>CVE-2011-0058</title> 25265 <affected family="unix"> 25266 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 25267 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 25268 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25269 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25270 </affected> 25271 <reference ref_id="CVE-2011-0058" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0058" source="CVE"/> 25272 <description> 25273 Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long string that triggers construction of a long text run. 25274 </description> 25275 </metadata> 25276 <criteria operator="OR"> 25277 <!-- 995cc8dae1f0571f2923cbf86e5c953f --> 25278 <criteria operator="AND"> 25279 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25280 <criteria operator="OR"> 25281 <criterion test_ref="oval:org.opensuse.security:tst:2009067084" comment="MozillaFirefox less than 3.6.16-0.6.1"/> 25282 <criterion test_ref="oval:org.opensuse.security:tst:2009067085" comment="mozilla-xulrunner192-32bit less than 1.9.2.16-1.5.1"/> 25283 <criterion test_ref="oval:org.opensuse.security:tst:2009067086" comment="mozilla-xulrunner192 less than 1.9.2.16-1.5.1"/> 25284 </criteria> 25285 </criteria> 25286 <!-- cfadc4cf4463fa5757c18ebbf948c1f7 --> 25287 <criteria operator="AND"> 25288 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 25289 <criteria operator="OR"> 25290 <criterion test_ref="oval:org.opensuse.security:tst:2009066217" comment="MozillaFirefox-translations less than 3.6.15-0.6.1"/> 25291 <criterion test_ref="oval:org.opensuse.security:tst:2009066218" comment="MozillaFirefox less than 3.6.15-0.6.1"/> 25292 <criterion test_ref="oval:org.opensuse.security:tst:2009066219" comment="mozilla-xulrunner192-32bit less than 1.9.2.15-0.5.1"/> 25293 <criterion test_ref="oval:org.opensuse.security:tst:2009066220" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.15-0.5.1"/> 25294 <criterion test_ref="oval:org.opensuse.security:tst:2009066221" comment="mozilla-xulrunner192-gnome less than 1.9.2.15-0.5.1"/> 25295 <criterion test_ref="oval:org.opensuse.security:tst:2009066222" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.15-0.5.1"/> 25296 <criterion test_ref="oval:org.opensuse.security:tst:2009066223" comment="mozilla-xulrunner192-translations less than 1.9.2.15-0.5.1"/> 25297 <criterion test_ref="oval:org.opensuse.security:tst:2009066224" comment="mozilla-xulrunner192 less than 1.9.2.15-0.5.1"/> 25298 </criteria> 25299 </criteria> 25300 <!-- dfc1c9be3c028f9bbbf92255dc104ab5 --> 25301 <criteria operator="AND"> 25302 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 25303 <criteria operator="OR"> 25304 <criterion test_ref="oval:org.opensuse.security:tst:2009066124" comment="mozilla-xulrunner191-32bit less than 1.9.1.17-0.5.1"/> 25305 <criterion test_ref="oval:org.opensuse.security:tst:2009066125" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.17-0.5.1"/> 25306 <criterion test_ref="oval:org.opensuse.security:tst:2009066126" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.17-0.5.1"/> 25307 <criterion test_ref="oval:org.opensuse.security:tst:2009066127" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.17-0.5.1"/> 25308 <criterion test_ref="oval:org.opensuse.security:tst:2009066128" comment="mozilla-xulrunner191-translations less than 1.9.1.17-0.5.1"/> 25309 <criterion test_ref="oval:org.opensuse.security:tst:2009066129" comment="mozilla-xulrunner191 less than 1.9.1.17-0.5.1"/> 25310 </criteria> 25311 </criteria> 25312 </criteria> 25313 </definition> 25314 <definition id="oval:org.opensuse.security:def:20110059" version="1" class="vulnerability"> 25315 <metadata> 25316 <title>CVE-2011-0059</title> 25317 <affected family="unix"> 25318 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 25319 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 25320 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25321 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25322 </affected> 25323 <reference ref_id="CVE-2011-0059" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0059" source="CVE"/> 25324 <description> 25325 Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugin and received a 307 redirect to a page on a different web site. 25326 </description> 25327 </metadata> 25328 <criteria operator="OR"> 25329 <!-- 995cc8dae1f0571f2923cbf86e5c953f --> 25330 <criteria operator="AND"> 25331 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25332 <criteria operator="OR"> 25333 <criterion test_ref="oval:org.opensuse.security:tst:2009067084" comment="MozillaFirefox less than 3.6.16-0.6.1"/> 25334 <criterion test_ref="oval:org.opensuse.security:tst:2009067085" comment="mozilla-xulrunner192-32bit less than 1.9.2.16-1.5.1"/> 25335 <criterion test_ref="oval:org.opensuse.security:tst:2009067086" comment="mozilla-xulrunner192 less than 1.9.2.16-1.5.1"/> 25336 </criteria> 25337 </criteria> 25338 <!-- cfadc4cf4463fa5757c18ebbf948c1f7 --> 25339 <criteria operator="AND"> 25340 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 25341 <criteria operator="OR"> 25342 <criterion test_ref="oval:org.opensuse.security:tst:2009066217" comment="MozillaFirefox-translations less than 3.6.15-0.6.1"/> 25343 <criterion test_ref="oval:org.opensuse.security:tst:2009066218" comment="MozillaFirefox less than 3.6.15-0.6.1"/> 25344 <criterion test_ref="oval:org.opensuse.security:tst:2009066219" comment="mozilla-xulrunner192-32bit less than 1.9.2.15-0.5.1"/> 25345 <criterion test_ref="oval:org.opensuse.security:tst:2009066220" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.15-0.5.1"/> 25346 <criterion test_ref="oval:org.opensuse.security:tst:2009066221" comment="mozilla-xulrunner192-gnome less than 1.9.2.15-0.5.1"/> 25347 <criterion test_ref="oval:org.opensuse.security:tst:2009066222" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.15-0.5.1"/> 25348 <criterion test_ref="oval:org.opensuse.security:tst:2009066223" comment="mozilla-xulrunner192-translations less than 1.9.2.15-0.5.1"/> 25349 <criterion test_ref="oval:org.opensuse.security:tst:2009066224" comment="mozilla-xulrunner192 less than 1.9.2.15-0.5.1"/> 25350 </criteria> 25351 </criteria> 25352 <!-- dfc1c9be3c028f9bbbf92255dc104ab5 --> 25353 <criteria operator="AND"> 25354 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 25355 <criteria operator="OR"> 25356 <criterion test_ref="oval:org.opensuse.security:tst:2009066124" comment="mozilla-xulrunner191-32bit less than 1.9.1.17-0.5.1"/> 25357 <criterion test_ref="oval:org.opensuse.security:tst:2009066125" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.17-0.5.1"/> 25358 <criterion test_ref="oval:org.opensuse.security:tst:2009066126" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.17-0.5.1"/> 25359 <criterion test_ref="oval:org.opensuse.security:tst:2009066127" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.17-0.5.1"/> 25360 <criterion test_ref="oval:org.opensuse.security:tst:2009066128" comment="mozilla-xulrunner191-translations less than 1.9.1.17-0.5.1"/> 25361 <criterion test_ref="oval:org.opensuse.security:tst:2009066129" comment="mozilla-xulrunner191 less than 1.9.1.17-0.5.1"/> 25362 </criteria> 25363 </criteria> 25364 </criteria> 25365 </definition> 25366 <definition id="oval:org.opensuse.security:def:20110061" version="1" class="vulnerability"> 25367 <metadata> 25368 <title>CVE-2011-0061</title> 25369 <affected family="unix"> 25370 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 25371 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 25372 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25373 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25374 </affected> 25375 <reference ref_id="CVE-2011-0061" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0061" source="CVE"/> 25376 <description> 25377 Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image. 25378 </description> 25379 </metadata> 25380 <criteria operator="OR"> 25381 <!-- 995cc8dae1f0571f2923cbf86e5c953f --> 25382 <criteria operator="AND"> 25383 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25384 <criteria operator="OR"> 25385 <criterion test_ref="oval:org.opensuse.security:tst:2009067084" comment="MozillaFirefox less than 3.6.16-0.6.1"/> 25386 <criterion test_ref="oval:org.opensuse.security:tst:2009067085" comment="mozilla-xulrunner192-32bit less than 1.9.2.16-1.5.1"/> 25387 <criterion test_ref="oval:org.opensuse.security:tst:2009067086" comment="mozilla-xulrunner192 less than 1.9.2.16-1.5.1"/> 25388 </criteria> 25389 </criteria> 25390 <!-- cfadc4cf4463fa5757c18ebbf948c1f7 --> 25391 <criteria operator="AND"> 25392 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 25393 <criteria operator="OR"> 25394 <criterion test_ref="oval:org.opensuse.security:tst:2009066217" comment="MozillaFirefox-translations less than 3.6.15-0.6.1"/> 25395 <criterion test_ref="oval:org.opensuse.security:tst:2009066218" comment="MozillaFirefox less than 3.6.15-0.6.1"/> 25396 <criterion test_ref="oval:org.opensuse.security:tst:2009066219" comment="mozilla-xulrunner192-32bit less than 1.9.2.15-0.5.1"/> 25397 <criterion test_ref="oval:org.opensuse.security:tst:2009066220" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.15-0.5.1"/> 25398 <criterion test_ref="oval:org.opensuse.security:tst:2009066221" comment="mozilla-xulrunner192-gnome less than 1.9.2.15-0.5.1"/> 25399 <criterion test_ref="oval:org.opensuse.security:tst:2009066222" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.15-0.5.1"/> 25400 <criterion test_ref="oval:org.opensuse.security:tst:2009066223" comment="mozilla-xulrunner192-translations less than 1.9.2.15-0.5.1"/> 25401 <criterion test_ref="oval:org.opensuse.security:tst:2009066224" comment="mozilla-xulrunner192 less than 1.9.2.15-0.5.1"/> 25402 </criteria> 25403 </criteria> 25404 <!-- dfc1c9be3c028f9bbbf92255dc104ab5 --> 25405 <criteria operator="AND"> 25406 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 25407 <criteria operator="OR"> 25408 <criterion test_ref="oval:org.opensuse.security:tst:2009066124" comment="mozilla-xulrunner191-32bit less than 1.9.1.17-0.5.1"/> 25409 <criterion test_ref="oval:org.opensuse.security:tst:2009066125" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.17-0.5.1"/> 25410 <criterion test_ref="oval:org.opensuse.security:tst:2009066126" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.17-0.5.1"/> 25411 <criterion test_ref="oval:org.opensuse.security:tst:2009066127" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.17-0.5.1"/> 25412 <criterion test_ref="oval:org.opensuse.security:tst:2009066128" comment="mozilla-xulrunner191-translations less than 1.9.1.17-0.5.1"/> 25413 <criterion test_ref="oval:org.opensuse.security:tst:2009066129" comment="mozilla-xulrunner191 less than 1.9.1.17-0.5.1"/> 25414 </criteria> 25415 </criteria> 25416 </criteria> 25417 </definition> 25418 <definition id="oval:org.opensuse.security:def:20110062" version="1" class="vulnerability"> 25419 <metadata> 25420 <title>CVE-2011-0062</title> 25421 <affected family="unix"> 25422 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 25423 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 25424 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25425 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25426 </affected> 25427 <reference ref_id="CVE-2011-0062" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0062" source="CVE"/> 25428 <description> 25429 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 25430 </description> 25431 </metadata> 25432 <criteria operator="OR"> 25433 <!-- 995cc8dae1f0571f2923cbf86e5c953f --> 25434 <criteria operator="AND"> 25435 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25436 <criteria operator="OR"> 25437 <criterion test_ref="oval:org.opensuse.security:tst:2009067084" comment="MozillaFirefox less than 3.6.16-0.6.1"/> 25438 <criterion test_ref="oval:org.opensuse.security:tst:2009067085" comment="mozilla-xulrunner192-32bit less than 1.9.2.16-1.5.1"/> 25439 <criterion test_ref="oval:org.opensuse.security:tst:2009067086" comment="mozilla-xulrunner192 less than 1.9.2.16-1.5.1"/> 25440 </criteria> 25441 </criteria> 25442 <!-- cfadc4cf4463fa5757c18ebbf948c1f7 --> 25443 <criteria operator="AND"> 25444 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 25445 <criteria operator="OR"> 25446 <criterion test_ref="oval:org.opensuse.security:tst:2009066217" comment="MozillaFirefox-translations less than 3.6.15-0.6.1"/> 25447 <criterion test_ref="oval:org.opensuse.security:tst:2009066218" comment="MozillaFirefox less than 3.6.15-0.6.1"/> 25448 <criterion test_ref="oval:org.opensuse.security:tst:2009066219" comment="mozilla-xulrunner192-32bit less than 1.9.2.15-0.5.1"/> 25449 <criterion test_ref="oval:org.opensuse.security:tst:2009066220" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.15-0.5.1"/> 25450 <criterion test_ref="oval:org.opensuse.security:tst:2009066221" comment="mozilla-xulrunner192-gnome less than 1.9.2.15-0.5.1"/> 25451 <criterion test_ref="oval:org.opensuse.security:tst:2009066222" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.15-0.5.1"/> 25452 <criterion test_ref="oval:org.opensuse.security:tst:2009066223" comment="mozilla-xulrunner192-translations less than 1.9.2.15-0.5.1"/> 25453 <criterion test_ref="oval:org.opensuse.security:tst:2009066224" comment="mozilla-xulrunner192 less than 1.9.2.15-0.5.1"/> 25454 </criteria> 25455 </criteria> 25456 <!-- dfc1c9be3c028f9bbbf92255dc104ab5 --> 25457 <criteria operator="AND"> 25458 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 25459 <criteria operator="OR"> 25460 <criterion test_ref="oval:org.opensuse.security:tst:2009066124" comment="mozilla-xulrunner191-32bit less than 1.9.1.17-0.5.1"/> 25461 <criterion test_ref="oval:org.opensuse.security:tst:2009066125" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.17-0.5.1"/> 25462 <criterion test_ref="oval:org.opensuse.security:tst:2009066126" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.17-0.5.1"/> 25463 <criterion test_ref="oval:org.opensuse.security:tst:2009066127" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.17-0.5.1"/> 25464 <criterion test_ref="oval:org.opensuse.security:tst:2009066128" comment="mozilla-xulrunner191-translations less than 1.9.1.17-0.5.1"/> 25465 <criterion test_ref="oval:org.opensuse.security:tst:2009066129" comment="mozilla-xulrunner191 less than 1.9.1.17-0.5.1"/> 25466 </criteria> 25467 </criteria> 25468 </criteria> 25469 </definition> 25470 <definition id="oval:org.opensuse.security:def:20110065" version="1" class="vulnerability"> 25471 <metadata> 25472 <title>CVE-2011-0065</title> 25473 <affected family="unix"> 25474 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25475 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25476 </affected> 25477 <reference ref_id="CVE-2011-0065" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0065" source="CVE"/> 25478 <description> 25479 Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mChannel. 25480 </description> 25481 </metadata> 25482 <criteria operator="OR"> 25483 <!-- 0c73a3b88327cd1c299b76dee48f005e --> 25484 <criteria operator="AND"> 25485 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25486 <criteria operator="OR"> 25487 <criterion test_ref="oval:org.opensuse.security:tst:2009068275" comment="MozillaFirefox-translations less than 3.6.17-0.5.1"/> 25488 <criterion test_ref="oval:org.opensuse.security:tst:2009068276" comment="MozillaFirefox less than 3.6.17-0.5.1"/> 25489 <criterion test_ref="oval:org.opensuse.security:tst:2009068277" comment="mozilla-xulrunner192-32bit less than 1.9.2.17-0.6.1"/> 25490 <criterion test_ref="oval:org.opensuse.security:tst:2009068278" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.17-0.6.1"/> 25491 <criterion test_ref="oval:org.opensuse.security:tst:2009068279" comment="mozilla-xulrunner192-gnome less than 1.9.2.17-0.6.1"/> 25492 <criterion test_ref="oval:org.opensuse.security:tst:2009068280" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.17-0.6.1"/> 25493 <criterion test_ref="oval:org.opensuse.security:tst:2009068281" comment="mozilla-xulrunner192-translations less than 1.9.2.17-0.6.1"/> 25494 <criterion test_ref="oval:org.opensuse.security:tst:2009068282" comment="mozilla-xulrunner192 less than 1.9.2.17-0.6.1"/> 25495 </criteria> 25496 </criteria> 25497 <!-- 80f6910b2efb9db816cc045ed9550be7 --> 25498 <criteria operator="AND"> 25499 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25500 <criteria operator="OR"> 25501 <criterion test_ref="oval:org.opensuse.security:tst:2009068267" comment="mozilla-xulrunner191-32bit less than 1.9.1.19-0.5.1"/> 25502 <criterion test_ref="oval:org.opensuse.security:tst:2009068268" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.19-0.5.1"/> 25503 <criterion test_ref="oval:org.opensuse.security:tst:2009068269" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.19-0.5.1"/> 25504 <criterion test_ref="oval:org.opensuse.security:tst:2009068270" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.19-0.5.1"/> 25505 <criterion test_ref="oval:org.opensuse.security:tst:2009068271" comment="mozilla-xulrunner191-translations less than 1.9.1.19-0.5.1"/> 25506 <criterion test_ref="oval:org.opensuse.security:tst:2009068272" comment="mozilla-xulrunner191 less than 1.9.1.19-0.5.1"/> 25507 </criteria> 25508 </criteria> 25509 </criteria> 25510 </definition> 25511 <definition id="oval:org.opensuse.security:def:20110066" version="1" class="vulnerability"> 25512 <metadata> 25513 <title>CVE-2011-0066</title> 25514 <affected family="unix"> 25515 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25516 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25517 </affected> 25518 <reference ref_id="CVE-2011-0066" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0066" source="CVE"/> 25519 <description> 25520 Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mObserverList. 25521 </description> 25522 </metadata> 25523 <criteria operator="OR"> 25524 <!-- 0c73a3b88327cd1c299b76dee48f005e --> 25525 <criteria operator="AND"> 25526 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25527 <criteria operator="OR"> 25528 <criterion test_ref="oval:org.opensuse.security:tst:2009068275" comment="MozillaFirefox-translations less than 3.6.17-0.5.1"/> 25529 <criterion test_ref="oval:org.opensuse.security:tst:2009068276" comment="MozillaFirefox less than 3.6.17-0.5.1"/> 25530 <criterion test_ref="oval:org.opensuse.security:tst:2009068277" comment="mozilla-xulrunner192-32bit less than 1.9.2.17-0.6.1"/> 25531 <criterion test_ref="oval:org.opensuse.security:tst:2009068278" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.17-0.6.1"/> 25532 <criterion test_ref="oval:org.opensuse.security:tst:2009068279" comment="mozilla-xulrunner192-gnome less than 1.9.2.17-0.6.1"/> 25533 <criterion test_ref="oval:org.opensuse.security:tst:2009068280" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.17-0.6.1"/> 25534 <criterion test_ref="oval:org.opensuse.security:tst:2009068281" comment="mozilla-xulrunner192-translations less than 1.9.2.17-0.6.1"/> 25535 <criterion test_ref="oval:org.opensuse.security:tst:2009068282" comment="mozilla-xulrunner192 less than 1.9.2.17-0.6.1"/> 25536 </criteria> 25537 </criteria> 25538 <!-- 80f6910b2efb9db816cc045ed9550be7 --> 25539 <criteria operator="AND"> 25540 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25541 <criteria operator="OR"> 25542 <criterion test_ref="oval:org.opensuse.security:tst:2009068267" comment="mozilla-xulrunner191-32bit less than 1.9.1.19-0.5.1"/> 25543 <criterion test_ref="oval:org.opensuse.security:tst:2009068268" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.19-0.5.1"/> 25544 <criterion test_ref="oval:org.opensuse.security:tst:2009068269" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.19-0.5.1"/> 25545 <criterion test_ref="oval:org.opensuse.security:tst:2009068270" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.19-0.5.1"/> 25546 <criterion test_ref="oval:org.opensuse.security:tst:2009068271" comment="mozilla-xulrunner191-translations less than 1.9.1.19-0.5.1"/> 25547 <criterion test_ref="oval:org.opensuse.security:tst:2009068272" comment="mozilla-xulrunner191 less than 1.9.1.19-0.5.1"/> 25548 </criteria> 25549 </criteria> 25550 </criteria> 25551 </definition> 25552 <definition id="oval:org.opensuse.security:def:20110067" version="1" class="vulnerability"> 25553 <metadata> 25554 <title>CVE-2011-0067</title> 25555 <affected family="unix"> 25556 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25557 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25558 </affected> 25559 <reference ref_id="CVE-2011-0067" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0067" source="CVE"/> 25560 <description> 25561 Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls. 25562 </description> 25563 </metadata> 25564 <criteria operator="OR"> 25565 <!-- 0c73a3b88327cd1c299b76dee48f005e --> 25566 <criteria operator="AND"> 25567 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25568 <criteria operator="OR"> 25569 <criterion test_ref="oval:org.opensuse.security:tst:2009068275" comment="MozillaFirefox-translations less than 3.6.17-0.5.1"/> 25570 <criterion test_ref="oval:org.opensuse.security:tst:2009068276" comment="MozillaFirefox less than 3.6.17-0.5.1"/> 25571 <criterion test_ref="oval:org.opensuse.security:tst:2009068277" comment="mozilla-xulrunner192-32bit less than 1.9.2.17-0.6.1"/> 25572 <criterion test_ref="oval:org.opensuse.security:tst:2009068278" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.17-0.6.1"/> 25573 <criterion test_ref="oval:org.opensuse.security:tst:2009068279" comment="mozilla-xulrunner192-gnome less than 1.9.2.17-0.6.1"/> 25574 <criterion test_ref="oval:org.opensuse.security:tst:2009068280" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.17-0.6.1"/> 25575 <criterion test_ref="oval:org.opensuse.security:tst:2009068281" comment="mozilla-xulrunner192-translations less than 1.9.2.17-0.6.1"/> 25576 <criterion test_ref="oval:org.opensuse.security:tst:2009068282" comment="mozilla-xulrunner192 less than 1.9.2.17-0.6.1"/> 25577 </criteria> 25578 </criteria> 25579 <!-- 80f6910b2efb9db816cc045ed9550be7 --> 25580 <criteria operator="AND"> 25581 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25582 <criteria operator="OR"> 25583 <criterion test_ref="oval:org.opensuse.security:tst:2009068267" comment="mozilla-xulrunner191-32bit less than 1.9.1.19-0.5.1"/> 25584 <criterion test_ref="oval:org.opensuse.security:tst:2009068268" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.19-0.5.1"/> 25585 <criterion test_ref="oval:org.opensuse.security:tst:2009068269" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.19-0.5.1"/> 25586 <criterion test_ref="oval:org.opensuse.security:tst:2009068270" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.19-0.5.1"/> 25587 <criterion test_ref="oval:org.opensuse.security:tst:2009068271" comment="mozilla-xulrunner191-translations less than 1.9.1.19-0.5.1"/> 25588 <criterion test_ref="oval:org.opensuse.security:tst:2009068272" comment="mozilla-xulrunner191 less than 1.9.1.19-0.5.1"/> 25589 </criteria> 25590 </criteria> 25591 </criteria> 25592 </definition> 25593 <definition id="oval:org.opensuse.security:def:20110069" version="1" class="vulnerability"> 25594 <metadata> 25595 <title>CVE-2011-0069</title> 25596 <affected family="unix"> 25597 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25598 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25599 </affected> 25600 <reference ref_id="CVE-2011-0069" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0069" source="CVE"/> 25601 <description> 25602 Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0070. 25603 </description> 25604 </metadata> 25605 <criteria operator="OR"> 25606 <!-- 0c73a3b88327cd1c299b76dee48f005e --> 25607 <criteria operator="AND"> 25608 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25609 <criteria operator="OR"> 25610 <criterion test_ref="oval:org.opensuse.security:tst:2009068275" comment="MozillaFirefox-translations less than 3.6.17-0.5.1"/> 25611 <criterion test_ref="oval:org.opensuse.security:tst:2009068276" comment="MozillaFirefox less than 3.6.17-0.5.1"/> 25612 <criterion test_ref="oval:org.opensuse.security:tst:2009068277" comment="mozilla-xulrunner192-32bit less than 1.9.2.17-0.6.1"/> 25613 <criterion test_ref="oval:org.opensuse.security:tst:2009068278" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.17-0.6.1"/> 25614 <criterion test_ref="oval:org.opensuse.security:tst:2009068279" comment="mozilla-xulrunner192-gnome less than 1.9.2.17-0.6.1"/> 25615 <criterion test_ref="oval:org.opensuse.security:tst:2009068280" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.17-0.6.1"/> 25616 <criterion test_ref="oval:org.opensuse.security:tst:2009068281" comment="mozilla-xulrunner192-translations less than 1.9.2.17-0.6.1"/> 25617 <criterion test_ref="oval:org.opensuse.security:tst:2009068282" comment="mozilla-xulrunner192 less than 1.9.2.17-0.6.1"/> 25618 </criteria> 25619 </criteria> 25620 <!-- 80f6910b2efb9db816cc045ed9550be7 --> 25621 <criteria operator="AND"> 25622 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25623 <criteria operator="OR"> 25624 <criterion test_ref="oval:org.opensuse.security:tst:2009068267" comment="mozilla-xulrunner191-32bit less than 1.9.1.19-0.5.1"/> 25625 <criterion test_ref="oval:org.opensuse.security:tst:2009068268" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.19-0.5.1"/> 25626 <criterion test_ref="oval:org.opensuse.security:tst:2009068269" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.19-0.5.1"/> 25627 <criterion test_ref="oval:org.opensuse.security:tst:2009068270" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.19-0.5.1"/> 25628 <criterion test_ref="oval:org.opensuse.security:tst:2009068271" comment="mozilla-xulrunner191-translations less than 1.9.1.19-0.5.1"/> 25629 <criterion test_ref="oval:org.opensuse.security:tst:2009068272" comment="mozilla-xulrunner191 less than 1.9.1.19-0.5.1"/> 25630 </criteria> 25631 </criteria> 25632 </criteria> 25633 </definition> 25634 <definition id="oval:org.opensuse.security:def:20110070" version="1" class="vulnerability"> 25635 <metadata> 25636 <title>CVE-2011-0070</title> 25637 <affected family="unix"> 25638 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25639 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25640 </affected> 25641 <reference ref_id="CVE-2011-0070" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0070" source="CVE"/> 25642 <description> 25643 Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0069. 25644 </description> 25645 </metadata> 25646 <criteria operator="OR"> 25647 <!-- 0c73a3b88327cd1c299b76dee48f005e --> 25648 <criteria operator="AND"> 25649 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25650 <criteria operator="OR"> 25651 <criterion test_ref="oval:org.opensuse.security:tst:2009068275" comment="MozillaFirefox-translations less than 3.6.17-0.5.1"/> 25652 <criterion test_ref="oval:org.opensuse.security:tst:2009068276" comment="MozillaFirefox less than 3.6.17-0.5.1"/> 25653 <criterion test_ref="oval:org.opensuse.security:tst:2009068277" comment="mozilla-xulrunner192-32bit less than 1.9.2.17-0.6.1"/> 25654 <criterion test_ref="oval:org.opensuse.security:tst:2009068278" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.17-0.6.1"/> 25655 <criterion test_ref="oval:org.opensuse.security:tst:2009068279" comment="mozilla-xulrunner192-gnome less than 1.9.2.17-0.6.1"/> 25656 <criterion test_ref="oval:org.opensuse.security:tst:2009068280" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.17-0.6.1"/> 25657 <criterion test_ref="oval:org.opensuse.security:tst:2009068281" comment="mozilla-xulrunner192-translations less than 1.9.2.17-0.6.1"/> 25658 <criterion test_ref="oval:org.opensuse.security:tst:2009068282" comment="mozilla-xulrunner192 less than 1.9.2.17-0.6.1"/> 25659 </criteria> 25660 </criteria> 25661 <!-- 80f6910b2efb9db816cc045ed9550be7 --> 25662 <criteria operator="AND"> 25663 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25664 <criteria operator="OR"> 25665 <criterion test_ref="oval:org.opensuse.security:tst:2009068267" comment="mozilla-xulrunner191-32bit less than 1.9.1.19-0.5.1"/> 25666 <criterion test_ref="oval:org.opensuse.security:tst:2009068268" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.19-0.5.1"/> 25667 <criterion test_ref="oval:org.opensuse.security:tst:2009068269" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.19-0.5.1"/> 25668 <criterion test_ref="oval:org.opensuse.security:tst:2009068270" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.19-0.5.1"/> 25669 <criterion test_ref="oval:org.opensuse.security:tst:2009068271" comment="mozilla-xulrunner191-translations less than 1.9.1.19-0.5.1"/> 25670 <criterion test_ref="oval:org.opensuse.security:tst:2009068272" comment="mozilla-xulrunner191 less than 1.9.1.19-0.5.1"/> 25671 </criteria> 25672 </criteria> 25673 </criteria> 25674 </definition> 25675 <definition id="oval:org.opensuse.security:def:20110071" version="1" class="vulnerability"> 25676 <metadata> 25677 <title>CVE-2011-0071</title> 25678 <affected family="unix"> 25679 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25680 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25681 </affected> 25682 <reference ref_id="CVE-2011-0071" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0071" source="CVE"/> 25683 <description> 25684 Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 on Windows allows remote attackers to determine the existence of arbitrary files, and possibly load resources, via vectors involving a resource: URL. 25685 </description> 25686 </metadata> 25687 <!-- 0c73a3b88327cd1c299b76dee48f005e --> 25688 <criteria operator="AND"> 25689 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25690 <criteria operator="OR"> 25691 <criterion test_ref="oval:org.opensuse.security:tst:2009068275" comment="MozillaFirefox-translations less than 3.6.17-0.5.1"/> 25692 <criterion test_ref="oval:org.opensuse.security:tst:2009068276" comment="MozillaFirefox less than 3.6.17-0.5.1"/> 25693 <criterion test_ref="oval:org.opensuse.security:tst:2009068277" comment="mozilla-xulrunner192-32bit less than 1.9.2.17-0.6.1"/> 25694 <criterion test_ref="oval:org.opensuse.security:tst:2009068278" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.17-0.6.1"/> 25695 <criterion test_ref="oval:org.opensuse.security:tst:2009068279" comment="mozilla-xulrunner192-gnome less than 1.9.2.17-0.6.1"/> 25696 <criterion test_ref="oval:org.opensuse.security:tst:2009068280" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.17-0.6.1"/> 25697 <criterion test_ref="oval:org.opensuse.security:tst:2009068281" comment="mozilla-xulrunner192-translations less than 1.9.2.17-0.6.1"/> 25698 <criterion test_ref="oval:org.opensuse.security:tst:2009068282" comment="mozilla-xulrunner192 less than 1.9.2.17-0.6.1"/> 25699 </criteria> 25700 </criteria> 25701 </definition> 25702 <definition id="oval:org.opensuse.security:def:20110072" version="1" class="vulnerability"> 25703 <metadata> 25704 <title>CVE-2011-0072</title> 25705 <affected family="unix"> 25706 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25707 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25708 </affected> 25709 <reference ref_id="CVE-2011-0072" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0072" source="CVE"/> 25710 <description> 25711 Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078. 25712 </description> 25713 </metadata> 25714 <criteria operator="OR"> 25715 <!-- 0c73a3b88327cd1c299b76dee48f005e --> 25716 <criteria operator="AND"> 25717 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25718 <criteria operator="OR"> 25719 <criterion test_ref="oval:org.opensuse.security:tst:2009068275" comment="MozillaFirefox-translations less than 3.6.17-0.5.1"/> 25720 <criterion test_ref="oval:org.opensuse.security:tst:2009068276" comment="MozillaFirefox less than 3.6.17-0.5.1"/> 25721 <criterion test_ref="oval:org.opensuse.security:tst:2009068277" comment="mozilla-xulrunner192-32bit less than 1.9.2.17-0.6.1"/> 25722 <criterion test_ref="oval:org.opensuse.security:tst:2009068278" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.17-0.6.1"/> 25723 <criterion test_ref="oval:org.opensuse.security:tst:2009068279" comment="mozilla-xulrunner192-gnome less than 1.9.2.17-0.6.1"/> 25724 <criterion test_ref="oval:org.opensuse.security:tst:2009068280" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.17-0.6.1"/> 25725 <criterion test_ref="oval:org.opensuse.security:tst:2009068281" comment="mozilla-xulrunner192-translations less than 1.9.2.17-0.6.1"/> 25726 <criterion test_ref="oval:org.opensuse.security:tst:2009068282" comment="mozilla-xulrunner192 less than 1.9.2.17-0.6.1"/> 25727 </criteria> 25728 </criteria> 25729 <!-- 80f6910b2efb9db816cc045ed9550be7 --> 25730 <criteria operator="AND"> 25731 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25732 <criteria operator="OR"> 25733 <criterion test_ref="oval:org.opensuse.security:tst:2009068267" comment="mozilla-xulrunner191-32bit less than 1.9.1.19-0.5.1"/> 25734 <criterion test_ref="oval:org.opensuse.security:tst:2009068268" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.19-0.5.1"/> 25735 <criterion test_ref="oval:org.opensuse.security:tst:2009068269" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.19-0.5.1"/> 25736 <criterion test_ref="oval:org.opensuse.security:tst:2009068270" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.19-0.5.1"/> 25737 <criterion test_ref="oval:org.opensuse.security:tst:2009068271" comment="mozilla-xulrunner191-translations less than 1.9.1.19-0.5.1"/> 25738 <criterion test_ref="oval:org.opensuse.security:tst:2009068272" comment="mozilla-xulrunner191 less than 1.9.1.19-0.5.1"/> 25739 </criteria> 25740 </criteria> 25741 </criteria> 25742 </definition> 25743 <definition id="oval:org.opensuse.security:def:20110073" version="1" class="vulnerability"> 25744 <metadata> 25745 <title>CVE-2011-0073</title> 25746 <affected family="unix"> 25747 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25748 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25749 </affected> 25750 <reference ref_id="CVE-2011-0073" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0073" source="CVE"/> 25751 <description> 25752 Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly use nsTreeRange data structures, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer." 25753 </description> 25754 </metadata> 25755 <criteria operator="OR"> 25756 <!-- 0c73a3b88327cd1c299b76dee48f005e --> 25757 <criteria operator="AND"> 25758 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25759 <criteria operator="OR"> 25760 <criterion test_ref="oval:org.opensuse.security:tst:2009068275" comment="MozillaFirefox-translations less than 3.6.17-0.5.1"/> 25761 <criterion test_ref="oval:org.opensuse.security:tst:2009068276" comment="MozillaFirefox less than 3.6.17-0.5.1"/> 25762 <criterion test_ref="oval:org.opensuse.security:tst:2009068277" comment="mozilla-xulrunner192-32bit less than 1.9.2.17-0.6.1"/> 25763 <criterion test_ref="oval:org.opensuse.security:tst:2009068278" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.17-0.6.1"/> 25764 <criterion test_ref="oval:org.opensuse.security:tst:2009068279" comment="mozilla-xulrunner192-gnome less than 1.9.2.17-0.6.1"/> 25765 <criterion test_ref="oval:org.opensuse.security:tst:2009068280" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.17-0.6.1"/> 25766 <criterion test_ref="oval:org.opensuse.security:tst:2009068281" comment="mozilla-xulrunner192-translations less than 1.9.2.17-0.6.1"/> 25767 <criterion test_ref="oval:org.opensuse.security:tst:2009068282" comment="mozilla-xulrunner192 less than 1.9.2.17-0.6.1"/> 25768 </criteria> 25769 </criteria> 25770 <!-- 80f6910b2efb9db816cc045ed9550be7 --> 25771 <criteria operator="AND"> 25772 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25773 <criteria operator="OR"> 25774 <criterion test_ref="oval:org.opensuse.security:tst:2009068267" comment="mozilla-xulrunner191-32bit less than 1.9.1.19-0.5.1"/> 25775 <criterion test_ref="oval:org.opensuse.security:tst:2009068268" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.19-0.5.1"/> 25776 <criterion test_ref="oval:org.opensuse.security:tst:2009068269" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.19-0.5.1"/> 25777 <criterion test_ref="oval:org.opensuse.security:tst:2009068270" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.19-0.5.1"/> 25778 <criterion test_ref="oval:org.opensuse.security:tst:2009068271" comment="mozilla-xulrunner191-translations less than 1.9.1.19-0.5.1"/> 25779 <criterion test_ref="oval:org.opensuse.security:tst:2009068272" comment="mozilla-xulrunner191 less than 1.9.1.19-0.5.1"/> 25780 </criteria> 25781 </criteria> 25782 </criteria> 25783 </definition> 25784 <definition id="oval:org.opensuse.security:def:20110074" version="1" class="vulnerability"> 25785 <metadata> 25786 <title>CVE-2011-0074</title> 25787 <affected family="unix"> 25788 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25789 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25790 </affected> 25791 <reference ref_id="CVE-2011-0074" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0074" source="CVE"/> 25792 <description> 25793 Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078. 25794 </description> 25795 </metadata> 25796 <criteria operator="OR"> 25797 <!-- 0c73a3b88327cd1c299b76dee48f005e --> 25798 <criteria operator="AND"> 25799 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25800 <criteria operator="OR"> 25801 <criterion test_ref="oval:org.opensuse.security:tst:2009068275" comment="MozillaFirefox-translations less than 3.6.17-0.5.1"/> 25802 <criterion test_ref="oval:org.opensuse.security:tst:2009068276" comment="MozillaFirefox less than 3.6.17-0.5.1"/> 25803 <criterion test_ref="oval:org.opensuse.security:tst:2009068277" comment="mozilla-xulrunner192-32bit less than 1.9.2.17-0.6.1"/> 25804 <criterion test_ref="oval:org.opensuse.security:tst:2009068278" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.17-0.6.1"/> 25805 <criterion test_ref="oval:org.opensuse.security:tst:2009068279" comment="mozilla-xulrunner192-gnome less than 1.9.2.17-0.6.1"/> 25806 <criterion test_ref="oval:org.opensuse.security:tst:2009068280" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.17-0.6.1"/> 25807 <criterion test_ref="oval:org.opensuse.security:tst:2009068281" comment="mozilla-xulrunner192-translations less than 1.9.2.17-0.6.1"/> 25808 <criterion test_ref="oval:org.opensuse.security:tst:2009068282" comment="mozilla-xulrunner192 less than 1.9.2.17-0.6.1"/> 25809 </criteria> 25810 </criteria> 25811 <!-- 80f6910b2efb9db816cc045ed9550be7 --> 25812 <criteria operator="AND"> 25813 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25814 <criteria operator="OR"> 25815 <criterion test_ref="oval:org.opensuse.security:tst:2009068267" comment="mozilla-xulrunner191-32bit less than 1.9.1.19-0.5.1"/> 25816 <criterion test_ref="oval:org.opensuse.security:tst:2009068268" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.19-0.5.1"/> 25817 <criterion test_ref="oval:org.opensuse.security:tst:2009068269" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.19-0.5.1"/> 25818 <criterion test_ref="oval:org.opensuse.security:tst:2009068270" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.19-0.5.1"/> 25819 <criterion test_ref="oval:org.opensuse.security:tst:2009068271" comment="mozilla-xulrunner191-translations less than 1.9.1.19-0.5.1"/> 25820 <criterion test_ref="oval:org.opensuse.security:tst:2009068272" comment="mozilla-xulrunner191 less than 1.9.1.19-0.5.1"/> 25821 </criteria> 25822 </criteria> 25823 </criteria> 25824 </definition> 25825 <definition id="oval:org.opensuse.security:def:20110075" version="1" class="vulnerability"> 25826 <metadata> 25827 <title>CVE-2011-0075</title> 25828 <affected family="unix"> 25829 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25830 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25831 </affected> 25832 <reference ref_id="CVE-2011-0075" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0075" source="CVE"/> 25833 <description> 25834 Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0077, and CVE-2011-0078. 25835 </description> 25836 </metadata> 25837 <criteria operator="OR"> 25838 <!-- 0c73a3b88327cd1c299b76dee48f005e --> 25839 <criteria operator="AND"> 25840 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25841 <criteria operator="OR"> 25842 <criterion test_ref="oval:org.opensuse.security:tst:2009068275" comment="MozillaFirefox-translations less than 3.6.17-0.5.1"/> 25843 <criterion test_ref="oval:org.opensuse.security:tst:2009068276" comment="MozillaFirefox less than 3.6.17-0.5.1"/> 25844 <criterion test_ref="oval:org.opensuse.security:tst:2009068277" comment="mozilla-xulrunner192-32bit less than 1.9.2.17-0.6.1"/> 25845 <criterion test_ref="oval:org.opensuse.security:tst:2009068278" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.17-0.6.1"/> 25846 <criterion test_ref="oval:org.opensuse.security:tst:2009068279" comment="mozilla-xulrunner192-gnome less than 1.9.2.17-0.6.1"/> 25847 <criterion test_ref="oval:org.opensuse.security:tst:2009068280" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.17-0.6.1"/> 25848 <criterion test_ref="oval:org.opensuse.security:tst:2009068281" comment="mozilla-xulrunner192-translations less than 1.9.2.17-0.6.1"/> 25849 <criterion test_ref="oval:org.opensuse.security:tst:2009068282" comment="mozilla-xulrunner192 less than 1.9.2.17-0.6.1"/> 25850 </criteria> 25851 </criteria> 25852 <!-- 80f6910b2efb9db816cc045ed9550be7 --> 25853 <criteria operator="AND"> 25854 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25855 <criteria operator="OR"> 25856 <criterion test_ref="oval:org.opensuse.security:tst:2009068267" comment="mozilla-xulrunner191-32bit less than 1.9.1.19-0.5.1"/> 25857 <criterion test_ref="oval:org.opensuse.security:tst:2009068268" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.19-0.5.1"/> 25858 <criterion test_ref="oval:org.opensuse.security:tst:2009068269" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.19-0.5.1"/> 25859 <criterion test_ref="oval:org.opensuse.security:tst:2009068270" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.19-0.5.1"/> 25860 <criterion test_ref="oval:org.opensuse.security:tst:2009068271" comment="mozilla-xulrunner191-translations less than 1.9.1.19-0.5.1"/> 25861 <criterion test_ref="oval:org.opensuse.security:tst:2009068272" comment="mozilla-xulrunner191 less than 1.9.1.19-0.5.1"/> 25862 </criteria> 25863 </criteria> 25864 </criteria> 25865 </definition> 25866 <definition id="oval:org.opensuse.security:def:20110076" version="1" class="vulnerability"> 25867 <metadata> 25868 <title>CVE-2011-0076</title> 25869 <affected family="unix"> 25870 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25871 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25872 </affected> 25873 <reference ref_id="CVE-2011-0076" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0076" source="CVE"/> 25874 <description> 25875 Unspecified vulnerability in the Java Embedding Plugin (JEP) in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, on Mac OS X allows remote attackers to bypass intended access restrictions via unknown vectors. 25876 </description> 25877 </metadata> 25878 <!-- 0c73a3b88327cd1c299b76dee48f005e --> 25879 <criteria operator="AND"> 25880 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25881 <criteria operator="OR"> 25882 <criterion test_ref="oval:org.opensuse.security:tst:2009068275" comment="MozillaFirefox-translations less than 3.6.17-0.5.1"/> 25883 <criterion test_ref="oval:org.opensuse.security:tst:2009068276" comment="MozillaFirefox less than 3.6.17-0.5.1"/> 25884 <criterion test_ref="oval:org.opensuse.security:tst:2009068277" comment="mozilla-xulrunner192-32bit less than 1.9.2.17-0.6.1"/> 25885 <criterion test_ref="oval:org.opensuse.security:tst:2009068278" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.17-0.6.1"/> 25886 <criterion test_ref="oval:org.opensuse.security:tst:2009068279" comment="mozilla-xulrunner192-gnome less than 1.9.2.17-0.6.1"/> 25887 <criterion test_ref="oval:org.opensuse.security:tst:2009068280" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.17-0.6.1"/> 25888 <criterion test_ref="oval:org.opensuse.security:tst:2009068281" comment="mozilla-xulrunner192-translations less than 1.9.2.17-0.6.1"/> 25889 <criterion test_ref="oval:org.opensuse.security:tst:2009068282" comment="mozilla-xulrunner192 less than 1.9.2.17-0.6.1"/> 25890 </criteria> 25891 </criteria> 25892 </definition> 25893 <definition id="oval:org.opensuse.security:def:20110077" version="1" class="vulnerability"> 25894 <metadata> 25895 <title>CVE-2011-0077</title> 25896 <affected family="unix"> 25897 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25898 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25899 </affected> 25900 <reference ref_id="CVE-2011-0077" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0077" source="CVE"/> 25901 <description> 25902 Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0078. 25903 </description> 25904 </metadata> 25905 <criteria operator="OR"> 25906 <!-- 0c73a3b88327cd1c299b76dee48f005e --> 25907 <criteria operator="AND"> 25908 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25909 <criteria operator="OR"> 25910 <criterion test_ref="oval:org.opensuse.security:tst:2009068275" comment="MozillaFirefox-translations less than 3.6.17-0.5.1"/> 25911 <criterion test_ref="oval:org.opensuse.security:tst:2009068276" comment="MozillaFirefox less than 3.6.17-0.5.1"/> 25912 <criterion test_ref="oval:org.opensuse.security:tst:2009068277" comment="mozilla-xulrunner192-32bit less than 1.9.2.17-0.6.1"/> 25913 <criterion test_ref="oval:org.opensuse.security:tst:2009068278" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.17-0.6.1"/> 25914 <criterion test_ref="oval:org.opensuse.security:tst:2009068279" comment="mozilla-xulrunner192-gnome less than 1.9.2.17-0.6.1"/> 25915 <criterion test_ref="oval:org.opensuse.security:tst:2009068280" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.17-0.6.1"/> 25916 <criterion test_ref="oval:org.opensuse.security:tst:2009068281" comment="mozilla-xulrunner192-translations less than 1.9.2.17-0.6.1"/> 25917 <criterion test_ref="oval:org.opensuse.security:tst:2009068282" comment="mozilla-xulrunner192 less than 1.9.2.17-0.6.1"/> 25918 </criteria> 25919 </criteria> 25920 <!-- 80f6910b2efb9db816cc045ed9550be7 --> 25921 <criteria operator="AND"> 25922 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25923 <criteria operator="OR"> 25924 <criterion test_ref="oval:org.opensuse.security:tst:2009068267" comment="mozilla-xulrunner191-32bit less than 1.9.1.19-0.5.1"/> 25925 <criterion test_ref="oval:org.opensuse.security:tst:2009068268" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.19-0.5.1"/> 25926 <criterion test_ref="oval:org.opensuse.security:tst:2009068269" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.19-0.5.1"/> 25927 <criterion test_ref="oval:org.opensuse.security:tst:2009068270" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.19-0.5.1"/> 25928 <criterion test_ref="oval:org.opensuse.security:tst:2009068271" comment="mozilla-xulrunner191-translations less than 1.9.1.19-0.5.1"/> 25929 <criterion test_ref="oval:org.opensuse.security:tst:2009068272" comment="mozilla-xulrunner191 less than 1.9.1.19-0.5.1"/> 25930 </criteria> 25931 </criteria> 25932 </criteria> 25933 </definition> 25934 <definition id="oval:org.opensuse.security:def:20110078" version="1" class="vulnerability"> 25935 <metadata> 25936 <title>CVE-2011-0078</title> 25937 <affected family="unix"> 25938 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25939 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25940 </affected> 25941 <reference ref_id="CVE-2011-0078" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0078" source="CVE"/> 25942 <description> 25943 Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0077. 25944 </description> 25945 </metadata> 25946 <criteria operator="OR"> 25947 <!-- 0c73a3b88327cd1c299b76dee48f005e --> 25948 <criteria operator="AND"> 25949 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25950 <criteria operator="OR"> 25951 <criterion test_ref="oval:org.opensuse.security:tst:2009068275" comment="MozillaFirefox-translations less than 3.6.17-0.5.1"/> 25952 <criterion test_ref="oval:org.opensuse.security:tst:2009068276" comment="MozillaFirefox less than 3.6.17-0.5.1"/> 25953 <criterion test_ref="oval:org.opensuse.security:tst:2009068277" comment="mozilla-xulrunner192-32bit less than 1.9.2.17-0.6.1"/> 25954 <criterion test_ref="oval:org.opensuse.security:tst:2009068278" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.17-0.6.1"/> 25955 <criterion test_ref="oval:org.opensuse.security:tst:2009068279" comment="mozilla-xulrunner192-gnome less than 1.9.2.17-0.6.1"/> 25956 <criterion test_ref="oval:org.opensuse.security:tst:2009068280" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.17-0.6.1"/> 25957 <criterion test_ref="oval:org.opensuse.security:tst:2009068281" comment="mozilla-xulrunner192-translations less than 1.9.2.17-0.6.1"/> 25958 <criterion test_ref="oval:org.opensuse.security:tst:2009068282" comment="mozilla-xulrunner192 less than 1.9.2.17-0.6.1"/> 25959 </criteria> 25960 </criteria> 25961 <!-- 80f6910b2efb9db816cc045ed9550be7 --> 25962 <criteria operator="AND"> 25963 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25964 <criteria operator="OR"> 25965 <criterion test_ref="oval:org.opensuse.security:tst:2009068267" comment="mozilla-xulrunner191-32bit less than 1.9.1.19-0.5.1"/> 25966 <criterion test_ref="oval:org.opensuse.security:tst:2009068268" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.19-0.5.1"/> 25967 <criterion test_ref="oval:org.opensuse.security:tst:2009068269" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.19-0.5.1"/> 25968 <criterion test_ref="oval:org.opensuse.security:tst:2009068270" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.19-0.5.1"/> 25969 <criterion test_ref="oval:org.opensuse.security:tst:2009068271" comment="mozilla-xulrunner191-translations less than 1.9.1.19-0.5.1"/> 25970 <criterion test_ref="oval:org.opensuse.security:tst:2009068272" comment="mozilla-xulrunner191 less than 1.9.1.19-0.5.1"/> 25971 </criteria> 25972 </criteria> 25973 </criteria> 25974 </definition> 25975 <definition id="oval:org.opensuse.security:def:20110080" version="1" class="vulnerability"> 25976 <metadata> 25977 <title>CVE-2011-0080</title> 25978 <affected family="unix"> 25979 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 25980 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 25981 </affected> 25982 <reference ref_id="CVE-2011-0080" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0080" source="CVE"/> 25983 <description> 25984 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 25985 </description> 25986 </metadata> 25987 <criteria operator="OR"> 25988 <!-- 0c73a3b88327cd1c299b76dee48f005e --> 25989 <criteria operator="AND"> 25990 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 25991 <criteria operator="OR"> 25992 <criterion test_ref="oval:org.opensuse.security:tst:2009068275" comment="MozillaFirefox-translations less than 3.6.17-0.5.1"/> 25993 <criterion test_ref="oval:org.opensuse.security:tst:2009068276" comment="MozillaFirefox less than 3.6.17-0.5.1"/> 25994 <criterion test_ref="oval:org.opensuse.security:tst:2009068277" comment="mozilla-xulrunner192-32bit less than 1.9.2.17-0.6.1"/> 25995 <criterion test_ref="oval:org.opensuse.security:tst:2009068278" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.17-0.6.1"/> 25996 <criterion test_ref="oval:org.opensuse.security:tst:2009068279" comment="mozilla-xulrunner192-gnome less than 1.9.2.17-0.6.1"/> 25997 <criterion test_ref="oval:org.opensuse.security:tst:2009068280" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.17-0.6.1"/> 25998 <criterion test_ref="oval:org.opensuse.security:tst:2009068281" comment="mozilla-xulrunner192-translations less than 1.9.2.17-0.6.1"/> 25999 <criterion test_ref="oval:org.opensuse.security:tst:2009068282" comment="mozilla-xulrunner192 less than 1.9.2.17-0.6.1"/> 26000 </criteria> 26001 </criteria> 26002 <!-- 80f6910b2efb9db816cc045ed9550be7 --> 26003 <criteria operator="AND"> 26004 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26005 <criteria operator="OR"> 26006 <criterion test_ref="oval:org.opensuse.security:tst:2009068267" comment="mozilla-xulrunner191-32bit less than 1.9.1.19-0.5.1"/> 26007 <criterion test_ref="oval:org.opensuse.security:tst:2009068268" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.19-0.5.1"/> 26008 <criterion test_ref="oval:org.opensuse.security:tst:2009068269" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.19-0.5.1"/> 26009 <criterion test_ref="oval:org.opensuse.security:tst:2009068270" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.19-0.5.1"/> 26010 <criterion test_ref="oval:org.opensuse.security:tst:2009068271" comment="mozilla-xulrunner191-translations less than 1.9.1.19-0.5.1"/> 26011 <criterion test_ref="oval:org.opensuse.security:tst:2009068272" comment="mozilla-xulrunner191 less than 1.9.1.19-0.5.1"/> 26012 </criteria> 26013 </criteria> 26014 </criteria> 26015 </definition> 26016 <definition id="oval:org.opensuse.security:def:20110081" version="1" class="vulnerability"> 26017 <metadata> 26018 <title>CVE-2011-0081</title> 26019 <affected family="unix"> 26020 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 26021 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 26022 </affected> 26023 <reference ref_id="CVE-2011-0081" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0081" source="CVE"/> 26024 <description> 26025 Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.17 and 4.x before 4.0.1, and Thunderbird 3.1.x before 3.1.10, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 26026 </description> 26027 </metadata> 26028 <criteria operator="OR"> 26029 <!-- 0c73a3b88327cd1c299b76dee48f005e --> 26030 <criteria operator="AND"> 26031 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26032 <criteria operator="OR"> 26033 <criterion test_ref="oval:org.opensuse.security:tst:2009068275" comment="MozillaFirefox-translations less than 3.6.17-0.5.1"/> 26034 <criterion test_ref="oval:org.opensuse.security:tst:2009068276" comment="MozillaFirefox less than 3.6.17-0.5.1"/> 26035 <criterion test_ref="oval:org.opensuse.security:tst:2009068277" comment="mozilla-xulrunner192-32bit less than 1.9.2.17-0.6.1"/> 26036 <criterion test_ref="oval:org.opensuse.security:tst:2009068278" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.17-0.6.1"/> 26037 <criterion test_ref="oval:org.opensuse.security:tst:2009068279" comment="mozilla-xulrunner192-gnome less than 1.9.2.17-0.6.1"/> 26038 <criterion test_ref="oval:org.opensuse.security:tst:2009068280" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.17-0.6.1"/> 26039 <criterion test_ref="oval:org.opensuse.security:tst:2009068281" comment="mozilla-xulrunner192-translations less than 1.9.2.17-0.6.1"/> 26040 <criterion test_ref="oval:org.opensuse.security:tst:2009068282" comment="mozilla-xulrunner192 less than 1.9.2.17-0.6.1"/> 26041 </criteria> 26042 </criteria> 26043 <!-- 80f6910b2efb9db816cc045ed9550be7 --> 26044 <criteria operator="AND"> 26045 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26046 <criteria operator="OR"> 26047 <criterion test_ref="oval:org.opensuse.security:tst:2009068267" comment="mozilla-xulrunner191-32bit less than 1.9.1.19-0.5.1"/> 26048 <criterion test_ref="oval:org.opensuse.security:tst:2009068268" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.19-0.5.1"/> 26049 <criterion test_ref="oval:org.opensuse.security:tst:2009068269" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.19-0.5.1"/> 26050 <criterion test_ref="oval:org.opensuse.security:tst:2009068270" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.19-0.5.1"/> 26051 <criterion test_ref="oval:org.opensuse.security:tst:2009068271" comment="mozilla-xulrunner191-translations less than 1.9.1.19-0.5.1"/> 26052 <criterion test_ref="oval:org.opensuse.security:tst:2009068272" comment="mozilla-xulrunner191 less than 1.9.1.19-0.5.1"/> 26053 </criteria> 26054 </criteria> 26055 </criteria> 26056 </definition> 26057 <definition id="oval:org.opensuse.security:def:20110083" version="1" class="vulnerability"> 26058 <metadata> 26059 <title>CVE-2011-0083</title> 26060 <affected family="unix"> 26061 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 26062 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 26063 </affected> 26064 <reference ref_id="CVE-2011-0083" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0083" source="CVE"/> 26065 <description> 26066 Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback. 26067 </description> 26068 </metadata> 26069 <!-- 0637dceda217223a627a02ba83062213 --> 26070 <criteria operator="AND"> 26071 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26072 <criteria operator="OR"> 26073 <criterion test_ref="oval:org.opensuse.security:tst:2009069301" comment="MozillaFirefox-translations less than 3.6.18-0.5.1"/> 26074 <criterion test_ref="oval:org.opensuse.security:tst:2009069302" comment="MozillaFirefox less than 3.6.18-0.5.1"/> 26075 <criterion test_ref="oval:org.opensuse.security:tst:2009069303" comment="mozilla-xulrunner192-32bit less than 1.9.2.18-1.6.1"/> 26076 <criterion test_ref="oval:org.opensuse.security:tst:2009069304" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.18-1.6.1"/> 26077 <criterion test_ref="oval:org.opensuse.security:tst:2009069305" comment="mozilla-xulrunner192-gnome less than 1.9.2.18-1.6.1"/> 26078 <criterion test_ref="oval:org.opensuse.security:tst:2009069306" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.18-1.6.1"/> 26079 <criterion test_ref="oval:org.opensuse.security:tst:2009069307" comment="mozilla-xulrunner192-translations less than 1.9.2.18-1.6.1"/> 26080 <criterion test_ref="oval:org.opensuse.security:tst:2009069308" comment="mozilla-xulrunner192 less than 1.9.2.18-1.6.1"/> 26081 </criteria> 26082 </criteria> 26083 </definition> 26084 <definition id="oval:org.opensuse.security:def:20110084" version="1" class="vulnerability"> 26085 <metadata> 26086 <title>CVE-2011-0084</title> 26087 <affected family="unix"> 26088 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 26089 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 26090 </affected> 26091 <reference ref_id="CVE-2011-0084" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0084" source="CVE"/> 26092 <description> 26093 The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer." 26094 </description> 26095 </metadata> 26096 <!-- 24df2ef0dad5f3b46261e6f99333badf --> 26097 <criteria operator="AND"> 26098 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26099 <criteria operator="OR"> 26100 <criterion test_ref="oval:org.opensuse.security:tst:2009070101" comment="MozillaFirefox-translations less than 3.6.20-0.5.1"/> 26101 <criterion test_ref="oval:org.opensuse.security:tst:2009070102" comment="MozillaFirefox less than 3.6.20-0.5.1"/> 26102 <criterion test_ref="oval:org.opensuse.security:tst:2009070103" comment="mozilla-xulrunner192-32bit less than 1.9.2.20-1.5.1"/> 26103 <criterion test_ref="oval:org.opensuse.security:tst:2009070104" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.20-1.5.1"/> 26104 <criterion test_ref="oval:org.opensuse.security:tst:2009070105" comment="mozilla-xulrunner192-gnome less than 1.9.2.20-1.5.1"/> 26105 <criterion test_ref="oval:org.opensuse.security:tst:2009070106" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.20-1.5.1"/> 26106 <criterion test_ref="oval:org.opensuse.security:tst:2009070107" comment="mozilla-xulrunner192-translations less than 1.9.2.20-1.5.1"/> 26107 <criterion test_ref="oval:org.opensuse.security:tst:2009070108" comment="mozilla-xulrunner192 less than 1.9.2.20-1.5.1"/> 26108 </criteria> 26109 </criteria> 26110 </definition> 26111 <definition id="oval:org.opensuse.security:def:20110085" version="1" class="vulnerability"> 26112 <metadata> 26113 <title>CVE-2011-0085</title> 26114 <affected family="unix"> 26115 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 26116 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 26117 </affected> 26118 <reference ref_id="CVE-2011-0085" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0085" source="CVE"/> 26119 <description> 26120 Use-after-free vulnerability in the nsXULCommandDispatcher function in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via a crafted XUL document that dequeues the current command updater. 26121 </description> 26122 </metadata> 26123 <!-- 0637dceda217223a627a02ba83062213 --> 26124 <criteria operator="AND"> 26125 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26126 <criteria operator="OR"> 26127 <criterion test_ref="oval:org.opensuse.security:tst:2009069301" comment="MozillaFirefox-translations less than 3.6.18-0.5.1"/> 26128 <criterion test_ref="oval:org.opensuse.security:tst:2009069302" comment="MozillaFirefox less than 3.6.18-0.5.1"/> 26129 <criterion test_ref="oval:org.opensuse.security:tst:2009069303" comment="mozilla-xulrunner192-32bit less than 1.9.2.18-1.6.1"/> 26130 <criterion test_ref="oval:org.opensuse.security:tst:2009069304" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.18-1.6.1"/> 26131 <criterion test_ref="oval:org.opensuse.security:tst:2009069305" comment="mozilla-xulrunner192-gnome less than 1.9.2.18-1.6.1"/> 26132 <criterion test_ref="oval:org.opensuse.security:tst:2009069306" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.18-1.6.1"/> 26133 <criterion test_ref="oval:org.opensuse.security:tst:2009069307" comment="mozilla-xulrunner192-translations less than 1.9.2.18-1.6.1"/> 26134 <criterion test_ref="oval:org.opensuse.security:tst:2009069308" comment="mozilla-xulrunner192 less than 1.9.2.18-1.6.1"/> 26135 </criteria> 26136 </criteria> 26137 </definition> 26138 <definition id="oval:org.opensuse.security:def:20110188" version="1" class="vulnerability"> 26139 <metadata> 26140 <title>CVE-2011-0188</title> 26141 <affected family="unix"> 26142 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 26143 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 26144 </affected> 26145 <reference ref_id="CVE-2011-0188" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0188" source="CVE"/> 26146 <description> 26147 The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving creation of a large BigDecimal value within a 64-bit process, related to an "integer truncation issue." 26148 </description> 26149 </metadata> 26150 <!-- 4fc06fa0fbc01d40c9f9d34ee5ab3872 --> 26151 <criteria operator="AND"> 26152 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26153 <criterion test_ref="oval:org.opensuse.security:tst:2009068635" comment="ruby less than 1.8.6.p369-0.12.1"/> 26154 </criteria> 26155 </definition> 26156 <definition id="oval:org.opensuse.security:def:20110191" version="1" class="vulnerability"> 26157 <metadata> 26158 <title>CVE-2011-0191</title> 26159 <affected family="unix"> 26160 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 26161 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26162 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 26163 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 26164 </affected> 26165 <reference ref_id="CVE-2011-0191" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0191" source="CVE"/> 26166 <description> 26167 Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding. 26168 </description> 26169 </metadata> 26170 <criteria operator="OR"> 26171 <!-- 5f984c45fd590a060e94e0d63e5e2fae --> 26172 <criteria operator="AND"> 26173 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26174 <criteria operator="OR"> 26175 <criterion test_ref="oval:org.opensuse.security:tst:2009068148" comment="libtiff-32bit less than 3.8.2-5.24.1"/> 26176 <criterion test_ref="oval:org.opensuse.security:tst:2009068152" comment="libtiff-devel less than 3.8.2-5.24.1"/> 26177 <criterion test_ref="oval:org.opensuse.security:tst:2009068154" comment="libtiff less than 3.8.2-5.24.1"/> 26178 </criteria> 26179 </criteria> 26180 <!-- 754d5abd3666eec2fbee9b225156757d --> 26181 <criteria operator="AND"> 26182 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26183 <criteria operator="OR"> 26184 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 26185 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 26186 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 26187 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 26188 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 26189 </criteria> 26190 </criteria> 26191 <!-- c44206b33270f7a4715bc2a20553ccb8 --> 26192 <criteria operator="AND"> 26193 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26194 <criteria operator="OR"> 26195 <criterion test_ref="oval:org.opensuse.security:tst:2009070734" comment="kernel-bigsmp less than 2.6.16.60-0.87.1"/> 26196 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 26197 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 26198 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 26199 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 26200 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 26201 <criterion test_ref="oval:org.opensuse.security:tst:2009070735" comment="kernel-xenpae less than 2.6.16.60-0.87.1"/> 26202 </criteria> 26203 </criteria> 26204 <!-- e83c81b75f211f34776c0dc71a91be08 --> 26205 <criteria operator="AND"> 26206 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26207 <criteria operator="OR"> 26208 <criterion test_ref="oval:org.opensuse.security:tst:2009066571" comment="libtiff-32bit less than 3.8.2-5.20.1"/> 26209 <criterion test_ref="oval:org.opensuse.security:tst:2009066572" comment="libtiff-devel less than 3.8.2-5.20.1"/> 26210 <criterion test_ref="oval:org.opensuse.security:tst:2009066573" comment="libtiff less than 3.8.2-5.20.1"/> 26211 </criteria> 26212 </criteria> 26213 </criteria> 26214 </definition> 26215 <definition id="oval:org.opensuse.security:def:20110192" version="1" class="vulnerability"> 26216 <metadata> 26217 <title>CVE-2011-0192</title> 26218 <affected family="unix"> 26219 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 26220 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26221 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 26222 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 26223 </affected> 26224 <reference ref_id="CVE-2011-0192" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192" source="CVE"/> 26225 <description> 26226 Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information. 26227 </description> 26228 </metadata> 26229 <criteria operator="OR"> 26230 <!-- 5f984c45fd590a060e94e0d63e5e2fae --> 26231 <criteria operator="AND"> 26232 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26233 <criteria operator="OR"> 26234 <criterion test_ref="oval:org.opensuse.security:tst:2009068148" comment="libtiff-32bit less than 3.8.2-5.24.1"/> 26235 <criterion test_ref="oval:org.opensuse.security:tst:2009068152" comment="libtiff-devel less than 3.8.2-5.24.1"/> 26236 <criterion test_ref="oval:org.opensuse.security:tst:2009068154" comment="libtiff less than 3.8.2-5.24.1"/> 26237 </criteria> 26238 </criteria> 26239 <!-- e83c81b75f211f34776c0dc71a91be08 --> 26240 <criteria operator="AND"> 26241 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26242 <criteria operator="OR"> 26243 <criterion test_ref="oval:org.opensuse.security:tst:2009066571" comment="libtiff-32bit less than 3.8.2-5.20.1"/> 26244 <criterion test_ref="oval:org.opensuse.security:tst:2009066572" comment="libtiff-devel less than 3.8.2-5.20.1"/> 26245 <criterion test_ref="oval:org.opensuse.security:tst:2009066573" comment="libtiff less than 3.8.2-5.20.1"/> 26246 </criteria> 26247 </criteria> 26248 </criteria> 26249 </definition> 26250 <definition id="oval:org.opensuse.security:def:20110311" version="1" class="vulnerability"> 26251 <metadata> 26252 <title>CVE-2011-0311</title> 26253 <affected family="unix"> 26254 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 26255 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26256 </affected> 26257 <reference ref_id="CVE-2011-0311" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0311" source="CVE"/> 26258 <description> 26259 The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consumption or an infinite loop) via a crafted attribute length field in a class file, which triggers a buffer over-read. 26260 </description> 26261 </metadata> 26262 <!-- d25bbf65a6a2b3926117126bf2da1942 --> 26263 <criteria operator="AND"> 26264 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26265 <criteria operator="OR"> 26266 <criterion test_ref="oval:org.opensuse.security:tst:2009066655" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.4-0.7.1"/> 26267 <criterion test_ref="oval:org.opensuse.security:tst:2009066656" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.4-0.7.1"/> 26268 <criterion test_ref="oval:org.opensuse.security:tst:2009066657" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.4-0.7.1"/> 26269 <criterion test_ref="oval:org.opensuse.security:tst:2009066658" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.4-0.7.1"/> 26270 <criterion test_ref="oval:org.opensuse.security:tst:2009066659" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.4-0.7.1"/> 26271 <criterion test_ref="oval:org.opensuse.security:tst:2009066660" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.4-0.7.1"/> 26272 <criterion test_ref="oval:org.opensuse.security:tst:2009066661" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.4-0.7.1"/> 26273 <criterion test_ref="oval:org.opensuse.security:tst:2009066662" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.4-0.7.1"/> 26274 <criterion test_ref="oval:org.opensuse.security:tst:2009066663" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.4-0.7.1"/> 26275 <criterion test_ref="oval:org.opensuse.security:tst:2009066664" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.4-0.7.1"/> 26276 <criterion test_ref="oval:org.opensuse.security:tst:2009066665" comment="java-1_5_0-ibm less than 1.5.0_sr12.4-0.7.1"/> 26277 </criteria> 26278 </criteria> 26279 </definition> 26280 <definition id="oval:org.opensuse.security:def:20110411" version="1" class="vulnerability"> 26281 <metadata> 26282 <title>CVE-2011-0411</title> 26283 <affected family="unix"> 26284 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 26285 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26286 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 26287 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 26288 </affected> 26289 <reference ref_id="CVE-2011-0411" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0411" source="CVE"/> 26290 <description> 26291 The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack. 26292 </description> 26293 </metadata> 26294 <criteria operator="OR"> 26295 <!-- 0c9fe36c802a5270612a9ccb5004f53e --> 26296 <criteria operator="AND"> 26297 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26298 <criterion test_ref="oval:org.opensuse.security:tst:2009067842" comment="postfix less than 2.5.6-4.10.1"/> 26299 </criteria> 26300 <!-- cc7d763cf50fac0ab5c407bd7cb07be8 --> 26301 <criteria operator="AND"> 26302 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26303 <criterion test_ref="oval:org.opensuse.security:tst:2009067842" comment="postfix less than 2.5.6-4.10.1"/> 26304 </criteria> 26305 <!-- fb44818690c83f61834edde0d208cdae --> 26306 <criteria operator="AND"> 26307 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26308 <criterion test_ref="oval:org.opensuse.security:tst:2009068586" comment="pure-ftpd less than 1.0.22-0.20.1"/> 26309 </criteria> 26310 </criteria> 26311 </definition> 26312 <definition id="oval:org.opensuse.security:def:20110419" version="1" class="vulnerability"> 26313 <metadata> 26314 <title>CVE-2011-0419</title> 26315 <affected family="unix"> 26316 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 26317 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 26318 </affected> 26319 <reference ref_id="CVE-2011-0419" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419" source="CVE"/> 26320 <description> 26321 Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd. 26322 </description> 26323 </metadata> 26324 <!-- ebd69d25a128907e6d3b301dacc77ae2 --> 26325 <criteria operator="AND"> 26326 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26327 <criteria operator="OR"> 26328 <criterion test_ref="oval:org.opensuse.security:tst:2009069417" comment="libapr1-devel less than 1.2.2-13.10.1"/> 26329 <criterion test_ref="oval:org.opensuse.security:tst:2009069418" comment="libapr1 less than 1.2.2-13.10.1"/> 26330 </criteria> 26331 </criteria> 26332 </definition> 26333 <definition id="oval:org.opensuse.security:def:20110433" version="1" class="vulnerability"> 26334 <metadata> 26335 <title>CVE-2011-0433</title> 26336 <affected family="unix"> 26337 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 26338 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26339 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 26340 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 26341 </affected> 26342 <reference ref_id="CVE-2011-0433" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0433" source="CVE"/> 26343 <description> 26344 Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642. 26345 </description> 26346 </metadata> 26347 <criteria operator="OR"> 26348 <!-- e02f6c15798de8da949815cde437fe14 --> 26349 <criteria operator="AND"> 26350 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26351 <criterion test_ref="oval:org.opensuse.security:tst:2009066923" comment="evince less than 0.4.0-25.15.1"/> 26352 </criteria> 26353 <!-- fa73688f39de24675aab1921c2e9025d --> 26354 <criteria operator="AND"> 26355 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26356 <criterion test_ref="oval:org.opensuse.security:tst:2009067152" comment="evince less than 0.4.0-25.19.1"/> 26357 </criteria> 26358 </criteria> 26359 </definition> 26360 <definition id="oval:org.opensuse.security:def:20110444" version="1" class="vulnerability"> 26361 <metadata> 26362 <title>CVE-2011-0444</title> 26363 <affected family="unix"> 26364 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 26365 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26366 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 26367 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 26368 </affected> 26369 <reference ref_id="CVE-2011-0444" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0444" source="CVE"/> 26370 <description> 26371 Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of RARs. 26372 </description> 26373 </metadata> 26374 <criteria operator="OR"> 26375 <!-- 6f945ca7e512591223a153602859503d --> 26376 <criteria operator="AND"> 26377 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26378 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 26379 </criteria> 26380 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 26381 <criteria operator="AND"> 26382 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26383 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 26384 </criteria> 26385 </criteria> 26386 </definition> 26387 <definition id="oval:org.opensuse.security:def:20110445" version="1" class="vulnerability"> 26388 <metadata> 26389 <title>CVE-2011-0445</title> 26390 <affected family="unix"> 26391 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 26392 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26393 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 26394 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 26395 </affected> 26396 <reference ref_id="CVE-2011-0445" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0445" source="CVE"/> 26397 <description> 26398 The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap. 26399 </description> 26400 </metadata> 26401 <criteria operator="OR"> 26402 <!-- 6f945ca7e512591223a153602859503d --> 26403 <criteria operator="AND"> 26404 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26405 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 26406 </criteria> 26407 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 26408 <criteria operator="AND"> 26409 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26410 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 26411 </criteria> 26412 </criteria> 26413 </definition> 26414 <definition id="oval:org.opensuse.security:def:20110465" version="1" class="vulnerability"> 26415 <metadata> 26416 <title>CVE-2011-0465</title> 26417 <affected family="unix"> 26418 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 26419 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26420 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 26421 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 26422 </affected> 26423 <reference ref_id="CVE-2011-0465" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0465" source="CVE"/> 26424 <description> 26425 xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message. 26426 </description> 26427 </metadata> 26428 <criteria operator="OR"> 26429 <!-- 9da1a7f6e945e13e8a5509aea27d4098 --> 26430 <criteria operator="AND"> 26431 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26432 <criteria operator="OR"> 26433 <criterion test_ref="oval:org.opensuse.security:tst:2009067153" comment="xorg-x11-Xnest less than 6.9.0-50.74.1"/> 26434 <criterion test_ref="oval:org.opensuse.security:tst:2009067154" comment="xorg-x11-Xvfb less than 6.9.0-50.74.1"/> 26435 <criterion test_ref="oval:org.opensuse.security:tst:2009067155" comment="xorg-x11-Xvnc less than 6.9.0-50.74.1"/> 26436 <criterion test_ref="oval:org.opensuse.security:tst:2009067156" comment="xorg-x11-devel-32bit less than 6.9.0-50.74.1"/> 26437 <criterion test_ref="oval:org.opensuse.security:tst:2009067157" comment="xorg-x11-devel less than 6.9.0-50.74.1"/> 26438 <criterion test_ref="oval:org.opensuse.security:tst:2009067158" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.74.1"/> 26439 <criterion test_ref="oval:org.opensuse.security:tst:2009067159" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.74.1"/> 26440 <criterion test_ref="oval:org.opensuse.security:tst:2009067160" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.74.1"/> 26441 <criterion test_ref="oval:org.opensuse.security:tst:2009067161" comment="xorg-x11-fonts-scalable less than 6.9.0-50.74.1"/> 26442 <criterion test_ref="oval:org.opensuse.security:tst:2009067162" comment="xorg-x11-fonts-syriac less than 6.9.0-50.74.1"/> 26443 <criterion test_ref="oval:org.opensuse.security:tst:2009067163" comment="xorg-x11-libs-32bit less than 6.9.0-50.74.1"/> 26444 <criterion test_ref="oval:org.opensuse.security:tst:2009067164" comment="xorg-x11-libs less than 6.9.0-50.74.1"/> 26445 <criterion test_ref="oval:org.opensuse.security:tst:2009067165" comment="xorg-x11-man less than 6.9.0-50.74.1"/> 26446 <criterion test_ref="oval:org.opensuse.security:tst:2009067166" comment="xorg-x11-server-glx less than 6.9.0-50.74.1"/> 26447 <criterion test_ref="oval:org.opensuse.security:tst:2009067167" comment="xorg-x11-server less than 6.9.0-50.74.1"/> 26448 <criterion test_ref="oval:org.opensuse.security:tst:2009067168" comment="xorg-x11 less than 6.9.0-50.74.1"/> 26449 </criteria> 26450 </criteria> 26451 <!-- c6a968fae1d6d604a09a3dbed49a4a93 --> 26452 <criteria operator="AND"> 26453 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26454 <criteria operator="OR"> 26455 <criterion test_ref="oval:org.opensuse.security:tst:2009067174" comment="xorg-x11-Xnest less than 6.9.0-50.69.69.9"/> 26456 <criterion test_ref="oval:org.opensuse.security:tst:2009067175" comment="xorg-x11-Xvfb less than 6.9.0-50.69.69.9"/> 26457 <criterion test_ref="oval:org.opensuse.security:tst:2009067176" comment="xorg-x11-Xvnc less than 6.9.0-50.69.69.9"/> 26458 <criterion test_ref="oval:org.opensuse.security:tst:2009067177" comment="xorg-x11-devel-32bit less than 6.9.0-50.69.69.9"/> 26459 <criterion test_ref="oval:org.opensuse.security:tst:2009067178" comment="xorg-x11-devel less than 6.9.0-50.69.69.9"/> 26460 <criterion test_ref="oval:org.opensuse.security:tst:2009067179" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.69.69.9"/> 26461 <criterion test_ref="oval:org.opensuse.security:tst:2009067180" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.69.69.9"/> 26462 <criterion test_ref="oval:org.opensuse.security:tst:2009067181" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.69.69.9"/> 26463 <criterion test_ref="oval:org.opensuse.security:tst:2009067182" comment="xorg-x11-fonts-scalable less than 6.9.0-50.69.69.9"/> 26464 <criterion test_ref="oval:org.opensuse.security:tst:2009067183" comment="xorg-x11-fonts-syriac less than 6.9.0-50.69.69.9"/> 26465 <criterion test_ref="oval:org.opensuse.security:tst:2009067184" comment="xorg-x11-libs-32bit less than 6.9.0-50.69.69.9"/> 26466 <criterion test_ref="oval:org.opensuse.security:tst:2009067185" comment="xorg-x11-libs less than 6.9.0-50.69.69.9"/> 26467 <criterion test_ref="oval:org.opensuse.security:tst:2009067186" comment="xorg-x11-man less than 6.9.0-50.69.69.9"/> 26468 <criterion test_ref="oval:org.opensuse.security:tst:2009067187" comment="xorg-x11-server-glx less than 6.9.0-50.69.69.9"/> 26469 <criterion test_ref="oval:org.opensuse.security:tst:2009067188" comment="xorg-x11-server less than 6.9.0-50.69.69.9"/> 26470 <criterion test_ref="oval:org.opensuse.security:tst:2009067189" comment="xorg-x11 less than 6.9.0-50.69.69.9"/> 26471 </criteria> 26472 </criteria> 26473 </criteria> 26474 </definition> 26475 <definition id="oval:org.opensuse.security:def:20110521" version="1" class="vulnerability"> 26476 <metadata> 26477 <title>CVE-2011-0521</title> 26478 <affected family="unix"> 26479 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 26480 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26481 </affected> 26482 <reference ref_id="CVE-2011-0521" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0521" source="CVE"/> 26483 <description> 26484 The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a negative value. 26485 </description> 26486 </metadata> 26487 <criteria operator="OR"> 26488 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 26489 <criteria operator="AND"> 26490 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26491 <criteria operator="OR"> 26492 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 26493 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 26494 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 26495 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 26496 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 26497 </criteria> 26498 </criteria> 26499 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 26500 <criteria operator="AND"> 26501 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26502 <criteria operator="OR"> 26503 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 26504 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 26505 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 26506 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 26507 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 26508 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 26509 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 26510 </criteria> 26511 </criteria> 26512 </criteria> 26513 </definition> 26514 <definition id="oval:org.opensuse.security:def:20110536" version="1" class="vulnerability"> 26515 <metadata> 26516 <title>CVE-2011-0536</title> 26517 <affected family="unix"> 26518 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 26519 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 26520 </affected> 26521 <reference ref_id="CVE-2011-0536" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0536" source="CVE"/> 26522 <description> 26523 Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847. 26524 </description> 26525 </metadata> 26526 <!-- 68c207e7b54adb6c64930931c6c86ce0 --> 26527 <criteria operator="AND"> 26528 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26529 <criteria operator="OR"> 26530 <criterion test_ref="oval:org.opensuse.security:tst:2009069178" comment="glibc-32bit less than 2.4-31.91.1"/> 26531 <criterion test_ref="oval:org.opensuse.security:tst:2009069179" comment="glibc-devel-32bit less than 2.4-31.91.1"/> 26532 <criterion test_ref="oval:org.opensuse.security:tst:2009069180" comment="glibc-devel less than 2.4-31.91.1"/> 26533 <criterion test_ref="oval:org.opensuse.security:tst:2009069181" comment="glibc-html less than 2.4-31.91.1"/> 26534 <criterion test_ref="oval:org.opensuse.security:tst:2009069182" comment="glibc-i18ndata less than 2.4-31.91.1"/> 26535 <criterion test_ref="oval:org.opensuse.security:tst:2009069183" comment="glibc-info less than 2.4-31.91.1"/> 26536 <criterion test_ref="oval:org.opensuse.security:tst:2009069184" comment="glibc-locale-32bit less than 2.4-31.91.1"/> 26537 <criterion test_ref="oval:org.opensuse.security:tst:2009069185" comment="glibc-locale less than 2.4-31.91.1"/> 26538 <criterion test_ref="oval:org.opensuse.security:tst:2009069186" comment="glibc less than 2.4-31.91.1"/> 26539 <criterion test_ref="oval:org.opensuse.security:tst:2009069187" comment="nscd less than 2.4-31.91.1"/> 26540 </criteria> 26541 </criteria> 26542 </definition> 26543 <definition id="oval:org.opensuse.security:def:20110538" version="1" class="vulnerability"> 26544 <metadata> 26545 <title>CVE-2011-0538</title> 26546 <affected family="unix"> 26547 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 26548 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26549 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 26550 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 26551 </affected> 26552 <reference ref_id="CVE-2011-0538" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0538" source="CVE"/> 26553 <description> 26554 Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file. 26555 </description> 26556 </metadata> 26557 <criteria operator="OR"> 26558 <!-- 6f945ca7e512591223a153602859503d --> 26559 <criteria operator="AND"> 26560 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26561 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 26562 </criteria> 26563 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 26564 <criteria operator="AND"> 26565 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26566 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 26567 </criteria> 26568 </criteria> 26569 </definition> 26570 <definition id="oval:org.opensuse.security:def:20110541" version="1" class="vulnerability"> 26571 <metadata> 26572 <title>CVE-2011-0541</title> 26573 <affected family="unix"> 26574 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 26575 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26576 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 26577 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 26578 </affected> 26579 <reference ref_id="CVE-2011-0541" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0541" source="CVE"/> 26580 <description> 26581 fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local users to unmount arbitrary directories via a symlink attack. 26582 </description> 26583 </metadata> 26584 <criteria operator="OR"> 26585 <!-- 7b2fb9f684a28e8120a1bdce990ad5fe --> 26586 <criteria operator="AND"> 26587 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26588 <criteria operator="OR"> 26589 <criterion test_ref="oval:org.opensuse.security:tst:2009066711" comment="fuse-devel less than 2.7.2-15.10.11.1"/> 26590 <criterion test_ref="oval:org.opensuse.security:tst:2009066712" comment="fuse less than 2.7.2-15.10.11.1"/> 26591 <criterion test_ref="oval:org.opensuse.security:tst:2009066713" comment="libfuse2 less than 2.7.2-15.10.11.1"/> 26592 <criterion test_ref="oval:org.opensuse.security:tst:2009066714" comment="util-linux less than 2.12r-35.41.43.7"/> 26593 </criteria> 26594 </criteria> 26595 <!-- 9844c158be14e3a6350b6dbf6348ca73 --> 26596 <criteria operator="AND"> 26597 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26598 <criteria operator="OR"> 26599 <criterion test_ref="oval:org.opensuse.security:tst:2009067089" comment="fuse-devel less than 2.7.2-15.10.11.10"/> 26600 <criterion test_ref="oval:org.opensuse.security:tst:2009067090" comment="fuse less than 2.7.2-15.10.11.10"/> 26601 <criterion test_ref="oval:org.opensuse.security:tst:2009067091" comment="libfuse2 less than 2.7.2-15.10.11.10"/> 26602 </criteria> 26603 </criteria> 26604 </criteria> 26605 </definition> 26606 <definition id="oval:org.opensuse.security:def:20110543" version="1" class="vulnerability"> 26607 <metadata> 26608 <title>CVE-2011-0543</title> 26609 <affected family="unix"> 26610 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 26611 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26612 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 26613 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 26614 </affected> 26615 <reference ref_id="CVE-2011-0543" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0543" source="CVE"/> 26616 <description> 26617 Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack. 26618 </description> 26619 </metadata> 26620 <criteria operator="OR"> 26621 <!-- 7b2fb9f684a28e8120a1bdce990ad5fe --> 26622 <criteria operator="AND"> 26623 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26624 <criteria operator="OR"> 26625 <criterion test_ref="oval:org.opensuse.security:tst:2009066711" comment="fuse-devel less than 2.7.2-15.10.11.1"/> 26626 <criterion test_ref="oval:org.opensuse.security:tst:2009066712" comment="fuse less than 2.7.2-15.10.11.1"/> 26627 <criterion test_ref="oval:org.opensuse.security:tst:2009066713" comment="libfuse2 less than 2.7.2-15.10.11.1"/> 26628 <criterion test_ref="oval:org.opensuse.security:tst:2009066714" comment="util-linux less than 2.12r-35.41.43.7"/> 26629 </criteria> 26630 </criteria> 26631 <!-- 9844c158be14e3a6350b6dbf6348ca73 --> 26632 <criteria operator="AND"> 26633 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 26634 <criteria operator="OR"> 26635 <criterion test_ref="oval:org.opensuse.security:tst:2009067089" comment="fuse-devel less than 2.7.2-15.10.11.10"/> 26636 <criterion test_ref="oval:org.opensuse.security:tst:2009067090" comment="fuse less than 2.7.2-15.10.11.10"/> 26637 <criterion test_ref="oval:org.opensuse.security:tst:2009067091" comment="libfuse2 less than 2.7.2-15.10.11.10"/> 26638 </criteria> 26639 </criteria> 26640 </criteria> 26641 </definition> 26642 <definition id="oval:org.opensuse.security:def:20110558" version="1" class="vulnerability"> 26643 <metadata> 26644 <title>CVE-2011-0558</title> 26645 <affected family="unix"> 26646 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 26647 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26648 </affected> 26649 <reference ref_id="CVE-2011-0558" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0558" source="CVE"/> 26650 <description> 26651 Integer overflow in Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code via a large array length value in the ActionScript method of the Function class. 26652 </description> 26653 </metadata> 26654 <criteria operator="OR"> 26655 <!-- 23decf3a05ed243b6585bc17331cc559 --> 26656 <criteria operator="AND"> 26657 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26658 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 26659 </criteria> 26660 <!-- 31c376bef60807a50971c9b177591197 --> 26661 <criteria operator="AND"> 26662 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26663 <criterion test_ref="oval:org.opensuse.security:tst:2009065786" comment="flash-player less than 10.2.152.26-0.5.1"/> 26664 </criteria> 26665 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 26666 <criteria operator="AND"> 26667 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26668 <criteria operator="OR"> 26669 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 26670 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 26671 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 26672 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 26673 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 26674 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 26675 </criteria> 26676 </criteria> 26677 </criteria> 26678 </definition> 26679 <definition id="oval:org.opensuse.security:def:20110559" version="1" class="vulnerability"> 26680 <metadata> 26681 <title>CVE-2011-0559</title> 26682 <affected family="unix"> 26683 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 26684 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26685 </affected> 26686 <reference ref_id="CVE-2011-0559" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0559" source="CVE"/> 26687 <description> 26688 Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608. 26689 </description> 26690 </metadata> 26691 <criteria operator="OR"> 26692 <!-- 23decf3a05ed243b6585bc17331cc559 --> 26693 <criteria operator="AND"> 26694 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26695 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 26696 </criteria> 26697 <!-- 31c376bef60807a50971c9b177591197 --> 26698 <criteria operator="AND"> 26699 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26700 <criterion test_ref="oval:org.opensuse.security:tst:2009065786" comment="flash-player less than 10.2.152.26-0.5.1"/> 26701 </criteria> 26702 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 26703 <criteria operator="AND"> 26704 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26705 <criteria operator="OR"> 26706 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 26707 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 26708 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 26709 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 26710 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 26711 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 26712 </criteria> 26713 </criteria> 26714 </criteria> 26715 </definition> 26716 <definition id="oval:org.opensuse.security:def:20110560" version="1" class="vulnerability"> 26717 <metadata> 26718 <title>CVE-2011-0560</title> 26719 <affected family="unix"> 26720 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 26721 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26722 </affected> 26723 <reference ref_id="CVE-2011-0560" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0560" source="CVE"/> 26724 <description> 26725 Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608. 26726 </description> 26727 </metadata> 26728 <criteria operator="OR"> 26729 <!-- 23decf3a05ed243b6585bc17331cc559 --> 26730 <criteria operator="AND"> 26731 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26732 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 26733 </criteria> 26734 <!-- 31c376bef60807a50971c9b177591197 --> 26735 <criteria operator="AND"> 26736 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26737 <criterion test_ref="oval:org.opensuse.security:tst:2009065786" comment="flash-player less than 10.2.152.26-0.5.1"/> 26738 </criteria> 26739 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 26740 <criteria operator="AND"> 26741 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26742 <criteria operator="OR"> 26743 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 26744 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 26745 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 26746 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 26747 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 26748 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 26749 </criteria> 26750 </criteria> 26751 </criteria> 26752 </definition> 26753 <definition id="oval:org.opensuse.security:def:20110561" version="1" class="vulnerability"> 26754 <metadata> 26755 <title>CVE-2011-0561</title> 26756 <affected family="unix"> 26757 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 26758 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26759 </affected> 26760 <reference ref_id="CVE-2011-0561" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0561" source="CVE"/> 26761 <description> 26762 Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608. 26763 </description> 26764 </metadata> 26765 <criteria operator="OR"> 26766 <!-- 23decf3a05ed243b6585bc17331cc559 --> 26767 <criteria operator="AND"> 26768 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26769 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 26770 </criteria> 26771 <!-- 31c376bef60807a50971c9b177591197 --> 26772 <criteria operator="AND"> 26773 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26774 <criterion test_ref="oval:org.opensuse.security:tst:2009065786" comment="flash-player less than 10.2.152.26-0.5.1"/> 26775 </criteria> 26776 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 26777 <criteria operator="AND"> 26778 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26779 <criteria operator="OR"> 26780 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 26781 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 26782 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 26783 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 26784 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 26785 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 26786 </criteria> 26787 </criteria> 26788 </criteria> 26789 </definition> 26790 <definition id="oval:org.opensuse.security:def:20110562" version="1" class="vulnerability"> 26791 <metadata> 26792 <title>CVE-2011-0562</title> 26793 <affected family="unix"> 26794 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26795 </affected> 26796 <reference ref_id="CVE-2011-0562" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0562" source="CVE"/> 26797 <description> 26798 Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0570 and CVE-2011-0588. 26799 </description> 26800 </metadata> 26801 <criteria operator="OR"> 26802 <!-- 23decf3a05ed243b6585bc17331cc559 --> 26803 <criteria operator="AND"> 26804 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26805 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 26806 </criteria> 26807 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 26808 <criteria operator="AND"> 26809 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26810 <criteria operator="OR"> 26811 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 26812 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 26813 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 26814 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 26815 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 26816 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 26817 </criteria> 26818 </criteria> 26819 </criteria> 26820 </definition> 26821 <definition id="oval:org.opensuse.security:def:20110563" version="1" class="vulnerability"> 26822 <metadata> 26823 <title>CVE-2011-0563</title> 26824 <affected family="unix"> 26825 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26826 </affected> 26827 <reference ref_id="CVE-2011-0563" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0563" source="CVE"/> 26828 <description> 26829 Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0589 and CVE-2011-0606. 26830 </description> 26831 </metadata> 26832 <criteria operator="OR"> 26833 <!-- 23decf3a05ed243b6585bc17331cc559 --> 26834 <criteria operator="AND"> 26835 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26836 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 26837 </criteria> 26838 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 26839 <criteria operator="AND"> 26840 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26841 <criteria operator="OR"> 26842 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 26843 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 26844 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 26845 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 26846 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 26847 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 26848 </criteria> 26849 </criteria> 26850 </criteria> 26851 </definition> 26852 <definition id="oval:org.opensuse.security:def:20110565" version="1" class="vulnerability"> 26853 <metadata> 26854 <title>CVE-2011-0565</title> 26855 <affected family="unix"> 26856 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26857 </affected> 26858 <reference ref_id="CVE-2011-0565" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0565" source="CVE"/> 26859 <description> 26860 Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0585. 26861 </description> 26862 </metadata> 26863 <criteria operator="OR"> 26864 <!-- 23decf3a05ed243b6585bc17331cc559 --> 26865 <criteria operator="AND"> 26866 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26867 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 26868 </criteria> 26869 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 26870 <criteria operator="AND"> 26871 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26872 <criteria operator="OR"> 26873 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 26874 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 26875 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 26876 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 26877 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 26878 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 26879 </criteria> 26880 </criteria> 26881 </criteria> 26882 </definition> 26883 <definition id="oval:org.opensuse.security:def:20110566" version="1" class="vulnerability"> 26884 <metadata> 26885 <title>CVE-2011-0566</title> 26886 <affected family="unix"> 26887 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26888 </affected> 26889 <reference ref_id="CVE-2011-0566" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0566" source="CVE"/> 26890 <description> 26891 Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0567 and CVE-2011-0603. 26892 </description> 26893 </metadata> 26894 <criteria operator="OR"> 26895 <!-- 23decf3a05ed243b6585bc17331cc559 --> 26896 <criteria operator="AND"> 26897 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26898 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 26899 </criteria> 26900 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 26901 <criteria operator="AND"> 26902 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26903 <criteria operator="OR"> 26904 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 26905 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 26906 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 26907 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 26908 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 26909 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 26910 </criteria> 26911 </criteria> 26912 </criteria> 26913 </definition> 26914 <definition id="oval:org.opensuse.security:def:20110567" version="1" class="vulnerability"> 26915 <metadata> 26916 <title>CVE-2011-0567</title> 26917 <affected family="unix"> 26918 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26919 </affected> 26920 <reference ref_id="CVE-2011-0567" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0567" source="CVE"/> 26921 <description> 26922 AcroRd32.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image that triggers an incorrect pointer calculation, leading to heap memory corruption, a different vulnerability than CVE-2011-0566 and CVE-2011-0603. 26923 </description> 26924 </metadata> 26925 <criteria operator="OR"> 26926 <!-- 23decf3a05ed243b6585bc17331cc559 --> 26927 <criteria operator="AND"> 26928 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26929 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 26930 </criteria> 26931 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 26932 <criteria operator="AND"> 26933 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26934 <criteria operator="OR"> 26935 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 26936 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 26937 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 26938 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 26939 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 26940 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 26941 </criteria> 26942 </criteria> 26943 </criteria> 26944 </definition> 26945 <definition id="oval:org.opensuse.security:def:20110570" version="1" class="vulnerability"> 26946 <metadata> 26947 <title>CVE-2011-0570</title> 26948 <affected family="unix"> 26949 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26950 </affected> 26951 <reference ref_id="CVE-2011-0570" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0570" source="CVE"/> 26952 <description> 26953 Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0562 and CVE-2011-0588. 26954 </description> 26955 </metadata> 26956 <criteria operator="OR"> 26957 <!-- 23decf3a05ed243b6585bc17331cc559 --> 26958 <criteria operator="AND"> 26959 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26960 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 26961 </criteria> 26962 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 26963 <criteria operator="AND"> 26964 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26965 <criteria operator="OR"> 26966 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 26967 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 26968 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 26969 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 26970 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 26971 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 26972 </criteria> 26973 </criteria> 26974 </criteria> 26975 </definition> 26976 <definition id="oval:org.opensuse.security:def:20110571" version="1" class="vulnerability"> 26977 <metadata> 26978 <title>CVE-2011-0571</title> 26979 <affected family="unix"> 26980 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 26981 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 26982 </affected> 26983 <reference ref_id="CVE-2011-0571" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0571" source="CVE"/> 26984 <description> 26985 Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608. 26986 </description> 26987 </metadata> 26988 <criteria operator="OR"> 26989 <!-- 23decf3a05ed243b6585bc17331cc559 --> 26990 <criteria operator="AND"> 26991 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26992 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 26993 </criteria> 26994 <!-- 31c376bef60807a50971c9b177591197 --> 26995 <criteria operator="AND"> 26996 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 26997 <criterion test_ref="oval:org.opensuse.security:tst:2009065786" comment="flash-player less than 10.2.152.26-0.5.1"/> 26998 </criteria> 26999 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27000 <criteria operator="AND"> 27001 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27002 <criteria operator="OR"> 27003 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27004 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27005 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27006 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27007 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27008 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27009 </criteria> 27010 </criteria> 27011 </criteria> 27012 </definition> 27013 <definition id="oval:org.opensuse.security:def:20110572" version="1" class="vulnerability"> 27014 <metadata> 27015 <title>CVE-2011-0572</title> 27016 <affected family="unix"> 27017 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 27018 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27019 </affected> 27020 <reference ref_id="CVE-2011-0572" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0572" source="CVE"/> 27021 <description> 27022 Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608. 27023 </description> 27024 </metadata> 27025 <criteria operator="OR"> 27026 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27027 <criteria operator="AND"> 27028 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27029 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27030 </criteria> 27031 <!-- 31c376bef60807a50971c9b177591197 --> 27032 <criteria operator="AND"> 27033 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27034 <criterion test_ref="oval:org.opensuse.security:tst:2009065786" comment="flash-player less than 10.2.152.26-0.5.1"/> 27035 </criteria> 27036 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27037 <criteria operator="AND"> 27038 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27039 <criteria operator="OR"> 27040 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27041 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27042 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27043 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27044 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27045 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27046 </criteria> 27047 </criteria> 27048 </criteria> 27049 </definition> 27050 <definition id="oval:org.opensuse.security:def:20110573" version="1" class="vulnerability"> 27051 <metadata> 27052 <title>CVE-2011-0573</title> 27053 <affected family="unix"> 27054 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 27055 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27056 </affected> 27057 <reference ref_id="CVE-2011-0573" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0573" source="CVE"/> 27058 <description> 27059 Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608. 27060 </description> 27061 </metadata> 27062 <criteria operator="OR"> 27063 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27064 <criteria operator="AND"> 27065 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27066 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27067 </criteria> 27068 <!-- 31c376bef60807a50971c9b177591197 --> 27069 <criteria operator="AND"> 27070 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27071 <criterion test_ref="oval:org.opensuse.security:tst:2009065786" comment="flash-player less than 10.2.152.26-0.5.1"/> 27072 </criteria> 27073 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27074 <criteria operator="AND"> 27075 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27076 <criteria operator="OR"> 27077 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27078 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27079 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27080 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27081 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27082 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27083 </criteria> 27084 </criteria> 27085 </criteria> 27086 </definition> 27087 <definition id="oval:org.opensuse.security:def:20110574" version="1" class="vulnerability"> 27088 <metadata> 27089 <title>CVE-2011-0574</title> 27090 <affected family="unix"> 27091 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 27092 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27093 </affected> 27094 <reference ref_id="CVE-2011-0574" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0574" source="CVE"/> 27095 <description> 27096 Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608. 27097 </description> 27098 </metadata> 27099 <criteria operator="OR"> 27100 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27101 <criteria operator="AND"> 27102 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27103 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27104 </criteria> 27105 <!-- 31c376bef60807a50971c9b177591197 --> 27106 <criteria operator="AND"> 27107 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27108 <criterion test_ref="oval:org.opensuse.security:tst:2009065786" comment="flash-player less than 10.2.152.26-0.5.1"/> 27109 </criteria> 27110 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27111 <criteria operator="AND"> 27112 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27113 <criteria operator="OR"> 27114 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27115 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27116 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27117 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27118 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27119 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27120 </criteria> 27121 </criteria> 27122 </criteria> 27123 </definition> 27124 <definition id="oval:org.opensuse.security:def:20110575" version="1" class="vulnerability"> 27125 <metadata> 27126 <title>CVE-2011-0575</title> 27127 <affected family="unix"> 27128 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 27129 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27130 </affected> 27131 <reference ref_id="CVE-2011-0575" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0575" source="CVE"/> 27132 <description> 27133 Untrusted search path vulnerability in Adobe Flash Player before 10.2.152.26 allows local users to gain privileges via a Trojan horse DLL in the current working directory. 27134 </description> 27135 </metadata> 27136 <criteria operator="OR"> 27137 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27138 <criteria operator="AND"> 27139 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27140 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27141 </criteria> 27142 <!-- 31c376bef60807a50971c9b177591197 --> 27143 <criteria operator="AND"> 27144 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27145 <criterion test_ref="oval:org.opensuse.security:tst:2009065786" comment="flash-player less than 10.2.152.26-0.5.1"/> 27146 </criteria> 27147 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27148 <criteria operator="AND"> 27149 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27150 <criteria operator="OR"> 27151 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27152 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27153 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27154 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27155 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27156 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27157 </criteria> 27158 </criteria> 27159 </criteria> 27160 </definition> 27161 <definition id="oval:org.opensuse.security:def:20110577" version="1" class="vulnerability"> 27162 <metadata> 27163 <title>CVE-2011-0577</title> 27164 <affected family="unix"> 27165 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 27166 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27167 </affected> 27168 <reference ref_id="CVE-2011-0577" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0577" source="CVE"/> 27169 <description> 27170 Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 allows remote attackers to execute arbitrary code via a crafted font. 27171 </description> 27172 </metadata> 27173 <criteria operator="OR"> 27174 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27175 <criteria operator="AND"> 27176 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27177 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27178 </criteria> 27179 <!-- 31c376bef60807a50971c9b177591197 --> 27180 <criteria operator="AND"> 27181 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27182 <criterion test_ref="oval:org.opensuse.security:tst:2009065786" comment="flash-player less than 10.2.152.26-0.5.1"/> 27183 </criteria> 27184 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27185 <criteria operator="AND"> 27186 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27187 <criteria operator="OR"> 27188 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27189 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27190 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27191 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27192 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27193 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27194 </criteria> 27195 </criteria> 27196 </criteria> 27197 </definition> 27198 <definition id="oval:org.opensuse.security:def:20110578" version="1" class="vulnerability"> 27199 <metadata> 27200 <title>CVE-2011-0578</title> 27201 <affected family="unix"> 27202 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 27203 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27204 </affected> 27205 <reference ref_id="CVE-2011-0578" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0578" source="CVE"/> 27206 <description> 27207 Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a constructor for an unspecified ActionScript3 object and improper type checking, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0607, and CVE-2011-0608. 27208 </description> 27209 </metadata> 27210 <criteria operator="OR"> 27211 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27212 <criteria operator="AND"> 27213 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27214 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27215 </criteria> 27216 <!-- 31c376bef60807a50971c9b177591197 --> 27217 <criteria operator="AND"> 27218 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27219 <criterion test_ref="oval:org.opensuse.security:tst:2009065786" comment="flash-player less than 10.2.152.26-0.5.1"/> 27220 </criteria> 27221 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27222 <criteria operator="AND"> 27223 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27224 <criteria operator="OR"> 27225 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27226 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27227 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27228 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27229 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27230 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27231 </criteria> 27232 </criteria> 27233 </criteria> 27234 </definition> 27235 <definition id="oval:org.opensuse.security:def:20110585" version="1" class="vulnerability"> 27236 <metadata> 27237 <title>CVE-2011-0585</title> 27238 <affected family="unix"> 27239 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27240 </affected> 27241 <reference ref_id="CVE-2011-0585" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0585" source="CVE"/> 27242 <description> 27243 Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0565. 27244 </description> 27245 </metadata> 27246 <criteria operator="OR"> 27247 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27248 <criteria operator="AND"> 27249 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27250 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27251 </criteria> 27252 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27253 <criteria operator="AND"> 27254 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27255 <criteria operator="OR"> 27256 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27257 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27258 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27259 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27260 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27261 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27262 </criteria> 27263 </criteria> 27264 </criteria> 27265 </definition> 27266 <definition id="oval:org.opensuse.security:def:20110586" version="1" class="vulnerability"> 27267 <metadata> 27268 <title>CVE-2011-0586</title> 27269 <affected family="unix"> 27270 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27271 </affected> 27272 <reference ref_id="CVE-2011-0586" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0586" source="CVE"/> 27273 <description> 27274 Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X do not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors. 27275 </description> 27276 </metadata> 27277 <criteria operator="OR"> 27278 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27279 <criteria operator="AND"> 27280 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27281 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27282 </criteria> 27283 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27284 <criteria operator="AND"> 27285 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27286 <criteria operator="OR"> 27287 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27288 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27289 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27290 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27291 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27292 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27293 </criteria> 27294 </criteria> 27295 </criteria> 27296 </definition> 27297 <definition id="oval:org.opensuse.security:def:20110587" version="1" class="vulnerability"> 27298 <metadata> 27299 <title>CVE-2011-0587</title> 27300 <affected family="unix"> 27301 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27302 </affected> 27303 <reference ref_id="CVE-2011-0587" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0587" source="CVE"/> 27304 <description> 27305 Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0604. 27306 </description> 27307 </metadata> 27308 <criteria operator="OR"> 27309 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27310 <criteria operator="AND"> 27311 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27312 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27313 </criteria> 27314 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27315 <criteria operator="AND"> 27316 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27317 <criteria operator="OR"> 27318 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27319 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27320 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27321 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27322 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27323 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27324 </criteria> 27325 </criteria> 27326 </criteria> 27327 </definition> 27328 <definition id="oval:org.opensuse.security:def:20110588" version="1" class="vulnerability"> 27329 <metadata> 27330 <title>CVE-2011-0588</title> 27331 <affected family="unix"> 27332 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27333 </affected> 27334 <reference ref_id="CVE-2011-0588" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0588" source="CVE"/> 27335 <description> 27336 Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0562 and CVE-2011-0570. 27337 </description> 27338 </metadata> 27339 <criteria operator="OR"> 27340 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27341 <criteria operator="AND"> 27342 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27343 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27344 </criteria> 27345 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27346 <criteria operator="AND"> 27347 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27348 <criteria operator="OR"> 27349 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27350 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27351 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27352 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27353 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27354 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27355 </criteria> 27356 </criteria> 27357 </criteria> 27358 </definition> 27359 <definition id="oval:org.opensuse.security:def:20110589" version="1" class="vulnerability"> 27360 <metadata> 27361 <title>CVE-2011-0589</title> 27362 <affected family="unix"> 27363 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27364 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 27365 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 27366 </affected> 27367 <reference ref_id="CVE-2011-0589" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0589" source="CVE"/> 27368 <description> 27369 Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0563 and CVE-2011-0606. 27370 </description> 27371 </metadata> 27372 <criteria operator="OR"> 27373 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27374 <criteria operator="AND"> 27375 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27376 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27377 </criteria> 27378 <!-- 9c4e6f8f60161b73ef86d4ce0079ed69 --> 27379 <criteria operator="AND"> 27380 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 27381 <criterion test_ref="oval:org.opensuse.security:tst:2009068509" comment="flash-player less than 10.3.181.14-0.5.1"/> 27382 </criteria> 27383 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27384 <criteria operator="AND"> 27385 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27386 <criteria operator="OR"> 27387 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27388 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27389 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27390 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27391 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27392 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27393 </criteria> 27394 </criteria> 27395 </criteria> 27396 </definition> 27397 <definition id="oval:org.opensuse.security:def:20110590" version="1" class="vulnerability"> 27398 <metadata> 27399 <title>CVE-2011-0590</title> 27400 <affected family="unix"> 27401 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27402 </affected> 27403 <reference ref_id="CVE-2011-0590" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0590" source="CVE"/> 27404 <description> 27405 Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file, a different vulnerability than CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600. 27406 </description> 27407 </metadata> 27408 <criteria operator="OR"> 27409 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27410 <criteria operator="AND"> 27411 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27412 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27413 </criteria> 27414 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27415 <criteria operator="AND"> 27416 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27417 <criteria operator="OR"> 27418 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27419 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27420 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27421 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27422 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27423 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27424 </criteria> 27425 </criteria> 27426 </criteria> 27427 </definition> 27428 <definition id="oval:org.opensuse.security:def:20110591" version="1" class="vulnerability"> 27429 <metadata> 27430 <title>CVE-2011-0591</title> 27431 <affected family="unix"> 27432 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27433 </affected> 27434 <reference ref_id="CVE-2011-0591" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0591" source="CVE"/> 27435 <description> 27436 Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to Texture and rgba, a different vulnerability than CVE-2011-0590, CVE-2011-0592, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600. 27437 </description> 27438 </metadata> 27439 <criteria operator="OR"> 27440 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27441 <criteria operator="AND"> 27442 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27443 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27444 </criteria> 27445 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27446 <criteria operator="AND"> 27447 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27448 <criteria operator="OR"> 27449 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27450 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27451 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27452 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27453 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27454 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27455 </criteria> 27456 </criteria> 27457 </criteria> 27458 </definition> 27459 <definition id="oval:org.opensuse.security:def:20110592" version="1" class="vulnerability"> 27460 <metadata> 27461 <title>CVE-2011-0592</title> 27462 <affected family="unix"> 27463 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27464 </affected> 27465 <reference ref_id="CVE-2011-0592" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0592" source="CVE"/> 27466 <description> 27467 Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to "Texture bmp," a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600. 27468 </description> 27469 </metadata> 27470 <criteria operator="OR"> 27471 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27472 <criteria operator="AND"> 27473 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27474 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27475 </criteria> 27476 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27477 <criteria operator="AND"> 27478 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27479 <criteria operator="OR"> 27480 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27481 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27482 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27483 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27484 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27485 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27486 </criteria> 27487 </criteria> 27488 </criteria> 27489 </definition> 27490 <definition id="oval:org.opensuse.security:def:20110593" version="1" class="vulnerability"> 27491 <metadata> 27492 <title>CVE-2011-0593</title> 27493 <affected family="unix"> 27494 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27495 </affected> 27496 <reference ref_id="CVE-2011-0593" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0593" source="CVE"/> 27497 <description> 27498 Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0595, and CVE-2011-0600. 27499 </description> 27500 </metadata> 27501 <criteria operator="OR"> 27502 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27503 <criteria operator="AND"> 27504 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27505 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27506 </criteria> 27507 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27508 <criteria operator="AND"> 27509 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27510 <criteria operator="OR"> 27511 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27512 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27513 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27514 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27515 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27516 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27517 </criteria> 27518 </criteria> 27519 </criteria> 27520 </definition> 27521 <definition id="oval:org.opensuse.security:def:20110594" version="1" class="vulnerability"> 27522 <metadata> 27523 <title>CVE-2011-0594</title> 27524 <affected family="unix"> 27525 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27526 </affected> 27527 <reference ref_id="CVE-2011-0594" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0594" source="CVE"/> 27528 <description> 27529 Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font. 27530 </description> 27531 </metadata> 27532 <criteria operator="OR"> 27533 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27534 <criteria operator="AND"> 27535 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27536 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27537 </criteria> 27538 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27539 <criteria operator="AND"> 27540 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27541 <criteria operator="OR"> 27542 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27543 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27544 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27545 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27546 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27547 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27548 </criteria> 27549 </criteria> 27550 </criteria> 27551 </definition> 27552 <definition id="oval:org.opensuse.security:def:20110595" version="1" class="vulnerability"> 27553 <metadata> 27554 <title>CVE-2011-0595</title> 27555 <affected family="unix"> 27556 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27557 </affected> 27558 <reference ref_id="CVE-2011-0595" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0595" source="CVE"/> 27559 <description> 27560 Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600. 27561 </description> 27562 </metadata> 27563 <criteria operator="OR"> 27564 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27565 <criteria operator="AND"> 27566 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27567 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27568 </criteria> 27569 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27570 <criteria operator="AND"> 27571 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27572 <criteria operator="OR"> 27573 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27574 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27575 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27576 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27577 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27578 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27579 </criteria> 27580 </criteria> 27581 </criteria> 27582 </definition> 27583 <definition id="oval:org.opensuse.security:def:20110596" version="1" class="vulnerability"> 27584 <metadata> 27585 <title>CVE-2011-0596</title> 27586 <affected family="unix"> 27587 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27588 </affected> 27589 <reference ref_id="CVE-2011-0596" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0596" source="CVE"/> 27590 <description> 27591 The Bitmap parsing component in 2d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via an image with crafted (1) height and (2) width values for an RLE_8 compressed bitmap, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-0598, CVE-2011-0599, and CVE-2011-0602. 27592 </description> 27593 </metadata> 27594 <criteria operator="OR"> 27595 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27596 <criteria operator="AND"> 27597 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27598 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27599 </criteria> 27600 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27601 <criteria operator="AND"> 27602 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27603 <criteria operator="OR"> 27604 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27605 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27606 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27607 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27608 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27609 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27610 </criteria> 27611 </criteria> 27612 </criteria> 27613 </definition> 27614 <definition id="oval:org.opensuse.security:def:20110598" version="1" class="vulnerability"> 27615 <metadata> 27616 <title>CVE-2011-0598</title> 27617 <affected family="unix"> 27618 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27619 </affected> 27620 <reference ref_id="CVE-2011-0598" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0598" source="CVE"/> 27621 <description> 27622 Integer overflow in ACE.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code via crafted ICC data, a different vulnerability than CVE-2011-0596, CVE-2011-0599, and CVE-2011-0602. 27623 </description> 27624 </metadata> 27625 <criteria operator="OR"> 27626 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27627 <criteria operator="AND"> 27628 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27629 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27630 </criteria> 27631 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27632 <criteria operator="AND"> 27633 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27634 <criteria operator="OR"> 27635 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27636 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27637 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27638 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27639 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27640 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27641 </criteria> 27642 </criteria> 27643 </criteria> 27644 </definition> 27645 <definition id="oval:org.opensuse.security:def:20110599" version="1" class="vulnerability"> 27646 <metadata> 27647 <title>CVE-2011-0599</title> 27648 <affected family="unix"> 27649 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27650 </affected> 27651 <reference ref_id="CVE-2011-0599" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0599" source="CVE"/> 27652 <description> 27653 The Bitmap parsing component in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted image that causes an invalid pointer calculation related to 4/8-bit RLE compression, a different vulnerability than CVE-2011-0596, CVE-2011-0598, and CVE-2011-0602. 27654 </description> 27655 </metadata> 27656 <criteria operator="OR"> 27657 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27658 <criteria operator="AND"> 27659 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27660 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27661 </criteria> 27662 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27663 <criteria operator="AND"> 27664 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27665 <criteria operator="OR"> 27666 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27667 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27668 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27669 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27670 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27671 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27672 </criteria> 27673 </criteria> 27674 </criteria> 27675 </definition> 27676 <definition id="oval:org.opensuse.security:def:20110600" version="1" class="vulnerability"> 27677 <metadata> 27678 <title>CVE-2011-0600</title> 27679 <affected family="unix"> 27680 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27681 </affected> 27682 <reference ref_id="CVE-2011-0600" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0600" source="CVE"/> 27683 <description> 27684 The U3D component in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file with an invalid Parent Node count that triggers an incorrect size calculation and memory corruption, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0595. 27685 </description> 27686 </metadata> 27687 <criteria operator="OR"> 27688 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27689 <criteria operator="AND"> 27690 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27691 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27692 </criteria> 27693 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27694 <criteria operator="AND"> 27695 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27696 <criteria operator="OR"> 27697 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27698 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27699 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27700 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27701 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27702 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27703 </criteria> 27704 </criteria> 27705 </criteria> 27706 </definition> 27707 <definition id="oval:org.opensuse.security:def:20110602" version="1" class="vulnerability"> 27708 <metadata> 27709 <title>CVE-2011-0602</title> 27710 <affected family="unix"> 27711 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27712 </affected> 27713 <reference ref_id="CVE-2011-0602" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0602" source="CVE"/> 27714 <description> 27715 Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via crafted JP2K record types in a JPEG2000 image in a PDF file, which causes heap corruption, a different vulnerability than CVE-2011-0596, CVE-2011-0598, and CVE-2011-0599. 27716 </description> 27717 </metadata> 27718 <criteria operator="OR"> 27719 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27720 <criteria operator="AND"> 27721 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27722 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27723 </criteria> 27724 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27725 <criteria operator="AND"> 27726 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27727 <criteria operator="OR"> 27728 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27729 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27730 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27731 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27732 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27733 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27734 </criteria> 27735 </criteria> 27736 </criteria> 27737 </definition> 27738 <definition id="oval:org.opensuse.security:def:20110603" version="1" class="vulnerability"> 27739 <metadata> 27740 <title>CVE-2011-0603</title> 27741 <affected family="unix"> 27742 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27743 </affected> 27744 <reference ref_id="CVE-2011-0603" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0603" source="CVE"/> 27745 <description> 27746 Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0566 and CVE-2011-0567. 27747 </description> 27748 </metadata> 27749 <criteria operator="OR"> 27750 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27751 <criteria operator="AND"> 27752 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27753 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27754 </criteria> 27755 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27756 <criteria operator="AND"> 27757 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27758 <criteria operator="OR"> 27759 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27760 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27761 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27762 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27763 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27764 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27765 </criteria> 27766 </criteria> 27767 </criteria> 27768 </definition> 27769 <definition id="oval:org.opensuse.security:def:20110604" version="1" class="vulnerability"> 27770 <metadata> 27771 <title>CVE-2011-0604</title> 27772 <affected family="unix"> 27773 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27774 </affected> 27775 <reference ref_id="CVE-2011-0604" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0604" source="CVE"/> 27776 <description> 27777 Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0587. 27778 </description> 27779 </metadata> 27780 <criteria operator="OR"> 27781 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27782 <criteria operator="AND"> 27783 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27784 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27785 </criteria> 27786 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27787 <criteria operator="AND"> 27788 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27789 <criteria operator="OR"> 27790 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27791 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27792 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27793 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27794 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27795 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27796 </criteria> 27797 </criteria> 27798 </criteria> 27799 </definition> 27800 <definition id="oval:org.opensuse.security:def:20110606" version="1" class="vulnerability"> 27801 <metadata> 27802 <title>CVE-2011-0606</title> 27803 <affected family="unix"> 27804 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27805 </affected> 27806 <reference ref_id="CVE-2011-0606" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0606" source="CVE"/> 27807 <description> 27808 Stack-based buffer overflow in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a crafted length value, a different vulnerability than CVE-2011-0563 and CVE-2011-0589. 27809 </description> 27810 </metadata> 27811 <criteria operator="OR"> 27812 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27813 <criteria operator="AND"> 27814 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27815 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27816 </criteria> 27817 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27818 <criteria operator="AND"> 27819 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27820 <criteria operator="OR"> 27821 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27822 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27823 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27824 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27825 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27826 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27827 </criteria> 27828 </criteria> 27829 </criteria> 27830 </definition> 27831 <definition id="oval:org.opensuse.security:def:20110607" version="1" class="vulnerability"> 27832 <metadata> 27833 <title>CVE-2011-0607</title> 27834 <affected family="unix"> 27835 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 27836 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27837 </affected> 27838 <reference ref_id="CVE-2011-0607" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0607" source="CVE"/> 27839 <description> 27840 Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0608. 27841 </description> 27842 </metadata> 27843 <criteria operator="OR"> 27844 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27845 <criteria operator="AND"> 27846 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27847 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27848 </criteria> 27849 <!-- 31c376bef60807a50971c9b177591197 --> 27850 <criteria operator="AND"> 27851 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27852 <criterion test_ref="oval:org.opensuse.security:tst:2009065786" comment="flash-player less than 10.2.152.26-0.5.1"/> 27853 </criteria> 27854 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27855 <criteria operator="AND"> 27856 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27857 <criteria operator="OR"> 27858 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27859 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27860 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27861 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27862 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27863 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27864 </criteria> 27865 </criteria> 27866 </criteria> 27867 </definition> 27868 <definition id="oval:org.opensuse.security:def:20110608" version="1" class="vulnerability"> 27869 <metadata> 27870 <title>CVE-2011-0608</title> 27871 <affected family="unix"> 27872 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 27873 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27874 </affected> 27875 <reference ref_id="CVE-2011-0608" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0608" source="CVE"/> 27876 <description> 27877 Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0607. 27878 </description> 27879 </metadata> 27880 <criteria operator="OR"> 27881 <!-- 23decf3a05ed243b6585bc17331cc559 --> 27882 <criteria operator="AND"> 27883 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27884 <criterion test_ref="oval:org.opensuse.security:tst:2009065978" comment="acroread_ja less than 9.4.2-0.5.1"/> 27885 </criteria> 27886 <!-- 31c376bef60807a50971c9b177591197 --> 27887 <criteria operator="AND"> 27888 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27889 <criterion test_ref="oval:org.opensuse.security:tst:2009065786" comment="flash-player less than 10.2.152.26-0.5.1"/> 27890 </criteria> 27891 <!-- d5cdf4b3afe8a6261b2594d4a3af2726 --> 27892 <criteria operator="AND"> 27893 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27894 <criteria operator="OR"> 27895 <criterion test_ref="oval:org.opensuse.security:tst:2009065980" comment="acroread-cmaps less than 9.4.2-0.5.1"/> 27896 <criterion test_ref="oval:org.opensuse.security:tst:2009065981" comment="acroread-fonts-ja less than 9.4.2-0.5.1"/> 27897 <criterion test_ref="oval:org.opensuse.security:tst:2009065982" comment="acroread-fonts-ko less than 9.4.2-0.5.1"/> 27898 <criterion test_ref="oval:org.opensuse.security:tst:2009065983" comment="acroread-fonts-zh_CN less than 9.4.2-0.5.1"/> 27899 <criterion test_ref="oval:org.opensuse.security:tst:2009065984" comment="acroread-fonts-zh_TW less than 9.4.2-0.5.1"/> 27900 <criterion test_ref="oval:org.opensuse.security:tst:2009065985" comment="acroread less than 9.4.2-0.5.1"/> 27901 </criteria> 27902 </criteria> 27903 </criteria> 27904 </definition> 27905 <definition id="oval:org.opensuse.security:def:20110609" version="1" class="vulnerability"> 27906 <metadata> 27907 <title>CVE-2011-0609</title> 27908 <affected family="unix"> 27909 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 27910 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 27911 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 27912 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 27913 </affected> 27914 <reference ref_id="CVE-2011-0609" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0609" source="CVE"/> 27915 <description> 27916 Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011. 27917 </description> 27918 </metadata> 27919 <criteria operator="OR"> 27920 <!-- 0d12d1af5b22f6c7ff1a582c3ba5c93d --> 27921 <criteria operator="AND"> 27922 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 27923 <criterion test_ref="oval:org.opensuse.security:tst:2009066552" comment="flash-player less than 10.2.153.1-0.5.1"/> 27924 </criteria> 27925 <!-- 1c2002181c56b920799776852418ab6f --> 27926 <criteria operator="AND"> 27927 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 27928 <criterion test_ref="oval:org.opensuse.security:tst:2009066552" comment="flash-player less than 10.2.153.1-0.5.1"/> 27929 </criteria> 27930 </criteria> 27931 </definition> 27932 <definition id="oval:org.opensuse.security:def:20110611" version="1" class="vulnerability"> 27933 <metadata> 27934 <title>CVE-2011-0611</title> 27935 <affected family="unix"> 27936 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 27937 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 27938 </affected> 27939 <reference ref_id="CVE-2011-0611" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611" source="CVE"/> 27940 <description> 27941 Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a "group of included constants," object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011. 27942 </description> 27943 </metadata> 27944 <!-- dd116ebefb3b914ec14a47112e5d3803 --> 27945 <criteria operator="AND"> 27946 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 27947 <criterion test_ref="oval:org.opensuse.security:tst:2009067759" comment="flash-player less than 10.2.159.1-0.5.1"/> 27948 </criteria> 27949 </definition> 27950 <definition id="oval:org.opensuse.security:def:20110618" version="1" class="vulnerability"> 27951 <metadata> 27952 <title>CVE-2011-0618</title> 27953 <affected family="unix"> 27954 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 27955 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 27956 </affected> 27957 <reference ref_id="CVE-2011-0618" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0618" source="CVE"/> 27958 <description> 27959 Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors. 27960 </description> 27961 </metadata> 27962 <!-- 9c4e6f8f60161b73ef86d4ce0079ed69 --> 27963 <criteria operator="AND"> 27964 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 27965 <criterion test_ref="oval:org.opensuse.security:tst:2009068509" comment="flash-player less than 10.3.181.14-0.5.1"/> 27966 </criteria> 27967 </definition> 27968 <definition id="oval:org.opensuse.security:def:20110619" version="1" class="vulnerability"> 27969 <metadata> 27970 <title>CVE-2011-0619</title> 27971 <affected family="unix"> 27972 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 27973 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 27974 </affected> 27975 <reference ref_id="CVE-2011-0619" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0619" source="CVE"/> 27976 <description> 27977 Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0620, CVE-2011-0621, and CVE-2011-0622. 27978 </description> 27979 </metadata> 27980 <!-- 9c4e6f8f60161b73ef86d4ce0079ed69 --> 27981 <criteria operator="AND"> 27982 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 27983 <criterion test_ref="oval:org.opensuse.security:tst:2009068509" comment="flash-player less than 10.3.181.14-0.5.1"/> 27984 </criteria> 27985 </definition> 27986 <definition id="oval:org.opensuse.security:def:20110620" version="1" class="vulnerability"> 27987 <metadata> 27988 <title>CVE-2011-0620</title> 27989 <affected family="unix"> 27990 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 27991 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 27992 </affected> 27993 <reference ref_id="CVE-2011-0620" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0620" source="CVE"/> 27994 <description> 27995 Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0619, CVE-2011-0621, and CVE-2011-0622. 27996 </description> 27997 </metadata> 27998 <!-- 9c4e6f8f60161b73ef86d4ce0079ed69 --> 27999 <criteria operator="AND"> 28000 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28001 <criterion test_ref="oval:org.opensuse.security:tst:2009068509" comment="flash-player less than 10.3.181.14-0.5.1"/> 28002 </criteria> 28003 </definition> 28004 <definition id="oval:org.opensuse.security:def:20110621" version="1" class="vulnerability"> 28005 <metadata> 28006 <title>CVE-2011-0621</title> 28007 <affected family="unix"> 28008 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28009 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28010 </affected> 28011 <reference ref_id="CVE-2011-0621" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0621" source="CVE"/> 28012 <description> 28013 Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0619, CVE-2011-0620, and CVE-2011-0622. 28014 </description> 28015 </metadata> 28016 <!-- 9c4e6f8f60161b73ef86d4ce0079ed69 --> 28017 <criteria operator="AND"> 28018 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28019 <criterion test_ref="oval:org.opensuse.security:tst:2009068509" comment="flash-player less than 10.3.181.14-0.5.1"/> 28020 </criteria> 28021 </definition> 28022 <definition id="oval:org.opensuse.security:def:20110622" version="1" class="vulnerability"> 28023 <metadata> 28024 <title>CVE-2011-0622</title> 28025 <affected family="unix"> 28026 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28027 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28028 </affected> 28029 <reference ref_id="CVE-2011-0622" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0622" source="CVE"/> 28030 <description> 28031 Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0619, CVE-2011-0620, and CVE-2011-0621. 28032 </description> 28033 </metadata> 28034 <!-- 9c4e6f8f60161b73ef86d4ce0079ed69 --> 28035 <criteria operator="AND"> 28036 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28037 <criterion test_ref="oval:org.opensuse.security:tst:2009068509" comment="flash-player less than 10.3.181.14-0.5.1"/> 28038 </criteria> 28039 </definition> 28040 <definition id="oval:org.opensuse.security:def:20110623" version="1" class="vulnerability"> 28041 <metadata> 28042 <title>CVE-2011-0623</title> 28043 <affected family="unix"> 28044 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28045 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28046 </affected> 28047 <reference ref_id="CVE-2011-0623" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0623" source="CVE"/> 28048 <description> 28049 Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors, related to a "bounds checking" issue, a different vulnerability than CVE-2011-0624, CVE-2011-0625, and CVE-2011-0626. 28050 </description> 28051 </metadata> 28052 <!-- 9c4e6f8f60161b73ef86d4ce0079ed69 --> 28053 <criteria operator="AND"> 28054 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28055 <criterion test_ref="oval:org.opensuse.security:tst:2009068509" comment="flash-player less than 10.3.181.14-0.5.1"/> 28056 </criteria> 28057 </definition> 28058 <definition id="oval:org.opensuse.security:def:20110624" version="1" class="vulnerability"> 28059 <metadata> 28060 <title>CVE-2011-0624</title> 28061 <affected family="unix"> 28062 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28063 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28064 </affected> 28065 <reference ref_id="CVE-2011-0624" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0624" source="CVE"/> 28066 <description> 28067 Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors, related to a "bounds checking" issue, a different vulnerability than CVE-2011-0623, CVE-2011-0625, and CVE-2011-0626. 28068 </description> 28069 </metadata> 28070 <!-- 9c4e6f8f60161b73ef86d4ce0079ed69 --> 28071 <criteria operator="AND"> 28072 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28073 <criterion test_ref="oval:org.opensuse.security:tst:2009068509" comment="flash-player less than 10.3.181.14-0.5.1"/> 28074 </criteria> 28075 </definition> 28076 <definition id="oval:org.opensuse.security:def:20110625" version="1" class="vulnerability"> 28077 <metadata> 28078 <title>CVE-2011-0625</title> 28079 <affected family="unix"> 28080 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28081 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28082 </affected> 28083 <reference ref_id="CVE-2011-0625" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0625" source="CVE"/> 28084 <description> 28085 Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors, related to a "bounds checking" issue, a different vulnerability than CVE-2011-0623, CVE-2011-0624, and CVE-2011-0626. 28086 </description> 28087 </metadata> 28088 <!-- 9c4e6f8f60161b73ef86d4ce0079ed69 --> 28089 <criteria operator="AND"> 28090 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28091 <criterion test_ref="oval:org.opensuse.security:tst:2009068509" comment="flash-player less than 10.3.181.14-0.5.1"/> 28092 </criteria> 28093 </definition> 28094 <definition id="oval:org.opensuse.security:def:20110626" version="1" class="vulnerability"> 28095 <metadata> 28096 <title>CVE-2011-0626</title> 28097 <affected family="unix"> 28098 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28099 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28100 </affected> 28101 <reference ref_id="CVE-2011-0626" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0626" source="CVE"/> 28102 <description> 28103 Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors, related to a "bounds checking" issue, a different vulnerability than CVE-2011-0623, CVE-2011-0624, and CVE-2011-0625. 28104 </description> 28105 </metadata> 28106 <!-- 9c4e6f8f60161b73ef86d4ce0079ed69 --> 28107 <criteria operator="AND"> 28108 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28109 <criterion test_ref="oval:org.opensuse.security:tst:2009068509" comment="flash-player less than 10.3.181.14-0.5.1"/> 28110 </criteria> 28111 </definition> 28112 <definition id="oval:org.opensuse.security:def:20110627" version="1" class="vulnerability"> 28113 <metadata> 28114 <title>CVE-2011-0627</title> 28115 <affected family="unix"> 28116 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28117 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28118 </affected> 28119 <reference ref_id="CVE-2011-0627" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0627" source="CVE"/> 28120 <description> 28121 Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content, as possibly exploited in the wild in May 2011 by a Microsoft Office document with an embedded .swf file. 28122 </description> 28123 </metadata> 28124 <!-- 9c4e6f8f60161b73ef86d4ce0079ed69 --> 28125 <criteria operator="AND"> 28126 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28127 <criterion test_ref="oval:org.opensuse.security:tst:2009068509" comment="flash-player less than 10.3.181.14-0.5.1"/> 28128 </criteria> 28129 </definition> 28130 <definition id="oval:org.opensuse.security:def:20110710" version="1" class="vulnerability"> 28131 <metadata> 28132 <title>CVE-2011-0710</title> 28133 <affected family="unix"> 28134 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 28135 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 28136 </affected> 28137 <reference ref_id="CVE-2011-0710" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0710" source="CVE"/> 28138 <description> 28139 The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel before 2.6.38-rc4-next-20110216 on the s390 platform allows local users to obtain the values of the registers of an arbitrary process by reading a status file under /proc/. 28140 </description> 28141 </metadata> 28142 <criteria operator="OR"> 28143 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 28144 <criteria operator="AND"> 28145 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 28146 <criteria operator="OR"> 28147 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 28148 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 28149 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 28150 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 28151 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 28152 </criteria> 28153 </criteria> 28154 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 28155 <criteria operator="AND"> 28156 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 28157 <criteria operator="OR"> 28158 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 28159 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 28160 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 28161 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 28162 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 28163 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 28164 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 28165 </criteria> 28166 </criteria> 28167 </criteria> 28168 </definition> 28169 <definition id="oval:org.opensuse.security:def:20110711" version="1" class="vulnerability"> 28170 <metadata> 28171 <title>CVE-2011-0711</title> 28172 <affected family="unix"> 28173 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 28174 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 28175 </affected> 28176 <reference ref_id="CVE-2011-0711" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0711" source="CVE"/> 28177 <description> 28178 The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRY_V1 ioctl call. 28179 </description> 28180 </metadata> 28181 <criteria operator="OR"> 28182 <!-- 2119b714456dc8c3d29661b68c7bee51 --> 28183 <criteria operator="AND"> 28184 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 28185 <criteria operator="OR"> 28186 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 28187 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 28188 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 28189 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 28190 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 28191 </criteria> 28192 </criteria> 28193 <!-- 4765b4a51c34eb13231f2a67011c8cfc --> 28194 <criteria operator="AND"> 28195 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 28196 <criteria operator="OR"> 28197 <criterion test_ref="oval:org.opensuse.security:tst:2009066491" comment="kernel-bigsmp less than 2.6.16.60-0.77.1"/> 28198 <criterion test_ref="oval:org.opensuse.security:tst:2009066484" comment="kernel-default less than 2.6.16.60-0.77.1"/> 28199 <criterion test_ref="oval:org.opensuse.security:tst:2009066485" comment="kernel-smp less than 2.6.16.60-0.77.1"/> 28200 <criterion test_ref="oval:org.opensuse.security:tst:2009066486" comment="kernel-source less than 2.6.16.60-0.77.1"/> 28201 <criterion test_ref="oval:org.opensuse.security:tst:2009066487" comment="kernel-syms less than 2.6.16.60-0.77.1"/> 28202 <criterion test_ref="oval:org.opensuse.security:tst:2009066488" comment="kernel-xen less than 2.6.16.60-0.77.1"/> 28203 <criterion test_ref="oval:org.opensuse.security:tst:2009066492" comment="kernel-xenpae less than 2.6.16.60-0.77.1"/> 28204 </criteria> 28205 </criteria> 28206 </criteria> 28207 </definition> 28208 <definition id="oval:org.opensuse.security:def:20110713" version="1" class="vulnerability"> 28209 <metadata> 28210 <title>CVE-2011-0713</title> 28211 <affected family="unix"> 28212 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 28213 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 28214 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28215 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28216 </affected> 28217 <reference ref_id="CVE-2011-0713" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0713" source="CVE"/> 28218 <description> 28219 Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file. 28220 </description> 28221 </metadata> 28222 <criteria operator="OR"> 28223 <!-- 6f945ca7e512591223a153602859503d --> 28224 <criteria operator="AND"> 28225 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 28226 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 28227 </criteria> 28228 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 28229 <criteria operator="AND"> 28230 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28231 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 28232 </criteria> 28233 </criteria> 28234 </definition> 28235 <definition id="oval:org.opensuse.security:def:20110715" version="1" class="vulnerability"> 28236 <metadata> 28237 <title>CVE-2011-0715</title> 28238 <affected family="unix"> 28239 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28240 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28241 </affected> 28242 <reference ref_id="CVE-2011-0715" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0715" source="CVE"/> 28243 <description> 28244 The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token. 28245 </description> 28246 </metadata> 28247 <!-- dc2a8d54fb644c1ef1dc261a23ba432e --> 28248 <criteria operator="AND"> 28249 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28250 <criteria operator="OR"> 28251 <criterion test_ref="oval:org.opensuse.security:tst:2009069076" comment="subversion-devel less than 1.3.1-1.18.1"/> 28252 <criterion test_ref="oval:org.opensuse.security:tst:2009069080" comment="subversion less than 1.3.1-1.18.1"/> 28253 </criteria> 28254 </criteria> 28255 </definition> 28256 <definition id="oval:org.opensuse.security:def:20110719" version="1" class="vulnerability"> 28257 <metadata> 28258 <title>CVE-2011-0719</title> 28259 <affected family="unix"> 28260 <platform>SUSE Linux Enterprise Desktop 10 SP3 Samba</platform> 28261 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 28262 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 28263 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28264 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28265 </affected> 28266 <reference ref_id="CVE-2011-0719" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0719" source="CVE"/> 28267 <description> 28268 Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd. 28269 </description> 28270 </metadata> 28271 <criteria operator="OR"> 28272 <!-- 6a9d4823514321163a350a4ea9d94fa4 --> 28273 <criteria operator="AND"> 28274 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28275 <criteria operator="OR"> 28276 <criterion test_ref="oval:org.opensuse.security:tst:2009068166" comment="cifs-mount less than 3.0.36-0.13.14.4"/> 28277 <criterion test_ref="oval:org.opensuse.security:tst:2009068167" comment="ldapsmb less than 1.34b-25.13.14.4"/> 28278 <criterion test_ref="oval:org.opensuse.security:tst:2009068168" comment="libsmbclient-32bit less than 3.0.36-0.13.14.4"/> 28279 <criterion test_ref="oval:org.opensuse.security:tst:2009068169" comment="libsmbclient-devel less than 3.0.36-0.13.14.4"/> 28280 <criterion test_ref="oval:org.opensuse.security:tst:2009068170" comment="libsmbclient less than 3.0.36-0.13.14.4"/> 28281 <criterion test_ref="oval:org.opensuse.security:tst:2009068171" comment="samba-32bit less than 3.0.36-0.13.14.4"/> 28282 <criterion test_ref="oval:org.opensuse.security:tst:2009068172" comment="samba-client-32bit less than 3.0.36-0.13.14.4"/> 28283 <criterion test_ref="oval:org.opensuse.security:tst:2009068173" comment="samba-client less than 3.0.36-0.13.14.4"/> 28284 <criterion test_ref="oval:org.opensuse.security:tst:2009068174" comment="samba-krb-printing less than 3.0.36-0.13.14.4"/> 28285 <criterion test_ref="oval:org.opensuse.security:tst:2009068175" comment="samba-vscan less than 0.3.6b-43.13.14.4"/> 28286 <criterion test_ref="oval:org.opensuse.security:tst:2009068176" comment="samba-winbind-32bit less than 3.0.36-0.13.14.4"/> 28287 <criterion test_ref="oval:org.opensuse.security:tst:2009068177" comment="samba-winbind less than 3.0.36-0.13.14.4"/> 28288 <criterion test_ref="oval:org.opensuse.security:tst:2009068178" comment="samba less than 3.0.36-0.13.14.4"/> 28289 </criteria> 28290 </criteria> 28291 <!-- bf1425443d51e0c85ab0abb575ffd891 --> 28292 <criteria operator="AND"> 28293 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 28294 <criteria operator="OR"> 28295 <criterion test_ref="oval:org.opensuse.security:tst:2009068192" comment="cifs-mount less than 3.0.36-0.13.14.1"/> 28296 <criterion test_ref="oval:org.opensuse.security:tst:2009068193" comment="ldapsmb less than 1.34b-25.13.14.1"/> 28297 <criterion test_ref="oval:org.opensuse.security:tst:2009068194" comment="libsmbclient-32bit less than 3.0.36-0.13.14.1"/> 28298 <criterion test_ref="oval:org.opensuse.security:tst:2009068195" comment="libsmbclient-devel less than 3.0.36-0.13.14.1"/> 28299 <criterion test_ref="oval:org.opensuse.security:tst:2009068196" comment="libsmbclient less than 3.0.36-0.13.14.1"/> 28300 <criterion test_ref="oval:org.opensuse.security:tst:2009068197" comment="samba-32bit less than 3.0.36-0.13.14.1"/> 28301 <criterion test_ref="oval:org.opensuse.security:tst:2009068198" comment="samba-client-32bit less than 3.0.36-0.13.14.1"/> 28302 <criterion test_ref="oval:org.opensuse.security:tst:2009068199" comment="samba-client less than 3.0.36-0.13.14.1"/> 28303 <criterion test_ref="oval:org.opensuse.security:tst:2009068200" comment="samba-krb-printing less than 3.0.36-0.13.14.1"/> 28304 <criterion test_ref="oval:org.opensuse.security:tst:2009068201" comment="samba-vscan less than 0.3.6b-43.13.14.1"/> 28305 <criterion test_ref="oval:org.opensuse.security:tst:2009068202" comment="samba-winbind-32bit less than 3.0.36-0.13.14.1"/> 28306 <criterion test_ref="oval:org.opensuse.security:tst:2009068203" comment="samba-winbind less than 3.0.36-0.13.14.1"/> 28307 <criterion test_ref="oval:org.opensuse.security:tst:2009068204" comment="samba less than 3.0.36-0.13.14.1"/> 28308 </criteria> 28309 </criteria> 28310 </criteria> 28311 </definition> 28312 <definition id="oval:org.opensuse.security:def:20110726" version="1" class="vulnerability"> 28313 <metadata> 28314 <title>CVE-2011-0726</title> 28315 <affected family="unix"> 28316 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28317 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28318 </affected> 28319 <reference ref_id="CVE-2011-0726" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0726" source="CVE"/> 28320 <description> 28321 The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the start_code and end_code fields in the /proc/#####/stat file for a process executing a PIE binary. 28322 </description> 28323 </metadata> 28324 <criteria operator="OR"> 28325 <!-- 2284bd78d78b00accc68729a9634d92d --> 28326 <criteria operator="AND"> 28327 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28328 <criteria operator="OR"> 28329 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 28330 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 28331 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 28332 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 28333 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 28334 </criteria> 28335 </criteria> 28336 <!-- 75c70ba80807aed777189444e17910e5 --> 28337 <criteria operator="AND"> 28338 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28339 <criteria operator="OR"> 28340 <criterion test_ref="oval:org.opensuse.security:tst:2009069787" comment="kernel-bigsmp less than 2.6.16.60-0.89.1"/> 28341 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 28342 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 28343 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 28344 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 28345 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 28346 <criterion test_ref="oval:org.opensuse.security:tst:2009069788" comment="kernel-xenpae less than 2.6.16.60-0.89.1"/> 28347 </criteria> 28348 </criteria> 28349 </criteria> 28350 </definition> 28351 <definition id="oval:org.opensuse.security:def:20110764" version="1" class="vulnerability"> 28352 <metadata> 28353 <title>CVE-2011-0764</title> 28354 <affected family="unix"> 28355 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28356 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28357 </affected> 28358 <reference ref_id="CVE-2011-0764" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0764" source="CVE"/> 28359 <description> 28360 t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf. 28361 </description> 28362 </metadata> 28363 <!-- 0a41b9d515732b420bea02ef6d7030a1 --> 28364 <criteria operator="AND"> 28365 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28366 <criterion test_ref="oval:org.opensuse.security:tst:2009074608" comment="t1lib less than 1.3.1-585.11.1"/> 28367 </criteria> 28368 </definition> 28369 <definition id="oval:org.opensuse.security:def:20110786" version="1" class="vulnerability"> 28370 <metadata> 28371 <title>CVE-2011-0786</title> 28372 <affected family="unix"> 28373 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28374 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28375 </affected> 28376 <reference ref_id="CVE-2011-0786" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0786" source="CVE"/> 28377 <description> 28378 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0788. 28379 </description> 28380 </metadata> 28381 <criteria operator="OR"> 28382 <!-- 6bc8d900b81c810dacee03e32dd0ee6c --> 28383 <criteria operator="AND"> 28384 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28385 <criteria operator="OR"> 28386 <criterion test_ref="oval:org.opensuse.security:tst:2009068776" comment="java-1_6_0-sun-32bit less than 1.6.0.u26-0.11.1"/> 28387 <criterion test_ref="oval:org.opensuse.security:tst:2009068777" comment="java-1_6_0-sun-alsa less than 1.6.0.u26-0.11.1"/> 28388 <criterion test_ref="oval:org.opensuse.security:tst:2009068778" comment="java-1_6_0-sun-demo less than 1.6.0.u26-0.11.1"/> 28389 <criterion test_ref="oval:org.opensuse.security:tst:2009068779" comment="java-1_6_0-sun-devel less than 1.6.0.u26-0.11.1"/> 28390 <criterion test_ref="oval:org.opensuse.security:tst:2009068780" comment="java-1_6_0-sun-jdbc less than 1.6.0.u26-0.11.1"/> 28391 <criterion test_ref="oval:org.opensuse.security:tst:2009068781" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u26-0.11.1"/> 28392 <criterion test_ref="oval:org.opensuse.security:tst:2009068782" comment="java-1_6_0-sun-plugin less than 1.6.0.u26-0.11.1"/> 28393 <criterion test_ref="oval:org.opensuse.security:tst:2009068783" comment="java-1_6_0-sun-src less than 1.6.0.u26-0.11.1"/> 28394 <criterion test_ref="oval:org.opensuse.security:tst:2009068784" comment="java-1_6_0-sun less than 1.6.0.u26-0.11.1"/> 28395 </criteria> 28396 </criteria> 28397 <!-- 9f362d0065fd135e7f4ae300527396e5 --> 28398 <criteria operator="AND"> 28399 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28400 <criteria operator="OR"> 28401 <criterion test_ref="oval:org.opensuse.security:tst:2009069680" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.5-0.5.1"/> 28402 <criterion test_ref="oval:org.opensuse.security:tst:2009069682" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.5-0.5.1"/> 28403 <criterion test_ref="oval:org.opensuse.security:tst:2009069683" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.5-0.5.1"/> 28404 <criterion test_ref="oval:org.opensuse.security:tst:2009069690" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.5-0.5.1"/> 28405 <criterion test_ref="oval:org.opensuse.security:tst:2009069684" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.5-0.5.1"/> 28406 <criterion test_ref="oval:org.opensuse.security:tst:2009069685" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.5-0.5.1"/> 28407 <criterion test_ref="oval:org.opensuse.security:tst:2009069686" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.5-0.5.1"/> 28408 <criterion test_ref="oval:org.opensuse.security:tst:2009069687" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.5-0.5.1"/> 28409 <criterion test_ref="oval:org.opensuse.security:tst:2009069688" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.5-0.5.1"/> 28410 <criterion test_ref="oval:org.opensuse.security:tst:2009069691" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.5-0.5.1"/> 28411 <criterion test_ref="oval:org.opensuse.security:tst:2009069689" comment="java-1_5_0-ibm less than 1.5.0_sr12.5-0.5.1"/> 28412 </criteria> 28413 </criteria> 28414 </criteria> 28415 </definition> 28416 <definition id="oval:org.opensuse.security:def:20110788" version="1" class="vulnerability"> 28417 <metadata> 28418 <title>CVE-2011-0788</title> 28419 <affected family="unix"> 28420 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28421 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28422 </affected> 28423 <reference ref_id="CVE-2011-0788" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0788" source="CVE"/> 28424 <description> 28425 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0786. 28426 </description> 28427 </metadata> 28428 <!-- 6bc8d900b81c810dacee03e32dd0ee6c --> 28429 <criteria operator="AND"> 28430 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28431 <criteria operator="OR"> 28432 <criterion test_ref="oval:org.opensuse.security:tst:2009068776" comment="java-1_6_0-sun-32bit less than 1.6.0.u26-0.11.1"/> 28433 <criterion test_ref="oval:org.opensuse.security:tst:2009068777" comment="java-1_6_0-sun-alsa less than 1.6.0.u26-0.11.1"/> 28434 <criterion test_ref="oval:org.opensuse.security:tst:2009068778" comment="java-1_6_0-sun-demo less than 1.6.0.u26-0.11.1"/> 28435 <criterion test_ref="oval:org.opensuse.security:tst:2009068779" comment="java-1_6_0-sun-devel less than 1.6.0.u26-0.11.1"/> 28436 <criterion test_ref="oval:org.opensuse.security:tst:2009068780" comment="java-1_6_0-sun-jdbc less than 1.6.0.u26-0.11.1"/> 28437 <criterion test_ref="oval:org.opensuse.security:tst:2009068781" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u26-0.11.1"/> 28438 <criterion test_ref="oval:org.opensuse.security:tst:2009068782" comment="java-1_6_0-sun-plugin less than 1.6.0.u26-0.11.1"/> 28439 <criterion test_ref="oval:org.opensuse.security:tst:2009068783" comment="java-1_6_0-sun-src less than 1.6.0.u26-0.11.1"/> 28440 <criterion test_ref="oval:org.opensuse.security:tst:2009068784" comment="java-1_6_0-sun less than 1.6.0.u26-0.11.1"/> 28441 </criteria> 28442 </criteria> 28443 </definition> 28444 <definition id="oval:org.opensuse.security:def:20110802" version="1" class="vulnerability"> 28445 <metadata> 28446 <title>CVE-2011-0802</title> 28447 <affected family="unix"> 28448 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28449 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28450 </affected> 28451 <reference ref_id="CVE-2011-0802" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0802" source="CVE"/> 28452 <description> 28453 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0814. 28454 </description> 28455 </metadata> 28456 <criteria operator="OR"> 28457 <!-- 6bc8d900b81c810dacee03e32dd0ee6c --> 28458 <criteria operator="AND"> 28459 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28460 <criteria operator="OR"> 28461 <criterion test_ref="oval:org.opensuse.security:tst:2009068776" comment="java-1_6_0-sun-32bit less than 1.6.0.u26-0.11.1"/> 28462 <criterion test_ref="oval:org.opensuse.security:tst:2009068777" comment="java-1_6_0-sun-alsa less than 1.6.0.u26-0.11.1"/> 28463 <criterion test_ref="oval:org.opensuse.security:tst:2009068778" comment="java-1_6_0-sun-demo less than 1.6.0.u26-0.11.1"/> 28464 <criterion test_ref="oval:org.opensuse.security:tst:2009068779" comment="java-1_6_0-sun-devel less than 1.6.0.u26-0.11.1"/> 28465 <criterion test_ref="oval:org.opensuse.security:tst:2009068780" comment="java-1_6_0-sun-jdbc less than 1.6.0.u26-0.11.1"/> 28466 <criterion test_ref="oval:org.opensuse.security:tst:2009068781" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u26-0.11.1"/> 28467 <criterion test_ref="oval:org.opensuse.security:tst:2009068782" comment="java-1_6_0-sun-plugin less than 1.6.0.u26-0.11.1"/> 28468 <criterion test_ref="oval:org.opensuse.security:tst:2009068783" comment="java-1_6_0-sun-src less than 1.6.0.u26-0.11.1"/> 28469 <criterion test_ref="oval:org.opensuse.security:tst:2009068784" comment="java-1_6_0-sun less than 1.6.0.u26-0.11.1"/> 28470 </criteria> 28471 </criteria> 28472 <!-- 9f362d0065fd135e7f4ae300527396e5 --> 28473 <criteria operator="AND"> 28474 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28475 <criteria operator="OR"> 28476 <criterion test_ref="oval:org.opensuse.security:tst:2009069680" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.5-0.5.1"/> 28477 <criterion test_ref="oval:org.opensuse.security:tst:2009069682" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.5-0.5.1"/> 28478 <criterion test_ref="oval:org.opensuse.security:tst:2009069683" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.5-0.5.1"/> 28479 <criterion test_ref="oval:org.opensuse.security:tst:2009069690" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.5-0.5.1"/> 28480 <criterion test_ref="oval:org.opensuse.security:tst:2009069684" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.5-0.5.1"/> 28481 <criterion test_ref="oval:org.opensuse.security:tst:2009069685" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.5-0.5.1"/> 28482 <criterion test_ref="oval:org.opensuse.security:tst:2009069686" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.5-0.5.1"/> 28483 <criterion test_ref="oval:org.opensuse.security:tst:2009069687" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.5-0.5.1"/> 28484 <criterion test_ref="oval:org.opensuse.security:tst:2009069688" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.5-0.5.1"/> 28485 <criterion test_ref="oval:org.opensuse.security:tst:2009069691" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.5-0.5.1"/> 28486 <criterion test_ref="oval:org.opensuse.security:tst:2009069689" comment="java-1_5_0-ibm less than 1.5.0_sr12.5-0.5.1"/> 28487 </criteria> 28488 </criteria> 28489 </criteria> 28490 </definition> 28491 <definition id="oval:org.opensuse.security:def:20110814" version="1" class="vulnerability"> 28492 <metadata> 28493 <title>CVE-2011-0814</title> 28494 <affected family="unix"> 28495 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28496 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28497 </affected> 28498 <reference ref_id="CVE-2011-0814" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0814" source="CVE"/> 28499 <description> 28500 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0802. 28501 </description> 28502 </metadata> 28503 <criteria operator="OR"> 28504 <!-- 6bc8d900b81c810dacee03e32dd0ee6c --> 28505 <criteria operator="AND"> 28506 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28507 <criteria operator="OR"> 28508 <criterion test_ref="oval:org.opensuse.security:tst:2009068776" comment="java-1_6_0-sun-32bit less than 1.6.0.u26-0.11.1"/> 28509 <criterion test_ref="oval:org.opensuse.security:tst:2009068777" comment="java-1_6_0-sun-alsa less than 1.6.0.u26-0.11.1"/> 28510 <criterion test_ref="oval:org.opensuse.security:tst:2009068778" comment="java-1_6_0-sun-demo less than 1.6.0.u26-0.11.1"/> 28511 <criterion test_ref="oval:org.opensuse.security:tst:2009068779" comment="java-1_6_0-sun-devel less than 1.6.0.u26-0.11.1"/> 28512 <criterion test_ref="oval:org.opensuse.security:tst:2009068780" comment="java-1_6_0-sun-jdbc less than 1.6.0.u26-0.11.1"/> 28513 <criterion test_ref="oval:org.opensuse.security:tst:2009068781" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u26-0.11.1"/> 28514 <criterion test_ref="oval:org.opensuse.security:tst:2009068782" comment="java-1_6_0-sun-plugin less than 1.6.0.u26-0.11.1"/> 28515 <criterion test_ref="oval:org.opensuse.security:tst:2009068783" comment="java-1_6_0-sun-src less than 1.6.0.u26-0.11.1"/> 28516 <criterion test_ref="oval:org.opensuse.security:tst:2009068784" comment="java-1_6_0-sun less than 1.6.0.u26-0.11.1"/> 28517 </criteria> 28518 </criteria> 28519 <!-- 9f362d0065fd135e7f4ae300527396e5 --> 28520 <criteria operator="AND"> 28521 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28522 <criteria operator="OR"> 28523 <criterion test_ref="oval:org.opensuse.security:tst:2009069680" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.5-0.5.1"/> 28524 <criterion test_ref="oval:org.opensuse.security:tst:2009069682" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.5-0.5.1"/> 28525 <criterion test_ref="oval:org.opensuse.security:tst:2009069683" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.5-0.5.1"/> 28526 <criterion test_ref="oval:org.opensuse.security:tst:2009069690" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.5-0.5.1"/> 28527 <criterion test_ref="oval:org.opensuse.security:tst:2009069684" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.5-0.5.1"/> 28528 <criterion test_ref="oval:org.opensuse.security:tst:2009069685" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.5-0.5.1"/> 28529 <criterion test_ref="oval:org.opensuse.security:tst:2009069686" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.5-0.5.1"/> 28530 <criterion test_ref="oval:org.opensuse.security:tst:2009069687" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.5-0.5.1"/> 28531 <criterion test_ref="oval:org.opensuse.security:tst:2009069688" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.5-0.5.1"/> 28532 <criterion test_ref="oval:org.opensuse.security:tst:2009069691" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.5-0.5.1"/> 28533 <criterion test_ref="oval:org.opensuse.security:tst:2009069689" comment="java-1_5_0-ibm less than 1.5.0_sr12.5-0.5.1"/> 28534 </criteria> 28535 </criteria> 28536 </criteria> 28537 </definition> 28538 <definition id="oval:org.opensuse.security:def:20110815" version="1" class="vulnerability"> 28539 <metadata> 28540 <title>CVE-2011-0815</title> 28541 <affected family="unix"> 28542 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28543 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28544 </affected> 28545 <reference ref_id="CVE-2011-0815" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0815" source="CVE"/> 28546 <description> 28547 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to AWT. 28548 </description> 28549 </metadata> 28550 <criteria operator="OR"> 28551 <!-- 6bc8d900b81c810dacee03e32dd0ee6c --> 28552 <criteria operator="AND"> 28553 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28554 <criteria operator="OR"> 28555 <criterion test_ref="oval:org.opensuse.security:tst:2009068776" comment="java-1_6_0-sun-32bit less than 1.6.0.u26-0.11.1"/> 28556 <criterion test_ref="oval:org.opensuse.security:tst:2009068777" comment="java-1_6_0-sun-alsa less than 1.6.0.u26-0.11.1"/> 28557 <criterion test_ref="oval:org.opensuse.security:tst:2009068778" comment="java-1_6_0-sun-demo less than 1.6.0.u26-0.11.1"/> 28558 <criterion test_ref="oval:org.opensuse.security:tst:2009068779" comment="java-1_6_0-sun-devel less than 1.6.0.u26-0.11.1"/> 28559 <criterion test_ref="oval:org.opensuse.security:tst:2009068780" comment="java-1_6_0-sun-jdbc less than 1.6.0.u26-0.11.1"/> 28560 <criterion test_ref="oval:org.opensuse.security:tst:2009068781" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u26-0.11.1"/> 28561 <criterion test_ref="oval:org.opensuse.security:tst:2009068782" comment="java-1_6_0-sun-plugin less than 1.6.0.u26-0.11.1"/> 28562 <criterion test_ref="oval:org.opensuse.security:tst:2009068783" comment="java-1_6_0-sun-src less than 1.6.0.u26-0.11.1"/> 28563 <criterion test_ref="oval:org.opensuse.security:tst:2009068784" comment="java-1_6_0-sun less than 1.6.0.u26-0.11.1"/> 28564 </criteria> 28565 </criteria> 28566 <!-- 9f362d0065fd135e7f4ae300527396e5 --> 28567 <criteria operator="AND"> 28568 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28569 <criteria operator="OR"> 28570 <criterion test_ref="oval:org.opensuse.security:tst:2009069680" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.5-0.5.1"/> 28571 <criterion test_ref="oval:org.opensuse.security:tst:2009069682" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.5-0.5.1"/> 28572 <criterion test_ref="oval:org.opensuse.security:tst:2009069683" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.5-0.5.1"/> 28573 <criterion test_ref="oval:org.opensuse.security:tst:2009069690" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.5-0.5.1"/> 28574 <criterion test_ref="oval:org.opensuse.security:tst:2009069684" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.5-0.5.1"/> 28575 <criterion test_ref="oval:org.opensuse.security:tst:2009069685" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.5-0.5.1"/> 28576 <criterion test_ref="oval:org.opensuse.security:tst:2009069686" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.5-0.5.1"/> 28577 <criterion test_ref="oval:org.opensuse.security:tst:2009069687" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.5-0.5.1"/> 28578 <criterion test_ref="oval:org.opensuse.security:tst:2009069688" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.5-0.5.1"/> 28579 <criterion test_ref="oval:org.opensuse.security:tst:2009069691" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.5-0.5.1"/> 28580 <criterion test_ref="oval:org.opensuse.security:tst:2009069689" comment="java-1_5_0-ibm less than 1.5.0_sr12.5-0.5.1"/> 28581 </criteria> 28582 </criteria> 28583 </criteria> 28584 </definition> 28585 <definition id="oval:org.opensuse.security:def:20110817" version="1" class="vulnerability"> 28586 <metadata> 28587 <title>CVE-2011-0817</title> 28588 <affected family="unix"> 28589 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28590 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28591 </affected> 28592 <reference ref_id="CVE-2011-0817" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0817" source="CVE"/> 28593 <description> 28594 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. 28595 </description> 28596 </metadata> 28597 <!-- 6bc8d900b81c810dacee03e32dd0ee6c --> 28598 <criteria operator="AND"> 28599 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28600 <criteria operator="OR"> 28601 <criterion test_ref="oval:org.opensuse.security:tst:2009068776" comment="java-1_6_0-sun-32bit less than 1.6.0.u26-0.11.1"/> 28602 <criterion test_ref="oval:org.opensuse.security:tst:2009068777" comment="java-1_6_0-sun-alsa less than 1.6.0.u26-0.11.1"/> 28603 <criterion test_ref="oval:org.opensuse.security:tst:2009068778" comment="java-1_6_0-sun-demo less than 1.6.0.u26-0.11.1"/> 28604 <criterion test_ref="oval:org.opensuse.security:tst:2009068779" comment="java-1_6_0-sun-devel less than 1.6.0.u26-0.11.1"/> 28605 <criterion test_ref="oval:org.opensuse.security:tst:2009068780" comment="java-1_6_0-sun-jdbc less than 1.6.0.u26-0.11.1"/> 28606 <criterion test_ref="oval:org.opensuse.security:tst:2009068781" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u26-0.11.1"/> 28607 <criterion test_ref="oval:org.opensuse.security:tst:2009068782" comment="java-1_6_0-sun-plugin less than 1.6.0.u26-0.11.1"/> 28608 <criterion test_ref="oval:org.opensuse.security:tst:2009068783" comment="java-1_6_0-sun-src less than 1.6.0.u26-0.11.1"/> 28609 <criterion test_ref="oval:org.opensuse.security:tst:2009068784" comment="java-1_6_0-sun less than 1.6.0.u26-0.11.1"/> 28610 </criteria> 28611 </criteria> 28612 </definition> 28613 <definition id="oval:org.opensuse.security:def:20110862" version="1" class="vulnerability"> 28614 <metadata> 28615 <title>CVE-2011-0862</title> 28616 <affected family="unix"> 28617 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28618 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28619 </affected> 28620 <reference ref_id="CVE-2011-0862" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0862" source="CVE"/> 28621 <description> 28622 Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. 28623 </description> 28624 </metadata> 28625 <criteria operator="OR"> 28626 <!-- 6bc8d900b81c810dacee03e32dd0ee6c --> 28627 <criteria operator="AND"> 28628 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28629 <criteria operator="OR"> 28630 <criterion test_ref="oval:org.opensuse.security:tst:2009068776" comment="java-1_6_0-sun-32bit less than 1.6.0.u26-0.11.1"/> 28631 <criterion test_ref="oval:org.opensuse.security:tst:2009068777" comment="java-1_6_0-sun-alsa less than 1.6.0.u26-0.11.1"/> 28632 <criterion test_ref="oval:org.opensuse.security:tst:2009068778" comment="java-1_6_0-sun-demo less than 1.6.0.u26-0.11.1"/> 28633 <criterion test_ref="oval:org.opensuse.security:tst:2009068779" comment="java-1_6_0-sun-devel less than 1.6.0.u26-0.11.1"/> 28634 <criterion test_ref="oval:org.opensuse.security:tst:2009068780" comment="java-1_6_0-sun-jdbc less than 1.6.0.u26-0.11.1"/> 28635 <criterion test_ref="oval:org.opensuse.security:tst:2009068781" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u26-0.11.1"/> 28636 <criterion test_ref="oval:org.opensuse.security:tst:2009068782" comment="java-1_6_0-sun-plugin less than 1.6.0.u26-0.11.1"/> 28637 <criterion test_ref="oval:org.opensuse.security:tst:2009068783" comment="java-1_6_0-sun-src less than 1.6.0.u26-0.11.1"/> 28638 <criterion test_ref="oval:org.opensuse.security:tst:2009068784" comment="java-1_6_0-sun less than 1.6.0.u26-0.11.1"/> 28639 </criteria> 28640 </criteria> 28641 <!-- 9f362d0065fd135e7f4ae300527396e5 --> 28642 <criteria operator="AND"> 28643 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28644 <criteria operator="OR"> 28645 <criterion test_ref="oval:org.opensuse.security:tst:2009069680" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.5-0.5.1"/> 28646 <criterion test_ref="oval:org.opensuse.security:tst:2009069682" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.5-0.5.1"/> 28647 <criterion test_ref="oval:org.opensuse.security:tst:2009069683" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.5-0.5.1"/> 28648 <criterion test_ref="oval:org.opensuse.security:tst:2009069690" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.5-0.5.1"/> 28649 <criterion test_ref="oval:org.opensuse.security:tst:2009069684" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.5-0.5.1"/> 28650 <criterion test_ref="oval:org.opensuse.security:tst:2009069685" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.5-0.5.1"/> 28651 <criterion test_ref="oval:org.opensuse.security:tst:2009069686" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.5-0.5.1"/> 28652 <criterion test_ref="oval:org.opensuse.security:tst:2009069687" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.5-0.5.1"/> 28653 <criterion test_ref="oval:org.opensuse.security:tst:2009069688" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.5-0.5.1"/> 28654 <criterion test_ref="oval:org.opensuse.security:tst:2009069691" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.5-0.5.1"/> 28655 <criterion test_ref="oval:org.opensuse.security:tst:2009069689" comment="java-1_5_0-ibm less than 1.5.0_sr12.5-0.5.1"/> 28656 </criteria> 28657 </criteria> 28658 </criteria> 28659 </definition> 28660 <definition id="oval:org.opensuse.security:def:20110863" version="1" class="vulnerability"> 28661 <metadata> 28662 <title>CVE-2011-0863</title> 28663 <affected family="unix"> 28664 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28665 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28666 </affected> 28667 <reference ref_id="CVE-2011-0863" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0863" source="CVE"/> 28668 <description> 28669 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. 28670 </description> 28671 </metadata> 28672 <!-- 6bc8d900b81c810dacee03e32dd0ee6c --> 28673 <criteria operator="AND"> 28674 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28675 <criteria operator="OR"> 28676 <criterion test_ref="oval:org.opensuse.security:tst:2009068776" comment="java-1_6_0-sun-32bit less than 1.6.0.u26-0.11.1"/> 28677 <criterion test_ref="oval:org.opensuse.security:tst:2009068777" comment="java-1_6_0-sun-alsa less than 1.6.0.u26-0.11.1"/> 28678 <criterion test_ref="oval:org.opensuse.security:tst:2009068778" comment="java-1_6_0-sun-demo less than 1.6.0.u26-0.11.1"/> 28679 <criterion test_ref="oval:org.opensuse.security:tst:2009068779" comment="java-1_6_0-sun-devel less than 1.6.0.u26-0.11.1"/> 28680 <criterion test_ref="oval:org.opensuse.security:tst:2009068780" comment="java-1_6_0-sun-jdbc less than 1.6.0.u26-0.11.1"/> 28681 <criterion test_ref="oval:org.opensuse.security:tst:2009068781" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u26-0.11.1"/> 28682 <criterion test_ref="oval:org.opensuse.security:tst:2009068782" comment="java-1_6_0-sun-plugin less than 1.6.0.u26-0.11.1"/> 28683 <criterion test_ref="oval:org.opensuse.security:tst:2009068783" comment="java-1_6_0-sun-src less than 1.6.0.u26-0.11.1"/> 28684 <criterion test_ref="oval:org.opensuse.security:tst:2009068784" comment="java-1_6_0-sun less than 1.6.0.u26-0.11.1"/> 28685 </criteria> 28686 </criteria> 28687 </definition> 28688 <definition id="oval:org.opensuse.security:def:20110864" version="1" class="vulnerability"> 28689 <metadata> 28690 <title>CVE-2011-0864</title> 28691 <affected family="unix"> 28692 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28693 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28694 </affected> 28695 <reference ref_id="CVE-2011-0864" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0864" source="CVE"/> 28696 <description> 28697 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. 28698 </description> 28699 </metadata> 28700 <!-- 6bc8d900b81c810dacee03e32dd0ee6c --> 28701 <criteria operator="AND"> 28702 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28703 <criteria operator="OR"> 28704 <criterion test_ref="oval:org.opensuse.security:tst:2009068776" comment="java-1_6_0-sun-32bit less than 1.6.0.u26-0.11.1"/> 28705 <criterion test_ref="oval:org.opensuse.security:tst:2009068777" comment="java-1_6_0-sun-alsa less than 1.6.0.u26-0.11.1"/> 28706 <criterion test_ref="oval:org.opensuse.security:tst:2009068778" comment="java-1_6_0-sun-demo less than 1.6.0.u26-0.11.1"/> 28707 <criterion test_ref="oval:org.opensuse.security:tst:2009068779" comment="java-1_6_0-sun-devel less than 1.6.0.u26-0.11.1"/> 28708 <criterion test_ref="oval:org.opensuse.security:tst:2009068780" comment="java-1_6_0-sun-jdbc less than 1.6.0.u26-0.11.1"/> 28709 <criterion test_ref="oval:org.opensuse.security:tst:2009068781" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u26-0.11.1"/> 28710 <criterion test_ref="oval:org.opensuse.security:tst:2009068782" comment="java-1_6_0-sun-plugin less than 1.6.0.u26-0.11.1"/> 28711 <criterion test_ref="oval:org.opensuse.security:tst:2009068783" comment="java-1_6_0-sun-src less than 1.6.0.u26-0.11.1"/> 28712 <criterion test_ref="oval:org.opensuse.security:tst:2009068784" comment="java-1_6_0-sun less than 1.6.0.u26-0.11.1"/> 28713 </criteria> 28714 </criteria> 28715 </definition> 28716 <definition id="oval:org.opensuse.security:def:20110865" version="1" class="vulnerability"> 28717 <metadata> 28718 <title>CVE-2011-0865</title> 28719 <affected family="unix"> 28720 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28721 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28722 </affected> 28723 <reference ref_id="CVE-2011-0865" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0865" source="CVE"/> 28724 <description> 28725 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Deserialization. 28726 </description> 28727 </metadata> 28728 <criteria operator="OR"> 28729 <!-- 6bc8d900b81c810dacee03e32dd0ee6c --> 28730 <criteria operator="AND"> 28731 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28732 <criteria operator="OR"> 28733 <criterion test_ref="oval:org.opensuse.security:tst:2009068776" comment="java-1_6_0-sun-32bit less than 1.6.0.u26-0.11.1"/> 28734 <criterion test_ref="oval:org.opensuse.security:tst:2009068777" comment="java-1_6_0-sun-alsa less than 1.6.0.u26-0.11.1"/> 28735 <criterion test_ref="oval:org.opensuse.security:tst:2009068778" comment="java-1_6_0-sun-demo less than 1.6.0.u26-0.11.1"/> 28736 <criterion test_ref="oval:org.opensuse.security:tst:2009068779" comment="java-1_6_0-sun-devel less than 1.6.0.u26-0.11.1"/> 28737 <criterion test_ref="oval:org.opensuse.security:tst:2009068780" comment="java-1_6_0-sun-jdbc less than 1.6.0.u26-0.11.1"/> 28738 <criterion test_ref="oval:org.opensuse.security:tst:2009068781" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u26-0.11.1"/> 28739 <criterion test_ref="oval:org.opensuse.security:tst:2009068782" comment="java-1_6_0-sun-plugin less than 1.6.0.u26-0.11.1"/> 28740 <criterion test_ref="oval:org.opensuse.security:tst:2009068783" comment="java-1_6_0-sun-src less than 1.6.0.u26-0.11.1"/> 28741 <criterion test_ref="oval:org.opensuse.security:tst:2009068784" comment="java-1_6_0-sun less than 1.6.0.u26-0.11.1"/> 28742 </criteria> 28743 </criteria> 28744 <!-- 9f362d0065fd135e7f4ae300527396e5 --> 28745 <criteria operator="AND"> 28746 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28747 <criteria operator="OR"> 28748 <criterion test_ref="oval:org.opensuse.security:tst:2009069680" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.5-0.5.1"/> 28749 <criterion test_ref="oval:org.opensuse.security:tst:2009069682" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.5-0.5.1"/> 28750 <criterion test_ref="oval:org.opensuse.security:tst:2009069683" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.5-0.5.1"/> 28751 <criterion test_ref="oval:org.opensuse.security:tst:2009069690" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.5-0.5.1"/> 28752 <criterion test_ref="oval:org.opensuse.security:tst:2009069684" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.5-0.5.1"/> 28753 <criterion test_ref="oval:org.opensuse.security:tst:2009069685" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.5-0.5.1"/> 28754 <criterion test_ref="oval:org.opensuse.security:tst:2009069686" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.5-0.5.1"/> 28755 <criterion test_ref="oval:org.opensuse.security:tst:2009069687" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.5-0.5.1"/> 28756 <criterion test_ref="oval:org.opensuse.security:tst:2009069688" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.5-0.5.1"/> 28757 <criterion test_ref="oval:org.opensuse.security:tst:2009069691" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.5-0.5.1"/> 28758 <criterion test_ref="oval:org.opensuse.security:tst:2009069689" comment="java-1_5_0-ibm less than 1.5.0_sr12.5-0.5.1"/> 28759 </criteria> 28760 </criteria> 28761 </criteria> 28762 </definition> 28763 <definition id="oval:org.opensuse.security:def:20110866" version="1" class="vulnerability"> 28764 <metadata> 28765 <title>CVE-2011-0866</title> 28766 <affected family="unix"> 28767 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28768 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28769 </affected> 28770 <reference ref_id="CVE-2011-0866" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0866" source="CVE"/> 28771 <description> 28772 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Java Runtime Environment. 28773 </description> 28774 </metadata> 28775 <criteria operator="OR"> 28776 <!-- 6bc8d900b81c810dacee03e32dd0ee6c --> 28777 <criteria operator="AND"> 28778 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28779 <criteria operator="OR"> 28780 <criterion test_ref="oval:org.opensuse.security:tst:2009068776" comment="java-1_6_0-sun-32bit less than 1.6.0.u26-0.11.1"/> 28781 <criterion test_ref="oval:org.opensuse.security:tst:2009068777" comment="java-1_6_0-sun-alsa less than 1.6.0.u26-0.11.1"/> 28782 <criterion test_ref="oval:org.opensuse.security:tst:2009068778" comment="java-1_6_0-sun-demo less than 1.6.0.u26-0.11.1"/> 28783 <criterion test_ref="oval:org.opensuse.security:tst:2009068779" comment="java-1_6_0-sun-devel less than 1.6.0.u26-0.11.1"/> 28784 <criterion test_ref="oval:org.opensuse.security:tst:2009068780" comment="java-1_6_0-sun-jdbc less than 1.6.0.u26-0.11.1"/> 28785 <criterion test_ref="oval:org.opensuse.security:tst:2009068781" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u26-0.11.1"/> 28786 <criterion test_ref="oval:org.opensuse.security:tst:2009068782" comment="java-1_6_0-sun-plugin less than 1.6.0.u26-0.11.1"/> 28787 <criterion test_ref="oval:org.opensuse.security:tst:2009068783" comment="java-1_6_0-sun-src less than 1.6.0.u26-0.11.1"/> 28788 <criterion test_ref="oval:org.opensuse.security:tst:2009068784" comment="java-1_6_0-sun less than 1.6.0.u26-0.11.1"/> 28789 </criteria> 28790 </criteria> 28791 <!-- 9f362d0065fd135e7f4ae300527396e5 --> 28792 <criteria operator="AND"> 28793 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28794 <criteria operator="OR"> 28795 <criterion test_ref="oval:org.opensuse.security:tst:2009069680" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.5-0.5.1"/> 28796 <criterion test_ref="oval:org.opensuse.security:tst:2009069682" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.5-0.5.1"/> 28797 <criterion test_ref="oval:org.opensuse.security:tst:2009069683" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.5-0.5.1"/> 28798 <criterion test_ref="oval:org.opensuse.security:tst:2009069690" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.5-0.5.1"/> 28799 <criterion test_ref="oval:org.opensuse.security:tst:2009069684" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.5-0.5.1"/> 28800 <criterion test_ref="oval:org.opensuse.security:tst:2009069685" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.5-0.5.1"/> 28801 <criterion test_ref="oval:org.opensuse.security:tst:2009069686" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.5-0.5.1"/> 28802 <criterion test_ref="oval:org.opensuse.security:tst:2009069687" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.5-0.5.1"/> 28803 <criterion test_ref="oval:org.opensuse.security:tst:2009069688" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.5-0.5.1"/> 28804 <criterion test_ref="oval:org.opensuse.security:tst:2009069691" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.5-0.5.1"/> 28805 <criterion test_ref="oval:org.opensuse.security:tst:2009069689" comment="java-1_5_0-ibm less than 1.5.0_sr12.5-0.5.1"/> 28806 </criteria> 28807 </criteria> 28808 </criteria> 28809 </definition> 28810 <definition id="oval:org.opensuse.security:def:20110867" version="1" class="vulnerability"> 28811 <metadata> 28812 <title>CVE-2011-0867</title> 28813 <affected family="unix"> 28814 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28815 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28816 </affected> 28817 <reference ref_id="CVE-2011-0867" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0867" source="CVE"/> 28818 <description> 28819 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. 28820 </description> 28821 </metadata> 28822 <criteria operator="OR"> 28823 <!-- 6bc8d900b81c810dacee03e32dd0ee6c --> 28824 <criteria operator="AND"> 28825 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28826 <criteria operator="OR"> 28827 <criterion test_ref="oval:org.opensuse.security:tst:2009068776" comment="java-1_6_0-sun-32bit less than 1.6.0.u26-0.11.1"/> 28828 <criterion test_ref="oval:org.opensuse.security:tst:2009068777" comment="java-1_6_0-sun-alsa less than 1.6.0.u26-0.11.1"/> 28829 <criterion test_ref="oval:org.opensuse.security:tst:2009068778" comment="java-1_6_0-sun-demo less than 1.6.0.u26-0.11.1"/> 28830 <criterion test_ref="oval:org.opensuse.security:tst:2009068779" comment="java-1_6_0-sun-devel less than 1.6.0.u26-0.11.1"/> 28831 <criterion test_ref="oval:org.opensuse.security:tst:2009068780" comment="java-1_6_0-sun-jdbc less than 1.6.0.u26-0.11.1"/> 28832 <criterion test_ref="oval:org.opensuse.security:tst:2009068781" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u26-0.11.1"/> 28833 <criterion test_ref="oval:org.opensuse.security:tst:2009068782" comment="java-1_6_0-sun-plugin less than 1.6.0.u26-0.11.1"/> 28834 <criterion test_ref="oval:org.opensuse.security:tst:2009068783" comment="java-1_6_0-sun-src less than 1.6.0.u26-0.11.1"/> 28835 <criterion test_ref="oval:org.opensuse.security:tst:2009068784" comment="java-1_6_0-sun less than 1.6.0.u26-0.11.1"/> 28836 </criteria> 28837 </criteria> 28838 <!-- 9f362d0065fd135e7f4ae300527396e5 --> 28839 <criteria operator="AND"> 28840 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28841 <criteria operator="OR"> 28842 <criterion test_ref="oval:org.opensuse.security:tst:2009069680" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.5-0.5.1"/> 28843 <criterion test_ref="oval:org.opensuse.security:tst:2009069682" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.5-0.5.1"/> 28844 <criterion test_ref="oval:org.opensuse.security:tst:2009069683" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.5-0.5.1"/> 28845 <criterion test_ref="oval:org.opensuse.security:tst:2009069690" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.5-0.5.1"/> 28846 <criterion test_ref="oval:org.opensuse.security:tst:2009069684" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.5-0.5.1"/> 28847 <criterion test_ref="oval:org.opensuse.security:tst:2009069685" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.5-0.5.1"/> 28848 <criterion test_ref="oval:org.opensuse.security:tst:2009069686" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.5-0.5.1"/> 28849 <criterion test_ref="oval:org.opensuse.security:tst:2009069687" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.5-0.5.1"/> 28850 <criterion test_ref="oval:org.opensuse.security:tst:2009069688" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.5-0.5.1"/> 28851 <criterion test_ref="oval:org.opensuse.security:tst:2009069691" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.5-0.5.1"/> 28852 <criterion test_ref="oval:org.opensuse.security:tst:2009069689" comment="java-1_5_0-ibm less than 1.5.0_sr12.5-0.5.1"/> 28853 </criteria> 28854 </criteria> 28855 </criteria> 28856 </definition> 28857 <definition id="oval:org.opensuse.security:def:20110868" version="1" class="vulnerability"> 28858 <metadata> 28859 <title>CVE-2011-0868</title> 28860 <affected family="unix"> 28861 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28862 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28863 </affected> 28864 <reference ref_id="CVE-2011-0868" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0868" source="CVE"/> 28865 <description> 28866 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D. 28867 </description> 28868 </metadata> 28869 <!-- 6bc8d900b81c810dacee03e32dd0ee6c --> 28870 <criteria operator="AND"> 28871 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28872 <criteria operator="OR"> 28873 <criterion test_ref="oval:org.opensuse.security:tst:2009068776" comment="java-1_6_0-sun-32bit less than 1.6.0.u26-0.11.1"/> 28874 <criterion test_ref="oval:org.opensuse.security:tst:2009068777" comment="java-1_6_0-sun-alsa less than 1.6.0.u26-0.11.1"/> 28875 <criterion test_ref="oval:org.opensuse.security:tst:2009068778" comment="java-1_6_0-sun-demo less than 1.6.0.u26-0.11.1"/> 28876 <criterion test_ref="oval:org.opensuse.security:tst:2009068779" comment="java-1_6_0-sun-devel less than 1.6.0.u26-0.11.1"/> 28877 <criterion test_ref="oval:org.opensuse.security:tst:2009068780" comment="java-1_6_0-sun-jdbc less than 1.6.0.u26-0.11.1"/> 28878 <criterion test_ref="oval:org.opensuse.security:tst:2009068781" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u26-0.11.1"/> 28879 <criterion test_ref="oval:org.opensuse.security:tst:2009068782" comment="java-1_6_0-sun-plugin less than 1.6.0.u26-0.11.1"/> 28880 <criterion test_ref="oval:org.opensuse.security:tst:2009068783" comment="java-1_6_0-sun-src less than 1.6.0.u26-0.11.1"/> 28881 <criterion test_ref="oval:org.opensuse.security:tst:2009068784" comment="java-1_6_0-sun less than 1.6.0.u26-0.11.1"/> 28882 </criteria> 28883 </criteria> 28884 </definition> 28885 <definition id="oval:org.opensuse.security:def:20110869" version="1" class="vulnerability"> 28886 <metadata> 28887 <title>CVE-2011-0869</title> 28888 <affected family="unix"> 28889 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28890 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28891 </affected> 28892 <reference ref_id="CVE-2011-0869" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0869" source="CVE"/> 28893 <description> 28894 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to SAAJ. 28895 </description> 28896 </metadata> 28897 <!-- 6bc8d900b81c810dacee03e32dd0ee6c --> 28898 <criteria operator="AND"> 28899 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28900 <criteria operator="OR"> 28901 <criterion test_ref="oval:org.opensuse.security:tst:2009068776" comment="java-1_6_0-sun-32bit less than 1.6.0.u26-0.11.1"/> 28902 <criterion test_ref="oval:org.opensuse.security:tst:2009068777" comment="java-1_6_0-sun-alsa less than 1.6.0.u26-0.11.1"/> 28903 <criterion test_ref="oval:org.opensuse.security:tst:2009068778" comment="java-1_6_0-sun-demo less than 1.6.0.u26-0.11.1"/> 28904 <criterion test_ref="oval:org.opensuse.security:tst:2009068779" comment="java-1_6_0-sun-devel less than 1.6.0.u26-0.11.1"/> 28905 <criterion test_ref="oval:org.opensuse.security:tst:2009068780" comment="java-1_6_0-sun-jdbc less than 1.6.0.u26-0.11.1"/> 28906 <criterion test_ref="oval:org.opensuse.security:tst:2009068781" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u26-0.11.1"/> 28907 <criterion test_ref="oval:org.opensuse.security:tst:2009068782" comment="java-1_6_0-sun-plugin less than 1.6.0.u26-0.11.1"/> 28908 <criterion test_ref="oval:org.opensuse.security:tst:2009068783" comment="java-1_6_0-sun-src less than 1.6.0.u26-0.11.1"/> 28909 <criterion test_ref="oval:org.opensuse.security:tst:2009068784" comment="java-1_6_0-sun less than 1.6.0.u26-0.11.1"/> 28910 </criteria> 28911 </criteria> 28912 </definition> 28913 <definition id="oval:org.opensuse.security:def:20110871" version="1" class="vulnerability"> 28914 <metadata> 28915 <title>CVE-2011-0871</title> 28916 <affected family="unix"> 28917 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28918 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28919 </affected> 28920 <reference ref_id="CVE-2011-0871" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0871" source="CVE"/> 28921 <description> 28922 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. 28923 </description> 28924 </metadata> 28925 <criteria operator="OR"> 28926 <!-- 6bc8d900b81c810dacee03e32dd0ee6c --> 28927 <criteria operator="AND"> 28928 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28929 <criteria operator="OR"> 28930 <criterion test_ref="oval:org.opensuse.security:tst:2009068776" comment="java-1_6_0-sun-32bit less than 1.6.0.u26-0.11.1"/> 28931 <criterion test_ref="oval:org.opensuse.security:tst:2009068777" comment="java-1_6_0-sun-alsa less than 1.6.0.u26-0.11.1"/> 28932 <criterion test_ref="oval:org.opensuse.security:tst:2009068778" comment="java-1_6_0-sun-demo less than 1.6.0.u26-0.11.1"/> 28933 <criterion test_ref="oval:org.opensuse.security:tst:2009068779" comment="java-1_6_0-sun-devel less than 1.6.0.u26-0.11.1"/> 28934 <criterion test_ref="oval:org.opensuse.security:tst:2009068780" comment="java-1_6_0-sun-jdbc less than 1.6.0.u26-0.11.1"/> 28935 <criterion test_ref="oval:org.opensuse.security:tst:2009068781" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u26-0.11.1"/> 28936 <criterion test_ref="oval:org.opensuse.security:tst:2009068782" comment="java-1_6_0-sun-plugin less than 1.6.0.u26-0.11.1"/> 28937 <criterion test_ref="oval:org.opensuse.security:tst:2009068783" comment="java-1_6_0-sun-src less than 1.6.0.u26-0.11.1"/> 28938 <criterion test_ref="oval:org.opensuse.security:tst:2009068784" comment="java-1_6_0-sun less than 1.6.0.u26-0.11.1"/> 28939 </criteria> 28940 </criteria> 28941 <!-- 9f362d0065fd135e7f4ae300527396e5 --> 28942 <criteria operator="AND"> 28943 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28944 <criteria operator="OR"> 28945 <criterion test_ref="oval:org.opensuse.security:tst:2009069680" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.5-0.5.1"/> 28946 <criterion test_ref="oval:org.opensuse.security:tst:2009069682" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.5-0.5.1"/> 28947 <criterion test_ref="oval:org.opensuse.security:tst:2009069683" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.5-0.5.1"/> 28948 <criterion test_ref="oval:org.opensuse.security:tst:2009069690" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.5-0.5.1"/> 28949 <criterion test_ref="oval:org.opensuse.security:tst:2009069684" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.5-0.5.1"/> 28950 <criterion test_ref="oval:org.opensuse.security:tst:2009069685" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.5-0.5.1"/> 28951 <criterion test_ref="oval:org.opensuse.security:tst:2009069686" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.5-0.5.1"/> 28952 <criterion test_ref="oval:org.opensuse.security:tst:2009069687" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.5-0.5.1"/> 28953 <criterion test_ref="oval:org.opensuse.security:tst:2009069688" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.5-0.5.1"/> 28954 <criterion test_ref="oval:org.opensuse.security:tst:2009069691" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.5-0.5.1"/> 28955 <criterion test_ref="oval:org.opensuse.security:tst:2009069689" comment="java-1_5_0-ibm less than 1.5.0_sr12.5-0.5.1"/> 28956 </criteria> 28957 </criteria> 28958 </criteria> 28959 </definition> 28960 <definition id="oval:org.opensuse.security:def:20110872" version="1" class="vulnerability"> 28961 <metadata> 28962 <title>CVE-2011-0872</title> 28963 <affected family="unix"> 28964 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 28965 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 28966 </affected> 28967 <reference ref_id="CVE-2011-0872" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0872" source="CVE"/> 28968 <description> 28969 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect availability via unknown vectors related to NIO. 28970 </description> 28971 </metadata> 28972 <criteria operator="OR"> 28973 <!-- 6bc8d900b81c810dacee03e32dd0ee6c --> 28974 <criteria operator="AND"> 28975 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28976 <criteria operator="OR"> 28977 <criterion test_ref="oval:org.opensuse.security:tst:2009068776" comment="java-1_6_0-sun-32bit less than 1.6.0.u26-0.11.1"/> 28978 <criterion test_ref="oval:org.opensuse.security:tst:2009068777" comment="java-1_6_0-sun-alsa less than 1.6.0.u26-0.11.1"/> 28979 <criterion test_ref="oval:org.opensuse.security:tst:2009068778" comment="java-1_6_0-sun-demo less than 1.6.0.u26-0.11.1"/> 28980 <criterion test_ref="oval:org.opensuse.security:tst:2009068779" comment="java-1_6_0-sun-devel less than 1.6.0.u26-0.11.1"/> 28981 <criterion test_ref="oval:org.opensuse.security:tst:2009068780" comment="java-1_6_0-sun-jdbc less than 1.6.0.u26-0.11.1"/> 28982 <criterion test_ref="oval:org.opensuse.security:tst:2009068781" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u26-0.11.1"/> 28983 <criterion test_ref="oval:org.opensuse.security:tst:2009068782" comment="java-1_6_0-sun-plugin less than 1.6.0.u26-0.11.1"/> 28984 <criterion test_ref="oval:org.opensuse.security:tst:2009068783" comment="java-1_6_0-sun-src less than 1.6.0.u26-0.11.1"/> 28985 <criterion test_ref="oval:org.opensuse.security:tst:2009068784" comment="java-1_6_0-sun less than 1.6.0.u26-0.11.1"/> 28986 </criteria> 28987 </criteria> 28988 <!-- 9f362d0065fd135e7f4ae300527396e5 --> 28989 <criteria operator="AND"> 28990 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 28991 <criteria operator="OR"> 28992 <criterion test_ref="oval:org.opensuse.security:tst:2009069680" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.5-0.5.1"/> 28993 <criterion test_ref="oval:org.opensuse.security:tst:2009069682" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.5-0.5.1"/> 28994 <criterion test_ref="oval:org.opensuse.security:tst:2009069683" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.5-0.5.1"/> 28995 <criterion test_ref="oval:org.opensuse.security:tst:2009069690" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.5-0.5.1"/> 28996 <criterion test_ref="oval:org.opensuse.security:tst:2009069684" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.5-0.5.1"/> 28997 <criterion test_ref="oval:org.opensuse.security:tst:2009069685" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.5-0.5.1"/> 28998 <criterion test_ref="oval:org.opensuse.security:tst:2009069686" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.5-0.5.1"/> 28999 <criterion test_ref="oval:org.opensuse.security:tst:2009069687" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.5-0.5.1"/> 29000 <criterion test_ref="oval:org.opensuse.security:tst:2009069688" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.5-0.5.1"/> 29001 <criterion test_ref="oval:org.opensuse.security:tst:2009069691" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.5-0.5.1"/> 29002 <criterion test_ref="oval:org.opensuse.security:tst:2009069689" comment="java-1_5_0-ibm less than 1.5.0_sr12.5-0.5.1"/> 29003 </criteria> 29004 </criteria> 29005 </criteria> 29006 </definition> 29007 <definition id="oval:org.opensuse.security:def:20110873" version="1" class="vulnerability"> 29008 <metadata> 29009 <title>CVE-2011-0873</title> 29010 <affected family="unix"> 29011 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29012 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29013 </affected> 29014 <reference ref_id="CVE-2011-0873" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0873" source="CVE"/> 29015 <description> 29016 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, and 5.0 Update 29 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. 29017 </description> 29018 </metadata> 29019 <criteria operator="OR"> 29020 <!-- 6bc8d900b81c810dacee03e32dd0ee6c --> 29021 <criteria operator="AND"> 29022 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29023 <criteria operator="OR"> 29024 <criterion test_ref="oval:org.opensuse.security:tst:2009068776" comment="java-1_6_0-sun-32bit less than 1.6.0.u26-0.11.1"/> 29025 <criterion test_ref="oval:org.opensuse.security:tst:2009068777" comment="java-1_6_0-sun-alsa less than 1.6.0.u26-0.11.1"/> 29026 <criterion test_ref="oval:org.opensuse.security:tst:2009068778" comment="java-1_6_0-sun-demo less than 1.6.0.u26-0.11.1"/> 29027 <criterion test_ref="oval:org.opensuse.security:tst:2009068779" comment="java-1_6_0-sun-devel less than 1.6.0.u26-0.11.1"/> 29028 <criterion test_ref="oval:org.opensuse.security:tst:2009068780" comment="java-1_6_0-sun-jdbc less than 1.6.0.u26-0.11.1"/> 29029 <criterion test_ref="oval:org.opensuse.security:tst:2009068781" comment="java-1_6_0-sun-plugin-32bit less than 1.6.0.u26-0.11.1"/> 29030 <criterion test_ref="oval:org.opensuse.security:tst:2009068782" comment="java-1_6_0-sun-plugin less than 1.6.0.u26-0.11.1"/> 29031 <criterion test_ref="oval:org.opensuse.security:tst:2009068783" comment="java-1_6_0-sun-src less than 1.6.0.u26-0.11.1"/> 29032 <criterion test_ref="oval:org.opensuse.security:tst:2009068784" comment="java-1_6_0-sun less than 1.6.0.u26-0.11.1"/> 29033 </criteria> 29034 </criteria> 29035 <!-- 9f362d0065fd135e7f4ae300527396e5 --> 29036 <criteria operator="AND"> 29037 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29038 <criteria operator="OR"> 29039 <criterion test_ref="oval:org.opensuse.security:tst:2009069680" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr12.5-0.5.1"/> 29040 <criterion test_ref="oval:org.opensuse.security:tst:2009069682" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr12.5-0.5.1"/> 29041 <criterion test_ref="oval:org.opensuse.security:tst:2009069683" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr12.5-0.5.1"/> 29042 <criterion test_ref="oval:org.opensuse.security:tst:2009069690" comment="java-1_5_0-ibm-demo less than 1.5.0_sr12.5-0.5.1"/> 29043 <criterion test_ref="oval:org.opensuse.security:tst:2009069684" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr12.5-0.5.1"/> 29044 <criterion test_ref="oval:org.opensuse.security:tst:2009069685" comment="java-1_5_0-ibm-devel less than 1.5.0_sr12.5-0.5.1"/> 29045 <criterion test_ref="oval:org.opensuse.security:tst:2009069686" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr12.5-0.5.1"/> 29046 <criterion test_ref="oval:org.opensuse.security:tst:2009069687" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr12.5-0.5.1"/> 29047 <criterion test_ref="oval:org.opensuse.security:tst:2009069688" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr12.5-0.5.1"/> 29048 <criterion test_ref="oval:org.opensuse.security:tst:2009069691" comment="java-1_5_0-ibm-src less than 1.5.0_sr12.5-0.5.1"/> 29049 <criterion test_ref="oval:org.opensuse.security:tst:2009069689" comment="java-1_5_0-ibm less than 1.5.0_sr12.5-0.5.1"/> 29050 </criteria> 29051 </criteria> 29052 </criteria> 29053 </definition> 29054 <definition id="oval:org.opensuse.security:def:20110904" version="1" class="vulnerability"> 29055 <metadata> 29056 <title>CVE-2011-0904</title> 29057 <affected family="unix"> 29058 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29059 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29060 </affected> 29061 <reference ref_id="CVE-2011-0904" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0904" source="CVE"/> 29062 <description> 29063 The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions. 29064 </description> 29065 </metadata> 29066 <!-- 86fea28ac43f9969768da38636a52da7 --> 29067 <criteria operator="AND"> 29068 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29069 <criterion test_ref="oval:org.opensuse.security:tst:2009068743" comment="vino less than 2.12.0-25.25.1"/> 29070 </criteria> 29071 </definition> 29072 <definition id="oval:org.opensuse.security:def:20110905" version="1" class="vulnerability"> 29073 <metadata> 29074 <title>CVE-2011-0905</title> 29075 <affected family="unix"> 29076 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29077 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29078 </affected> 29079 <reference ref_id="CVE-2011-0905" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0905" source="CVE"/> 29080 <description> 29081 The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via crafted dimensions in a framebuffer update request that triggers an out-of-bounds read operation. 29082 </description> 29083 </metadata> 29084 <!-- 86fea28ac43f9969768da38636a52da7 --> 29085 <criteria operator="AND"> 29086 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29087 <criterion test_ref="oval:org.opensuse.security:tst:2009068743" comment="vino less than 2.12.0-25.25.1"/> 29088 </criteria> 29089 </definition> 29090 <definition id="oval:org.opensuse.security:def:20110988" version="1" class="vulnerability"> 29091 <metadata> 29092 <title>CVE-2011-0988</title> 29093 <affected family="unix"> 29094 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 29095 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 29096 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29097 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29098 </affected> 29099 <reference ref_id="CVE-2011-0988" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0988" source="CVE"/> 29100 <description> 29101 pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain privileges via unspecified vectors. 29102 </description> 29103 </metadata> 29104 <criteria operator="OR"> 29105 <!-- 81ad240952ba82b9c9b969bf2557f3b5 --> 29106 <criteria operator="AND"> 29107 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 29108 <criterion test_ref="oval:org.opensuse.security:tst:2009066978" comment="pure-ftpd less than 1.0.22-0.18.1"/> 29109 </criteria> 29110 <!-- f2422396ff77739151af790963de5119 --> 29111 <criteria operator="AND"> 29112 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29113 <criterion test_ref="oval:org.opensuse.security:tst:2009066978" comment="pure-ftpd less than 1.0.22-0.18.1"/> 29114 </criteria> 29115 </criteria> 29116 </definition> 29117 <definition id="oval:org.opensuse.security:def:20110996" version="1" class="vulnerability"> 29118 <metadata> 29119 <title>CVE-2011-0996</title> 29120 <affected family="unix"> 29121 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 29122 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 29123 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29124 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29125 </affected> 29126 <reference ref_id="CVE-2011-0996" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0996" source="CVE"/> 29127 <description> 29128 dhcpcd before 5.2.12 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message. 29129 </description> 29130 </metadata> 29131 <criteria operator="OR"> 29132 <!-- 3b6dd9003b534005a8f7f17b407b3594 --> 29133 <criteria operator="AND"> 29134 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 29135 <criterion test_ref="oval:org.opensuse.security:tst:2009066982" comment="dhcpcd less than 1.3.22pl4-223.16.1"/> 29136 </criteria> 29137 <!-- cbaf66245e747871ebe8fb08642481cc --> 29138 <criteria operator="AND"> 29139 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 29140 <criterion test_ref="oval:org.opensuse.security:tst:2009067061" comment="dhcpcd less than 1.3.22pl4-223.18.1"/> 29141 </criteria> 29142 <!-- cbfc4421954d5aa8c3aedcdc8830ebd9 --> 29143 <criteria operator="AND"> 29144 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29145 <criterion test_ref="oval:org.opensuse.security:tst:2009066982" comment="dhcpcd less than 1.3.22pl4-223.16.1"/> 29146 </criteria> 29147 <!-- d3583b928bec8a914136f8b82fc6941b --> 29148 <criteria operator="AND"> 29149 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29150 <criterion test_ref="oval:org.opensuse.security:tst:2009067061" comment="dhcpcd less than 1.3.22pl4-223.18.1"/> 29151 </criteria> 29152 </criteria> 29153 </definition> 29154 <definition id="oval:org.opensuse.security:def:20110997" version="1" class="vulnerability"> 29155 <metadata> 29156 <title>CVE-2011-0997</title> 29157 <affected family="unix"> 29158 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 29159 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 29160 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29161 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29162 </affected> 29163 <reference ref_id="CVE-2011-0997" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997" source="CVE"/> 29164 <description> 29165 dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script. 29166 </description> 29167 </metadata> 29168 <criteria operator="OR"> 29169 <!-- 49e30b5fc96a8de8402b19e496a32083 --> 29170 <criteria operator="AND"> 29171 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29172 <criteria operator="OR"> 29173 <criterion test_ref="oval:org.opensuse.security:tst:2009067195" comment="dhcp-client less than 3.0.7-7.13.1"/> 29174 <criterion test_ref="oval:org.opensuse.security:tst:2009067196" comment="dhcp less than 3.0.7-7.13.1"/> 29175 </criteria> 29176 </criteria> 29177 <!-- 4ed099d9f6df2bf0c9e496bcf1242dc5 --> 29178 <criteria operator="AND"> 29179 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 29180 <criteria operator="OR"> 29181 <criterion test_ref="oval:org.opensuse.security:tst:2009067200" comment="dhcp-client less than 3.0.7-7.7.7.1"/> 29182 <criterion test_ref="oval:org.opensuse.security:tst:2009067201" comment="dhcp less than 3.0.7-7.7.7.1"/> 29183 </criteria> 29184 </criteria> 29185 <!-- 8edda2612e20eccab45071844a6cd832 --> 29186 <criteria operator="AND"> 29187 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29188 <criteria operator="OR"> 29189 <criterion test_ref="oval:org.opensuse.security:tst:2009067205" comment="dhcp-client less than 3.0.7-7.11.1"/> 29190 <criterion test_ref="oval:org.opensuse.security:tst:2009067206" comment="dhcp less than 3.0.7-7.11.1"/> 29191 </criteria> 29192 </criteria> 29193 </criteria> 29194 </definition> 29195 <definition id="oval:org.opensuse.security:def:20111003" version="1" class="vulnerability"> 29196 <metadata> 29197 <title>CVE-2011-1003</title> 29198 <affected family="unix"> 29199 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 29200 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 29201 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29202 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29203 </affected> 29204 <reference ref_id="CVE-2011-1003" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1003" source="CVE"/> 29205 <description> 29206 Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office document. NOTE: some of these details are obtained from third party information. 29207 </description> 29208 </metadata> 29209 <criteria operator="OR"> 29210 <!-- 0855e71261fc3d153a16bc229f2ba9ca --> 29211 <criteria operator="AND"> 29212 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29213 <criterion test_ref="oval:org.opensuse.security:tst:2009066578" comment="clamav less than 0.97-5.5.3"/> 29214 </criteria> 29215 <!-- 8a5a9c6c43c51e5f621c9fa2d8c2d5dd --> 29216 <criteria operator="AND"> 29217 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 29218 <criterion test_ref="oval:org.opensuse.security:tst:2009066578" comment="clamav less than 0.97-5.5.3"/> 29219 </criteria> 29220 </criteria> 29221 </definition> 29222 <definition id="oval:org.opensuse.security:def:20111010" version="1" class="vulnerability"> 29223 <metadata> 29224 <title>CVE-2011-1010</title> 29225 <affected family="unix"> 29226 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29227 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29228 </affected> 29229 <reference ref_id="CVE-2011-1010" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1010" source="CVE"/> 29230 <description> 29231 Buffer overflow in the mac_partition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via a malformed Mac OS partition table. 29232 </description> 29233 </metadata> 29234 <criteria operator="OR"> 29235 <!-- 754d5abd3666eec2fbee9b225156757d --> 29236 <criteria operator="AND"> 29237 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29238 <criteria operator="OR"> 29239 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 29240 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 29241 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 29242 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 29243 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 29244 </criteria> 29245 </criteria> 29246 <!-- c44206b33270f7a4715bc2a20553ccb8 --> 29247 <criteria operator="AND"> 29248 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29249 <criteria operator="OR"> 29250 <criterion test_ref="oval:org.opensuse.security:tst:2009070734" comment="kernel-bigsmp less than 2.6.16.60-0.87.1"/> 29251 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 29252 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 29253 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 29254 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 29255 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 29256 <criterion test_ref="oval:org.opensuse.security:tst:2009070735" comment="kernel-xenpae less than 2.6.16.60-0.87.1"/> 29257 </criteria> 29258 </criteria> 29259 </criteria> 29260 </definition> 29261 <definition id="oval:org.opensuse.security:def:20111012" version="1" class="vulnerability"> 29262 <metadata> 29263 <title>CVE-2011-1012</title> 29264 <affected family="unix"> 29265 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29266 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29267 </affected> 29268 <reference ref_id="CVE-2011-1012" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1012" source="CVE"/> 29269 <description> 29270 The ldm_parse_vmdb function in fs/partitions/ldm.c in the Linux kernel before 2.6.38-rc6-git6 does not validate the VBLK size value in the VMDB structure in an LDM partition table, which allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted partition table. 29271 </description> 29272 </metadata> 29273 <criteria operator="OR"> 29274 <!-- 754d5abd3666eec2fbee9b225156757d --> 29275 <criteria operator="AND"> 29276 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29277 <criteria operator="OR"> 29278 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 29279 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 29280 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 29281 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 29282 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 29283 </criteria> 29284 </criteria> 29285 <!-- c44206b33270f7a4715bc2a20553ccb8 --> 29286 <criteria operator="AND"> 29287 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29288 <criteria operator="OR"> 29289 <criterion test_ref="oval:org.opensuse.security:tst:2009070734" comment="kernel-bigsmp less than 2.6.16.60-0.87.1"/> 29290 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 29291 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 29292 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 29293 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 29294 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 29295 <criterion test_ref="oval:org.opensuse.security:tst:2009070735" comment="kernel-xenpae less than 2.6.16.60-0.87.1"/> 29296 </criteria> 29297 </criteria> 29298 </criteria> 29299 </definition> 29300 <definition id="oval:org.opensuse.security:def:20111015" version="1" class="vulnerability"> 29301 <metadata> 29302 <title>CVE-2011-1015</title> 29303 <affected family="unix"> 29304 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29305 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29306 </affected> 29307 <reference ref_id="CVE-2011-1015" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1015" source="CVE"/> 29308 <description> 29309 The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / (slash) character at the beginning of the URI. 29310 </description> 29311 </metadata> 29312 <!-- 8cae90c294b192a41f5e7816dbad3991 --> 29313 <criteria operator="AND"> 29314 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29315 <criteria operator="OR"> 29316 <criterion test_ref="oval:org.opensuse.security:tst:2009073858" comment="python-32bit less than 2.4.2-18.41.2"/> 29317 <criterion test_ref="oval:org.opensuse.security:tst:2009073859" comment="python-curses less than 2.4.2-18.41.2"/> 29318 <criterion test_ref="oval:org.opensuse.security:tst:2009073860" comment="python-devel less than 2.4.2-18.41.2"/> 29319 <criterion test_ref="oval:org.opensuse.security:tst:2009073861" comment="python-gdbm less than 2.4.2-18.41.2"/> 29320 <criterion test_ref="oval:org.opensuse.security:tst:2009073862" comment="python-tk less than 2.4.2-18.41.2"/> 29321 <criterion test_ref="oval:org.opensuse.security:tst:2009073863" comment="python-xml less than 2.4.2-18.41.2"/> 29322 <criterion test_ref="oval:org.opensuse.security:tst:2009073864" comment="python less than 2.4.2-18.41.2"/> 29323 </criteria> 29324 </criteria> 29325 </definition> 29326 <definition id="oval:org.opensuse.security:def:20111016" version="1" class="vulnerability"> 29327 <metadata> 29328 <title>CVE-2011-1016</title> 29329 <affected family="unix"> 29330 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29331 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29332 </affected> 29333 <reference ref_id="CVE-2011-1016" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1016" source="CVE"/> 29334 <description> 29335 The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not properly validate data related to the AA resolve registers, which allows local users to write to arbitrary memory locations associated with (1) Video RAM (aka VRAM) or (2) the Graphics Translation Table (GTT) via crafted values. 29336 </description> 29337 </metadata> 29338 <criteria operator="OR"> 29339 <!-- 754d5abd3666eec2fbee9b225156757d --> 29340 <criteria operator="AND"> 29341 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29342 <criteria operator="OR"> 29343 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 29344 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 29345 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 29346 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 29347 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 29348 </criteria> 29349 </criteria> 29350 <!-- c44206b33270f7a4715bc2a20553ccb8 --> 29351 <criteria operator="AND"> 29352 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29353 <criteria operator="OR"> 29354 <criterion test_ref="oval:org.opensuse.security:tst:2009070734" comment="kernel-bigsmp less than 2.6.16.60-0.87.1"/> 29355 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 29356 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 29357 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 29358 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 29359 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 29360 <criterion test_ref="oval:org.opensuse.security:tst:2009070735" comment="kernel-xenpae less than 2.6.16.60-0.87.1"/> 29361 </criteria> 29362 </criteria> 29363 </criteria> 29364 </definition> 29365 <definition id="oval:org.opensuse.security:def:20111017" version="1" class="vulnerability"> 29366 <metadata> 29367 <title>CVE-2011-1017</title> 29368 <affected family="unix"> 29369 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29370 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29371 </affected> 29372 <reference ref_id="CVE-2011-1017" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1017" source="CVE"/> 29373 <description> 29374 Heap-based buffer overflow in the ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel 2.6.37.2 and earlier might allow local users to gain privileges or obtain sensitive information via a crafted LDM partition table. 29375 </description> 29376 </metadata> 29377 <criteria operator="OR"> 29378 <!-- 2284bd78d78b00accc68729a9634d92d --> 29379 <criteria operator="AND"> 29380 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29381 <criteria operator="OR"> 29382 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 29383 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 29384 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 29385 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 29386 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 29387 </criteria> 29388 </criteria> 29389 <!-- 754d5abd3666eec2fbee9b225156757d --> 29390 <criteria operator="AND"> 29391 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29392 <criteria operator="OR"> 29393 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 29394 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 29395 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 29396 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 29397 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 29398 </criteria> 29399 </criteria> 29400 <!-- 75c70ba80807aed777189444e17910e5 --> 29401 <criteria operator="AND"> 29402 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29403 <criteria operator="OR"> 29404 <criterion test_ref="oval:org.opensuse.security:tst:2009069787" comment="kernel-bigsmp less than 2.6.16.60-0.89.1"/> 29405 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 29406 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 29407 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 29408 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 29409 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 29410 <criterion test_ref="oval:org.opensuse.security:tst:2009069788" comment="kernel-xenpae less than 2.6.16.60-0.89.1"/> 29411 </criteria> 29412 </criteria> 29413 <!-- c44206b33270f7a4715bc2a20553ccb8 --> 29414 <criteria operator="AND"> 29415 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29416 <criteria operator="OR"> 29417 <criterion test_ref="oval:org.opensuse.security:tst:2009070734" comment="kernel-bigsmp less than 2.6.16.60-0.87.1"/> 29418 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 29419 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 29420 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 29421 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 29422 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 29423 <criterion test_ref="oval:org.opensuse.security:tst:2009070735" comment="kernel-xenpae less than 2.6.16.60-0.87.1"/> 29424 </criteria> 29425 </criteria> 29426 </criteria> 29427 </definition> 29428 <definition id="oval:org.opensuse.security:def:20111044" version="1" class="vulnerability"> 29429 <metadata> 29430 <title>CVE-2011-1044</title> 29431 <affected family="unix"> 29432 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29433 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29434 </affected> 29435 <reference ref_id="CVE-2011-1044" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1044" source="CVE"/> 29436 <description> 29437 The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649. 29438 </description> 29439 </metadata> 29440 <criteria operator="OR"> 29441 <!-- 9dc087603b172b449aa9a07b548bf3cf --> 29442 <criteria operator="AND"> 29443 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29444 <criteria operator="OR"> 29445 <criterion test_ref="oval:org.opensuse.security:tst:2009075850" comment="kernel-bigsmp less than 2.6.16.60-0.99.1"/> 29446 <criterion test_ref="oval:org.opensuse.security:tst:2009075851" comment="kernel-default less than 2.6.16.60-0.99.1"/> 29447 <criterion test_ref="oval:org.opensuse.security:tst:2009075852" comment="kernel-smp less than 2.6.16.60-0.99.1"/> 29448 <criterion test_ref="oval:org.opensuse.security:tst:2009075853" comment="kernel-source less than 2.6.16.60-0.99.1"/> 29449 <criterion test_ref="oval:org.opensuse.security:tst:2009075854" comment="kernel-syms less than 2.6.16.60-0.99.1"/> 29450 <criterion test_ref="oval:org.opensuse.security:tst:2009075855" comment="kernel-xen less than 2.6.16.60-0.99.1"/> 29451 <criterion test_ref="oval:org.opensuse.security:tst:2009075856" comment="kernel-xenpae less than 2.6.16.60-0.99.1"/> 29452 </criteria> 29453 </criteria> 29454 <!-- c77cfcc87d8e54df006cb42c12c2fadb --> 29455 <criteria operator="AND"> 29456 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29457 <criteria operator="OR"> 29458 <criterion test_ref="oval:org.opensuse.security:tst:2009075851" comment="kernel-default less than 2.6.16.60-0.99.1"/> 29459 <criterion test_ref="oval:org.opensuse.security:tst:2009075852" comment="kernel-smp less than 2.6.16.60-0.99.1"/> 29460 <criterion test_ref="oval:org.opensuse.security:tst:2009075853" comment="kernel-source less than 2.6.16.60-0.99.1"/> 29461 <criterion test_ref="oval:org.opensuse.security:tst:2009075854" comment="kernel-syms less than 2.6.16.60-0.99.1"/> 29462 <criterion test_ref="oval:org.opensuse.security:tst:2009075855" comment="kernel-xen less than 2.6.16.60-0.99.1"/> 29463 </criteria> 29464 </criteria> 29465 </criteria> 29466 </definition> 29467 <definition id="oval:org.opensuse.security:def:20111071" version="1" class="vulnerability"> 29468 <metadata> 29469 <title>CVE-2011-1071</title> 29470 <affected family="unix"> 29471 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29472 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29473 </affected> 29474 <reference ref_id="CVE-2011-1071" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1071" source="CVE"/> 29475 <description> 29476 The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome. 29477 </description> 29478 </metadata> 29479 <!-- 68c207e7b54adb6c64930931c6c86ce0 --> 29480 <criteria operator="AND"> 29481 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29482 <criteria operator="OR"> 29483 <criterion test_ref="oval:org.opensuse.security:tst:2009069178" comment="glibc-32bit less than 2.4-31.91.1"/> 29484 <criterion test_ref="oval:org.opensuse.security:tst:2009069179" comment="glibc-devel-32bit less than 2.4-31.91.1"/> 29485 <criterion test_ref="oval:org.opensuse.security:tst:2009069180" comment="glibc-devel less than 2.4-31.91.1"/> 29486 <criterion test_ref="oval:org.opensuse.security:tst:2009069181" comment="glibc-html less than 2.4-31.91.1"/> 29487 <criterion test_ref="oval:org.opensuse.security:tst:2009069182" comment="glibc-i18ndata less than 2.4-31.91.1"/> 29488 <criterion test_ref="oval:org.opensuse.security:tst:2009069183" comment="glibc-info less than 2.4-31.91.1"/> 29489 <criterion test_ref="oval:org.opensuse.security:tst:2009069184" comment="glibc-locale-32bit less than 2.4-31.91.1"/> 29490 <criterion test_ref="oval:org.opensuse.security:tst:2009069185" comment="glibc-locale less than 2.4-31.91.1"/> 29491 <criterion test_ref="oval:org.opensuse.security:tst:2009069186" comment="glibc less than 2.4-31.91.1"/> 29492 <criterion test_ref="oval:org.opensuse.security:tst:2009069187" comment="nscd less than 2.4-31.91.1"/> 29493 </criteria> 29494 </criteria> 29495 </definition> 29496 <definition id="oval:org.opensuse.security:def:20111080" version="1" class="vulnerability"> 29497 <metadata> 29498 <title>CVE-2011-1080</title> 29499 <affected family="unix"> 29500 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29501 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29502 </affected> 29503 <reference ref_id="CVE-2011-1080" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1080" source="CVE"/> 29504 <description> 29505 The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line. 29506 </description> 29507 </metadata> 29508 <criteria operator="OR"> 29509 <!-- 04c790b378855fb45cf8fbe69ba4bbc1 --> 29510 <criteria operator="AND"> 29511 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29512 <criteria operator="OR"> 29513 <criterion test_ref="oval:org.opensuse.security:tst:2009072709" comment="kernel-bigsmp less than 2.6.16.60-0.93.1"/> 29514 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 29515 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 29516 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 29517 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 29518 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 29519 <criterion test_ref="oval:org.opensuse.security:tst:2009072715" comment="kernel-xenpae less than 2.6.16.60-0.93.1"/> 29520 </criteria> 29521 </criteria> 29522 <!-- 2a3c70bd23d91ad0dd11094f7e71f27a --> 29523 <criteria operator="AND"> 29524 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29525 <criteria operator="OR"> 29526 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 29527 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 29528 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 29529 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 29530 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 29531 </criteria> 29532 </criteria> 29533 </criteria> 29534 </definition> 29535 <definition id="oval:org.opensuse.security:def:20111089" version="1" class="vulnerability"> 29536 <metadata> 29537 <title>CVE-2011-1089</title> 29538 <affected family="unix"> 29539 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29540 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29541 </affected> 29542 <reference ref_id="CVE-2011-1089" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1089" source="CVE"/> 29543 <description> 29544 The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296. 29545 </description> 29546 </metadata> 29547 <criteria operator="OR"> 29548 <!-- ae7b2bb12ddda522987dc10489bcbf1f --> 29549 <criteria operator="AND"> 29550 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29551 <criteria operator="OR"> 29552 <criterion test_ref="oval:org.opensuse.security:tst:2009076031" comment="glibc-32bit less than 2.4-31.103.1"/> 29553 <criterion test_ref="oval:org.opensuse.security:tst:2009076032" comment="glibc-devel-32bit less than 2.4-31.103.1"/> 29554 <criterion test_ref="oval:org.opensuse.security:tst:2009076033" comment="glibc-devel less than 2.4-31.103.1"/> 29555 <criterion test_ref="oval:org.opensuse.security:tst:2009076034" comment="glibc-html less than 2.4-31.103.1"/> 29556 <criterion test_ref="oval:org.opensuse.security:tst:2009076035" comment="glibc-i18ndata less than 2.4-31.103.1"/> 29557 <criterion test_ref="oval:org.opensuse.security:tst:2009076036" comment="glibc-info less than 2.4-31.103.1"/> 29558 <criterion test_ref="oval:org.opensuse.security:tst:2009076037" comment="glibc-locale-32bit less than 2.4-31.103.1"/> 29559 <criterion test_ref="oval:org.opensuse.security:tst:2009076038" comment="glibc-locale less than 2.4-31.103.1"/> 29560 <criterion test_ref="oval:org.opensuse.security:tst:2009076039" comment="glibc less than 2.4-31.103.1"/> 29561 <criterion test_ref="oval:org.opensuse.security:tst:2009076040" comment="nscd less than 2.4-31.103.1"/> 29562 </criteria> 29563 </criteria> 29564 <!-- bf9e90522d98521f17af5aa03309ef73 --> 29565 <criteria operator="AND"> 29566 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29567 <criterion test_ref="oval:org.opensuse.security:tst:2009070265" comment="ncpfs less than 2.2.6-24.19.1"/> 29568 </criteria> 29569 </criteria> 29570 </definition> 29571 <definition id="oval:org.opensuse.security:def:20111091" version="1" class="vulnerability"> 29572 <metadata> 29573 <title>CVE-2011-1091</title> 29574 <affected family="unix"> 29575 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29576 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29577 </affected> 29578 <reference ref_id="CVE-2011-1091" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1091" source="CVE"/> 29579 <description> 29580 libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allows (2) remote Yahoo! servers to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG SMS message. 29581 </description> 29582 </metadata> 29583 <!-- c8785ba000be7d63668dde38be66bd5b --> 29584 <criteria operator="AND"> 29585 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29586 <criteria operator="OR"> 29587 <criterion test_ref="oval:org.opensuse.security:tst:2009072458" comment="finch less than 2.6.6-0.12.2"/> 29588 <criterion test_ref="oval:org.opensuse.security:tst:2009072459" comment="libpurple less than 2.6.6-0.12.2"/> 29589 <criterion test_ref="oval:org.opensuse.security:tst:2009072460" comment="pidgin less than 2.6.6-0.12.2"/> 29590 </criteria> 29591 </criteria> 29592 </definition> 29593 <definition id="oval:org.opensuse.security:def:20111093" version="1" class="vulnerability"> 29594 <metadata> 29595 <title>CVE-2011-1093</title> 29596 <affected family="unix"> 29597 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29598 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29599 </affected> 29600 <reference ref_id="CVE-2011-1093" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1093" source="CVE"/> 29601 <description> 29602 The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet. 29603 </description> 29604 </metadata> 29605 <criteria operator="OR"> 29606 <!-- 2284bd78d78b00accc68729a9634d92d --> 29607 <criteria operator="AND"> 29608 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29609 <criteria operator="OR"> 29610 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 29611 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 29612 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 29613 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 29614 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 29615 </criteria> 29616 </criteria> 29617 <!-- 75c70ba80807aed777189444e17910e5 --> 29618 <criteria operator="AND"> 29619 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29620 <criteria operator="OR"> 29621 <criterion test_ref="oval:org.opensuse.security:tst:2009069787" comment="kernel-bigsmp less than 2.6.16.60-0.89.1"/> 29622 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 29623 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 29624 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 29625 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 29626 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 29627 <criterion test_ref="oval:org.opensuse.security:tst:2009069788" comment="kernel-xenpae less than 2.6.16.60-0.89.1"/> 29628 </criteria> 29629 </criteria> 29630 </criteria> 29631 </definition> 29632 <definition id="oval:org.opensuse.security:def:20111095" version="1" class="vulnerability"> 29633 <metadata> 29634 <title>CVE-2011-1095</title> 29635 <affected family="unix"> 29636 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29637 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29638 </affected> 29639 <reference ref_id="CVE-2011-1095" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1095" source="CVE"/> 29640 <description> 29641 locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function. 29642 </description> 29643 </metadata> 29644 <!-- 68c207e7b54adb6c64930931c6c86ce0 --> 29645 <criteria operator="AND"> 29646 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29647 <criteria operator="OR"> 29648 <criterion test_ref="oval:org.opensuse.security:tst:2009069178" comment="glibc-32bit less than 2.4-31.91.1"/> 29649 <criterion test_ref="oval:org.opensuse.security:tst:2009069179" comment="glibc-devel-32bit less than 2.4-31.91.1"/> 29650 <criterion test_ref="oval:org.opensuse.security:tst:2009069180" comment="glibc-devel less than 2.4-31.91.1"/> 29651 <criterion test_ref="oval:org.opensuse.security:tst:2009069181" comment="glibc-html less than 2.4-31.91.1"/> 29652 <criterion test_ref="oval:org.opensuse.security:tst:2009069182" comment="glibc-i18ndata less than 2.4-31.91.1"/> 29653 <criterion test_ref="oval:org.opensuse.security:tst:2009069183" comment="glibc-info less than 2.4-31.91.1"/> 29654 <criterion test_ref="oval:org.opensuse.security:tst:2009069184" comment="glibc-locale-32bit less than 2.4-31.91.1"/> 29655 <criterion test_ref="oval:org.opensuse.security:tst:2009069185" comment="glibc-locale less than 2.4-31.91.1"/> 29656 <criterion test_ref="oval:org.opensuse.security:tst:2009069186" comment="glibc less than 2.4-31.91.1"/> 29657 <criterion test_ref="oval:org.opensuse.security:tst:2009069187" comment="nscd less than 2.4-31.91.1"/> 29658 </criteria> 29659 </criteria> 29660 </definition> 29661 <definition id="oval:org.opensuse.security:def:20111098" version="1" class="vulnerability"> 29662 <metadata> 29663 <title>CVE-2011-1098</title> 29664 <affected family="unix"> 29665 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29666 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29667 </affected> 29668 <reference ref_id="CVE-2011-1098" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1098" source="CVE"/> 29669 <description> 29670 Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place. 29671 </description> 29672 </metadata> 29673 <!-- ed7eaabcf9dade3aaaf9d785ea90d56f --> 29674 <criteria operator="AND"> 29675 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29676 <criterion test_ref="oval:org.opensuse.security:tst:2009068589" comment="logrotate less than 3.7.3-13.15.1"/> 29677 </criteria> 29678 </definition> 29679 <definition id="oval:org.opensuse.security:def:20111138" version="1" class="vulnerability"> 29680 <metadata> 29681 <title>CVE-2011-1138</title> 29682 <affected family="unix"> 29683 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 29684 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 29685 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29686 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29687 </affected> 29688 <reference ref_id="CVE-2011-1138" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1138" source="CVE"/> 29689 <description> 29690 Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet. 29691 </description> 29692 </metadata> 29693 <criteria operator="OR"> 29694 <!-- 6f945ca7e512591223a153602859503d --> 29695 <criteria operator="AND"> 29696 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 29697 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 29698 </criteria> 29699 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 29700 <criteria operator="AND"> 29701 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29702 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 29703 </criteria> 29704 </criteria> 29705 </definition> 29706 <definition id="oval:org.opensuse.security:def:20111139" version="1" class="vulnerability"> 29707 <metadata> 29708 <title>CVE-2011-1139</title> 29709 <affected family="unix"> 29710 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 29711 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 29712 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29713 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29714 </affected> 29715 <reference ref_id="CVE-2011-1139" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1139" source="CVE"/> 29716 <description> 29717 wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field. 29718 </description> 29719 </metadata> 29720 <criteria operator="OR"> 29721 <!-- 6f945ca7e512591223a153602859503d --> 29722 <criteria operator="AND"> 29723 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 29724 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 29725 </criteria> 29726 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 29727 <criteria operator="AND"> 29728 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29729 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 29730 </criteria> 29731 </criteria> 29732 </definition> 29733 <definition id="oval:org.opensuse.security:def:20111140" version="1" class="vulnerability"> 29734 <metadata> 29735 <title>CVE-2011-1140</title> 29736 <affected family="unix"> 29737 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 29738 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 29739 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29740 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29741 </affected> 29742 <reference ref_id="CVE-2011-1140" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1140" source="CVE"/> 29743 <description> 29744 Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet. 29745 </description> 29746 </metadata> 29747 <criteria operator="OR"> 29748 <!-- 6f945ca7e512591223a153602859503d --> 29749 <criteria operator="AND"> 29750 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 29751 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 29752 </criteria> 29753 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 29754 <criteria operator="AND"> 29755 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29756 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 29757 </criteria> 29758 </criteria> 29759 </definition> 29760 <definition id="oval:org.opensuse.security:def:20111143" version="1" class="vulnerability"> 29761 <metadata> 29762 <title>CVE-2011-1143</title> 29763 <affected family="unix"> 29764 <platform>SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T</platform> 29765 <platform>SUSE Linux Enterprise Desktop 10 SP3 for x86</platform> 29766 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29767 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29768 </affected> 29769 <reference ref_id="CVE-2011-1143" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1143" source="CVE"/> 29770 <description> 29771 epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file. 29772 </description> 29773 </metadata> 29774 <criteria operator="OR"> 29775 <!-- 6f945ca7e512591223a153602859503d --> 29776 <criteria operator="AND"> 29777 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp3 is installed"/> 29778 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 29779 </criteria> 29780 <!-- 7ca986d25c4d8a1552cc98ce1be7508b --> 29781 <criteria operator="AND"> 29782 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29783 <criterion test_ref="oval:org.opensuse.security:tst:2009066972" comment="wireshark less than 1.4.4-0.37.1"/> 29784 </criteria> 29785 </criteria> 29786 </definition> 29787 <definition id="oval:org.opensuse.security:def:20111155" version="1" class="vulnerability"> 29788 <metadata> 29789 <title>CVE-2011-1155</title> 29790 <affected family="unix"> 29791 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29792 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29793 </affected> 29794 <reference ref_id="CVE-2011-1155" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1155" source="CVE"/> 29795 <description> 29796 The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) \n (newline) or (2) \ (backslash) character in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name. 29797 </description> 29798 </metadata> 29799 <!-- ed7eaabcf9dade3aaaf9d785ea90d56f --> 29800 <criteria operator="AND"> 29801 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29802 <criterion test_ref="oval:org.opensuse.security:tst:2009068589" comment="logrotate less than 3.7.3-13.15.1"/> 29803 </criteria> 29804 </definition> 29805 <definition id="oval:org.opensuse.security:def:20111160" version="1" class="vulnerability"> 29806 <metadata> 29807 <title>CVE-2011-1160</title> 29808 <affected family="unix"> 29809 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29810 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29811 </affected> 29812 <reference ref_id="CVE-2011-1160" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1160" source="CVE"/> 29813 <description> 29814 The tpm_open function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not initialize a certain buffer, which allows local users to obtain potentially sensitive information from kernel memory via unspecified vectors. 29815 </description> 29816 </metadata> 29817 <criteria operator="OR"> 29818 <!-- 754d5abd3666eec2fbee9b225156757d --> 29819 <criteria operator="AND"> 29820 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29821 <criteria operator="OR"> 29822 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 29823 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 29824 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 29825 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 29826 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 29827 </criteria> 29828 </criteria> 29829 <!-- c44206b33270f7a4715bc2a20553ccb8 --> 29830 <criteria operator="AND"> 29831 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29832 <criteria operator="OR"> 29833 <criterion test_ref="oval:org.opensuse.security:tst:2009070734" comment="kernel-bigsmp less than 2.6.16.60-0.87.1"/> 29834 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 29835 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 29836 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 29837 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 29838 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 29839 <criterion test_ref="oval:org.opensuse.security:tst:2009070735" comment="kernel-xenpae less than 2.6.16.60-0.87.1"/> 29840 </criteria> 29841 </criteria> 29842 </criteria> 29843 </definition> 29844 <definition id="oval:org.opensuse.security:def:20111163" version="1" class="vulnerability"> 29845 <metadata> 29846 <title>CVE-2011-1163</title> 29847 <affected family="unix"> 29848 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29849 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29850 </affected> 29851 <reference ref_id="CVE-2011-1163" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1163" source="CVE"/> 29852 <description> 29853 The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing. 29854 </description> 29855 </metadata> 29856 <criteria operator="OR"> 29857 <!-- 754d5abd3666eec2fbee9b225156757d --> 29858 <criteria operator="AND"> 29859 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29860 <criteria operator="OR"> 29861 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 29862 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 29863 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 29864 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 29865 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 29866 </criteria> 29867 </criteria> 29868 <!-- c44206b33270f7a4715bc2a20553ccb8 --> 29869 <criteria operator="AND"> 29870 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29871 <criteria operator="OR"> 29872 <criterion test_ref="oval:org.opensuse.security:tst:2009070734" comment="kernel-bigsmp less than 2.6.16.60-0.87.1"/> 29873 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 29874 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 29875 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 29876 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 29877 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 29878 <criterion test_ref="oval:org.opensuse.security:tst:2009070735" comment="kernel-xenpae less than 2.6.16.60-0.87.1"/> 29879 </criteria> 29880 </criteria> 29881 </criteria> 29882 </definition> 29883 <definition id="oval:org.opensuse.security:def:20111166" version="1" class="vulnerability"> 29884 <metadata> 29885 <title>CVE-2011-1166</title> 29886 <affected family="unix"> 29887 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29888 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29889 </affected> 29890 <reference ref_id="CVE-2011-1166" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166" source="CVE"/> 29891 <description> 29892 Xen, possibly before 4.0.2, allows local 64-bit PV guests to cause a denial of service (host crash) by specifying user mode execution without user-mode pagetables. 29893 </description> 29894 </metadata> 29895 <!-- 5ef372422148176da8490b56d8e57492 --> 29896 <criteria operator="AND"> 29897 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29898 <criteria operator="OR"> 29899 <criterion test_ref="oval:org.opensuse.security:tst:2009069241" comment="xen-devel less than 3.2.3_17040_36-0.7.1"/> 29900 <criterion test_ref="oval:org.opensuse.security:tst:2009069242" comment="xen-doc-html less than 3.2.3_17040_36-0.7.1"/> 29901 <criterion test_ref="oval:org.opensuse.security:tst:2009069243" comment="xen-doc-pdf less than 3.2.3_17040_36-0.7.1"/> 29902 <criterion test_ref="oval:org.opensuse.security:tst:2009069244" comment="xen-doc-ps less than 3.2.3_17040_36-0.7.1"/> 29903 <criterion test_ref="oval:org.opensuse.security:tst:2009069245" comment="xen-kmp-bigsmp less than 3.2.3_17040_36_2.6.16.60_0.87.4-0.7.1"/> 29904 <criterion test_ref="oval:org.opensuse.security:tst:2009069246" comment="xen-kmp-default less than 3.2.3_17040_36_2.6.16.60_0.87.4-0.7.1"/> 29905 <criterion test_ref="oval:org.opensuse.security:tst:2009069247" comment="xen-kmp-smp less than 3.2.3_17040_36_2.6.16.60_0.87.4-0.7.1"/> 29906 <criterion test_ref="oval:org.opensuse.security:tst:2009069248" comment="xen-libs-32bit less than 3.2.3_17040_36-0.7.1"/> 29907 <criterion test_ref="oval:org.opensuse.security:tst:2009069249" comment="xen-libs less than 3.2.3_17040_36-0.7.1"/> 29908 <criterion test_ref="oval:org.opensuse.security:tst:2009069250" comment="xen-tools-domU less than 3.2.3_17040_36-0.7.1"/> 29909 <criterion test_ref="oval:org.opensuse.security:tst:2009069251" comment="xen-tools-ioemu less than 3.2.3_17040_36-0.7.1"/> 29910 <criterion test_ref="oval:org.opensuse.security:tst:2009069252" comment="xen-tools less than 3.2.3_17040_36-0.7.1"/> 29911 <criterion test_ref="oval:org.opensuse.security:tst:2009069253" comment="xen less than 3.2.3_17040_36-0.7.1"/> 29912 </criteria> 29913 </criteria> 29914 </definition> 29915 <definition id="oval:org.opensuse.security:def:20111167" version="1" class="vulnerability"> 29916 <metadata> 29917 <title>CVE-2011-1167</title> 29918 <affected family="unix"> 29919 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29920 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29921 </affected> 29922 <reference ref_id="CVE-2011-1167" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167" source="CVE"/> 29923 <description> 29924 Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value. 29925 </description> 29926 </metadata> 29927 <!-- 5f984c45fd590a060e94e0d63e5e2fae --> 29928 <criteria operator="AND"> 29929 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29930 <criteria operator="OR"> 29931 <criterion test_ref="oval:org.opensuse.security:tst:2009068148" comment="libtiff-32bit less than 3.8.2-5.24.1"/> 29932 <criterion test_ref="oval:org.opensuse.security:tst:2009068152" comment="libtiff-devel less than 3.8.2-5.24.1"/> 29933 <criterion test_ref="oval:org.opensuse.security:tst:2009068154" comment="libtiff less than 3.8.2-5.24.1"/> 29934 </criteria> 29935 </criteria> 29936 </definition> 29937 <definition id="oval:org.opensuse.security:def:20111170" version="1" class="vulnerability"> 29938 <metadata> 29939 <title>CVE-2011-1170</title> 29940 <affected family="unix"> 29941 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29942 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29943 </affected> 29944 <reference ref_id="CVE-2011-1170" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1170" source="CVE"/> 29945 <description> 29946 net/ipv4/netfilter/arp_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process. 29947 </description> 29948 </metadata> 29949 <criteria operator="OR"> 29950 <!-- 04c790b378855fb45cf8fbe69ba4bbc1 --> 29951 <criteria operator="AND"> 29952 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29953 <criteria operator="OR"> 29954 <criterion test_ref="oval:org.opensuse.security:tst:2009072709" comment="kernel-bigsmp less than 2.6.16.60-0.93.1"/> 29955 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 29956 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 29957 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 29958 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 29959 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 29960 <criterion test_ref="oval:org.opensuse.security:tst:2009072715" comment="kernel-xenpae less than 2.6.16.60-0.93.1"/> 29961 </criteria> 29962 </criteria> 29963 <!-- 2a3c70bd23d91ad0dd11094f7e71f27a --> 29964 <criteria operator="AND"> 29965 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29966 <criteria operator="OR"> 29967 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 29968 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 29969 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 29970 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 29971 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 29972 </criteria> 29973 </criteria> 29974 </criteria> 29975 </definition> 29976 <definition id="oval:org.opensuse.security:def:20111171" version="1" class="vulnerability"> 29977 <metadata> 29978 <title>CVE-2011-1171</title> 29979 <affected family="unix"> 29980 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 29981 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 29982 </affected> 29983 <reference ref_id="CVE-2011-1171" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1171" source="CVE"/> 29984 <description> 29985 net/ipv4/netfilter/ip_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process. 29986 </description> 29987 </metadata> 29988 <criteria operator="OR"> 29989 <!-- 04c790b378855fb45cf8fbe69ba4bbc1 --> 29990 <criteria operator="AND"> 29991 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 29992 <criteria operator="OR"> 29993 <criterion test_ref="oval:org.opensuse.security:tst:2009072709" comment="kernel-bigsmp less than 2.6.16.60-0.93.1"/> 29994 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 29995 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 29996 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 29997 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 29998 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 29999 <criterion test_ref="oval:org.opensuse.security:tst:2009072715" comment="kernel-xenpae less than 2.6.16.60-0.93.1"/> 30000 </criteria> 30001 </criteria> 30002 <!-- 2a3c70bd23d91ad0dd11094f7e71f27a --> 30003 <criteria operator="AND"> 30004 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30005 <criteria operator="OR"> 30006 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 30007 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 30008 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 30009 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 30010 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 30011 </criteria> 30012 </criteria> 30013 </criteria> 30014 </definition> 30015 <definition id="oval:org.opensuse.security:def:20111172" version="1" class="vulnerability"> 30016 <metadata> 30017 <title>CVE-2011-1172</title> 30018 <affected family="unix"> 30019 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30020 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30021 </affected> 30022 <reference ref_id="CVE-2011-1172" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1172" source="CVE"/> 30023 <description> 30024 net/ipv6/netfilter/ip6_tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process. 30025 </description> 30026 </metadata> 30027 <criteria operator="OR"> 30028 <!-- 04c790b378855fb45cf8fbe69ba4bbc1 --> 30029 <criteria operator="AND"> 30030 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30031 <criteria operator="OR"> 30032 <criterion test_ref="oval:org.opensuse.security:tst:2009072709" comment="kernel-bigsmp less than 2.6.16.60-0.93.1"/> 30033 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 30034 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 30035 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 30036 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 30037 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 30038 <criterion test_ref="oval:org.opensuse.security:tst:2009072715" comment="kernel-xenpae less than 2.6.16.60-0.93.1"/> 30039 </criteria> 30040 </criteria> 30041 <!-- 2a3c70bd23d91ad0dd11094f7e71f27a --> 30042 <criteria operator="AND"> 30043 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30044 <criteria operator="OR"> 30045 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 30046 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 30047 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 30048 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 30049 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 30050 </criteria> 30051 </criteria> 30052 </criteria> 30053 </definition> 30054 <definition id="oval:org.opensuse.security:def:20111173" version="1" class="vulnerability"> 30055 <metadata> 30056 <title>CVE-2011-1173</title> 30057 <affected family="unix"> 30058 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30059 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30060 </affected> 30061 <reference ref_id="CVE-2011-1173" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1173" source="CVE"/> 30062 <description> 30063 The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.39 on the x86_64 platform allows remote attackers to obtain potentially sensitive information from kernel stack memory by reading uninitialized data in the ah field of an Acorn Universal Networking (AUN) packet. 30064 </description> 30065 </metadata> 30066 <criteria operator="OR"> 30067 <!-- 04c790b378855fb45cf8fbe69ba4bbc1 --> 30068 <criteria operator="AND"> 30069 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30070 <criteria operator="OR"> 30071 <criterion test_ref="oval:org.opensuse.security:tst:2009072709" comment="kernel-bigsmp less than 2.6.16.60-0.93.1"/> 30072 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 30073 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 30074 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 30075 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 30076 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 30077 <criterion test_ref="oval:org.opensuse.security:tst:2009072715" comment="kernel-xenpae less than 2.6.16.60-0.93.1"/> 30078 </criteria> 30079 </criteria> 30080 <!-- 2a3c70bd23d91ad0dd11094f7e71f27a --> 30081 <criteria operator="AND"> 30082 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30083 <criteria operator="OR"> 30084 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 30085 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 30086 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 30087 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 30088 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 30089 </criteria> 30090 </criteria> 30091 </criteria> 30092 </definition> 30093 <definition id="oval:org.opensuse.security:def:20111178" version="1" class="vulnerability"> 30094 <metadata> 30095 <title>CVE-2011-1178</title> 30096 <affected family="unix"> 30097 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30098 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30099 </affected> 30100 <reference ref_id="CVE-2011-1178" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1178" source="CVE"/> 30101 <description> 30102 Multiple integer overflows in the load_image function in file-pcx.c in the Personal Computer Exchange (PCX) plugin in GIMP 2.6.x and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PCX image that triggers a heap-based buffer overflow. 30103 </description> 30104 </metadata> 30105 <!-- 013ac8ad5056f5e91f63b3f737b36cfc --> 30106 <criteria operator="AND"> 30107 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30108 <criteria operator="OR"> 30109 <criterion test_ref="oval:org.opensuse.security:tst:2009068701" comment="gimp-devel less than 2.2.10-22.38.1"/> 30110 <criterion test_ref="oval:org.opensuse.security:tst:2009068702" comment="gimp less than 2.2.10-22.38.1"/> 30111 </criteria> 30112 </criteria> 30113 </definition> 30114 <definition id="oval:org.opensuse.security:def:20111180" version="1" class="vulnerability"> 30115 <metadata> 30116 <title>CVE-2011-1180</title> 30117 <affected family="unix"> 30118 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30119 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30120 </affected> 30121 <reference ref_id="CVE-2011-1180" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1180" source="CVE"/> 30122 <description> 30123 Multiple stack-based buffer overflows in the iriap_getvaluebyclass_indication function in net/irda/iriap.c in the Linux kernel before 2.6.39 allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging connectivity to an IrDA infrared network and sending a large integer value for a (1) name length or (2) attribute length. 30124 </description> 30125 </metadata> 30126 <criteria operator="OR"> 30127 <!-- 754d5abd3666eec2fbee9b225156757d --> 30128 <criteria operator="AND"> 30129 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30130 <criteria operator="OR"> 30131 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 30132 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 30133 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 30134 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 30135 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 30136 </criteria> 30137 </criteria> 30138 <!-- c44206b33270f7a4715bc2a20553ccb8 --> 30139 <criteria operator="AND"> 30140 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30141 <criteria operator="OR"> 30142 <criterion test_ref="oval:org.opensuse.security:tst:2009070734" comment="kernel-bigsmp less than 2.6.16.60-0.87.1"/> 30143 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 30144 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 30145 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 30146 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 30147 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 30148 <criterion test_ref="oval:org.opensuse.security:tst:2009070735" comment="kernel-xenpae less than 2.6.16.60-0.87.1"/> 30149 </criteria> 30150 </criteria> 30151 </criteria> 30152 </definition> 30153 <definition id="oval:org.opensuse.security:def:20111182" version="1" class="vulnerability"> 30154 <metadata> 30155 <title>CVE-2011-1182</title> 30156 <affected family="unix"> 30157 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30158 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30159 </affected> 30160 <reference ref_id="CVE-2011-1182" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1182" source="CVE"/> 30161 <description> 30162 kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call. 30163 </description> 30164 </metadata> 30165 <criteria operator="OR"> 30166 <!-- 754d5abd3666eec2fbee9b225156757d --> 30167 <criteria operator="AND"> 30168 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30169 <criteria operator="OR"> 30170 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 30171 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 30172 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 30173 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 30174 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 30175 </criteria> 30176 </criteria> 30177 <!-- c44206b33270f7a4715bc2a20553ccb8 --> 30178 <criteria operator="AND"> 30179 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30180 <criteria operator="OR"> 30181 <criterion test_ref="oval:org.opensuse.security:tst:2009070734" comment="kernel-bigsmp less than 2.6.16.60-0.87.1"/> 30182 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 30183 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 30184 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 30185 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 30186 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 30187 <criterion test_ref="oval:org.opensuse.security:tst:2009070735" comment="kernel-xenpae less than 2.6.16.60-0.87.1"/> 30188 </criteria> 30189 </criteria> 30190 </criteria> 30191 </definition> 30192 <definition id="oval:org.opensuse.security:def:20111187" version="1" class="vulnerability"> 30193 <metadata> 30194 <title>CVE-2011-1187</title> 30195 <affected family="unix"> 30196 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30197 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30198 </affected> 30199 <reference ref_id="CVE-2011-1187" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1187" source="CVE"/> 30200 <description> 30201 Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak." 30202 </description> 30203 </metadata> 30204 <!-- f83092661fed82089220795937f323d2 --> 30205 <criteria operator="AND"> 30206 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30207 <criteria operator="OR"> 30208 <criterion test_ref="oval:org.opensuse.security:tst:2009074355" comment="MozillaFirefox-branding-SLED less than 7-0.8.12"/> 30209 <criterion test_ref="oval:org.opensuse.security:tst:2009074356" comment="MozillaFirefox-translations less than 10.0.4-0.7.6"/> 30210 <criterion test_ref="oval:org.opensuse.security:tst:2009074357" comment="MozillaFirefox less than 10.0.4-0.7.6"/> 30211 <criterion test_ref="oval:org.opensuse.security:tst:2009074358" comment="beagle-evolution less than 0.2.18-78.13.1.102"/> 30212 <criterion test_ref="oval:org.opensuse.security:tst:2009074359" comment="beagle-firefox less than 0.2.18-78.13.1.102"/> 30213 <criterion test_ref="oval:org.opensuse.security:tst:2009074360" comment="beagle-gui less than 0.2.18-78.13.1.102"/> 30214 <criterion test_ref="oval:org.opensuse.security:tst:2009074361" comment="beagle less than 0.2.18-78.13.1.102"/> 30215 <criterion test_ref="oval:org.opensuse.security:tst:2009074362" comment="firefox3-gtk2-32bit less than 2.10.6-0.10.1"/> 30216 <criterion test_ref="oval:org.opensuse.security:tst:2009074363" comment="firefox3-gtk2 less than 2.10.6-0.10.1"/> 30217 <criterion test_ref="oval:org.opensuse.security:tst:2009074364" comment="mhtml-firefox less than 0.5-1.11.5"/> 30218 <criterion test_ref="oval:org.opensuse.security:tst:2009074365" comment="mozilla-nss-32bit less than 3.13.4-0.5.5"/> 30219 <criterion test_ref="oval:org.opensuse.security:tst:2009074366" comment="mozilla-nss-devel less than 3.13.4-0.5.5"/> 30220 <criterion test_ref="oval:org.opensuse.security:tst:2009074367" comment="mozilla-nss-tools less than 3.13.4-0.5.5"/> 30221 <criterion test_ref="oval:org.opensuse.security:tst:2009074368" comment="mozilla-nss less than 3.13.4-0.5.5"/> 30222 </criteria> 30223 </criteria> 30224 </definition> 30225 <definition id="oval:org.opensuse.security:def:20111202" version="1" class="vulnerability"> 30226 <metadata> 30227 <title>CVE-2011-1202</title> 30228 <affected family="unix"> 30229 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30230 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30231 </affected> 30232 <reference ref_id="CVE-2011-1202" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1202" source="CVE"/> 30233 <description> 30234 The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function. 30235 </description> 30236 </metadata> 30237 <criteria operator="OR"> 30238 <!-- 0c73a3b88327cd1c299b76dee48f005e --> 30239 <criteria operator="AND"> 30240 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30241 <criteria operator="OR"> 30242 <criterion test_ref="oval:org.opensuse.security:tst:2009068275" comment="MozillaFirefox-translations less than 3.6.17-0.5.1"/> 30243 <criterion test_ref="oval:org.opensuse.security:tst:2009068276" comment="MozillaFirefox less than 3.6.17-0.5.1"/> 30244 <criterion test_ref="oval:org.opensuse.security:tst:2009068277" comment="mozilla-xulrunner192-32bit less than 1.9.2.17-0.6.1"/> 30245 <criterion test_ref="oval:org.opensuse.security:tst:2009068278" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.17-0.6.1"/> 30246 <criterion test_ref="oval:org.opensuse.security:tst:2009068279" comment="mozilla-xulrunner192-gnome less than 1.9.2.17-0.6.1"/> 30247 <criterion test_ref="oval:org.opensuse.security:tst:2009068280" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.17-0.6.1"/> 30248 <criterion test_ref="oval:org.opensuse.security:tst:2009068281" comment="mozilla-xulrunner192-translations less than 1.9.2.17-0.6.1"/> 30249 <criterion test_ref="oval:org.opensuse.security:tst:2009068282" comment="mozilla-xulrunner192 less than 1.9.2.17-0.6.1"/> 30250 </criteria> 30251 </criteria> 30252 <!-- 80f6910b2efb9db816cc045ed9550be7 --> 30253 <criteria operator="AND"> 30254 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30255 <criteria operator="OR"> 30256 <criterion test_ref="oval:org.opensuse.security:tst:2009068267" comment="mozilla-xulrunner191-32bit less than 1.9.1.19-0.5.1"/> 30257 <criterion test_ref="oval:org.opensuse.security:tst:2009068268" comment="mozilla-xulrunner191-gnomevfs-32bit less than 1.9.1.19-0.5.1"/> 30258 <criterion test_ref="oval:org.opensuse.security:tst:2009068269" comment="mozilla-xulrunner191-gnomevfs less than 1.9.1.19-0.5.1"/> 30259 <criterion test_ref="oval:org.opensuse.security:tst:2009068270" comment="mozilla-xulrunner191-translations-32bit less than 1.9.1.19-0.5.1"/> 30260 <criterion test_ref="oval:org.opensuse.security:tst:2009068271" comment="mozilla-xulrunner191-translations less than 1.9.1.19-0.5.1"/> 30261 <criterion test_ref="oval:org.opensuse.security:tst:2009068272" comment="mozilla-xulrunner191 less than 1.9.1.19-0.5.1"/> 30262 </criteria> 30263 </criteria> 30264 </criteria> 30265 </definition> 30266 <definition id="oval:org.opensuse.security:def:20111353" version="1" class="vulnerability"> 30267 <metadata> 30268 <title>CVE-2011-1353</title> 30269 <affected family="unix"> 30270 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30271 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30272 </affected> 30273 <reference ref_id="CVE-2011-1353" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1353" source="CVE"/> 30274 <description> 30275 Unspecified vulnerability in Adobe Reader 10.x before 10.1.1 on Windows allows local users to gain privileges via unknown vectors. 30276 </description> 30277 </metadata> 30278 <!-- 729306cbb9eef9773fe9541056dca550 --> 30279 <criteria operator="AND"> 30280 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30281 <criteria operator="OR"> 30282 <criterion test_ref="oval:org.opensuse.security:tst:2009071826" comment="acroread-cmaps less than 9.4.6-0.5.1"/> 30283 <criterion test_ref="oval:org.opensuse.security:tst:2009071827" comment="acroread-fonts-ja less than 9.4.6-0.5.1"/> 30284 <criterion test_ref="oval:org.opensuse.security:tst:2009071828" comment="acroread-fonts-ko less than 9.4.6-0.5.1"/> 30285 <criterion test_ref="oval:org.opensuse.security:tst:2009071829" comment="acroread-fonts-zh_CN less than 9.4.6-0.5.1"/> 30286 <criterion test_ref="oval:org.opensuse.security:tst:2009071830" comment="acroread-fonts-zh_TW less than 9.4.6-0.5.1"/> 30287 <criterion test_ref="oval:org.opensuse.security:tst:2009071825" comment="acroread less than 9.4.6-0.5.1"/> 30288 </criteria> 30289 </criteria> 30290 </definition> 30291 <definition id="oval:org.opensuse.security:def:20111476" version="1" class="vulnerability"> 30292 <metadata> 30293 <title>CVE-2011-1476</title> 30294 <affected family="unix"> 30295 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30296 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30297 </affected> 30298 <reference ref_id="CVE-2011-1476" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1476" source="CVE"/> 30299 <description> 30300 Integer underflow in the Open Sound System (OSS) subsystem in the Linux kernel before 2.6.39 on unspecified non-x86 platforms allows local users to cause a denial of service (memory corruption) by leveraging write access to /dev/sequencer. 30301 </description> 30302 </metadata> 30303 <criteria operator="OR"> 30304 <!-- 754d5abd3666eec2fbee9b225156757d --> 30305 <criteria operator="AND"> 30306 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30307 <criteria operator="OR"> 30308 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 30309 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 30310 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 30311 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 30312 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 30313 </criteria> 30314 </criteria> 30315 <!-- c44206b33270f7a4715bc2a20553ccb8 --> 30316 <criteria operator="AND"> 30317 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30318 <criteria operator="OR"> 30319 <criterion test_ref="oval:org.opensuse.security:tst:2009070734" comment="kernel-bigsmp less than 2.6.16.60-0.87.1"/> 30320 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 30321 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 30322 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 30323 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 30324 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 30325 <criterion test_ref="oval:org.opensuse.security:tst:2009070735" comment="kernel-xenpae less than 2.6.16.60-0.87.1"/> 30326 </criteria> 30327 </criteria> 30328 </criteria> 30329 </definition> 30330 <definition id="oval:org.opensuse.security:def:20111477" version="1" class="vulnerability"> 30331 <metadata> 30332 <title>CVE-2011-1477</title> 30333 <affected family="unix"> 30334 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30335 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30336 </affected> 30337 <reference ref_id="CVE-2011-1477" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1477" source="CVE"/> 30338 <description> 30339 Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users to cause a denial of service (heap memory corruption) or possibly gain privileges by leveraging write access to /dev/sequencer. 30340 </description> 30341 </metadata> 30342 <criteria operator="OR"> 30343 <!-- 754d5abd3666eec2fbee9b225156757d --> 30344 <criteria operator="AND"> 30345 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30346 <criteria operator="OR"> 30347 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 30348 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 30349 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 30350 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 30351 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 30352 </criteria> 30353 </criteria> 30354 <!-- c44206b33270f7a4715bc2a20553ccb8 --> 30355 <criteria operator="AND"> 30356 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30357 <criteria operator="OR"> 30358 <criterion test_ref="oval:org.opensuse.security:tst:2009070734" comment="kernel-bigsmp less than 2.6.16.60-0.87.1"/> 30359 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 30360 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 30361 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 30362 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 30363 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 30364 <criterion test_ref="oval:org.opensuse.security:tst:2009070735" comment="kernel-xenpae less than 2.6.16.60-0.87.1"/> 30365 </criteria> 30366 </criteria> 30367 </criteria> 30368 </definition> 30369 <definition id="oval:org.opensuse.security:def:20111487" version="1" class="vulnerability"> 30370 <metadata> 30371 <title>CVE-2011-1487</title> 30372 <affected family="unix"> 30373 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30374 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30375 </affected> 30376 <reference ref_id="CVE-2011-1487" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1487" source="CVE"/> 30377 <description> 30378 The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string. 30379 </description> 30380 </metadata> 30381 <!-- bab9272216ee894902d1b59ef6fffb4e --> 30382 <criteria operator="AND"> 30383 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30384 <criteria operator="OR"> 30385 <criterion test_ref="oval:org.opensuse.security:tst:2009070816" comment="perl-32bit less than 5.8.8-14.19.7"/> 30386 <criterion test_ref="oval:org.opensuse.security:tst:2009070819" comment="perl less than 5.8.8-14.19.7"/> 30387 </criteria> 30388 </criteria> 30389 </definition> 30390 <definition id="oval:org.opensuse.security:def:20111493" version="1" class="vulnerability"> 30391 <metadata> 30392 <title>CVE-2011-1493</title> 30393 <affected family="unix"> 30394 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30395 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30396 </affected> 30397 <reference ref_id="CVE-2011-1493" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1493" source="CVE"/> 30398 <description> 30399 Array index error in the rose_parse_national function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by composing FAC_NATIONAL_DIGIS data that specifies a large number of digipeaters, and then sending this data to a ROSE socket. 30400 </description> 30401 </metadata> 30402 <criteria operator="OR"> 30403 <!-- 754d5abd3666eec2fbee9b225156757d --> 30404 <criteria operator="AND"> 30405 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30406 <criteria operator="OR"> 30407 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 30408 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 30409 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 30410 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 30411 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 30412 </criteria> 30413 </criteria> 30414 <!-- c44206b33270f7a4715bc2a20553ccb8 --> 30415 <criteria operator="AND"> 30416 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30417 <criteria operator="OR"> 30418 <criterion test_ref="oval:org.opensuse.security:tst:2009070734" comment="kernel-bigsmp less than 2.6.16.60-0.87.1"/> 30419 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 30420 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 30421 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 30422 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 30423 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 30424 <criterion test_ref="oval:org.opensuse.security:tst:2009070735" comment="kernel-xenpae less than 2.6.16.60-0.87.1"/> 30425 </criteria> 30426 </criteria> 30427 </criteria> 30428 </definition> 30429 <definition id="oval:org.opensuse.security:def:20111494" version="1" class="vulnerability"> 30430 <metadata> 30431 <title>CVE-2011-1494</title> 30432 <affected family="unix"> 30433 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30434 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30435 </affected> 30436 <reference ref_id="CVE-2011-1494" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1494" source="CVE"/> 30437 <description> 30438 Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow. 30439 </description> 30440 </metadata> 30441 <criteria operator="OR"> 30442 <!-- 2284bd78d78b00accc68729a9634d92d --> 30443 <criteria operator="AND"> 30444 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30445 <criteria operator="OR"> 30446 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 30447 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 30448 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 30449 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 30450 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 30451 </criteria> 30452 </criteria> 30453 <!-- 75c70ba80807aed777189444e17910e5 --> 30454 <criteria operator="AND"> 30455 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30456 <criteria operator="OR"> 30457 <criterion test_ref="oval:org.opensuse.security:tst:2009069787" comment="kernel-bigsmp less than 2.6.16.60-0.89.1"/> 30458 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 30459 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 30460 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 30461 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 30462 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 30463 <criterion test_ref="oval:org.opensuse.security:tst:2009069788" comment="kernel-xenpae less than 2.6.16.60-0.89.1"/> 30464 </criteria> 30465 </criteria> 30466 </criteria> 30467 </definition> 30468 <definition id="oval:org.opensuse.security:def:20111495" version="1" class="vulnerability"> 30469 <metadata> 30470 <title>CVE-2011-1495</title> 30471 <affected family="unix"> 30472 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30473 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30474 </affected> 30475 <reference ref_id="CVE-2011-1495" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1495" source="CVE"/> 30476 <description> 30477 drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions. 30478 </description> 30479 </metadata> 30480 <criteria operator="OR"> 30481 <!-- 2284bd78d78b00accc68729a9634d92d --> 30482 <criteria operator="AND"> 30483 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30484 <criteria operator="OR"> 30485 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 30486 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 30487 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 30488 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 30489 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 30490 </criteria> 30491 </criteria> 30492 <!-- 75c70ba80807aed777189444e17910e5 --> 30493 <criteria operator="AND"> 30494 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30495 <criteria operator="OR"> 30496 <criterion test_ref="oval:org.opensuse.security:tst:2009069787" comment="kernel-bigsmp less than 2.6.16.60-0.89.1"/> 30497 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 30498 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 30499 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 30500 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 30501 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 30502 <criterion test_ref="oval:org.opensuse.security:tst:2009069788" comment="kernel-xenpae less than 2.6.16.60-0.89.1"/> 30503 </criteria> 30504 </criteria> 30505 </criteria> 30506 </definition> 30507 <definition id="oval:org.opensuse.security:def:20111521" version="1" class="vulnerability"> 30508 <metadata> 30509 <title>CVE-2011-1521</title> 30510 <affected family="unix"> 30511 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30512 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30513 </affected> 30514 <reference ref_id="CVE-2011-1521" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1521" source="CVE"/> 30515 <description> 30516 The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain sensitive information or cause a denial of service (resource consumption) via a crafted URL, as demonstrated by the file:///etc/passwd and file:///dev/zero URLs. 30517 </description> 30518 </metadata> 30519 <!-- 655f0de8e54f66cbae08d7b51b58f9c4 --> 30520 <criteria operator="AND"> 30521 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30522 <criteria operator="OR"> 30523 <criterion test_ref="oval:org.opensuse.security:tst:2009068548" comment="python-32bit less than 2.4.2-18.37.1"/> 30524 <criterion test_ref="oval:org.opensuse.security:tst:2009068549" comment="python-curses less than 2.4.2-18.37.1"/> 30525 <criterion test_ref="oval:org.opensuse.security:tst:2009068550" comment="python-devel less than 2.4.2-18.37.1"/> 30526 <criterion test_ref="oval:org.opensuse.security:tst:2009068551" comment="python-gdbm less than 2.4.2-18.37.1"/> 30527 <criterion test_ref="oval:org.opensuse.security:tst:2009068552" comment="python-tk less than 2.4.2-18.37.1"/> 30528 <criterion test_ref="oval:org.opensuse.security:tst:2009068553" comment="python-xml less than 2.4.2-18.37.1"/> 30529 <criterion test_ref="oval:org.opensuse.security:tst:2009068554" comment="python less than 2.4.2-18.37.1"/> 30530 </criteria> 30531 </criteria> 30532 </definition> 30533 <definition id="oval:org.opensuse.security:def:20111526" version="1" class="vulnerability"> 30534 <metadata> 30535 <title>CVE-2011-1526</title> 30536 <affected family="unix"> 30537 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30538 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30539 </affected> 30540 <reference ref_id="CVE-2011-1526" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1526" source="CVE"/> 30541 <description> 30542 ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script. 30543 </description> 30544 </metadata> 30545 <!-- 1827558e7c86f395bb141c5095dca72d --> 30546 <criteria operator="AND"> 30547 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30548 <criteria operator="OR"> 30549 <criterion test_ref="oval:org.opensuse.security:tst:2009072356" comment="krb5-32bit less than 1.4.3-19.49.49.1"/> 30550 <criterion test_ref="oval:org.opensuse.security:tst:2009072357" comment="krb5-client less than 1.4.3-19.49.49.1"/> 30551 <criterion test_ref="oval:org.opensuse.security:tst:2009072358" comment="krb5-devel-32bit less than 1.4.3-19.49.49.1"/> 30552 <criterion test_ref="oval:org.opensuse.security:tst:2009072359" comment="krb5-devel less than 1.4.3-19.49.49.1"/> 30553 <criterion test_ref="oval:org.opensuse.security:tst:2009072360" comment="krb5 less than 1.4.3-19.49.49.1"/> 30554 </criteria> 30555 </criteria> 30556 </definition> 30557 <definition id="oval:org.opensuse.security:def:20111550" version="1" class="vulnerability"> 30558 <metadata> 30559 <title>CVE-2011-1550</title> 30560 <affected family="unix"> 30561 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30562 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30563 </affected> 30564 <reference ref_id="CVE-2011-1550" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1550" source="CVE"/> 30565 <description> 30566 The default configuration of logrotate on SUSE openSUSE Factory uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by directories for the (1) cobbler, (2) inn, (3) safte-monitor, and (4) uucp packages. 30567 </description> 30568 </metadata> 30569 <!-- 887c4640300dc79be8b5abf4a6bbf908 --> 30570 <criteria operator="AND"> 30571 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30572 <criterion test_ref="oval:org.opensuse.security:tst:2009073171" comment="logrotate less than 3.7.3-13.17.1"/> 30573 </criteria> 30574 </definition> 30575 <definition id="oval:org.opensuse.security:def:20111552" version="1" class="vulnerability"> 30576 <metadata> 30577 <title>CVE-2011-1552</title> 30578 <affected family="unix"> 30579 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30580 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30581 </affected> 30582 <reference ref_id="CVE-2011-1552" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1552" source="CVE"/> 30583 <description> 30584 t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a different vulnerability than CVE-2011-0764. 30585 </description> 30586 </metadata> 30587 <!-- 0a41b9d515732b420bea02ef6d7030a1 --> 30588 <criteria operator="AND"> 30589 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30590 <criterion test_ref="oval:org.opensuse.security:tst:2009074608" comment="t1lib less than 1.3.1-585.11.1"/> 30591 </criteria> 30592 </definition> 30593 <definition id="oval:org.opensuse.security:def:20111553" version="1" class="vulnerability"> 30594 <metadata> 30595 <title>CVE-2011-1553</title> 30596 <affected family="unix"> 30597 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30598 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30599 </affected> 30600 <reference ref_id="CVE-2011-1553" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1553" source="CVE"/> 30601 <description> 30602 Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory write, a different vulnerability than CVE-2011-0764. 30603 </description> 30604 </metadata> 30605 <!-- 0a41b9d515732b420bea02ef6d7030a1 --> 30606 <criteria operator="AND"> 30607 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30608 <criterion test_ref="oval:org.opensuse.security:tst:2009074608" comment="t1lib less than 1.3.1-585.11.1"/> 30609 </criteria> 30610 </definition> 30611 <definition id="oval:org.opensuse.security:def:20111554" version="1" class="vulnerability"> 30612 <metadata> 30613 <title>CVE-2011-1554</title> 30614 <affected family="unix"> 30615 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30616 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30617 </affected> 30618 <reference ref_id="CVE-2011-1554" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1554" source="CVE"/> 30619 <description> 30620 Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764. 30621 </description> 30622 </metadata> 30623 <!-- 0a41b9d515732b420bea02ef6d7030a1 --> 30624 <criteria operator="AND"> 30625 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30626 <criterion test_ref="oval:org.opensuse.security:tst:2009074608" comment="t1lib less than 1.3.1-585.11.1"/> 30627 </criteria> 30628 </definition> 30629 <definition id="oval:org.opensuse.security:def:20111573" version="1" class="vulnerability"> 30630 <metadata> 30631 <title>CVE-2011-1573</title> 30632 <affected family="unix"> 30633 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30634 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30635 </affected> 30636 <reference ref_id="CVE-2011-1573" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1573" source="CVE"/> 30637 <description> 30638 net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are used, does not consider the amount of zero padding during calculation of chunk lengths for (1) INIT and (2) INIT ACK chunks, which allows remote attackers to cause a denial of service (OOPS) via crafted packet data. 30639 </description> 30640 </metadata> 30641 <criteria operator="OR"> 30642 <!-- 754d5abd3666eec2fbee9b225156757d --> 30643 <criteria operator="AND"> 30644 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30645 <criteria operator="OR"> 30646 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 30647 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 30648 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 30649 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 30650 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 30651 </criteria> 30652 </criteria> 30653 <!-- c44206b33270f7a4715bc2a20553ccb8 --> 30654 <criteria operator="AND"> 30655 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30656 <criteria operator="OR"> 30657 <criterion test_ref="oval:org.opensuse.security:tst:2009070734" comment="kernel-bigsmp less than 2.6.16.60-0.87.1"/> 30658 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 30659 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 30660 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 30661 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 30662 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 30663 <criterion test_ref="oval:org.opensuse.security:tst:2009070735" comment="kernel-xenpae less than 2.6.16.60-0.87.1"/> 30664 </criteria> 30665 </criteria> 30666 </criteria> 30667 </definition> 30668 <definition id="oval:org.opensuse.security:def:20111575" version="1" class="vulnerability"> 30669 <metadata> 30670 <title>CVE-2011-1575</title> 30671 <affected family="unix"> 30672 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30673 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30674 </affected> 30675 <reference ref_id="CVE-2011-1575" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1575" source="CVE"/> 30676 <description> 30677 The STARTTLS implementation in ftp_parser.c in Pure-FTPd before 1.0.30 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted FTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. 30678 </description> 30679 </metadata> 30680 <!-- fb44818690c83f61834edde0d208cdae --> 30681 <criteria operator="AND"> 30682 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30683 <criterion test_ref="oval:org.opensuse.security:tst:2009068586" comment="pure-ftpd less than 1.0.22-0.20.1"/> 30684 </criteria> 30685 </definition> 30686 <definition id="oval:org.opensuse.security:def:20111577" version="1" class="vulnerability"> 30687 <metadata> 30688 <title>CVE-2011-1577</title> 30689 <affected family="unix"> 30690 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30691 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30692 </affected> 30693 <reference ref_id="CVE-2011-1577" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1577" source="CVE"/> 30694 <description> 30695 Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media. 30696 </description> 30697 </metadata> 30698 <criteria operator="OR"> 30699 <!-- 6253a90635c740c154fb5e3cc64612f2 --> 30700 <criteria operator="AND"> 30701 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30702 <criteria operator="OR"> 30703 <criterion test_ref="oval:org.opensuse.security:tst:2009071616" comment="kernel-bigsmp less than 2.6.16.60-0.91.1"/> 30704 <criterion test_ref="oval:org.opensuse.security:tst:2009071613" comment="kernel-default less than 2.6.16.60-0.91.1"/> 30705 <criterion test_ref="oval:org.opensuse.security:tst:2009071617" comment="kernel-smp less than 2.6.16.60-0.91.1"/> 30706 <criterion test_ref="oval:org.opensuse.security:tst:2009071614" comment="kernel-source less than 2.6.16.60-0.91.1"/> 30707 <criterion test_ref="oval:org.opensuse.security:tst:2009071615" comment="kernel-syms less than 2.6.16.60-0.91.1"/> 30708 <criterion test_ref="oval:org.opensuse.security:tst:2009071618" comment="kernel-xen less than 2.6.16.60-0.91.1"/> 30709 <criterion test_ref="oval:org.opensuse.security:tst:2009071619" comment="kernel-xenpae less than 2.6.16.60-0.91.1"/> 30710 </criteria> 30711 </criteria> 30712 <!-- 754d5abd3666eec2fbee9b225156757d --> 30713 <criteria operator="AND"> 30714 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30715 <criteria operator="OR"> 30716 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 30717 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 30718 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 30719 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 30720 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 30721 </criteria> 30722 </criteria> 30723 <!-- be6b41cc85222e68513448b61b7af786 --> 30724 <criteria operator="AND"> 30725 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30726 <criteria operator="OR"> 30727 <criterion test_ref="oval:org.opensuse.security:tst:2009071613" comment="kernel-default less than 2.6.16.60-0.91.1"/> 30728 <criterion test_ref="oval:org.opensuse.security:tst:2009071617" comment="kernel-smp less than 2.6.16.60-0.91.1"/> 30729 <criterion test_ref="oval:org.opensuse.security:tst:2009071614" comment="kernel-source less than 2.6.16.60-0.91.1"/> 30730 <criterion test_ref="oval:org.opensuse.security:tst:2009071615" comment="kernel-syms less than 2.6.16.60-0.91.1"/> 30731 <criterion test_ref="oval:org.opensuse.security:tst:2009071618" comment="kernel-xen less than 2.6.16.60-0.91.1"/> 30732 </criteria> 30733 </criteria> 30734 <!-- c44206b33270f7a4715bc2a20553ccb8 --> 30735 <criteria operator="AND"> 30736 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30737 <criteria operator="OR"> 30738 <criterion test_ref="oval:org.opensuse.security:tst:2009070734" comment="kernel-bigsmp less than 2.6.16.60-0.87.1"/> 30739 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 30740 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 30741 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 30742 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 30743 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 30744 <criterion test_ref="oval:org.opensuse.security:tst:2009070735" comment="kernel-xenpae less than 2.6.16.60-0.87.1"/> 30745 </criteria> 30746 </criteria> 30747 </criteria> 30748 </definition> 30749 <definition id="oval:org.opensuse.security:def:20111585" version="1" class="vulnerability"> 30750 <metadata> 30751 <title>CVE-2011-1585</title> 30752 <affected family="unix"> 30753 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30754 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30755 </affected> 30756 <reference ref_id="CVE-2011-1585" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1585" source="CVE"/> 30757 <description> 30758 The cifs_find_smb_ses function in fs/cifs/connect.c in the Linux kernel before 2.6.36 does not properly determine the associations between users and sessions, which allows local users to bypass CIFS share authentication by leveraging a mount of a share by a different user. 30759 </description> 30760 </metadata> 30761 <criteria operator="OR"> 30762 <!-- 2284bd78d78b00accc68729a9634d92d --> 30763 <criteria operator="AND"> 30764 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30765 <criteria operator="OR"> 30766 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 30767 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 30768 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 30769 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 30770 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 30771 </criteria> 30772 </criteria> 30773 <!-- 754d5abd3666eec2fbee9b225156757d --> 30774 <criteria operator="AND"> 30775 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30776 <criteria operator="OR"> 30777 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 30778 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 30779 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 30780 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 30781 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 30782 </criteria> 30783 </criteria> 30784 <!-- 75c70ba80807aed777189444e17910e5 --> 30785 <criteria operator="AND"> 30786 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30787 <criteria operator="OR"> 30788 <criterion test_ref="oval:org.opensuse.security:tst:2009069787" comment="kernel-bigsmp less than 2.6.16.60-0.89.1"/> 30789 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 30790 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 30791 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 30792 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 30793 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 30794 <criterion test_ref="oval:org.opensuse.security:tst:2009069788" comment="kernel-xenpae less than 2.6.16.60-0.89.1"/> 30795 </criteria> 30796 </criteria> 30797 <!-- c44206b33270f7a4715bc2a20553ccb8 --> 30798 <criteria operator="AND"> 30799 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30800 <criteria operator="OR"> 30801 <criterion test_ref="oval:org.opensuse.security:tst:2009070734" comment="kernel-bigsmp less than 2.6.16.60-0.87.1"/> 30802 <criterion test_ref="oval:org.opensuse.security:tst:2009068511" comment="kernel-default less than 2.6.16.60-0.87.1"/> 30803 <criterion test_ref="oval:org.opensuse.security:tst:2009070732" comment="kernel-smp less than 2.6.16.60-0.87.1"/> 30804 <criterion test_ref="oval:org.opensuse.security:tst:2009068512" comment="kernel-source less than 2.6.16.60-0.87.1"/> 30805 <criterion test_ref="oval:org.opensuse.security:tst:2009068513" comment="kernel-syms less than 2.6.16.60-0.87.1"/> 30806 <criterion test_ref="oval:org.opensuse.security:tst:2009070733" comment="kernel-xen less than 2.6.16.60-0.87.1"/> 30807 <criterion test_ref="oval:org.opensuse.security:tst:2009070735" comment="kernel-xenpae less than 2.6.16.60-0.87.1"/> 30808 </criteria> 30809 </criteria> 30810 </criteria> 30811 </definition> 30812 <definition id="oval:org.opensuse.security:def:20111590" version="1" class="vulnerability"> 30813 <metadata> 30814 <title>CVE-2011-1590</title> 30815 <affected family="unix"> 30816 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30817 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30818 </affected> 30819 <reference ref_id="CVE-2011-1590" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1590" source="CVE"/> 30820 <description> 30821 The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file. 30822 </description> 30823 </metadata> 30824 <!-- 43c3ca69e3929285df4180de278a54f3 --> 30825 <criteria operator="AND"> 30826 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30827 <criterion test_ref="oval:org.opensuse.security:tst:2009068728" comment="wireshark less than 1.4.4-0.39.1"/> 30828 </criteria> 30829 </definition> 30830 <definition id="oval:org.opensuse.security:def:20111591" version="1" class="vulnerability"> 30831 <metadata> 30832 <title>CVE-2011-1591</title> 30833 <affected family="unix"> 30834 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30835 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30836 </affected> 30837 <reference ref_id="CVE-2011-1591" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1591" source="CVE"/> 30838 <description> 30839 Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file. 30840 </description> 30841 </metadata> 30842 <!-- 43c3ca69e3929285df4180de278a54f3 --> 30843 <criteria operator="AND"> 30844 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30845 <criterion test_ref="oval:org.opensuse.security:tst:2009068728" comment="wireshark less than 1.4.4-0.39.1"/> 30846 </criteria> 30847 </definition> 30848 <definition id="oval:org.opensuse.security:def:20111592" version="1" class="vulnerability"> 30849 <metadata> 30850 <title>CVE-2011-1592</title> 30851 <affected family="unix"> 30852 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30853 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30854 </affected> 30855 <reference ref_id="CVE-2011-1592" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1592" source="CVE"/> 30856 <description> 30857 The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file. 30858 </description> 30859 </metadata> 30860 <!-- 43c3ca69e3929285df4180de278a54f3 --> 30861 <criteria operator="AND"> 30862 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30863 <criterion test_ref="oval:org.opensuse.security:tst:2009068728" comment="wireshark less than 1.4.4-0.39.1"/> 30864 </criteria> 30865 </definition> 30866 <definition id="oval:org.opensuse.security:def:20111593" version="1" class="vulnerability"> 30867 <metadata> 30868 <title>CVE-2011-1593</title> 30869 <affected family="unix"> 30870 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30871 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30872 </affected> 30873 <reference ref_id="CVE-2011-1593" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1593" source="CVE"/> 30874 <description> 30875 Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call. 30876 </description> 30877 </metadata> 30878 <criteria operator="OR"> 30879 <!-- 2284bd78d78b00accc68729a9634d92d --> 30880 <criteria operator="AND"> 30881 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30882 <criteria operator="OR"> 30883 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 30884 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 30885 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 30886 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 30887 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 30888 </criteria> 30889 </criteria> 30890 <!-- 75c70ba80807aed777189444e17910e5 --> 30891 <criteria operator="AND"> 30892 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30893 <criteria operator="OR"> 30894 <criterion test_ref="oval:org.opensuse.security:tst:2009069787" comment="kernel-bigsmp less than 2.6.16.60-0.89.1"/> 30895 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 30896 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 30897 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 30898 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 30899 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 30900 <criterion test_ref="oval:org.opensuse.security:tst:2009069788" comment="kernel-xenpae less than 2.6.16.60-0.89.1"/> 30901 </criteria> 30902 </criteria> 30903 </criteria> 30904 </definition> 30905 <definition id="oval:org.opensuse.security:def:20111595" version="1" class="vulnerability"> 30906 <metadata> 30907 <title>CVE-2011-1595</title> 30908 <affected family="unix"> 30909 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30910 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30911 </affected> 30912 <reference ref_id="CVE-2011-1595" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1595" source="CVE"/> 30913 <description> 30914 Directory traversal vulnerability in the disk_create function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via a .. (dot dot) in a pathname. 30915 </description> 30916 </metadata> 30917 <!-- 2262a27da0592e0919785b44e6113a30 --> 30918 <criteria operator="AND"> 30919 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30920 <criterion test_ref="oval:org.opensuse.security:tst:2009068571" comment="rdesktop less than 1.6.0-39.6.2"/> 30921 </criteria> 30922 </definition> 30923 <definition id="oval:org.opensuse.security:def:20111659" version="1" class="vulnerability"> 30924 <metadata> 30925 <title>CVE-2011-1659</title> 30926 <affected family="unix"> 30927 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30928 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30929 </affected> 30930 <reference ref_id="CVE-2011-1659" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1659" source="CVE"/> 30931 <description> 30932 Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071. 30933 </description> 30934 </metadata> 30935 <!-- 68c207e7b54adb6c64930931c6c86ce0 --> 30936 <criteria operator="AND"> 30937 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30938 <criteria operator="OR"> 30939 <criterion test_ref="oval:org.opensuse.security:tst:2009069178" comment="glibc-32bit less than 2.4-31.91.1"/> 30940 <criterion test_ref="oval:org.opensuse.security:tst:2009069179" comment="glibc-devel-32bit less than 2.4-31.91.1"/> 30941 <criterion test_ref="oval:org.opensuse.security:tst:2009069180" comment="glibc-devel less than 2.4-31.91.1"/> 30942 <criterion test_ref="oval:org.opensuse.security:tst:2009069181" comment="glibc-html less than 2.4-31.91.1"/> 30943 <criterion test_ref="oval:org.opensuse.security:tst:2009069182" comment="glibc-i18ndata less than 2.4-31.91.1"/> 30944 <criterion test_ref="oval:org.opensuse.security:tst:2009069183" comment="glibc-info less than 2.4-31.91.1"/> 30945 <criterion test_ref="oval:org.opensuse.security:tst:2009069184" comment="glibc-locale-32bit less than 2.4-31.91.1"/> 30946 <criterion test_ref="oval:org.opensuse.security:tst:2009069185" comment="glibc-locale less than 2.4-31.91.1"/> 30947 <criterion test_ref="oval:org.opensuse.security:tst:2009069186" comment="glibc less than 2.4-31.91.1"/> 30948 <criterion test_ref="oval:org.opensuse.security:tst:2009069187" comment="nscd less than 2.4-31.91.1"/> 30949 </criteria> 30950 </criteria> 30951 </definition> 30952 <definition id="oval:org.opensuse.security:def:20111679" version="1" class="vulnerability"> 30953 <metadata> 30954 <title>CVE-2011-1679</title> 30955 <affected family="unix"> 30956 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30957 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30958 </affected> 30959 <reference ref_id="CVE-2011-1679" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1679" source="CVE"/> 30960 <description> 30961 ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append to the /etc/mtab file and (2) ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089. 30962 </description> 30963 </metadata> 30964 <!-- bf9e90522d98521f17af5aa03309ef73 --> 30965 <criteria operator="AND"> 30966 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30967 <criterion test_ref="oval:org.opensuse.security:tst:2009070265" comment="ncpfs less than 2.2.6-24.19.1"/> 30968 </criteria> 30969 </definition> 30970 <definition id="oval:org.opensuse.security:def:20111680" version="1" class="vulnerability"> 30971 <metadata> 30972 <title>CVE-2011-1680</title> 30973 <affected family="unix"> 30974 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30975 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30976 </affected> 30977 <reference ref_id="CVE-2011-1680" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1680" source="CVE"/> 30978 <description> 30979 ncpmount in ncpfs 2.2.6 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors. 30980 </description> 30981 </metadata> 30982 <!-- bf9e90522d98521f17af5aa03309ef73 --> 30983 <criteria operator="AND"> 30984 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 30985 <criterion test_ref="oval:org.opensuse.security:tst:2009070265" comment="ncpfs less than 2.2.6-24.19.1"/> 30986 </criteria> 30987 </definition> 30988 <definition id="oval:org.opensuse.security:def:20111720" version="1" class="vulnerability"> 30989 <metadata> 30990 <title>CVE-2011-1720</title> 30991 <affected family="unix"> 30992 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 30993 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 30994 </affected> 30995 <reference ref_id="CVE-2011-1720" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1720" source="CVE"/> 30996 <description> 30997 The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method. 30998 </description> 30999 </metadata> 31000 <!-- 8032d51c2874ebb7e39bf7812f87c084 --> 31001 <criteria operator="AND"> 31002 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31003 <criterion test_ref="oval:org.opensuse.security:tst:2009068353" comment="postfix less than 2.5.6-4.12.1"/> 31004 </criteria> 31005 </definition> 31006 <definition id="oval:org.opensuse.security:def:20111745" version="1" class="vulnerability"> 31007 <metadata> 31008 <title>CVE-2011-1745</title> 31009 <affected family="unix"> 31010 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31011 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31012 </affected> 31013 <reference ref_id="CVE-2011-1745" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1745" source="CVE"/> 31014 <description> 31015 Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl call. 31016 </description> 31017 </metadata> 31018 <criteria operator="OR"> 31019 <!-- 2284bd78d78b00accc68729a9634d92d --> 31020 <criteria operator="AND"> 31021 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31022 <criteria operator="OR"> 31023 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 31024 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 31025 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 31026 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 31027 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 31028 </criteria> 31029 </criteria> 31030 <!-- 75c70ba80807aed777189444e17910e5 --> 31031 <criteria operator="AND"> 31032 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31033 <criteria operator="OR"> 31034 <criterion test_ref="oval:org.opensuse.security:tst:2009069787" comment="kernel-bigsmp less than 2.6.16.60-0.89.1"/> 31035 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 31036 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 31037 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 31038 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 31039 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 31040 <criterion test_ref="oval:org.opensuse.security:tst:2009069788" comment="kernel-xenpae less than 2.6.16.60-0.89.1"/> 31041 </criteria> 31042 </criteria> 31043 </criteria> 31044 </definition> 31045 <definition id="oval:org.opensuse.security:def:20111746" version="1" class="vulnerability"> 31046 <metadata> 31047 <title>CVE-2011-1746</title> 31048 <affected family="unix"> 31049 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31050 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31051 </affected> 31052 <reference ref_id="CVE-2011-1746" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1746" source="CVE"/> 31053 <description> 31054 Multiple integer overflows in the (1) agp_allocate_memory and (2) agp_create_user_memory functions in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allow local users to trigger buffer overflows, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via vectors related to calls that specify a large number of memory pages. 31055 </description> 31056 </metadata> 31057 <criteria operator="OR"> 31058 <!-- 2284bd78d78b00accc68729a9634d92d --> 31059 <criteria operator="AND"> 31060 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31061 <criteria operator="OR"> 31062 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 31063 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 31064 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 31065 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 31066 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 31067 </criteria> 31068 </criteria> 31069 <!-- 75c70ba80807aed777189444e17910e5 --> 31070 <criteria operator="AND"> 31071 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31072 <criteria operator="OR"> 31073 <criterion test_ref="oval:org.opensuse.security:tst:2009069787" comment="kernel-bigsmp less than 2.6.16.60-0.89.1"/> 31074 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 31075 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 31076 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 31077 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 31078 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 31079 <criterion test_ref="oval:org.opensuse.security:tst:2009069788" comment="kernel-xenpae less than 2.6.16.60-0.89.1"/> 31080 </criteria> 31081 </criteria> 31082 </criteria> 31083 </definition> 31084 <definition id="oval:org.opensuse.security:def:20111752" version="1" class="vulnerability"> 31085 <metadata> 31086 <title>CVE-2011-1752</title> 31087 <affected family="unix"> 31088 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31089 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31090 </affected> 31091 <reference ref_id="CVE-2011-1752" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1752" source="CVE"/> 31092 <description> 31093 The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011. 31094 </description> 31095 </metadata> 31096 <!-- dc2a8d54fb644c1ef1dc261a23ba432e --> 31097 <criteria operator="AND"> 31098 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31099 <criteria operator="OR"> 31100 <criterion test_ref="oval:org.opensuse.security:tst:2009069076" comment="subversion-devel less than 1.3.1-1.18.1"/> 31101 <criterion test_ref="oval:org.opensuse.security:tst:2009069080" comment="subversion less than 1.3.1-1.18.1"/> 31102 </criteria> 31103 </criteria> 31104 </definition> 31105 <definition id="oval:org.opensuse.security:def:20111776" version="1" class="vulnerability"> 31106 <metadata> 31107 <title>CVE-2011-1776</title> 31108 <affected family="unix"> 31109 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31110 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31111 </affected> 31112 <reference ref_id="CVE-2011-1776" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1776" source="CVE"/> 31113 <description> 31114 The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577. 31115 </description> 31116 </metadata> 31117 <criteria operator="OR"> 31118 <!-- 6253a90635c740c154fb5e3cc64612f2 --> 31119 <criteria operator="AND"> 31120 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31121 <criteria operator="OR"> 31122 <criterion test_ref="oval:org.opensuse.security:tst:2009071616" comment="kernel-bigsmp less than 2.6.16.60-0.91.1"/> 31123 <criterion test_ref="oval:org.opensuse.security:tst:2009071613" comment="kernel-default less than 2.6.16.60-0.91.1"/> 31124 <criterion test_ref="oval:org.opensuse.security:tst:2009071617" comment="kernel-smp less than 2.6.16.60-0.91.1"/> 31125 <criterion test_ref="oval:org.opensuse.security:tst:2009071614" comment="kernel-source less than 2.6.16.60-0.91.1"/> 31126 <criterion test_ref="oval:org.opensuse.security:tst:2009071615" comment="kernel-syms less than 2.6.16.60-0.91.1"/> 31127 <criterion test_ref="oval:org.opensuse.security:tst:2009071618" comment="kernel-xen less than 2.6.16.60-0.91.1"/> 31128 <criterion test_ref="oval:org.opensuse.security:tst:2009071619" comment="kernel-xenpae less than 2.6.16.60-0.91.1"/> 31129 </criteria> 31130 </criteria> 31131 <!-- be6b41cc85222e68513448b61b7af786 --> 31132 <criteria operator="AND"> 31133 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31134 <criteria operator="OR"> 31135 <criterion test_ref="oval:org.opensuse.security:tst:2009071613" comment="kernel-default less than 2.6.16.60-0.91.1"/> 31136 <criterion test_ref="oval:org.opensuse.security:tst:2009071617" comment="kernel-smp less than 2.6.16.60-0.91.1"/> 31137 <criterion test_ref="oval:org.opensuse.security:tst:2009071614" comment="kernel-source less than 2.6.16.60-0.91.1"/> 31138 <criterion test_ref="oval:org.opensuse.security:tst:2009071615" comment="kernel-syms less than 2.6.16.60-0.91.1"/> 31139 <criterion test_ref="oval:org.opensuse.security:tst:2009071618" comment="kernel-xen less than 2.6.16.60-0.91.1"/> 31140 </criteria> 31141 </criteria> 31142 </criteria> 31143 </definition> 31144 <definition id="oval:org.opensuse.security:def:20111782" version="1" class="vulnerability"> 31145 <metadata> 31146 <title>CVE-2011-1782</title> 31147 <affected family="unix"> 31148 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31149 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31150 </affected> 31151 <reference ref_id="CVE-2011-1782" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1782" source="CVE"/> 31152 <description> 31153 Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PSP) plugin in GIMP 2.6.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a PSP_COMP_RLE (aka RLE compression) image file that begins a long run count at the end of the image. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4543. 31154 </description> 31155 </metadata> 31156 <!-- 013ac8ad5056f5e91f63b3f737b36cfc --> 31157 <criteria operator="AND"> 31158 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31159 <criteria operator="OR"> 31160 <criterion test_ref="oval:org.opensuse.security:tst:2009068701" comment="gimp-devel less than 2.2.10-22.38.1"/> 31161 <criterion test_ref="oval:org.opensuse.security:tst:2009068702" comment="gimp less than 2.2.10-22.38.1"/> 31162 </criteria> 31163 </criteria> 31164 </definition> 31165 <definition id="oval:org.opensuse.security:def:20111783" version="1" class="vulnerability"> 31166 <metadata> 31167 <title>CVE-2011-1783</title> 31168 <affected family="unix"> 31169 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31170 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31171 </affected> 31172 <reference ref_id="CVE-2011-1783" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1783" source="CVE"/> 31173 <description> 31174 The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data. 31175 </description> 31176 </metadata> 31177 <!-- dc2a8d54fb644c1ef1dc261a23ba432e --> 31178 <criteria operator="AND"> 31179 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31180 <criteria operator="OR"> 31181 <criterion test_ref="oval:org.opensuse.security:tst:2009069076" comment="subversion-devel less than 1.3.1-1.18.1"/> 31182 <criterion test_ref="oval:org.opensuse.security:tst:2009069080" comment="subversion less than 1.3.1-1.18.1"/> 31183 </criteria> 31184 </criteria> 31185 </definition> 31186 <definition id="oval:org.opensuse.security:def:20111910" version="1" class="vulnerability"> 31187 <metadata> 31188 <title>CVE-2011-1910</title> 31189 <affected family="unix"> 31190 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31191 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31192 </affected> 31193 <reference ref_id="CVE-2011-1910" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910" source="CVE"/> 31194 <description> 31195 Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets. 31196 </description> 31197 </metadata> 31198 <!-- a1d2052c172e9b480eca0dec27439b16 --> 31199 <criteria operator="AND"> 31200 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31201 <criteria operator="OR"> 31202 <criterion test_ref="oval:org.opensuse.security:tst:2009068732" comment="bind-libs-32bit less than 9.6ESVR4P1-0.12.1"/> 31203 <criterion test_ref="oval:org.opensuse.security:tst:2009068733" comment="bind-libs less than 9.6ESVR4P1-0.12.1"/> 31204 <criterion test_ref="oval:org.opensuse.security:tst:2009068734" comment="bind-utils less than 9.6ESVR4P1-0.12.1"/> 31205 </criteria> 31206 </criteria> 31207 </definition> 31208 <definition id="oval:org.opensuse.security:def:20111928" version="1" class="vulnerability"> 31209 <metadata> 31210 <title>CVE-2011-1928</title> 31211 <affected family="unix"> 31212 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31213 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31214 </affected> 31215 <reference ref_id="CVE-2011-1928" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928" source="CVE"/> 31216 <description> 31217 The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419. 31218 </description> 31219 </metadata> 31220 <!-- ebd69d25a128907e6d3b301dacc77ae2 --> 31221 <criteria operator="AND"> 31222 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31223 <criteria operator="OR"> 31224 <criterion test_ref="oval:org.opensuse.security:tst:2009069417" comment="libapr1-devel less than 1.2.2-13.10.1"/> 31225 <criterion test_ref="oval:org.opensuse.security:tst:2009069418" comment="libapr1 less than 1.2.2-13.10.1"/> 31226 </criteria> 31227 </criteria> 31228 </definition> 31229 <definition id="oval:org.opensuse.security:def:20111936" version="1" class="vulnerability"> 31230 <metadata> 31231 <title>CVE-2011-1936</title> 31232 <affected family="unix"> 31233 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31234 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31235 </affected> 31236 <reference ref_id="CVE-2011-1936" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1936" source="CVE"/> 31237 <description> 31238 Xen, when using x86 Intel processors and the VMX virtualization extension is enabled, does not properly handle cpuid instruction emulation when exiting the VM, which allows local guest users to cause a denial of service (guest crash) via unspecified vectors. 31239 </description> 31240 </metadata> 31241 <!-- ca3da7c0b116523580ed11bcec4992da --> 31242 <criteria operator="AND"> 31243 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31244 <criteria operator="OR"> 31245 <criterion test_ref="oval:org.opensuse.security:tst:2009070000" comment="xen-devel less than 3.2.3_17040_37-0.7.1"/> 31246 <criterion test_ref="oval:org.opensuse.security:tst:2009070001" comment="xen-doc-html less than 3.2.3_17040_37-0.7.1"/> 31247 <criterion test_ref="oval:org.opensuse.security:tst:2009070002" comment="xen-doc-pdf less than 3.2.3_17040_37-0.7.1"/> 31248 <criterion test_ref="oval:org.opensuse.security:tst:2009070003" comment="xen-doc-ps less than 3.2.3_17040_37-0.7.1"/> 31249 <criterion test_ref="oval:org.opensuse.security:tst:2009070004" comment="xen-kmp-bigsmp less than 3.2.3_17040_37_2.6.16.60_0.87.9-0.7.1"/> 31250 <criterion test_ref="oval:org.opensuse.security:tst:2009070005" comment="xen-kmp-default less than 3.2.3_17040_37_2.6.16.60_0.87.9-0.7.1"/> 31251 <criterion test_ref="oval:org.opensuse.security:tst:2009070006" comment="xen-kmp-smp less than 3.2.3_17040_37_2.6.16.60_0.87.9-0.7.1"/> 31252 <criterion test_ref="oval:org.opensuse.security:tst:2009070007" comment="xen-libs-32bit less than 3.2.3_17040_37-0.7.1"/> 31253 <criterion test_ref="oval:org.opensuse.security:tst:2009070008" comment="xen-libs less than 3.2.3_17040_37-0.7.1"/> 31254 <criterion test_ref="oval:org.opensuse.security:tst:2009070009" comment="xen-tools-domU less than 3.2.3_17040_37-0.7.1"/> 31255 <criterion test_ref="oval:org.opensuse.security:tst:2009070010" comment="xen-tools-ioemu less than 3.2.3_17040_37-0.7.1"/> 31256 <criterion test_ref="oval:org.opensuse.security:tst:2009070011" comment="xen-tools less than 3.2.3_17040_37-0.7.1"/> 31257 <criterion test_ref="oval:org.opensuse.security:tst:2009070012" comment="xen less than 3.2.3_17040_37-0.7.1"/> 31258 </criteria> 31259 </criteria> 31260 </definition> 31261 <definition id="oval:org.opensuse.security:def:20111944" version="1" class="vulnerability"> 31262 <metadata> 31263 <title>CVE-2011-1944</title> 31264 <affected family="unix"> 31265 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31266 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31267 </affected> 31268 <reference ref_id="CVE-2011-1944" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1944" source="CVE"/> 31269 <description> 31270 Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions. 31271 </description> 31272 </metadata> 31273 <!-- 4b31545830b7ea366985703ed45efeab --> 31274 <criteria operator="AND"> 31275 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31276 <criteria operator="OR"> 31277 <criterion test_ref="oval:org.opensuse.security:tst:2009069546" comment="libxml2-32bit less than 2.6.23-15.25.5"/> 31278 <criterion test_ref="oval:org.opensuse.security:tst:2009069547" comment="libxml2-devel-32bit less than 2.6.23-15.25.5"/> 31279 <criterion test_ref="oval:org.opensuse.security:tst:2009069548" comment="libxml2-devel less than 2.6.23-15.25.5"/> 31280 <criterion test_ref="oval:org.opensuse.security:tst:2009069549" comment="libxml2 less than 2.6.23-15.25.5"/> 31281 </criteria> 31282 </criteria> 31283 </definition> 31284 <definition id="oval:org.opensuse.security:def:20111945" version="1" class="vulnerability"> 31285 <metadata> 31286 <title>CVE-2011-1945</title> 31287 <affected family="unix"> 31288 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31289 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31290 </affected> 31291 <reference ref_id="CVE-2011-1945" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1945" source="CVE"/> 31292 <description> 31293 The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation. 31294 </description> 31295 </metadata> 31296 <!-- bbe4d369b60c00c73158a28ea281339e --> 31297 <criteria operator="AND"> 31298 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31299 <criteria operator="OR"> 31300 <criterion test_ref="oval:org.opensuse.security:tst:2009068799" comment="openssl-32bit less than 0.9.8a-18.52.1"/> 31301 <criterion test_ref="oval:org.opensuse.security:tst:2009068800" comment="openssl-devel-32bit less than 0.9.8a-18.52.1"/> 31302 <criterion test_ref="oval:org.opensuse.security:tst:2009068801" comment="openssl-devel less than 0.9.8a-18.52.1"/> 31303 <criterion test_ref="oval:org.opensuse.security:tst:2009068802" comment="openssl less than 0.9.8a-18.52.1"/> 31304 </criteria> 31305 </criteria> 31306 </definition> 31307 <definition id="oval:org.opensuse.security:def:20111946" version="1" class="vulnerability"> 31308 <metadata> 31309 <title>CVE-2011-1946</title> 31310 <affected family="unix"> 31311 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31312 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31313 </affected> 31314 <reference ref_id="CVE-2011-1946" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1946" source="CVE"/> 31315 <description> 31316 gnomesu-pam-backend in libgnomesu 1.0.0 prints an error message but proceeds with the non-error code path upon failure of the setgid or setuid function, which allows local users to gain privileges by leveraging access to two unprivileged user accounts, and running many processes under one of these accounts. 31317 </description> 31318 </metadata> 31319 <!-- f58b5213506428cd72aa62f5d7e89774 --> 31320 <criteria operator="AND"> 31321 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31322 <criteria operator="OR"> 31323 <criterion test_ref="oval:org.opensuse.security:tst:2009069096" comment="libgnomesu-devel less than 1.0.0-32.39.1"/> 31324 <criterion test_ref="oval:org.opensuse.security:tst:2009069097" comment="libgnomesu less than 1.0.0-32.39.1"/> 31325 </criteria> 31326 </criteria> 31327 </definition> 31328 <definition id="oval:org.opensuse.security:def:20111957" version="1" class="vulnerability"> 31329 <metadata> 31330 <title>CVE-2011-1957</title> 31331 <affected family="unix"> 31332 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31333 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31334 </affected> 31335 <reference ref_id="CVE-2011-1957" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1957" source="CVE"/> 31336 <description> 31337 The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length. 31338 </description> 31339 </metadata> 31340 <!-- cf5c1e76f2a91730535608d0e7a92adc --> 31341 <criteria operator="AND"> 31342 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31343 <criterion test_ref="oval:org.opensuse.security:tst:2009071189" comment="wireshark less than 1.4.4-0.41.1"/> 31344 </criteria> 31345 </definition> 31346 <definition id="oval:org.opensuse.security:def:20111958" version="1" class="vulnerability"> 31347 <metadata> 31348 <title>CVE-2011-1958</title> 31349 <affected family="unix"> 31350 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31351 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31352 </affected> 31353 <reference ref_id="CVE-2011-1958" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1958" source="CVE"/> 31354 <description> 31355 Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Diameter dictionary file. 31356 </description> 31357 </metadata> 31358 <!-- cf5c1e76f2a91730535608d0e7a92adc --> 31359 <criteria operator="AND"> 31360 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31361 <criterion test_ref="oval:org.opensuse.security:tst:2009071189" comment="wireshark less than 1.4.4-0.41.1"/> 31362 </criteria> 31363 </definition> 31364 <definition id="oval:org.opensuse.security:def:20111959" version="1" class="vulnerability"> 31365 <metadata> 31366 <title>CVE-2011-1959</title> 31367 <affected family="unix"> 31368 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31369 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31370 </affected> 31371 <reference ref_id="CVE-2011-1959" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1959" source="CVE"/> 31372 <description> 31373 The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read. 31374 </description> 31375 </metadata> 31376 <!-- cf5c1e76f2a91730535608d0e7a92adc --> 31377 <criteria operator="AND"> 31378 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31379 <criterion test_ref="oval:org.opensuse.security:tst:2009071189" comment="wireshark less than 1.4.4-0.41.1"/> 31380 </criteria> 31381 </definition> 31382 <definition id="oval:org.opensuse.security:def:20112022" version="1" class="vulnerability"> 31383 <metadata> 31384 <title>CVE-2011-2022</title> 31385 <affected family="unix"> 31386 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31387 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31388 </affected> 31389 <reference ref_id="CVE-2011-2022" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2022" source="CVE"/> 31390 <description> 31391 The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745. 31392 </description> 31393 </metadata> 31394 <criteria operator="OR"> 31395 <!-- 2284bd78d78b00accc68729a9634d92d --> 31396 <criteria operator="AND"> 31397 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31398 <criteria operator="OR"> 31399 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 31400 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 31401 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 31402 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 31403 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 31404 </criteria> 31405 </criteria> 31406 <!-- 75c70ba80807aed777189444e17910e5 --> 31407 <criteria operator="AND"> 31408 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31409 <criteria operator="OR"> 31410 <criterion test_ref="oval:org.opensuse.security:tst:2009069787" comment="kernel-bigsmp less than 2.6.16.60-0.89.1"/> 31411 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 31412 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 31413 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 31414 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 31415 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 31416 <criterion test_ref="oval:org.opensuse.security:tst:2009069788" comment="kernel-xenpae less than 2.6.16.60-0.89.1"/> 31417 </criteria> 31418 </criteria> 31419 </criteria> 31420 </definition> 31421 <definition id="oval:org.opensuse.security:def:20112107" version="1" class="vulnerability"> 31422 <metadata> 31423 <title>CVE-2011-2107</title> 31424 <affected family="unix"> 31425 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31426 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31427 </affected> 31428 <reference ref_id="CVE-2011-2107" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2107" source="CVE"/> 31429 <description> 31430 Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "universal cross-site scripting vulnerability." 31431 </description> 31432 </metadata> 31433 <!-- 76e1cd706437403cd75d040d3c384db2 --> 31434 <criteria operator="AND"> 31435 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31436 <criterion test_ref="oval:org.opensuse.security:tst:2009068744" comment="flash-player less than 10.3.181.22-0.5.1"/> 31437 </criteria> 31438 </definition> 31439 <definition id="oval:org.opensuse.security:def:20112110" version="1" class="vulnerability"> 31440 <metadata> 31441 <title>CVE-2011-2110</title> 31442 <affected family="unix"> 31443 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31444 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31445 </affected> 31446 <reference ref_id="CVE-2011-2110" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2110" source="CVE"/> 31447 <description> 31448 Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011. 31449 </description> 31450 </metadata> 31451 <!-- 3346ccf604c46cb248821ffe1c4cd5ba --> 31452 <criteria operator="AND"> 31453 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31454 <criterion test_ref="oval:org.opensuse.security:tst:2009068817" comment="flash-player less than 10.3.181.26-0.5.1"/> 31455 </criteria> 31456 </definition> 31457 <definition id="oval:org.opensuse.security:def:20112130" version="1" class="vulnerability"> 31458 <metadata> 31459 <title>CVE-2011-2130</title> 31460 <affected family="unix"> 31461 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31462 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31463 </affected> 31464 <reference ref_id="CVE-2011-2130" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2130" source="CVE"/> 31465 <description> 31466 Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2134, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415. 31467 </description> 31468 </metadata> 31469 <!-- 7c71e4aec6afd72e6b40f8cf2817e900 --> 31470 <criteria operator="AND"> 31471 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31472 <criterion test_ref="oval:org.opensuse.security:tst:2009069767" comment="flash-player less than 10.3.183.5-0.5.1"/> 31473 </criteria> 31474 </definition> 31475 <definition id="oval:org.opensuse.security:def:20112134" version="1" class="vulnerability"> 31476 <metadata> 31477 <title>CVE-2011-2134</title> 31478 <affected family="unix"> 31479 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31480 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31481 </affected> 31482 <reference ref_id="CVE-2011-2134" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2134" source="CVE"/> 31483 <description> 31484 Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415. 31485 </description> 31486 </metadata> 31487 <!-- 7c71e4aec6afd72e6b40f8cf2817e900 --> 31488 <criteria operator="AND"> 31489 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31490 <criterion test_ref="oval:org.opensuse.security:tst:2009069767" comment="flash-player less than 10.3.183.5-0.5.1"/> 31491 </criteria> 31492 </definition> 31493 <definition id="oval:org.opensuse.security:def:20112135" version="1" class="vulnerability"> 31494 <metadata> 31495 <title>CVE-2011-2135</title> 31496 <affected family="unix"> 31497 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31498 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31499 </affected> 31500 <reference ref_id="CVE-2011-2135" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2135" source="CVE"/> 31501 <description> 31502 Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2140, CVE-2011-2417, and CVE-2011-2425. 31503 </description> 31504 </metadata> 31505 <!-- 7c71e4aec6afd72e6b40f8cf2817e900 --> 31506 <criteria operator="AND"> 31507 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31508 <criterion test_ref="oval:org.opensuse.security:tst:2009069767" comment="flash-player less than 10.3.183.5-0.5.1"/> 31509 </criteria> 31510 </definition> 31511 <definition id="oval:org.opensuse.security:def:20112136" version="1" class="vulnerability"> 31512 <metadata> 31513 <title>CVE-2011-2136</title> 31514 <affected family="unix"> 31515 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31516 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31517 </affected> 31518 <reference ref_id="CVE-2011-2136" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2136" source="CVE"/> 31519 <description> 31520 Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2138 and CVE-2011-2416. 31521 </description> 31522 </metadata> 31523 <!-- 7c71e4aec6afd72e6b40f8cf2817e900 --> 31524 <criteria operator="AND"> 31525 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31526 <criterion test_ref="oval:org.opensuse.security:tst:2009069767" comment="flash-player less than 10.3.183.5-0.5.1"/> 31527 </criteria> 31528 </definition> 31529 <definition id="oval:org.opensuse.security:def:20112137" version="1" class="vulnerability"> 31530 <metadata> 31531 <title>CVE-2011-2137</title> 31532 <affected family="unix"> 31533 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31534 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31535 </affected> 31536 <reference ref_id="CVE-2011-2137" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2137" source="CVE"/> 31537 <description> 31538 Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2414, and CVE-2011-2415. 31539 </description> 31540 </metadata> 31541 <!-- 7c71e4aec6afd72e6b40f8cf2817e900 --> 31542 <criteria operator="AND"> 31543 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31544 <criterion test_ref="oval:org.opensuse.security:tst:2009069767" comment="flash-player less than 10.3.183.5-0.5.1"/> 31545 </criteria> 31546 </definition> 31547 <definition id="oval:org.opensuse.security:def:20112138" version="1" class="vulnerability"> 31548 <metadata> 31549 <title>CVE-2011-2138</title> 31550 <affected family="unix"> 31551 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31552 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31553 </affected> 31554 <reference ref_id="CVE-2011-2138" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2138" source="CVE"/> 31555 <description> 31556 Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2416. 31557 </description> 31558 </metadata> 31559 <!-- 7c71e4aec6afd72e6b40f8cf2817e900 --> 31560 <criteria operator="AND"> 31561 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31562 <criterion test_ref="oval:org.opensuse.security:tst:2009069767" comment="flash-player less than 10.3.183.5-0.5.1"/> 31563 </criteria> 31564 </definition> 31565 <definition id="oval:org.opensuse.security:def:20112139" version="1" class="vulnerability"> 31566 <metadata> 31567 <title>CVE-2011-2139</title> 31568 <affected family="unix"> 31569 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31570 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31571 </affected> 31572 <reference ref_id="CVE-2011-2139" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2139" source="CVE"/> 31573 <description> 31574 Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. 31575 </description> 31576 </metadata> 31577 <!-- 7c71e4aec6afd72e6b40f8cf2817e900 --> 31578 <criteria operator="AND"> 31579 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31580 <criterion test_ref="oval:org.opensuse.security:tst:2009069767" comment="flash-player less than 10.3.183.5-0.5.1"/> 31581 </criteria> 31582 </definition> 31583 <definition id="oval:org.opensuse.security:def:20112140" version="1" class="vulnerability"> 31584 <metadata> 31585 <title>CVE-2011-2140</title> 31586 <affected family="unix"> 31587 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31588 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31589 </affected> 31590 <reference ref_id="CVE-2011-2140" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2140" source="CVE"/> 31591 <description> 31592 Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2417, and CVE-2011-2425. 31593 </description> 31594 </metadata> 31595 <!-- 7c71e4aec6afd72e6b40f8cf2817e900 --> 31596 <criteria operator="AND"> 31597 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31598 <criterion test_ref="oval:org.opensuse.security:tst:2009069767" comment="flash-player less than 10.3.183.5-0.5.1"/> 31599 </criteria> 31600 </definition> 31601 <definition id="oval:org.opensuse.security:def:20112174" version="1" class="vulnerability"> 31602 <metadata> 31603 <title>CVE-2011-2174</title> 31604 <affected family="unix"> 31605 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31606 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31607 </affected> 31608 <reference ref_id="CVE-2011-2174" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2174" source="CVE"/> 31609 <description> 31610 Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression. 31611 </description> 31612 </metadata> 31613 <!-- cf5c1e76f2a91730535608d0e7a92adc --> 31614 <criteria operator="AND"> 31615 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31616 <criterion test_ref="oval:org.opensuse.security:tst:2009071189" comment="wireshark less than 1.4.4-0.41.1"/> 31617 </criteria> 31618 </definition> 31619 <definition id="oval:org.opensuse.security:def:20112175" version="1" class="vulnerability"> 31620 <metadata> 31621 <title>CVE-2011-2175</title> 31622 <affected family="unix"> 31623 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31624 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31625 </affected> 31626 <reference ref_id="CVE-2011-2175" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2175" source="CVE"/> 31627 <description> 31628 Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read. 31629 </description> 31630 </metadata> 31631 <!-- cf5c1e76f2a91730535608d0e7a92adc --> 31632 <criteria operator="AND"> 31633 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31634 <criterion test_ref="oval:org.opensuse.security:tst:2009071189" comment="wireshark less than 1.4.4-0.41.1"/> 31635 </criteria> 31636 </definition> 31637 <definition id="oval:org.opensuse.security:def:20112182" version="1" class="vulnerability"> 31638 <metadata> 31639 <title>CVE-2011-2182</title> 31640 <affected family="unix"> 31641 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31642 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31643 </affected> 31644 <reference ref_id="CVE-2011-2182" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2182" source="CVE"/> 31645 <description> 31646 The ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel before 2.6.39.1 does not properly handle memory allocation for non-initial fragments, which might allow local users to conduct buffer overflow attacks, and gain privileges or obtain sensitive information, via a crafted LDM partition table. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1017. 31647 </description> 31648 </metadata> 31649 <criteria operator="OR"> 31650 <!-- 2284bd78d78b00accc68729a9634d92d --> 31651 <criteria operator="AND"> 31652 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31653 <criteria operator="OR"> 31654 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 31655 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 31656 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 31657 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 31658 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 31659 </criteria> 31660 </criteria> 31661 <!-- 75c70ba80807aed777189444e17910e5 --> 31662 <criteria operator="AND"> 31663 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31664 <criteria operator="OR"> 31665 <criterion test_ref="oval:org.opensuse.security:tst:2009069787" comment="kernel-bigsmp less than 2.6.16.60-0.89.1"/> 31666 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 31667 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 31668 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 31669 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 31670 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 31671 <criterion test_ref="oval:org.opensuse.security:tst:2009069788" comment="kernel-xenpae less than 2.6.16.60-0.89.1"/> 31672 </criteria> 31673 </criteria> 31674 </criteria> 31675 </definition> 31676 <definition id="oval:org.opensuse.security:def:20112199" version="1" class="vulnerability"> 31677 <metadata> 31678 <title>CVE-2011-2199</title> 31679 <affected family="unix"> 31680 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31681 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31682 </affected> 31683 <reference ref_id="CVE-2011-2199" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2199" source="CVE"/> 31684 <description> 31685 Buffer overflow in tftp-hpa before 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the utimeout option. 31686 </description> 31687 </metadata> 31688 <!-- ebe96a73d42ed584f1c5b6564a0ca107 --> 31689 <criteria operator="AND"> 31690 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31691 <criterion test_ref="oval:org.opensuse.security:tst:2009069331" comment="tftp less than 0.48-1.13.1"/> 31692 </criteria> 31693 </definition> 31694 <definition id="oval:org.opensuse.security:def:20112200" version="1" class="vulnerability"> 31695 <metadata> 31696 <title>CVE-2011-2200</title> 31697 <affected family="unix"> 31698 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31699 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31700 </affected> 31701 <reference ref_id="CVE-2011-2200" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2200" source="CVE"/> 31702 <description> 31703 The _dbus_header_byteswap function in dbus-marshal-header.c in D-Bus (aka DBus) 1.2.x before 1.2.28, 1.4.x before 1.4.12, and 1.5.x before 1.5.4 does not properly handle a non-native byte order, which allows local users to cause a denial of service (connection loss), obtain potentially sensitive information, or conduct unspecified state-modification attacks via crafted messages. 31704 </description> 31705 </metadata> 31706 <!-- 4cbe0c6627cb955ab78b36dc62989896 --> 31707 <criteria operator="AND"> 31708 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31709 <criteria operator="OR"> 31710 <criterion test_ref="oval:org.opensuse.security:tst:2009069423" comment="dbus-1-32bit less than 0.60-33.31.1"/> 31711 <criterion test_ref="oval:org.opensuse.security:tst:2009069424" comment="dbus-1-devel less than 0.60-33.31.1"/> 31712 <criterion test_ref="oval:org.opensuse.security:tst:2009069425" comment="dbus-1-glib-32bit less than 0.60-33.31.1"/> 31713 <criterion test_ref="oval:org.opensuse.security:tst:2009069426" comment="dbus-1-glib less than 0.60-33.31.1"/> 31714 <criterion test_ref="oval:org.opensuse.security:tst:2009069427" comment="dbus-1 less than 0.60-33.31.1"/> 31715 </criteria> 31716 </criteria> 31717 </definition> 31718 <definition id="oval:org.opensuse.security:def:20112203" version="1" class="vulnerability"> 31719 <metadata> 31720 <title>CVE-2011-2203</title> 31721 <affected family="unix"> 31722 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31723 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31724 </affected> 31725 <reference ref_id="CVE-2011-2203" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2203" source="CVE"/> 31726 <description> 31727 The hfs_find_init function in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and Oops) by mounting an HFS file system with a malformed MDB extent record. 31728 </description> 31729 </metadata> 31730 <criteria operator="OR"> 31731 <!-- 04c790b378855fb45cf8fbe69ba4bbc1 --> 31732 <criteria operator="AND"> 31733 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31734 <criteria operator="OR"> 31735 <criterion test_ref="oval:org.opensuse.security:tst:2009072709" comment="kernel-bigsmp less than 2.6.16.60-0.93.1"/> 31736 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 31737 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 31738 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 31739 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 31740 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 31741 <criterion test_ref="oval:org.opensuse.security:tst:2009072715" comment="kernel-xenpae less than 2.6.16.60-0.93.1"/> 31742 </criteria> 31743 </criteria> 31744 <!-- 2a3c70bd23d91ad0dd11094f7e71f27a --> 31745 <criteria operator="AND"> 31746 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31747 <criteria operator="OR"> 31748 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 31749 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 31750 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 31751 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 31752 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 31753 </criteria> 31754 </criteria> 31755 </criteria> 31756 </definition> 31757 <definition id="oval:org.opensuse.security:def:20112213" version="1" class="vulnerability"> 31758 <metadata> 31759 <title>CVE-2011-2213</title> 31760 <affected family="unix"> 31761 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31762 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31763 </affected> 31764 <reference ref_id="CVE-2011-2213" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2213" source="CVE"/> 31765 <description> 31766 The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880. 31767 </description> 31768 </metadata> 31769 <criteria operator="OR"> 31770 <!-- 04c790b378855fb45cf8fbe69ba4bbc1 --> 31771 <criteria operator="AND"> 31772 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31773 <criteria operator="OR"> 31774 <criterion test_ref="oval:org.opensuse.security:tst:2009072709" comment="kernel-bigsmp less than 2.6.16.60-0.93.1"/> 31775 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 31776 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 31777 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 31778 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 31779 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 31780 <criterion test_ref="oval:org.opensuse.security:tst:2009072715" comment="kernel-xenpae less than 2.6.16.60-0.93.1"/> 31781 </criteria> 31782 </criteria> 31783 <!-- 2a3c70bd23d91ad0dd11094f7e71f27a --> 31784 <criteria operator="AND"> 31785 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31786 <criteria operator="OR"> 31787 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 31788 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 31789 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 31790 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 31791 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 31792 </criteria> 31793 </criteria> 31794 </criteria> 31795 </definition> 31796 <definition id="oval:org.opensuse.security:def:20112362" version="1" class="vulnerability"> 31797 <metadata> 31798 <title>CVE-2011-2362</title> 31799 <affected family="unix"> 31800 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31801 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31802 </affected> 31803 <reference ref_id="CVE-2011-2362" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2362" source="CVE"/> 31804 <description> 31805 Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 do not distinguish between cookies for two domain names that differ only in a trailing dot, which allows remote web servers to bypass the Same Origin Policy via Set-Cookie headers. 31806 </description> 31807 </metadata> 31808 <!-- 0637dceda217223a627a02ba83062213 --> 31809 <criteria operator="AND"> 31810 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31811 <criteria operator="OR"> 31812 <criterion test_ref="oval:org.opensuse.security:tst:2009069301" comment="MozillaFirefox-translations less than 3.6.18-0.5.1"/> 31813 <criterion test_ref="oval:org.opensuse.security:tst:2009069302" comment="MozillaFirefox less than 3.6.18-0.5.1"/> 31814 <criterion test_ref="oval:org.opensuse.security:tst:2009069303" comment="mozilla-xulrunner192-32bit less than 1.9.2.18-1.6.1"/> 31815 <criterion test_ref="oval:org.opensuse.security:tst:2009069304" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.18-1.6.1"/> 31816 <criterion test_ref="oval:org.opensuse.security:tst:2009069305" comment="mozilla-xulrunner192-gnome less than 1.9.2.18-1.6.1"/> 31817 <criterion test_ref="oval:org.opensuse.security:tst:2009069306" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.18-1.6.1"/> 31818 <criterion test_ref="oval:org.opensuse.security:tst:2009069307" comment="mozilla-xulrunner192-translations less than 1.9.2.18-1.6.1"/> 31819 <criterion test_ref="oval:org.opensuse.security:tst:2009069308" comment="mozilla-xulrunner192 less than 1.9.2.18-1.6.1"/> 31820 </criteria> 31821 </criteria> 31822 </definition> 31823 <definition id="oval:org.opensuse.security:def:20112363" version="1" class="vulnerability"> 31824 <metadata> 31825 <title>CVE-2011-2363</title> 31826 <affected family="unix"> 31827 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31828 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31829 </affected> 31830 <reference ref_id="CVE-2011-2363" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2363" source="CVE"/> 31831 <description> 31832 Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback. 31833 </description> 31834 </metadata> 31835 <!-- 0637dceda217223a627a02ba83062213 --> 31836 <criteria operator="AND"> 31837 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31838 <criteria operator="OR"> 31839 <criterion test_ref="oval:org.opensuse.security:tst:2009069301" comment="MozillaFirefox-translations less than 3.6.18-0.5.1"/> 31840 <criterion test_ref="oval:org.opensuse.security:tst:2009069302" comment="MozillaFirefox less than 3.6.18-0.5.1"/> 31841 <criterion test_ref="oval:org.opensuse.security:tst:2009069303" comment="mozilla-xulrunner192-32bit less than 1.9.2.18-1.6.1"/> 31842 <criterion test_ref="oval:org.opensuse.security:tst:2009069304" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.18-1.6.1"/> 31843 <criterion test_ref="oval:org.opensuse.security:tst:2009069305" comment="mozilla-xulrunner192-gnome less than 1.9.2.18-1.6.1"/> 31844 <criterion test_ref="oval:org.opensuse.security:tst:2009069306" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.18-1.6.1"/> 31845 <criterion test_ref="oval:org.opensuse.security:tst:2009069307" comment="mozilla-xulrunner192-translations less than 1.9.2.18-1.6.1"/> 31846 <criterion test_ref="oval:org.opensuse.security:tst:2009069308" comment="mozilla-xulrunner192 less than 1.9.2.18-1.6.1"/> 31847 </criteria> 31848 </criteria> 31849 </definition> 31850 <definition id="oval:org.opensuse.security:def:20112364" version="1" class="vulnerability"> 31851 <metadata> 31852 <title>CVE-2011-2364</title> 31853 <affected family="unix"> 31854 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31855 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31856 </affected> 31857 <reference ref_id="CVE-2011-2364" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2364" source="CVE"/> 31858 <description> 31859 Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2365. 31860 </description> 31861 </metadata> 31862 <!-- 0637dceda217223a627a02ba83062213 --> 31863 <criteria operator="AND"> 31864 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31865 <criteria operator="OR"> 31866 <criterion test_ref="oval:org.opensuse.security:tst:2009069301" comment="MozillaFirefox-translations less than 3.6.18-0.5.1"/> 31867 <criterion test_ref="oval:org.opensuse.security:tst:2009069302" comment="MozillaFirefox less than 3.6.18-0.5.1"/> 31868 <criterion test_ref="oval:org.opensuse.security:tst:2009069303" comment="mozilla-xulrunner192-32bit less than 1.9.2.18-1.6.1"/> 31869 <criterion test_ref="oval:org.opensuse.security:tst:2009069304" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.18-1.6.1"/> 31870 <criterion test_ref="oval:org.opensuse.security:tst:2009069305" comment="mozilla-xulrunner192-gnome less than 1.9.2.18-1.6.1"/> 31871 <criterion test_ref="oval:org.opensuse.security:tst:2009069306" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.18-1.6.1"/> 31872 <criterion test_ref="oval:org.opensuse.security:tst:2009069307" comment="mozilla-xulrunner192-translations less than 1.9.2.18-1.6.1"/> 31873 <criterion test_ref="oval:org.opensuse.security:tst:2009069308" comment="mozilla-xulrunner192 less than 1.9.2.18-1.6.1"/> 31874 </criteria> 31875 </criteria> 31876 </definition> 31877 <definition id="oval:org.opensuse.security:def:20112365" version="1" class="vulnerability"> 31878 <metadata> 31879 <title>CVE-2011-2365</title> 31880 <affected family="unix"> 31881 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31882 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31883 </affected> 31884 <reference ref_id="CVE-2011-2365" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2365" source="CVE"/> 31885 <description> 31886 Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2364. 31887 </description> 31888 </metadata> 31889 <!-- 0637dceda217223a627a02ba83062213 --> 31890 <criteria operator="AND"> 31891 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31892 <criteria operator="OR"> 31893 <criterion test_ref="oval:org.opensuse.security:tst:2009069301" comment="MozillaFirefox-translations less than 3.6.18-0.5.1"/> 31894 <criterion test_ref="oval:org.opensuse.security:tst:2009069302" comment="MozillaFirefox less than 3.6.18-0.5.1"/> 31895 <criterion test_ref="oval:org.opensuse.security:tst:2009069303" comment="mozilla-xulrunner192-32bit less than 1.9.2.18-1.6.1"/> 31896 <criterion test_ref="oval:org.opensuse.security:tst:2009069304" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.18-1.6.1"/> 31897 <criterion test_ref="oval:org.opensuse.security:tst:2009069305" comment="mozilla-xulrunner192-gnome less than 1.9.2.18-1.6.1"/> 31898 <criterion test_ref="oval:org.opensuse.security:tst:2009069306" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.18-1.6.1"/> 31899 <criterion test_ref="oval:org.opensuse.security:tst:2009069307" comment="mozilla-xulrunner192-translations less than 1.9.2.18-1.6.1"/> 31900 <criterion test_ref="oval:org.opensuse.security:tst:2009069308" comment="mozilla-xulrunner192 less than 1.9.2.18-1.6.1"/> 31901 </criteria> 31902 </criteria> 31903 </definition> 31904 <definition id="oval:org.opensuse.security:def:20112371" version="1" class="vulnerability"> 31905 <metadata> 31906 <title>CVE-2011-2371</title> 31907 <affected family="unix"> 31908 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31909 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31910 </affected> 31911 <reference ref_id="CVE-2011-2371" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2371" source="CVE"/> 31912 <description> 31913 Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object. 31914 </description> 31915 </metadata> 31916 <!-- 0637dceda217223a627a02ba83062213 --> 31917 <criteria operator="AND"> 31918 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31919 <criteria operator="OR"> 31920 <criterion test_ref="oval:org.opensuse.security:tst:2009069301" comment="MozillaFirefox-translations less than 3.6.18-0.5.1"/> 31921 <criterion test_ref="oval:org.opensuse.security:tst:2009069302" comment="MozillaFirefox less than 3.6.18-0.5.1"/> 31922 <criterion test_ref="oval:org.opensuse.security:tst:2009069303" comment="mozilla-xulrunner192-32bit less than 1.9.2.18-1.6.1"/> 31923 <criterion test_ref="oval:org.opensuse.security:tst:2009069304" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.18-1.6.1"/> 31924 <criterion test_ref="oval:org.opensuse.security:tst:2009069305" comment="mozilla-xulrunner192-gnome less than 1.9.2.18-1.6.1"/> 31925 <criterion test_ref="oval:org.opensuse.security:tst:2009069306" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.18-1.6.1"/> 31926 <criterion test_ref="oval:org.opensuse.security:tst:2009069307" comment="mozilla-xulrunner192-translations less than 1.9.2.18-1.6.1"/> 31927 <criterion test_ref="oval:org.opensuse.security:tst:2009069308" comment="mozilla-xulrunner192 less than 1.9.2.18-1.6.1"/> 31928 </criteria> 31929 </criteria> 31930 </definition> 31931 <definition id="oval:org.opensuse.security:def:20112372" version="1" class="vulnerability"> 31932 <metadata> 31933 <title>CVE-2011-2372</title> 31934 <affected family="unix"> 31935 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31936 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31937 </affected> 31938 <reference ref_id="CVE-2011-2372" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2372" source="CVE"/> 31939 <description> 31940 Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site. 31941 </description> 31942 </metadata> 31943 <criteria operator="OR"> 31944 <!-- 8026ac2197f43942ee30e9d32864f793 --> 31945 <criteria operator="AND"> 31946 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31947 <criteria operator="OR"> 31948 <criterion test_ref="oval:org.opensuse.security:tst:2009070820" comment="MozillaFirefox-translations less than 3.6.23-0.5.1"/> 31949 <criterion test_ref="oval:org.opensuse.security:tst:2009070821" comment="MozillaFirefox less than 3.6.23-0.5.1"/> 31950 <criterion test_ref="oval:org.opensuse.security:tst:2009070822" comment="mozilla-xulrunner192-32bit less than 1.9.2.23-1.6.1"/> 31951 <criterion test_ref="oval:org.opensuse.security:tst:2009070823" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.23-1.6.1"/> 31952 <criterion test_ref="oval:org.opensuse.security:tst:2009070824" comment="mozilla-xulrunner192-gnome less than 1.9.2.23-1.6.1"/> 31953 <criterion test_ref="oval:org.opensuse.security:tst:2009070825" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.23-1.6.1"/> 31954 <criterion test_ref="oval:org.opensuse.security:tst:2009070826" comment="mozilla-xulrunner192-translations less than 1.9.2.23-1.6.1"/> 31955 <criterion test_ref="oval:org.opensuse.security:tst:2009070827" comment="mozilla-xulrunner192 less than 1.9.2.23-1.6.1"/> 31956 </criteria> 31957 </criteria> 31958 <!-- d38a557341c2b284b12c5c1e21800a6d --> 31959 <criteria operator="AND"> 31960 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31961 <criteria operator="OR"> 31962 <criterion test_ref="oval:org.opensuse.security:tst:2009071938" comment="mozilla-nss-32bit less than 3.13.1-0.5.1"/> 31963 <criterion test_ref="oval:org.opensuse.security:tst:2009071939" comment="mozilla-nss-devel less than 3.13.1-0.5.1"/> 31964 <criterion test_ref="oval:org.opensuse.security:tst:2009071940" comment="mozilla-nss-tools less than 3.13.1-0.5.1"/> 31965 <criterion test_ref="oval:org.opensuse.security:tst:2009071941" comment="mozilla-nss less than 3.13.1-0.5.1"/> 31966 </criteria> 31967 </criteria> 31968 </criteria> 31969 </definition> 31970 <definition id="oval:org.opensuse.security:def:20112373" version="1" class="vulnerability"> 31971 <metadata> 31972 <title>CVE-2011-2373</title> 31973 <affected family="unix"> 31974 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 31975 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 31976 </affected> 31977 <reference ref_id="CVE-2011-2373" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2373" source="CVE"/> 31978 <description> 31979 Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document. 31980 </description> 31981 </metadata> 31982 <!-- 0637dceda217223a627a02ba83062213 --> 31983 <criteria operator="AND"> 31984 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 31985 <criteria operator="OR"> 31986 <criterion test_ref="oval:org.opensuse.security:tst:2009069301" comment="MozillaFirefox-translations less than 3.6.18-0.5.1"/> 31987 <criterion test_ref="oval:org.opensuse.security:tst:2009069302" comment="MozillaFirefox less than 3.6.18-0.5.1"/> 31988 <criterion test_ref="oval:org.opensuse.security:tst:2009069303" comment="mozilla-xulrunner192-32bit less than 1.9.2.18-1.6.1"/> 31989 <criterion test_ref="oval:org.opensuse.security:tst:2009069304" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.18-1.6.1"/> 31990 <criterion test_ref="oval:org.opensuse.security:tst:2009069305" comment="mozilla-xulrunner192-gnome less than 1.9.2.18-1.6.1"/> 31991 <criterion test_ref="oval:org.opensuse.security:tst:2009069306" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.18-1.6.1"/> 31992 <criterion test_ref="oval:org.opensuse.security:tst:2009069307" comment="mozilla-xulrunner192-translations less than 1.9.2.18-1.6.1"/> 31993 <criterion test_ref="oval:org.opensuse.security:tst:2009069308" comment="mozilla-xulrunner192 less than 1.9.2.18-1.6.1"/> 31994 </criteria> 31995 </criteria> 31996 </definition> 31997 <definition id="oval:org.opensuse.security:def:20112374" version="1" class="vulnerability"> 31998 <metadata> 31999 <title>CVE-2011-2374</title> 32000 <affected family="unix"> 32001 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32002 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32003 </affected> 32004 <reference ref_id="CVE-2011-2374" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2374" source="CVE"/> 32005 <description> 32006 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 32007 </description> 32008 </metadata> 32009 <!-- 0637dceda217223a627a02ba83062213 --> 32010 <criteria operator="AND"> 32011 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32012 <criteria operator="OR"> 32013 <criterion test_ref="oval:org.opensuse.security:tst:2009069301" comment="MozillaFirefox-translations less than 3.6.18-0.5.1"/> 32014 <criterion test_ref="oval:org.opensuse.security:tst:2009069302" comment="MozillaFirefox less than 3.6.18-0.5.1"/> 32015 <criterion test_ref="oval:org.opensuse.security:tst:2009069303" comment="mozilla-xulrunner192-32bit less than 1.9.2.18-1.6.1"/> 32016 <criterion test_ref="oval:org.opensuse.security:tst:2009069304" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.18-1.6.1"/> 32017 <criterion test_ref="oval:org.opensuse.security:tst:2009069305" comment="mozilla-xulrunner192-gnome less than 1.9.2.18-1.6.1"/> 32018 <criterion test_ref="oval:org.opensuse.security:tst:2009069306" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.18-1.6.1"/> 32019 <criterion test_ref="oval:org.opensuse.security:tst:2009069307" comment="mozilla-xulrunner192-translations less than 1.9.2.18-1.6.1"/> 32020 <criterion test_ref="oval:org.opensuse.security:tst:2009069308" comment="mozilla-xulrunner192 less than 1.9.2.18-1.6.1"/> 32021 </criteria> 32022 </criteria> 32023 </definition> 32024 <definition id="oval:org.opensuse.security:def:20112376" version="1" class="vulnerability"> 32025 <metadata> 32026 <title>CVE-2011-2376</title> 32027 <affected family="unix"> 32028 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32029 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32030 </affected> 32031 <reference ref_id="CVE-2011-2376" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2376" source="CVE"/> 32032 <description> 32033 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and Thunderbird before 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 32034 </description> 32035 </metadata> 32036 <!-- 0637dceda217223a627a02ba83062213 --> 32037 <criteria operator="AND"> 32038 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32039 <criteria operator="OR"> 32040 <criterion test_ref="oval:org.opensuse.security:tst:2009069301" comment="MozillaFirefox-translations less than 3.6.18-0.5.1"/> 32041 <criterion test_ref="oval:org.opensuse.security:tst:2009069302" comment="MozillaFirefox less than 3.6.18-0.5.1"/> 32042 <criterion test_ref="oval:org.opensuse.security:tst:2009069303" comment="mozilla-xulrunner192-32bit less than 1.9.2.18-1.6.1"/> 32043 <criterion test_ref="oval:org.opensuse.security:tst:2009069304" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.18-1.6.1"/> 32044 <criterion test_ref="oval:org.opensuse.security:tst:2009069305" comment="mozilla-xulrunner192-gnome less than 1.9.2.18-1.6.1"/> 32045 <criterion test_ref="oval:org.opensuse.security:tst:2009069306" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.18-1.6.1"/> 32046 <criterion test_ref="oval:org.opensuse.security:tst:2009069307" comment="mozilla-xulrunner192-translations less than 1.9.2.18-1.6.1"/> 32047 <criterion test_ref="oval:org.opensuse.security:tst:2009069308" comment="mozilla-xulrunner192 less than 1.9.2.18-1.6.1"/> 32048 </criteria> 32049 </criteria> 32050 </definition> 32051 <definition id="oval:org.opensuse.security:def:20112377" version="1" class="vulnerability"> 32052 <metadata> 32053 <title>CVE-2011-2377</title> 32054 <affected family="unix"> 32055 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32056 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32057 </affected> 32058 <reference ref_id="CVE-2011-2377" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2377" source="CVE"/> 32059 <description> 32060 Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace image. 32061 </description> 32062 </metadata> 32063 <!-- 0637dceda217223a627a02ba83062213 --> 32064 <criteria operator="AND"> 32065 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32066 <criteria operator="OR"> 32067 <criterion test_ref="oval:org.opensuse.security:tst:2009069301" comment="MozillaFirefox-translations less than 3.6.18-0.5.1"/> 32068 <criterion test_ref="oval:org.opensuse.security:tst:2009069302" comment="MozillaFirefox less than 3.6.18-0.5.1"/> 32069 <criterion test_ref="oval:org.opensuse.security:tst:2009069303" comment="mozilla-xulrunner192-32bit less than 1.9.2.18-1.6.1"/> 32070 <criterion test_ref="oval:org.opensuse.security:tst:2009069304" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.18-1.6.1"/> 32071 <criterion test_ref="oval:org.opensuse.security:tst:2009069305" comment="mozilla-xulrunner192-gnome less than 1.9.2.18-1.6.1"/> 32072 <criterion test_ref="oval:org.opensuse.security:tst:2009069306" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.18-1.6.1"/> 32073 <criterion test_ref="oval:org.opensuse.security:tst:2009069307" comment="mozilla-xulrunner192-translations less than 1.9.2.18-1.6.1"/> 32074 <criterion test_ref="oval:org.opensuse.security:tst:2009069308" comment="mozilla-xulrunner192 less than 1.9.2.18-1.6.1"/> 32075 </criteria> 32076 </criteria> 32077 </definition> 32078 <definition id="oval:org.opensuse.security:def:20112378" version="1" class="vulnerability"> 32079 <metadata> 32080 <title>CVE-2011-2378</title> 32081 <affected family="unix"> 32082 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32083 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32084 </affected> 32085 <reference ref_id="CVE-2011-2378" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2378" source="CVE"/> 32086 <description> 32087 The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a "dangling pointer." 32088 </description> 32089 </metadata> 32090 <!-- 24df2ef0dad5f3b46261e6f99333badf --> 32091 <criteria operator="AND"> 32092 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32093 <criteria operator="OR"> 32094 <criterion test_ref="oval:org.opensuse.security:tst:2009070101" comment="MozillaFirefox-translations less than 3.6.20-0.5.1"/> 32095 <criterion test_ref="oval:org.opensuse.security:tst:2009070102" comment="MozillaFirefox less than 3.6.20-0.5.1"/> 32096 <criterion test_ref="oval:org.opensuse.security:tst:2009070103" comment="mozilla-xulrunner192-32bit less than 1.9.2.20-1.5.1"/> 32097 <criterion test_ref="oval:org.opensuse.security:tst:2009070104" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.20-1.5.1"/> 32098 <criterion test_ref="oval:org.opensuse.security:tst:2009070105" comment="mozilla-xulrunner192-gnome less than 1.9.2.20-1.5.1"/> 32099 <criterion test_ref="oval:org.opensuse.security:tst:2009070106" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.20-1.5.1"/> 32100 <criterion test_ref="oval:org.opensuse.security:tst:2009070107" comment="mozilla-xulrunner192-translations less than 1.9.2.20-1.5.1"/> 32101 <criterion test_ref="oval:org.opensuse.security:tst:2009070108" comment="mozilla-xulrunner192 less than 1.9.2.20-1.5.1"/> 32102 </criteria> 32103 </criteria> 32104 </definition> 32105 <definition id="oval:org.opensuse.security:def:20112414" version="1" class="vulnerability"> 32106 <metadata> 32107 <title>CVE-2011-2414</title> 32108 <affected family="unix"> 32109 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32110 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32111 </affected> 32112 <reference ref_id="CVE-2011-2414" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2414" source="CVE"/> 32113 <description> 32114 Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2415. 32115 </description> 32116 </metadata> 32117 <!-- 7c71e4aec6afd72e6b40f8cf2817e900 --> 32118 <criteria operator="AND"> 32119 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32120 <criterion test_ref="oval:org.opensuse.security:tst:2009069767" comment="flash-player less than 10.3.183.5-0.5.1"/> 32121 </criteria> 32122 </definition> 32123 <definition id="oval:org.opensuse.security:def:20112415" version="1" class="vulnerability"> 32124 <metadata> 32125 <title>CVE-2011-2415</title> 32126 <affected family="unix"> 32127 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32128 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32129 </affected> 32130 <reference ref_id="CVE-2011-2415" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2415" source="CVE"/> 32131 <description> 32132 Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2414. 32133 </description> 32134 </metadata> 32135 <!-- 7c71e4aec6afd72e6b40f8cf2817e900 --> 32136 <criteria operator="AND"> 32137 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32138 <criterion test_ref="oval:org.opensuse.security:tst:2009069767" comment="flash-player less than 10.3.183.5-0.5.1"/> 32139 </criteria> 32140 </definition> 32141 <definition id="oval:org.opensuse.security:def:20112416" version="1" class="vulnerability"> 32142 <metadata> 32143 <title>CVE-2011-2416</title> 32144 <affected family="unix"> 32145 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32146 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32147 </affected> 32148 <reference ref_id="CVE-2011-2416" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2416" source="CVE"/> 32149 <description> 32150 Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138. 32151 </description> 32152 </metadata> 32153 <!-- 7c71e4aec6afd72e6b40f8cf2817e900 --> 32154 <criteria operator="AND"> 32155 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32156 <criterion test_ref="oval:org.opensuse.security:tst:2009069767" comment="flash-player less than 10.3.183.5-0.5.1"/> 32157 </criteria> 32158 </definition> 32159 <definition id="oval:org.opensuse.security:def:20112417" version="1" class="vulnerability"> 32160 <metadata> 32161 <title>CVE-2011-2417</title> 32162 <affected family="unix"> 32163 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32164 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32165 </affected> 32166 <reference ref_id="CVE-2011-2417" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2417" source="CVE"/> 32167 <description> 32168 Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2425. 32169 </description> 32170 </metadata> 32171 <!-- 7c71e4aec6afd72e6b40f8cf2817e900 --> 32172 <criteria operator="AND"> 32173 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32174 <criterion test_ref="oval:org.opensuse.security:tst:2009069767" comment="flash-player less than 10.3.183.5-0.5.1"/> 32175 </criteria> 32176 </definition> 32177 <definition id="oval:org.opensuse.security:def:20112425" version="1" class="vulnerability"> 32178 <metadata> 32179 <title>CVE-2011-2425</title> 32180 <affected family="unix"> 32181 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32182 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32183 </affected> 32184 <reference ref_id="CVE-2011-2425" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2425" source="CVE"/> 32185 <description> 32186 Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2417. 32187 </description> 32188 </metadata> 32189 <!-- 7c71e4aec6afd72e6b40f8cf2817e900 --> 32190 <criteria operator="AND"> 32191 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32192 <criterion test_ref="oval:org.opensuse.security:tst:2009069767" comment="flash-player less than 10.3.183.5-0.5.1"/> 32193 </criteria> 32194 </definition> 32195 <definition id="oval:org.opensuse.security:def:20112426" version="1" class="vulnerability"> 32196 <metadata> 32197 <title>CVE-2011-2426</title> 32198 <affected family="unix"> 32199 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32200 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32201 </affected> 32202 <reference ref_id="CVE-2011-2426" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2426" source="CVE"/> 32203 <description> 32204 Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via unspecified vectors. 32205 </description> 32206 </metadata> 32207 <!-- e356cf76b24484e7a3a2903c07144dcd --> 32208 <criteria operator="AND"> 32209 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32210 <criterion test_ref="oval:org.opensuse.security:tst:2009070594" comment="flash-player less than 10.3.183.10-0.5.1"/> 32211 </criteria> 32212 </definition> 32213 <definition id="oval:org.opensuse.security:def:20112427" version="1" class="vulnerability"> 32214 <metadata> 32215 <title>CVE-2011-2427</title> 32216 <affected family="unix"> 32217 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32218 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32219 </affected> 32220 <reference ref_id="CVE-2011-2427" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2427" source="CVE"/> 32221 <description> 32222 Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service via unspecified vectors. 32223 </description> 32224 </metadata> 32225 <!-- e356cf76b24484e7a3a2903c07144dcd --> 32226 <criteria operator="AND"> 32227 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32228 <criterion test_ref="oval:org.opensuse.security:tst:2009070594" comment="flash-player less than 10.3.183.10-0.5.1"/> 32229 </criteria> 32230 </definition> 32231 <definition id="oval:org.opensuse.security:def:20112428" version="1" class="vulnerability"> 32232 <metadata> 32233 <title>CVE-2011-2428</title> 32234 <affected family="unix"> 32235 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32236 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32237 </affected> 32238 <reference ref_id="CVE-2011-2428" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2428" source="CVE"/> 32239 <description> 32240 Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service (browser crash) via unspecified vectors, related to a "logic error issue." 32241 </description> 32242 </metadata> 32243 <!-- e356cf76b24484e7a3a2903c07144dcd --> 32244 <criteria operator="AND"> 32245 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32246 <criterion test_ref="oval:org.opensuse.security:tst:2009070594" comment="flash-player less than 10.3.183.10-0.5.1"/> 32247 </criteria> 32248 </definition> 32249 <definition id="oval:org.opensuse.security:def:20112429" version="1" class="vulnerability"> 32250 <metadata> 32251 <title>CVE-2011-2429</title> 32252 <affected family="unix"> 32253 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32254 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32255 </affected> 32256 <reference ref_id="CVE-2011-2429" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2429" source="CVE"/> 32257 <description> 32258 Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, related to a "security control bypass." 32259 </description> 32260 </metadata> 32261 <!-- e356cf76b24484e7a3a2903c07144dcd --> 32262 <criteria operator="AND"> 32263 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32264 <criterion test_ref="oval:org.opensuse.security:tst:2009070594" comment="flash-player less than 10.3.183.10-0.5.1"/> 32265 </criteria> 32266 </definition> 32267 <definition id="oval:org.opensuse.security:def:20112430" version="1" class="vulnerability"> 32268 <metadata> 32269 <title>CVE-2011-2430</title> 32270 <affected family="unix"> 32271 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32272 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32273 </affected> 32274 <reference ref_id="CVE-2011-2430" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2430" source="CVE"/> 32275 <description> 32276 Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via crafted streaming media, related to a "logic error vulnerability." 32277 </description> 32278 </metadata> 32279 <!-- e356cf76b24484e7a3a2903c07144dcd --> 32280 <criteria operator="AND"> 32281 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32282 <criterion test_ref="oval:org.opensuse.security:tst:2009070594" comment="flash-player less than 10.3.183.10-0.5.1"/> 32283 </criteria> 32284 </definition> 32285 <definition id="oval:org.opensuse.security:def:20112431" version="1" class="vulnerability"> 32286 <metadata> 32287 <title>CVE-2011-2431</title> 32288 <affected family="unix"> 32289 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32290 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32291 </affected> 32292 <reference ref_id="CVE-2011-2431" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2431" source="CVE"/> 32293 <description> 32294 Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "security bypass vulnerability." 32295 </description> 32296 </metadata> 32297 <!-- 729306cbb9eef9773fe9541056dca550 --> 32298 <criteria operator="AND"> 32299 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32300 <criteria operator="OR"> 32301 <criterion test_ref="oval:org.opensuse.security:tst:2009071826" comment="acroread-cmaps less than 9.4.6-0.5.1"/> 32302 <criterion test_ref="oval:org.opensuse.security:tst:2009071827" comment="acroread-fonts-ja less than 9.4.6-0.5.1"/> 32303 <criterion test_ref="oval:org.opensuse.security:tst:2009071828" comment="acroread-fonts-ko less than 9.4.6-0.5.1"/> 32304 <criterion test_ref="oval:org.opensuse.security:tst:2009071829" comment="acroread-fonts-zh_CN less than 9.4.6-0.5.1"/> 32305 <criterion test_ref="oval:org.opensuse.security:tst:2009071830" comment="acroread-fonts-zh_TW less than 9.4.6-0.5.1"/> 32306 <criterion test_ref="oval:org.opensuse.security:tst:2009071825" comment="acroread less than 9.4.6-0.5.1"/> 32307 </criteria> 32308 </criteria> 32309 </definition> 32310 <definition id="oval:org.opensuse.security:def:20112432" version="1" class="vulnerability"> 32311 <metadata> 32312 <title>CVE-2011-2432</title> 32313 <affected family="unix"> 32314 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32315 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32316 </affected> 32317 <reference ref_id="CVE-2011-2432" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2432" source="CVE"/> 32318 <description> 32319 Buffer overflow in the U3D TIFF Resource in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors. 32320 </description> 32321 </metadata> 32322 <!-- 729306cbb9eef9773fe9541056dca550 --> 32323 <criteria operator="AND"> 32324 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32325 <criteria operator="OR"> 32326 <criterion test_ref="oval:org.opensuse.security:tst:2009071826" comment="acroread-cmaps less than 9.4.6-0.5.1"/> 32327 <criterion test_ref="oval:org.opensuse.security:tst:2009071827" comment="acroread-fonts-ja less than 9.4.6-0.5.1"/> 32328 <criterion test_ref="oval:org.opensuse.security:tst:2009071828" comment="acroread-fonts-ko less than 9.4.6-0.5.1"/> 32329 <criterion test_ref="oval:org.opensuse.security:tst:2009071829" comment="acroread-fonts-zh_CN less than 9.4.6-0.5.1"/> 32330 <criterion test_ref="oval:org.opensuse.security:tst:2009071830" comment="acroread-fonts-zh_TW less than 9.4.6-0.5.1"/> 32331 <criterion test_ref="oval:org.opensuse.security:tst:2009071825" comment="acroread less than 9.4.6-0.5.1"/> 32332 </criteria> 32333 </criteria> 32334 </definition> 32335 <definition id="oval:org.opensuse.security:def:20112433" version="1" class="vulnerability"> 32336 <metadata> 32337 <title>CVE-2011-2433</title> 32338 <affected family="unix"> 32339 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32340 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32341 </affected> 32342 <reference ref_id="CVE-2011-2433" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2433" source="CVE"/> 32343 <description> 32344 Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2434 and CVE-2011-2437. 32345 </description> 32346 </metadata> 32347 <!-- 729306cbb9eef9773fe9541056dca550 --> 32348 <criteria operator="AND"> 32349 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32350 <criteria operator="OR"> 32351 <criterion test_ref="oval:org.opensuse.security:tst:2009071826" comment="acroread-cmaps less than 9.4.6-0.5.1"/> 32352 <criterion test_ref="oval:org.opensuse.security:tst:2009071827" comment="acroread-fonts-ja less than 9.4.6-0.5.1"/> 32353 <criterion test_ref="oval:org.opensuse.security:tst:2009071828" comment="acroread-fonts-ko less than 9.4.6-0.5.1"/> 32354 <criterion test_ref="oval:org.opensuse.security:tst:2009071829" comment="acroread-fonts-zh_CN less than 9.4.6-0.5.1"/> 32355 <criterion test_ref="oval:org.opensuse.security:tst:2009071830" comment="acroread-fonts-zh_TW less than 9.4.6-0.5.1"/> 32356 <criterion test_ref="oval:org.opensuse.security:tst:2009071825" comment="acroread less than 9.4.6-0.5.1"/> 32357 </criteria> 32358 </criteria> 32359 </definition> 32360 <definition id="oval:org.opensuse.security:def:20112434" version="1" class="vulnerability"> 32361 <metadata> 32362 <title>CVE-2011-2434</title> 32363 <affected family="unix"> 32364 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32365 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32366 </affected> 32367 <reference ref_id="CVE-2011-2434" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2434" source="CVE"/> 32368 <description> 32369 Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2437. 32370 </description> 32371 </metadata> 32372 <!-- 729306cbb9eef9773fe9541056dca550 --> 32373 <criteria operator="AND"> 32374 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32375 <criteria operator="OR"> 32376 <criterion test_ref="oval:org.opensuse.security:tst:2009071826" comment="acroread-cmaps less than 9.4.6-0.5.1"/> 32377 <criterion test_ref="oval:org.opensuse.security:tst:2009071827" comment="acroread-fonts-ja less than 9.4.6-0.5.1"/> 32378 <criterion test_ref="oval:org.opensuse.security:tst:2009071828" comment="acroread-fonts-ko less than 9.4.6-0.5.1"/> 32379 <criterion test_ref="oval:org.opensuse.security:tst:2009071829" comment="acroread-fonts-zh_CN less than 9.4.6-0.5.1"/> 32380 <criterion test_ref="oval:org.opensuse.security:tst:2009071830" comment="acroread-fonts-zh_TW less than 9.4.6-0.5.1"/> 32381 <criterion test_ref="oval:org.opensuse.security:tst:2009071825" comment="acroread less than 9.4.6-0.5.1"/> 32382 </criteria> 32383 </criteria> 32384 </definition> 32385 <definition id="oval:org.opensuse.security:def:20112435" version="1" class="vulnerability"> 32386 <metadata> 32387 <title>CVE-2011-2435</title> 32388 <affected family="unix"> 32389 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32390 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32391 </affected> 32392 <reference ref_id="CVE-2011-2435" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2435" source="CVE"/> 32393 <description> 32394 Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors. 32395 </description> 32396 </metadata> 32397 <!-- 729306cbb9eef9773fe9541056dca550 --> 32398 <criteria operator="AND"> 32399 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32400 <criteria operator="OR"> 32401 <criterion test_ref="oval:org.opensuse.security:tst:2009071826" comment="acroread-cmaps less than 9.4.6-0.5.1"/> 32402 <criterion test_ref="oval:org.opensuse.security:tst:2009071827" comment="acroread-fonts-ja less than 9.4.6-0.5.1"/> 32403 <criterion test_ref="oval:org.opensuse.security:tst:2009071828" comment="acroread-fonts-ko less than 9.4.6-0.5.1"/> 32404 <criterion test_ref="oval:org.opensuse.security:tst:2009071829" comment="acroread-fonts-zh_CN less than 9.4.6-0.5.1"/> 32405 <criterion test_ref="oval:org.opensuse.security:tst:2009071830" comment="acroread-fonts-zh_TW less than 9.4.6-0.5.1"/> 32406 <criterion test_ref="oval:org.opensuse.security:tst:2009071825" comment="acroread less than 9.4.6-0.5.1"/> 32407 </criteria> 32408 </criteria> 32409 </definition> 32410 <definition id="oval:org.opensuse.security:def:20112436" version="1" class="vulnerability"> 32411 <metadata> 32412 <title>CVE-2011-2436</title> 32413 <affected family="unix"> 32414 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32415 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32416 </affected> 32417 <reference ref_id="CVE-2011-2436" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2436" source="CVE"/> 32418 <description> 32419 Heap-based buffer overflow in the image-parsing library in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors. 32420 </description> 32421 </metadata> 32422 <!-- 729306cbb9eef9773fe9541056dca550 --> 32423 <criteria operator="AND"> 32424 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32425 <criteria operator="OR"> 32426 <criterion test_ref="oval:org.opensuse.security:tst:2009071826" comment="acroread-cmaps less than 9.4.6-0.5.1"/> 32427 <criterion test_ref="oval:org.opensuse.security:tst:2009071827" comment="acroread-fonts-ja less than 9.4.6-0.5.1"/> 32428 <criterion test_ref="oval:org.opensuse.security:tst:2009071828" comment="acroread-fonts-ko less than 9.4.6-0.5.1"/> 32429 <criterion test_ref="oval:org.opensuse.security:tst:2009071829" comment="acroread-fonts-zh_CN less than 9.4.6-0.5.1"/> 32430 <criterion test_ref="oval:org.opensuse.security:tst:2009071830" comment="acroread-fonts-zh_TW less than 9.4.6-0.5.1"/> 32431 <criterion test_ref="oval:org.opensuse.security:tst:2009071825" comment="acroread less than 9.4.6-0.5.1"/> 32432 </criteria> 32433 </criteria> 32434 </definition> 32435 <definition id="oval:org.opensuse.security:def:20112437" version="1" class="vulnerability"> 32436 <metadata> 32437 <title>CVE-2011-2437</title> 32438 <affected family="unix"> 32439 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32440 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32441 </affected> 32442 <reference ref_id="CVE-2011-2437" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2437" source="CVE"/> 32443 <description> 32444 Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2434. 32445 </description> 32446 </metadata> 32447 <!-- 729306cbb9eef9773fe9541056dca550 --> 32448 <criteria operator="AND"> 32449 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32450 <criteria operator="OR"> 32451 <criterion test_ref="oval:org.opensuse.security:tst:2009071826" comment="acroread-cmaps less than 9.4.6-0.5.1"/> 32452 <criterion test_ref="oval:org.opensuse.security:tst:2009071827" comment="acroread-fonts-ja less than 9.4.6-0.5.1"/> 32453 <criterion test_ref="oval:org.opensuse.security:tst:2009071828" comment="acroread-fonts-ko less than 9.4.6-0.5.1"/> 32454 <criterion test_ref="oval:org.opensuse.security:tst:2009071829" comment="acroread-fonts-zh_CN less than 9.4.6-0.5.1"/> 32455 <criterion test_ref="oval:org.opensuse.security:tst:2009071830" comment="acroread-fonts-zh_TW less than 9.4.6-0.5.1"/> 32456 <criterion test_ref="oval:org.opensuse.security:tst:2009071825" comment="acroread less than 9.4.6-0.5.1"/> 32457 </criteria> 32458 </criteria> 32459 </definition> 32460 <definition id="oval:org.opensuse.security:def:20112438" version="1" class="vulnerability"> 32461 <metadata> 32462 <title>CVE-2011-2438</title> 32463 <affected family="unix"> 32464 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32465 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32466 </affected> 32467 <reference ref_id="CVE-2011-2438" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2438" source="CVE"/> 32468 <description> 32469 Multiple stack-based buffer overflows in the image-parsing library in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors. 32470 </description> 32471 </metadata> 32472 <!-- 729306cbb9eef9773fe9541056dca550 --> 32473 <criteria operator="AND"> 32474 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32475 <criteria operator="OR"> 32476 <criterion test_ref="oval:org.opensuse.security:tst:2009071826" comment="acroread-cmaps less than 9.4.6-0.5.1"/> 32477 <criterion test_ref="oval:org.opensuse.security:tst:2009071827" comment="acroread-fonts-ja less than 9.4.6-0.5.1"/> 32478 <criterion test_ref="oval:org.opensuse.security:tst:2009071828" comment="acroread-fonts-ko less than 9.4.6-0.5.1"/> 32479 <criterion test_ref="oval:org.opensuse.security:tst:2009071829" comment="acroread-fonts-zh_CN less than 9.4.6-0.5.1"/> 32480 <criterion test_ref="oval:org.opensuse.security:tst:2009071830" comment="acroread-fonts-zh_TW less than 9.4.6-0.5.1"/> 32481 <criterion test_ref="oval:org.opensuse.security:tst:2009071825" comment="acroread less than 9.4.6-0.5.1"/> 32482 </criteria> 32483 </criteria> 32484 </definition> 32485 <definition id="oval:org.opensuse.security:def:20112439" version="1" class="vulnerability"> 32486 <metadata> 32487 <title>CVE-2011-2439</title> 32488 <affected family="unix"> 32489 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32490 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32491 </affected> 32492 <reference ref_id="CVE-2011-2439" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2439" source="CVE"/> 32493 <description> 32494 Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "memory leakage condition vulnerability." 32495 </description> 32496 </metadata> 32497 <!-- 729306cbb9eef9773fe9541056dca550 --> 32498 <criteria operator="AND"> 32499 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32500 <criteria operator="OR"> 32501 <criterion test_ref="oval:org.opensuse.security:tst:2009071826" comment="acroread-cmaps less than 9.4.6-0.5.1"/> 32502 <criterion test_ref="oval:org.opensuse.security:tst:2009071827" comment="acroread-fonts-ja less than 9.4.6-0.5.1"/> 32503 <criterion test_ref="oval:org.opensuse.security:tst:2009071828" comment="acroread-fonts-ko less than 9.4.6-0.5.1"/> 32504 <criterion test_ref="oval:org.opensuse.security:tst:2009071829" comment="acroread-fonts-zh_CN less than 9.4.6-0.5.1"/> 32505 <criterion test_ref="oval:org.opensuse.security:tst:2009071830" comment="acroread-fonts-zh_TW less than 9.4.6-0.5.1"/> 32506 <criterion test_ref="oval:org.opensuse.security:tst:2009071825" comment="acroread less than 9.4.6-0.5.1"/> 32507 </criteria> 32508 </criteria> 32509 </definition> 32510 <definition id="oval:org.opensuse.security:def:20112440" version="1" class="vulnerability"> 32511 <metadata> 32512 <title>CVE-2011-2440</title> 32513 <affected family="unix"> 32514 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32515 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32516 </affected> 32517 <reference ref_id="CVE-2011-2440" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2440" source="CVE"/> 32518 <description> 32519 Use-after-free vulnerability in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors. 32520 </description> 32521 </metadata> 32522 <!-- 729306cbb9eef9773fe9541056dca550 --> 32523 <criteria operator="AND"> 32524 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32525 <criteria operator="OR"> 32526 <criterion test_ref="oval:org.opensuse.security:tst:2009071826" comment="acroread-cmaps less than 9.4.6-0.5.1"/> 32527 <criterion test_ref="oval:org.opensuse.security:tst:2009071827" comment="acroread-fonts-ja less than 9.4.6-0.5.1"/> 32528 <criterion test_ref="oval:org.opensuse.security:tst:2009071828" comment="acroread-fonts-ko less than 9.4.6-0.5.1"/> 32529 <criterion test_ref="oval:org.opensuse.security:tst:2009071829" comment="acroread-fonts-zh_CN less than 9.4.6-0.5.1"/> 32530 <criterion test_ref="oval:org.opensuse.security:tst:2009071830" comment="acroread-fonts-zh_TW less than 9.4.6-0.5.1"/> 32531 <criterion test_ref="oval:org.opensuse.security:tst:2009071825" comment="acroread less than 9.4.6-0.5.1"/> 32532 </criteria> 32533 </criteria> 32534 </definition> 32535 <definition id="oval:org.opensuse.security:def:20112441" version="1" class="vulnerability"> 32536 <metadata> 32537 <title>CVE-2011-2441</title> 32538 <affected family="unix"> 32539 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32540 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32541 </affected> 32542 <reference ref_id="CVE-2011-2441" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2441" source="CVE"/> 32543 <description> 32544 Multiple stack-based buffer overflows in CoolType.dll in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors. 32545 </description> 32546 </metadata> 32547 <!-- 729306cbb9eef9773fe9541056dca550 --> 32548 <criteria operator="AND"> 32549 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32550 <criteria operator="OR"> 32551 <criterion test_ref="oval:org.opensuse.security:tst:2009071826" comment="acroread-cmaps less than 9.4.6-0.5.1"/> 32552 <criterion test_ref="oval:org.opensuse.security:tst:2009071827" comment="acroread-fonts-ja less than 9.4.6-0.5.1"/> 32553 <criterion test_ref="oval:org.opensuse.security:tst:2009071828" comment="acroread-fonts-ko less than 9.4.6-0.5.1"/> 32554 <criterion test_ref="oval:org.opensuse.security:tst:2009071829" comment="acroread-fonts-zh_CN less than 9.4.6-0.5.1"/> 32555 <criterion test_ref="oval:org.opensuse.security:tst:2009071830" comment="acroread-fonts-zh_TW less than 9.4.6-0.5.1"/> 32556 <criterion test_ref="oval:org.opensuse.security:tst:2009071825" comment="acroread less than 9.4.6-0.5.1"/> 32557 </criteria> 32558 </criteria> 32559 </definition> 32560 <definition id="oval:org.opensuse.security:def:20112442" version="1" class="vulnerability"> 32561 <metadata> 32562 <title>CVE-2011-2442</title> 32563 <affected family="unix"> 32564 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32565 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32566 </affected> 32567 <reference ref_id="CVE-2011-2442" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2442" source="CVE"/> 32568 <description> 32569 Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error vulnerability." 32570 </description> 32571 </metadata> 32572 <!-- 729306cbb9eef9773fe9541056dca550 --> 32573 <criteria operator="AND"> 32574 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32575 <criteria operator="OR"> 32576 <criterion test_ref="oval:org.opensuse.security:tst:2009071826" comment="acroread-cmaps less than 9.4.6-0.5.1"/> 32577 <criterion test_ref="oval:org.opensuse.security:tst:2009071827" comment="acroread-fonts-ja less than 9.4.6-0.5.1"/> 32578 <criterion test_ref="oval:org.opensuse.security:tst:2009071828" comment="acroread-fonts-ko less than 9.4.6-0.5.1"/> 32579 <criterion test_ref="oval:org.opensuse.security:tst:2009071829" comment="acroread-fonts-zh_CN less than 9.4.6-0.5.1"/> 32580 <criterion test_ref="oval:org.opensuse.security:tst:2009071830" comment="acroread-fonts-zh_TW less than 9.4.6-0.5.1"/> 32581 <criterion test_ref="oval:org.opensuse.security:tst:2009071825" comment="acroread less than 9.4.6-0.5.1"/> 32582 </criteria> 32583 </criteria> 32584 </definition> 32585 <definition id="oval:org.opensuse.security:def:20112444" version="1" class="vulnerability"> 32586 <metadata> 32587 <title>CVE-2011-2444</title> 32588 <affected family="unix"> 32589 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32590 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32591 </affected> 32592 <reference ref_id="CVE-2011-2444" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2444" source="CVE"/> 32593 <description> 32594 Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a "universal cross-site scripting issue," as exploited in the wild in September 2011. 32595 </description> 32596 </metadata> 32597 <!-- e356cf76b24484e7a3a2903c07144dcd --> 32598 <criteria operator="AND"> 32599 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32600 <criterion test_ref="oval:org.opensuse.security:tst:2009070594" comment="flash-player less than 10.3.183.10-0.5.1"/> 32601 </criteria> 32602 </definition> 32603 <definition id="oval:org.opensuse.security:def:20112445" version="1" class="vulnerability"> 32604 <metadata> 32605 <title>CVE-2011-2445</title> 32606 <affected family="unix"> 32607 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32608 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32609 </affected> 32610 <reference ref_id="CVE-2011-2445" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2445" source="CVE"/> 32611 <description> 32612 Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. 32613 </description> 32614 </metadata> 32615 <!-- b3a0a701db9d82c8a67829192d261f23 --> 32616 <criteria operator="AND"> 32617 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32618 <criterion test_ref="oval:org.opensuse.security:tst:2009071869" comment="flash-player less than 10.3.183.11-0.5.1"/> 32619 </criteria> 32620 </definition> 32621 <definition id="oval:org.opensuse.security:def:20112450" version="1" class="vulnerability"> 32622 <metadata> 32623 <title>CVE-2011-2450</title> 32624 <affected family="unix"> 32625 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32626 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32627 </affected> 32628 <reference ref_id="CVE-2011-2450" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2450" source="CVE"/> 32629 <description> 32630 Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 32631 </description> 32632 </metadata> 32633 <!-- b3a0a701db9d82c8a67829192d261f23 --> 32634 <criteria operator="AND"> 32635 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32636 <criterion test_ref="oval:org.opensuse.security:tst:2009071869" comment="flash-player less than 10.3.183.11-0.5.1"/> 32637 </criteria> 32638 </definition> 32639 <definition id="oval:org.opensuse.security:def:20112451" version="1" class="vulnerability"> 32640 <metadata> 32641 <title>CVE-2011-2451</title> 32642 <affected family="unix"> 32643 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32644 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32645 </affected> 32646 <reference ref_id="CVE-2011-2451" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2451" source="CVE"/> 32647 <description> 32648 Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. 32649 </description> 32650 </metadata> 32651 <!-- b3a0a701db9d82c8a67829192d261f23 --> 32652 <criteria operator="AND"> 32653 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32654 <criterion test_ref="oval:org.opensuse.security:tst:2009071869" comment="flash-player less than 10.3.183.11-0.5.1"/> 32655 </criteria> 32656 </definition> 32657 <definition id="oval:org.opensuse.security:def:20112452" version="1" class="vulnerability"> 32658 <metadata> 32659 <title>CVE-2011-2452</title> 32660 <affected family="unix"> 32661 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32662 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32663 </affected> 32664 <reference ref_id="CVE-2011-2452" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2452" source="CVE"/> 32665 <description> 32666 Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. 32667 </description> 32668 </metadata> 32669 <!-- b3a0a701db9d82c8a67829192d261f23 --> 32670 <criteria operator="AND"> 32671 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32672 <criterion test_ref="oval:org.opensuse.security:tst:2009071869" comment="flash-player less than 10.3.183.11-0.5.1"/> 32673 </criteria> 32674 </definition> 32675 <definition id="oval:org.opensuse.security:def:20112453" version="1" class="vulnerability"> 32676 <metadata> 32677 <title>CVE-2011-2453</title> 32678 <affected family="unix"> 32679 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32680 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32681 </affected> 32682 <reference ref_id="CVE-2011-2453" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2453" source="CVE"/> 32683 <description> 32684 Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. 32685 </description> 32686 </metadata> 32687 <!-- b3a0a701db9d82c8a67829192d261f23 --> 32688 <criteria operator="AND"> 32689 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32690 <criterion test_ref="oval:org.opensuse.security:tst:2009071869" comment="flash-player less than 10.3.183.11-0.5.1"/> 32691 </criteria> 32692 </definition> 32693 <definition id="oval:org.opensuse.security:def:20112454" version="1" class="vulnerability"> 32694 <metadata> 32695 <title>CVE-2011-2454</title> 32696 <affected family="unix"> 32697 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32698 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32699 </affected> 32700 <reference ref_id="CVE-2011-2454" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2454" source="CVE"/> 32701 <description> 32702 Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. 32703 </description> 32704 </metadata> 32705 <!-- b3a0a701db9d82c8a67829192d261f23 --> 32706 <criteria operator="AND"> 32707 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32708 <criterion test_ref="oval:org.opensuse.security:tst:2009071869" comment="flash-player less than 10.3.183.11-0.5.1"/> 32709 </criteria> 32710 </definition> 32711 <definition id="oval:org.opensuse.security:def:20112455" version="1" class="vulnerability"> 32712 <metadata> 32713 <title>CVE-2011-2455</title> 32714 <affected family="unix"> 32715 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32716 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32717 </affected> 32718 <reference ref_id="CVE-2011-2455" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2455" source="CVE"/> 32719 <description> 32720 Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2459, and CVE-2011-2460. 32721 </description> 32722 </metadata> 32723 <!-- b3a0a701db9d82c8a67829192d261f23 --> 32724 <criteria operator="AND"> 32725 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32726 <criterion test_ref="oval:org.opensuse.security:tst:2009071869" comment="flash-player less than 10.3.183.11-0.5.1"/> 32727 </criteria> 32728 </definition> 32729 <definition id="oval:org.opensuse.security:def:20112456" version="1" class="vulnerability"> 32730 <metadata> 32731 <title>CVE-2011-2456</title> 32732 <affected family="unix"> 32733 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32734 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32735 </affected> 32736 <reference ref_id="CVE-2011-2456" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2456" source="CVE"/> 32737 <description> 32738 Buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors. 32739 </description> 32740 </metadata> 32741 <!-- b3a0a701db9d82c8a67829192d261f23 --> 32742 <criteria operator="AND"> 32743 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32744 <criterion test_ref="oval:org.opensuse.security:tst:2009071869" comment="flash-player less than 10.3.183.11-0.5.1"/> 32745 </criteria> 32746 </definition> 32747 <definition id="oval:org.opensuse.security:def:20112457" version="1" class="vulnerability"> 32748 <metadata> 32749 <title>CVE-2011-2457</title> 32750 <affected family="unix"> 32751 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32752 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32753 </affected> 32754 <reference ref_id="CVE-2011-2457" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2457" source="CVE"/> 32755 <description> 32756 Stack-based buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors. 32757 </description> 32758 </metadata> 32759 <!-- b3a0a701db9d82c8a67829192d261f23 --> 32760 <criteria operator="AND"> 32761 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32762 <criterion test_ref="oval:org.opensuse.security:tst:2009071869" comment="flash-player less than 10.3.183.11-0.5.1"/> 32763 </criteria> 32764 </definition> 32765 <definition id="oval:org.opensuse.security:def:20112458" version="1" class="vulnerability"> 32766 <metadata> 32767 <title>CVE-2011-2458</title> 32768 <affected family="unix"> 32769 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32770 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32771 </affected> 32772 <reference ref_id="CVE-2011-2458" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2458" source="CVE"/> 32773 <description> 32774 Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, when Internet Explorer is used, allows remote attackers to bypass the cross-domain policy via a crafted web site. 32775 </description> 32776 </metadata> 32777 <!-- b3a0a701db9d82c8a67829192d261f23 --> 32778 <criteria operator="AND"> 32779 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32780 <criterion test_ref="oval:org.opensuse.security:tst:2009071869" comment="flash-player less than 10.3.183.11-0.5.1"/> 32781 </criteria> 32782 </definition> 32783 <definition id="oval:org.opensuse.security:def:20112459" version="1" class="vulnerability"> 32784 <metadata> 32785 <title>CVE-2011-2459</title> 32786 <affected family="unix"> 32787 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32788 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32789 </affected> 32790 <reference ref_id="CVE-2011-2459" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2459" source="CVE"/> 32791 <description> 32792 Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460. 32793 </description> 32794 </metadata> 32795 <!-- b3a0a701db9d82c8a67829192d261f23 --> 32796 <criteria operator="AND"> 32797 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32798 <criterion test_ref="oval:org.opensuse.security:tst:2009071869" comment="flash-player less than 10.3.183.11-0.5.1"/> 32799 </criteria> 32800 </definition> 32801 <definition id="oval:org.opensuse.security:def:20112460" version="1" class="vulnerability"> 32802 <metadata> 32803 <title>CVE-2011-2460</title> 32804 <affected family="unix"> 32805 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32806 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32807 </affected> 32808 <reference ref_id="CVE-2011-2460" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2460" source="CVE"/> 32809 <description> 32810 Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2459. 32811 </description> 32812 </metadata> 32813 <!-- b3a0a701db9d82c8a67829192d261f23 --> 32814 <criteria operator="AND"> 32815 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32816 <criterion test_ref="oval:org.opensuse.security:tst:2009071869" comment="flash-player less than 10.3.183.11-0.5.1"/> 32817 </criteria> 32818 </definition> 32819 <definition id="oval:org.opensuse.security:def:20112462" version="1" class="vulnerability"> 32820 <metadata> 32821 <title>CVE-2011-2462</title> 32822 <affected family="unix"> 32823 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32824 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32825 </affected> 32826 <reference ref_id="CVE-2011-2462" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2462" source="CVE"/> 32827 <description> 32828 Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. 32829 </description> 32830 </metadata> 32831 <!-- b7032f742fda7a15dea6b15613d16c60 --> 32832 <criteria operator="AND"> 32833 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32834 <criteria operator="OR"> 32835 <criterion test_ref="oval:org.opensuse.security:tst:2009072584" comment="acroread-cmaps less than 9.4.6-0.5.9"/> 32836 <criterion test_ref="oval:org.opensuse.security:tst:2009072585" comment="acroread-fonts-ja less than 9.4.6-0.5.9"/> 32837 <criterion test_ref="oval:org.opensuse.security:tst:2009072586" comment="acroread-fonts-ko less than 9.4.6-0.5.9"/> 32838 <criterion test_ref="oval:org.opensuse.security:tst:2009072587" comment="acroread-fonts-zh_CN less than 9.4.6-0.5.9"/> 32839 <criterion test_ref="oval:org.opensuse.security:tst:2009072588" comment="acroread-fonts-zh_TW less than 9.4.6-0.5.9"/> 32840 <criterion test_ref="oval:org.opensuse.security:tst:2009072589" comment="acroread less than 9.4.7-0.5.1"/> 32841 </criteria> 32842 </criteria> 32843 </definition> 32844 <definition id="oval:org.opensuse.security:def:20112464" version="1" class="vulnerability"> 32845 <metadata> 32846 <title>CVE-2011-2464</title> 32847 <affected family="unix"> 32848 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32849 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32850 </affected> 32851 <reference ref_id="CVE-2011-2464" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464" source="CVE"/> 32852 <description> 32853 Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request. 32854 </description> 32855 </metadata> 32856 <!-- cc8a9e2229ae1bb06264ae88ecde9d78 --> 32857 <criteria operator="AND"> 32858 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32859 <criteria operator="OR"> 32860 <criterion test_ref="oval:org.opensuse.security:tst:2009069387" comment="bind-libs-32bit less than 9.6ESVR4P3-0.7.1"/> 32861 <criterion test_ref="oval:org.opensuse.security:tst:2009069388" comment="bind-libs less than 9.6ESVR4P3-0.7.1"/> 32862 <criterion test_ref="oval:org.opensuse.security:tst:2009069389" comment="bind-utils less than 9.6ESVR4P3-0.7.1"/> 32863 </criteria> 32864 </criteria> 32865 </definition> 32866 <definition id="oval:org.opensuse.security:def:20112483" version="1" class="vulnerability"> 32867 <metadata> 32868 <title>CVE-2011-2483</title> 32869 <affected family="unix"> 32870 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32871 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32872 </affected> 32873 <reference ref_id="CVE-2011-2483" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2483" source="CVE"/> 32874 <description> 32875 crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash. 32876 </description> 32877 </metadata> 32878 <criteria operator="OR"> 32879 <!-- 102f27381fb2b4ef0cf39836a711b37f --> 32880 <criteria operator="AND"> 32881 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32882 <criterion test_ref="oval:org.opensuse.security:tst:2009070628" comment="yast2-core less than 2.13.48-0.8.1"/> 32883 </criteria> 32884 <!-- 8e9ceee14766a579acb89753eac6018f --> 32885 <criteria operator="AND"> 32886 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32887 <criteria operator="OR"> 32888 <criterion test_ref="oval:org.opensuse.security:tst:2009069941" comment="glibc-32bit less than 2.4-31.93.1"/> 32889 <criterion test_ref="oval:org.opensuse.security:tst:2009069942" comment="glibc-devel-32bit less than 2.4-31.93.1"/> 32890 <criterion test_ref="oval:org.opensuse.security:tst:2009069943" comment="glibc-devel less than 2.4-31.93.1"/> 32891 <criterion test_ref="oval:org.opensuse.security:tst:2009069944" comment="glibc-html less than 2.4-31.93.1"/> 32892 <criterion test_ref="oval:org.opensuse.security:tst:2009069945" comment="glibc-i18ndata less than 2.4-31.93.1"/> 32893 <criterion test_ref="oval:org.opensuse.security:tst:2009069946" comment="glibc-info less than 2.4-31.93.1"/> 32894 <criterion test_ref="oval:org.opensuse.security:tst:2009069947" comment="glibc-locale-32bit less than 2.4-31.93.1"/> 32895 <criterion test_ref="oval:org.opensuse.security:tst:2009069948" comment="glibc-locale less than 2.4-31.93.1"/> 32896 <criterion test_ref="oval:org.opensuse.security:tst:2009069949" comment="glibc less than 2.4-31.93.1"/> 32897 <criterion test_ref="oval:org.opensuse.security:tst:2009069950" comment="libxcrypt-32bit less than 2.4-12.9.4"/> 32898 <criterion test_ref="oval:org.opensuse.security:tst:2009069951" comment="libxcrypt less than 2.4-12.9.4"/> 32899 <criterion test_ref="oval:org.opensuse.security:tst:2009069952" comment="nscd less than 2.4-31.93.1"/> 32900 <criterion test_ref="oval:org.opensuse.security:tst:2009069953" comment="pam-modules-32bit less than 10-2.17.4"/> 32901 <criterion test_ref="oval:org.opensuse.security:tst:2009069954" comment="pam-modules less than 10-2.17.4"/> 32902 <criterion test_ref="oval:org.opensuse.security:tst:2009069955" comment="pwdutils less than 3.0.7.1-17.36.2"/> 32903 </criteria> 32904 </criteria> 32905 <!-- ee84db0d1f4471abd4ab51536636eb1e --> 32906 <criteria operator="AND"> 32907 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32908 <criteria operator="OR"> 32909 <criterion test_ref="oval:org.opensuse.security:tst:2009075806" comment="postgresql-devel less than 8.1.23-0.11.1"/> 32910 <criterion test_ref="oval:org.opensuse.security:tst:2009075807" comment="postgresql-libs-32bit less than 8.1.23-0.11.1"/> 32911 <criterion test_ref="oval:org.opensuse.security:tst:2009075808" comment="postgresql-libs less than 8.1.23-0.11.1"/> 32912 </criteria> 32913 </criteria> 32914 </criteria> 32915 </definition> 32916 <definition id="oval:org.opensuse.security:def:20112484" version="1" class="vulnerability"> 32917 <metadata> 32918 <title>CVE-2011-2484</title> 32919 <affected family="unix"> 32920 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32921 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32922 </affected> 32923 <reference ref_id="CVE-2011-2484" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2484" source="CVE"/> 32924 <description> 32925 The add_del_listener function in kernel/taskstats.c in the Linux kernel 2.6.39.1 and earlier does not prevent multiple registrations of exit handlers, which allows local users to cause a denial of service (memory and CPU consumption), and bypass the OOM Killer, via a crafted application. 32926 </description> 32927 </metadata> 32928 <criteria operator="OR"> 32929 <!-- 2284bd78d78b00accc68729a9634d92d --> 32930 <criteria operator="AND"> 32931 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32932 <criteria operator="OR"> 32933 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 32934 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 32935 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 32936 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 32937 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 32938 </criteria> 32939 </criteria> 32940 <!-- 75c70ba80807aed777189444e17910e5 --> 32941 <criteria operator="AND"> 32942 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32943 <criteria operator="OR"> 32944 <criterion test_ref="oval:org.opensuse.security:tst:2009069787" comment="kernel-bigsmp less than 2.6.16.60-0.89.1"/> 32945 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 32946 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 32947 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 32948 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 32949 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 32950 <criterion test_ref="oval:org.opensuse.security:tst:2009069788" comment="kernel-xenpae less than 2.6.16.60-0.89.1"/> 32951 </criteria> 32952 </criteria> 32953 </criteria> 32954 </definition> 32955 <definition id="oval:org.opensuse.security:def:20112485" version="1" class="vulnerability"> 32956 <metadata> 32957 <title>CVE-2011-2485</title> 32958 <affected family="unix"> 32959 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32960 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32961 </affected> 32962 <reference ref_id="CVE-2011-2485" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2485" source="CVE"/> 32963 <description> 32964 The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk-pixbuf before 2.23.5 does not properly handle certain return values, which allows remote attackers to cause a denial of service (memory consumption) via a crafted GIF image file. 32965 </description> 32966 </metadata> 32967 <criteria operator="OR"> 32968 <!-- 1e4fac303fda249f28a90f89a7455837 --> 32969 <criteria operator="AND"> 32970 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32971 <criteria operator="OR"> 32972 <criterion test_ref="oval:org.opensuse.security:tst:2009074864" comment="gdk-pixbuf-32bit less than 0.22.0-93.9.1"/> 32973 <criterion test_ref="oval:org.opensuse.security:tst:2009074865" comment="gdk-pixbuf less than 0.22.0-93.9.1"/> 32974 </criteria> 32975 </criteria> 32976 <!-- d761cd6e1a31389dc3a2d6c8c56cdbd3 --> 32977 <criteria operator="AND"> 32978 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 32979 <criteria operator="OR"> 32980 <criterion test_ref="oval:org.opensuse.security:tst:2009074866" comment="gtk2-32bit less than 2.8.11-0.29.2"/> 32981 <criterion test_ref="oval:org.opensuse.security:tst:2009074867" comment="gtk2-devel less than 2.8.11-0.29.2"/> 32982 <criterion test_ref="oval:org.opensuse.security:tst:2009074868" comment="gtk2-doc less than 2.8.11-0.29.2"/> 32983 <criterion test_ref="oval:org.opensuse.security:tst:2009074869" comment="gtk2 less than 2.8.11-0.29.2"/> 32984 </criteria> 32985 </criteria> 32986 </criteria> 32987 </definition> 32988 <definition id="oval:org.opensuse.security:def:20112489" version="1" class="vulnerability"> 32989 <metadata> 32990 <title>CVE-2011-2489</title> 32991 <affected family="unix"> 32992 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 32993 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 32994 </affected> 32995 <reference ref_id="CVE-2011-2489" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2489" source="CVE"/> 32996 <description> 32997 Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line. 32998 </description> 32999 </metadata> 33000 <!-- 110d6753e7d666c27d06a5e164792db4 --> 33001 <criteria operator="AND"> 33002 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33003 <criteria operator="OR"> 33004 <criterion test_ref="oval:org.opensuse.security:tst:2009069591" comment="opie less than 2.4-567.8.1"/> 33005 <criterion test_ref="oval:org.opensuse.security:tst:2009069592" comment="permissions less than 2011.6.28-0.5.1"/> 33006 </criteria> 33007 </criteria> 33008 </definition> 33009 <definition id="oval:org.opensuse.security:def:20112490" version="1" class="vulnerability"> 33010 <metadata> 33011 <title>CVE-2011-2490</title> 33012 <affected family="unix"> 33013 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33014 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33015 </affected> 33016 <reference ref_id="CVE-2011-2490" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2490" source="CVE"/> 33017 <description> 33018 opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes. 33019 </description> 33020 </metadata> 33021 <!-- 110d6753e7d666c27d06a5e164792db4 --> 33022 <criteria operator="AND"> 33023 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33024 <criteria operator="OR"> 33025 <criterion test_ref="oval:org.opensuse.security:tst:2009069591" comment="opie less than 2.4-567.8.1"/> 33026 <criterion test_ref="oval:org.opensuse.security:tst:2009069592" comment="permissions less than 2011.6.28-0.5.1"/> 33027 </criteria> 33028 </criteria> 33029 </definition> 33030 <definition id="oval:org.opensuse.security:def:20112491" version="1" class="vulnerability"> 33031 <metadata> 33032 <title>CVE-2011-2491</title> 33033 <affected family="unix"> 33034 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33035 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33036 </affected> 33037 <reference ref_id="CVE-2011-2491" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2491" source="CVE"/> 33038 <description> 33039 The Network Lock Manager (NLM) protocol implementation in the NFS client functionality in the Linux kernel before 3.0 allows local users to cause a denial of service (system hang) via a LOCK_UN flock system call. 33040 </description> 33041 </metadata> 33042 <criteria operator="OR"> 33043 <!-- 2284bd78d78b00accc68729a9634d92d --> 33044 <criteria operator="AND"> 33045 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33046 <criteria operator="OR"> 33047 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 33048 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 33049 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 33050 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 33051 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 33052 </criteria> 33053 </criteria> 33054 <!-- 75c70ba80807aed777189444e17910e5 --> 33055 <criteria operator="AND"> 33056 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33057 <criteria operator="OR"> 33058 <criterion test_ref="oval:org.opensuse.security:tst:2009069787" comment="kernel-bigsmp less than 2.6.16.60-0.89.1"/> 33059 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 33060 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 33061 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 33062 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 33063 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 33064 <criterion test_ref="oval:org.opensuse.security:tst:2009069788" comment="kernel-xenpae less than 2.6.16.60-0.89.1"/> 33065 </criteria> 33066 </criteria> 33067 </criteria> 33068 </definition> 33069 <definition id="oval:org.opensuse.security:def:20112494" version="1" class="vulnerability"> 33070 <metadata> 33071 <title>CVE-2011-2494</title> 33072 <affected family="unix"> 33073 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33074 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33075 </affected> 33076 <reference ref_id="CVE-2011-2494" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2494" source="CVE"/> 33077 <description> 33078 kernel/taskstats.c in the Linux kernel before 3.1 allows local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another user's password. 33079 </description> 33080 </metadata> 33081 <criteria operator="OR"> 33082 <!-- 9dc087603b172b449aa9a07b548bf3cf --> 33083 <criteria operator="AND"> 33084 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33085 <criteria operator="OR"> 33086 <criterion test_ref="oval:org.opensuse.security:tst:2009075850" comment="kernel-bigsmp less than 2.6.16.60-0.99.1"/> 33087 <criterion test_ref="oval:org.opensuse.security:tst:2009075851" comment="kernel-default less than 2.6.16.60-0.99.1"/> 33088 <criterion test_ref="oval:org.opensuse.security:tst:2009075852" comment="kernel-smp less than 2.6.16.60-0.99.1"/> 33089 <criterion test_ref="oval:org.opensuse.security:tst:2009075853" comment="kernel-source less than 2.6.16.60-0.99.1"/> 33090 <criterion test_ref="oval:org.opensuse.security:tst:2009075854" comment="kernel-syms less than 2.6.16.60-0.99.1"/> 33091 <criterion test_ref="oval:org.opensuse.security:tst:2009075855" comment="kernel-xen less than 2.6.16.60-0.99.1"/> 33092 <criterion test_ref="oval:org.opensuse.security:tst:2009075856" comment="kernel-xenpae less than 2.6.16.60-0.99.1"/> 33093 </criteria> 33094 </criteria> 33095 <!-- c77cfcc87d8e54df006cb42c12c2fadb --> 33096 <criteria operator="AND"> 33097 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33098 <criteria operator="OR"> 33099 <criterion test_ref="oval:org.opensuse.security:tst:2009075851" comment="kernel-default less than 2.6.16.60-0.99.1"/> 33100 <criterion test_ref="oval:org.opensuse.security:tst:2009075852" comment="kernel-smp less than 2.6.16.60-0.99.1"/> 33101 <criterion test_ref="oval:org.opensuse.security:tst:2009075853" comment="kernel-source less than 2.6.16.60-0.99.1"/> 33102 <criterion test_ref="oval:org.opensuse.security:tst:2009075854" comment="kernel-syms less than 2.6.16.60-0.99.1"/> 33103 <criterion test_ref="oval:org.opensuse.security:tst:2009075855" comment="kernel-xen less than 2.6.16.60-0.99.1"/> 33104 </criteria> 33105 </criteria> 33106 </criteria> 33107 </definition> 33108 <definition id="oval:org.opensuse.security:def:20112496" version="1" class="vulnerability"> 33109 <metadata> 33110 <title>CVE-2011-2496</title> 33111 <affected family="unix"> 33112 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33113 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33114 </affected> 33115 <reference ref_id="CVE-2011-2496" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2496" source="CVE"/> 33116 <description> 33117 Integer overflow in the vma_to_resize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (BUG_ON and system crash) via a crafted mremap system call that expands a memory mapping. 33118 </description> 33119 </metadata> 33120 <criteria operator="OR"> 33121 <!-- 2284bd78d78b00accc68729a9634d92d --> 33122 <criteria operator="AND"> 33123 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33124 <criteria operator="OR"> 33125 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 33126 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 33127 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 33128 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 33129 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 33130 </criteria> 33131 </criteria> 33132 <!-- 75c70ba80807aed777189444e17910e5 --> 33133 <criteria operator="AND"> 33134 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33135 <criteria operator="OR"> 33136 <criterion test_ref="oval:org.opensuse.security:tst:2009069787" comment="kernel-bigsmp less than 2.6.16.60-0.89.1"/> 33137 <criterion test_ref="oval:org.opensuse.security:tst:2009069778" comment="kernel-default less than 2.6.16.60-0.89.1"/> 33138 <criterion test_ref="oval:org.opensuse.security:tst:2009069784" comment="kernel-smp less than 2.6.16.60-0.89.1"/> 33139 <criterion test_ref="oval:org.opensuse.security:tst:2009069782" comment="kernel-source less than 2.6.16.60-0.89.1"/> 33140 <criterion test_ref="oval:org.opensuse.security:tst:2009069783" comment="kernel-syms less than 2.6.16.60-0.89.1"/> 33141 <criterion test_ref="oval:org.opensuse.security:tst:2009069785" comment="kernel-xen less than 2.6.16.60-0.89.1"/> 33142 <criterion test_ref="oval:org.opensuse.security:tst:2009069788" comment="kernel-xenpae less than 2.6.16.60-0.89.1"/> 33143 </criteria> 33144 </criteria> 33145 </criteria> 33146 </definition> 33147 <definition id="oval:org.opensuse.security:def:20112501" version="1" class="vulnerability"> 33148 <metadata> 33149 <title>CVE-2011-2501</title> 33150 <affected family="unix"> 33151 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33152 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33153 </affected> 33154 <reference ref_id="CVE-2011-2501" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2501" source="CVE"/> 33155 <description> 33156 The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message data. NOTE: this vulnerability exists because of a CVE-2004-0421 regression. NOTE: this is called an off-by-one error by some sources. 33157 </description> 33158 </metadata> 33159 <!-- cfe75a17284d23a11571eeefdcbad4a8 --> 33160 <criteria operator="AND"> 33161 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33162 <criteria operator="OR"> 33163 <criterion test_ref="oval:org.opensuse.security:tst:2009069827" comment="libpng-32bit less than 1.2.8-19.31.9"/> 33164 <criterion test_ref="oval:org.opensuse.security:tst:2009069829" comment="libpng-devel-32bit less than 1.2.8-19.31.9"/> 33165 <criterion test_ref="oval:org.opensuse.security:tst:2009069831" comment="libpng-devel less than 1.2.8-19.31.9"/> 33166 <criterion test_ref="oval:org.opensuse.security:tst:2009069833" comment="libpng less than 1.2.8-19.31.9"/> 33167 </criteria> 33168 </criteria> 33169 </definition> 33170 <definition id="oval:org.opensuse.security:def:20112511" version="1" class="vulnerability"> 33171 <metadata> 33172 <title>CVE-2011-2511</title> 33173 <affected family="unix"> 33174 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33175 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33176 </affected> 33177 <reference ref_id="CVE-2011-2511" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2511" source="CVE"/> 33178 <description> 33179 Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption. 33180 </description> 33181 </metadata> 33182 <!-- d4a0a05ad27f1fce4a0f77372c50ccba --> 33183 <criteria operator="AND"> 33184 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33185 <criteria operator="OR"> 33186 <criterion test_ref="oval:org.opensuse.security:tst:2009069802" comment="libvirt-python less than 0.3.3-18.22.1"/> 33187 <criterion test_ref="oval:org.opensuse.security:tst:2009069803" comment="libvirt less than 0.3.3-18.22.1"/> 33188 </criteria> 33189 </criteria> 33190 </definition> 33191 <definition id="oval:org.opensuse.security:def:20112522" version="1" class="vulnerability"> 33192 <metadata> 33193 <title>CVE-2011-2522</title> 33194 <affected family="unix"> 33195 <platform>SUSE Linux Enterprise Desktop 10 SP3 Samba</platform> 33196 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33197 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33198 </affected> 33199 <reference ref_id="CVE-2011-2522" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2522" source="CVE"/> 33200 <description> 33201 Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start daemons, (3) add shares, (4) remove shares, (5) add printers, (6) remove printers, (7) add user accounts, or (8) remove user accounts, as demonstrated by certain start, stop, and restart parameters to the status program. 33202 </description> 33203 </metadata> 33204 <!-- 676a63e0372c4e512bc5dc6178f7777a --> 33205 <criteria operator="AND"> 33206 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33207 <criteria operator="OR"> 33208 <criterion test_ref="oval:org.opensuse.security:tst:2009070347" comment="cifs-mount less than 3.0.36-0.13.16.5"/> 33209 <criterion test_ref="oval:org.opensuse.security:tst:2009070348" comment="ldapsmb less than 1.34b-25.13.16.5"/> 33210 <criterion test_ref="oval:org.opensuse.security:tst:2009070349" comment="libsmbclient-32bit less than 3.0.36-0.13.16.5"/> 33211 <criterion test_ref="oval:org.opensuse.security:tst:2009070350" comment="libsmbclient-devel less than 3.0.36-0.13.16.5"/> 33212 <criterion test_ref="oval:org.opensuse.security:tst:2009070351" comment="libsmbclient less than 3.0.36-0.13.16.5"/> 33213 <criterion test_ref="oval:org.opensuse.security:tst:2009070352" comment="samba-32bit less than 3.0.36-0.13.16.5"/> 33214 <criterion test_ref="oval:org.opensuse.security:tst:2009070353" comment="samba-client-32bit less than 3.0.36-0.13.16.5"/> 33215 <criterion test_ref="oval:org.opensuse.security:tst:2009070354" comment="samba-client less than 3.0.36-0.13.16.5"/> 33216 <criterion test_ref="oval:org.opensuse.security:tst:2009070355" comment="samba-krb-printing less than 3.0.36-0.13.16.5"/> 33217 <criterion test_ref="oval:org.opensuse.security:tst:2009070356" comment="samba-vscan less than 0.3.6b-43.13.16.5"/> 33218 <criterion test_ref="oval:org.opensuse.security:tst:2009070357" comment="samba-winbind-32bit less than 3.0.36-0.13.16.5"/> 33219 <criterion test_ref="oval:org.opensuse.security:tst:2009070358" comment="samba-winbind less than 3.0.36-0.13.16.5"/> 33220 <criterion test_ref="oval:org.opensuse.security:tst:2009070359" comment="samba less than 3.0.36-0.13.16.5"/> 33221 </criteria> 33222 </criteria> 33223 </definition> 33224 <definition id="oval:org.opensuse.security:def:20112525" version="1" class="vulnerability"> 33225 <metadata> 33226 <title>CVE-2011-2525</title> 33227 <affected family="unix"> 33228 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33229 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33230 </affected> 33231 <reference ref_id="CVE-2011-2525" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2525" source="CVE"/> 33232 <description> 33233 The qdisc_notify function in net/sched/sch_api.c in the Linux kernel before 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted call. 33234 </description> 33235 </metadata> 33236 <criteria operator="OR"> 33237 <!-- 04c790b378855fb45cf8fbe69ba4bbc1 --> 33238 <criteria operator="AND"> 33239 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33240 <criteria operator="OR"> 33241 <criterion test_ref="oval:org.opensuse.security:tst:2009072709" comment="kernel-bigsmp less than 2.6.16.60-0.93.1"/> 33242 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 33243 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 33244 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 33245 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 33246 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 33247 <criterion test_ref="oval:org.opensuse.security:tst:2009072715" comment="kernel-xenpae less than 2.6.16.60-0.93.1"/> 33248 </criteria> 33249 </criteria> 33250 <!-- 2a3c70bd23d91ad0dd11094f7e71f27a --> 33251 <criteria operator="AND"> 33252 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33253 <criteria operator="OR"> 33254 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 33255 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 33256 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 33257 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 33258 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 33259 </criteria> 33260 </criteria> 33261 </criteria> 33262 </definition> 33263 <definition id="oval:org.opensuse.security:def:20112534" version="1" class="vulnerability"> 33264 <metadata> 33265 <title>CVE-2011-2534</title> 33266 <affected family="unix"> 33267 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33268 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33269 </affected> 33270 <reference ref_id="CVE-2011-2534" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2534" source="CVE"/> 33271 <description> 33272 Buffer overflow in the clusterip_proc_write function in net/ipv4/netfilter/ipt_CLUSTERIP.c in the Linux kernel before 2.6.39 might allow local users to cause a denial of service or have unspecified other impact via a crafted write operation, related to string data that lacks a terminating '\0' character. 33273 </description> 33274 </metadata> 33275 <criteria operator="OR"> 33276 <!-- 04c790b378855fb45cf8fbe69ba4bbc1 --> 33277 <criteria operator="AND"> 33278 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33279 <criteria operator="OR"> 33280 <criterion test_ref="oval:org.opensuse.security:tst:2009072709" comment="kernel-bigsmp less than 2.6.16.60-0.93.1"/> 33281 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 33282 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 33283 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 33284 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 33285 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 33286 <criterion test_ref="oval:org.opensuse.security:tst:2009072715" comment="kernel-xenpae less than 2.6.16.60-0.93.1"/> 33287 </criteria> 33288 </criteria> 33289 <!-- 2a3c70bd23d91ad0dd11094f7e71f27a --> 33290 <criteria operator="AND"> 33291 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33292 <criteria operator="OR"> 33293 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 33294 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 33295 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 33296 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 33297 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 33298 </criteria> 33299 </criteria> 33300 </criteria> 33301 </definition> 33302 <definition id="oval:org.opensuse.security:def:20112597" version="1" class="vulnerability"> 33303 <metadata> 33304 <title>CVE-2011-2597</title> 33305 <affected family="unix"> 33306 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33307 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33308 </affected> 33309 <reference ref_id="CVE-2011-2597" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2597" source="CVE"/> 33310 <description> 33311 The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets. 33312 </description> 33313 </metadata> 33314 <criteria operator="OR"> 33315 <!-- 566da20a8a85d82c440c7080cf808642 --> 33316 <criteria operator="AND"> 33317 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33318 <criterion test_ref="oval:org.opensuse.security:tst:2009071945" comment="wireshark less than 1.4.10-0.40.1"/> 33319 </criteria> 33320 <!-- cf5c1e76f2a91730535608d0e7a92adc --> 33321 <criteria operator="AND"> 33322 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33323 <criterion test_ref="oval:org.opensuse.security:tst:2009071189" comment="wireshark less than 1.4.4-0.41.1"/> 33324 </criteria> 33325 </criteria> 33326 </definition> 33327 <definition id="oval:org.opensuse.security:def:20112660" version="1" class="vulnerability"> 33328 <metadata> 33329 <title>CVE-2011-2660</title> 33330 <affected family="unix"> 33331 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33332 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33333 </affected> 33334 <reference ref_id="CVE-2011-2660" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2660" source="CVE"/> 33335 <description> 33336 The modify_resolvconf_suse script in the vpnc package before 0.5.1-55.10.1 in SUSE Linux Enterprise Desktop 11 SP1 might allow remote attackers to execute arbitrary commands via a crafted DNS domain name. 33337 </description> 33338 </metadata> 33339 <!-- d80571c9566fe6b9ee2efa51fc0c0bb1 --> 33340 <criteria operator="AND"> 33341 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33342 <criterion test_ref="oval:org.opensuse.security:tst:2009070145" comment="vpnc less than 0.5.1-1.7.1"/> 33343 </criteria> 33344 </definition> 33345 <definition id="oval:org.opensuse.security:def:20112685" version="1" class="vulnerability"> 33346 <metadata> 33347 <title>CVE-2011-2685</title> 33348 <affected family="unix"> 33349 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33350 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33351 </affected> 33352 <reference ref_id="CVE-2011-2685" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2685" source="CVE"/> 33353 <description> 33354 Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file. 33355 </description> 33356 </metadata> 33357 <!-- 50eeb8254bb462e482c3c796587985e5 --> 33358 <criteria operator="AND"> 33359 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33360 <criteria operator="OR"> 33361 <criterion test_ref="oval:org.opensuse.security:tst:2009107306" comment="libreoffice-af less than 3.4.2.6-2.7.1"/> 33362 <criterion test_ref="oval:org.opensuse.security:tst:2009107307" comment="libreoffice-ar less than 3.4.2.6-2.7.1"/> 33363 <criterion test_ref="oval:org.opensuse.security:tst:2009107308" comment="libreoffice-ca less than 3.4.2.6-2.7.1"/> 33364 <criterion test_ref="oval:org.opensuse.security:tst:2009107309" comment="libreoffice-cs less than 3.4.2.6-2.7.1"/> 33365 <criterion test_ref="oval:org.opensuse.security:tst:2009107310" comment="libreoffice-da less than 3.4.2.6-2.7.1"/> 33366 <criterion test_ref="oval:org.opensuse.security:tst:2009107311" comment="libreoffice-de less than 3.4.2.6-2.7.1"/> 33367 <criterion test_ref="oval:org.opensuse.security:tst:2009107312" comment="libreoffice-el less than 3.4.2.6-2.7.1"/> 33368 <criterion test_ref="oval:org.opensuse.security:tst:2009107313" comment="libreoffice-en-GB less than 3.4.2.6-2.7.1"/> 33369 <criterion test_ref="oval:org.opensuse.security:tst:2009107314" comment="libreoffice-es less than 3.4.2.6-2.7.1"/> 33370 <criterion test_ref="oval:org.opensuse.security:tst:2009107315" comment="libreoffice-fi less than 3.4.2.6-2.7.1"/> 33371 <criterion test_ref="oval:org.opensuse.security:tst:2009107316" comment="libreoffice-fr less than 3.4.2.6-2.7.1"/> 33372 <criterion test_ref="oval:org.opensuse.security:tst:2009107317" comment="libreoffice-galleries less than 3.4.2.6-2.7.1"/> 33373 <criterion test_ref="oval:org.opensuse.security:tst:2009107318" comment="libreoffice-gnome less than 3.4.2.6-2.7.1"/> 33374 <criterion test_ref="oval:org.opensuse.security:tst:2009107319" comment="libreoffice-gu-IN less than 3.4.2.6-2.7.1"/> 33375 <criterion test_ref="oval:org.opensuse.security:tst:2009107320" comment="libreoffice-hi-IN less than 3.4.2.6-2.7.1"/> 33376 <criterion test_ref="oval:org.opensuse.security:tst:2009107321" comment="libreoffice-hu less than 3.4.2.6-2.7.1"/> 33377 <criterion test_ref="oval:org.opensuse.security:tst:2009107322" comment="libreoffice-it less than 3.4.2.6-2.7.1"/> 33378 <criterion test_ref="oval:org.opensuse.security:tst:2009107323" comment="libreoffice-ja less than 3.4.2.6-2.7.1"/> 33379 <criterion test_ref="oval:org.opensuse.security:tst:2009107324" comment="libreoffice-kde less than 3.4.2.6-2.7.1"/> 33380 <criterion test_ref="oval:org.opensuse.security:tst:2009107325" comment="libreoffice-ko less than 3.4.2.6-2.7.1"/> 33381 <criterion test_ref="oval:org.opensuse.security:tst:2009107326" comment="libreoffice-mono less than 3.4.2.6-2.7.1"/> 33382 <criterion test_ref="oval:org.opensuse.security:tst:2009107327" comment="libreoffice-nb less than 3.4.2.6-2.7.1"/> 33383 <criterion test_ref="oval:org.opensuse.security:tst:2009107328" comment="libreoffice-nl less than 3.4.2.6-2.7.1"/> 33384 <criterion test_ref="oval:org.opensuse.security:tst:2009107329" comment="libreoffice-nn less than 3.4.2.6-2.7.1"/> 33385 <criterion test_ref="oval:org.opensuse.security:tst:2009107330" comment="libreoffice-pl less than 3.4.2.6-2.7.1"/> 33386 <criterion test_ref="oval:org.opensuse.security:tst:2009107331" comment="libreoffice-pt-BR less than 3.4.2.6-2.7.1"/> 33387 <criterion test_ref="oval:org.opensuse.security:tst:2009107332" comment="libreoffice-ru less than 3.4.2.6-2.7.1"/> 33388 <criterion test_ref="oval:org.opensuse.security:tst:2009107333" comment="libreoffice-sk less than 3.4.2.6-2.7.1"/> 33389 <criterion test_ref="oval:org.opensuse.security:tst:2009107334" comment="libreoffice-sv less than 3.4.2.6-2.7.1"/> 33390 <criterion test_ref="oval:org.opensuse.security:tst:2009107335" comment="libreoffice-xh less than 3.4.2.6-2.7.1"/> 33391 <criterion test_ref="oval:org.opensuse.security:tst:2009107336" comment="libreoffice-zh-CN less than 3.4.2.6-2.7.1"/> 33392 <criterion test_ref="oval:org.opensuse.security:tst:2009107337" comment="libreoffice-zh-TW less than 3.4.2.6-2.7.1"/> 33393 <criterion test_ref="oval:org.opensuse.security:tst:2009107338" comment="libreoffice-zu less than 3.4.2.6-2.7.1"/> 33394 <criterion test_ref="oval:org.opensuse.security:tst:2009107339" comment="libreoffice less than 3.4.2.6-2.7.1"/> 33395 </criteria> 33396 </criteria> 33397 </definition> 33398 <definition id="oval:org.opensuse.security:def:20112686" version="1" class="vulnerability"> 33399 <metadata> 33400 <title>CVE-2011-2686</title> 33401 <affected family="unix"> 33402 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33403 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33404 </affected> 33405 <reference ref_id="CVE-2011-2686" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2686" source="CVE"/> 33406 <description> 33407 Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. NOTE: this issue exists because of a regression during Ruby 1.8.6 development. 33408 </description> 33409 </metadata> 33410 <!-- 4c9e95f258c3139c5c70de419c8f734b --> 33411 <criteria operator="AND"> 33412 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33413 <criterion test_ref="oval:org.opensuse.security:tst:2009076967" comment="ruby less than 1.8.6.p369-0.14.1"/> 33414 </criteria> 33415 </definition> 33416 <definition id="oval:org.opensuse.security:def:20112690" version="1" class="vulnerability"> 33417 <metadata> 33418 <title>CVE-2011-2690</title> 33419 <affected family="unix"> 33420 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33421 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33422 </affected> 33423 <reference ref_id="CVE-2011-2690" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2690" source="CVE"/> 33424 <description> 33425 Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have unspecified other impact, via a crafted PNG image. 33426 </description> 33427 </metadata> 33428 <!-- cfe75a17284d23a11571eeefdcbad4a8 --> 33429 <criteria operator="AND"> 33430 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33431 <criteria operator="OR"> 33432 <criterion test_ref="oval:org.opensuse.security:tst:2009069827" comment="libpng-32bit less than 1.2.8-19.31.9"/> 33433 <criterion test_ref="oval:org.opensuse.security:tst:2009069829" comment="libpng-devel-32bit less than 1.2.8-19.31.9"/> 33434 <criterion test_ref="oval:org.opensuse.security:tst:2009069831" comment="libpng-devel less than 1.2.8-19.31.9"/> 33435 <criterion test_ref="oval:org.opensuse.security:tst:2009069833" comment="libpng less than 1.2.8-19.31.9"/> 33436 </criteria> 33437 </criteria> 33438 </definition> 33439 <definition id="oval:org.opensuse.security:def:20112691" version="1" class="vulnerability"> 33440 <metadata> 33441 <title>CVE-2011-2691</title> 33442 <affected family="unix"> 33443 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33444 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33445 </affected> 33446 <reference ref_id="CVE-2011-2691" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2691" source="CVE"/> 33447 <description> 33448 The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image. 33449 </description> 33450 </metadata> 33451 <!-- cfe75a17284d23a11571eeefdcbad4a8 --> 33452 <criteria operator="AND"> 33453 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33454 <criteria operator="OR"> 33455 <criterion test_ref="oval:org.opensuse.security:tst:2009069827" comment="libpng-32bit less than 1.2.8-19.31.9"/> 33456 <criterion test_ref="oval:org.opensuse.security:tst:2009069829" comment="libpng-devel-32bit less than 1.2.8-19.31.9"/> 33457 <criterion test_ref="oval:org.opensuse.security:tst:2009069831" comment="libpng-devel less than 1.2.8-19.31.9"/> 33458 <criterion test_ref="oval:org.opensuse.security:tst:2009069833" comment="libpng less than 1.2.8-19.31.9"/> 33459 </criteria> 33460 </criteria> 33461 </definition> 33462 <definition id="oval:org.opensuse.security:def:20112692" version="1" class="vulnerability"> 33463 <metadata> 33464 <title>CVE-2011-2692</title> 33465 <affected family="unix"> 33466 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33467 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33468 </affected> 33469 <reference ref_id="CVE-2011-2692" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2692" source="CVE"/> 33470 <description> 33471 The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory. 33472 </description> 33473 </metadata> 33474 <!-- cfe75a17284d23a11571eeefdcbad4a8 --> 33475 <criteria operator="AND"> 33476 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33477 <criteria operator="OR"> 33478 <criterion test_ref="oval:org.opensuse.security:tst:2009069827" comment="libpng-32bit less than 1.2.8-19.31.9"/> 33479 <criterion test_ref="oval:org.opensuse.security:tst:2009069829" comment="libpng-devel-32bit less than 1.2.8-19.31.9"/> 33480 <criterion test_ref="oval:org.opensuse.security:tst:2009069831" comment="libpng-devel less than 1.2.8-19.31.9"/> 33481 <criterion test_ref="oval:org.opensuse.security:tst:2009069833" comment="libpng less than 1.2.8-19.31.9"/> 33482 </criteria> 33483 </criteria> 33484 </definition> 33485 <definition id="oval:org.opensuse.security:def:20112694" version="1" class="vulnerability"> 33486 <metadata> 33487 <title>CVE-2011-2694</title> 33488 <affected family="unix"> 33489 <platform>SUSE Linux Enterprise Desktop 10 SP3 Samba</platform> 33490 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33491 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33492 </affected> 33493 <reference ref_id="CVE-2011-2694" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2694" source="CVE"/> 33494 <description> 33495 Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program (aka the user field to the Change Password page). 33496 </description> 33497 </metadata> 33498 <!-- 676a63e0372c4e512bc5dc6178f7777a --> 33499 <criteria operator="AND"> 33500 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33501 <criteria operator="OR"> 33502 <criterion test_ref="oval:org.opensuse.security:tst:2009070347" comment="cifs-mount less than 3.0.36-0.13.16.5"/> 33503 <criterion test_ref="oval:org.opensuse.security:tst:2009070348" comment="ldapsmb less than 1.34b-25.13.16.5"/> 33504 <criterion test_ref="oval:org.opensuse.security:tst:2009070349" comment="libsmbclient-32bit less than 3.0.36-0.13.16.5"/> 33505 <criterion test_ref="oval:org.opensuse.security:tst:2009070350" comment="libsmbclient-devel less than 3.0.36-0.13.16.5"/> 33506 <criterion test_ref="oval:org.opensuse.security:tst:2009070351" comment="libsmbclient less than 3.0.36-0.13.16.5"/> 33507 <criterion test_ref="oval:org.opensuse.security:tst:2009070352" comment="samba-32bit less than 3.0.36-0.13.16.5"/> 33508 <criterion test_ref="oval:org.opensuse.security:tst:2009070353" comment="samba-client-32bit less than 3.0.36-0.13.16.5"/> 33509 <criterion test_ref="oval:org.opensuse.security:tst:2009070354" comment="samba-client less than 3.0.36-0.13.16.5"/> 33510 <criterion test_ref="oval:org.opensuse.security:tst:2009070355" comment="samba-krb-printing less than 3.0.36-0.13.16.5"/> 33511 <criterion test_ref="oval:org.opensuse.security:tst:2009070356" comment="samba-vscan less than 0.3.6b-43.13.16.5"/> 33512 <criterion test_ref="oval:org.opensuse.security:tst:2009070357" comment="samba-winbind-32bit less than 3.0.36-0.13.16.5"/> 33513 <criterion test_ref="oval:org.opensuse.security:tst:2009070358" comment="samba-winbind less than 3.0.36-0.13.16.5"/> 33514 <criterion test_ref="oval:org.opensuse.security:tst:2009070359" comment="samba less than 3.0.36-0.13.16.5"/> 33515 </criteria> 33516 </criteria> 33517 </definition> 33518 <definition id="oval:org.opensuse.security:def:20112696" version="1" class="vulnerability"> 33519 <metadata> 33520 <title>CVE-2011-2696</title> 33521 <affected family="unix"> 33522 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33523 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33524 </affected> 33525 <reference ref_id="CVE-2011-2696" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2696" source="CVE"/> 33526 <description> 33527 Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow. 33528 </description> 33529 </metadata> 33530 <!-- 353cec4df70fe9d46be9127fe99a5ebf --> 33531 <criteria operator="AND"> 33532 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33533 <criteria operator="OR"> 33534 <criterion test_ref="oval:org.opensuse.security:tst:2009069638" comment="libsndfile-32bit less than 1.0.12-13.13.1"/> 33535 <criterion test_ref="oval:org.opensuse.security:tst:2009069639" comment="libsndfile-devel less than 1.0.12-13.13.1"/> 33536 <criterion test_ref="oval:org.opensuse.security:tst:2009069640" comment="libsndfile less than 1.0.12-13.13.1"/> 33537 </criteria> 33538 </criteria> 33539 </definition> 33540 <definition id="oval:org.opensuse.security:def:20112697" version="1" class="vulnerability"> 33541 <metadata> 33542 <title>CVE-2011-2697</title> 33543 <affected family="unix"> 33544 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33545 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33546 </affected> 33547 <reference ref_id="CVE-2011-2697" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2697" source="CVE"/> 33548 <description> 33549 foomatic-rip-hplip in HP Linux Imaging and Printing (HPLIP) 3.11.5 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file. 33550 </description> 33551 </metadata> 33552 <!-- 58f89f5819e70d5cd3e625d249e8c5c5 --> 33553 <criteria operator="AND"> 33554 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33555 <criterion test_ref="oval:org.opensuse.security:tst:2009069769" comment="foomatic-filters less than 3.0.2-20.11.1"/> 33556 </criteria> 33557 </definition> 33558 <definition id="oval:org.opensuse.security:def:20112698" version="1" class="vulnerability"> 33559 <metadata> 33560 <title>CVE-2011-2698</title> 33561 <affected family="unix"> 33562 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33563 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33564 </affected> 33565 <reference ref_id="CVE-2011-2698" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2698" source="CVE"/> 33566 <description> 33567 Off-by-one error in the elem_cell_id_aux function in epan/dissectors/packet-ansi_a.c in the ANSI MAP dissector in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (infinite loop) via an invalid packet. 33568 </description> 33569 </metadata> 33570 <!-- cf5c1e76f2a91730535608d0e7a92adc --> 33571 <criteria operator="AND"> 33572 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33573 <criterion test_ref="oval:org.opensuse.security:tst:2009071189" comment="wireshark less than 1.4.4-0.41.1"/> 33574 </criteria> 33575 </definition> 33576 <definition id="oval:org.opensuse.security:def:20112699" version="1" class="vulnerability"> 33577 <metadata> 33578 <title>CVE-2011-2699</title> 33579 <affected family="unix"> 33580 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33581 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33582 </affected> 33583 <reference ref_id="CVE-2011-2699" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2699" source="CVE"/> 33584 <description> 33585 The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets. 33586 </description> 33587 </metadata> 33588 <criteria operator="OR"> 33589 <!-- 04c790b378855fb45cf8fbe69ba4bbc1 --> 33590 <criteria operator="AND"> 33591 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33592 <criteria operator="OR"> 33593 <criterion test_ref="oval:org.opensuse.security:tst:2009072709" comment="kernel-bigsmp less than 2.6.16.60-0.93.1"/> 33594 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 33595 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 33596 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 33597 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 33598 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 33599 <criterion test_ref="oval:org.opensuse.security:tst:2009072715" comment="kernel-xenpae less than 2.6.16.60-0.93.1"/> 33600 </criteria> 33601 </criteria> 33602 <!-- 2a3c70bd23d91ad0dd11094f7e71f27a --> 33603 <criteria operator="AND"> 33604 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33605 <criteria operator="OR"> 33606 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 33607 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 33608 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 33609 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 33610 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 33611 </criteria> 33612 </criteria> 33613 </criteria> 33614 </definition> 33615 <definition id="oval:org.opensuse.security:def:20112709" version="1" class="vulnerability"> 33616 <metadata> 33617 <title>CVE-2011-2709</title> 33618 <affected family="unix"> 33619 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33620 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33621 </affected> 33622 <reference ref_id="CVE-2011-2709" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2709" source="CVE"/> 33623 <description> 33624 libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment variable, as demonstrated using mount.nfs. 33625 </description> 33626 </metadata> 33627 <!-- 5b5de538464acbf06386b39d37563e66 --> 33628 <criteria operator="AND"> 33629 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33630 <criteria operator="OR"> 33631 <criterion test_ref="oval:org.opensuse.security:tst:2009074791" comment="libgssapi-32bit less than 0.6-13.12.1"/> 33632 <criterion test_ref="oval:org.opensuse.security:tst:2009074792" comment="libgssapi less than 0.6-13.12.1"/> 33633 </criteria> 33634 </criteria> 33635 </definition> 33636 <definition id="oval:org.opensuse.security:def:20112713" version="1" class="vulnerability"> 33637 <metadata> 33638 <title>CVE-2011-2713</title> 33639 <affected family="unix"> 33640 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33641 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33642 </affected> 33643 <reference ref_id="CVE-2011-2713" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2713" source="CVE"/> 33644 <description> 33645 oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser. 33646 </description> 33647 </metadata> 33648 <!-- 50eeb8254bb462e482c3c796587985e5 --> 33649 <criteria operator="AND"> 33650 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33651 <criteria operator="OR"> 33652 <criterion test_ref="oval:org.opensuse.security:tst:2009107306" comment="libreoffice-af less than 3.4.2.6-2.7.1"/> 33653 <criterion test_ref="oval:org.opensuse.security:tst:2009107307" comment="libreoffice-ar less than 3.4.2.6-2.7.1"/> 33654 <criterion test_ref="oval:org.opensuse.security:tst:2009107308" comment="libreoffice-ca less than 3.4.2.6-2.7.1"/> 33655 <criterion test_ref="oval:org.opensuse.security:tst:2009107309" comment="libreoffice-cs less than 3.4.2.6-2.7.1"/> 33656 <criterion test_ref="oval:org.opensuse.security:tst:2009107310" comment="libreoffice-da less than 3.4.2.6-2.7.1"/> 33657 <criterion test_ref="oval:org.opensuse.security:tst:2009107311" comment="libreoffice-de less than 3.4.2.6-2.7.1"/> 33658 <criterion test_ref="oval:org.opensuse.security:tst:2009107312" comment="libreoffice-el less than 3.4.2.6-2.7.1"/> 33659 <criterion test_ref="oval:org.opensuse.security:tst:2009107313" comment="libreoffice-en-GB less than 3.4.2.6-2.7.1"/> 33660 <criterion test_ref="oval:org.opensuse.security:tst:2009107314" comment="libreoffice-es less than 3.4.2.6-2.7.1"/> 33661 <criterion test_ref="oval:org.opensuse.security:tst:2009107315" comment="libreoffice-fi less than 3.4.2.6-2.7.1"/> 33662 <criterion test_ref="oval:org.opensuse.security:tst:2009107316" comment="libreoffice-fr less than 3.4.2.6-2.7.1"/> 33663 <criterion test_ref="oval:org.opensuse.security:tst:2009107317" comment="libreoffice-galleries less than 3.4.2.6-2.7.1"/> 33664 <criterion test_ref="oval:org.opensuse.security:tst:2009107318" comment="libreoffice-gnome less than 3.4.2.6-2.7.1"/> 33665 <criterion test_ref="oval:org.opensuse.security:tst:2009107319" comment="libreoffice-gu-IN less than 3.4.2.6-2.7.1"/> 33666 <criterion test_ref="oval:org.opensuse.security:tst:2009107320" comment="libreoffice-hi-IN less than 3.4.2.6-2.7.1"/> 33667 <criterion test_ref="oval:org.opensuse.security:tst:2009107321" comment="libreoffice-hu less than 3.4.2.6-2.7.1"/> 33668 <criterion test_ref="oval:org.opensuse.security:tst:2009107322" comment="libreoffice-it less than 3.4.2.6-2.7.1"/> 33669 <criterion test_ref="oval:org.opensuse.security:tst:2009107323" comment="libreoffice-ja less than 3.4.2.6-2.7.1"/> 33670 <criterion test_ref="oval:org.opensuse.security:tst:2009107324" comment="libreoffice-kde less than 3.4.2.6-2.7.1"/> 33671 <criterion test_ref="oval:org.opensuse.security:tst:2009107325" comment="libreoffice-ko less than 3.4.2.6-2.7.1"/> 33672 <criterion test_ref="oval:org.opensuse.security:tst:2009107326" comment="libreoffice-mono less than 3.4.2.6-2.7.1"/> 33673 <criterion test_ref="oval:org.opensuse.security:tst:2009107327" comment="libreoffice-nb less than 3.4.2.6-2.7.1"/> 33674 <criterion test_ref="oval:org.opensuse.security:tst:2009107328" comment="libreoffice-nl less than 3.4.2.6-2.7.1"/> 33675 <criterion test_ref="oval:org.opensuse.security:tst:2009107329" comment="libreoffice-nn less than 3.4.2.6-2.7.1"/> 33676 <criterion test_ref="oval:org.opensuse.security:tst:2009107330" comment="libreoffice-pl less than 3.4.2.6-2.7.1"/> 33677 <criterion test_ref="oval:org.opensuse.security:tst:2009107331" comment="libreoffice-pt-BR less than 3.4.2.6-2.7.1"/> 33678 <criterion test_ref="oval:org.opensuse.security:tst:2009107332" comment="libreoffice-ru less than 3.4.2.6-2.7.1"/> 33679 <criterion test_ref="oval:org.opensuse.security:tst:2009107333" comment="libreoffice-sk less than 3.4.2.6-2.7.1"/> 33680 <criterion test_ref="oval:org.opensuse.security:tst:2009107334" comment="libreoffice-sv less than 3.4.2.6-2.7.1"/> 33681 <criterion test_ref="oval:org.opensuse.security:tst:2009107335" comment="libreoffice-xh less than 3.4.2.6-2.7.1"/> 33682 <criterion test_ref="oval:org.opensuse.security:tst:2009107336" comment="libreoffice-zh-CN less than 3.4.2.6-2.7.1"/> 33683 <criterion test_ref="oval:org.opensuse.security:tst:2009107337" comment="libreoffice-zh-TW less than 3.4.2.6-2.7.1"/> 33684 <criterion test_ref="oval:org.opensuse.security:tst:2009107338" comment="libreoffice-zu less than 3.4.2.6-2.7.1"/> 33685 <criterion test_ref="oval:org.opensuse.security:tst:2009107339" comment="libreoffice less than 3.4.2.6-2.7.1"/> 33686 </criteria> 33687 </criteria> 33688 </definition> 33689 <definition id="oval:org.opensuse.security:def:20112721" version="1" class="vulnerability"> 33690 <metadata> 33691 <title>CVE-2011-2721</title> 33692 <affected family="unix"> 33693 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33694 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33695 </affected> 33696 <reference ref_id="CVE-2011-2721" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2721" source="CVE"/> 33697 <description> 33698 Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations. 33699 </description> 33700 </metadata> 33701 <!-- ffef53f33fdb46ce9c3231beb182dac8 --> 33702 <criteria operator="AND"> 33703 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33704 <criterion test_ref="oval:org.opensuse.security:tst:2009070055" comment="clamav less than 0.97.2-1.5.2"/> 33705 </criteria> 33706 </definition> 33707 <definition id="oval:org.opensuse.security:def:20112728" version="1" class="vulnerability"> 33708 <metadata> 33709 <title>CVE-2011-2728</title> 33710 <affected family="unix"> 33711 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33712 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33713 </affected> 33714 <reference ref_id="CVE-2011-2728" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2728" source="CVE"/> 33715 <description> 33716 The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, which triggers an uninitialized pointer dereference. 33717 </description> 33718 </metadata> 33719 <!-- ed1929d51b82752f08399dada0ae2769 --> 33720 <criteria operator="AND"> 33721 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33722 <criteria operator="OR"> 33723 <criterion test_ref="oval:org.opensuse.security:tst:2009076769" comment="perl-32bit less than 5.8.8-14.21.3"/> 33724 <criterion test_ref="oval:org.opensuse.security:tst:2009076770" comment="perl less than 5.8.8-14.21.3"/> 33725 </criteria> 33726 </criteria> 33727 </definition> 33728 <definition id="oval:org.opensuse.security:def:20112748" version="1" class="vulnerability"> 33729 <metadata> 33730 <title>CVE-2011-2748</title> 33731 <affected family="unix"> 33732 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33733 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33734 </affected> 33735 <reference ref_id="CVE-2011-2748" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2748" source="CVE"/> 33736 <description> 33737 The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet. 33738 </description> 33739 </metadata> 33740 <!-- c41557ebbb59f76a37efcec0250609d9 --> 33741 <criteria operator="AND"> 33742 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33743 <criteria operator="OR"> 33744 <criterion test_ref="oval:org.opensuse.security:tst:2009070487" comment="dhcp-client less than 3.0.7-7.15.1"/> 33745 <criterion test_ref="oval:org.opensuse.security:tst:2009070488" comment="dhcp less than 3.0.7-7.15.1"/> 33746 </criteria> 33747 </criteria> 33748 </definition> 33749 <definition id="oval:org.opensuse.security:def:20112749" version="1" class="vulnerability"> 33750 <metadata> 33751 <title>CVE-2011-2749</title> 33752 <affected family="unix"> 33753 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33754 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33755 </affected> 33756 <reference ref_id="CVE-2011-2749" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2749" source="CVE"/> 33757 <description> 33758 The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet. 33759 </description> 33760 </metadata> 33761 <!-- c41557ebbb59f76a37efcec0250609d9 --> 33762 <criteria operator="AND"> 33763 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33764 <criteria operator="OR"> 33765 <criterion test_ref="oval:org.opensuse.security:tst:2009070487" comment="dhcp-client less than 3.0.7-7.15.1"/> 33766 <criterion test_ref="oval:org.opensuse.security:tst:2009070488" comment="dhcp less than 3.0.7-7.15.1"/> 33767 </criteria> 33768 </criteria> 33769 </definition> 33770 <definition id="oval:org.opensuse.security:def:20112895" version="1" class="vulnerability"> 33771 <metadata> 33772 <title>CVE-2011-2895</title> 33773 <affected family="unix"> 33774 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33775 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33776 </affected> 33777 <reference ref_id="CVE-2011-2895" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2895" source="CVE"/> 33778 <description> 33779 The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896. 33780 </description> 33781 </metadata> 33782 <criteria operator="OR"> 33783 <!-- 1a2ab2f33ca77404c8f69d54b080bce6 --> 33784 <criteria operator="AND"> 33785 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33786 <criteria operator="OR"> 33787 <criterion test_ref="oval:org.opensuse.security:tst:2009072070" comment="xorg-x11-Xnest less than 6.9.0-50.76.4"/> 33788 <criterion test_ref="oval:org.opensuse.security:tst:2009072071" comment="xorg-x11-Xvfb less than 6.9.0-50.76.4"/> 33789 <criterion test_ref="oval:org.opensuse.security:tst:2009072072" comment="xorg-x11-Xvnc less than 6.9.0-50.76.4"/> 33790 <criterion test_ref="oval:org.opensuse.security:tst:2009072073" comment="xorg-x11-devel-32bit less than 6.9.0-50.76.4"/> 33791 <criterion test_ref="oval:org.opensuse.security:tst:2009072074" comment="xorg-x11-devel less than 6.9.0-50.76.4"/> 33792 <criterion test_ref="oval:org.opensuse.security:tst:2009072075" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.76.4"/> 33793 <criterion test_ref="oval:org.opensuse.security:tst:2009072076" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.76.4"/> 33794 <criterion test_ref="oval:org.opensuse.security:tst:2009072077" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.76.4"/> 33795 <criterion test_ref="oval:org.opensuse.security:tst:2009072078" comment="xorg-x11-fonts-scalable less than 6.9.0-50.76.4"/> 33796 <criterion test_ref="oval:org.opensuse.security:tst:2009072079" comment="xorg-x11-fonts-syriac less than 6.9.0-50.76.4"/> 33797 <criterion test_ref="oval:org.opensuse.security:tst:2009072080" comment="xorg-x11-libs-32bit less than 6.9.0-50.76.4"/> 33798 <criterion test_ref="oval:org.opensuse.security:tst:2009072081" comment="xorg-x11-libs less than 6.9.0-50.76.4"/> 33799 <criterion test_ref="oval:org.opensuse.security:tst:2009072082" comment="xorg-x11-man less than 6.9.0-50.76.4"/> 33800 <criterion test_ref="oval:org.opensuse.security:tst:2009072083" comment="xorg-x11-server-glx less than 6.9.0-50.76.4"/> 33801 <criterion test_ref="oval:org.opensuse.security:tst:2009072084" comment="xorg-x11-server less than 6.9.0-50.76.4"/> 33802 <criterion test_ref="oval:org.opensuse.security:tst:2009072085" comment="xorg-x11 less than 6.9.0-50.76.4"/> 33803 </criteria> 33804 </criteria> 33805 <!-- 7e775f10b0282368905503b130ebadf9 --> 33806 <criteria operator="AND"> 33807 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33808 <criteria operator="OR"> 33809 <criterion test_ref="oval:org.opensuse.security:tst:2009072149" comment="freetype2-32bit less than 2.1.10-18.27.5"/> 33810 <criterion test_ref="oval:org.opensuse.security:tst:2009072150" comment="freetype2-devel-32bit less than 2.1.10-18.27.5"/> 33811 <criterion test_ref="oval:org.opensuse.security:tst:2009072151" comment="freetype2-devel less than 2.1.10-18.27.5"/> 33812 <criterion test_ref="oval:org.opensuse.security:tst:2009072152" comment="freetype2 less than 2.1.10-18.27.5"/> 33813 </criteria> 33814 </criteria> 33815 </criteria> 33816 </definition> 33817 <definition id="oval:org.opensuse.security:def:20112896" version="1" class="vulnerability"> 33818 <metadata> 33819 <title>CVE-2011-2896</title> 33820 <affected family="unix"> 33821 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33822 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33823 </affected> 33824 <reference ref_id="CVE-2011-2896" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896" source="CVE"/> 33825 <description> 33826 The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895. 33827 </description> 33828 </metadata> 33829 <criteria operator="OR"> 33830 <!-- 04fb5b2bf484dc76bc84deae45c8209f --> 33831 <criteria operator="AND"> 33832 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33833 <criteria operator="OR"> 33834 <criterion test_ref="oval:org.opensuse.security:tst:2009071518" comment="gimp-devel less than 2.2.10-22.40.1"/> 33835 <criterion test_ref="oval:org.opensuse.security:tst:2009071519" comment="gimp less than 2.2.10-22.40.1"/> 33836 </criteria> 33837 </criteria> 33838 <!-- 58f92f1602b118d40cc39ae74d76028f --> 33839 <criteria operator="AND"> 33840 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33841 <criteria operator="OR"> 33842 <criterion test_ref="oval:org.opensuse.security:tst:2009071180" comment="cups-client less than 1.1.23-40.62.1"/> 33843 <criterion test_ref="oval:org.opensuse.security:tst:2009071181" comment="cups-devel less than 1.1.23-40.62.1"/> 33844 <criterion test_ref="oval:org.opensuse.security:tst:2009071182" comment="cups-libs-32bit less than 1.1.23-40.62.1"/> 33845 <criterion test_ref="oval:org.opensuse.security:tst:2009071183" comment="cups-libs less than 1.1.23-40.62.1"/> 33846 <criterion test_ref="oval:org.opensuse.security:tst:2009071184" comment="cups less than 1.1.23-40.62.1"/> 33847 </criteria> 33848 </criteria> 33849 </criteria> 33850 </definition> 33851 <definition id="oval:org.opensuse.security:def:20112897" version="1" class="vulnerability"> 33852 <metadata> 33853 <title>CVE-2011-2897</title> 33854 <affected family="unix"> 33855 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33856 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33857 </affected> 33858 <reference ref_id="CVE-2011-2897" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2897" source="CVE"/> 33859 <description> 33860 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 33861 </description> 33862 </metadata> 33863 <!-- 1e4fac303fda249f28a90f89a7455837 --> 33864 <criteria operator="AND"> 33865 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33866 <criteria operator="OR"> 33867 <criterion test_ref="oval:org.opensuse.security:tst:2009074864" comment="gdk-pixbuf-32bit less than 0.22.0-93.9.1"/> 33868 <criterion test_ref="oval:org.opensuse.security:tst:2009074865" comment="gdk-pixbuf less than 0.22.0-93.9.1"/> 33869 </criteria> 33870 </criteria> 33871 </definition> 33872 <definition id="oval:org.opensuse.security:def:20112901" version="1" class="vulnerability"> 33873 <metadata> 33874 <title>CVE-2011-2901</title> 33875 <affected family="unix"> 33876 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33877 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33878 </affected> 33879 <reference ref_id="CVE-2011-2901" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901" source="CVE"/> 33880 <description> 33881 Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits. 33882 </description> 33883 </metadata> 33884 <!-- 1a3d8df4480b5a9e000bc582606a1bae --> 33885 <criteria operator="AND"> 33886 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33887 <criteria operator="OR"> 33888 <criterion test_ref="oval:org.opensuse.security:tst:2009070195" comment="xen-devel less than 3.2.3_17040_37-0.9.1"/> 33889 <criterion test_ref="oval:org.opensuse.security:tst:2009070196" comment="xen-doc-html less than 3.2.3_17040_37-0.9.1"/> 33890 <criterion test_ref="oval:org.opensuse.security:tst:2009070197" comment="xen-doc-pdf less than 3.2.3_17040_37-0.9.1"/> 33891 <criterion test_ref="oval:org.opensuse.security:tst:2009070198" comment="xen-doc-ps less than 3.2.3_17040_37-0.9.1"/> 33892 <criterion test_ref="oval:org.opensuse.security:tst:2009070199" comment="xen-kmp-bigsmp less than 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1"/> 33893 <criterion test_ref="oval:org.opensuse.security:tst:2009070200" comment="xen-kmp-default less than 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1"/> 33894 <criterion test_ref="oval:org.opensuse.security:tst:2009070201" comment="xen-kmp-smp less than 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1"/> 33895 <criterion test_ref="oval:org.opensuse.security:tst:2009070202" comment="xen-libs-32bit less than 3.2.3_17040_37-0.9.1"/> 33896 <criterion test_ref="oval:org.opensuse.security:tst:2009070203" comment="xen-libs less than 3.2.3_17040_37-0.9.1"/> 33897 <criterion test_ref="oval:org.opensuse.security:tst:2009070204" comment="xen-tools-domU less than 3.2.3_17040_37-0.9.1"/> 33898 <criterion test_ref="oval:org.opensuse.security:tst:2009070205" comment="xen-tools-ioemu less than 3.2.3_17040_37-0.9.1"/> 33899 <criterion test_ref="oval:org.opensuse.security:tst:2009070206" comment="xen-tools less than 3.2.3_17040_37-0.9.1"/> 33900 <criterion test_ref="oval:org.opensuse.security:tst:2009070207" comment="xen less than 3.2.3_17040_37-0.9.1"/> 33901 </criteria> 33902 </criteria> 33903 </definition> 33904 <definition id="oval:org.opensuse.security:def:20112928" version="1" class="vulnerability"> 33905 <metadata> 33906 <title>CVE-2011-2928</title> 33907 <affected family="unix"> 33908 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33909 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33910 </affected> 33911 <reference ref_id="CVE-2011-2928" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2928" source="CVE"/> 33912 <description> 33913 The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel before 3.1-rc3 does not validate the length attribute of long symlinks, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) by accessing a long symlink on a malformed Be filesystem. 33914 </description> 33915 </metadata> 33916 <criteria operator="OR"> 33917 <!-- 3395803e5857d3e0f44b39331dc3b010 --> 33918 <criteria operator="AND"> 33919 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33920 <criteria operator="OR"> 33921 <criterion test_ref="oval:org.opensuse.security:tst:2009107340" comment="kernel-bigsmp less than 2.6.16.60-0.97.1"/> 33922 <criterion test_ref="oval:org.opensuse.security:tst:2009074611" comment="kernel-default less than 2.6.16.60-0.97.1"/> 33923 <criterion test_ref="oval:org.opensuse.security:tst:2009074614" comment="kernel-smp less than 2.6.16.60-0.97.1"/> 33924 <criterion test_ref="oval:org.opensuse.security:tst:2009074612" comment="kernel-source less than 2.6.16.60-0.97.1"/> 33925 <criterion test_ref="oval:org.opensuse.security:tst:2009074613" comment="kernel-syms less than 2.6.16.60-0.97.1"/> 33926 <criterion test_ref="oval:org.opensuse.security:tst:2009074615" comment="kernel-xen less than 2.6.16.60-0.97.1"/> 33927 <criterion test_ref="oval:org.opensuse.security:tst:2009107341" comment="kernel-xenpae less than 2.6.16.60-0.97.1"/> 33928 </criteria> 33929 </criteria> 33930 <!-- 96d47125b6fb737bee4bf3f7619aa63d --> 33931 <criteria operator="AND"> 33932 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33933 <criteria operator="OR"> 33934 <criterion test_ref="oval:org.opensuse.security:tst:2009074611" comment="kernel-default less than 2.6.16.60-0.97.1"/> 33935 <criterion test_ref="oval:org.opensuse.security:tst:2009074614" comment="kernel-smp less than 2.6.16.60-0.97.1"/> 33936 <criterion test_ref="oval:org.opensuse.security:tst:2009074612" comment="kernel-source less than 2.6.16.60-0.97.1"/> 33937 <criterion test_ref="oval:org.opensuse.security:tst:2009074613" comment="kernel-syms less than 2.6.16.60-0.97.1"/> 33938 <criterion test_ref="oval:org.opensuse.security:tst:2009074615" comment="kernel-xen less than 2.6.16.60-0.97.1"/> 33939 </criteria> 33940 </criteria> 33941 </criteria> 33942 </definition> 33943 <definition id="oval:org.opensuse.security:def:20112964" version="1" class="vulnerability"> 33944 <metadata> 33945 <title>CVE-2011-2964</title> 33946 <affected family="unix"> 33947 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33948 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33949 </affected> 33950 <reference ref_id="CVE-2011-2964" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2964" source="CVE"/> 33951 <description> 33952 foomaticrip.c in foomatic-rip in foomatic-filters in Foomatic 4.0.6 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file, a different vulnerability than CVE-2011-2697. 33953 </description> 33954 </metadata> 33955 <!-- 58f89f5819e70d5cd3e625d249e8c5c5 --> 33956 <criteria operator="AND"> 33957 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33958 <criterion test_ref="oval:org.opensuse.security:tst:2009069769" comment="foomatic-filters less than 3.0.2-20.11.1"/> 33959 </criteria> 33960 </definition> 33961 <definition id="oval:org.opensuse.security:def:20112980" version="1" class="vulnerability"> 33962 <metadata> 33963 <title>CVE-2011-2980</title> 33964 <affected family="unix"> 33965 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33966 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33967 </affected> 33968 <reference ref_id="CVE-2011-2980" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2980" source="CVE"/> 33969 <description> 33970 Untrusted search path vulnerability in the ThinkPadSensor::Startup function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, allows local users to gain privileges by leveraging write access in an unspecified directory to place a Trojan horse DLL that is loaded into the running Firefox process. 33971 </description> 33972 </metadata> 33973 <!-- 24df2ef0dad5f3b46261e6f99333badf --> 33974 <criteria operator="AND"> 33975 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 33976 <criteria operator="OR"> 33977 <criterion test_ref="oval:org.opensuse.security:tst:2009070101" comment="MozillaFirefox-translations less than 3.6.20-0.5.1"/> 33978 <criterion test_ref="oval:org.opensuse.security:tst:2009070102" comment="MozillaFirefox less than 3.6.20-0.5.1"/> 33979 <criterion test_ref="oval:org.opensuse.security:tst:2009070103" comment="mozilla-xulrunner192-32bit less than 1.9.2.20-1.5.1"/> 33980 <criterion test_ref="oval:org.opensuse.security:tst:2009070104" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.20-1.5.1"/> 33981 <criterion test_ref="oval:org.opensuse.security:tst:2009070105" comment="mozilla-xulrunner192-gnome less than 1.9.2.20-1.5.1"/> 33982 <criterion test_ref="oval:org.opensuse.security:tst:2009070106" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.20-1.5.1"/> 33983 <criterion test_ref="oval:org.opensuse.security:tst:2009070107" comment="mozilla-xulrunner192-translations less than 1.9.2.20-1.5.1"/> 33984 <criterion test_ref="oval:org.opensuse.security:tst:2009070108" comment="mozilla-xulrunner192 less than 1.9.2.20-1.5.1"/> 33985 </criteria> 33986 </criteria> 33987 </definition> 33988 <definition id="oval:org.opensuse.security:def:20112981" version="1" class="vulnerability"> 33989 <metadata> 33990 <title>CVE-2011-2981</title> 33991 <affected family="unix"> 33992 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 33993 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 33994 </affected> 33995 <reference ref_id="CVE-2011-2981" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2981" source="CVE"/> 33996 <description> 33997 The event-management implementation in Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly select the context for script to run in, which allows remote attackers to bypass the Same Origin Policy or execute arbitrary JavaScript code with chrome privileges via a crafted web site. 33998 </description> 33999 </metadata> 34000 <!-- 24df2ef0dad5f3b46261e6f99333badf --> 34001 <criteria operator="AND"> 34002 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34003 <criteria operator="OR"> 34004 <criterion test_ref="oval:org.opensuse.security:tst:2009070101" comment="MozillaFirefox-translations less than 3.6.20-0.5.1"/> 34005 <criterion test_ref="oval:org.opensuse.security:tst:2009070102" comment="MozillaFirefox less than 3.6.20-0.5.1"/> 34006 <criterion test_ref="oval:org.opensuse.security:tst:2009070103" comment="mozilla-xulrunner192-32bit less than 1.9.2.20-1.5.1"/> 34007 <criterion test_ref="oval:org.opensuse.security:tst:2009070104" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.20-1.5.1"/> 34008 <criterion test_ref="oval:org.opensuse.security:tst:2009070105" comment="mozilla-xulrunner192-gnome less than 1.9.2.20-1.5.1"/> 34009 <criterion test_ref="oval:org.opensuse.security:tst:2009070106" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.20-1.5.1"/> 34010 <criterion test_ref="oval:org.opensuse.security:tst:2009070107" comment="mozilla-xulrunner192-translations less than 1.9.2.20-1.5.1"/> 34011 <criterion test_ref="oval:org.opensuse.security:tst:2009070108" comment="mozilla-xulrunner192 less than 1.9.2.20-1.5.1"/> 34012 </criteria> 34013 </criteria> 34014 </definition> 34015 <definition id="oval:org.opensuse.security:def:20112982" version="1" class="vulnerability"> 34016 <metadata> 34017 <title>CVE-2011-2982</title> 34018 <affected family="unix"> 34019 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34020 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34021 </affected> 34022 <reference ref_id="CVE-2011-2982" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2982" source="CVE"/> 34023 <description> 34024 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 34025 </description> 34026 </metadata> 34027 <!-- 24df2ef0dad5f3b46261e6f99333badf --> 34028 <criteria operator="AND"> 34029 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34030 <criteria operator="OR"> 34031 <criterion test_ref="oval:org.opensuse.security:tst:2009070101" comment="MozillaFirefox-translations less than 3.6.20-0.5.1"/> 34032 <criterion test_ref="oval:org.opensuse.security:tst:2009070102" comment="MozillaFirefox less than 3.6.20-0.5.1"/> 34033 <criterion test_ref="oval:org.opensuse.security:tst:2009070103" comment="mozilla-xulrunner192-32bit less than 1.9.2.20-1.5.1"/> 34034 <criterion test_ref="oval:org.opensuse.security:tst:2009070104" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.20-1.5.1"/> 34035 <criterion test_ref="oval:org.opensuse.security:tst:2009070105" comment="mozilla-xulrunner192-gnome less than 1.9.2.20-1.5.1"/> 34036 <criterion test_ref="oval:org.opensuse.security:tst:2009070106" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.20-1.5.1"/> 34037 <criterion test_ref="oval:org.opensuse.security:tst:2009070107" comment="mozilla-xulrunner192-translations less than 1.9.2.20-1.5.1"/> 34038 <criterion test_ref="oval:org.opensuse.security:tst:2009070108" comment="mozilla-xulrunner192 less than 1.9.2.20-1.5.1"/> 34039 </criteria> 34040 </criteria> 34041 </definition> 34042 <definition id="oval:org.opensuse.security:def:20112983" version="1" class="vulnerability"> 34043 <metadata> 34044 <title>CVE-2011-2983</title> 34045 <affected family="unix"> 34046 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34047 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34048 </affected> 34049 <reference ref_id="CVE-2011-2983" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2983" source="CVE"/> 34050 <description> 34051 Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site, possibly related to a use-after-free. 34052 </description> 34053 </metadata> 34054 <!-- 24df2ef0dad5f3b46261e6f99333badf --> 34055 <criteria operator="AND"> 34056 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34057 <criteria operator="OR"> 34058 <criterion test_ref="oval:org.opensuse.security:tst:2009070101" comment="MozillaFirefox-translations less than 3.6.20-0.5.1"/> 34059 <criterion test_ref="oval:org.opensuse.security:tst:2009070102" comment="MozillaFirefox less than 3.6.20-0.5.1"/> 34060 <criterion test_ref="oval:org.opensuse.security:tst:2009070103" comment="mozilla-xulrunner192-32bit less than 1.9.2.20-1.5.1"/> 34061 <criterion test_ref="oval:org.opensuse.security:tst:2009070104" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.20-1.5.1"/> 34062 <criterion test_ref="oval:org.opensuse.security:tst:2009070105" comment="mozilla-xulrunner192-gnome less than 1.9.2.20-1.5.1"/> 34063 <criterion test_ref="oval:org.opensuse.security:tst:2009070106" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.20-1.5.1"/> 34064 <criterion test_ref="oval:org.opensuse.security:tst:2009070107" comment="mozilla-xulrunner192-translations less than 1.9.2.20-1.5.1"/> 34065 <criterion test_ref="oval:org.opensuse.security:tst:2009070108" comment="mozilla-xulrunner192 less than 1.9.2.20-1.5.1"/> 34066 </criteria> 34067 </criteria> 34068 </definition> 34069 <definition id="oval:org.opensuse.security:def:20112984" version="1" class="vulnerability"> 34070 <metadata> 34071 <title>CVE-2011-2984</title> 34072 <affected family="unix"> 34073 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34074 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34075 </affected> 34076 <reference ref_id="CVE-2011-2984" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2984" source="CVE"/> 34077 <description> 34078 Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering for drop events. 34079 </description> 34080 </metadata> 34081 <!-- 24df2ef0dad5f3b46261e6f99333badf --> 34082 <criteria operator="AND"> 34083 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34084 <criteria operator="OR"> 34085 <criterion test_ref="oval:org.opensuse.security:tst:2009070101" comment="MozillaFirefox-translations less than 3.6.20-0.5.1"/> 34086 <criterion test_ref="oval:org.opensuse.security:tst:2009070102" comment="MozillaFirefox less than 3.6.20-0.5.1"/> 34087 <criterion test_ref="oval:org.opensuse.security:tst:2009070103" comment="mozilla-xulrunner192-32bit less than 1.9.2.20-1.5.1"/> 34088 <criterion test_ref="oval:org.opensuse.security:tst:2009070104" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.20-1.5.1"/> 34089 <criterion test_ref="oval:org.opensuse.security:tst:2009070105" comment="mozilla-xulrunner192-gnome less than 1.9.2.20-1.5.1"/> 34090 <criterion test_ref="oval:org.opensuse.security:tst:2009070106" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.20-1.5.1"/> 34091 <criterion test_ref="oval:org.opensuse.security:tst:2009070107" comment="mozilla-xulrunner192-translations less than 1.9.2.20-1.5.1"/> 34092 <criterion test_ref="oval:org.opensuse.security:tst:2009070108" comment="mozilla-xulrunner192 less than 1.9.2.20-1.5.1"/> 34093 </criteria> 34094 </criteria> 34095 </definition> 34096 <definition id="oval:org.opensuse.security:def:20112995" version="1" class="vulnerability"> 34097 <metadata> 34098 <title>CVE-2011-2995</title> 34099 <affected family="unix"> 34100 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34101 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34102 </affected> 34103 <reference ref_id="CVE-2011-2995" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2995" source="CVE"/> 34104 <description> 34105 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 34106 </description> 34107 </metadata> 34108 <!-- 8026ac2197f43942ee30e9d32864f793 --> 34109 <criteria operator="AND"> 34110 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34111 <criteria operator="OR"> 34112 <criterion test_ref="oval:org.opensuse.security:tst:2009070820" comment="MozillaFirefox-translations less than 3.6.23-0.5.1"/> 34113 <criterion test_ref="oval:org.opensuse.security:tst:2009070821" comment="MozillaFirefox less than 3.6.23-0.5.1"/> 34114 <criterion test_ref="oval:org.opensuse.security:tst:2009070822" comment="mozilla-xulrunner192-32bit less than 1.9.2.23-1.6.1"/> 34115 <criterion test_ref="oval:org.opensuse.security:tst:2009070823" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.23-1.6.1"/> 34116 <criterion test_ref="oval:org.opensuse.security:tst:2009070824" comment="mozilla-xulrunner192-gnome less than 1.9.2.23-1.6.1"/> 34117 <criterion test_ref="oval:org.opensuse.security:tst:2009070825" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.23-1.6.1"/> 34118 <criterion test_ref="oval:org.opensuse.security:tst:2009070826" comment="mozilla-xulrunner192-translations less than 1.9.2.23-1.6.1"/> 34119 <criterion test_ref="oval:org.opensuse.security:tst:2009070827" comment="mozilla-xulrunner192 less than 1.9.2.23-1.6.1"/> 34120 </criteria> 34121 </criteria> 34122 </definition> 34123 <definition id="oval:org.opensuse.security:def:20112996" version="1" class="vulnerability"> 34124 <metadata> 34125 <title>CVE-2011-2996</title> 34126 <affected family="unix"> 34127 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34128 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34129 </affected> 34130 <reference ref_id="CVE-2011-2996" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2996" source="CVE"/> 34131 <description> 34132 Unspecified vulnerability in the plugin API in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 34133 </description> 34134 </metadata> 34135 <criteria operator="OR"> 34136 <!-- 8026ac2197f43942ee30e9d32864f793 --> 34137 <criteria operator="AND"> 34138 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34139 <criteria operator="OR"> 34140 <criterion test_ref="oval:org.opensuse.security:tst:2009070820" comment="MozillaFirefox-translations less than 3.6.23-0.5.1"/> 34141 <criterion test_ref="oval:org.opensuse.security:tst:2009070821" comment="MozillaFirefox less than 3.6.23-0.5.1"/> 34142 <criterion test_ref="oval:org.opensuse.security:tst:2009070822" comment="mozilla-xulrunner192-32bit less than 1.9.2.23-1.6.1"/> 34143 <criterion test_ref="oval:org.opensuse.security:tst:2009070823" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.23-1.6.1"/> 34144 <criterion test_ref="oval:org.opensuse.security:tst:2009070824" comment="mozilla-xulrunner192-gnome less than 1.9.2.23-1.6.1"/> 34145 <criterion test_ref="oval:org.opensuse.security:tst:2009070825" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.23-1.6.1"/> 34146 <criterion test_ref="oval:org.opensuse.security:tst:2009070826" comment="mozilla-xulrunner192-translations less than 1.9.2.23-1.6.1"/> 34147 <criterion test_ref="oval:org.opensuse.security:tst:2009070827" comment="mozilla-xulrunner192 less than 1.9.2.23-1.6.1"/> 34148 </criteria> 34149 </criteria> 34150 <!-- d38a557341c2b284b12c5c1e21800a6d --> 34151 <criteria operator="AND"> 34152 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34153 <criteria operator="OR"> 34154 <criterion test_ref="oval:org.opensuse.security:tst:2009071938" comment="mozilla-nss-32bit less than 3.13.1-0.5.1"/> 34155 <criterion test_ref="oval:org.opensuse.security:tst:2009071939" comment="mozilla-nss-devel less than 3.13.1-0.5.1"/> 34156 <criterion test_ref="oval:org.opensuse.security:tst:2009071940" comment="mozilla-nss-tools less than 3.13.1-0.5.1"/> 34157 <criterion test_ref="oval:org.opensuse.security:tst:2009071941" comment="mozilla-nss less than 3.13.1-0.5.1"/> 34158 </criteria> 34159 </criteria> 34160 </criteria> 34161 </definition> 34162 <definition id="oval:org.opensuse.security:def:20112998" version="1" class="vulnerability"> 34163 <metadata> 34164 <title>CVE-2011-2998</title> 34165 <affected family="unix"> 34166 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34167 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34168 </affected> 34169 <reference ref_id="CVE-2011-2998" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2998" source="CVE"/> 34170 <description> 34171 Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via JavaScript code containing a large RegExp expression. 34172 </description> 34173 </metadata> 34174 <!-- d38a557341c2b284b12c5c1e21800a6d --> 34175 <criteria operator="AND"> 34176 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34177 <criteria operator="OR"> 34178 <criterion test_ref="oval:org.opensuse.security:tst:2009071938" comment="mozilla-nss-32bit less than 3.13.1-0.5.1"/> 34179 <criterion test_ref="oval:org.opensuse.security:tst:2009071939" comment="mozilla-nss-devel less than 3.13.1-0.5.1"/> 34180 <criterion test_ref="oval:org.opensuse.security:tst:2009071940" comment="mozilla-nss-tools less than 3.13.1-0.5.1"/> 34181 <criterion test_ref="oval:org.opensuse.security:tst:2009071941" comment="mozilla-nss less than 3.13.1-0.5.1"/> 34182 </criteria> 34183 </criteria> 34184 </definition> 34185 <definition id="oval:org.opensuse.security:def:20112999" version="1" class="vulnerability"> 34186 <metadata> 34187 <title>CVE-2011-2999</title> 34188 <affected family="unix"> 34189 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34190 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34191 </affected> 34192 <reference ref_id="CVE-2011-2999" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2999" source="CVE"/> 34193 <description> 34194 Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle "location" as the name of a frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, a different vulnerability than CVE-2010-0170. 34195 </description> 34196 </metadata> 34197 <criteria operator="OR"> 34198 <!-- 8026ac2197f43942ee30e9d32864f793 --> 34199 <criteria operator="AND"> 34200 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34201 <criteria operator="OR"> 34202 <criterion test_ref="oval:org.opensuse.security:tst:2009070820" comment="MozillaFirefox-translations less than 3.6.23-0.5.1"/> 34203 <criterion test_ref="oval:org.opensuse.security:tst:2009070821" comment="MozillaFirefox less than 3.6.23-0.5.1"/> 34204 <criterion test_ref="oval:org.opensuse.security:tst:2009070822" comment="mozilla-xulrunner192-32bit less than 1.9.2.23-1.6.1"/> 34205 <criterion test_ref="oval:org.opensuse.security:tst:2009070823" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.23-1.6.1"/> 34206 <criterion test_ref="oval:org.opensuse.security:tst:2009070824" comment="mozilla-xulrunner192-gnome less than 1.9.2.23-1.6.1"/> 34207 <criterion test_ref="oval:org.opensuse.security:tst:2009070825" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.23-1.6.1"/> 34208 <criterion test_ref="oval:org.opensuse.security:tst:2009070826" comment="mozilla-xulrunner192-translations less than 1.9.2.23-1.6.1"/> 34209 <criterion test_ref="oval:org.opensuse.security:tst:2009070827" comment="mozilla-xulrunner192 less than 1.9.2.23-1.6.1"/> 34210 </criteria> 34211 </criteria> 34212 <!-- d38a557341c2b284b12c5c1e21800a6d --> 34213 <criteria operator="AND"> 34214 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34215 <criteria operator="OR"> 34216 <criterion test_ref="oval:org.opensuse.security:tst:2009071938" comment="mozilla-nss-32bit less than 3.13.1-0.5.1"/> 34217 <criterion test_ref="oval:org.opensuse.security:tst:2009071939" comment="mozilla-nss-devel less than 3.13.1-0.5.1"/> 34218 <criterion test_ref="oval:org.opensuse.security:tst:2009071940" comment="mozilla-nss-tools less than 3.13.1-0.5.1"/> 34219 <criterion test_ref="oval:org.opensuse.security:tst:2009071941" comment="mozilla-nss less than 3.13.1-0.5.1"/> 34220 </criteria> 34221 </criteria> 34222 </criteria> 34223 </definition> 34224 <definition id="oval:org.opensuse.security:def:20113000" version="1" class="vulnerability"> 34225 <metadata> 34226 <title>CVE-2011-3000</title> 34227 <affected family="unix"> 34228 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34229 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34230 </affected> 34231 <reference ref_id="CVE-2011-3000" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3000" source="CVE"/> 34232 <description> 34233 Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values. 34234 </description> 34235 </metadata> 34236 <criteria operator="OR"> 34237 <!-- 8026ac2197f43942ee30e9d32864f793 --> 34238 <criteria operator="AND"> 34239 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34240 <criteria operator="OR"> 34241 <criterion test_ref="oval:org.opensuse.security:tst:2009070820" comment="MozillaFirefox-translations less than 3.6.23-0.5.1"/> 34242 <criterion test_ref="oval:org.opensuse.security:tst:2009070821" comment="MozillaFirefox less than 3.6.23-0.5.1"/> 34243 <criterion test_ref="oval:org.opensuse.security:tst:2009070822" comment="mozilla-xulrunner192-32bit less than 1.9.2.23-1.6.1"/> 34244 <criterion test_ref="oval:org.opensuse.security:tst:2009070823" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.23-1.6.1"/> 34245 <criterion test_ref="oval:org.opensuse.security:tst:2009070824" comment="mozilla-xulrunner192-gnome less than 1.9.2.23-1.6.1"/> 34246 <criterion test_ref="oval:org.opensuse.security:tst:2009070825" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.23-1.6.1"/> 34247 <criterion test_ref="oval:org.opensuse.security:tst:2009070826" comment="mozilla-xulrunner192-translations less than 1.9.2.23-1.6.1"/> 34248 <criterion test_ref="oval:org.opensuse.security:tst:2009070827" comment="mozilla-xulrunner192 less than 1.9.2.23-1.6.1"/> 34249 </criteria> 34250 </criteria> 34251 <!-- d38a557341c2b284b12c5c1e21800a6d --> 34252 <criteria operator="AND"> 34253 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34254 <criteria operator="OR"> 34255 <criterion test_ref="oval:org.opensuse.security:tst:2009071938" comment="mozilla-nss-32bit less than 3.13.1-0.5.1"/> 34256 <criterion test_ref="oval:org.opensuse.security:tst:2009071939" comment="mozilla-nss-devel less than 3.13.1-0.5.1"/> 34257 <criterion test_ref="oval:org.opensuse.security:tst:2009071940" comment="mozilla-nss-tools less than 3.13.1-0.5.1"/> 34258 <criterion test_ref="oval:org.opensuse.security:tst:2009071941" comment="mozilla-nss less than 3.13.1-0.5.1"/> 34259 </criteria> 34260 </criteria> 34261 </criteria> 34262 </definition> 34263 <definition id="oval:org.opensuse.security:def:20113001" version="1" class="vulnerability"> 34264 <metadata> 34265 <title>CVE-2011-3001</title> 34266 <affected family="unix"> 34267 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34268 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34269 </affected> 34270 <reference ref_id="CVE-2011-3001" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3001" source="CVE"/> 34271 <description> 34272 Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent manual add-on installation in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that triggers an unspecified internal error. 34273 </description> 34274 </metadata> 34275 <!-- d38a557341c2b284b12c5c1e21800a6d --> 34276 <criteria operator="AND"> 34277 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34278 <criteria operator="OR"> 34279 <criterion test_ref="oval:org.opensuse.security:tst:2009071938" comment="mozilla-nss-32bit less than 3.13.1-0.5.1"/> 34280 <criterion test_ref="oval:org.opensuse.security:tst:2009071939" comment="mozilla-nss-devel less than 3.13.1-0.5.1"/> 34281 <criterion test_ref="oval:org.opensuse.security:tst:2009071940" comment="mozilla-nss-tools less than 3.13.1-0.5.1"/> 34282 <criterion test_ref="oval:org.opensuse.security:tst:2009071941" comment="mozilla-nss less than 3.13.1-0.5.1"/> 34283 </criteria> 34284 </criteria> 34285 </definition> 34286 <definition id="oval:org.opensuse.security:def:20113026" version="1" class="vulnerability"> 34287 <metadata> 34288 <title>CVE-2011-3026</title> 34289 <affected family="unix"> 34290 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34291 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34292 </affected> 34293 <reference ref_id="CVE-2011-3026" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026" source="CVE"/> 34294 <description> 34295 Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. 34296 </description> 34297 </metadata> 34298 <criteria operator="OR"> 34299 <!-- 2690ba40942c362f70510de200d29b85 --> 34300 <criteria operator="AND"> 34301 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34302 <criteria operator="OR"> 34303 <criterion test_ref="oval:org.opensuse.security:tst:2009073133" comment="libpng-32bit less than 1.2.8-19.33.7"/> 34304 <criterion test_ref="oval:org.opensuse.security:tst:2009073134" comment="libpng-devel-32bit less than 1.2.8-19.33.7"/> 34305 <criterion test_ref="oval:org.opensuse.security:tst:2009073135" comment="libpng-devel less than 1.2.8-19.33.7"/> 34306 <criterion test_ref="oval:org.opensuse.security:tst:2009073136" comment="libpng less than 1.2.8-19.33.7"/> 34307 </criteria> 34308 </criteria> 34309 <!-- 2c23debb2e4e3a09d318252e02175814 --> 34310 <criteria operator="AND"> 34311 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34312 <criteria operator="OR"> 34313 <criterion test_ref="oval:org.opensuse.security:tst:2009073034" comment="MozillaFirefox-translations less than 3.6.27-0.5.4"/> 34314 <criterion test_ref="oval:org.opensuse.security:tst:2009073035" comment="MozillaFirefox less than 3.6.27-0.5.4"/> 34315 <criterion test_ref="oval:org.opensuse.security:tst:2009073036" comment="mozilla-xulrunner192-32bit less than 1.9.2.27-0.5.6"/> 34316 <criterion test_ref="oval:org.opensuse.security:tst:2009073037" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.27-0.5.6"/> 34317 <criterion test_ref="oval:org.opensuse.security:tst:2009073038" comment="mozilla-xulrunner192-gnome less than 1.9.2.27-0.5.6"/> 34318 <criterion test_ref="oval:org.opensuse.security:tst:2009073039" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.27-0.5.6"/> 34319 <criterion test_ref="oval:org.opensuse.security:tst:2009073040" comment="mozilla-xulrunner192-translations less than 1.9.2.27-0.5.6"/> 34320 <criterion test_ref="oval:org.opensuse.security:tst:2009073041" comment="mozilla-xulrunner192 less than 1.9.2.27-0.5.6"/> 34321 </criteria> 34322 </criteria> 34323 </criteria> 34324 </definition> 34325 <definition id="oval:org.opensuse.security:def:20113048" version="1" class="vulnerability"> 34326 <metadata> 34327 <title>CVE-2011-3048</title> 34328 <affected family="unix"> 34329 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34330 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34331 </affected> 34332 <reference ref_id="CVE-2011-3048" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3048" source="CVE"/> 34333 <description> 34334 The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow. 34335 </description> 34336 </metadata> 34337 <!-- 62fa6d82a602002d1a921c7a7707c533 --> 34338 <criteria operator="AND"> 34339 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34340 <criteria operator="OR"> 34341 <criterion test_ref="oval:org.opensuse.security:tst:2009074568" comment="libpng-32bit less than 1.2.8-19.35.4"/> 34342 <criterion test_ref="oval:org.opensuse.security:tst:2009074569" comment="libpng-devel-32bit less than 1.2.8-19.35.4"/> 34343 <criterion test_ref="oval:org.opensuse.security:tst:2009074570" comment="libpng-devel less than 1.2.8-19.35.4"/> 34344 <criterion test_ref="oval:org.opensuse.security:tst:2009074571" comment="libpng less than 1.2.8-19.35.4"/> 34345 </criteria> 34346 </criteria> 34347 </definition> 34348 <definition id="oval:org.opensuse.security:def:20113062" version="1" class="vulnerability"> 34349 <metadata> 34350 <title>CVE-2011-3062</title> 34351 <affected family="unix"> 34352 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34353 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34354 </affected> 34355 <reference ref_id="CVE-2011-3062" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3062" source="CVE"/> 34356 <description> 34357 Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file. 34358 </description> 34359 </metadata> 34360 <!-- f83092661fed82089220795937f323d2 --> 34361 <criteria operator="AND"> 34362 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34363 <criteria operator="OR"> 34364 <criterion test_ref="oval:org.opensuse.security:tst:2009074355" comment="MozillaFirefox-branding-SLED less than 7-0.8.12"/> 34365 <criterion test_ref="oval:org.opensuse.security:tst:2009074356" comment="MozillaFirefox-translations less than 10.0.4-0.7.6"/> 34366 <criterion test_ref="oval:org.opensuse.security:tst:2009074357" comment="MozillaFirefox less than 10.0.4-0.7.6"/> 34367 <criterion test_ref="oval:org.opensuse.security:tst:2009074358" comment="beagle-evolution less than 0.2.18-78.13.1.102"/> 34368 <criterion test_ref="oval:org.opensuse.security:tst:2009074359" comment="beagle-firefox less than 0.2.18-78.13.1.102"/> 34369 <criterion test_ref="oval:org.opensuse.security:tst:2009074360" comment="beagle-gui less than 0.2.18-78.13.1.102"/> 34370 <criterion test_ref="oval:org.opensuse.security:tst:2009074361" comment="beagle less than 0.2.18-78.13.1.102"/> 34371 <criterion test_ref="oval:org.opensuse.security:tst:2009074362" comment="firefox3-gtk2-32bit less than 2.10.6-0.10.1"/> 34372 <criterion test_ref="oval:org.opensuse.security:tst:2009074363" comment="firefox3-gtk2 less than 2.10.6-0.10.1"/> 34373 <criterion test_ref="oval:org.opensuse.security:tst:2009074364" comment="mhtml-firefox less than 0.5-1.11.5"/> 34374 <criterion test_ref="oval:org.opensuse.security:tst:2009074365" comment="mozilla-nss-32bit less than 3.13.4-0.5.5"/> 34375 <criterion test_ref="oval:org.opensuse.security:tst:2009074366" comment="mozilla-nss-devel less than 3.13.4-0.5.5"/> 34376 <criterion test_ref="oval:org.opensuse.security:tst:2009074367" comment="mozilla-nss-tools less than 3.13.4-0.5.5"/> 34377 <criterion test_ref="oval:org.opensuse.security:tst:2009074368" comment="mozilla-nss less than 3.13.4-0.5.5"/> 34378 </criteria> 34379 </criteria> 34380 </definition> 34381 <definition id="oval:org.opensuse.security:def:20113101" version="1" class="vulnerability"> 34382 <metadata> 34383 <title>CVE-2011-3101</title> 34384 <affected family="unix"> 34385 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34386 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34387 </affected> 34388 <reference ref_id="CVE-2011-3101" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3101" source="CVE"/> 34389 <description> 34390 Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVIDIA driver, which has unknown impact and attack vectors. NOTE: see CVE-2012-3105 for the related MFSA 2012-34 issue in Mozilla products. 34391 </description> 34392 </metadata> 34393 <!-- 17a6ba181710949a9ded0279ec9b1ffb --> 34394 <criteria operator="AND"> 34395 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34396 <criteria operator="OR"> 34397 <criterion test_ref="oval:org.opensuse.security:tst:2009074645" comment="MozillaFirefox-translations less than 10.0.5-0.8.4"/> 34398 <criterion test_ref="oval:org.opensuse.security:tst:2009074646" comment="MozillaFirefox less than 10.0.5-0.8.4"/> 34399 <criterion test_ref="oval:org.opensuse.security:tst:2009074647" comment="mozilla-nspr-32bit less than 4.9.1-0.8.1"/> 34400 <criterion test_ref="oval:org.opensuse.security:tst:2009074648" comment="mozilla-nspr-devel less than 4.9.1-0.8.1"/> 34401 <criterion test_ref="oval:org.opensuse.security:tst:2009074649" comment="mozilla-nspr less than 4.9.1-0.8.1"/> 34402 <criterion test_ref="oval:org.opensuse.security:tst:2009074650" comment="mozilla-nss-32bit less than 3.13.5-0.7.2"/> 34403 <criterion test_ref="oval:org.opensuse.security:tst:2009074651" comment="mozilla-nss-devel less than 3.13.5-0.7.2"/> 34404 <criterion test_ref="oval:org.opensuse.security:tst:2009074652" comment="mozilla-nss-tools less than 3.13.5-0.7.2"/> 34405 <criterion test_ref="oval:org.opensuse.security:tst:2009074653" comment="mozilla-nss less than 3.13.5-0.7.2"/> 34406 </criteria> 34407 </criteria> 34408 </definition> 34409 <definition id="oval:org.opensuse.security:def:20113102" version="1" class="vulnerability"> 34410 <metadata> 34411 <title>CVE-2011-3102</title> 34412 <affected family="unix"> 34413 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34414 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34415 </affected> 34416 <reference ref_id="CVE-2011-3102" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3102" source="CVE"/> 34417 <description> 34418 Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. 34419 </description> 34420 </metadata> 34421 <!-- 7b174cf04bc60f0775dbbdbb0c987eb1 --> 34422 <criteria operator="AND"> 34423 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34424 <criteria operator="OR"> 34425 <criterion test_ref="oval:org.opensuse.security:tst:2009074776" comment="libxml2-32bit less than 2.6.23-15.31.4"/> 34426 <criterion test_ref="oval:org.opensuse.security:tst:2009074777" comment="libxml2-devel-32bit less than 2.6.23-15.31.4"/> 34427 <criterion test_ref="oval:org.opensuse.security:tst:2009074778" comment="libxml2-devel less than 2.6.23-15.31.4"/> 34428 <criterion test_ref="oval:org.opensuse.security:tst:2009074779" comment="libxml2 less than 2.6.23-15.31.4"/> 34429 </criteria> 34430 </criteria> 34431 </definition> 34432 <definition id="oval:org.opensuse.security:def:20113131" version="1" class="vulnerability"> 34433 <metadata> 34434 <title>CVE-2011-3131</title> 34435 <affected family="unix"> 34436 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34437 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34438 </affected> 34439 <reference ref_id="CVE-2011-3131" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3131" source="CVE"/> 34440 <description> 34441 Xen 4.1.1 and earlier allows local guest OS kernels with control of a PCI[E] device to cause a denial of service (CPU consumption and host hang) via many crafted DMA requests that are denied by the IOMMU, which triggers a livelock. 34442 </description> 34443 </metadata> 34444 <!-- 1a3d8df4480b5a9e000bc582606a1bae --> 34445 <criteria operator="AND"> 34446 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34447 <criteria operator="OR"> 34448 <criterion test_ref="oval:org.opensuse.security:tst:2009070195" comment="xen-devel less than 3.2.3_17040_37-0.9.1"/> 34449 <criterion test_ref="oval:org.opensuse.security:tst:2009070196" comment="xen-doc-html less than 3.2.3_17040_37-0.9.1"/> 34450 <criterion test_ref="oval:org.opensuse.security:tst:2009070197" comment="xen-doc-pdf less than 3.2.3_17040_37-0.9.1"/> 34451 <criterion test_ref="oval:org.opensuse.security:tst:2009070198" comment="xen-doc-ps less than 3.2.3_17040_37-0.9.1"/> 34452 <criterion test_ref="oval:org.opensuse.security:tst:2009070199" comment="xen-kmp-bigsmp less than 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1"/> 34453 <criterion test_ref="oval:org.opensuse.security:tst:2009070200" comment="xen-kmp-default less than 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1"/> 34454 <criterion test_ref="oval:org.opensuse.security:tst:2009070201" comment="xen-kmp-smp less than 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1"/> 34455 <criterion test_ref="oval:org.opensuse.security:tst:2009070202" comment="xen-libs-32bit less than 3.2.3_17040_37-0.9.1"/> 34456 <criterion test_ref="oval:org.opensuse.security:tst:2009070203" comment="xen-libs less than 3.2.3_17040_37-0.9.1"/> 34457 <criterion test_ref="oval:org.opensuse.security:tst:2009070204" comment="xen-tools-domU less than 3.2.3_17040_37-0.9.1"/> 34458 <criterion test_ref="oval:org.opensuse.security:tst:2009070205" comment="xen-tools-ioemu less than 3.2.3_17040_37-0.9.1"/> 34459 <criterion test_ref="oval:org.opensuse.security:tst:2009070206" comment="xen-tools less than 3.2.3_17040_37-0.9.1"/> 34460 <criterion test_ref="oval:org.opensuse.security:tst:2009070207" comment="xen less than 3.2.3_17040_37-0.9.1"/> 34461 </criteria> 34462 </criteria> 34463 </definition> 34464 <definition id="oval:org.opensuse.security:def:20113148" version="1" class="vulnerability"> 34465 <metadata> 34466 <title>CVE-2011-3148</title> 34467 <affected family="unix"> 34468 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34469 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34470 </affected> 34471 <reference ref_id="CVE-2011-3148" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3148" source="CVE"/> 34472 <description> 34473 Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file. 34474 </description> 34475 </metadata> 34476 <!-- ba74f77a051fc5825c4e8658b8fadde6 --> 34477 <criteria operator="AND"> 34478 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34479 <criteria operator="OR"> 34480 <criterion test_ref="oval:org.opensuse.security:tst:2009071652" comment="pam-32bit less than 0.99.6.3-28.25.4"/> 34481 <criterion test_ref="oval:org.opensuse.security:tst:2009071653" comment="pam-devel less than 0.99.6.3-28.25.4"/> 34482 <criterion test_ref="oval:org.opensuse.security:tst:2009071654" comment="pam less than 0.99.6.3-28.25.4"/> 34483 </criteria> 34484 </criteria> 34485 </definition> 34486 <definition id="oval:org.opensuse.security:def:20113149" version="1" class="vulnerability"> 34487 <metadata> 34488 <title>CVE-2011-3149</title> 34489 <affected family="unix"> 34490 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34491 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34492 </affected> 34493 <reference ref_id="CVE-2011-3149" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3149" source="CVE"/> 34494 <description> 34495 The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption). 34496 </description> 34497 </metadata> 34498 <!-- ba74f77a051fc5825c4e8658b8fadde6 --> 34499 <criteria operator="AND"> 34500 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34501 <criteria operator="OR"> 34502 <criterion test_ref="oval:org.opensuse.security:tst:2009071652" comment="pam-32bit less than 0.99.6.3-28.25.4"/> 34503 <criterion test_ref="oval:org.opensuse.security:tst:2009071653" comment="pam-devel less than 0.99.6.3-28.25.4"/> 34504 <criterion test_ref="oval:org.opensuse.security:tst:2009071654" comment="pam less than 0.99.6.3-28.25.4"/> 34505 </criteria> 34506 </criteria> 34507 </definition> 34508 <definition id="oval:org.opensuse.security:def:20113170" version="1" class="vulnerability"> 34509 <metadata> 34510 <title>CVE-2011-3170</title> 34511 <affected family="unix"> 34512 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34513 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34514 </affected> 34515 <reference ref_id="CVE-2011-3170" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3170" source="CVE"/> 34516 <description> 34517 The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896. 34518 </description> 34519 </metadata> 34520 <!-- 58f92f1602b118d40cc39ae74d76028f --> 34521 <criteria operator="AND"> 34522 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34523 <criteria operator="OR"> 34524 <criterion test_ref="oval:org.opensuse.security:tst:2009071180" comment="cups-client less than 1.1.23-40.62.1"/> 34525 <criterion test_ref="oval:org.opensuse.security:tst:2009071181" comment="cups-devel less than 1.1.23-40.62.1"/> 34526 <criterion test_ref="oval:org.opensuse.security:tst:2009071182" comment="cups-libs-32bit less than 1.1.23-40.62.1"/> 34527 <criterion test_ref="oval:org.opensuse.security:tst:2009071183" comment="cups-libs less than 1.1.23-40.62.1"/> 34528 <criterion test_ref="oval:org.opensuse.security:tst:2009071184" comment="cups less than 1.1.23-40.62.1"/> 34529 </criteria> 34530 </criteria> 34531 </definition> 34532 <definition id="oval:org.opensuse.security:def:20113171" version="1" class="vulnerability"> 34533 <metadata> 34534 <title>CVE-2011-3171</title> 34535 <affected family="unix"> 34536 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34537 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34538 </affected> 34539 <reference ref_id="CVE-2011-3171" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3171" source="CVE"/> 34540 <description> 34541 Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Server and possibly other operating systems, when the Netware OES remote server feature is enabled, allows local users to overwrite arbitrary files via unknown vectors. 34542 </description> 34543 </metadata> 34544 <!-- 9a99a741b9d38804b2622f8b9adfa22a --> 34545 <criteria operator="AND"> 34546 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34547 <criterion test_ref="oval:org.opensuse.security:tst:2009070531" comment="pure-ftpd less than 1.0.22-0.26.1"/> 34548 </criteria> 34549 </definition> 34550 <definition id="oval:org.opensuse.security:def:20113191" version="1" class="vulnerability"> 34551 <metadata> 34552 <title>CVE-2011-3191</title> 34553 <affected family="unix"> 34554 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34555 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34556 </affected> 34557 <reference ref_id="CVE-2011-3191" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3191" source="CVE"/> 34558 <description> 34559 Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory. 34560 </description> 34561 </metadata> 34562 <criteria operator="OR"> 34563 <!-- 6253a90635c740c154fb5e3cc64612f2 --> 34564 <criteria operator="AND"> 34565 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34566 <criteria operator="OR"> 34567 <criterion test_ref="oval:org.opensuse.security:tst:2009071616" comment="kernel-bigsmp less than 2.6.16.60-0.91.1"/> 34568 <criterion test_ref="oval:org.opensuse.security:tst:2009071613" comment="kernel-default less than 2.6.16.60-0.91.1"/> 34569 <criterion test_ref="oval:org.opensuse.security:tst:2009071617" comment="kernel-smp less than 2.6.16.60-0.91.1"/> 34570 <criterion test_ref="oval:org.opensuse.security:tst:2009071614" comment="kernel-source less than 2.6.16.60-0.91.1"/> 34571 <criterion test_ref="oval:org.opensuse.security:tst:2009071615" comment="kernel-syms less than 2.6.16.60-0.91.1"/> 34572 <criterion test_ref="oval:org.opensuse.security:tst:2009071618" comment="kernel-xen less than 2.6.16.60-0.91.1"/> 34573 <criterion test_ref="oval:org.opensuse.security:tst:2009071619" comment="kernel-xenpae less than 2.6.16.60-0.91.1"/> 34574 </criteria> 34575 </criteria> 34576 <!-- be6b41cc85222e68513448b61b7af786 --> 34577 <criteria operator="AND"> 34578 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34579 <criteria operator="OR"> 34580 <criterion test_ref="oval:org.opensuse.security:tst:2009071613" comment="kernel-default less than 2.6.16.60-0.91.1"/> 34581 <criterion test_ref="oval:org.opensuse.security:tst:2009071617" comment="kernel-smp less than 2.6.16.60-0.91.1"/> 34582 <criterion test_ref="oval:org.opensuse.security:tst:2009071614" comment="kernel-source less than 2.6.16.60-0.91.1"/> 34583 <criterion test_ref="oval:org.opensuse.security:tst:2009071615" comment="kernel-syms less than 2.6.16.60-0.91.1"/> 34584 <criterion test_ref="oval:org.opensuse.security:tst:2009071618" comment="kernel-xen less than 2.6.16.60-0.91.1"/> 34585 </criteria> 34586 </criteria> 34587 </criteria> 34588 </definition> 34589 <definition id="oval:org.opensuse.security:def:20113209" version="1" class="vulnerability"> 34590 <metadata> 34591 <title>CVE-2011-3209</title> 34592 <affected family="unix"> 34593 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34594 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34595 </affected> 34596 <reference ref_id="CVE-2011-3209" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3209" source="CVE"/> 34597 <description> 34598 The div_long_long_rem implementation in include/asm-x86/div64.h in the Linux kernel before 2.6.26 on the x86 platform allows local users to cause a denial of service (Divide Error Fault and panic) via a clock_gettime system call. 34599 </description> 34600 </metadata> 34601 <criteria operator="OR"> 34602 <!-- 04c790b378855fb45cf8fbe69ba4bbc1 --> 34603 <criteria operator="AND"> 34604 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34605 <criteria operator="OR"> 34606 <criterion test_ref="oval:org.opensuse.security:tst:2009072709" comment="kernel-bigsmp less than 2.6.16.60-0.93.1"/> 34607 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 34608 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 34609 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 34610 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 34611 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 34612 <criterion test_ref="oval:org.opensuse.security:tst:2009072715" comment="kernel-xenpae less than 2.6.16.60-0.93.1"/> 34613 </criteria> 34614 </criteria> 34615 <!-- 2a3c70bd23d91ad0dd11094f7e71f27a --> 34616 <criteria operator="AND"> 34617 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34618 <criteria operator="OR"> 34619 <criterion test_ref="oval:org.opensuse.security:tst:2009072710" comment="kernel-default less than 2.6.16.60-0.93.1"/> 34620 <criterion test_ref="oval:org.opensuse.security:tst:2009072711" comment="kernel-smp less than 2.6.16.60-0.93.1"/> 34621 <criterion test_ref="oval:org.opensuse.security:tst:2009072712" comment="kernel-source less than 2.6.16.60-0.93.1"/> 34622 <criterion test_ref="oval:org.opensuse.security:tst:2009072713" comment="kernel-syms less than 2.6.16.60-0.93.1"/> 34623 <criterion test_ref="oval:org.opensuse.security:tst:2009072714" comment="kernel-xen less than 2.6.16.60-0.93.1"/> 34624 </criteria> 34625 </criteria> 34626 </criteria> 34627 </definition> 34628 <definition id="oval:org.opensuse.security:def:20113210" version="1" class="vulnerability"> 34629 <metadata> 34630 <title>CVE-2011-3210</title> 34631 <affected family="unix"> 34632 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34633 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34634 </affected> 34635 <reference ref_id="CVE-2011-3210" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3210" source="CVE"/> 34636 <description> 34637 The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote attackers to cause a denial of service (daemon crash) via out-of-order messages that violate the TLS protocol. 34638 </description> 34639 </metadata> 34640 <!-- 95241db7d2f893a33f49b39d32a6f403 --> 34641 <criteria operator="AND"> 34642 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34643 <criteria operator="OR"> 34644 <criterion test_ref="oval:org.opensuse.security:tst:2009071484" comment="openssl-32bit less than 0.9.8a-18.54.1"/> 34645 <criterion test_ref="oval:org.opensuse.security:tst:2009071485" comment="openssl-devel-32bit less than 0.9.8a-18.54.1"/> 34646 <criterion test_ref="oval:org.opensuse.security:tst:2009071486" comment="openssl-devel less than 0.9.8a-18.54.1"/> 34647 <criterion test_ref="oval:org.opensuse.security:tst:2009071487" comment="openssl less than 0.9.8a-18.54.1"/> 34648 </criteria> 34649 </criteria> 34650 </definition> 34651 <definition id="oval:org.opensuse.security:def:20113256" version="1" class="vulnerability"> 34652 <metadata> 34653 <title>CVE-2011-3256</title> 34654 <affected family="unix"> 34655 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34656 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34657 </affected> 34658 <reference ref_id="CVE-2011-3256" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3256" source="CVE"/> 34659 <description> 34660 FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font, a different vulnerability than CVE-2011-0226. 34661 </description> 34662 </metadata> 34663 <!-- 7e775f10b0282368905503b130ebadf9 --> 34664 <criteria operator="AND"> 34665 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34666 <criteria operator="OR"> 34667 <criterion test_ref="oval:org.opensuse.security:tst:2009072149" comment="freetype2-32bit less than 2.1.10-18.27.5"/> 34668 <criterion test_ref="oval:org.opensuse.security:tst:2009072150" comment="freetype2-devel-32bit less than 2.1.10-18.27.5"/> 34669 <criterion test_ref="oval:org.opensuse.security:tst:2009072151" comment="freetype2-devel less than 2.1.10-18.27.5"/> 34670 <criterion test_ref="oval:org.opensuse.security:tst:2009072152" comment="freetype2 less than 2.1.10-18.27.5"/> 34671 </criteria> 34672 </criteria> 34673 </definition> 34674 <definition id="oval:org.opensuse.security:def:20113266" version="1" class="vulnerability"> 34675 <metadata> 34676 <title>CVE-2011-3266</title> 34677 <affected family="unix"> 34678 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34679 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34680 </affected> 34681 <reference ref_id="CVE-2011-3266" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3266" source="CVE"/> 34682 <description> 34683 The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree. 34684 </description> 34685 </metadata> 34686 <criteria operator="OR"> 34687 <!-- 566da20a8a85d82c440c7080cf808642 --> 34688 <criteria operator="AND"> 34689 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34690 <criterion test_ref="oval:org.opensuse.security:tst:2009071945" comment="wireshark less than 1.4.10-0.40.1"/> 34691 </criteria> 34692 <!-- cf5c1e76f2a91730535608d0e7a92adc --> 34693 <criteria operator="AND"> 34694 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34695 <criterion test_ref="oval:org.opensuse.security:tst:2009071189" comment="wireshark less than 1.4.4-0.41.1"/> 34696 </criteria> 34697 </criteria> 34698 </definition> 34699 <definition id="oval:org.opensuse.security:def:20113360" version="1" class="vulnerability"> 34700 <metadata> 34701 <title>CVE-2011-3360</title> 34702 <affected family="unix"> 34703 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34704 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34705 </affected> 34706 <reference ref_id="CVE-2011-3360" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3360" source="CVE"/> 34707 <description> 34708 Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory. 34709 </description> 34710 </metadata> 34711 <!-- cf5c1e76f2a91730535608d0e7a92adc --> 34712 <criteria operator="AND"> 34713 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34714 <criterion test_ref="oval:org.opensuse.security:tst:2009071189" comment="wireshark less than 1.4.4-0.41.1"/> 34715 </criteria> 34716 </definition> 34717 <definition id="oval:org.opensuse.security:def:20113363" version="1" class="vulnerability"> 34718 <metadata> 34719 <title>CVE-2011-3363</title> 34720 <affected family="unix"> 34721 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34722 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34723 </affected> 34724 <reference ref_id="CVE-2011-3363" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3363" source="CVE"/> 34725 <description> 34726 The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referrals, which allows remote CIFS servers to cause a denial of service (system crash) by placing a referral at the root of a share. 34727 </description> 34728 </metadata> 34729 <criteria operator="OR"> 34730 <!-- 6253a90635c740c154fb5e3cc64612f2 --> 34731 <criteria operator="AND"> 34732 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34733 <criteria operator="OR"> 34734 <criterion test_ref="oval:org.opensuse.security:tst:2009071616" comment="kernel-bigsmp less than 2.6.16.60-0.91.1"/> 34735 <criterion test_ref="oval:org.opensuse.security:tst:2009071613" comment="kernel-default less than 2.6.16.60-0.91.1"/> 34736 <criterion test_ref="oval:org.opensuse.security:tst:2009071617" comment="kernel-smp less than 2.6.16.60-0.91.1"/> 34737 <criterion test_ref="oval:org.opensuse.security:tst:2009071614" comment="kernel-source less than 2.6.16.60-0.91.1"/> 34738 <criterion test_ref="oval:org.opensuse.security:tst:2009071615" comment="kernel-syms less than 2.6.16.60-0.91.1"/> 34739 <criterion test_ref="oval:org.opensuse.security:tst:2009071618" comment="kernel-xen less than 2.6.16.60-0.91.1"/> 34740 <criterion test_ref="oval:org.opensuse.security:tst:2009071619" comment="kernel-xenpae less than 2.6.16.60-0.91.1"/> 34741 </criteria> 34742 </criteria> 34743 <!-- be6b41cc85222e68513448b61b7af786 --> 34744 <criteria operator="AND"> 34745 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34746 <criteria operator="OR"> 34747 <criterion test_ref="oval:org.opensuse.security:tst:2009071613" comment="kernel-default less than 2.6.16.60-0.91.1"/> 34748 <criterion test_ref="oval:org.opensuse.security:tst:2009071617" comment="kernel-smp less than 2.6.16.60-0.91.1"/> 34749 <criterion test_ref="oval:org.opensuse.security:tst:2009071614" comment="kernel-source less than 2.6.16.60-0.91.1"/> 34750 <criterion test_ref="oval:org.opensuse.security:tst:2009071615" comment="kernel-syms less than 2.6.16.60-0.91.1"/> 34751 <criterion test_ref="oval:org.opensuse.security:tst:2009071618" comment="kernel-xen less than 2.6.16.60-0.91.1"/> 34752 </criteria> 34753 </criteria> 34754 </criteria> 34755 </definition> 34756 <definition id="oval:org.opensuse.security:def:20113378" version="1" class="vulnerability"> 34757 <metadata> 34758 <title>CVE-2011-3378</title> 34759 <affected family="unix"> 34760 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34761 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34762 </affected> 34763 <reference ref_id="CVE-2011-3378" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3378" source="CVE"/> 34764 <description> 34765 RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a package is queried or installed, related to (1) the regionSwab function, (2) the headerLoad function, and (3) multiple functions in rpmio/rpmpgp.c. 34766 </description> 34767 </metadata> 34768 <!-- 66be1106fa91062647ce6393c302fb4f --> 34769 <criteria operator="AND"> 34770 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34771 <criteria operator="OR"> 34772 <criterion test_ref="oval:org.opensuse.security:tst:2009071683" comment="popt-32bit less than 1.7-271.42.2"/> 34773 <criterion test_ref="oval:org.opensuse.security:tst:2009071684" comment="popt-devel-32bit less than 1.7-271.42.2"/> 34774 <criterion test_ref="oval:org.opensuse.security:tst:2009071685" comment="popt-devel less than 1.7-271.42.2"/> 34775 <criterion test_ref="oval:org.opensuse.security:tst:2009071686" comment="popt less than 1.7-271.42.2"/> 34776 <criterion test_ref="oval:org.opensuse.security:tst:2009071687" comment="rpm-devel less than 4.4.2-43.42.2"/> 34777 <criterion test_ref="oval:org.opensuse.security:tst:2009071688" comment="rpm-python less than 4.4.2-43.42.2"/> 34778 <criterion test_ref="oval:org.opensuse.security:tst:2009071689" comment="rpm less than 4.4.2-43.42.2"/> 34779 </criteria> 34780 </criteria> 34781 </definition> 34782 <definition id="oval:org.opensuse.security:def:20113389" version="1" class="vulnerability"> 34783 <metadata> 34784 <title>CVE-2011-3389</title> 34785 <affected family="unix"> 34786 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34787 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34788 </affected> 34789 <reference ref_id="CVE-2011-3389" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389" source="CVE"/> 34790 <description> 34791 The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack. 34792 </description> 34793 </metadata> 34794 <criteria operator="OR"> 34795 <!-- 37f9fa06a81529e81613e3989bd55358 --> 34796 <criteria operator="AND"> 34797 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34798 <criteria operator="OR"> 34799 <criterion test_ref="oval:org.opensuse.security:tst:2009074166" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.1-0.8.3"/> 34800 <criterion test_ref="oval:org.opensuse.security:tst:2009074167" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.1-0.8.3"/> 34801 <criterion test_ref="oval:org.opensuse.security:tst:2009074168" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.1-0.8.3"/> 34802 <criterion test_ref="oval:org.opensuse.security:tst:2009074169" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.1-0.8.3"/> 34803 <criterion test_ref="oval:org.opensuse.security:tst:2009074170" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.1-0.8.3"/> 34804 <criterion test_ref="oval:org.opensuse.security:tst:2009074171" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.1-0.8.3"/> 34805 <criterion test_ref="oval:org.opensuse.security:tst:2009074172" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.1-0.8.3"/> 34806 <criterion test_ref="oval:org.opensuse.security:tst:2009074173" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.1-0.8.3"/> 34807 <criterion test_ref="oval:org.opensuse.security:tst:2009074174" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.1-0.8.3"/> 34808 <criterion test_ref="oval:org.opensuse.security:tst:2009074175" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.1-0.8.3"/> 34809 <criterion test_ref="oval:org.opensuse.security:tst:2009074176" comment="java-1_5_0-ibm less than 1.5.0_sr13.1-0.8.3"/> 34810 </criteria> 34811 </criteria> 34812 <!-- 8974c7b68cc0e0a4cf5b7453bd266343 --> 34813 <criteria operator="AND"> 34814 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34815 <criteria operator="OR"> 34816 <criterion test_ref="oval:org.opensuse.security:tst:2009072886" comment="curl-32bit less than 7.15.1-19.20.1"/> 34817 <criterion test_ref="oval:org.opensuse.security:tst:2009072887" comment="curl-devel less than 7.15.1-19.20.1"/> 34818 <criterion test_ref="oval:org.opensuse.security:tst:2009072888" comment="curl less than 7.15.1-19.20.1"/> 34819 </criteria> 34820 </criteria> 34821 <!-- 8cae90c294b192a41f5e7816dbad3991 --> 34822 <criteria operator="AND"> 34823 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34824 <criteria operator="OR"> 34825 <criterion test_ref="oval:org.opensuse.security:tst:2009073858" comment="python-32bit less than 2.4.2-18.41.2"/> 34826 <criterion test_ref="oval:org.opensuse.security:tst:2009073859" comment="python-curses less than 2.4.2-18.41.2"/> 34827 <criterion test_ref="oval:org.opensuse.security:tst:2009073860" comment="python-devel less than 2.4.2-18.41.2"/> 34828 <criterion test_ref="oval:org.opensuse.security:tst:2009073861" comment="python-gdbm less than 2.4.2-18.41.2"/> 34829 <criterion test_ref="oval:org.opensuse.security:tst:2009073862" comment="python-tk less than 2.4.2-18.41.2"/> 34830 <criterion test_ref="oval:org.opensuse.security:tst:2009073863" comment="python-xml less than 2.4.2-18.41.2"/> 34831 <criterion test_ref="oval:org.opensuse.security:tst:2009073864" comment="python less than 2.4.2-18.41.2"/> 34832 </criteria> 34833 </criteria> 34834 <!-- d38a557341c2b284b12c5c1e21800a6d --> 34835 <criteria operator="AND"> 34836 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34837 <criteria operator="OR"> 34838 <criterion test_ref="oval:org.opensuse.security:tst:2009071938" comment="mozilla-nss-32bit less than 3.13.1-0.5.1"/> 34839 <criterion test_ref="oval:org.opensuse.security:tst:2009071939" comment="mozilla-nss-devel less than 3.13.1-0.5.1"/> 34840 <criterion test_ref="oval:org.opensuse.security:tst:2009071940" comment="mozilla-nss-tools less than 3.13.1-0.5.1"/> 34841 <criterion test_ref="oval:org.opensuse.security:tst:2009071941" comment="mozilla-nss less than 3.13.1-0.5.1"/> 34842 </criteria> 34843 </criteria> 34844 <!-- e3950ab87a0b449a0d3d8313b4086042 --> 34845 <criteria operator="AND"> 34846 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34847 <criteria operator="OR"> 34848 <criterion test_ref="oval:org.opensuse.security:tst:2009077556" comment="libcurl4-32bit less than 7.19.0-11.6.1"/> 34849 <criterion test_ref="oval:org.opensuse.security:tst:2009077557" comment="libcurl4 less than 7.19.0-11.6.1"/> 34850 </criteria> 34851 </criteria> 34852 </criteria> 34853 </definition> 34854 <definition id="oval:org.opensuse.security:def:20113439" version="1" class="vulnerability"> 34855 <metadata> 34856 <title>CVE-2011-3439</title> 34857 <affected family="unix"> 34858 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34859 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34860 </affected> 34861 <reference ref_id="CVE-2011-3439" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439" source="CVE"/> 34862 <description> 34863 FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document. 34864 </description> 34865 </metadata> 34866 <!-- 7e775f10b0282368905503b130ebadf9 --> 34867 <criteria operator="AND"> 34868 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34869 <criteria operator="OR"> 34870 <criterion test_ref="oval:org.opensuse.security:tst:2009072149" comment="freetype2-32bit less than 2.1.10-18.27.5"/> 34871 <criterion test_ref="oval:org.opensuse.security:tst:2009072150" comment="freetype2-devel-32bit less than 2.1.10-18.27.5"/> 34872 <criterion test_ref="oval:org.opensuse.security:tst:2009072151" comment="freetype2-devel less than 2.1.10-18.27.5"/> 34873 <criterion test_ref="oval:org.opensuse.security:tst:2009072152" comment="freetype2 less than 2.1.10-18.27.5"/> 34874 </criteria> 34875 </criteria> 34876 </definition> 34877 <definition id="oval:org.opensuse.security:def:20113483" version="1" class="vulnerability"> 34878 <metadata> 34879 <title>CVE-2011-3483</title> 34880 <affected family="unix"> 34881 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34882 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34883 </affected> 34884 <reference ref_id="CVE-2011-3483" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3483" source="CVE"/> 34885 <description> 34886 Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a "buffer exception handling vulnerability." 34887 </description> 34888 </metadata> 34889 <!-- cf5c1e76f2a91730535608d0e7a92adc --> 34890 <criteria operator="AND"> 34891 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34892 <criterion test_ref="oval:org.opensuse.security:tst:2009071189" comment="wireshark less than 1.4.4-0.41.1"/> 34893 </criteria> 34894 </definition> 34895 <definition id="oval:org.opensuse.security:def:20113545" version="1" class="vulnerability"> 34896 <metadata> 34897 <title>CVE-2011-3545</title> 34898 <affected family="unix"> 34899 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34900 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34901 </affected> 34902 <reference ref_id="CVE-2011-3545" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3545" source="CVE"/> 34903 <description> 34904 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. 34905 </description> 34906 </metadata> 34907 <!-- f4937ae002dcdee7a337098f0e17f715 --> 34908 <criteria operator="AND"> 34909 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34910 <criteria operator="OR"> 34911 <criterion test_ref="oval:org.opensuse.security:tst:2009072098" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.0-0.5.1"/> 34912 <criterion test_ref="oval:org.opensuse.security:tst:2009072099" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.0-0.5.1"/> 34913 <criterion test_ref="oval:org.opensuse.security:tst:2009072100" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.0-0.5.1"/> 34914 <criterion test_ref="oval:org.opensuse.security:tst:2009072101" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.0-0.5.1"/> 34915 <criterion test_ref="oval:org.opensuse.security:tst:2009072102" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.0-0.5.1"/> 34916 <criterion test_ref="oval:org.opensuse.security:tst:2009072103" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.0-0.5.1"/> 34917 <criterion test_ref="oval:org.opensuse.security:tst:2009072104" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.0-0.5.1"/> 34918 <criterion test_ref="oval:org.opensuse.security:tst:2009072105" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.0-0.5.1"/> 34919 <criterion test_ref="oval:org.opensuse.security:tst:2009072106" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.0-0.5.1"/> 34920 <criterion test_ref="oval:org.opensuse.security:tst:2009072107" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.0-0.5.1"/> 34921 <criterion test_ref="oval:org.opensuse.security:tst:2009072108" comment="java-1_5_0-ibm less than 1.5.0_sr13.0-0.5.1"/> 34922 </criteria> 34923 </criteria> 34924 </definition> 34925 <definition id="oval:org.opensuse.security:def:20113547" version="1" class="vulnerability"> 34926 <metadata> 34927 <title>CVE-2011-3547</title> 34928 <affected family="unix"> 34929 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34930 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34931 </affected> 34932 <reference ref_id="CVE-2011-3547" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3547" source="CVE"/> 34933 <description> 34934 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. 34935 </description> 34936 </metadata> 34937 <!-- f4937ae002dcdee7a337098f0e17f715 --> 34938 <criteria operator="AND"> 34939 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34940 <criteria operator="OR"> 34941 <criterion test_ref="oval:org.opensuse.security:tst:2009072098" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.0-0.5.1"/> 34942 <criterion test_ref="oval:org.opensuse.security:tst:2009072099" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.0-0.5.1"/> 34943 <criterion test_ref="oval:org.opensuse.security:tst:2009072100" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.0-0.5.1"/> 34944 <criterion test_ref="oval:org.opensuse.security:tst:2009072101" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.0-0.5.1"/> 34945 <criterion test_ref="oval:org.opensuse.security:tst:2009072102" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.0-0.5.1"/> 34946 <criterion test_ref="oval:org.opensuse.security:tst:2009072103" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.0-0.5.1"/> 34947 <criterion test_ref="oval:org.opensuse.security:tst:2009072104" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.0-0.5.1"/> 34948 <criterion test_ref="oval:org.opensuse.security:tst:2009072105" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.0-0.5.1"/> 34949 <criterion test_ref="oval:org.opensuse.security:tst:2009072106" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.0-0.5.1"/> 34950 <criterion test_ref="oval:org.opensuse.security:tst:2009072107" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.0-0.5.1"/> 34951 <criterion test_ref="oval:org.opensuse.security:tst:2009072108" comment="java-1_5_0-ibm less than 1.5.0_sr13.0-0.5.1"/> 34952 </criteria> 34953 </criteria> 34954 </definition> 34955 <definition id="oval:org.opensuse.security:def:20113548" version="1" class="vulnerability"> 34956 <metadata> 34957 <title>CVE-2011-3548</title> 34958 <affected family="unix"> 34959 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34960 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34961 </affected> 34962 <reference ref_id="CVE-2011-3548" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3548" source="CVE"/> 34963 <description> 34964 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT. 34965 </description> 34966 </metadata> 34967 <!-- f4937ae002dcdee7a337098f0e17f715 --> 34968 <criteria operator="AND"> 34969 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 34970 <criteria operator="OR"> 34971 <criterion test_ref="oval:org.opensuse.security:tst:2009072098" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.0-0.5.1"/> 34972 <criterion test_ref="oval:org.opensuse.security:tst:2009072099" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.0-0.5.1"/> 34973 <criterion test_ref="oval:org.opensuse.security:tst:2009072100" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.0-0.5.1"/> 34974 <criterion test_ref="oval:org.opensuse.security:tst:2009072101" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.0-0.5.1"/> 34975 <criterion test_ref="oval:org.opensuse.security:tst:2009072102" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.0-0.5.1"/> 34976 <criterion test_ref="oval:org.opensuse.security:tst:2009072103" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.0-0.5.1"/> 34977 <criterion test_ref="oval:org.opensuse.security:tst:2009072104" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.0-0.5.1"/> 34978 <criterion test_ref="oval:org.opensuse.security:tst:2009072105" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.0-0.5.1"/> 34979 <criterion test_ref="oval:org.opensuse.security:tst:2009072106" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.0-0.5.1"/> 34980 <criterion test_ref="oval:org.opensuse.security:tst:2009072107" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.0-0.5.1"/> 34981 <criterion test_ref="oval:org.opensuse.security:tst:2009072108" comment="java-1_5_0-ibm less than 1.5.0_sr13.0-0.5.1"/> 34982 </criteria> 34983 </criteria> 34984 </definition> 34985 <definition id="oval:org.opensuse.security:def:20113549" version="1" class="vulnerability"> 34986 <metadata> 34987 <title>CVE-2011-3549</title> 34988 <affected family="unix"> 34989 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 34990 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 34991 </affected> 34992 <reference ref_id="CVE-2011-3549" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3549" source="CVE"/> 34993 <description> 34994 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. 34995 </description> 34996 </metadata> 34997 <!-- f4937ae002dcdee7a337098f0e17f715 --> 34998 <criteria operator="AND"> 34999 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35000 <criteria operator="OR"> 35001 <criterion test_ref="oval:org.opensuse.security:tst:2009072098" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.0-0.5.1"/> 35002 <criterion test_ref="oval:org.opensuse.security:tst:2009072099" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.0-0.5.1"/> 35003 <criterion test_ref="oval:org.opensuse.security:tst:2009072100" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.0-0.5.1"/> 35004 <criterion test_ref="oval:org.opensuse.security:tst:2009072101" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.0-0.5.1"/> 35005 <criterion test_ref="oval:org.opensuse.security:tst:2009072102" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.0-0.5.1"/> 35006 <criterion test_ref="oval:org.opensuse.security:tst:2009072103" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.0-0.5.1"/> 35007 <criterion test_ref="oval:org.opensuse.security:tst:2009072104" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.0-0.5.1"/> 35008 <criterion test_ref="oval:org.opensuse.security:tst:2009072105" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.0-0.5.1"/> 35009 <criterion test_ref="oval:org.opensuse.security:tst:2009072106" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.0-0.5.1"/> 35010 <criterion test_ref="oval:org.opensuse.security:tst:2009072107" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.0-0.5.1"/> 35011 <criterion test_ref="oval:org.opensuse.security:tst:2009072108" comment="java-1_5_0-ibm less than 1.5.0_sr13.0-0.5.1"/> 35012 </criteria> 35013 </criteria> 35014 </definition> 35015 <definition id="oval:org.opensuse.security:def:20113552" version="1" class="vulnerability"> 35016 <metadata> 35017 <title>CVE-2011-3552</title> 35018 <affected family="unix"> 35019 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35020 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35021 </affected> 35022 <reference ref_id="CVE-2011-3552" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3552" source="CVE"/> 35023 <description> 35024 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote attackers to affect integrity via unknown vectors related to Networking. 35025 </description> 35026 </metadata> 35027 <!-- f4937ae002dcdee7a337098f0e17f715 --> 35028 <criteria operator="AND"> 35029 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35030 <criteria operator="OR"> 35031 <criterion test_ref="oval:org.opensuse.security:tst:2009072098" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.0-0.5.1"/> 35032 <criterion test_ref="oval:org.opensuse.security:tst:2009072099" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.0-0.5.1"/> 35033 <criterion test_ref="oval:org.opensuse.security:tst:2009072100" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.0-0.5.1"/> 35034 <criterion test_ref="oval:org.opensuse.security:tst:2009072101" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.0-0.5.1"/> 35035 <criterion test_ref="oval:org.opensuse.security:tst:2009072102" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.0-0.5.1"/> 35036 <criterion test_ref="oval:org.opensuse.security:tst:2009072103" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.0-0.5.1"/> 35037 <criterion test_ref="oval:org.opensuse.security:tst:2009072104" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.0-0.5.1"/> 35038 <criterion test_ref="oval:org.opensuse.security:tst:2009072105" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.0-0.5.1"/> 35039 <criterion test_ref="oval:org.opensuse.security:tst:2009072106" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.0-0.5.1"/> 35040 <criterion test_ref="oval:org.opensuse.security:tst:2009072107" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.0-0.5.1"/> 35041 <criterion test_ref="oval:org.opensuse.security:tst:2009072108" comment="java-1_5_0-ibm less than 1.5.0_sr13.0-0.5.1"/> 35042 </criteria> 35043 </criteria> 35044 </definition> 35045 <definition id="oval:org.opensuse.security:def:20113554" version="1" class="vulnerability"> 35046 <metadata> 35047 <title>CVE-2011-3554</title> 35048 <affected family="unix"> 35049 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35050 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35051 </affected> 35052 <reference ref_id="CVE-2011-3554" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3554" source="CVE"/> 35053 <description> 35054 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors. 35055 </description> 35056 </metadata> 35057 <!-- f4937ae002dcdee7a337098f0e17f715 --> 35058 <criteria operator="AND"> 35059 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35060 <criteria operator="OR"> 35061 <criterion test_ref="oval:org.opensuse.security:tst:2009072098" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.0-0.5.1"/> 35062 <criterion test_ref="oval:org.opensuse.security:tst:2009072099" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.0-0.5.1"/> 35063 <criterion test_ref="oval:org.opensuse.security:tst:2009072100" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.0-0.5.1"/> 35064 <criterion test_ref="oval:org.opensuse.security:tst:2009072101" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.0-0.5.1"/> 35065 <criterion test_ref="oval:org.opensuse.security:tst:2009072102" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.0-0.5.1"/> 35066 <criterion test_ref="oval:org.opensuse.security:tst:2009072103" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.0-0.5.1"/> 35067 <criterion test_ref="oval:org.opensuse.security:tst:2009072104" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.0-0.5.1"/> 35068 <criterion test_ref="oval:org.opensuse.security:tst:2009072105" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.0-0.5.1"/> 35069 <criterion test_ref="oval:org.opensuse.security:tst:2009072106" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.0-0.5.1"/> 35070 <criterion test_ref="oval:org.opensuse.security:tst:2009072107" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.0-0.5.1"/> 35071 <criterion test_ref="oval:org.opensuse.security:tst:2009072108" comment="java-1_5_0-ibm less than 1.5.0_sr13.0-0.5.1"/> 35072 </criteria> 35073 </criteria> 35074 </definition> 35075 <definition id="oval:org.opensuse.security:def:20113557" version="1" class="vulnerability"> 35076 <metadata> 35077 <title>CVE-2011-3557</title> 35078 <affected family="unix"> 35079 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35080 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35081 </affected> 35082 <reference ref_id="CVE-2011-3557" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3557" source="CVE"/> 35083 <description> 35084 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI. 35085 </description> 35086 </metadata> 35087 <criteria operator="OR"> 35088 <!-- 37f9fa06a81529e81613e3989bd55358 --> 35089 <criteria operator="AND"> 35090 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35091 <criteria operator="OR"> 35092 <criterion test_ref="oval:org.opensuse.security:tst:2009074166" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.1-0.8.3"/> 35093 <criterion test_ref="oval:org.opensuse.security:tst:2009074167" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.1-0.8.3"/> 35094 <criterion test_ref="oval:org.opensuse.security:tst:2009074168" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.1-0.8.3"/> 35095 <criterion test_ref="oval:org.opensuse.security:tst:2009074169" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.1-0.8.3"/> 35096 <criterion test_ref="oval:org.opensuse.security:tst:2009074170" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.1-0.8.3"/> 35097 <criterion test_ref="oval:org.opensuse.security:tst:2009074171" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.1-0.8.3"/> 35098 <criterion test_ref="oval:org.opensuse.security:tst:2009074172" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.1-0.8.3"/> 35099 <criterion test_ref="oval:org.opensuse.security:tst:2009074173" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.1-0.8.3"/> 35100 <criterion test_ref="oval:org.opensuse.security:tst:2009074174" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.1-0.8.3"/> 35101 <criterion test_ref="oval:org.opensuse.security:tst:2009074175" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.1-0.8.3"/> 35102 <criterion test_ref="oval:org.opensuse.security:tst:2009074176" comment="java-1_5_0-ibm less than 1.5.0_sr13.1-0.8.3"/> 35103 </criteria> 35104 </criteria> 35105 <!-- f4937ae002dcdee7a337098f0e17f715 --> 35106 <criteria operator="AND"> 35107 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35108 <criteria operator="OR"> 35109 <criterion test_ref="oval:org.opensuse.security:tst:2009072098" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.0-0.5.1"/> 35110 <criterion test_ref="oval:org.opensuse.security:tst:2009072099" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.0-0.5.1"/> 35111 <criterion test_ref="oval:org.opensuse.security:tst:2009072100" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.0-0.5.1"/> 35112 <criterion test_ref="oval:org.opensuse.security:tst:2009072101" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.0-0.5.1"/> 35113 <criterion test_ref="oval:org.opensuse.security:tst:2009072102" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.0-0.5.1"/> 35114 <criterion test_ref="oval:org.opensuse.security:tst:2009072103" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.0-0.5.1"/> 35115 <criterion test_ref="oval:org.opensuse.security:tst:2009072104" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.0-0.5.1"/> 35116 <criterion test_ref="oval:org.opensuse.security:tst:2009072105" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.0-0.5.1"/> 35117 <criterion test_ref="oval:org.opensuse.security:tst:2009072106" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.0-0.5.1"/> 35118 <criterion test_ref="oval:org.opensuse.security:tst:2009072107" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.0-0.5.1"/> 35119 <criterion test_ref="oval:org.opensuse.security:tst:2009072108" comment="java-1_5_0-ibm less than 1.5.0_sr13.0-0.5.1"/> 35120 </criteria> 35121 </criteria> 35122 </criteria> 35123 </definition> 35124 <definition id="oval:org.opensuse.security:def:20113560" version="1" class="vulnerability"> 35125 <metadata> 35126 <title>CVE-2011-3560</title> 35127 <affected family="unix"> 35128 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35129 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35130 </affected> 35131 <reference ref_id="CVE-2011-3560" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3560" source="CVE"/> 35132 <description> 35133 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity, related to JSSE. 35134 </description> 35135 </metadata> 35136 <!-- 37f9fa06a81529e81613e3989bd55358 --> 35137 <criteria operator="AND"> 35138 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35139 <criteria operator="OR"> 35140 <criterion test_ref="oval:org.opensuse.security:tst:2009074166" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.1-0.8.3"/> 35141 <criterion test_ref="oval:org.opensuse.security:tst:2009074167" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.1-0.8.3"/> 35142 <criterion test_ref="oval:org.opensuse.security:tst:2009074168" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.1-0.8.3"/> 35143 <criterion test_ref="oval:org.opensuse.security:tst:2009074169" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.1-0.8.3"/> 35144 <criterion test_ref="oval:org.opensuse.security:tst:2009074170" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.1-0.8.3"/> 35145 <criterion test_ref="oval:org.opensuse.security:tst:2009074171" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.1-0.8.3"/> 35146 <criterion test_ref="oval:org.opensuse.security:tst:2009074172" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.1-0.8.3"/> 35147 <criterion test_ref="oval:org.opensuse.security:tst:2009074173" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.1-0.8.3"/> 35148 <criterion test_ref="oval:org.opensuse.security:tst:2009074174" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.1-0.8.3"/> 35149 <criterion test_ref="oval:org.opensuse.security:tst:2009074175" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.1-0.8.3"/> 35150 <criterion test_ref="oval:org.opensuse.security:tst:2009074176" comment="java-1_5_0-ibm less than 1.5.0_sr13.1-0.8.3"/> 35151 </criteria> 35152 </criteria> 35153 </definition> 35154 <definition id="oval:org.opensuse.security:def:20113563" version="1" class="vulnerability"> 35155 <metadata> 35156 <title>CVE-2011-3563</title> 35157 <affected family="unix"> 35158 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35159 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35160 </affected> 35161 <reference ref_id="CVE-2011-3563" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3563" source="CVE"/> 35162 <description> 35163 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Sound. 35164 </description> 35165 </metadata> 35166 <!-- 37f9fa06a81529e81613e3989bd55358 --> 35167 <criteria operator="AND"> 35168 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35169 <criteria operator="OR"> 35170 <criterion test_ref="oval:org.opensuse.security:tst:2009074166" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.1-0.8.3"/> 35171 <criterion test_ref="oval:org.opensuse.security:tst:2009074167" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.1-0.8.3"/> 35172 <criterion test_ref="oval:org.opensuse.security:tst:2009074168" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.1-0.8.3"/> 35173 <criterion test_ref="oval:org.opensuse.security:tst:2009074169" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.1-0.8.3"/> 35174 <criterion test_ref="oval:org.opensuse.security:tst:2009074170" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.1-0.8.3"/> 35175 <criterion test_ref="oval:org.opensuse.security:tst:2009074171" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.1-0.8.3"/> 35176 <criterion test_ref="oval:org.opensuse.security:tst:2009074172" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.1-0.8.3"/> 35177 <criterion test_ref="oval:org.opensuse.security:tst:2009074173" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.1-0.8.3"/> 35178 <criterion test_ref="oval:org.opensuse.security:tst:2009074174" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.1-0.8.3"/> 35179 <criterion test_ref="oval:org.opensuse.security:tst:2009074175" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.1-0.8.3"/> 35180 <criterion test_ref="oval:org.opensuse.security:tst:2009074176" comment="java-1_5_0-ibm less than 1.5.0_sr13.1-0.8.3"/> 35181 </criteria> 35182 </criteria> 35183 </definition> 35184 <definition id="oval:org.opensuse.security:def:20113594" version="1" class="vulnerability"> 35185 <metadata> 35186 <title>CVE-2011-3594</title> 35187 <affected family="unix"> 35188 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35189 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35190 </affected> 35191 <reference ref_id="CVE-2011-3594" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3594" source="CVE"/> 35192 <description> 35193 The g_markup_escape_text function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service (crash) via invalid UTF-8 sequences that trigger use of invalid pointers and an out-of-bounds read, related to interactions with certain versions of glib2. 35194 </description> 35195 </metadata> 35196 <!-- b2065553568c70babb437af6b08cc06e --> 35197 <criteria operator="AND"> 35198 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35199 <criteria operator="OR"> 35200 <criterion test_ref="oval:org.opensuse.security:tst:2009071813" comment="finch less than 2.6.6-0.10.1"/> 35201 <criterion test_ref="oval:org.opensuse.security:tst:2009071814" comment="libpurple less than 2.6.6-0.10.1"/> 35202 <criterion test_ref="oval:org.opensuse.security:tst:2009071815" comment="pidgin less than 2.6.6-0.10.1"/> 35203 </criteria> 35204 </criteria> 35205 </definition> 35206 <definition id="oval:org.opensuse.security:def:20113627" version="1" class="vulnerability"> 35207 <metadata> 35208 <title>CVE-2011-3627</title> 35209 <affected family="unix"> 35210 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35211 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35212 </affected> 35213 <reference ref_id="CVE-2011-3627" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3627" source="CVE"/> 35214 <description> 35215 The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to "recursion level" and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c. 35216 </description> 35217 </metadata> 35218 <!-- 0a747dcd76a3bbf1d11ff1e34c2e10a5 --> 35219 <criteria operator="AND"> 35220 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35221 <criterion test_ref="oval:org.opensuse.security:tst:2009071603" comment="clamav less than 0.97.3-0.5.1"/> 35222 </criteria> 35223 </definition> 35224 <definition id="oval:org.opensuse.security:def:20113647" version="1" class="vulnerability"> 35225 <metadata> 35226 <title>CVE-2011-3647</title> 35227 <affected family="unix"> 35228 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35229 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35230 </affected> 35231 <reference ref_id="CVE-2011-3647" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3647" source="CVE"/> 35232 <description> 35233 The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird before 3.1.6 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior, a related issue to CVE-2011-3004. 35234 </description> 35235 </metadata> 35236 <criteria operator="OR"> 35237 <!-- a9702913279a83a089e38e9d764a8ce1 --> 35238 <criteria operator="AND"> 35239 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35240 <criteria operator="OR"> 35241 <criterion test_ref="oval:org.opensuse.security:tst:2009071955" comment="MozillaFirefox-translations less than 3.6.24-0.5.1"/> 35242 <criterion test_ref="oval:org.opensuse.security:tst:2009071956" comment="MozillaFirefox less than 3.6.24-0.5.1"/> 35243 <criterion test_ref="oval:org.opensuse.security:tst:2009071957" comment="mozilla-xulrunner192-32bit less than 1.9.2.24-0.5.1"/> 35244 <criterion test_ref="oval:org.opensuse.security:tst:2009071958" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.24-0.5.1"/> 35245 <criterion test_ref="oval:org.opensuse.security:tst:2009071959" comment="mozilla-xulrunner192-gnome less than 1.9.2.24-0.5.1"/> 35246 <criterion test_ref="oval:org.opensuse.security:tst:2009071960" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.24-0.5.1"/> 35247 <criterion test_ref="oval:org.opensuse.security:tst:2009071961" comment="mozilla-xulrunner192-translations less than 1.9.2.24-0.5.1"/> 35248 <criterion test_ref="oval:org.opensuse.security:tst:2009071962" comment="mozilla-xulrunner192 less than 1.9.2.24-0.5.1"/> 35249 </criteria> 35250 </criteria> 35251 <!-- d38a557341c2b284b12c5c1e21800a6d --> 35252 <criteria operator="AND"> 35253 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35254 <criteria operator="OR"> 35255 <criterion test_ref="oval:org.opensuse.security:tst:2009071938" comment="mozilla-nss-32bit less than 3.13.1-0.5.1"/> 35256 <criterion test_ref="oval:org.opensuse.security:tst:2009071939" comment="mozilla-nss-devel less than 3.13.1-0.5.1"/> 35257 <criterion test_ref="oval:org.opensuse.security:tst:2009071940" comment="mozilla-nss-tools less than 3.13.1-0.5.1"/> 35258 <criterion test_ref="oval:org.opensuse.security:tst:2009071941" comment="mozilla-nss less than 3.13.1-0.5.1"/> 35259 </criteria> 35260 </criteria> 35261 </criteria> 35262 </definition> 35263 <definition id="oval:org.opensuse.security:def:20113648" version="1" class="vulnerability"> 35264 <metadata> 35265 <title>CVE-2011-3648</title> 35266 <affected family="unix"> 35267 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35268 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35269 </affected> 35270 <reference ref_id="CVE-2011-3648" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3648" source="CVE"/> 35271 <description> 35272 Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding. 35273 </description> 35274 </metadata> 35275 <criteria operator="OR"> 35276 <!-- a9702913279a83a089e38e9d764a8ce1 --> 35277 <criteria operator="AND"> 35278 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35279 <criteria operator="OR"> 35280 <criterion test_ref="oval:org.opensuse.security:tst:2009071955" comment="MozillaFirefox-translations less than 3.6.24-0.5.1"/> 35281 <criterion test_ref="oval:org.opensuse.security:tst:2009071956" comment="MozillaFirefox less than 3.6.24-0.5.1"/> 35282 <criterion test_ref="oval:org.opensuse.security:tst:2009071957" comment="mozilla-xulrunner192-32bit less than 1.9.2.24-0.5.1"/> 35283 <criterion test_ref="oval:org.opensuse.security:tst:2009071958" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.24-0.5.1"/> 35284 <criterion test_ref="oval:org.opensuse.security:tst:2009071959" comment="mozilla-xulrunner192-gnome less than 1.9.2.24-0.5.1"/> 35285 <criterion test_ref="oval:org.opensuse.security:tst:2009071960" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.24-0.5.1"/> 35286 <criterion test_ref="oval:org.opensuse.security:tst:2009071961" comment="mozilla-xulrunner192-translations less than 1.9.2.24-0.5.1"/> 35287 <criterion test_ref="oval:org.opensuse.security:tst:2009071962" comment="mozilla-xulrunner192 less than 1.9.2.24-0.5.1"/> 35288 </criteria> 35289 </criteria> 35290 <!-- d38a557341c2b284b12c5c1e21800a6d --> 35291 <criteria operator="AND"> 35292 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35293 <criteria operator="OR"> 35294 <criterion test_ref="oval:org.opensuse.security:tst:2009071938" comment="mozilla-nss-32bit less than 3.13.1-0.5.1"/> 35295 <criterion test_ref="oval:org.opensuse.security:tst:2009071939" comment="mozilla-nss-devel less than 3.13.1-0.5.1"/> 35296 <criterion test_ref="oval:org.opensuse.security:tst:2009071940" comment="mozilla-nss-tools less than 3.13.1-0.5.1"/> 35297 <criterion test_ref="oval:org.opensuse.security:tst:2009071941" comment="mozilla-nss less than 3.13.1-0.5.1"/> 35298 </criteria> 35299 </criteria> 35300 </criteria> 35301 </definition> 35302 <definition id="oval:org.opensuse.security:def:20113649" version="1" class="vulnerability"> 35303 <metadata> 35304 <title>CVE-2011-3649</title> 35305 <affected family="unix"> 35306 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35307 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35308 </affected> 35309 <reference ref_id="CVE-2011-3649" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3649" source="CVE"/> 35310 <description> 35311 Mozilla Firefox 7.0 and Thunderbird 7.0, when the Direct2D (aka D2D) API is used on Windows in conjunction with the Azure graphics back-end, allow remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas. NOTE: this issue exists because of a CVE-2011-2986 regression. 35312 </description> 35313 </metadata> 35314 <!-- d38a557341c2b284b12c5c1e21800a6d --> 35315 <criteria operator="AND"> 35316 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35317 <criteria operator="OR"> 35318 <criterion test_ref="oval:org.opensuse.security:tst:2009071938" comment="mozilla-nss-32bit less than 3.13.1-0.5.1"/> 35319 <criterion test_ref="oval:org.opensuse.security:tst:2009071939" comment="mozilla-nss-devel less than 3.13.1-0.5.1"/> 35320 <criterion test_ref="oval:org.opensuse.security:tst:2009071940" comment="mozilla-nss-tools less than 3.13.1-0.5.1"/> 35321 <criterion test_ref="oval:org.opensuse.security:tst:2009071941" comment="mozilla-nss less than 3.13.1-0.5.1"/> 35322 </criteria> 35323 </criteria> 35324 </definition> 35325 <definition id="oval:org.opensuse.security:def:20113650" version="1" class="vulnerability"> 35326 <metadata> 35327 <title>CVE-2011-3650</title> 35328 <affected family="unix"> 35329 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35330 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35331 </affected> 35332 <reference ref_id="CVE-2011-3650" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3650" source="CVE"/> 35333 <description> 35334 Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug. 35335 </description> 35336 </metadata> 35337 <criteria operator="OR"> 35338 <!-- a9702913279a83a089e38e9d764a8ce1 --> 35339 <criteria operator="AND"> 35340 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35341 <criteria operator="OR"> 35342 <criterion test_ref="oval:org.opensuse.security:tst:2009071955" comment="MozillaFirefox-translations less than 3.6.24-0.5.1"/> 35343 <criterion test_ref="oval:org.opensuse.security:tst:2009071956" comment="MozillaFirefox less than 3.6.24-0.5.1"/> 35344 <criterion test_ref="oval:org.opensuse.security:tst:2009071957" comment="mozilla-xulrunner192-32bit less than 1.9.2.24-0.5.1"/> 35345 <criterion test_ref="oval:org.opensuse.security:tst:2009071958" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.24-0.5.1"/> 35346 <criterion test_ref="oval:org.opensuse.security:tst:2009071959" comment="mozilla-xulrunner192-gnome less than 1.9.2.24-0.5.1"/> 35347 <criterion test_ref="oval:org.opensuse.security:tst:2009071960" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.24-0.5.1"/> 35348 <criterion test_ref="oval:org.opensuse.security:tst:2009071961" comment="mozilla-xulrunner192-translations less than 1.9.2.24-0.5.1"/> 35349 <criterion test_ref="oval:org.opensuse.security:tst:2009071962" comment="mozilla-xulrunner192 less than 1.9.2.24-0.5.1"/> 35350 </criteria> 35351 </criteria> 35352 <!-- d38a557341c2b284b12c5c1e21800a6d --> 35353 <criteria operator="AND"> 35354 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35355 <criteria operator="OR"> 35356 <criterion test_ref="oval:org.opensuse.security:tst:2009071938" comment="mozilla-nss-32bit less than 3.13.1-0.5.1"/> 35357 <criterion test_ref="oval:org.opensuse.security:tst:2009071939" comment="mozilla-nss-devel less than 3.13.1-0.5.1"/> 35358 <criterion test_ref="oval:org.opensuse.security:tst:2009071940" comment="mozilla-nss-tools less than 3.13.1-0.5.1"/> 35359 <criterion test_ref="oval:org.opensuse.security:tst:2009071941" comment="mozilla-nss less than 3.13.1-0.5.1"/> 35360 </criteria> 35361 </criteria> 35362 </criteria> 35363 </definition> 35364 <definition id="oval:org.opensuse.security:def:20113651" version="1" class="vulnerability"> 35365 <metadata> 35366 <title>CVE-2011-3651</title> 35367 <affected family="unix"> 35368 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35369 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35370 </affected> 35371 <reference ref_id="CVE-2011-3651" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3651" source="CVE"/> 35372 <description> 35373 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 35374 </description> 35375 </metadata> 35376 <!-- d38a557341c2b284b12c5c1e21800a6d --> 35377 <criteria operator="AND"> 35378 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35379 <criteria operator="OR"> 35380 <criterion test_ref="oval:org.opensuse.security:tst:2009071938" comment="mozilla-nss-32bit less than 3.13.1-0.5.1"/> 35381 <criterion test_ref="oval:org.opensuse.security:tst:2009071939" comment="mozilla-nss-devel less than 3.13.1-0.5.1"/> 35382 <criterion test_ref="oval:org.opensuse.security:tst:2009071940" comment="mozilla-nss-tools less than 3.13.1-0.5.1"/> 35383 <criterion test_ref="oval:org.opensuse.security:tst:2009071941" comment="mozilla-nss less than 3.13.1-0.5.1"/> 35384 </criteria> 35385 </criteria> 35386 </definition> 35387 <definition id="oval:org.opensuse.security:def:20113653" version="1" class="vulnerability"> 35388 <metadata> 35389 <title>CVE-2011-3653</title> 35390 <affected family="unix"> 35391 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35392 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35393 </affected> 35394 <reference ref_id="CVE-2011-3653" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3653" source="CVE"/> 35395 <description> 35396 Mozilla Firefox before 8.0 and Thunderbird before 8.0 on Mac OS X do not properly interact with the GPU memory behavior of a certain driver for Intel integrated GPUs, which allows remote attackers to bypass the Same Origin Policy and read image data via vectors related to WebGL textures. 35397 </description> 35398 </metadata> 35399 <!-- d38a557341c2b284b12c5c1e21800a6d --> 35400 <criteria operator="AND"> 35401 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35402 <criteria operator="OR"> 35403 <criterion test_ref="oval:org.opensuse.security:tst:2009071938" comment="mozilla-nss-32bit less than 3.13.1-0.5.1"/> 35404 <criterion test_ref="oval:org.opensuse.security:tst:2009071939" comment="mozilla-nss-devel less than 3.13.1-0.5.1"/> 35405 <criterion test_ref="oval:org.opensuse.security:tst:2009071940" comment="mozilla-nss-tools less than 3.13.1-0.5.1"/> 35406 <criterion test_ref="oval:org.opensuse.security:tst:2009071941" comment="mozilla-nss less than 3.13.1-0.5.1"/> 35407 </criteria> 35408 </criteria> 35409 </definition> 35410 <definition id="oval:org.opensuse.security:def:20113655" version="1" class="vulnerability"> 35411 <metadata> 35412 <title>CVE-2011-3655</title> 35413 <affected family="unix"> 35414 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35415 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35416 </affected> 35417 <reference ref_id="CVE-2011-3655" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3655" source="CVE"/> 35418 <description> 35419 Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site. 35420 </description> 35421 </metadata> 35422 <!-- d38a557341c2b284b12c5c1e21800a6d --> 35423 <criteria operator="AND"> 35424 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35425 <criteria operator="OR"> 35426 <criterion test_ref="oval:org.opensuse.security:tst:2009071938" comment="mozilla-nss-32bit less than 3.13.1-0.5.1"/> 35427 <criterion test_ref="oval:org.opensuse.security:tst:2009071939" comment="mozilla-nss-devel less than 3.13.1-0.5.1"/> 35428 <criterion test_ref="oval:org.opensuse.security:tst:2009071940" comment="mozilla-nss-tools less than 3.13.1-0.5.1"/> 35429 <criterion test_ref="oval:org.opensuse.security:tst:2009071941" comment="mozilla-nss less than 3.13.1-0.5.1"/> 35430 </criteria> 35431 </criteria> 35432 </definition> 35433 <definition id="oval:org.opensuse.security:def:20113659" version="1" class="vulnerability"> 35434 <metadata> 35435 <title>CVE-2011-3659</title> 35436 <affected family="unix"> 35437 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35438 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35439 </affected> 35440 <reference ref_id="CVE-2011-3659" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3659" source="CVE"/> 35441 <description> 35442 Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes. 35443 </description> 35444 </metadata> 35445 <!-- d1ff5a0e9707cb73c751a65b6759427d --> 35446 <criteria operator="AND"> 35447 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35448 <criteria operator="OR"> 35449 <criterion test_ref="oval:org.opensuse.security:tst:2009072905" comment="MozillaFirefox-translations less than 3.6.26-0.6.1"/> 35450 <criterion test_ref="oval:org.opensuse.security:tst:2009072906" comment="MozillaFirefox less than 3.6.26-0.6.1"/> 35451 <criterion test_ref="oval:org.opensuse.security:tst:2009072907" comment="mozilla-xulrunner192-32bit less than 1.9.2.26-0.5.1"/> 35452 <criterion test_ref="oval:org.opensuse.security:tst:2009072908" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.26-0.5.1"/> 35453 <criterion test_ref="oval:org.opensuse.security:tst:2009072909" comment="mozilla-xulrunner192-gnome less than 1.9.2.26-0.5.1"/> 35454 <criterion test_ref="oval:org.opensuse.security:tst:2009072910" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.26-0.5.1"/> 35455 <criterion test_ref="oval:org.opensuse.security:tst:2009072911" comment="mozilla-xulrunner192-translations less than 1.9.2.26-0.5.1"/> 35456 <criterion test_ref="oval:org.opensuse.security:tst:2009072912" comment="mozilla-xulrunner192 less than 1.9.2.26-0.5.1"/> 35457 </criteria> 35458 </criteria> 35459 </definition> 35460 <definition id="oval:org.opensuse.security:def:20113670" version="1" class="vulnerability"> 35461 <metadata> 35462 <title>CVE-2011-3670</title> 35463 <affected family="unix"> 35464 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35465 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35466 </affected> 35467 <reference ref_id="CVE-2011-3670" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3670" source="CVE"/> 35468 <description> 35469 Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a proxy and reading the error messages. 35470 </description> 35471 </metadata> 35472 <!-- d1ff5a0e9707cb73c751a65b6759427d --> 35473 <criteria operator="AND"> 35474 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35475 <criteria operator="OR"> 35476 <criterion test_ref="oval:org.opensuse.security:tst:2009072905" comment="MozillaFirefox-translations less than 3.6.26-0.6.1"/> 35477 <criterion test_ref="oval:org.opensuse.security:tst:2009072906" comment="MozillaFirefox less than 3.6.26-0.6.1"/> 35478 <criterion test_ref="oval:org.opensuse.security:tst:2009072907" comment="mozilla-xulrunner192-32bit less than 1.9.2.26-0.5.1"/> 35479 <criterion test_ref="oval:org.opensuse.security:tst:2009072908" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.26-0.5.1"/> 35480 <criterion test_ref="oval:org.opensuse.security:tst:2009072909" comment="mozilla-xulrunner192-gnome less than 1.9.2.26-0.5.1"/> 35481 <criterion test_ref="oval:org.opensuse.security:tst:2009072910" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.26-0.5.1"/> 35482 <criterion test_ref="oval:org.opensuse.security:tst:2009072911" comment="mozilla-xulrunner192-translations less than 1.9.2.26-0.5.1"/> 35483 <criterion test_ref="oval:org.opensuse.security:tst:2009072912" comment="mozilla-xulrunner192 less than 1.9.2.26-0.5.1"/> 35484 </criteria> 35485 </criteria> 35486 </definition> 35487 <definition id="oval:org.opensuse.security:def:20113919" version="1" class="vulnerability"> 35488 <metadata> 35489 <title>CVE-2011-3919</title> 35490 <affected family="unix"> 35491 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35492 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35493 </affected> 35494 <reference ref_id="CVE-2011-3919" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919" source="CVE"/> 35495 <description> 35496 Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. 35497 </description> 35498 </metadata> 35499 <!-- 2a9a16773f62000d9967a5742f785534 --> 35500 <criteria operator="AND"> 35501 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35502 <criteria operator="OR"> 35503 <criterion test_ref="oval:org.opensuse.security:tst:2009072741" comment="libxml2-32bit less than 2.6.23-15.27.1"/> 35504 <criterion test_ref="oval:org.opensuse.security:tst:2009072742" comment="libxml2-devel-32bit less than 2.6.23-15.27.1"/> 35505 <criterion test_ref="oval:org.opensuse.security:tst:2009072743" comment="libxml2-devel less than 2.6.23-15.27.1"/> 35506 <criterion test_ref="oval:org.opensuse.security:tst:2009072744" comment="libxml2 less than 2.6.23-15.27.1"/> 35507 </criteria> 35508 </criteria> 35509 </definition> 35510 <definition id="oval:org.opensuse.security:def:20113970" version="1" class="vulnerability"> 35511 <metadata> 35512 <title>CVE-2011-3970</title> 35513 <affected family="unix"> 35514 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35515 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35516 </affected> 35517 <reference ref_id="CVE-2011-3970" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3970" source="CVE"/> 35518 <description> 35519 libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. 35520 </description> 35521 </metadata> 35522 <!-- 5d3a5dffd02556b10dd8725a25b362d4 --> 35523 <criteria operator="AND"> 35524 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35525 <criteria operator="OR"> 35526 <criterion test_ref="oval:org.opensuse.security:tst:2009073438" comment="libxslt-32bit less than 1.1.15-15.16.21"/> 35527 <criterion test_ref="oval:org.opensuse.security:tst:2009073439" comment="libxslt-devel-32bit less than 1.1.15-15.16.21"/> 35528 <criterion test_ref="oval:org.opensuse.security:tst:2009073440" comment="libxslt-devel less than 1.1.15-15.16.21"/> 35529 <criterion test_ref="oval:org.opensuse.security:tst:2009073441" comment="libxslt less than 1.1.15-15.16.21"/> 35530 </criteria> 35531 </criteria> 35532 </definition> 35533 <definition id="oval:org.opensuse.security:def:20114073" version="1" class="vulnerability"> 35534 <metadata> 35535 <title>CVE-2011-4073</title> 35536 <affected family="unix"> 35537 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35538 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35539 </affected> 35540 <reference ref_id="CVE-2011-4073" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4073" source="CVE"/> 35541 <description> 35542 Use-after-free vulnerability in the cryptographic helper handler functionality in Openswan 2.3.0 through 2.6.36 allows remote authenticated users to cause a denial of service (pluto IKE daemon crash) via vectors related to the (1) quick_outI1_continue and (2) quick_outI1 functions. 35543 </description> 35544 </metadata> 35545 <!-- e88a8cd0f4ff74d83d293387eb09a0f8 --> 35546 <criteria operator="AND"> 35547 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35548 <criterion test_ref="oval:org.opensuse.security:tst:2009072185" comment="openswan less than 2.4.4-18.19.1"/> 35549 </criteria> 35550 </definition> 35551 <definition id="oval:org.opensuse.security:def:20114077" version="1" class="vulnerability"> 35552 <metadata> 35553 <title>CVE-2011-4077</title> 35554 <affected family="unix"> 35555 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35556 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35557 </affected> 35558 <reference ref_id="CVE-2011-4077" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4077" source="CVE"/> 35559 <description> 35560 Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname. 35561 </description> 35562 </metadata> 35563 <criteria operator="OR"> 35564 <!-- 3395803e5857d3e0f44b39331dc3b010 --> 35565 <criteria operator="AND"> 35566 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35567 <criteria operator="OR"> 35568 <criterion test_ref="oval:org.opensuse.security:tst:2009107340" comment="kernel-bigsmp less than 2.6.16.60-0.97.1"/> 35569 <criterion test_ref="oval:org.opensuse.security:tst:2009074611" comment="kernel-default less than 2.6.16.60-0.97.1"/> 35570 <criterion test_ref="oval:org.opensuse.security:tst:2009074614" comment="kernel-smp less than 2.6.16.60-0.97.1"/> 35571 <criterion test_ref="oval:org.opensuse.security:tst:2009074612" comment="kernel-source less than 2.6.16.60-0.97.1"/> 35572 <criterion test_ref="oval:org.opensuse.security:tst:2009074613" comment="kernel-syms less than 2.6.16.60-0.97.1"/> 35573 <criterion test_ref="oval:org.opensuse.security:tst:2009074615" comment="kernel-xen less than 2.6.16.60-0.97.1"/> 35574 <criterion test_ref="oval:org.opensuse.security:tst:2009107341" comment="kernel-xenpae less than 2.6.16.60-0.97.1"/> 35575 </criteria> 35576 </criteria> 35577 <!-- 96d47125b6fb737bee4bf3f7619aa63d --> 35578 <criteria operator="AND"> 35579 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35580 <criteria operator="OR"> 35581 <criterion test_ref="oval:org.opensuse.security:tst:2009074611" comment="kernel-default less than 2.6.16.60-0.97.1"/> 35582 <criterion test_ref="oval:org.opensuse.security:tst:2009074614" comment="kernel-smp less than 2.6.16.60-0.97.1"/> 35583 <criterion test_ref="oval:org.opensuse.security:tst:2009074612" comment="kernel-source less than 2.6.16.60-0.97.1"/> 35584 <criterion test_ref="oval:org.opensuse.security:tst:2009074613" comment="kernel-syms less than 2.6.16.60-0.97.1"/> 35585 <criterion test_ref="oval:org.opensuse.security:tst:2009074615" comment="kernel-xen less than 2.6.16.60-0.97.1"/> 35586 </criteria> 35587 </criteria> 35588 </criteria> 35589 </definition> 35590 <definition id="oval:org.opensuse.security:def:20114101" version="1" class="vulnerability"> 35591 <metadata> 35592 <title>CVE-2011-4101</title> 35593 <affected family="unix"> 35594 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35595 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35596 </affected> 35597 <reference ref_id="CVE-2011-4101" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4101" source="CVE"/> 35598 <description> 35599 The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. 35600 </description> 35601 </metadata> 35602 <!-- 566da20a8a85d82c440c7080cf808642 --> 35603 <criteria operator="AND"> 35604 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35605 <criterion test_ref="oval:org.opensuse.security:tst:2009071945" comment="wireshark less than 1.4.10-0.40.1"/> 35606 </criteria> 35607 </definition> 35608 <definition id="oval:org.opensuse.security:def:20114102" version="1" class="vulnerability"> 35609 <metadata> 35610 <title>CVE-2011-4102</title> 35611 <affected family="unix"> 35612 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35613 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35614 </affected> 35615 <reference ref_id="CVE-2011-4102" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4102" source="CVE"/> 35616 <description> 35617 Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (application crash) via a malformed file. 35618 </description> 35619 </metadata> 35620 <!-- 566da20a8a85d82c440c7080cf808642 --> 35621 <criteria operator="AND"> 35622 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35623 <criterion test_ref="oval:org.opensuse.security:tst:2009071945" comment="wireshark less than 1.4.10-0.40.1"/> 35624 </criteria> 35625 </definition> 35626 <definition id="oval:org.opensuse.security:def:20114108" version="1" class="vulnerability"> 35627 <metadata> 35628 <title>CVE-2011-4108</title> 35629 <affected family="unix"> 35630 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35631 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35632 </affected> 35633 <reference ref_id="CVE-2011-4108" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4108" source="CVE"/> 35634 <description> 35635 The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. 35636 </description> 35637 </metadata> 35638 <!-- 16f27ddd5506ebb38dc0015501b071d9 --> 35639 <criteria operator="AND"> 35640 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35641 <criteria operator="OR"> 35642 <criterion test_ref="oval:org.opensuse.security:tst:2009072501" comment="openssl-32bit less than 0.9.8a-18.56.3"/> 35643 <criterion test_ref="oval:org.opensuse.security:tst:2009072502" comment="openssl-devel-32bit less than 0.9.8a-18.56.3"/> 35644 <criterion test_ref="oval:org.opensuse.security:tst:2009072503" comment="openssl-devel less than 0.9.8a-18.56.3"/> 35645 <criterion test_ref="oval:org.opensuse.security:tst:2009072504" comment="openssl less than 0.9.8a-18.56.3"/> 35646 </criteria> 35647 </criteria> 35648 </definition> 35649 <definition id="oval:org.opensuse.security:def:20114109" version="1" class="vulnerability"> 35650 <metadata> 35651 <title>CVE-2011-4109</title> 35652 <affected family="unix"> 35653 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35654 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35655 </affected> 35656 <reference ref_id="CVE-2011-4109" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4109" source="CVE"/> 35657 <description> 35658 Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check. 35659 </description> 35660 </metadata> 35661 <!-- 16f27ddd5506ebb38dc0015501b071d9 --> 35662 <criteria operator="AND"> 35663 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35664 <criteria operator="OR"> 35665 <criterion test_ref="oval:org.opensuse.security:tst:2009072501" comment="openssl-32bit less than 0.9.8a-18.56.3"/> 35666 <criterion test_ref="oval:org.opensuse.security:tst:2009072502" comment="openssl-devel-32bit less than 0.9.8a-18.56.3"/> 35667 <criterion test_ref="oval:org.opensuse.security:tst:2009072503" comment="openssl-devel less than 0.9.8a-18.56.3"/> 35668 <criterion test_ref="oval:org.opensuse.security:tst:2009072504" comment="openssl less than 0.9.8a-18.56.3"/> 35669 </criteria> 35670 </criteria> 35671 </definition> 35672 <definition id="oval:org.opensuse.security:def:20114110" version="1" class="vulnerability"> 35673 <metadata> 35674 <title>CVE-2011-4110</title> 35675 <affected family="unix"> 35676 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35677 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35678 </affected> 35679 <reference ref_id="CVE-2011-4110" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4110" source="CVE"/> 35680 <description> 35681 The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and kernel oops) via vectors related to a user-defined key and "updating a negative key into a fully instantiated key." 35682 </description> 35683 </metadata> 35684 <criteria operator="OR"> 35685 <!-- 9dc087603b172b449aa9a07b548bf3cf --> 35686 <criteria operator="AND"> 35687 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35688 <criteria operator="OR"> 35689 <criterion test_ref="oval:org.opensuse.security:tst:2009075850" comment="kernel-bigsmp less than 2.6.16.60-0.99.1"/> 35690 <criterion test_ref="oval:org.opensuse.security:tst:2009075851" comment="kernel-default less than 2.6.16.60-0.99.1"/> 35691 <criterion test_ref="oval:org.opensuse.security:tst:2009075852" comment="kernel-smp less than 2.6.16.60-0.99.1"/> 35692 <criterion test_ref="oval:org.opensuse.security:tst:2009075853" comment="kernel-source less than 2.6.16.60-0.99.1"/> 35693 <criterion test_ref="oval:org.opensuse.security:tst:2009075854" comment="kernel-syms less than 2.6.16.60-0.99.1"/> 35694 <criterion test_ref="oval:org.opensuse.security:tst:2009075855" comment="kernel-xen less than 2.6.16.60-0.99.1"/> 35695 <criterion test_ref="oval:org.opensuse.security:tst:2009075856" comment="kernel-xenpae less than 2.6.16.60-0.99.1"/> 35696 </criteria> 35697 </criteria> 35698 <!-- c77cfcc87d8e54df006cb42c12c2fadb --> 35699 <criteria operator="AND"> 35700 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35701 <criteria operator="OR"> 35702 <criterion test_ref="oval:org.opensuse.security:tst:2009075851" comment="kernel-default less than 2.6.16.60-0.99.1"/> 35703 <criterion test_ref="oval:org.opensuse.security:tst:2009075852" comment="kernel-smp less than 2.6.16.60-0.99.1"/> 35704 <criterion test_ref="oval:org.opensuse.security:tst:2009075853" comment="kernel-source less than 2.6.16.60-0.99.1"/> 35705 <criterion test_ref="oval:org.opensuse.security:tst:2009075854" comment="kernel-syms less than 2.6.16.60-0.99.1"/> 35706 <criterion test_ref="oval:org.opensuse.security:tst:2009075855" comment="kernel-xen less than 2.6.16.60-0.99.1"/> 35707 </criteria> 35708 </criteria> 35709 </criteria> 35710 </definition> 35711 <definition id="oval:org.opensuse.security:def:20114182" version="1" class="vulnerability"> 35712 <metadata> 35713 <title>CVE-2011-4182</title> 35714 <affected family="unix"> 35715 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35716 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35717 </affected> 35718 <reference ref_id="CVE-2011-4182" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4182" source="CVE"/> 35719 <description> 35720 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 35721 </description> 35722 </metadata> 35723 <!-- e1ff0acb7870582081808201b27ba00e --> 35724 <criteria operator="AND"> 35725 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35726 <criterion test_ref="oval:org.opensuse.security:tst:2009072925" comment="sysconfig less than 0.50.9-13.68.1"/> 35727 </criteria> 35728 </definition> 35729 <definition id="oval:org.opensuse.security:def:20114313" version="1" class="vulnerability"> 35730 <metadata> 35731 <title>CVE-2011-4313</title> 35732 <affected family="unix"> 35733 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35734 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35735 </affected> 35736 <reference ref_id="CVE-2011-4313" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313" source="CVE"/> 35737 <description> 35738 query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver. 35739 </description> 35740 </metadata> 35741 <!-- 0c80fc3c343491f7eb7e6bc404ef7f33 --> 35742 <criteria operator="AND"> 35743 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35744 <criteria operator="OR"> 35745 <criterion test_ref="oval:org.opensuse.security:tst:2009071978" comment="bind-libs-32bit less than 9.6ESVR5P1-0.9.1"/> 35746 <criterion test_ref="oval:org.opensuse.security:tst:2009071979" comment="bind-libs less than 9.6ESVR5P1-0.9.1"/> 35747 <criterion test_ref="oval:org.opensuse.security:tst:2009071980" comment="bind-utils less than 9.6ESVR5P1-0.9.1"/> 35748 </criteria> 35749 </criteria> 35750 </definition> 35751 <definition id="oval:org.opensuse.security:def:20114324" version="1" class="vulnerability"> 35752 <metadata> 35753 <title>CVE-2011-4324</title> 35754 <affected family="unix"> 35755 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35756 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35757 </affected> 35758 <reference ref_id="CVE-2011-4324" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4324" source="CVE"/> 35759 <description> 35760 The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pathname on an NFSv4 filesystem. 35761 </description> 35762 </metadata> 35763 <criteria operator="OR"> 35764 <!-- 3395803e5857d3e0f44b39331dc3b010 --> 35765 <criteria operator="AND"> 35766 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35767 <criteria operator="OR"> 35768 <criterion test_ref="oval:org.opensuse.security:tst:2009107340" comment="kernel-bigsmp less than 2.6.16.60-0.97.1"/> 35769 <criterion test_ref="oval:org.opensuse.security:tst:2009074611" comment="kernel-default less than 2.6.16.60-0.97.1"/> 35770 <criterion test_ref="oval:org.opensuse.security:tst:2009074614" comment="kernel-smp less than 2.6.16.60-0.97.1"/> 35771 <criterion test_ref="oval:org.opensuse.security:tst:2009074612" comment="kernel-source less than 2.6.16.60-0.97.1"/> 35772 <criterion test_ref="oval:org.opensuse.security:tst:2009074613" comment="kernel-syms less than 2.6.16.60-0.97.1"/> 35773 <criterion test_ref="oval:org.opensuse.security:tst:2009074615" comment="kernel-xen less than 2.6.16.60-0.97.1"/> 35774 <criterion test_ref="oval:org.opensuse.security:tst:2009107341" comment="kernel-xenpae less than 2.6.16.60-0.97.1"/> 35775 </criteria> 35776 </criteria> 35777 <!-- 96d47125b6fb737bee4bf3f7619aa63d --> 35778 <criteria operator="AND"> 35779 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35780 <criteria operator="OR"> 35781 <criterion test_ref="oval:org.opensuse.security:tst:2009074611" comment="kernel-default less than 2.6.16.60-0.97.1"/> 35782 <criterion test_ref="oval:org.opensuse.security:tst:2009074614" comment="kernel-smp less than 2.6.16.60-0.97.1"/> 35783 <criterion test_ref="oval:org.opensuse.security:tst:2009074612" comment="kernel-source less than 2.6.16.60-0.97.1"/> 35784 <criterion test_ref="oval:org.opensuse.security:tst:2009074613" comment="kernel-syms less than 2.6.16.60-0.97.1"/> 35785 <criterion test_ref="oval:org.opensuse.security:tst:2009074615" comment="kernel-xen less than 2.6.16.60-0.97.1"/> 35786 </criteria> 35787 </criteria> 35788 </criteria> 35789 </definition> 35790 <definition id="oval:org.opensuse.security:def:20114330" version="1" class="vulnerability"> 35791 <metadata> 35792 <title>CVE-2011-4330</title> 35793 <affected family="unix"> 35794 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35795 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35796 </affected> 35797 <reference ref_id="CVE-2011-4330" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4330" source="CVE"/> 35798 <description> 35799 Stack-based buffer overflow in the hfs_mac2asc function in fs/hfs/trans.c in the Linux kernel 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via an HFS image with a crafted len field. 35800 </description> 35801 </metadata> 35802 <criteria operator="OR"> 35803 <!-- 3395803e5857d3e0f44b39331dc3b010 --> 35804 <criteria operator="AND"> 35805 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35806 <criteria operator="OR"> 35807 <criterion test_ref="oval:org.opensuse.security:tst:2009107340" comment="kernel-bigsmp less than 2.6.16.60-0.97.1"/> 35808 <criterion test_ref="oval:org.opensuse.security:tst:2009074611" comment="kernel-default less than 2.6.16.60-0.97.1"/> 35809 <criterion test_ref="oval:org.opensuse.security:tst:2009074614" comment="kernel-smp less than 2.6.16.60-0.97.1"/> 35810 <criterion test_ref="oval:org.opensuse.security:tst:2009074612" comment="kernel-source less than 2.6.16.60-0.97.1"/> 35811 <criterion test_ref="oval:org.opensuse.security:tst:2009074613" comment="kernel-syms less than 2.6.16.60-0.97.1"/> 35812 <criterion test_ref="oval:org.opensuse.security:tst:2009074615" comment="kernel-xen less than 2.6.16.60-0.97.1"/> 35813 <criterion test_ref="oval:org.opensuse.security:tst:2009107341" comment="kernel-xenpae less than 2.6.16.60-0.97.1"/> 35814 </criteria> 35815 </criteria> 35816 <!-- 96d47125b6fb737bee4bf3f7619aa63d --> 35817 <criteria operator="AND"> 35818 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35819 <criteria operator="OR"> 35820 <criterion test_ref="oval:org.opensuse.security:tst:2009074611" comment="kernel-default less than 2.6.16.60-0.97.1"/> 35821 <criterion test_ref="oval:org.opensuse.security:tst:2009074614" comment="kernel-smp less than 2.6.16.60-0.97.1"/> 35822 <criterion test_ref="oval:org.opensuse.security:tst:2009074612" comment="kernel-source less than 2.6.16.60-0.97.1"/> 35823 <criterion test_ref="oval:org.opensuse.security:tst:2009074613" comment="kernel-syms less than 2.6.16.60-0.97.1"/> 35824 <criterion test_ref="oval:org.opensuse.security:tst:2009074615" comment="kernel-xen less than 2.6.16.60-0.97.1"/> 35825 </criteria> 35826 </criteria> 35827 </criteria> 35828 </definition> 35829 <definition id="oval:org.opensuse.security:def:20114369" version="1" class="vulnerability"> 35830 <metadata> 35831 <title>CVE-2011-4369</title> 35832 <affected family="unix"> 35833 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35834 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35835 </affected> 35836 <reference ref_id="CVE-2011-4369" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4369" source="CVE"/> 35837 <description> 35838 Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. 35839 </description> 35840 </metadata> 35841 <!-- b7032f742fda7a15dea6b15613d16c60 --> 35842 <criteria operator="AND"> 35843 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35844 <criteria operator="OR"> 35845 <criterion test_ref="oval:org.opensuse.security:tst:2009072584" comment="acroread-cmaps less than 9.4.6-0.5.9"/> 35846 <criterion test_ref="oval:org.opensuse.security:tst:2009072585" comment="acroread-fonts-ja less than 9.4.6-0.5.9"/> 35847 <criterion test_ref="oval:org.opensuse.security:tst:2009072586" comment="acroread-fonts-ko less than 9.4.6-0.5.9"/> 35848 <criterion test_ref="oval:org.opensuse.security:tst:2009072587" comment="acroread-fonts-zh_CN less than 9.4.6-0.5.9"/> 35849 <criterion test_ref="oval:org.opensuse.security:tst:2009072588" comment="acroread-fonts-zh_TW less than 9.4.6-0.5.9"/> 35850 <criterion test_ref="oval:org.opensuse.security:tst:2009072589" comment="acroread less than 9.4.7-0.5.1"/> 35851 </criteria> 35852 </criteria> 35853 </definition> 35854 <definition id="oval:org.opensuse.security:def:20114516" version="1" class="vulnerability"> 35855 <metadata> 35856 <title>CVE-2011-4516</title> 35857 <affected family="unix"> 35858 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35859 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35860 </affected> 35861 <reference ref_id="CVE-2011-4516" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516" source="CVE"/> 35862 <description> 35863 Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file. 35864 </description> 35865 </metadata> 35866 <!-- c5664f2672cb6f6b5193e1ba5d5c6638 --> 35867 <criteria operator="AND"> 35868 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35869 <criteria operator="OR"> 35870 <criterion test_ref="oval:org.opensuse.security:tst:2009072254" comment="libjasper-32bit less than 1.701.0-16.15.1"/> 35871 <criterion test_ref="oval:org.opensuse.security:tst:2009072255" comment="libjasper less than 1.701.0-16.15.1"/> 35872 </criteria> 35873 </criteria> 35874 </definition> 35875 <definition id="oval:org.opensuse.security:def:20114517" version="1" class="vulnerability"> 35876 <metadata> 35877 <title>CVE-2011-4517</title> 35878 <affected family="unix"> 35879 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35880 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35881 </affected> 35882 <reference ref_id="CVE-2011-4517" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517" source="CVE"/> 35883 <description> 35884 The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file. 35885 </description> 35886 </metadata> 35887 <!-- c5664f2672cb6f6b5193e1ba5d5c6638 --> 35888 <criteria operator="AND"> 35889 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35890 <criteria operator="OR"> 35891 <criterion test_ref="oval:org.opensuse.security:tst:2009072254" comment="libjasper-32bit less than 1.701.0-16.15.1"/> 35892 <criterion test_ref="oval:org.opensuse.security:tst:2009072255" comment="libjasper less than 1.701.0-16.15.1"/> 35893 </criteria> 35894 </criteria> 35895 </definition> 35896 <definition id="oval:org.opensuse.security:def:20114576" version="1" class="vulnerability"> 35897 <metadata> 35898 <title>CVE-2011-4576</title> 35899 <affected family="unix"> 35900 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35901 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35902 </affected> 35903 <reference ref_id="CVE-2011-4576" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4576" source="CVE"/> 35904 <description> 35905 The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. 35906 </description> 35907 </metadata> 35908 <!-- 16f27ddd5506ebb38dc0015501b071d9 --> 35909 <criteria operator="AND"> 35910 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35911 <criteria operator="OR"> 35912 <criterion test_ref="oval:org.opensuse.security:tst:2009072501" comment="openssl-32bit less than 0.9.8a-18.56.3"/> 35913 <criterion test_ref="oval:org.opensuse.security:tst:2009072502" comment="openssl-devel-32bit less than 0.9.8a-18.56.3"/> 35914 <criterion test_ref="oval:org.opensuse.security:tst:2009072503" comment="openssl-devel less than 0.9.8a-18.56.3"/> 35915 <criterion test_ref="oval:org.opensuse.security:tst:2009072504" comment="openssl less than 0.9.8a-18.56.3"/> 35916 </criteria> 35917 </criteria> 35918 </definition> 35919 <definition id="oval:org.opensuse.security:def:20114577" version="1" class="vulnerability"> 35920 <metadata> 35921 <title>CVE-2011-4577</title> 35922 <affected family="unix"> 35923 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35924 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35925 </affected> 35926 <reference ref_id="CVE-2011-4577" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4577" source="CVE"/> 35927 <description> 35928 OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers. 35929 </description> 35930 </metadata> 35931 <!-- 16f27ddd5506ebb38dc0015501b071d9 --> 35932 <criteria operator="AND"> 35933 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35934 <criteria operator="OR"> 35935 <criterion test_ref="oval:org.opensuse.security:tst:2009072501" comment="openssl-32bit less than 0.9.8a-18.56.3"/> 35936 <criterion test_ref="oval:org.opensuse.security:tst:2009072502" comment="openssl-devel-32bit less than 0.9.8a-18.56.3"/> 35937 <criterion test_ref="oval:org.opensuse.security:tst:2009072503" comment="openssl-devel less than 0.9.8a-18.56.3"/> 35938 <criterion test_ref="oval:org.opensuse.security:tst:2009072504" comment="openssl less than 0.9.8a-18.56.3"/> 35939 </criteria> 35940 </criteria> 35941 </definition> 35942 <definition id="oval:org.opensuse.security:def:20114599" version="1" class="vulnerability"> 35943 <metadata> 35944 <title>CVE-2011-4599</title> 35945 <affected family="unix"> 35946 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 35947 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 35948 </affected> 35949 <reference ref_id="CVE-2011-4599" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4599" source="CVE"/> 35950 <description> 35951 Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Components for Unicode (ICU) before 49.1 allows remote attackers to execute arbitrary code via a crafted locale ID that is not properly handled during variant canonicalization. 35952 </description> 35953 </metadata> 35954 <!-- 212ca99750b4a43554de347c255f56fb --> 35955 <criteria operator="AND"> 35956 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 35957 <criteria operator="OR"> 35958 <criterion test_ref="oval:org.opensuse.security:tst:2009073398" comment="libreoffice-af less than 3.4.5.5-0.7.1"/> 35959 <criterion test_ref="oval:org.opensuse.security:tst:2009073399" comment="libreoffice-ar less than 3.4.5.5-0.7.1"/> 35960 <criterion test_ref="oval:org.opensuse.security:tst:2009073400" comment="libreoffice-ca less than 3.4.5.5-0.7.1"/> 35961 <criterion test_ref="oval:org.opensuse.security:tst:2009073401" comment="libreoffice-cs less than 3.4.5.5-0.7.1"/> 35962 <criterion test_ref="oval:org.opensuse.security:tst:2009073402" comment="libreoffice-da less than 3.4.5.5-0.7.1"/> 35963 <criterion test_ref="oval:org.opensuse.security:tst:2009073403" comment="libreoffice-de less than 3.4.5.5-0.7.1"/> 35964 <criterion test_ref="oval:org.opensuse.security:tst:2009073404" comment="libreoffice-el less than 3.4.5.5-0.7.1"/> 35965 <criterion test_ref="oval:org.opensuse.security:tst:2009073405" comment="libreoffice-en-GB less than 3.4.5.5-0.7.1"/> 35966 <criterion test_ref="oval:org.opensuse.security:tst:2009073406" comment="libreoffice-es less than 3.4.5.5-0.7.1"/> 35967 <criterion test_ref="oval:org.opensuse.security:tst:2009073407" comment="libreoffice-fi less than 3.4.5.5-0.7.1"/> 35968 <criterion test_ref="oval:org.opensuse.security:tst:2009073408" comment="libreoffice-fr less than 3.4.5.5-0.7.1"/> 35969 <criterion test_ref="oval:org.opensuse.security:tst:2009073409" comment="libreoffice-galleries less than 3.4.5.5-0.7.1"/> 35970 <criterion test_ref="oval:org.opensuse.security:tst:2009073410" comment="libreoffice-gnome less than 3.4.5.5-0.7.1"/> 35971 <criterion test_ref="oval:org.opensuse.security:tst:2009073411" comment="libreoffice-gu-IN less than 3.4.5.5-0.7.1"/> 35972 <criterion test_ref="oval:org.opensuse.security:tst:2009073412" comment="libreoffice-hi-IN less than 3.4.5.5-0.7.1"/> 35973 <criterion test_ref="oval:org.opensuse.security:tst:2009073413" comment="libreoffice-hu less than 3.4.5.5-0.7.1"/> 35974 <criterion test_ref="oval:org.opensuse.security:tst:2009073414" comment="libreoffice-it less than 3.4.5.5-0.7.1"/> 35975 <criterion test_ref="oval:org.opensuse.security:tst:2009073415" comment="libreoffice-ja less than 3.4.5.5-0.7.1"/> 35976 <criterion test_ref="oval:org.opensuse.security:tst:2009073416" comment="libreoffice-kde less than 3.4.5.5-0.7.1"/> 35977 <criterion test_ref="oval:org.opensuse.security:tst:2009073417" comment="libreoffice-ko less than 3.4.5.5-0.7.1"/> 35978 <criterion test_ref="oval:org.opensuse.security:tst:2009073418" comment="libreoffice-mono less than 3.4.5.5-0.7.1"/> 35979 <criterion test_ref="oval:org.opensuse.security:tst:2009073419" comment="libreoffice-nb less than 3.4.5.5-0.7.1"/> 35980 <criterion test_ref="oval:org.opensuse.security:tst:2009073420" comment="libreoffice-nl less than 3.4.5.5-0.7.1"/> 35981 <criterion test_ref="oval:org.opensuse.security:tst:2009073421" comment="libreoffice-nn less than 3.4.5.5-0.7.1"/> 35982 <criterion test_ref="oval:org.opensuse.security:tst:2009073422" comment="libreoffice-pl less than 3.4.5.5-0.7.1"/> 35983 <criterion test_ref="oval:org.opensuse.security:tst:2009073423" comment="libreoffice-pt-BR less than 3.4.5.5-0.7.1"/> 35984 <criterion test_ref="oval:org.opensuse.security:tst:2009073424" comment="libreoffice-ru less than 3.4.5.5-0.7.1"/> 35985 <criterion test_ref="oval:org.opensuse.security:tst:2009073425" comment="libreoffice-sk less than 3.4.5.5-0.7.1"/> 35986 <criterion test_ref="oval:org.opensuse.security:tst:2009073426" comment="libreoffice-sv less than 3.4.5.5-0.7.1"/> 35987 <criterion test_ref="oval:org.opensuse.security:tst:2009073427" comment="libreoffice-xh less than 3.4.5.5-0.7.1"/> 35988 <criterion test_ref="oval:org.opensuse.security:tst:2009073428" comment="libreoffice-zh-CN less than 3.4.5.5-0.7.1"/> 35989 <criterion test_ref="oval:org.opensuse.security:tst:2009073429" comment="libreoffice-zh-TW less than 3.4.5.5-0.7.1"/> 35990 <criterion test_ref="oval:org.opensuse.security:tst:2009073430" comment="libreoffice-zu less than 3.4.5.5-0.7.1"/> 35991 <criterion test_ref="oval:org.opensuse.security:tst:2009073431" comment="libreoffice less than 3.4.5.5-0.7.1"/> 35992 </criteria> 35993 </criteria> 35994 </definition> 35995 <definition id="oval:org.opensuse.security:def:20114601" version="1" class="vulnerability"> 35996 <metadata> 35997 <title>CVE-2011-4601</title> 35998 <affected family="unix"> 35999 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36000 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36001 </affected> 36002 <reference ref_id="CVE-2011-4601" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4601" source="CVE"/> 36003 <description> 36004 family_feedbag.c in the oscar protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote attackers to cause a denial of service (application crash) via a crafted (1) AIM or (2) ICQ message associated with buddy-list addition. 36005 </description> 36006 </metadata> 36007 <!-- c8785ba000be7d63668dde38be66bd5b --> 36008 <criteria operator="AND"> 36009 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36010 <criteria operator="OR"> 36011 <criterion test_ref="oval:org.opensuse.security:tst:2009072458" comment="finch less than 2.6.6-0.12.2"/> 36012 <criterion test_ref="oval:org.opensuse.security:tst:2009072459" comment="libpurple less than 2.6.6-0.12.2"/> 36013 <criterion test_ref="oval:org.opensuse.security:tst:2009072460" comment="pidgin less than 2.6.6-0.12.2"/> 36014 </criteria> 36015 </criteria> 36016 </definition> 36017 <definition id="oval:org.opensuse.security:def:20114602" version="1" class="vulnerability"> 36018 <metadata> 36019 <title>CVE-2011-4602</title> 36020 <affected family="unix"> 36021 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36022 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36023 </affected> 36024 <reference ref_id="CVE-2011-4602" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4602" source="CVE"/> 36025 <description> 36026 The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not properly handle missing fields in (1) voice-chat and (2) video-chat stanzas, which allows remote attackers to cause a denial of service (application crash) via a crafted message. 36027 </description> 36028 </metadata> 36029 <!-- c8785ba000be7d63668dde38be66bd5b --> 36030 <criteria operator="AND"> 36031 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36032 <criteria operator="OR"> 36033 <criterion test_ref="oval:org.opensuse.security:tst:2009072458" comment="finch less than 2.6.6-0.12.2"/> 36034 <criterion test_ref="oval:org.opensuse.security:tst:2009072459" comment="libpurple less than 2.6.6-0.12.2"/> 36035 <criterion test_ref="oval:org.opensuse.security:tst:2009072460" comment="pidgin less than 2.6.6-0.12.2"/> 36036 </criteria> 36037 </criteria> 36038 </definition> 36039 <definition id="oval:org.opensuse.security:def:20114603" version="1" class="vulnerability"> 36040 <metadata> 36041 <title>CVE-2011-4603</title> 36042 <affected family="unix"> 36043 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36044 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36045 </affected> 36046 <reference ref_id="CVE-2011-4603" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4603" source="CVE"/> 36047 <description> 36048 The silc_channel_message function in ops.c in the SILC protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote attackers to cause a denial of service (application crash) via a crafted message, a different vulnerability than CVE-2011-3594. 36049 </description> 36050 </metadata> 36051 <!-- c8785ba000be7d63668dde38be66bd5b --> 36052 <criteria operator="AND"> 36053 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36054 <criteria operator="OR"> 36055 <criterion test_ref="oval:org.opensuse.security:tst:2009072458" comment="finch less than 2.6.6-0.12.2"/> 36056 <criterion test_ref="oval:org.opensuse.security:tst:2009072459" comment="libpurple less than 2.6.6-0.12.2"/> 36057 <criterion test_ref="oval:org.opensuse.security:tst:2009072460" comment="pidgin less than 2.6.6-0.12.2"/> 36058 </criteria> 36059 </criteria> 36060 </definition> 36061 <definition id="oval:org.opensuse.security:def:20114619" version="1" class="vulnerability"> 36062 <metadata> 36063 <title>CVE-2011-4619</title> 36064 <affected family="unix"> 36065 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36066 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36067 </affected> 36068 <reference ref_id="CVE-2011-4619" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4619" source="CVE"/> 36069 <description> 36070 The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. 36071 </description> 36072 </metadata> 36073 <!-- 16f27ddd5506ebb38dc0015501b071d9 --> 36074 <criteria operator="AND"> 36075 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36076 <criteria operator="OR"> 36077 <criterion test_ref="oval:org.opensuse.security:tst:2009072501" comment="openssl-32bit less than 0.9.8a-18.56.3"/> 36078 <criterion test_ref="oval:org.opensuse.security:tst:2009072502" comment="openssl-devel-32bit less than 0.9.8a-18.56.3"/> 36079 <criterion test_ref="oval:org.opensuse.security:tst:2009072503" comment="openssl-devel less than 0.9.8a-18.56.3"/> 36080 <criterion test_ref="oval:org.opensuse.security:tst:2009072504" comment="openssl less than 0.9.8a-18.56.3"/> 36081 </criteria> 36082 </criteria> 36083 </definition> 36084 <definition id="oval:org.opensuse.security:def:20114862" version="1" class="vulnerability"> 36085 <metadata> 36086 <title>CVE-2011-4862</title> 36087 <affected family="unix"> 36088 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36089 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36090 </affected> 36091 <reference ref_id="CVE-2011-4862" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862" source="CVE"/> 36092 <description> 36093 Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011. 36094 </description> 36095 </metadata> 36096 <!-- 1827558e7c86f395bb141c5095dca72d --> 36097 <criteria operator="AND"> 36098 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36099 <criteria operator="OR"> 36100 <criterion test_ref="oval:org.opensuse.security:tst:2009072356" comment="krb5-32bit less than 1.4.3-19.49.49.1"/> 36101 <criterion test_ref="oval:org.opensuse.security:tst:2009072357" comment="krb5-client less than 1.4.3-19.49.49.1"/> 36102 <criterion test_ref="oval:org.opensuse.security:tst:2009072358" comment="krb5-devel-32bit less than 1.4.3-19.49.49.1"/> 36103 <criterion test_ref="oval:org.opensuse.security:tst:2009072359" comment="krb5-devel less than 1.4.3-19.49.49.1"/> 36104 <criterion test_ref="oval:org.opensuse.security:tst:2009072360" comment="krb5 less than 1.4.3-19.49.49.1"/> 36105 </criteria> 36106 </criteria> 36107 </definition> 36108 <definition id="oval:org.opensuse.security:def:20115000" version="1" class="vulnerability"> 36109 <metadata> 36110 <title>CVE-2011-5000</title> 36111 <affected family="unix"> 36112 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36113 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36114 </affected> 36115 <reference ref_id="CVE-2011-5000" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5000" source="CVE"/> 36116 <description> 36117 The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant. 36118 </description> 36119 </metadata> 36120 <!-- 1433a415c626f2bfb25c692b714ebf1c --> 36121 <criteria operator="AND"> 36122 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36123 <criteria operator="OR"> 36124 <criterion test_ref="oval:org.opensuse.security:tst:2009075431" comment="openssh-askpass less than 5.1p1-41.12.8"/> 36125 <criterion test_ref="oval:org.opensuse.security:tst:2009075432" comment="openssh less than 5.1p1-41.12.8"/> 36126 </criteria> 36127 </criteria> 36128 </definition> 36129 <definition id="oval:org.opensuse.security:def:20120037" version="1" class="vulnerability"> 36130 <metadata> 36131 <title>CVE-2012-0037</title> 36132 <affected family="unix"> 36133 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36134 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36135 </affected> 36136 <reference ref_id="CVE-2012-0037" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0037" source="CVE"/> 36137 <description> 36138 Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document. 36139 </description> 36140 </metadata> 36141 <!-- 212ca99750b4a43554de347c255f56fb --> 36142 <criteria operator="AND"> 36143 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36144 <criteria operator="OR"> 36145 <criterion test_ref="oval:org.opensuse.security:tst:2009073398" comment="libreoffice-af less than 3.4.5.5-0.7.1"/> 36146 <criterion test_ref="oval:org.opensuse.security:tst:2009073399" comment="libreoffice-ar less than 3.4.5.5-0.7.1"/> 36147 <criterion test_ref="oval:org.opensuse.security:tst:2009073400" comment="libreoffice-ca less than 3.4.5.5-0.7.1"/> 36148 <criterion test_ref="oval:org.opensuse.security:tst:2009073401" comment="libreoffice-cs less than 3.4.5.5-0.7.1"/> 36149 <criterion test_ref="oval:org.opensuse.security:tst:2009073402" comment="libreoffice-da less than 3.4.5.5-0.7.1"/> 36150 <criterion test_ref="oval:org.opensuse.security:tst:2009073403" comment="libreoffice-de less than 3.4.5.5-0.7.1"/> 36151 <criterion test_ref="oval:org.opensuse.security:tst:2009073404" comment="libreoffice-el less than 3.4.5.5-0.7.1"/> 36152 <criterion test_ref="oval:org.opensuse.security:tst:2009073405" comment="libreoffice-en-GB less than 3.4.5.5-0.7.1"/> 36153 <criterion test_ref="oval:org.opensuse.security:tst:2009073406" comment="libreoffice-es less than 3.4.5.5-0.7.1"/> 36154 <criterion test_ref="oval:org.opensuse.security:tst:2009073407" comment="libreoffice-fi less than 3.4.5.5-0.7.1"/> 36155 <criterion test_ref="oval:org.opensuse.security:tst:2009073408" comment="libreoffice-fr less than 3.4.5.5-0.7.1"/> 36156 <criterion test_ref="oval:org.opensuse.security:tst:2009073409" comment="libreoffice-galleries less than 3.4.5.5-0.7.1"/> 36157 <criterion test_ref="oval:org.opensuse.security:tst:2009073410" comment="libreoffice-gnome less than 3.4.5.5-0.7.1"/> 36158 <criterion test_ref="oval:org.opensuse.security:tst:2009073411" comment="libreoffice-gu-IN less than 3.4.5.5-0.7.1"/> 36159 <criterion test_ref="oval:org.opensuse.security:tst:2009073412" comment="libreoffice-hi-IN less than 3.4.5.5-0.7.1"/> 36160 <criterion test_ref="oval:org.opensuse.security:tst:2009073413" comment="libreoffice-hu less than 3.4.5.5-0.7.1"/> 36161 <criterion test_ref="oval:org.opensuse.security:tst:2009073414" comment="libreoffice-it less than 3.4.5.5-0.7.1"/> 36162 <criterion test_ref="oval:org.opensuse.security:tst:2009073415" comment="libreoffice-ja less than 3.4.5.5-0.7.1"/> 36163 <criterion test_ref="oval:org.opensuse.security:tst:2009073416" comment="libreoffice-kde less than 3.4.5.5-0.7.1"/> 36164 <criterion test_ref="oval:org.opensuse.security:tst:2009073417" comment="libreoffice-ko less than 3.4.5.5-0.7.1"/> 36165 <criterion test_ref="oval:org.opensuse.security:tst:2009073418" comment="libreoffice-mono less than 3.4.5.5-0.7.1"/> 36166 <criterion test_ref="oval:org.opensuse.security:tst:2009073419" comment="libreoffice-nb less than 3.4.5.5-0.7.1"/> 36167 <criterion test_ref="oval:org.opensuse.security:tst:2009073420" comment="libreoffice-nl less than 3.4.5.5-0.7.1"/> 36168 <criterion test_ref="oval:org.opensuse.security:tst:2009073421" comment="libreoffice-nn less than 3.4.5.5-0.7.1"/> 36169 <criterion test_ref="oval:org.opensuse.security:tst:2009073422" comment="libreoffice-pl less than 3.4.5.5-0.7.1"/> 36170 <criterion test_ref="oval:org.opensuse.security:tst:2009073423" comment="libreoffice-pt-BR less than 3.4.5.5-0.7.1"/> 36171 <criterion test_ref="oval:org.opensuse.security:tst:2009073424" comment="libreoffice-ru less than 3.4.5.5-0.7.1"/> 36172 <criterion test_ref="oval:org.opensuse.security:tst:2009073425" comment="libreoffice-sk less than 3.4.5.5-0.7.1"/> 36173 <criterion test_ref="oval:org.opensuse.security:tst:2009073426" comment="libreoffice-sv less than 3.4.5.5-0.7.1"/> 36174 <criterion test_ref="oval:org.opensuse.security:tst:2009073427" comment="libreoffice-xh less than 3.4.5.5-0.7.1"/> 36175 <criterion test_ref="oval:org.opensuse.security:tst:2009073428" comment="libreoffice-zh-CN less than 3.4.5.5-0.7.1"/> 36176 <criterion test_ref="oval:org.opensuse.security:tst:2009073429" comment="libreoffice-zh-TW less than 3.4.5.5-0.7.1"/> 36177 <criterion test_ref="oval:org.opensuse.security:tst:2009073430" comment="libreoffice-zu less than 3.4.5.5-0.7.1"/> 36178 <criterion test_ref="oval:org.opensuse.security:tst:2009073431" comment="libreoffice less than 3.4.5.5-0.7.1"/> 36179 </criteria> 36180 </criteria> 36181 </definition> 36182 <definition id="oval:org.opensuse.security:def:20120041" version="1" class="vulnerability"> 36183 <metadata> 36184 <title>CVE-2012-0041</title> 36185 <affected family="unix"> 36186 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36187 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36188 </affected> 36189 <reference ref_id="CVE-2012-0041" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0041" source="CVE"/> 36190 <description> 36191 The dissect_packet function in epan/packet.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a capture file, as demonstrated by an airopeek file. 36192 </description> 36193 </metadata> 36194 <!-- 0f46263d00a0a835ae8b455b8d0c12d8 --> 36195 <criteria operator="AND"> 36196 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36197 <criterion test_ref="oval:org.opensuse.security:tst:2009073022" comment="wireshark less than 1.4.11-0.5.1"/> 36198 </criteria> 36199 </definition> 36200 <definition id="oval:org.opensuse.security:def:20120042" version="1" class="vulnerability"> 36201 <metadata> 36202 <title>CVE-2012-0042</title> 36203 <affected family="unix"> 36204 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36205 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36206 </affected> 36207 <reference ref_id="CVE-2012-0042" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0042" source="CVE"/> 36208 <description> 36209 Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly perform certain string conversions, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet, related to epan/to_str.c. 36210 </description> 36211 </metadata> 36212 <!-- 0f46263d00a0a835ae8b455b8d0c12d8 --> 36213 <criteria operator="AND"> 36214 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36215 <criterion test_ref="oval:org.opensuse.security:tst:2009073022" comment="wireshark less than 1.4.11-0.5.1"/> 36216 </criteria> 36217 </definition> 36218 <definition id="oval:org.opensuse.security:def:20120043" version="1" class="vulnerability"> 36219 <metadata> 36220 <title>CVE-2012-0043</title> 36221 <affected family="unix"> 36222 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36223 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36224 </affected> 36225 <reference ref_id="CVE-2012-0043" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0043" source="CVE"/> 36226 <description> 36227 Buffer overflow in the reassemble_message function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a series of fragmented RLC packets. 36228 </description> 36229 </metadata> 36230 <!-- 0f46263d00a0a835ae8b455b8d0c12d8 --> 36231 <criteria operator="AND"> 36232 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36233 <criterion test_ref="oval:org.opensuse.security:tst:2009073022" comment="wireshark less than 1.4.11-0.5.1"/> 36234 </criteria> 36235 </definition> 36236 <definition id="oval:org.opensuse.security:def:20120050" version="1" class="vulnerability"> 36237 <metadata> 36238 <title>CVE-2012-0050</title> 36239 <affected family="unix"> 36240 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36241 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36242 </affected> 36243 <reference ref_id="CVE-2012-0050" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0050" source="CVE"/> 36244 <description> 36245 OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an out-of-bounds read. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108. 36246 </description> 36247 </metadata> 36248 <!-- f865d7708d91915ffe224375f1620a18 --> 36249 <criteria operator="AND"> 36250 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36251 <criteria operator="OR"> 36252 <criterion test_ref="oval:org.opensuse.security:tst:2009073005" comment="openssl-32bit less than 0.9.8a-18.60.3"/> 36253 <criterion test_ref="oval:org.opensuse.security:tst:2009073006" comment="openssl-devel-32bit less than 0.9.8a-18.60.3"/> 36254 <criterion test_ref="oval:org.opensuse.security:tst:2009073007" comment="openssl-devel less than 0.9.8a-18.60.3"/> 36255 <criterion test_ref="oval:org.opensuse.security:tst:2009073008" comment="openssl less than 0.9.8a-18.60.3"/> 36256 </criteria> 36257 </criteria> 36258 </definition> 36259 <definition id="oval:org.opensuse.security:def:20120060" version="1" class="vulnerability"> 36260 <metadata> 36261 <title>CVE-2012-0060</title> 36262 <affected family="unix"> 36263 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36264 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36265 </affected> 36266 <reference ref_id="CVE-2012-0060" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0060" source="CVE"/> 36267 <description> 36268 RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify function. 36269 </description> 36270 </metadata> 36271 <criteria operator="OR"> 36272 <!-- 3437ad480e640b7bf5a09b96d1218988 --> 36273 <criteria operator="AND"> 36274 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36275 <criteria operator="OR"> 36276 <criterion test_ref="oval:org.opensuse.security:tst:2009074260" comment="popt-devel less than 1.7-271.46.16"/> 36277 <criterion test_ref="oval:org.opensuse.security:tst:2009074261" comment="popt less than 1.7-271.46.16"/> 36278 <criterion test_ref="oval:org.opensuse.security:tst:2009074262" comment="rpm-devel less than 4.4.2-43.46.16"/> 36279 <criterion test_ref="oval:org.opensuse.security:tst:2009074263" comment="rpm-python less than 4.4.2-43.46.16"/> 36280 <criterion test_ref="oval:org.opensuse.security:tst:2009074264" comment="rpm less than 4.4.2-43.46.16"/> 36281 </criteria> 36282 </criteria> 36283 <!-- 61f3188b3d9e4127f71a5e83882d65ea --> 36284 <criteria operator="AND"> 36285 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36286 <criteria operator="OR"> 36287 <criterion test_ref="oval:org.opensuse.security:tst:2009074258" comment="popt-32bit less than 1.7-271.46.16"/> 36288 <criterion test_ref="oval:org.opensuse.security:tst:2009074259" comment="popt-devel-32bit less than 1.7-271.46.16"/> 36289 <criterion test_ref="oval:org.opensuse.security:tst:2009074260" comment="popt-devel less than 1.7-271.46.16"/> 36290 <criterion test_ref="oval:org.opensuse.security:tst:2009074261" comment="popt less than 1.7-271.46.16"/> 36291 <criterion test_ref="oval:org.opensuse.security:tst:2009074262" comment="rpm-devel less than 4.4.2-43.46.16"/> 36292 <criterion test_ref="oval:org.opensuse.security:tst:2009074263" comment="rpm-python less than 4.4.2-43.46.16"/> 36293 <criterion test_ref="oval:org.opensuse.security:tst:2009074264" comment="rpm less than 4.4.2-43.46.16"/> 36294 </criteria> 36295 </criteria> 36296 </criteria> 36297 </definition> 36298 <definition id="oval:org.opensuse.security:def:20120061" version="1" class="vulnerability"> 36299 <metadata> 36300 <title>CVE-2012-0061</title> 36301 <affected family="unix"> 36302 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36303 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36304 </affected> 36305 <reference ref_id="CVE-2012-0061" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0061" source="CVE"/> 36306 <description> 36307 The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags, which allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large region size in a package header. 36308 </description> 36309 </metadata> 36310 <criteria operator="OR"> 36311 <!-- 3437ad480e640b7bf5a09b96d1218988 --> 36312 <criteria operator="AND"> 36313 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36314 <criteria operator="OR"> 36315 <criterion test_ref="oval:org.opensuse.security:tst:2009074260" comment="popt-devel less than 1.7-271.46.16"/> 36316 <criterion test_ref="oval:org.opensuse.security:tst:2009074261" comment="popt less than 1.7-271.46.16"/> 36317 <criterion test_ref="oval:org.opensuse.security:tst:2009074262" comment="rpm-devel less than 4.4.2-43.46.16"/> 36318 <criterion test_ref="oval:org.opensuse.security:tst:2009074263" comment="rpm-python less than 4.4.2-43.46.16"/> 36319 <criterion test_ref="oval:org.opensuse.security:tst:2009074264" comment="rpm less than 4.4.2-43.46.16"/> 36320 </criteria> 36321 </criteria> 36322 <!-- 61f3188b3d9e4127f71a5e83882d65ea --> 36323 <criteria operator="AND"> 36324 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36325 <criteria operator="OR"> 36326 <criterion test_ref="oval:org.opensuse.security:tst:2009074258" comment="popt-32bit less than 1.7-271.46.16"/> 36327 <criterion test_ref="oval:org.opensuse.security:tst:2009074259" comment="popt-devel-32bit less than 1.7-271.46.16"/> 36328 <criterion test_ref="oval:org.opensuse.security:tst:2009074260" comment="popt-devel less than 1.7-271.46.16"/> 36329 <criterion test_ref="oval:org.opensuse.security:tst:2009074261" comment="popt less than 1.7-271.46.16"/> 36330 <criterion test_ref="oval:org.opensuse.security:tst:2009074262" comment="rpm-devel less than 4.4.2-43.46.16"/> 36331 <criterion test_ref="oval:org.opensuse.security:tst:2009074263" comment="rpm-python less than 4.4.2-43.46.16"/> 36332 <criterion test_ref="oval:org.opensuse.security:tst:2009074264" comment="rpm less than 4.4.2-43.46.16"/> 36333 </criteria> 36334 </criteria> 36335 </criteria> 36336 </definition> 36337 <definition id="oval:org.opensuse.security:def:20120066" version="1" class="vulnerability"> 36338 <metadata> 36339 <title>CVE-2012-0066</title> 36340 <affected family="unix"> 36341 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36342 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36343 </affected> 36344 <reference ref_id="CVE-2012-0066" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0066" source="CVE"/> 36345 <description> 36346 Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a (1) Accellent 5Views (aka .5vw) file, (2) I4B trace file, or (3) NETMON 2 capture file. 36347 </description> 36348 </metadata> 36349 <!-- 0f46263d00a0a835ae8b455b8d0c12d8 --> 36350 <criteria operator="AND"> 36351 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36352 <criterion test_ref="oval:org.opensuse.security:tst:2009073022" comment="wireshark less than 1.4.11-0.5.1"/> 36353 </criteria> 36354 </definition> 36355 <definition id="oval:org.opensuse.security:def:20120067" version="1" class="vulnerability"> 36356 <metadata> 36357 <title>CVE-2012-0067</title> 36358 <affected family="unix"> 36359 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36360 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36361 </affected> 36362 <reference ref_id="CVE-2012-0067" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0067" source="CVE"/> 36363 <description> 36364 wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in an AIX iptrace file. 36365 </description> 36366 </metadata> 36367 <!-- 0f46263d00a0a835ae8b455b8d0c12d8 --> 36368 <criteria operator="AND"> 36369 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36370 <criterion test_ref="oval:org.opensuse.security:tst:2009073022" comment="wireshark less than 1.4.11-0.5.1"/> 36371 </criteria> 36372 </definition> 36373 <definition id="oval:org.opensuse.security:def:20120068" version="1" class="vulnerability"> 36374 <metadata> 36375 <title>CVE-2012-0068</title> 36376 <affected family="unix"> 36377 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36378 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36379 </affected> 36380 <reference ref_id="CVE-2012-0068" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0068" source="CVE"/> 36381 <description> 36382 The lanalyzer_read function in wiretap/lanalyzer.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a Novell catpure file containing a record that is too small. 36383 </description> 36384 </metadata> 36385 <!-- 0f46263d00a0a835ae8b455b8d0c12d8 --> 36386 <criteria operator="AND"> 36387 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36388 <criterion test_ref="oval:org.opensuse.security:tst:2009073022" comment="wireshark less than 1.4.11-0.5.1"/> 36389 </criteria> 36390 </definition> 36391 <definition id="oval:org.opensuse.security:def:20120217" version="1" class="vulnerability"> 36392 <metadata> 36393 <title>CVE-2012-0217</title> 36394 <affected family="unix"> 36395 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36396 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36397 </affected> 36398 <reference ref_id="CVE-2012-0217" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0217" source="CVE"/> 36399 <description> 36400 The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier. 36401 </description> 36402 </metadata> 36403 <!-- c25fa3090bc865a8836ebaff073cd9b6 --> 36404 <criteria operator="AND"> 36405 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36406 <criteria operator="OR"> 36407 <criterion test_ref="oval:org.opensuse.security:tst:2009074544" comment="xen-devel less than 3.2.3_17040_38-0.11.1"/> 36408 <criterion test_ref="oval:org.opensuse.security:tst:2009074545" comment="xen-doc-html less than 3.2.3_17040_38-0.11.1"/> 36409 <criterion test_ref="oval:org.opensuse.security:tst:2009074546" comment="xen-doc-pdf less than 3.2.3_17040_38-0.11.1"/> 36410 <criterion test_ref="oval:org.opensuse.security:tst:2009074547" comment="xen-doc-ps less than 3.2.3_17040_38-0.11.1"/> 36411 <criterion test_ref="oval:org.opensuse.security:tst:2009074548" comment="xen-kmp-bigsmp less than 3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1"/> 36412 <criterion test_ref="oval:org.opensuse.security:tst:2009074549" comment="xen-kmp-default less than 3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1"/> 36413 <criterion test_ref="oval:org.opensuse.security:tst:2009074550" comment="xen-kmp-smp less than 3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1"/> 36414 <criterion test_ref="oval:org.opensuse.security:tst:2009074551" comment="xen-libs-32bit less than 3.2.3_17040_38-0.11.1"/> 36415 <criterion test_ref="oval:org.opensuse.security:tst:2009074552" comment="xen-libs less than 3.2.3_17040_38-0.11.1"/> 36416 <criterion test_ref="oval:org.opensuse.security:tst:2009074553" comment="xen-tools-domU less than 3.2.3_17040_38-0.11.1"/> 36417 <criterion test_ref="oval:org.opensuse.security:tst:2009074554" comment="xen-tools-ioemu less than 3.2.3_17040_38-0.11.1"/> 36418 <criterion test_ref="oval:org.opensuse.security:tst:2009074555" comment="xen-tools less than 3.2.3_17040_38-0.11.1"/> 36419 <criterion test_ref="oval:org.opensuse.security:tst:2009074556" comment="xen less than 3.2.3_17040_38-0.11.1"/> 36420 </criteria> 36421 </criteria> 36422 </definition> 36423 <definition id="oval:org.opensuse.security:def:20120218" version="1" class="vulnerability"> 36424 <metadata> 36425 <title>CVE-2012-0218</title> 36426 <affected family="unix"> 36427 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36428 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36429 </affected> 36430 <reference ref_id="CVE-2012-0218" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0218" source="CVE"/> 36431 <description> 36432 Xen 3.4, 4.0, and 4.1, when the guest OS has not registered a handler for a syscall or sysenter instruction, does not properly clear a flag for exception injection when injecting a General Protection Fault, which allows local PV guest OS users to cause a denial of service (guest crash) by later triggering an exception that would normally be handled within Xen. 36433 </description> 36434 </metadata> 36435 <!-- c25fa3090bc865a8836ebaff073cd9b6 --> 36436 <criteria operator="AND"> 36437 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36438 <criteria operator="OR"> 36439 <criterion test_ref="oval:org.opensuse.security:tst:2009074544" comment="xen-devel less than 3.2.3_17040_38-0.11.1"/> 36440 <criterion test_ref="oval:org.opensuse.security:tst:2009074545" comment="xen-doc-html less than 3.2.3_17040_38-0.11.1"/> 36441 <criterion test_ref="oval:org.opensuse.security:tst:2009074546" comment="xen-doc-pdf less than 3.2.3_17040_38-0.11.1"/> 36442 <criterion test_ref="oval:org.opensuse.security:tst:2009074547" comment="xen-doc-ps less than 3.2.3_17040_38-0.11.1"/> 36443 <criterion test_ref="oval:org.opensuse.security:tst:2009074548" comment="xen-kmp-bigsmp less than 3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1"/> 36444 <criterion test_ref="oval:org.opensuse.security:tst:2009074549" comment="xen-kmp-default less than 3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1"/> 36445 <criterion test_ref="oval:org.opensuse.security:tst:2009074550" comment="xen-kmp-smp less than 3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1"/> 36446 <criterion test_ref="oval:org.opensuse.security:tst:2009074551" comment="xen-libs-32bit less than 3.2.3_17040_38-0.11.1"/> 36447 <criterion test_ref="oval:org.opensuse.security:tst:2009074552" comment="xen-libs less than 3.2.3_17040_38-0.11.1"/> 36448 <criterion test_ref="oval:org.opensuse.security:tst:2009074553" comment="xen-tools-domU less than 3.2.3_17040_38-0.11.1"/> 36449 <criterion test_ref="oval:org.opensuse.security:tst:2009074554" comment="xen-tools-ioemu less than 3.2.3_17040_38-0.11.1"/> 36450 <criterion test_ref="oval:org.opensuse.security:tst:2009074555" comment="xen-tools less than 3.2.3_17040_38-0.11.1"/> 36451 <criterion test_ref="oval:org.opensuse.security:tst:2009074556" comment="xen less than 3.2.3_17040_38-0.11.1"/> 36452 </criteria> 36453 </criteria> 36454 </definition> 36455 <definition id="oval:org.opensuse.security:def:20120219" version="1" class="vulnerability"> 36456 <metadata> 36457 <title>CVE-2012-0219</title> 36458 <affected family="unix"> 36459 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36460 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36461 </affected> 36462 <reference ref_id="CVE-2012-0219" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0219" source="CVE"/> 36463 <description> 36464 Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address. 36465 </description> 36466 </metadata> 36467 <!-- 26d6956b5e38b37b8fb00575dde970ba --> 36468 <criteria operator="AND"> 36469 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36470 <criterion test_ref="oval:org.opensuse.security:tst:2009074797" comment="socat less than 1.7.0.0-1.10.1"/> 36471 </criteria> 36472 </definition> 36473 <definition id="oval:org.opensuse.security:def:20120247" version="1" class="vulnerability"> 36474 <metadata> 36475 <title>CVE-2012-0247</title> 36476 <affected family="unix"> 36477 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36478 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36479 </affected> 36480 <reference ref_id="CVE-2012-0247" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0247" source="CVE"/> 36481 <description> 36482 ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image. 36483 </description> 36484 </metadata> 36485 <!-- 73ca451abc4b60d47f7346db66e99f9a --> 36486 <criteria operator="AND"> 36487 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36488 <criteria operator="OR"> 36489 <criterion test_ref="oval:org.opensuse.security:tst:2009074678" comment="ImageMagick-Magick++ less than 6.2.5-16.34.1"/> 36490 <criterion test_ref="oval:org.opensuse.security:tst:2009074679" comment="ImageMagick-devel less than 6.2.5-16.34.1"/> 36491 <criterion test_ref="oval:org.opensuse.security:tst:2009074680" comment="ImageMagick less than 6.2.5-16.34.1"/> 36492 <criterion test_ref="oval:org.opensuse.security:tst:2009074681" comment="perl-PerlMagick less than 6.2.5-16.34.1"/> 36493 </criteria> 36494 </criteria> 36495 </definition> 36496 <definition id="oval:org.opensuse.security:def:20120248" version="1" class="vulnerability"> 36497 <metadata> 36498 <title>CVE-2012-0248</title> 36499 <affected family="unix"> 36500 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36501 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36502 </affected> 36503 <reference ref_id="CVE-2012-0248" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0248" source="CVE"/> 36504 <description> 36505 ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF. 36506 </description> 36507 </metadata> 36508 <!-- 73ca451abc4b60d47f7346db66e99f9a --> 36509 <criteria operator="AND"> 36510 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36511 <criteria operator="OR"> 36512 <criterion test_ref="oval:org.opensuse.security:tst:2009074678" comment="ImageMagick-Magick++ less than 6.2.5-16.34.1"/> 36513 <criterion test_ref="oval:org.opensuse.security:tst:2009074679" comment="ImageMagick-devel less than 6.2.5-16.34.1"/> 36514 <criterion test_ref="oval:org.opensuse.security:tst:2009074680" comment="ImageMagick less than 6.2.5-16.34.1"/> 36515 <criterion test_ref="oval:org.opensuse.security:tst:2009074681" comment="perl-PerlMagick less than 6.2.5-16.34.1"/> 36516 </criteria> 36517 </criteria> 36518 </definition> 36519 <definition id="oval:org.opensuse.security:def:20120259" version="1" class="vulnerability"> 36520 <metadata> 36521 <title>CVE-2012-0259</title> 36522 <affected family="unix"> 36523 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36524 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36525 </affected> 36526 <reference ref_id="CVE-2012-0259" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0259" source="CVE"/> 36527 <description> 36528 The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read. 36529 </description> 36530 </metadata> 36531 <!-- 73ca451abc4b60d47f7346db66e99f9a --> 36532 <criteria operator="AND"> 36533 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36534 <criteria operator="OR"> 36535 <criterion test_ref="oval:org.opensuse.security:tst:2009074678" comment="ImageMagick-Magick++ less than 6.2.5-16.34.1"/> 36536 <criterion test_ref="oval:org.opensuse.security:tst:2009074679" comment="ImageMagick-devel less than 6.2.5-16.34.1"/> 36537 <criterion test_ref="oval:org.opensuse.security:tst:2009074680" comment="ImageMagick less than 6.2.5-16.34.1"/> 36538 <criterion test_ref="oval:org.opensuse.security:tst:2009074681" comment="perl-PerlMagick less than 6.2.5-16.34.1"/> 36539 </criteria> 36540 </criteria> 36541 </definition> 36542 <definition id="oval:org.opensuse.security:def:20120260" version="1" class="vulnerability"> 36543 <metadata> 36544 <title>CVE-2012-0260</title> 36545 <affected family="unix"> 36546 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36547 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36548 </affected> 36549 <reference ref_id="CVE-2012-0260" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0260" source="CVE"/> 36550 <description> 36551 The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers. 36552 </description> 36553 </metadata> 36554 <!-- 73ca451abc4b60d47f7346db66e99f9a --> 36555 <criteria operator="AND"> 36556 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36557 <criteria operator="OR"> 36558 <criterion test_ref="oval:org.opensuse.security:tst:2009074678" comment="ImageMagick-Magick++ less than 6.2.5-16.34.1"/> 36559 <criterion test_ref="oval:org.opensuse.security:tst:2009074679" comment="ImageMagick-devel less than 6.2.5-16.34.1"/> 36560 <criterion test_ref="oval:org.opensuse.security:tst:2009074680" comment="ImageMagick less than 6.2.5-16.34.1"/> 36561 <criterion test_ref="oval:org.opensuse.security:tst:2009074681" comment="perl-PerlMagick less than 6.2.5-16.34.1"/> 36562 </criteria> 36563 </criteria> 36564 </definition> 36565 <definition id="oval:org.opensuse.security:def:20120390" version="1" class="vulnerability"> 36566 <metadata> 36567 <title>CVE-2012-0390</title> 36568 <affected family="unix"> 36569 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36570 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36571 </affected> 36572 <reference ref_id="CVE-2012-0390" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0390" source="CVE"/> 36573 <description> 36574 The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote attackers to recover partial plaintext via a timing side-channel attack, a related issue to CVE-2011-4108. 36575 </description> 36576 </metadata> 36577 <!-- db5ce46e4686a3180984675829d5453e --> 36578 <criteria operator="AND"> 36579 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36580 <criteria operator="OR"> 36581 <criterion test_ref="oval:org.opensuse.security:tst:2009074798" comment="gnutls-32bit less than 1.2.10-13.30.1"/> 36582 <criterion test_ref="oval:org.opensuse.security:tst:2009074799" comment="gnutls-devel-32bit less than 1.2.10-13.30.1"/> 36583 <criterion test_ref="oval:org.opensuse.security:tst:2009074800" comment="gnutls-devel less than 1.2.10-13.30.1"/> 36584 <criterion test_ref="oval:org.opensuse.security:tst:2009074801" comment="gnutls less than 1.2.10-13.30.1"/> 36585 </criteria> 36586 </criteria> 36587 </definition> 36588 <definition id="oval:org.opensuse.security:def:20120427" version="1" class="vulnerability"> 36589 <metadata> 36590 <title>CVE-2012-0427</title> 36591 <affected family="unix"> 36592 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36593 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36594 </affected> 36595 <reference ref_id="CVE-2012-0427" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0427" source="CVE"/> 36596 <description> 36597 yast2-add-on-creator in SUSE inst-source-utils 2008.11.26 before 2008.11.26-0.9.1 and 2012.9.13 before 2012.9.13-0.8.1 allows local users to gain privileges via a crafted (1) file name or (2) directory name. 36598 </description> 36599 </metadata> 36600 <!-- 37a5722f1fdf0e2643b80548de09976b --> 36601 <criteria operator="AND"> 36602 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36603 <criterion test_ref="oval:org.opensuse.security:tst:2009076088" comment="inst-source-utils less than 2008.11.26-0.9.1"/> 36604 </criteria> 36605 </definition> 36606 <definition id="oval:org.opensuse.security:def:20120441" version="1" class="vulnerability"> 36607 <metadata> 36608 <title>CVE-2012-0441</title> 36609 <affected family="unix"> 36610 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36611 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36612 </affected> 36613 <reference ref_id="CVE-2012-0441" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0441" source="CVE"/> 36614 <description> 36615 The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response. 36616 </description> 36617 </metadata> 36618 <!-- 17a6ba181710949a9ded0279ec9b1ffb --> 36619 <criteria operator="AND"> 36620 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36621 <criteria operator="OR"> 36622 <criterion test_ref="oval:org.opensuse.security:tst:2009074645" comment="MozillaFirefox-translations less than 10.0.5-0.8.4"/> 36623 <criterion test_ref="oval:org.opensuse.security:tst:2009074646" comment="MozillaFirefox less than 10.0.5-0.8.4"/> 36624 <criterion test_ref="oval:org.opensuse.security:tst:2009074647" comment="mozilla-nspr-32bit less than 4.9.1-0.8.1"/> 36625 <criterion test_ref="oval:org.opensuse.security:tst:2009074648" comment="mozilla-nspr-devel less than 4.9.1-0.8.1"/> 36626 <criterion test_ref="oval:org.opensuse.security:tst:2009074649" comment="mozilla-nspr less than 4.9.1-0.8.1"/> 36627 <criterion test_ref="oval:org.opensuse.security:tst:2009074650" comment="mozilla-nss-32bit less than 3.13.5-0.7.2"/> 36628 <criterion test_ref="oval:org.opensuse.security:tst:2009074651" comment="mozilla-nss-devel less than 3.13.5-0.7.2"/> 36629 <criterion test_ref="oval:org.opensuse.security:tst:2009074652" comment="mozilla-nss-tools less than 3.13.5-0.7.2"/> 36630 <criterion test_ref="oval:org.opensuse.security:tst:2009074653" comment="mozilla-nss less than 3.13.5-0.7.2"/> 36631 </criteria> 36632 </criteria> 36633 </definition> 36634 <definition id="oval:org.opensuse.security:def:20120442" version="1" class="vulnerability"> 36635 <metadata> 36636 <title>CVE-2012-0442</title> 36637 <affected family="unix"> 36638 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36639 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36640 </affected> 36641 <reference ref_id="CVE-2012-0442" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0442" source="CVE"/> 36642 <description> 36643 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 36644 </description> 36645 </metadata> 36646 <!-- d1ff5a0e9707cb73c751a65b6759427d --> 36647 <criteria operator="AND"> 36648 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36649 <criteria operator="OR"> 36650 <criterion test_ref="oval:org.opensuse.security:tst:2009072905" comment="MozillaFirefox-translations less than 3.6.26-0.6.1"/> 36651 <criterion test_ref="oval:org.opensuse.security:tst:2009072906" comment="MozillaFirefox less than 3.6.26-0.6.1"/> 36652 <criterion test_ref="oval:org.opensuse.security:tst:2009072907" comment="mozilla-xulrunner192-32bit less than 1.9.2.26-0.5.1"/> 36653 <criterion test_ref="oval:org.opensuse.security:tst:2009072908" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.26-0.5.1"/> 36654 <criterion test_ref="oval:org.opensuse.security:tst:2009072909" comment="mozilla-xulrunner192-gnome less than 1.9.2.26-0.5.1"/> 36655 <criterion test_ref="oval:org.opensuse.security:tst:2009072910" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.26-0.5.1"/> 36656 <criterion test_ref="oval:org.opensuse.security:tst:2009072911" comment="mozilla-xulrunner192-translations less than 1.9.2.26-0.5.1"/> 36657 <criterion test_ref="oval:org.opensuse.security:tst:2009072912" comment="mozilla-xulrunner192 less than 1.9.2.26-0.5.1"/> 36658 </criteria> 36659 </criteria> 36660 </definition> 36661 <definition id="oval:org.opensuse.security:def:20120444" version="1" class="vulnerability"> 36662 <metadata> 36663 <title>CVE-2012-0444</title> 36664 <affected family="unix"> 36665 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36666 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36667 </affected> 36668 <reference ref_id="CVE-2012-0444" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0444" source="CVE"/> 36669 <description> 36670 Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file. 36671 </description> 36672 </metadata> 36673 <criteria operator="OR"> 36674 <!-- 56f02ce23b1f6abe181f7e00c3bc1f23 --> 36675 <criteria operator="AND"> 36676 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36677 <criteria operator="OR"> 36678 <criterion test_ref="oval:org.opensuse.security:tst:2009073154" comment="libvorbis-32bit less than 1.1.2-13.19.1"/> 36679 <criterion test_ref="oval:org.opensuse.security:tst:2009073155" comment="libvorbis-devel less than 1.1.2-13.19.1"/> 36680 <criterion test_ref="oval:org.opensuse.security:tst:2009073156" comment="libvorbis less than 1.1.2-13.19.1"/> 36681 </criteria> 36682 </criteria> 36683 <!-- d1ff5a0e9707cb73c751a65b6759427d --> 36684 <criteria operator="AND"> 36685 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36686 <criteria operator="OR"> 36687 <criterion test_ref="oval:org.opensuse.security:tst:2009072905" comment="MozillaFirefox-translations less than 3.6.26-0.6.1"/> 36688 <criterion test_ref="oval:org.opensuse.security:tst:2009072906" comment="MozillaFirefox less than 3.6.26-0.6.1"/> 36689 <criterion test_ref="oval:org.opensuse.security:tst:2009072907" comment="mozilla-xulrunner192-32bit less than 1.9.2.26-0.5.1"/> 36690 <criterion test_ref="oval:org.opensuse.security:tst:2009072908" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.26-0.5.1"/> 36691 <criterion test_ref="oval:org.opensuse.security:tst:2009072909" comment="mozilla-xulrunner192-gnome less than 1.9.2.26-0.5.1"/> 36692 <criterion test_ref="oval:org.opensuse.security:tst:2009072910" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.26-0.5.1"/> 36693 <criterion test_ref="oval:org.opensuse.security:tst:2009072911" comment="mozilla-xulrunner192-translations less than 1.9.2.26-0.5.1"/> 36694 <criterion test_ref="oval:org.opensuse.security:tst:2009072912" comment="mozilla-xulrunner192 less than 1.9.2.26-0.5.1"/> 36695 </criteria> 36696 </criteria> 36697 </criteria> 36698 </definition> 36699 <definition id="oval:org.opensuse.security:def:20120449" version="1" class="vulnerability"> 36700 <metadata> 36701 <title>CVE-2012-0449</title> 36702 <affected family="unix"> 36703 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36704 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36705 </affected> 36706 <reference ref_id="CVE-2012-0449" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0449" source="CVE"/> 36707 <description> 36708 Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document. 36709 </description> 36710 </metadata> 36711 <!-- d1ff5a0e9707cb73c751a65b6759427d --> 36712 <criteria operator="AND"> 36713 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36714 <criteria operator="OR"> 36715 <criterion test_ref="oval:org.opensuse.security:tst:2009072905" comment="MozillaFirefox-translations less than 3.6.26-0.6.1"/> 36716 <criterion test_ref="oval:org.opensuse.security:tst:2009072906" comment="MozillaFirefox less than 3.6.26-0.6.1"/> 36717 <criterion test_ref="oval:org.opensuse.security:tst:2009072907" comment="mozilla-xulrunner192-32bit less than 1.9.2.26-0.5.1"/> 36718 <criterion test_ref="oval:org.opensuse.security:tst:2009072908" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.26-0.5.1"/> 36719 <criterion test_ref="oval:org.opensuse.security:tst:2009072909" comment="mozilla-xulrunner192-gnome less than 1.9.2.26-0.5.1"/> 36720 <criterion test_ref="oval:org.opensuse.security:tst:2009072910" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.26-0.5.1"/> 36721 <criterion test_ref="oval:org.opensuse.security:tst:2009072911" comment="mozilla-xulrunner192-translations less than 1.9.2.26-0.5.1"/> 36722 <criterion test_ref="oval:org.opensuse.security:tst:2009072912" comment="mozilla-xulrunner192 less than 1.9.2.26-0.5.1"/> 36723 </criteria> 36724 </criteria> 36725 </definition> 36726 <definition id="oval:org.opensuse.security:def:20120455" version="1" class="vulnerability"> 36727 <metadata> 36728 <title>CVE-2012-0455</title> 36729 <affected family="unix"> 36730 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36731 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36732 </affected> 36733 <reference ref_id="CVE-2012-0455" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0455" source="CVE"/> 36734 <description> 36735 Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on javascript: URLs, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web page, related to a "DragAndDropJacking" issue. 36736 </description> 36737 </metadata> 36738 <!-- 3cbbf6dfa64d498549bb143a54005d87 --> 36739 <criteria operator="AND"> 36740 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36741 <criteria operator="OR"> 36742 <criterion test_ref="oval:org.opensuse.security:tst:2009073368" comment="MozillaFirefox-translations less than 3.6.28-0.5.2"/> 36743 <criterion test_ref="oval:org.opensuse.security:tst:2009073369" comment="MozillaFirefox less than 3.6.28-0.5.2"/> 36744 <criterion test_ref="oval:org.opensuse.security:tst:2009073370" comment="mozilla-nspr-32bit less than 4.9.0-0.6.1"/> 36745 <criterion test_ref="oval:org.opensuse.security:tst:2009073371" comment="mozilla-nspr-devel less than 4.9.0-0.6.1"/> 36746 <criterion test_ref="oval:org.opensuse.security:tst:2009073372" comment="mozilla-nspr less than 4.9.0-0.6.1"/> 36747 <criterion test_ref="oval:org.opensuse.security:tst:2009073373" comment="mozilla-nss-32bit less than 3.13.3-0.5.1"/> 36748 <criterion test_ref="oval:org.opensuse.security:tst:2009073374" comment="mozilla-nss-devel less than 3.13.3-0.5.1"/> 36749 <criterion test_ref="oval:org.opensuse.security:tst:2009073375" comment="mozilla-nss-tools less than 3.13.3-0.5.1"/> 36750 <criterion test_ref="oval:org.opensuse.security:tst:2009073376" comment="mozilla-nss less than 3.13.3-0.5.1"/> 36751 <criterion test_ref="oval:org.opensuse.security:tst:2009073377" comment="mozilla-xulrunner192-32bit less than 1.9.2.28-0.7.1"/> 36752 <criterion test_ref="oval:org.opensuse.security:tst:2009073378" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.28-0.7.1"/> 36753 <criterion test_ref="oval:org.opensuse.security:tst:2009073379" comment="mozilla-xulrunner192-gnome less than 1.9.2.28-0.7.1"/> 36754 <criterion test_ref="oval:org.opensuse.security:tst:2009073380" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.28-0.7.1"/> 36755 <criterion test_ref="oval:org.opensuse.security:tst:2009073381" comment="mozilla-xulrunner192-translations less than 1.9.2.28-0.7.1"/> 36756 <criterion test_ref="oval:org.opensuse.security:tst:2009073382" comment="mozilla-xulrunner192 less than 1.9.2.28-0.7.1"/> 36757 </criteria> 36758 </criteria> 36759 </definition> 36760 <definition id="oval:org.opensuse.security:def:20120456" version="1" class="vulnerability"> 36761 <metadata> 36762 <title>CVE-2012-0456</title> 36763 <affected family="unix"> 36764 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36765 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36766 </affected> 36767 <reference ref_id="CVE-2012-0456" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0456" source="CVE"/> 36768 <description> 36769 The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to obtain sensitive information from process memory via vectors that trigger an out-of-bounds read. 36770 </description> 36771 </metadata> 36772 <!-- 3cbbf6dfa64d498549bb143a54005d87 --> 36773 <criteria operator="AND"> 36774 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36775 <criteria operator="OR"> 36776 <criterion test_ref="oval:org.opensuse.security:tst:2009073368" comment="MozillaFirefox-translations less than 3.6.28-0.5.2"/> 36777 <criterion test_ref="oval:org.opensuse.security:tst:2009073369" comment="MozillaFirefox less than 3.6.28-0.5.2"/> 36778 <criterion test_ref="oval:org.opensuse.security:tst:2009073370" comment="mozilla-nspr-32bit less than 4.9.0-0.6.1"/> 36779 <criterion test_ref="oval:org.opensuse.security:tst:2009073371" comment="mozilla-nspr-devel less than 4.9.0-0.6.1"/> 36780 <criterion test_ref="oval:org.opensuse.security:tst:2009073372" comment="mozilla-nspr less than 4.9.0-0.6.1"/> 36781 <criterion test_ref="oval:org.opensuse.security:tst:2009073373" comment="mozilla-nss-32bit less than 3.13.3-0.5.1"/> 36782 <criterion test_ref="oval:org.opensuse.security:tst:2009073374" comment="mozilla-nss-devel less than 3.13.3-0.5.1"/> 36783 <criterion test_ref="oval:org.opensuse.security:tst:2009073375" comment="mozilla-nss-tools less than 3.13.3-0.5.1"/> 36784 <criterion test_ref="oval:org.opensuse.security:tst:2009073376" comment="mozilla-nss less than 3.13.3-0.5.1"/> 36785 <criterion test_ref="oval:org.opensuse.security:tst:2009073377" comment="mozilla-xulrunner192-32bit less than 1.9.2.28-0.7.1"/> 36786 <criterion test_ref="oval:org.opensuse.security:tst:2009073378" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.28-0.7.1"/> 36787 <criterion test_ref="oval:org.opensuse.security:tst:2009073379" comment="mozilla-xulrunner192-gnome less than 1.9.2.28-0.7.1"/> 36788 <criterion test_ref="oval:org.opensuse.security:tst:2009073380" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.28-0.7.1"/> 36789 <criterion test_ref="oval:org.opensuse.security:tst:2009073381" comment="mozilla-xulrunner192-translations less than 1.9.2.28-0.7.1"/> 36790 <criterion test_ref="oval:org.opensuse.security:tst:2009073382" comment="mozilla-xulrunner192 less than 1.9.2.28-0.7.1"/> 36791 </criteria> 36792 </criteria> 36793 </definition> 36794 <definition id="oval:org.opensuse.security:def:20120457" version="1" class="vulnerability"> 36795 <metadata> 36796 <title>CVE-2012-0457</title> 36797 <affected family="unix"> 36798 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36799 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36800 </affected> 36801 <reference ref_id="CVE-2012-0457" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0457" source="CVE"/> 36802 <description> 36803 Use-after-free vulnerability in the nsSMILTimeValueSpec::ConvertBetweenTimeContainer function in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to execute arbitrary code via an SVG animation. 36804 </description> 36805 </metadata> 36806 <!-- 3cbbf6dfa64d498549bb143a54005d87 --> 36807 <criteria operator="AND"> 36808 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36809 <criteria operator="OR"> 36810 <criterion test_ref="oval:org.opensuse.security:tst:2009073368" comment="MozillaFirefox-translations less than 3.6.28-0.5.2"/> 36811 <criterion test_ref="oval:org.opensuse.security:tst:2009073369" comment="MozillaFirefox less than 3.6.28-0.5.2"/> 36812 <criterion test_ref="oval:org.opensuse.security:tst:2009073370" comment="mozilla-nspr-32bit less than 4.9.0-0.6.1"/> 36813 <criterion test_ref="oval:org.opensuse.security:tst:2009073371" comment="mozilla-nspr-devel less than 4.9.0-0.6.1"/> 36814 <criterion test_ref="oval:org.opensuse.security:tst:2009073372" comment="mozilla-nspr less than 4.9.0-0.6.1"/> 36815 <criterion test_ref="oval:org.opensuse.security:tst:2009073373" comment="mozilla-nss-32bit less than 3.13.3-0.5.1"/> 36816 <criterion test_ref="oval:org.opensuse.security:tst:2009073374" comment="mozilla-nss-devel less than 3.13.3-0.5.1"/> 36817 <criterion test_ref="oval:org.opensuse.security:tst:2009073375" comment="mozilla-nss-tools less than 3.13.3-0.5.1"/> 36818 <criterion test_ref="oval:org.opensuse.security:tst:2009073376" comment="mozilla-nss less than 3.13.3-0.5.1"/> 36819 <criterion test_ref="oval:org.opensuse.security:tst:2009073377" comment="mozilla-xulrunner192-32bit less than 1.9.2.28-0.7.1"/> 36820 <criterion test_ref="oval:org.opensuse.security:tst:2009073378" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.28-0.7.1"/> 36821 <criterion test_ref="oval:org.opensuse.security:tst:2009073379" comment="mozilla-xulrunner192-gnome less than 1.9.2.28-0.7.1"/> 36822 <criterion test_ref="oval:org.opensuse.security:tst:2009073380" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.28-0.7.1"/> 36823 <criterion test_ref="oval:org.opensuse.security:tst:2009073381" comment="mozilla-xulrunner192-translations less than 1.9.2.28-0.7.1"/> 36824 <criterion test_ref="oval:org.opensuse.security:tst:2009073382" comment="mozilla-xulrunner192 less than 1.9.2.28-0.7.1"/> 36825 </criteria> 36826 </criteria> 36827 </definition> 36828 <definition id="oval:org.opensuse.security:def:20120458" version="1" class="vulnerability"> 36829 <metadata> 36830 <title>CVE-2012-0458</title> 36831 <affected family="unix"> 36832 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36833 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36834 </affected> 36835 <reference ref_id="CVE-2012-0458" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0458" source="CVE"/> 36836 <description> 36837 Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict setting the home page through the dragging of a URL to the home button, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a javascript: URL that is later interpreted in the about:sessionrestore context. 36838 </description> 36839 </metadata> 36840 <!-- 3cbbf6dfa64d498549bb143a54005d87 --> 36841 <criteria operator="AND"> 36842 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36843 <criteria operator="OR"> 36844 <criterion test_ref="oval:org.opensuse.security:tst:2009073368" comment="MozillaFirefox-translations less than 3.6.28-0.5.2"/> 36845 <criterion test_ref="oval:org.opensuse.security:tst:2009073369" comment="MozillaFirefox less than 3.6.28-0.5.2"/> 36846 <criterion test_ref="oval:org.opensuse.security:tst:2009073370" comment="mozilla-nspr-32bit less than 4.9.0-0.6.1"/> 36847 <criterion test_ref="oval:org.opensuse.security:tst:2009073371" comment="mozilla-nspr-devel less than 4.9.0-0.6.1"/> 36848 <criterion test_ref="oval:org.opensuse.security:tst:2009073372" comment="mozilla-nspr less than 4.9.0-0.6.1"/> 36849 <criterion test_ref="oval:org.opensuse.security:tst:2009073373" comment="mozilla-nss-32bit less than 3.13.3-0.5.1"/> 36850 <criterion test_ref="oval:org.opensuse.security:tst:2009073374" comment="mozilla-nss-devel less than 3.13.3-0.5.1"/> 36851 <criterion test_ref="oval:org.opensuse.security:tst:2009073375" comment="mozilla-nss-tools less than 3.13.3-0.5.1"/> 36852 <criterion test_ref="oval:org.opensuse.security:tst:2009073376" comment="mozilla-nss less than 3.13.3-0.5.1"/> 36853 <criterion test_ref="oval:org.opensuse.security:tst:2009073377" comment="mozilla-xulrunner192-32bit less than 1.9.2.28-0.7.1"/> 36854 <criterion test_ref="oval:org.opensuse.security:tst:2009073378" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.28-0.7.1"/> 36855 <criterion test_ref="oval:org.opensuse.security:tst:2009073379" comment="mozilla-xulrunner192-gnome less than 1.9.2.28-0.7.1"/> 36856 <criterion test_ref="oval:org.opensuse.security:tst:2009073380" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.28-0.7.1"/> 36857 <criterion test_ref="oval:org.opensuse.security:tst:2009073381" comment="mozilla-xulrunner192-translations less than 1.9.2.28-0.7.1"/> 36858 <criterion test_ref="oval:org.opensuse.security:tst:2009073382" comment="mozilla-xulrunner192 less than 1.9.2.28-0.7.1"/> 36859 </criteria> 36860 </criteria> 36861 </definition> 36862 <definition id="oval:org.opensuse.security:def:20120461" version="1" class="vulnerability"> 36863 <metadata> 36864 <title>CVE-2012-0461</title> 36865 <affected family="unix"> 36866 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36867 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36868 </affected> 36869 <reference ref_id="CVE-2012-0461" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0461" source="CVE"/> 36870 <description> 36871 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 36872 </description> 36873 </metadata> 36874 <!-- 3cbbf6dfa64d498549bb143a54005d87 --> 36875 <criteria operator="AND"> 36876 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36877 <criteria operator="OR"> 36878 <criterion test_ref="oval:org.opensuse.security:tst:2009073368" comment="MozillaFirefox-translations less than 3.6.28-0.5.2"/> 36879 <criterion test_ref="oval:org.opensuse.security:tst:2009073369" comment="MozillaFirefox less than 3.6.28-0.5.2"/> 36880 <criterion test_ref="oval:org.opensuse.security:tst:2009073370" comment="mozilla-nspr-32bit less than 4.9.0-0.6.1"/> 36881 <criterion test_ref="oval:org.opensuse.security:tst:2009073371" comment="mozilla-nspr-devel less than 4.9.0-0.6.1"/> 36882 <criterion test_ref="oval:org.opensuse.security:tst:2009073372" comment="mozilla-nspr less than 4.9.0-0.6.1"/> 36883 <criterion test_ref="oval:org.opensuse.security:tst:2009073373" comment="mozilla-nss-32bit less than 3.13.3-0.5.1"/> 36884 <criterion test_ref="oval:org.opensuse.security:tst:2009073374" comment="mozilla-nss-devel less than 3.13.3-0.5.1"/> 36885 <criterion test_ref="oval:org.opensuse.security:tst:2009073375" comment="mozilla-nss-tools less than 3.13.3-0.5.1"/> 36886 <criterion test_ref="oval:org.opensuse.security:tst:2009073376" comment="mozilla-nss less than 3.13.3-0.5.1"/> 36887 <criterion test_ref="oval:org.opensuse.security:tst:2009073377" comment="mozilla-xulrunner192-32bit less than 1.9.2.28-0.7.1"/> 36888 <criterion test_ref="oval:org.opensuse.security:tst:2009073378" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.28-0.7.1"/> 36889 <criterion test_ref="oval:org.opensuse.security:tst:2009073379" comment="mozilla-xulrunner192-gnome less than 1.9.2.28-0.7.1"/> 36890 <criterion test_ref="oval:org.opensuse.security:tst:2009073380" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.28-0.7.1"/> 36891 <criterion test_ref="oval:org.opensuse.security:tst:2009073381" comment="mozilla-xulrunner192-translations less than 1.9.2.28-0.7.1"/> 36892 <criterion test_ref="oval:org.opensuse.security:tst:2009073382" comment="mozilla-xulrunner192 less than 1.9.2.28-0.7.1"/> 36893 </criteria> 36894 </criteria> 36895 </definition> 36896 <definition id="oval:org.opensuse.security:def:20120462" version="1" class="vulnerability"> 36897 <metadata> 36898 <title>CVE-2012-0462</title> 36899 <affected family="unix"> 36900 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36901 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36902 </affected> 36903 <reference ref_id="CVE-2012-0462" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0462" source="CVE"/> 36904 <description> 36905 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 36906 </description> 36907 </metadata> 36908 <!-- 3cbbf6dfa64d498549bb143a54005d87 --> 36909 <criteria operator="AND"> 36910 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36911 <criteria operator="OR"> 36912 <criterion test_ref="oval:org.opensuse.security:tst:2009073368" comment="MozillaFirefox-translations less than 3.6.28-0.5.2"/> 36913 <criterion test_ref="oval:org.opensuse.security:tst:2009073369" comment="MozillaFirefox less than 3.6.28-0.5.2"/> 36914 <criterion test_ref="oval:org.opensuse.security:tst:2009073370" comment="mozilla-nspr-32bit less than 4.9.0-0.6.1"/> 36915 <criterion test_ref="oval:org.opensuse.security:tst:2009073371" comment="mozilla-nspr-devel less than 4.9.0-0.6.1"/> 36916 <criterion test_ref="oval:org.opensuse.security:tst:2009073372" comment="mozilla-nspr less than 4.9.0-0.6.1"/> 36917 <criterion test_ref="oval:org.opensuse.security:tst:2009073373" comment="mozilla-nss-32bit less than 3.13.3-0.5.1"/> 36918 <criterion test_ref="oval:org.opensuse.security:tst:2009073374" comment="mozilla-nss-devel less than 3.13.3-0.5.1"/> 36919 <criterion test_ref="oval:org.opensuse.security:tst:2009073375" comment="mozilla-nss-tools less than 3.13.3-0.5.1"/> 36920 <criterion test_ref="oval:org.opensuse.security:tst:2009073376" comment="mozilla-nss less than 3.13.3-0.5.1"/> 36921 <criterion test_ref="oval:org.opensuse.security:tst:2009073377" comment="mozilla-xulrunner192-32bit less than 1.9.2.28-0.7.1"/> 36922 <criterion test_ref="oval:org.opensuse.security:tst:2009073378" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.28-0.7.1"/> 36923 <criterion test_ref="oval:org.opensuse.security:tst:2009073379" comment="mozilla-xulrunner192-gnome less than 1.9.2.28-0.7.1"/> 36924 <criterion test_ref="oval:org.opensuse.security:tst:2009073380" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.28-0.7.1"/> 36925 <criterion test_ref="oval:org.opensuse.security:tst:2009073381" comment="mozilla-xulrunner192-translations less than 1.9.2.28-0.7.1"/> 36926 <criterion test_ref="oval:org.opensuse.security:tst:2009073382" comment="mozilla-xulrunner192 less than 1.9.2.28-0.7.1"/> 36927 </criteria> 36928 </criteria> 36929 </definition> 36930 <definition id="oval:org.opensuse.security:def:20120463" version="1" class="vulnerability"> 36931 <metadata> 36932 <title>CVE-2012-0463</title> 36933 <affected family="unix"> 36934 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36935 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36936 </affected> 36937 <reference ref_id="CVE-2012-0463" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0463" source="CVE"/> 36938 <description> 36939 The nsWindow implementation in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 does not check the validity of an instance after event dispatching, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, as demonstrated by Mobile Firefox on Android. 36940 </description> 36941 </metadata> 36942 <!-- 3cbbf6dfa64d498549bb143a54005d87 --> 36943 <criteria operator="AND"> 36944 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36945 <criteria operator="OR"> 36946 <criterion test_ref="oval:org.opensuse.security:tst:2009073368" comment="MozillaFirefox-translations less than 3.6.28-0.5.2"/> 36947 <criterion test_ref="oval:org.opensuse.security:tst:2009073369" comment="MozillaFirefox less than 3.6.28-0.5.2"/> 36948 <criterion test_ref="oval:org.opensuse.security:tst:2009073370" comment="mozilla-nspr-32bit less than 4.9.0-0.6.1"/> 36949 <criterion test_ref="oval:org.opensuse.security:tst:2009073371" comment="mozilla-nspr-devel less than 4.9.0-0.6.1"/> 36950 <criterion test_ref="oval:org.opensuse.security:tst:2009073372" comment="mozilla-nspr less than 4.9.0-0.6.1"/> 36951 <criterion test_ref="oval:org.opensuse.security:tst:2009073373" comment="mozilla-nss-32bit less than 3.13.3-0.5.1"/> 36952 <criterion test_ref="oval:org.opensuse.security:tst:2009073374" comment="mozilla-nss-devel less than 3.13.3-0.5.1"/> 36953 <criterion test_ref="oval:org.opensuse.security:tst:2009073375" comment="mozilla-nss-tools less than 3.13.3-0.5.1"/> 36954 <criterion test_ref="oval:org.opensuse.security:tst:2009073376" comment="mozilla-nss less than 3.13.3-0.5.1"/> 36955 <criterion test_ref="oval:org.opensuse.security:tst:2009073377" comment="mozilla-xulrunner192-32bit less than 1.9.2.28-0.7.1"/> 36956 <criterion test_ref="oval:org.opensuse.security:tst:2009073378" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.28-0.7.1"/> 36957 <criterion test_ref="oval:org.opensuse.security:tst:2009073379" comment="mozilla-xulrunner192-gnome less than 1.9.2.28-0.7.1"/> 36958 <criterion test_ref="oval:org.opensuse.security:tst:2009073380" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.28-0.7.1"/> 36959 <criterion test_ref="oval:org.opensuse.security:tst:2009073381" comment="mozilla-xulrunner192-translations less than 1.9.2.28-0.7.1"/> 36960 <criterion test_ref="oval:org.opensuse.security:tst:2009073382" comment="mozilla-xulrunner192 less than 1.9.2.28-0.7.1"/> 36961 </criteria> 36962 </criteria> 36963 </definition> 36964 <definition id="oval:org.opensuse.security:def:20120464" version="1" class="vulnerability"> 36965 <metadata> 36966 <title>CVE-2012-0464</title> 36967 <affected family="unix"> 36968 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 36969 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 36970 </affected> 36971 <reference ref_id="CVE-2012-0464" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0464" source="CVE"/> 36972 <description> 36973 Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to execute arbitrary code via vectors involving an empty argument to the array.join function in conjunction with the triggering of garbage collection. 36974 </description> 36975 </metadata> 36976 <!-- 3cbbf6dfa64d498549bb143a54005d87 --> 36977 <criteria operator="AND"> 36978 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 36979 <criteria operator="OR"> 36980 <criterion test_ref="oval:org.opensuse.security:tst:2009073368" comment="MozillaFirefox-translations less than 3.6.28-0.5.2"/> 36981 <criterion test_ref="oval:org.opensuse.security:tst:2009073369" comment="MozillaFirefox less than 3.6.28-0.5.2"/> 36982 <criterion test_ref="oval:org.opensuse.security:tst:2009073370" comment="mozilla-nspr-32bit less than 4.9.0-0.6.1"/> 36983 <criterion test_ref="oval:org.opensuse.security:tst:2009073371" comment="mozilla-nspr-devel less than 4.9.0-0.6.1"/> 36984 <criterion test_ref="oval:org.opensuse.security:tst:2009073372" comment="mozilla-nspr less than 4.9.0-0.6.1"/> 36985 <criterion test_ref="oval:org.opensuse.security:tst:2009073373" comment="mozilla-nss-32bit less than 3.13.3-0.5.1"/> 36986 <criterion test_ref="oval:org.opensuse.security:tst:2009073374" comment="mozilla-nss-devel less than 3.13.3-0.5.1"/> 36987 <criterion test_ref="oval:org.opensuse.security:tst:2009073375" comment="mozilla-nss-tools less than 3.13.3-0.5.1"/> 36988 <criterion test_ref="oval:org.opensuse.security:tst:2009073376" comment="mozilla-nss less than 3.13.3-0.5.1"/> 36989 <criterion test_ref="oval:org.opensuse.security:tst:2009073377" comment="mozilla-xulrunner192-32bit less than 1.9.2.28-0.7.1"/> 36990 <criterion test_ref="oval:org.opensuse.security:tst:2009073378" comment="mozilla-xulrunner192-gnome-32bit less than 1.9.2.28-0.7.1"/> 36991 <criterion test_ref="oval:org.opensuse.security:tst:2009073379" comment="mozilla-xulrunner192-gnome less than 1.9.2.28-0.7.1"/> 36992 <criterion test_ref="oval:org.opensuse.security:tst:2009073380" comment="mozilla-xulrunner192-translations-32bit less than 1.9.2.28-0.7.1"/> 36993 <criterion test_ref="oval:org.opensuse.security:tst:2009073381" comment="mozilla-xulrunner192-translations less than 1.9.2.28-0.7.1"/> 36994 <criterion test_ref="oval:org.opensuse.security:tst:2009073382" comment="mozilla-xulrunner192 less than 1.9.2.28-0.7.1"/> 36995 </criteria> 36996 </criteria> 36997 </definition> 36998 <definition id="oval:org.opensuse.security:def:20120467" version="1" class="vulnerability"> 36999 <metadata> 37000 <title>CVE-2012-0467</title> 37001 <affected family="unix"> 37002 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37003 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37004 </affected> 37005 <reference ref_id="CVE-2012-0467" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0467" source="CVE"/> 37006 <description> 37007 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 37008 </description> 37009 </metadata> 37010 <!-- f83092661fed82089220795937f323d2 --> 37011 <criteria operator="AND"> 37012 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37013 <criteria operator="OR"> 37014 <criterion test_ref="oval:org.opensuse.security:tst:2009074355" comment="MozillaFirefox-branding-SLED less than 7-0.8.12"/> 37015 <criterion test_ref="oval:org.opensuse.security:tst:2009074356" comment="MozillaFirefox-translations less than 10.0.4-0.7.6"/> 37016 <criterion test_ref="oval:org.opensuse.security:tst:2009074357" comment="MozillaFirefox less than 10.0.4-0.7.6"/> 37017 <criterion test_ref="oval:org.opensuse.security:tst:2009074358" comment="beagle-evolution less than 0.2.18-78.13.1.102"/> 37018 <criterion test_ref="oval:org.opensuse.security:tst:2009074359" comment="beagle-firefox less than 0.2.18-78.13.1.102"/> 37019 <criterion test_ref="oval:org.opensuse.security:tst:2009074360" comment="beagle-gui less than 0.2.18-78.13.1.102"/> 37020 <criterion test_ref="oval:org.opensuse.security:tst:2009074361" comment="beagle less than 0.2.18-78.13.1.102"/> 37021 <criterion test_ref="oval:org.opensuse.security:tst:2009074362" comment="firefox3-gtk2-32bit less than 2.10.6-0.10.1"/> 37022 <criterion test_ref="oval:org.opensuse.security:tst:2009074363" comment="firefox3-gtk2 less than 2.10.6-0.10.1"/> 37023 <criterion test_ref="oval:org.opensuse.security:tst:2009074364" comment="mhtml-firefox less than 0.5-1.11.5"/> 37024 <criterion test_ref="oval:org.opensuse.security:tst:2009074365" comment="mozilla-nss-32bit less than 3.13.4-0.5.5"/> 37025 <criterion test_ref="oval:org.opensuse.security:tst:2009074366" comment="mozilla-nss-devel less than 3.13.4-0.5.5"/> 37026 <criterion test_ref="oval:org.opensuse.security:tst:2009074367" comment="mozilla-nss-tools less than 3.13.4-0.5.5"/> 37027 <criterion test_ref="oval:org.opensuse.security:tst:2009074368" comment="mozilla-nss less than 3.13.4-0.5.5"/> 37028 </criteria> 37029 </criteria> 37030 </definition> 37031 <definition id="oval:org.opensuse.security:def:20120468" version="1" class="vulnerability"> 37032 <metadata> 37033 <title>CVE-2012-0468</title> 37034 <affected family="unix"> 37035 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37036 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37037 </affected> 37038 <reference ref_id="CVE-2012-0468" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0468" source="CVE"/> 37039 <description> 37040 The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (assertion failure and memory corruption) or possibly execute arbitrary code via vectors related to jsval.h and the js::array_shift function. 37041 </description> 37042 </metadata> 37043 <!-- f83092661fed82089220795937f323d2 --> 37044 <criteria operator="AND"> 37045 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37046 <criteria operator="OR"> 37047 <criterion test_ref="oval:org.opensuse.security:tst:2009074355" comment="MozillaFirefox-branding-SLED less than 7-0.8.12"/> 37048 <criterion test_ref="oval:org.opensuse.security:tst:2009074356" comment="MozillaFirefox-translations less than 10.0.4-0.7.6"/> 37049 <criterion test_ref="oval:org.opensuse.security:tst:2009074357" comment="MozillaFirefox less than 10.0.4-0.7.6"/> 37050 <criterion test_ref="oval:org.opensuse.security:tst:2009074358" comment="beagle-evolution less than 0.2.18-78.13.1.102"/> 37051 <criterion test_ref="oval:org.opensuse.security:tst:2009074359" comment="beagle-firefox less than 0.2.18-78.13.1.102"/> 37052 <criterion test_ref="oval:org.opensuse.security:tst:2009074360" comment="beagle-gui less than 0.2.18-78.13.1.102"/> 37053 <criterion test_ref="oval:org.opensuse.security:tst:2009074361" comment="beagle less than 0.2.18-78.13.1.102"/> 37054 <criterion test_ref="oval:org.opensuse.security:tst:2009074362" comment="firefox3-gtk2-32bit less than 2.10.6-0.10.1"/> 37055 <criterion test_ref="oval:org.opensuse.security:tst:2009074363" comment="firefox3-gtk2 less than 2.10.6-0.10.1"/> 37056 <criterion test_ref="oval:org.opensuse.security:tst:2009074364" comment="mhtml-firefox less than 0.5-1.11.5"/> 37057 <criterion test_ref="oval:org.opensuse.security:tst:2009074365" comment="mozilla-nss-32bit less than 3.13.4-0.5.5"/> 37058 <criterion test_ref="oval:org.opensuse.security:tst:2009074366" comment="mozilla-nss-devel less than 3.13.4-0.5.5"/> 37059 <criterion test_ref="oval:org.opensuse.security:tst:2009074367" comment="mozilla-nss-tools less than 3.13.4-0.5.5"/> 37060 <criterion test_ref="oval:org.opensuse.security:tst:2009074368" comment="mozilla-nss less than 3.13.4-0.5.5"/> 37061 </criteria> 37062 </criteria> 37063 </definition> 37064 <definition id="oval:org.opensuse.security:def:20120469" version="1" class="vulnerability"> 37065 <metadata> 37066 <title>CVE-2012-0469</title> 37067 <affected family="unix"> 37068 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37069 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37070 </affected> 37071 <reference ref_id="CVE-2012-0469" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0469" source="CVE"/> 37072 <description> 37073 Use-after-free vulnerability in the mozilla::dom::indexedDB::IDBKeyRange::cycleCollection::Trace function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to execute arbitrary code via vectors related to crafted IndexedDB data. 37074 </description> 37075 </metadata> 37076 <!-- f83092661fed82089220795937f323d2 --> 37077 <criteria operator="AND"> 37078 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37079 <criteria operator="OR"> 37080 <criterion test_ref="oval:org.opensuse.security:tst:2009074355" comment="MozillaFirefox-branding-SLED less than 7-0.8.12"/> 37081 <criterion test_ref="oval:org.opensuse.security:tst:2009074356" comment="MozillaFirefox-translations less than 10.0.4-0.7.6"/> 37082 <criterion test_ref="oval:org.opensuse.security:tst:2009074357" comment="MozillaFirefox less than 10.0.4-0.7.6"/> 37083 <criterion test_ref="oval:org.opensuse.security:tst:2009074358" comment="beagle-evolution less than 0.2.18-78.13.1.102"/> 37084 <criterion test_ref="oval:org.opensuse.security:tst:2009074359" comment="beagle-firefox less than 0.2.18-78.13.1.102"/> 37085 <criterion test_ref="oval:org.opensuse.security:tst:2009074360" comment="beagle-gui less than 0.2.18-78.13.1.102"/> 37086 <criterion test_ref="oval:org.opensuse.security:tst:2009074361" comment="beagle less than 0.2.18-78.13.1.102"/> 37087 <criterion test_ref="oval:org.opensuse.security:tst:2009074362" comment="firefox3-gtk2-32bit less than 2.10.6-0.10.1"/> 37088 <criterion test_ref="oval:org.opensuse.security:tst:2009074363" comment="firefox3-gtk2 less than 2.10.6-0.10.1"/> 37089 <criterion test_ref="oval:org.opensuse.security:tst:2009074364" comment="mhtml-firefox less than 0.5-1.11.5"/> 37090 <criterion test_ref="oval:org.opensuse.security:tst:2009074365" comment="mozilla-nss-32bit less than 3.13.4-0.5.5"/> 37091 <criterion test_ref="oval:org.opensuse.security:tst:2009074366" comment="mozilla-nss-devel less than 3.13.4-0.5.5"/> 37092 <criterion test_ref="oval:org.opensuse.security:tst:2009074367" comment="mozilla-nss-tools less than 3.13.4-0.5.5"/> 37093 <criterion test_ref="oval:org.opensuse.security:tst:2009074368" comment="mozilla-nss less than 3.13.4-0.5.5"/> 37094 </criteria> 37095 </criteria> 37096 </definition> 37097 <definition id="oval:org.opensuse.security:def:20120470" version="1" class="vulnerability"> 37098 <metadata> 37099 <title>CVE-2012-0470</title> 37100 <affected family="unix"> 37101 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37102 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37103 </affected> 37104 <reference ref_id="CVE-2012-0470" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0470" source="CVE"/> 37105 <description> 37106 Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::LightPixel function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (invalid gfxImageSurface free operation) or possibly execute arbitrary code by leveraging the use of "different number systems." 37107 </description> 37108 </metadata> 37109 <!-- f83092661fed82089220795937f323d2 --> 37110 <criteria operator="AND"> 37111 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37112 <criteria operator="OR"> 37113 <criterion test_ref="oval:org.opensuse.security:tst:2009074355" comment="MozillaFirefox-branding-SLED less than 7-0.8.12"/> 37114 <criterion test_ref="oval:org.opensuse.security:tst:2009074356" comment="MozillaFirefox-translations less than 10.0.4-0.7.6"/> 37115 <criterion test_ref="oval:org.opensuse.security:tst:2009074357" comment="MozillaFirefox less than 10.0.4-0.7.6"/> 37116 <criterion test_ref="oval:org.opensuse.security:tst:2009074358" comment="beagle-evolution less than 0.2.18-78.13.1.102"/> 37117 <criterion test_ref="oval:org.opensuse.security:tst:2009074359" comment="beagle-firefox less than 0.2.18-78.13.1.102"/> 37118 <criterion test_ref="oval:org.opensuse.security:tst:2009074360" comment="beagle-gui less than 0.2.18-78.13.1.102"/> 37119 <criterion test_ref="oval:org.opensuse.security:tst:2009074361" comment="beagle less than 0.2.18-78.13.1.102"/> 37120 <criterion test_ref="oval:org.opensuse.security:tst:2009074362" comment="firefox3-gtk2-32bit less than 2.10.6-0.10.1"/> 37121 <criterion test_ref="oval:org.opensuse.security:tst:2009074363" comment="firefox3-gtk2 less than 2.10.6-0.10.1"/> 37122 <criterion test_ref="oval:org.opensuse.security:tst:2009074364" comment="mhtml-firefox less than 0.5-1.11.5"/> 37123 <criterion test_ref="oval:org.opensuse.security:tst:2009074365" comment="mozilla-nss-32bit less than 3.13.4-0.5.5"/> 37124 <criterion test_ref="oval:org.opensuse.security:tst:2009074366" comment="mozilla-nss-devel less than 3.13.4-0.5.5"/> 37125 <criterion test_ref="oval:org.opensuse.security:tst:2009074367" comment="mozilla-nss-tools less than 3.13.4-0.5.5"/> 37126 <criterion test_ref="oval:org.opensuse.security:tst:2009074368" comment="mozilla-nss less than 3.13.4-0.5.5"/> 37127 </criteria> 37128 </criteria> 37129 </definition> 37130 <definition id="oval:org.opensuse.security:def:20120471" version="1" class="vulnerability"> 37131 <metadata> 37132 <title>CVE-2012-0471</title> 37133 <affected family="unix"> 37134 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37135 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37136 </affected> 37137 <reference ref_id="CVE-2012-0471" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0471" source="CVE"/> 37138 <description> 37139 Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set. 37140 </description> 37141 </metadata> 37142 <!-- f83092661fed82089220795937f323d2 --> 37143 <criteria operator="AND"> 37144 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37145 <criteria operator="OR"> 37146 <criterion test_ref="oval:org.opensuse.security:tst:2009074355" comment="MozillaFirefox-branding-SLED less than 7-0.8.12"/> 37147 <criterion test_ref="oval:org.opensuse.security:tst:2009074356" comment="MozillaFirefox-translations less than 10.0.4-0.7.6"/> 37148 <criterion test_ref="oval:org.opensuse.security:tst:2009074357" comment="MozillaFirefox less than 10.0.4-0.7.6"/> 37149 <criterion test_ref="oval:org.opensuse.security:tst:2009074358" comment="beagle-evolution less than 0.2.18-78.13.1.102"/> 37150 <criterion test_ref="oval:org.opensuse.security:tst:2009074359" comment="beagle-firefox less than 0.2.18-78.13.1.102"/> 37151 <criterion test_ref="oval:org.opensuse.security:tst:2009074360" comment="beagle-gui less than 0.2.18-78.13.1.102"/> 37152 <criterion test_ref="oval:org.opensuse.security:tst:2009074361" comment="beagle less than 0.2.18-78.13.1.102"/> 37153 <criterion test_ref="oval:org.opensuse.security:tst:2009074362" comment="firefox3-gtk2-32bit less than 2.10.6-0.10.1"/> 37154 <criterion test_ref="oval:org.opensuse.security:tst:2009074363" comment="firefox3-gtk2 less than 2.10.6-0.10.1"/> 37155 <criterion test_ref="oval:org.opensuse.security:tst:2009074364" comment="mhtml-firefox less than 0.5-1.11.5"/> 37156 <criterion test_ref="oval:org.opensuse.security:tst:2009074365" comment="mozilla-nss-32bit less than 3.13.4-0.5.5"/> 37157 <criterion test_ref="oval:org.opensuse.security:tst:2009074366" comment="mozilla-nss-devel less than 3.13.4-0.5.5"/> 37158 <criterion test_ref="oval:org.opensuse.security:tst:2009074367" comment="mozilla-nss-tools less than 3.13.4-0.5.5"/> 37159 <criterion test_ref="oval:org.opensuse.security:tst:2009074368" comment="mozilla-nss less than 3.13.4-0.5.5"/> 37160 </criteria> 37161 </criteria> 37162 </definition> 37163 <definition id="oval:org.opensuse.security:def:20120472" version="1" class="vulnerability"> 37164 <metadata> 37165 <title>CVE-2012-0472</title> 37166 <affected family="unix"> 37167 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37168 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37169 </affected> 37170 <reference ref_id="CVE-2012-0472" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0472" source="CVE"/> 37171 <description> 37172 The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are used, does not properly restrict font-rendering attempts, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. 37173 </description> 37174 </metadata> 37175 <!-- f83092661fed82089220795937f323d2 --> 37176 <criteria operator="AND"> 37177 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37178 <criteria operator="OR"> 37179 <criterion test_ref="oval:org.opensuse.security:tst:2009074355" comment="MozillaFirefox-branding-SLED less than 7-0.8.12"/> 37180 <criterion test_ref="oval:org.opensuse.security:tst:2009074356" comment="MozillaFirefox-translations less than 10.0.4-0.7.6"/> 37181 <criterion test_ref="oval:org.opensuse.security:tst:2009074357" comment="MozillaFirefox less than 10.0.4-0.7.6"/> 37182 <criterion test_ref="oval:org.opensuse.security:tst:2009074358" comment="beagle-evolution less than 0.2.18-78.13.1.102"/> 37183 <criterion test_ref="oval:org.opensuse.security:tst:2009074359" comment="beagle-firefox less than 0.2.18-78.13.1.102"/> 37184 <criterion test_ref="oval:org.opensuse.security:tst:2009074360" comment="beagle-gui less than 0.2.18-78.13.1.102"/> 37185 <criterion test_ref="oval:org.opensuse.security:tst:2009074361" comment="beagle less than 0.2.18-78.13.1.102"/> 37186 <criterion test_ref="oval:org.opensuse.security:tst:2009074362" comment="firefox3-gtk2-32bit less than 2.10.6-0.10.1"/> 37187 <criterion test_ref="oval:org.opensuse.security:tst:2009074363" comment="firefox3-gtk2 less than 2.10.6-0.10.1"/> 37188 <criterion test_ref="oval:org.opensuse.security:tst:2009074364" comment="mhtml-firefox less than 0.5-1.11.5"/> 37189 <criterion test_ref="oval:org.opensuse.security:tst:2009074365" comment="mozilla-nss-32bit less than 3.13.4-0.5.5"/> 37190 <criterion test_ref="oval:org.opensuse.security:tst:2009074366" comment="mozilla-nss-devel less than 3.13.4-0.5.5"/> 37191 <criterion test_ref="oval:org.opensuse.security:tst:2009074367" comment="mozilla-nss-tools less than 3.13.4-0.5.5"/> 37192 <criterion test_ref="oval:org.opensuse.security:tst:2009074368" comment="mozilla-nss less than 3.13.4-0.5.5"/> 37193 </criteria> 37194 </criteria> 37195 </definition> 37196 <definition id="oval:org.opensuse.security:def:20120473" version="1" class="vulnerability"> 37197 <metadata> 37198 <title>CVE-2012-0473</title> 37199 <affected family="unix"> 37200 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37201 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37202 </affected> 37203 <reference ref_id="CVE-2012-0473" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0473" source="CVE"/> 37204 <description> 37205 The WebGLBuffer::FindMaxUshortElement function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 calls the FindMaxElementInSubArray function with incorrect template arguments, which allows remote attackers to obtain sensitive information from video memory via a crafted WebGL.drawElements call. 37206 </description> 37207 </metadata> 37208 <!-- f83092661fed82089220795937f323d2 --> 37209 <criteria operator="AND"> 37210 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37211 <criteria operator="OR"> 37212 <criterion test_ref="oval:org.opensuse.security:tst:2009074355" comment="MozillaFirefox-branding-SLED less than 7-0.8.12"/> 37213 <criterion test_ref="oval:org.opensuse.security:tst:2009074356" comment="MozillaFirefox-translations less than 10.0.4-0.7.6"/> 37214 <criterion test_ref="oval:org.opensuse.security:tst:2009074357" comment="MozillaFirefox less than 10.0.4-0.7.6"/> 37215 <criterion test_ref="oval:org.opensuse.security:tst:2009074358" comment="beagle-evolution less than 0.2.18-78.13.1.102"/> 37216 <criterion test_ref="oval:org.opensuse.security:tst:2009074359" comment="beagle-firefox less than 0.2.18-78.13.1.102"/> 37217 <criterion test_ref="oval:org.opensuse.security:tst:2009074360" comment="beagle-gui less than 0.2.18-78.13.1.102"/> 37218 <criterion test_ref="oval:org.opensuse.security:tst:2009074361" comment="beagle less than 0.2.18-78.13.1.102"/> 37219 <criterion test_ref="oval:org.opensuse.security:tst:2009074362" comment="firefox3-gtk2-32bit less than 2.10.6-0.10.1"/> 37220 <criterion test_ref="oval:org.opensuse.security:tst:2009074363" comment="firefox3-gtk2 less than 2.10.6-0.10.1"/> 37221 <criterion test_ref="oval:org.opensuse.security:tst:2009074364" comment="mhtml-firefox less than 0.5-1.11.5"/> 37222 <criterion test_ref="oval:org.opensuse.security:tst:2009074365" comment="mozilla-nss-32bit less than 3.13.4-0.5.5"/> 37223 <criterion test_ref="oval:org.opensuse.security:tst:2009074366" comment="mozilla-nss-devel less than 3.13.4-0.5.5"/> 37224 <criterion test_ref="oval:org.opensuse.security:tst:2009074367" comment="mozilla-nss-tools less than 3.13.4-0.5.5"/> 37225 <criterion test_ref="oval:org.opensuse.security:tst:2009074368" comment="mozilla-nss less than 3.13.4-0.5.5"/> 37226 </criteria> 37227 </criteria> 37228 </definition> 37229 <definition id="oval:org.opensuse.security:def:20120474" version="1" class="vulnerability"> 37230 <metadata> 37231 <title>CVE-2012-0474</title> 37232 <affected family="unix"> 37233 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37234 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37235 </affected> 37236 <reference ref_id="CVE-2012-0474" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0474" source="CVE"/> 37237 <description> 37238 Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via vectors related to short-circuited page loads, aka "Universal XSS (UXSS)." 37239 </description> 37240 </metadata> 37241 <!-- f83092661fed82089220795937f323d2 --> 37242 <criteria operator="AND"> 37243 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37244 <criteria operator="OR"> 37245 <criterion test_ref="oval:org.opensuse.security:tst:2009074355" comment="MozillaFirefox-branding-SLED less than 7-0.8.12"/> 37246 <criterion test_ref="oval:org.opensuse.security:tst:2009074356" comment="MozillaFirefox-translations less than 10.0.4-0.7.6"/> 37247 <criterion test_ref="oval:org.opensuse.security:tst:2009074357" comment="MozillaFirefox less than 10.0.4-0.7.6"/> 37248 <criterion test_ref="oval:org.opensuse.security:tst:2009074358" comment="beagle-evolution less than 0.2.18-78.13.1.102"/> 37249 <criterion test_ref="oval:org.opensuse.security:tst:2009074359" comment="beagle-firefox less than 0.2.18-78.13.1.102"/> 37250 <criterion test_ref="oval:org.opensuse.security:tst:2009074360" comment="beagle-gui less than 0.2.18-78.13.1.102"/> 37251 <criterion test_ref="oval:org.opensuse.security:tst:2009074361" comment="beagle less than 0.2.18-78.13.1.102"/> 37252 <criterion test_ref="oval:org.opensuse.security:tst:2009074362" comment="firefox3-gtk2-32bit less than 2.10.6-0.10.1"/> 37253 <criterion test_ref="oval:org.opensuse.security:tst:2009074363" comment="firefox3-gtk2 less than 2.10.6-0.10.1"/> 37254 <criterion test_ref="oval:org.opensuse.security:tst:2009074364" comment="mhtml-firefox less than 0.5-1.11.5"/> 37255 <criterion test_ref="oval:org.opensuse.security:tst:2009074365" comment="mozilla-nss-32bit less than 3.13.4-0.5.5"/> 37256 <criterion test_ref="oval:org.opensuse.security:tst:2009074366" comment="mozilla-nss-devel less than 3.13.4-0.5.5"/> 37257 <criterion test_ref="oval:org.opensuse.security:tst:2009074367" comment="mozilla-nss-tools less than 3.13.4-0.5.5"/> 37258 <criterion test_ref="oval:org.opensuse.security:tst:2009074368" comment="mozilla-nss less than 3.13.4-0.5.5"/> 37259 </criteria> 37260 </criteria> 37261 </definition> 37262 <definition id="oval:org.opensuse.security:def:20120475" version="1" class="vulnerability"> 37263 <metadata> 37264 <title>CVE-2012-0475</title> 37265 <affected family="unix"> 37266 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37267 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37268 </affected> 37269 <reference ref_id="CVE-2012-0475" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0475" source="CVE"/> 37270 <description> 37271 Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site (1) XMLHttpRequest or (2) WebSocket operation involving a nonstandard port number and an IPv6 address that contains certain zero fields. 37272 </description> 37273 </metadata> 37274 <!-- f83092661fed82089220795937f323d2 --> 37275 <criteria operator="AND"> 37276 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37277 <criteria operator="OR"> 37278 <criterion test_ref="oval:org.opensuse.security:tst:2009074355" comment="MozillaFirefox-branding-SLED less than 7-0.8.12"/> 37279 <criterion test_ref="oval:org.opensuse.security:tst:2009074356" comment="MozillaFirefox-translations less than 10.0.4-0.7.6"/> 37280 <criterion test_ref="oval:org.opensuse.security:tst:2009074357" comment="MozillaFirefox less than 10.0.4-0.7.6"/> 37281 <criterion test_ref="oval:org.opensuse.security:tst:2009074358" comment="beagle-evolution less than 0.2.18-78.13.1.102"/> 37282 <criterion test_ref="oval:org.opensuse.security:tst:2009074359" comment="beagle-firefox less than 0.2.18-78.13.1.102"/> 37283 <criterion test_ref="oval:org.opensuse.security:tst:2009074360" comment="beagle-gui less than 0.2.18-78.13.1.102"/> 37284 <criterion test_ref="oval:org.opensuse.security:tst:2009074361" comment="beagle less than 0.2.18-78.13.1.102"/> 37285 <criterion test_ref="oval:org.opensuse.security:tst:2009074362" comment="firefox3-gtk2-32bit less than 2.10.6-0.10.1"/> 37286 <criterion test_ref="oval:org.opensuse.security:tst:2009074363" comment="firefox3-gtk2 less than 2.10.6-0.10.1"/> 37287 <criterion test_ref="oval:org.opensuse.security:tst:2009074364" comment="mhtml-firefox less than 0.5-1.11.5"/> 37288 <criterion test_ref="oval:org.opensuse.security:tst:2009074365" comment="mozilla-nss-32bit less than 3.13.4-0.5.5"/> 37289 <criterion test_ref="oval:org.opensuse.security:tst:2009074366" comment="mozilla-nss-devel less than 3.13.4-0.5.5"/> 37290 <criterion test_ref="oval:org.opensuse.security:tst:2009074367" comment="mozilla-nss-tools less than 3.13.4-0.5.5"/> 37291 <criterion test_ref="oval:org.opensuse.security:tst:2009074368" comment="mozilla-nss less than 3.13.4-0.5.5"/> 37292 </criteria> 37293 </criteria> 37294 </definition> 37295 <definition id="oval:org.opensuse.security:def:20120477" version="1" class="vulnerability"> 37296 <metadata> 37297 <title>CVE-2012-0477</title> 37298 <affected family="unix"> 37299 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37300 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37301 </affected> 37302 <reference ref_id="CVE-2012-0477" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0477" source="CVE"/> 37303 <description> 37304 Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) ISO-2022-KR or (2) ISO-2022-CN character set. 37305 </description> 37306 </metadata> 37307 <!-- f83092661fed82089220795937f323d2 --> 37308 <criteria operator="AND"> 37309 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37310 <criteria operator="OR"> 37311 <criterion test_ref="oval:org.opensuse.security:tst:2009074355" comment="MozillaFirefox-branding-SLED less than 7-0.8.12"/> 37312 <criterion test_ref="oval:org.opensuse.security:tst:2009074356" comment="MozillaFirefox-translations less than 10.0.4-0.7.6"/> 37313 <criterion test_ref="oval:org.opensuse.security:tst:2009074357" comment="MozillaFirefox less than 10.0.4-0.7.6"/> 37314 <criterion test_ref="oval:org.opensuse.security:tst:2009074358" comment="beagle-evolution less than 0.2.18-78.13.1.102"/> 37315 <criterion test_ref="oval:org.opensuse.security:tst:2009074359" comment="beagle-firefox less than 0.2.18-78.13.1.102"/> 37316 <criterion test_ref="oval:org.opensuse.security:tst:2009074360" comment="beagle-gui less than 0.2.18-78.13.1.102"/> 37317 <criterion test_ref="oval:org.opensuse.security:tst:2009074361" comment="beagle less than 0.2.18-78.13.1.102"/> 37318 <criterion test_ref="oval:org.opensuse.security:tst:2009074362" comment="firefox3-gtk2-32bit less than 2.10.6-0.10.1"/> 37319 <criterion test_ref="oval:org.opensuse.security:tst:2009074363" comment="firefox3-gtk2 less than 2.10.6-0.10.1"/> 37320 <criterion test_ref="oval:org.opensuse.security:tst:2009074364" comment="mhtml-firefox less than 0.5-1.11.5"/> 37321 <criterion test_ref="oval:org.opensuse.security:tst:2009074365" comment="mozilla-nss-32bit less than 3.13.4-0.5.5"/> 37322 <criterion test_ref="oval:org.opensuse.security:tst:2009074366" comment="mozilla-nss-devel less than 3.13.4-0.5.5"/> 37323 <criterion test_ref="oval:org.opensuse.security:tst:2009074367" comment="mozilla-nss-tools less than 3.13.4-0.5.5"/> 37324 <criterion test_ref="oval:org.opensuse.security:tst:2009074368" comment="mozilla-nss less than 3.13.4-0.5.5"/> 37325 </criteria> 37326 </criteria> 37327 </definition> 37328 <definition id="oval:org.opensuse.security:def:20120478" version="1" class="vulnerability"> 37329 <metadata> 37330 <title>CVE-2012-0478</title> 37331 <affected family="unix"> 37332 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37333 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37334 </affected> 37335 <reference ref_id="CVE-2012-0478" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0478" source="CVE"/> 37336 <description> 37337 The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page. 37338 </description> 37339 </metadata> 37340 <!-- f83092661fed82089220795937f323d2 --> 37341 <criteria operator="AND"> 37342 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37343 <criteria operator="OR"> 37344 <criterion test_ref="oval:org.opensuse.security:tst:2009074355" comment="MozillaFirefox-branding-SLED less than 7-0.8.12"/> 37345 <criterion test_ref="oval:org.opensuse.security:tst:2009074356" comment="MozillaFirefox-translations less than 10.0.4-0.7.6"/> 37346 <criterion test_ref="oval:org.opensuse.security:tst:2009074357" comment="MozillaFirefox less than 10.0.4-0.7.6"/> 37347 <criterion test_ref="oval:org.opensuse.security:tst:2009074358" comment="beagle-evolution less than 0.2.18-78.13.1.102"/> 37348 <criterion test_ref="oval:org.opensuse.security:tst:2009074359" comment="beagle-firefox less than 0.2.18-78.13.1.102"/> 37349 <criterion test_ref="oval:org.opensuse.security:tst:2009074360" comment="beagle-gui less than 0.2.18-78.13.1.102"/> 37350 <criterion test_ref="oval:org.opensuse.security:tst:2009074361" comment="beagle less than 0.2.18-78.13.1.102"/> 37351 <criterion test_ref="oval:org.opensuse.security:tst:2009074362" comment="firefox3-gtk2-32bit less than 2.10.6-0.10.1"/> 37352 <criterion test_ref="oval:org.opensuse.security:tst:2009074363" comment="firefox3-gtk2 less than 2.10.6-0.10.1"/> 37353 <criterion test_ref="oval:org.opensuse.security:tst:2009074364" comment="mhtml-firefox less than 0.5-1.11.5"/> 37354 <criterion test_ref="oval:org.opensuse.security:tst:2009074365" comment="mozilla-nss-32bit less than 3.13.4-0.5.5"/> 37355 <criterion test_ref="oval:org.opensuse.security:tst:2009074366" comment="mozilla-nss-devel less than 3.13.4-0.5.5"/> 37356 <criterion test_ref="oval:org.opensuse.security:tst:2009074367" comment="mozilla-nss-tools less than 3.13.4-0.5.5"/> 37357 <criterion test_ref="oval:org.opensuse.security:tst:2009074368" comment="mozilla-nss less than 3.13.4-0.5.5"/> 37358 </criteria> 37359 </criteria> 37360 </definition> 37361 <definition id="oval:org.opensuse.security:def:20120479" version="1" class="vulnerability"> 37362 <metadata> 37363 <title>CVE-2012-0479</title> 37364 <affected family="unix"> 37365 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37366 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37367 </affected> 37368 <reference ref_id="CVE-2012-0479" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0479" source="CVE"/> 37369 <description> 37370 Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content. 37371 </description> 37372 </metadata> 37373 <!-- f83092661fed82089220795937f323d2 --> 37374 <criteria operator="AND"> 37375 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37376 <criteria operator="OR"> 37377 <criterion test_ref="oval:org.opensuse.security:tst:2009074355" comment="MozillaFirefox-branding-SLED less than 7-0.8.12"/> 37378 <criterion test_ref="oval:org.opensuse.security:tst:2009074356" comment="MozillaFirefox-translations less than 10.0.4-0.7.6"/> 37379 <criterion test_ref="oval:org.opensuse.security:tst:2009074357" comment="MozillaFirefox less than 10.0.4-0.7.6"/> 37380 <criterion test_ref="oval:org.opensuse.security:tst:2009074358" comment="beagle-evolution less than 0.2.18-78.13.1.102"/> 37381 <criterion test_ref="oval:org.opensuse.security:tst:2009074359" comment="beagle-firefox less than 0.2.18-78.13.1.102"/> 37382 <criterion test_ref="oval:org.opensuse.security:tst:2009074360" comment="beagle-gui less than 0.2.18-78.13.1.102"/> 37383 <criterion test_ref="oval:org.opensuse.security:tst:2009074361" comment="beagle less than 0.2.18-78.13.1.102"/> 37384 <criterion test_ref="oval:org.opensuse.security:tst:2009074362" comment="firefox3-gtk2-32bit less than 2.10.6-0.10.1"/> 37385 <criterion test_ref="oval:org.opensuse.security:tst:2009074363" comment="firefox3-gtk2 less than 2.10.6-0.10.1"/> 37386 <criterion test_ref="oval:org.opensuse.security:tst:2009074364" comment="mhtml-firefox less than 0.5-1.11.5"/> 37387 <criterion test_ref="oval:org.opensuse.security:tst:2009074365" comment="mozilla-nss-32bit less than 3.13.4-0.5.5"/> 37388 <criterion test_ref="oval:org.opensuse.security:tst:2009074366" comment="mozilla-nss-devel less than 3.13.4-0.5.5"/> 37389 <criterion test_ref="oval:org.opensuse.security:tst:2009074367" comment="mozilla-nss-tools less than 3.13.4-0.5.5"/> 37390 <criterion test_ref="oval:org.opensuse.security:tst:2009074368" comment="mozilla-nss less than 3.13.4-0.5.5"/> 37391 </criteria> 37392 </criteria> 37393 </definition> 37394 <definition id="oval:org.opensuse.security:def:20120498" version="1" class="vulnerability"> 37395 <metadata> 37396 <title>CVE-2012-0498</title> 37397 <affected family="unix"> 37398 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37399 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37400 </affected> 37401 <reference ref_id="CVE-2012-0498" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0498" source="CVE"/> 37402 <description> 37403 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. 37404 </description> 37405 </metadata> 37406 <!-- 37f9fa06a81529e81613e3989bd55358 --> 37407 <criteria operator="AND"> 37408 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37409 <criteria operator="OR"> 37410 <criterion test_ref="oval:org.opensuse.security:tst:2009074166" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.1-0.8.3"/> 37411 <criterion test_ref="oval:org.opensuse.security:tst:2009074167" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.1-0.8.3"/> 37412 <criterion test_ref="oval:org.opensuse.security:tst:2009074168" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.1-0.8.3"/> 37413 <criterion test_ref="oval:org.opensuse.security:tst:2009074169" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.1-0.8.3"/> 37414 <criterion test_ref="oval:org.opensuse.security:tst:2009074170" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.1-0.8.3"/> 37415 <criterion test_ref="oval:org.opensuse.security:tst:2009074171" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.1-0.8.3"/> 37416 <criterion test_ref="oval:org.opensuse.security:tst:2009074172" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.1-0.8.3"/> 37417 <criterion test_ref="oval:org.opensuse.security:tst:2009074173" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.1-0.8.3"/> 37418 <criterion test_ref="oval:org.opensuse.security:tst:2009074174" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.1-0.8.3"/> 37419 <criterion test_ref="oval:org.opensuse.security:tst:2009074175" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.1-0.8.3"/> 37420 <criterion test_ref="oval:org.opensuse.security:tst:2009074176" comment="java-1_5_0-ibm less than 1.5.0_sr13.1-0.8.3"/> 37421 </criteria> 37422 </criteria> 37423 </definition> 37424 <definition id="oval:org.opensuse.security:def:20120499" version="1" class="vulnerability"> 37425 <metadata> 37426 <title>CVE-2012-0499</title> 37427 <affected family="unix"> 37428 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37429 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37430 </affected> 37431 <reference ref_id="CVE-2012-0499" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0499" source="CVE"/> 37432 <description> 37433 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier; and JavaFX 2.0.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. 37434 </description> 37435 </metadata> 37436 <!-- 37f9fa06a81529e81613e3989bd55358 --> 37437 <criteria operator="AND"> 37438 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37439 <criteria operator="OR"> 37440 <criterion test_ref="oval:org.opensuse.security:tst:2009074166" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.1-0.8.3"/> 37441 <criterion test_ref="oval:org.opensuse.security:tst:2009074167" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.1-0.8.3"/> 37442 <criterion test_ref="oval:org.opensuse.security:tst:2009074168" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.1-0.8.3"/> 37443 <criterion test_ref="oval:org.opensuse.security:tst:2009074169" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.1-0.8.3"/> 37444 <criterion test_ref="oval:org.opensuse.security:tst:2009074170" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.1-0.8.3"/> 37445 <criterion test_ref="oval:org.opensuse.security:tst:2009074171" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.1-0.8.3"/> 37446 <criterion test_ref="oval:org.opensuse.security:tst:2009074172" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.1-0.8.3"/> 37447 <criterion test_ref="oval:org.opensuse.security:tst:2009074173" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.1-0.8.3"/> 37448 <criterion test_ref="oval:org.opensuse.security:tst:2009074174" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.1-0.8.3"/> 37449 <criterion test_ref="oval:org.opensuse.security:tst:2009074175" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.1-0.8.3"/> 37450 <criterion test_ref="oval:org.opensuse.security:tst:2009074176" comment="java-1_5_0-ibm less than 1.5.0_sr13.1-0.8.3"/> 37451 </criteria> 37452 </criteria> 37453 </definition> 37454 <definition id="oval:org.opensuse.security:def:20120501" version="1" class="vulnerability"> 37455 <metadata> 37456 <title>CVE-2012-0501</title> 37457 <affected family="unix"> 37458 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37459 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37460 </affected> 37461 <reference ref_id="CVE-2012-0501" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0501" source="CVE"/> 37462 <description> 37463 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect availability via unknown vectors. 37464 </description> 37465 </metadata> 37466 <!-- 37f9fa06a81529e81613e3989bd55358 --> 37467 <criteria operator="AND"> 37468 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37469 <criteria operator="OR"> 37470 <criterion test_ref="oval:org.opensuse.security:tst:2009074166" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.1-0.8.3"/> 37471 <criterion test_ref="oval:org.opensuse.security:tst:2009074167" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.1-0.8.3"/> 37472 <criterion test_ref="oval:org.opensuse.security:tst:2009074168" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.1-0.8.3"/> 37473 <criterion test_ref="oval:org.opensuse.security:tst:2009074169" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.1-0.8.3"/> 37474 <criterion test_ref="oval:org.opensuse.security:tst:2009074170" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.1-0.8.3"/> 37475 <criterion test_ref="oval:org.opensuse.security:tst:2009074171" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.1-0.8.3"/> 37476 <criterion test_ref="oval:org.opensuse.security:tst:2009074172" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.1-0.8.3"/> 37477 <criterion test_ref="oval:org.opensuse.security:tst:2009074173" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.1-0.8.3"/> 37478 <criterion test_ref="oval:org.opensuse.security:tst:2009074174" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.1-0.8.3"/> 37479 <criterion test_ref="oval:org.opensuse.security:tst:2009074175" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.1-0.8.3"/> 37480 <criterion test_ref="oval:org.opensuse.security:tst:2009074176" comment="java-1_5_0-ibm less than 1.5.0_sr13.1-0.8.3"/> 37481 </criteria> 37482 </criteria> 37483 </definition> 37484 <definition id="oval:org.opensuse.security:def:20120502" version="1" class="vulnerability"> 37485 <metadata> 37486 <title>CVE-2012-0502</title> 37487 <affected family="unix"> 37488 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37489 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37490 </affected> 37491 <reference ref_id="CVE-2012-0502" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0502" source="CVE"/> 37492 <description> 37493 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and availability, related to AWT. 37494 </description> 37495 </metadata> 37496 <!-- 37f9fa06a81529e81613e3989bd55358 --> 37497 <criteria operator="AND"> 37498 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37499 <criteria operator="OR"> 37500 <criterion test_ref="oval:org.opensuse.security:tst:2009074166" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.1-0.8.3"/> 37501 <criterion test_ref="oval:org.opensuse.security:tst:2009074167" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.1-0.8.3"/> 37502 <criterion test_ref="oval:org.opensuse.security:tst:2009074168" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.1-0.8.3"/> 37503 <criterion test_ref="oval:org.opensuse.security:tst:2009074169" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.1-0.8.3"/> 37504 <criterion test_ref="oval:org.opensuse.security:tst:2009074170" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.1-0.8.3"/> 37505 <criterion test_ref="oval:org.opensuse.security:tst:2009074171" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.1-0.8.3"/> 37506 <criterion test_ref="oval:org.opensuse.security:tst:2009074172" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.1-0.8.3"/> 37507 <criterion test_ref="oval:org.opensuse.security:tst:2009074173" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.1-0.8.3"/> 37508 <criterion test_ref="oval:org.opensuse.security:tst:2009074174" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.1-0.8.3"/> 37509 <criterion test_ref="oval:org.opensuse.security:tst:2009074175" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.1-0.8.3"/> 37510 <criterion test_ref="oval:org.opensuse.security:tst:2009074176" comment="java-1_5_0-ibm less than 1.5.0_sr13.1-0.8.3"/> 37511 </criteria> 37512 </criteria> 37513 </definition> 37514 <definition id="oval:org.opensuse.security:def:20120503" version="1" class="vulnerability"> 37515 <metadata> 37516 <title>CVE-2012-0503</title> 37517 <affected family="unix"> 37518 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37519 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37520 </affected> 37521 <reference ref_id="CVE-2012-0503" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0503" source="CVE"/> 37522 <description> 37523 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to I18n. 37524 </description> 37525 </metadata> 37526 <!-- 37f9fa06a81529e81613e3989bd55358 --> 37527 <criteria operator="AND"> 37528 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37529 <criteria operator="OR"> 37530 <criterion test_ref="oval:org.opensuse.security:tst:2009074166" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.1-0.8.3"/> 37531 <criterion test_ref="oval:org.opensuse.security:tst:2009074167" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.1-0.8.3"/> 37532 <criterion test_ref="oval:org.opensuse.security:tst:2009074168" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.1-0.8.3"/> 37533 <criterion test_ref="oval:org.opensuse.security:tst:2009074169" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.1-0.8.3"/> 37534 <criterion test_ref="oval:org.opensuse.security:tst:2009074170" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.1-0.8.3"/> 37535 <criterion test_ref="oval:org.opensuse.security:tst:2009074171" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.1-0.8.3"/> 37536 <criterion test_ref="oval:org.opensuse.security:tst:2009074172" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.1-0.8.3"/> 37537 <criterion test_ref="oval:org.opensuse.security:tst:2009074173" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.1-0.8.3"/> 37538 <criterion test_ref="oval:org.opensuse.security:tst:2009074174" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.1-0.8.3"/> 37539 <criterion test_ref="oval:org.opensuse.security:tst:2009074175" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.1-0.8.3"/> 37540 <criterion test_ref="oval:org.opensuse.security:tst:2009074176" comment="java-1_5_0-ibm less than 1.5.0_sr13.1-0.8.3"/> 37541 </criteria> 37542 </criteria> 37543 </definition> 37544 <definition id="oval:org.opensuse.security:def:20120505" version="1" class="vulnerability"> 37545 <metadata> 37546 <title>CVE-2012-0505</title> 37547 <affected family="unix"> 37548 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37549 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37550 </affected> 37551 <reference ref_id="CVE-2012-0505" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0505" source="CVE"/> 37552 <description> 37553 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Serialization. 37554 </description> 37555 </metadata> 37556 <!-- 37f9fa06a81529e81613e3989bd55358 --> 37557 <criteria operator="AND"> 37558 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37559 <criteria operator="OR"> 37560 <criterion test_ref="oval:org.opensuse.security:tst:2009074166" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.1-0.8.3"/> 37561 <criterion test_ref="oval:org.opensuse.security:tst:2009074167" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.1-0.8.3"/> 37562 <criterion test_ref="oval:org.opensuse.security:tst:2009074168" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.1-0.8.3"/> 37563 <criterion test_ref="oval:org.opensuse.security:tst:2009074169" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.1-0.8.3"/> 37564 <criterion test_ref="oval:org.opensuse.security:tst:2009074170" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.1-0.8.3"/> 37565 <criterion test_ref="oval:org.opensuse.security:tst:2009074171" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.1-0.8.3"/> 37566 <criterion test_ref="oval:org.opensuse.security:tst:2009074172" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.1-0.8.3"/> 37567 <criterion test_ref="oval:org.opensuse.security:tst:2009074173" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.1-0.8.3"/> 37568 <criterion test_ref="oval:org.opensuse.security:tst:2009074174" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.1-0.8.3"/> 37569 <criterion test_ref="oval:org.opensuse.security:tst:2009074175" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.1-0.8.3"/> 37570 <criterion test_ref="oval:org.opensuse.security:tst:2009074176" comment="java-1_5_0-ibm less than 1.5.0_sr13.1-0.8.3"/> 37571 </criteria> 37572 </criteria> 37573 </definition> 37574 <definition id="oval:org.opensuse.security:def:20120506" version="1" class="vulnerability"> 37575 <metadata> 37576 <title>CVE-2012-0506</title> 37577 <affected family="unix"> 37578 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37579 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37580 </affected> 37581 <reference ref_id="CVE-2012-0506" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0506" source="CVE"/> 37582 <description> 37583 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to CORBA. 37584 </description> 37585 </metadata> 37586 <!-- 37f9fa06a81529e81613e3989bd55358 --> 37587 <criteria operator="AND"> 37588 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37589 <criteria operator="OR"> 37590 <criterion test_ref="oval:org.opensuse.security:tst:2009074166" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.1-0.8.3"/> 37591 <criterion test_ref="oval:org.opensuse.security:tst:2009074167" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.1-0.8.3"/> 37592 <criterion test_ref="oval:org.opensuse.security:tst:2009074168" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.1-0.8.3"/> 37593 <criterion test_ref="oval:org.opensuse.security:tst:2009074169" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.1-0.8.3"/> 37594 <criterion test_ref="oval:org.opensuse.security:tst:2009074170" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.1-0.8.3"/> 37595 <criterion test_ref="oval:org.opensuse.security:tst:2009074171" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.1-0.8.3"/> 37596 <criterion test_ref="oval:org.opensuse.security:tst:2009074172" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.1-0.8.3"/> 37597 <criterion test_ref="oval:org.opensuse.security:tst:2009074173" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.1-0.8.3"/> 37598 <criterion test_ref="oval:org.opensuse.security:tst:2009074174" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.1-0.8.3"/> 37599 <criterion test_ref="oval:org.opensuse.security:tst:2009074175" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.1-0.8.3"/> 37600 <criterion test_ref="oval:org.opensuse.security:tst:2009074176" comment="java-1_5_0-ibm less than 1.5.0_sr13.1-0.8.3"/> 37601 </criteria> 37602 </criteria> 37603 </definition> 37604 <definition id="oval:org.opensuse.security:def:20120507" version="1" class="vulnerability"> 37605 <metadata> 37606 <title>CVE-2012-0507</title> 37607 <affected family="unix"> 37608 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37609 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37610 </affected> 37611 <reference ref_id="CVE-2012-0507" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0507" source="CVE"/> 37612 <description> 37613 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue. 37614 </description> 37615 </metadata> 37616 <!-- 37f9fa06a81529e81613e3989bd55358 --> 37617 <criteria operator="AND"> 37618 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37619 <criteria operator="OR"> 37620 <criterion test_ref="oval:org.opensuse.security:tst:2009074166" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr13.1-0.8.3"/> 37621 <criterion test_ref="oval:org.opensuse.security:tst:2009074167" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr13.1-0.8.3"/> 37622 <criterion test_ref="oval:org.opensuse.security:tst:2009074168" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr13.1-0.8.3"/> 37623 <criterion test_ref="oval:org.opensuse.security:tst:2009074169" comment="java-1_5_0-ibm-demo less than 1.5.0_sr13.1-0.8.3"/> 37624 <criterion test_ref="oval:org.opensuse.security:tst:2009074170" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr13.1-0.8.3"/> 37625 <criterion test_ref="oval:org.opensuse.security:tst:2009074171" comment="java-1_5_0-ibm-devel less than 1.5.0_sr13.1-0.8.3"/> 37626 <criterion test_ref="oval:org.opensuse.security:tst:2009074172" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr13.1-0.8.3"/> 37627 <criterion test_ref="oval:org.opensuse.security:tst:2009074173" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr13.1-0.8.3"/> 37628 <criterion test_ref="oval:org.opensuse.security:tst:2009074174" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr13.1-0.8.3"/> 37629 <criterion test_ref="oval:org.opensuse.security:tst:2009074175" comment="java-1_5_0-ibm-src less than 1.5.0_sr13.1-0.8.3"/> 37630 <criterion test_ref="oval:org.opensuse.security:tst:2009074176" comment="java-1_5_0-ibm less than 1.5.0_sr13.1-0.8.3"/> 37631 </criteria> 37632 </criteria> 37633 </definition> 37634 <definition id="oval:org.opensuse.security:def:20120752" version="1" class="vulnerability"> 37635 <metadata> 37636 <title>CVE-2012-0752</title> 37637 <affected family="unix"> 37638 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37639 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37640 </affected> 37641 <reference ref_id="CVE-2012-0752" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0752" source="CVE"/> 37642 <description> 37643 Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) by leveraging an unspecified "type confusion." 37644 </description> 37645 </metadata> 37646 <!-- c3d08777a2397ababaa7778f2881067f --> 37647 <criteria operator="AND"> 37648 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37649 <criterion test_ref="oval:org.opensuse.security:tst:2009073073" comment="flash-player less than 10.3.183.15-0.6.1"/> 37650 </criteria> 37651 </definition> 37652 <definition id="oval:org.opensuse.security:def:20120753" version="1" class="vulnerability"> 37653 <metadata> 37654 <title>CVE-2012-0753</title> 37655 <affected family="unix"> 37656 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37657 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37658 </affected> 37659 <reference ref_id="CVE-2012-0753" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0753" source="CVE"/> 37660 <description> 37661 Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted MP4 data. 37662 </description> 37663 </metadata> 37664 <!-- c3d08777a2397ababaa7778f2881067f --> 37665 <criteria operator="AND"> 37666 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37667 <criterion test_ref="oval:org.opensuse.security:tst:2009073073" comment="flash-player less than 10.3.183.15-0.6.1"/> 37668 </criteria> 37669 </definition> 37670 <definition id="oval:org.opensuse.security:def:20120754" version="1" class="vulnerability"> 37671 <metadata> 37672 <title>CVE-2012-0754</title> 37673 <affected family="unix"> 37674 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37675 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37676 </affected> 37677 <reference ref_id="CVE-2012-0754" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0754" source="CVE"/> 37678 <description> 37679 Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. 37680 </description> 37681 </metadata> 37682 <!-- c3d08777a2397ababaa7778f2881067f --> 37683 <criteria operator="AND"> 37684 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37685 <criterion test_ref="oval:org.opensuse.security:tst:2009073073" comment="flash-player less than 10.3.183.15-0.6.1"/> 37686 </criteria> 37687 </definition> 37688 <definition id="oval:org.opensuse.security:def:20120755" version="1" class="vulnerability"> 37689 <metadata> 37690 <title>CVE-2012-0755</title> 37691 <affected family="unix"> 37692 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37693 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37694 </affected> 37695 <reference ref_id="CVE-2012-0755" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0755" source="CVE"/> 37696 <description> 37697 Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2012-0756. 37698 </description> 37699 </metadata> 37700 <!-- c3d08777a2397ababaa7778f2881067f --> 37701 <criteria operator="AND"> 37702 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37703 <criterion test_ref="oval:org.opensuse.security:tst:2009073073" comment="flash-player less than 10.3.183.15-0.6.1"/> 37704 </criteria> 37705 </definition> 37706 <definition id="oval:org.opensuse.security:def:20120756" version="1" class="vulnerability"> 37707 <metadata> 37708 <title>CVE-2012-0756</title> 37709 <affected family="unix"> 37710 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37711 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37712 </affected> 37713 <reference ref_id="CVE-2012-0756" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0756" source="CVE"/> 37714 <description> 37715 Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2012-0755. 37716 </description> 37717 </metadata> 37718 <!-- c3d08777a2397ababaa7778f2881067f --> 37719 <criteria operator="AND"> 37720 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37721 <criterion test_ref="oval:org.opensuse.security:tst:2009073073" comment="flash-player less than 10.3.183.15-0.6.1"/> 37722 </criteria> 37723 </definition> 37724 <definition id="oval:org.opensuse.security:def:20120767" version="1" class="vulnerability"> 37725 <metadata> 37726 <title>CVE-2012-0767</title> 37727 <affected family="unix"> 37728 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37729 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37730 </affected> 37731 <reference ref_id="CVE-2012-0767" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0767" source="CVE"/> 37732 <description> 37733 Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)," as exploited in the wild in February 2012. 37734 </description> 37735 </metadata> 37736 <!-- c3d08777a2397ababaa7778f2881067f --> 37737 <criteria operator="AND"> 37738 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37739 <criterion test_ref="oval:org.opensuse.security:tst:2009073073" comment="flash-player less than 10.3.183.15-0.6.1"/> 37740 </criteria> 37741 </definition> 37742 <definition id="oval:org.opensuse.security:def:20120768" version="1" class="vulnerability"> 37743 <metadata> 37744 <title>CVE-2012-0768</title> 37745 <affected family="unix"> 37746 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37747 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37748 </affected> 37749 <reference ref_id="CVE-2012-0768" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0768" source="CVE"/> 37750 <description> 37751 The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. 37752 </description> 37753 </metadata> 37754 <!-- e55fbfc41d02cf21b84c2963260243e6 --> 37755 <criteria operator="AND"> 37756 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37757 <criterion test_ref="oval:org.opensuse.security:tst:2009073204" comment="flash-player less than 10.3.183.16-0.5.1"/> 37758 </criteria> 37759 </definition> 37760 <definition id="oval:org.opensuse.security:def:20120769" version="1" class="vulnerability"> 37761 <metadata> 37762 <title>CVE-2012-0769</title> 37763 <affected family="unix"> 37764 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37765 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37766 </affected> 37767 <reference ref_id="CVE-2012-0769" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0769" source="CVE"/> 37768 <description> 37769 Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x does not properly handle integers, which allows attackers to obtain sensitive information via unspecified vectors. 37770 </description> 37771 </metadata> 37772 <!-- e55fbfc41d02cf21b84c2963260243e6 --> 37773 <criteria operator="AND"> 37774 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37775 <criterion test_ref="oval:org.opensuse.security:tst:2009073204" comment="flash-player less than 10.3.183.16-0.5.1"/> 37776 </criteria> 37777 </definition> 37778 <definition id="oval:org.opensuse.security:def:20120773" version="1" class="vulnerability"> 37779 <metadata> 37780 <title>CVE-2012-0773</title> 37781 <affected family="unix"> 37782 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37783 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37784 </affected> 37785 <reference ref_id="CVE-2012-0773" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0773" source="CVE"/> 37786 <description> 37787 The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228 on Windows, Mac OS X, and Linux; Flash Player before 10.3.183.18 and 11.x before 11.2.202.223 on Solaris; Flash Player before 11.1.111.8 on Android 2.x and 3.x; and AIR before 3.2.0.2070 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. 37788 </description> 37789 </metadata> 37790 <!-- 03280de9cddaad9751a83521641289ac --> 37791 <criteria operator="AND"> 37792 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37793 <criterion test_ref="oval:org.opensuse.security:tst:2009073396" comment="flash-player less than 10.3.183.18-0.5.2"/> 37794 </criteria> 37795 </definition> 37796 <definition id="oval:org.opensuse.security:def:20120774" version="1" class="vulnerability"> 37797 <metadata> 37798 <title>CVE-2012-0774</title> 37799 <affected family="unix"> 37800 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37801 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37802 </affected> 37803 <reference ref_id="CVE-2012-0774" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0774" source="CVE"/> 37804 <description> 37805 Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code via a crafted TrueType font. 37806 </description> 37807 </metadata> 37808 <!-- e0a6a6c45c73e49ff30a650d740a24d0 --> 37809 <criteria operator="AND"> 37810 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37811 <criteria operator="OR"> 37812 <criterion test_ref="oval:org.opensuse.security:tst:2009073827" comment="acroread-cmaps less than 9.4.6-0.6.1"/> 37813 <criterion test_ref="oval:org.opensuse.security:tst:2009073828" comment="acroread-fonts-ja less than 9.4.6-0.6.1"/> 37814 <criterion test_ref="oval:org.opensuse.security:tst:2009073829" comment="acroread-fonts-ko less than 9.4.6-0.6.1"/> 37815 <criterion test_ref="oval:org.opensuse.security:tst:2009073830" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.1"/> 37816 <criterion test_ref="oval:org.opensuse.security:tst:2009073831" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.1"/> 37817 <criterion test_ref="oval:org.opensuse.security:tst:2009073832" comment="acroread less than 9.5.1-0.6.1"/> 37818 </criteria> 37819 </criteria> 37820 </definition> 37821 <definition id="oval:org.opensuse.security:def:20120775" version="1" class="vulnerability"> 37822 <metadata> 37823 <title>CVE-2012-0775</title> 37824 <affected family="unix"> 37825 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37826 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37827 </affected> 37828 <reference ref_id="CVE-2012-0775" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0775" source="CVE"/> 37829 <description> 37830 The JavaScript implementation in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. 37831 </description> 37832 </metadata> 37833 <!-- e0a6a6c45c73e49ff30a650d740a24d0 --> 37834 <criteria operator="AND"> 37835 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37836 <criteria operator="OR"> 37837 <criterion test_ref="oval:org.opensuse.security:tst:2009073827" comment="acroread-cmaps less than 9.4.6-0.6.1"/> 37838 <criterion test_ref="oval:org.opensuse.security:tst:2009073828" comment="acroread-fonts-ja less than 9.4.6-0.6.1"/> 37839 <criterion test_ref="oval:org.opensuse.security:tst:2009073829" comment="acroread-fonts-ko less than 9.4.6-0.6.1"/> 37840 <criterion test_ref="oval:org.opensuse.security:tst:2009073830" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.1"/> 37841 <criterion test_ref="oval:org.opensuse.security:tst:2009073831" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.1"/> 37842 <criterion test_ref="oval:org.opensuse.security:tst:2009073832" comment="acroread less than 9.5.1-0.6.1"/> 37843 </criteria> 37844 </criteria> 37845 </definition> 37846 <definition id="oval:org.opensuse.security:def:20120777" version="1" class="vulnerability"> 37847 <metadata> 37848 <title>CVE-2012-0777</title> 37849 <affected family="unix"> 37850 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37851 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37852 </affected> 37853 <reference ref_id="CVE-2012-0777" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0777" source="CVE"/> 37854 <description> 37855 The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 on Mac OS X and Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. 37856 </description> 37857 </metadata> 37858 <!-- e0a6a6c45c73e49ff30a650d740a24d0 --> 37859 <criteria operator="AND"> 37860 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37861 <criteria operator="OR"> 37862 <criterion test_ref="oval:org.opensuse.security:tst:2009073827" comment="acroread-cmaps less than 9.4.6-0.6.1"/> 37863 <criterion test_ref="oval:org.opensuse.security:tst:2009073828" comment="acroread-fonts-ja less than 9.4.6-0.6.1"/> 37864 <criterion test_ref="oval:org.opensuse.security:tst:2009073829" comment="acroread-fonts-ko less than 9.4.6-0.6.1"/> 37865 <criterion test_ref="oval:org.opensuse.security:tst:2009073830" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.1"/> 37866 <criterion test_ref="oval:org.opensuse.security:tst:2009073831" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.1"/> 37867 <criterion test_ref="oval:org.opensuse.security:tst:2009073832" comment="acroread less than 9.5.1-0.6.1"/> 37868 </criteria> 37869 </criteria> 37870 </definition> 37871 <definition id="oval:org.opensuse.security:def:20120779" version="1" class="vulnerability"> 37872 <metadata> 37873 <title>CVE-2012-0779</title> 37874 <affected family="unix"> 37875 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37876 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37877 </affected> 37878 <reference ref_id="CVE-2012-0779" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0779" source="CVE"/> 37879 <description> 37880 Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows, Mac OS X, and Linux; before 11.1.111.9 on Android 2.x and 3.x; and before 11.1.115.8 on Android 4.x allows remote attackers to execute arbitrary code via a crafted file, related to an "object confusion vulnerability," as exploited in the wild in May 2012. 37881 </description> 37882 </metadata> 37883 <!-- 025c02b675ee613406e80e984dac238c --> 37884 <criteria operator="AND"> 37885 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37886 <criterion test_ref="oval:org.opensuse.security:tst:2009074035" comment="flash-player less than 11.2.202.235-0.5.1"/> 37887 </criteria> 37888 </definition> 37889 <definition id="oval:org.opensuse.security:def:20120804" version="1" class="vulnerability"> 37890 <metadata> 37891 <title>CVE-2012-0804</title> 37892 <affected family="unix"> 37893 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37894 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37895 </affected> 37896 <reference ref_id="CVE-2012-0804" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0804" source="CVE"/> 37897 <description> 37898 Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response. 37899 </description> 37900 </metadata> 37901 <!-- 41ed9e2e2ddfbd6e10469d928edf5ba4 --> 37902 <criteria operator="AND"> 37903 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37904 <criterion test_ref="oval:org.opensuse.security:tst:2009073109" comment="cvs less than 1.12.12-19.10.1"/> 37905 </criteria> 37906 </definition> 37907 <definition id="oval:org.opensuse.security:def:20120814" version="1" class="vulnerability"> 37908 <metadata> 37909 <title>CVE-2012-0814</title> 37910 <affected family="unix"> 37911 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37912 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37913 </affected> 37914 <reference ref_id="CVE-2012-0814" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0814" source="CVE"/> 37915 <description> 37916 The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory. 37917 </description> 37918 </metadata> 37919 <!-- 1433a415c626f2bfb25c692b714ebf1c --> 37920 <criteria operator="AND"> 37921 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37922 <criteria operator="OR"> 37923 <criterion test_ref="oval:org.opensuse.security:tst:2009075431" comment="openssh-askpass less than 5.1p1-41.12.8"/> 37924 <criterion test_ref="oval:org.opensuse.security:tst:2009075432" comment="openssh less than 5.1p1-41.12.8"/> 37925 </criteria> 37926 </criteria> 37927 </definition> 37928 <definition id="oval:org.opensuse.security:def:20120815" version="1" class="vulnerability"> 37929 <metadata> 37930 <title>CVE-2012-0815</title> 37931 <affected family="unix"> 37932 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37933 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37934 </affected> 37935 <reference ref_id="CVE-2012-0815" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0815" source="CVE"/> 37936 <description> 37937 The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly handled in a numeric range comparison. 37938 </description> 37939 </metadata> 37940 <criteria operator="OR"> 37941 <!-- 3437ad480e640b7bf5a09b96d1218988 --> 37942 <criteria operator="AND"> 37943 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37944 <criteria operator="OR"> 37945 <criterion test_ref="oval:org.opensuse.security:tst:2009074260" comment="popt-devel less than 1.7-271.46.16"/> 37946 <criterion test_ref="oval:org.opensuse.security:tst:2009074261" comment="popt less than 1.7-271.46.16"/> 37947 <criterion test_ref="oval:org.opensuse.security:tst:2009074262" comment="rpm-devel less than 4.4.2-43.46.16"/> 37948 <criterion test_ref="oval:org.opensuse.security:tst:2009074263" comment="rpm-python less than 4.4.2-43.46.16"/> 37949 <criterion test_ref="oval:org.opensuse.security:tst:2009074264" comment="rpm less than 4.4.2-43.46.16"/> 37950 </criteria> 37951 </criteria> 37952 <!-- 61f3188b3d9e4127f71a5e83882d65ea --> 37953 <criteria operator="AND"> 37954 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37955 <criteria operator="OR"> 37956 <criterion test_ref="oval:org.opensuse.security:tst:2009074258" comment="popt-32bit less than 1.7-271.46.16"/> 37957 <criterion test_ref="oval:org.opensuse.security:tst:2009074259" comment="popt-devel-32bit less than 1.7-271.46.16"/> 37958 <criterion test_ref="oval:org.opensuse.security:tst:2009074260" comment="popt-devel less than 1.7-271.46.16"/> 37959 <criterion test_ref="oval:org.opensuse.security:tst:2009074261" comment="popt less than 1.7-271.46.16"/> 37960 <criterion test_ref="oval:org.opensuse.security:tst:2009074262" comment="rpm-devel less than 4.4.2-43.46.16"/> 37961 <criterion test_ref="oval:org.opensuse.security:tst:2009074263" comment="rpm-python less than 4.4.2-43.46.16"/> 37962 <criterion test_ref="oval:org.opensuse.security:tst:2009074264" comment="rpm less than 4.4.2-43.46.16"/> 37963 </criteria> 37964 </criteria> 37965 </criteria> 37966 </definition> 37967 <definition id="oval:org.opensuse.security:def:20120841" version="1" class="vulnerability"> 37968 <metadata> 37969 <title>CVE-2012-0841</title> 37970 <affected family="unix"> 37971 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37972 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37973 </affected> 37974 <reference ref_id="CVE-2012-0841" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841" source="CVE"/> 37975 <description> 37976 libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data. 37977 </description> 37978 </metadata> 37979 <!-- 8710ea4a1a76636f485ed091d51d76c5 --> 37980 <criteria operator="AND"> 37981 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 37982 <criteria operator="OR"> 37983 <criterion test_ref="oval:org.opensuse.security:tst:2009074274" comment="libxml2-32bit less than 2.6.23-15.29.1"/> 37984 <criterion test_ref="oval:org.opensuse.security:tst:2009074275" comment="libxml2-devel-32bit less than 2.6.23-15.29.1"/> 37985 <criterion test_ref="oval:org.opensuse.security:tst:2009074276" comment="libxml2-devel less than 2.6.23-15.29.1"/> 37986 <criterion test_ref="oval:org.opensuse.security:tst:2009074277" comment="libxml2 less than 2.6.23-15.29.1"/> 37987 </criteria> 37988 </criteria> 37989 </definition> 37990 <definition id="oval:org.opensuse.security:def:20120864" version="1" class="vulnerability"> 37991 <metadata> 37992 <title>CVE-2012-0864</title> 37993 <affected family="unix"> 37994 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 37995 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 37996 </affected> 37997 <reference ref_id="CVE-2012-0864" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0864" source="CVE"/> 37998 <description> 37999 Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments. 38000 </description> 38001 </metadata> 38002 <!-- 54ed22b7fde76468f5f64a1f89cb1e8f --> 38003 <criteria operator="AND"> 38004 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38005 <criteria operator="OR"> 38006 <criterion test_ref="oval:org.opensuse.security:tst:2009074036" comment="glibc-32bit less than 2.4-31.101.2"/> 38007 <criterion test_ref="oval:org.opensuse.security:tst:2009074037" comment="glibc-devel-32bit less than 2.4-31.101.2"/> 38008 <criterion test_ref="oval:org.opensuse.security:tst:2009074038" comment="glibc-devel less than 2.4-31.101.2"/> 38009 <criterion test_ref="oval:org.opensuse.security:tst:2009074039" comment="glibc-html less than 2.4-31.101.2"/> 38010 <criterion test_ref="oval:org.opensuse.security:tst:2009074040" comment="glibc-i18ndata less than 2.4-31.101.2"/> 38011 <criterion test_ref="oval:org.opensuse.security:tst:2009074041" comment="glibc-info less than 2.4-31.101.2"/> 38012 <criterion test_ref="oval:org.opensuse.security:tst:2009074042" comment="glibc-locale-32bit less than 2.4-31.101.2"/> 38013 <criterion test_ref="oval:org.opensuse.security:tst:2009074043" comment="glibc-locale less than 2.4-31.101.2"/> 38014 <criterion test_ref="oval:org.opensuse.security:tst:2009074044" comment="glibc less than 2.4-31.101.2"/> 38015 <criterion test_ref="oval:org.opensuse.security:tst:2009074045" comment="nscd less than 2.4-31.101.2"/> 38016 </criteria> 38017 </criteria> 38018 </definition> 38019 <definition id="oval:org.opensuse.security:def:20120866" version="1" class="vulnerability"> 38020 <metadata> 38021 <title>CVE-2012-0866</title> 38022 <affected family="unix"> 38023 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38024 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38025 </affected> 38026 <reference ref_id="CVE-2012-0866" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0866" source="CVE"/> 38027 <description> 38028 CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table. 38029 </description> 38030 </metadata> 38031 <!-- bb8dbe40ca6eb550de22331990660c8f --> 38032 <criteria operator="AND"> 38033 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38034 <criteria operator="OR"> 38035 <criterion test_ref="oval:org.opensuse.security:tst:2009074394" comment="postgresql-devel less than 8.1.22-0.8.1"/> 38036 <criterion test_ref="oval:org.opensuse.security:tst:2009074395" comment="postgresql-libs-32bit less than 8.1.22-0.8.1"/> 38037 <criterion test_ref="oval:org.opensuse.security:tst:2009074396" comment="postgresql-libs less than 8.1.22-0.8.1"/> 38038 </criteria> 38039 </criteria> 38040 </definition> 38041 <definition id="oval:org.opensuse.security:def:20120868" version="1" class="vulnerability"> 38042 <metadata> 38043 <title>CVE-2012-0868</title> 38044 <affected family="unix"> 38045 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38046 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38047 </affected> 38048 <reference ref_id="CVE-2012-0868" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0868" source="CVE"/> 38049 <description> 38050 CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary SQL commands via a crafted file containing object names with newlines, which are inserted into an SQL script that is used when the database is restored. 38051 </description> 38052 </metadata> 38053 <!-- bb8dbe40ca6eb550de22331990660c8f --> 38054 <criteria operator="AND"> 38055 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38056 <criteria operator="OR"> 38057 <criterion test_ref="oval:org.opensuse.security:tst:2009074394" comment="postgresql-devel less than 8.1.22-0.8.1"/> 38058 <criterion test_ref="oval:org.opensuse.security:tst:2009074395" comment="postgresql-libs-32bit less than 8.1.22-0.8.1"/> 38059 <criterion test_ref="oval:org.opensuse.security:tst:2009074396" comment="postgresql-libs less than 8.1.22-0.8.1"/> 38060 </criteria> 38061 </criteria> 38062 </definition> 38063 <definition id="oval:org.opensuse.security:def:20120870" version="1" class="vulnerability"> 38064 <metadata> 38065 <title>CVE-2012-0870</title> 38066 <affected family="unix"> 38067 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38068 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38069 </affected> 38070 <reference ref_id="CVE-2012-0870" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870" source="CVE"/> 38071 <description> 38072 Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion. 38073 </description> 38074 </metadata> 38075 <!-- 7da8ca4f10f91e5bf4d12b67b2bd7522 --> 38076 <criteria operator="AND"> 38077 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38078 <criteria operator="OR"> 38079 <criterion test_ref="oval:org.opensuse.security:tst:2009073205" comment="cifs-mount less than 3.0.36-0.13.18.1"/> 38080 <criterion test_ref="oval:org.opensuse.security:tst:2009073206" comment="ldapsmb less than 1.34b-25.13.18.1"/> 38081 <criterion test_ref="oval:org.opensuse.security:tst:2009073207" comment="libsmbclient-32bit less than 3.0.36-0.13.18.1"/> 38082 <criterion test_ref="oval:org.opensuse.security:tst:2009073208" comment="libsmbclient-devel less than 3.0.36-0.13.18.1"/> 38083 <criterion test_ref="oval:org.opensuse.security:tst:2009073209" comment="libsmbclient less than 3.0.36-0.13.18.1"/> 38084 <criterion test_ref="oval:org.opensuse.security:tst:2009073210" comment="samba-32bit less than 3.0.36-0.13.18.1"/> 38085 <criterion test_ref="oval:org.opensuse.security:tst:2009073211" comment="samba-client-32bit less than 3.0.36-0.13.18.1"/> 38086 <criterion test_ref="oval:org.opensuse.security:tst:2009073212" comment="samba-client less than 3.0.36-0.13.18.1"/> 38087 <criterion test_ref="oval:org.opensuse.security:tst:2009073213" comment="samba-krb-printing less than 3.0.36-0.13.18.1"/> 38088 <criterion test_ref="oval:org.opensuse.security:tst:2009073214" comment="samba-vscan less than 0.3.6b-43.13.18.1"/> 38089 <criterion test_ref="oval:org.opensuse.security:tst:2009073215" comment="samba-winbind-32bit less than 3.0.36-0.13.18.1"/> 38090 <criterion test_ref="oval:org.opensuse.security:tst:2009073216" comment="samba-winbind less than 3.0.36-0.13.18.1"/> 38091 <criterion test_ref="oval:org.opensuse.security:tst:2009073217" comment="samba less than 3.0.36-0.13.18.1"/> 38092 </criteria> 38093 </criteria> 38094 </definition> 38095 <definition id="oval:org.opensuse.security:def:20120876" version="1" class="vulnerability"> 38096 <metadata> 38097 <title>CVE-2012-0876</title> 38098 <affected family="unix"> 38099 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38100 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38101 </affected> 38102 <reference ref_id="CVE-2012-0876" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876" source="CVE"/> 38103 <description> 38104 The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value. 38105 </description> 38106 </metadata> 38107 <!-- 4a77c640139b9b5a7e5b29f40a1e6f95 --> 38108 <criteria operator="AND"> 38109 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38110 <criteria operator="OR"> 38111 <criterion test_ref="oval:org.opensuse.security:tst:2009074693" comment="expat-32bit less than 2.0.0-13.15.16"/> 38112 <criterion test_ref="oval:org.opensuse.security:tst:2009074694" comment="expat less than 2.0.0-13.15.16"/> 38113 </criteria> 38114 </criteria> 38115 </definition> 38116 <definition id="oval:org.opensuse.security:def:20121108" version="1" class="vulnerability"> 38117 <metadata> 38118 <title>CVE-2012-1108</title> 38119 <affected family="unix"> 38120 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38121 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38122 </affected> 38123 <reference ref_id="CVE-2012-1108" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1108" source="CVE"/> 38124 <description> 38125 The parse function in ogg/xiphcomment.cpp in TagLib 1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted vendorLength field in an ogg file. 38126 </description> 38127 </metadata> 38128 <!-- cd82b6b35d24911b6b1aa3e62fbad07c --> 38129 <criteria operator="AND"> 38130 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38131 <criteria operator="OR"> 38132 <criterion test_ref="oval:org.opensuse.security:tst:2009074620" comment="taglib-32bit less than 1.4-20.8.2"/> 38133 <criterion test_ref="oval:org.opensuse.security:tst:2009074621" comment="taglib-devel less than 1.4-20.8.2"/> 38134 <criterion test_ref="oval:org.opensuse.security:tst:2009074622" comment="taglib less than 1.4-20.8.2"/> 38135 </criteria> 38136 </criteria> 38137 </definition> 38138 <definition id="oval:org.opensuse.security:def:20121126" version="1" class="vulnerability"> 38139 <metadata> 38140 <title>CVE-2012-1126</title> 38141 <affected family="unix"> 38142 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38143 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38144 </affected> 38145 <reference ref_id="CVE-2012-1126" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1126" source="CVE"/> 38146 <description> 38147 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font. 38148 </description> 38149 </metadata> 38150 <!-- 1726216ecdcd5bf2aac95567fbb683f1 --> 38151 <criteria operator="AND"> 38152 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38153 <criteria operator="OR"> 38154 <criterion test_ref="oval:org.opensuse.security:tst:2009073550" comment="freetype2-32bit less than 2.1.10-18.29.6"/> 38155 <criterion test_ref="oval:org.opensuse.security:tst:2009073551" comment="freetype2-devel-32bit less than 2.1.10-18.29.6"/> 38156 <criterion test_ref="oval:org.opensuse.security:tst:2009073552" comment="freetype2-devel less than 2.1.10-18.29.6"/> 38157 <criterion test_ref="oval:org.opensuse.security:tst:2009073553" comment="freetype2 less than 2.1.10-18.29.6"/> 38158 <criterion test_ref="oval:org.opensuse.security:tst:2009073554" comment="ft2demos less than 2.1.10-19.29.2"/> 38159 </criteria> 38160 </criteria> 38161 </definition> 38162 <definition id="oval:org.opensuse.security:def:20121127" version="1" class="vulnerability"> 38163 <metadata> 38164 <title>CVE-2012-1127</title> 38165 <affected family="unix"> 38166 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38167 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38168 </affected> 38169 <reference ref_id="CVE-2012-1127" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1127" source="CVE"/> 38170 <description> 38171 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font. 38172 </description> 38173 </metadata> 38174 <!-- 1726216ecdcd5bf2aac95567fbb683f1 --> 38175 <criteria operator="AND"> 38176 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38177 <criteria operator="OR"> 38178 <criterion test_ref="oval:org.opensuse.security:tst:2009073550" comment="freetype2-32bit less than 2.1.10-18.29.6"/> 38179 <criterion test_ref="oval:org.opensuse.security:tst:2009073551" comment="freetype2-devel-32bit less than 2.1.10-18.29.6"/> 38180 <criterion test_ref="oval:org.opensuse.security:tst:2009073552" comment="freetype2-devel less than 2.1.10-18.29.6"/> 38181 <criterion test_ref="oval:org.opensuse.security:tst:2009073553" comment="freetype2 less than 2.1.10-18.29.6"/> 38182 <criterion test_ref="oval:org.opensuse.security:tst:2009073554" comment="ft2demos less than 2.1.10-19.29.2"/> 38183 </criteria> 38184 </criteria> 38185 </definition> 38186 <definition id="oval:org.opensuse.security:def:20121129" version="1" class="vulnerability"> 38187 <metadata> 38188 <title>CVE-2012-1129</title> 38189 <affected family="unix"> 38190 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38191 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38192 </affected> 38193 <reference ref_id="CVE-2012-1129" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1129" source="CVE"/> 38194 <description> 38195 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font. 38196 </description> 38197 </metadata> 38198 <!-- 1726216ecdcd5bf2aac95567fbb683f1 --> 38199 <criteria operator="AND"> 38200 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38201 <criteria operator="OR"> 38202 <criterion test_ref="oval:org.opensuse.security:tst:2009073550" comment="freetype2-32bit less than 2.1.10-18.29.6"/> 38203 <criterion test_ref="oval:org.opensuse.security:tst:2009073551" comment="freetype2-devel-32bit less than 2.1.10-18.29.6"/> 38204 <criterion test_ref="oval:org.opensuse.security:tst:2009073552" comment="freetype2-devel less than 2.1.10-18.29.6"/> 38205 <criterion test_ref="oval:org.opensuse.security:tst:2009073553" comment="freetype2 less than 2.1.10-18.29.6"/> 38206 <criterion test_ref="oval:org.opensuse.security:tst:2009073554" comment="ft2demos less than 2.1.10-19.29.2"/> 38207 </criteria> 38208 </criteria> 38209 </definition> 38210 <definition id="oval:org.opensuse.security:def:20121130" version="1" class="vulnerability"> 38211 <metadata> 38212 <title>CVE-2012-1130</title> 38213 <affected family="unix"> 38214 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38215 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38216 </affected> 38217 <reference ref_id="CVE-2012-1130" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1130" source="CVE"/> 38218 <description> 38219 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a PCF font. 38220 </description> 38221 </metadata> 38222 <!-- 1726216ecdcd5bf2aac95567fbb683f1 --> 38223 <criteria operator="AND"> 38224 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38225 <criteria operator="OR"> 38226 <criterion test_ref="oval:org.opensuse.security:tst:2009073550" comment="freetype2-32bit less than 2.1.10-18.29.6"/> 38227 <criterion test_ref="oval:org.opensuse.security:tst:2009073551" comment="freetype2-devel-32bit less than 2.1.10-18.29.6"/> 38228 <criterion test_ref="oval:org.opensuse.security:tst:2009073552" comment="freetype2-devel less than 2.1.10-18.29.6"/> 38229 <criterion test_ref="oval:org.opensuse.security:tst:2009073553" comment="freetype2 less than 2.1.10-18.29.6"/> 38230 <criterion test_ref="oval:org.opensuse.security:tst:2009073554" comment="ft2demos less than 2.1.10-19.29.2"/> 38231 </criteria> 38232 </criteria> 38233 </definition> 38234 <definition id="oval:org.opensuse.security:def:20121131" version="1" class="vulnerability"> 38235 <metadata> 38236 <title>CVE-2012-1131</title> 38237 <affected family="unix"> 38238 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38239 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38240 </affected> 38241 <reference ref_id="CVE-2012-1131" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1131" source="CVE"/> 38242 <description> 38243 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font. 38244 </description> 38245 </metadata> 38246 <!-- 1726216ecdcd5bf2aac95567fbb683f1 --> 38247 <criteria operator="AND"> 38248 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38249 <criteria operator="OR"> 38250 <criterion test_ref="oval:org.opensuse.security:tst:2009073550" comment="freetype2-32bit less than 2.1.10-18.29.6"/> 38251 <criterion test_ref="oval:org.opensuse.security:tst:2009073551" comment="freetype2-devel-32bit less than 2.1.10-18.29.6"/> 38252 <criterion test_ref="oval:org.opensuse.security:tst:2009073552" comment="freetype2-devel less than 2.1.10-18.29.6"/> 38253 <criterion test_ref="oval:org.opensuse.security:tst:2009073553" comment="freetype2 less than 2.1.10-18.29.6"/> 38254 <criterion test_ref="oval:org.opensuse.security:tst:2009073554" comment="ft2demos less than 2.1.10-19.29.2"/> 38255 </criteria> 38256 </criteria> 38257 </definition> 38258 <definition id="oval:org.opensuse.security:def:20121132" version="1" class="vulnerability"> 38259 <metadata> 38260 <title>CVE-2012-1132</title> 38261 <affected family="unix"> 38262 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38263 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38264 </affected> 38265 <reference ref_id="CVE-2012-1132" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1132" source="CVE"/> 38266 <description> 38267 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font. 38268 </description> 38269 </metadata> 38270 <!-- 1726216ecdcd5bf2aac95567fbb683f1 --> 38271 <criteria operator="AND"> 38272 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38273 <criteria operator="OR"> 38274 <criterion test_ref="oval:org.opensuse.security:tst:2009073550" comment="freetype2-32bit less than 2.1.10-18.29.6"/> 38275 <criterion test_ref="oval:org.opensuse.security:tst:2009073551" comment="freetype2-devel-32bit less than 2.1.10-18.29.6"/> 38276 <criterion test_ref="oval:org.opensuse.security:tst:2009073552" comment="freetype2-devel less than 2.1.10-18.29.6"/> 38277 <criterion test_ref="oval:org.opensuse.security:tst:2009073553" comment="freetype2 less than 2.1.10-18.29.6"/> 38278 <criterion test_ref="oval:org.opensuse.security:tst:2009073554" comment="ft2demos less than 2.1.10-19.29.2"/> 38279 </criteria> 38280 </criteria> 38281 </definition> 38282 <definition id="oval:org.opensuse.security:def:20121133" version="1" class="vulnerability"> 38283 <metadata> 38284 <title>CVE-2012-1133</title> 38285 <affected family="unix"> 38286 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38287 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38288 </affected> 38289 <reference ref_id="CVE-2012-1133" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1133" source="CVE"/> 38290 <description> 38291 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font. 38292 </description> 38293 </metadata> 38294 <!-- 1726216ecdcd5bf2aac95567fbb683f1 --> 38295 <criteria operator="AND"> 38296 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38297 <criteria operator="OR"> 38298 <criterion test_ref="oval:org.opensuse.security:tst:2009073550" comment="freetype2-32bit less than 2.1.10-18.29.6"/> 38299 <criterion test_ref="oval:org.opensuse.security:tst:2009073551" comment="freetype2-devel-32bit less than 2.1.10-18.29.6"/> 38300 <criterion test_ref="oval:org.opensuse.security:tst:2009073552" comment="freetype2-devel less than 2.1.10-18.29.6"/> 38301 <criterion test_ref="oval:org.opensuse.security:tst:2009073553" comment="freetype2 less than 2.1.10-18.29.6"/> 38302 <criterion test_ref="oval:org.opensuse.security:tst:2009073554" comment="ft2demos less than 2.1.10-19.29.2"/> 38303 </criteria> 38304 </criteria> 38305 </definition> 38306 <definition id="oval:org.opensuse.security:def:20121134" version="1" class="vulnerability"> 38307 <metadata> 38308 <title>CVE-2012-1134</title> 38309 <affected family="unix"> 38310 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38311 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38312 </affected> 38313 <reference ref_id="CVE-2012-1134" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1134" source="CVE"/> 38314 <description> 38315 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font. 38316 </description> 38317 </metadata> 38318 <!-- 1726216ecdcd5bf2aac95567fbb683f1 --> 38319 <criteria operator="AND"> 38320 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38321 <criteria operator="OR"> 38322 <criterion test_ref="oval:org.opensuse.security:tst:2009073550" comment="freetype2-32bit less than 2.1.10-18.29.6"/> 38323 <criterion test_ref="oval:org.opensuse.security:tst:2009073551" comment="freetype2-devel-32bit less than 2.1.10-18.29.6"/> 38324 <criterion test_ref="oval:org.opensuse.security:tst:2009073552" comment="freetype2-devel less than 2.1.10-18.29.6"/> 38325 <criterion test_ref="oval:org.opensuse.security:tst:2009073553" comment="freetype2 less than 2.1.10-18.29.6"/> 38326 <criterion test_ref="oval:org.opensuse.security:tst:2009073554" comment="ft2demos less than 2.1.10-19.29.2"/> 38327 </criteria> 38328 </criteria> 38329 </definition> 38330 <definition id="oval:org.opensuse.security:def:20121135" version="1" class="vulnerability"> 38331 <metadata> 38332 <title>CVE-2012-1135</title> 38333 <affected family="unix"> 38334 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38335 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38336 </affected> 38337 <reference ref_id="CVE-2012-1135" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1135" source="CVE"/> 38338 <description> 38339 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font. 38340 </description> 38341 </metadata> 38342 <!-- 1726216ecdcd5bf2aac95567fbb683f1 --> 38343 <criteria operator="AND"> 38344 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38345 <criteria operator="OR"> 38346 <criterion test_ref="oval:org.opensuse.security:tst:2009073550" comment="freetype2-32bit less than 2.1.10-18.29.6"/> 38347 <criterion test_ref="oval:org.opensuse.security:tst:2009073551" comment="freetype2-devel-32bit less than 2.1.10-18.29.6"/> 38348 <criterion test_ref="oval:org.opensuse.security:tst:2009073552" comment="freetype2-devel less than 2.1.10-18.29.6"/> 38349 <criterion test_ref="oval:org.opensuse.security:tst:2009073553" comment="freetype2 less than 2.1.10-18.29.6"/> 38350 <criterion test_ref="oval:org.opensuse.security:tst:2009073554" comment="ft2demos less than 2.1.10-19.29.2"/> 38351 </criteria> 38352 </criteria> 38353 </definition> 38354 <definition id="oval:org.opensuse.security:def:20121136" version="1" class="vulnerability"> 38355 <metadata> 38356 <title>CVE-2012-1136</title> 38357 <affected family="unix"> 38358 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38359 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38360 </affected> 38361 <reference ref_id="CVE-2012-1136" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1136" source="CVE"/> 38362 <description> 38363 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field. 38364 </description> 38365 </metadata> 38366 <!-- 1726216ecdcd5bf2aac95567fbb683f1 --> 38367 <criteria operator="AND"> 38368 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38369 <criteria operator="OR"> 38370 <criterion test_ref="oval:org.opensuse.security:tst:2009073550" comment="freetype2-32bit less than 2.1.10-18.29.6"/> 38371 <criterion test_ref="oval:org.opensuse.security:tst:2009073551" comment="freetype2-devel-32bit less than 2.1.10-18.29.6"/> 38372 <criterion test_ref="oval:org.opensuse.security:tst:2009073552" comment="freetype2-devel less than 2.1.10-18.29.6"/> 38373 <criterion test_ref="oval:org.opensuse.security:tst:2009073553" comment="freetype2 less than 2.1.10-18.29.6"/> 38374 <criterion test_ref="oval:org.opensuse.security:tst:2009073554" comment="ft2demos less than 2.1.10-19.29.2"/> 38375 </criteria> 38376 </criteria> 38377 </definition> 38378 <definition id="oval:org.opensuse.security:def:20121137" version="1" class="vulnerability"> 38379 <metadata> 38380 <title>CVE-2012-1137</title> 38381 <affected family="unix"> 38382 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38383 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38384 </affected> 38385 <reference ref_id="CVE-2012-1137" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1137" source="CVE"/> 38386 <description> 38387 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font. 38388 </description> 38389 </metadata> 38390 <!-- 1726216ecdcd5bf2aac95567fbb683f1 --> 38391 <criteria operator="AND"> 38392 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38393 <criteria operator="OR"> 38394 <criterion test_ref="oval:org.opensuse.security:tst:2009073550" comment="freetype2-32bit less than 2.1.10-18.29.6"/> 38395 <criterion test_ref="oval:org.opensuse.security:tst:2009073551" comment="freetype2-devel-32bit less than 2.1.10-18.29.6"/> 38396 <criterion test_ref="oval:org.opensuse.security:tst:2009073552" comment="freetype2-devel less than 2.1.10-18.29.6"/> 38397 <criterion test_ref="oval:org.opensuse.security:tst:2009073553" comment="freetype2 less than 2.1.10-18.29.6"/> 38398 <criterion test_ref="oval:org.opensuse.security:tst:2009073554" comment="ft2demos less than 2.1.10-19.29.2"/> 38399 </criteria> 38400 </criteria> 38401 </definition> 38402 <definition id="oval:org.opensuse.security:def:20121138" version="1" class="vulnerability"> 38403 <metadata> 38404 <title>CVE-2012-1138</title> 38405 <affected family="unix"> 38406 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38407 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38408 </affected> 38409 <reference ref_id="CVE-2012-1138" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1138" source="CVE"/> 38410 <description> 38411 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font. 38412 </description> 38413 </metadata> 38414 <!-- 1726216ecdcd5bf2aac95567fbb683f1 --> 38415 <criteria operator="AND"> 38416 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38417 <criteria operator="OR"> 38418 <criterion test_ref="oval:org.opensuse.security:tst:2009073550" comment="freetype2-32bit less than 2.1.10-18.29.6"/> 38419 <criterion test_ref="oval:org.opensuse.security:tst:2009073551" comment="freetype2-devel-32bit less than 2.1.10-18.29.6"/> 38420 <criterion test_ref="oval:org.opensuse.security:tst:2009073552" comment="freetype2-devel less than 2.1.10-18.29.6"/> 38421 <criterion test_ref="oval:org.opensuse.security:tst:2009073553" comment="freetype2 less than 2.1.10-18.29.6"/> 38422 <criterion test_ref="oval:org.opensuse.security:tst:2009073554" comment="ft2demos less than 2.1.10-19.29.2"/> 38423 </criteria> 38424 </criteria> 38425 </definition> 38426 <definition id="oval:org.opensuse.security:def:20121139" version="1" class="vulnerability"> 38427 <metadata> 38428 <title>CVE-2012-1139</title> 38429 <affected family="unix"> 38430 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38431 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38432 </affected> 38433 <reference ref_id="CVE-2012-1139" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1139" source="CVE"/> 38434 <description> 38435 Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font. 38436 </description> 38437 </metadata> 38438 <!-- 1726216ecdcd5bf2aac95567fbb683f1 --> 38439 <criteria operator="AND"> 38440 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38441 <criteria operator="OR"> 38442 <criterion test_ref="oval:org.opensuse.security:tst:2009073550" comment="freetype2-32bit less than 2.1.10-18.29.6"/> 38443 <criterion test_ref="oval:org.opensuse.security:tst:2009073551" comment="freetype2-devel-32bit less than 2.1.10-18.29.6"/> 38444 <criterion test_ref="oval:org.opensuse.security:tst:2009073552" comment="freetype2-devel less than 2.1.10-18.29.6"/> 38445 <criterion test_ref="oval:org.opensuse.security:tst:2009073553" comment="freetype2 less than 2.1.10-18.29.6"/> 38446 <criterion test_ref="oval:org.opensuse.security:tst:2009073554" comment="ft2demos less than 2.1.10-19.29.2"/> 38447 </criteria> 38448 </criteria> 38449 </definition> 38450 <definition id="oval:org.opensuse.security:def:20121141" version="1" class="vulnerability"> 38451 <metadata> 38452 <title>CVE-2012-1141</title> 38453 <affected family="unix"> 38454 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38455 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38456 </affected> 38457 <reference ref_id="CVE-2012-1141" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1141" source="CVE"/> 38458 <description> 38459 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font. 38460 </description> 38461 </metadata> 38462 <!-- 1726216ecdcd5bf2aac95567fbb683f1 --> 38463 <criteria operator="AND"> 38464 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38465 <criteria operator="OR"> 38466 <criterion test_ref="oval:org.opensuse.security:tst:2009073550" comment="freetype2-32bit less than 2.1.10-18.29.6"/> 38467 <criterion test_ref="oval:org.opensuse.security:tst:2009073551" comment="freetype2-devel-32bit less than 2.1.10-18.29.6"/> 38468 <criterion test_ref="oval:org.opensuse.security:tst:2009073552" comment="freetype2-devel less than 2.1.10-18.29.6"/> 38469 <criterion test_ref="oval:org.opensuse.security:tst:2009073553" comment="freetype2 less than 2.1.10-18.29.6"/> 38470 <criterion test_ref="oval:org.opensuse.security:tst:2009073554" comment="ft2demos less than 2.1.10-19.29.2"/> 38471 </criteria> 38472 </criteria> 38473 </definition> 38474 <definition id="oval:org.opensuse.security:def:20121142" version="1" class="vulnerability"> 38475 <metadata> 38476 <title>CVE-2012-1142</title> 38477 <affected family="unix"> 38478 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38479 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38480 </affected> 38481 <reference ref_id="CVE-2012-1142" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1142" source="CVE"/> 38482 <description> 38483 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font. 38484 </description> 38485 </metadata> 38486 <!-- 1726216ecdcd5bf2aac95567fbb683f1 --> 38487 <criteria operator="AND"> 38488 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38489 <criteria operator="OR"> 38490 <criterion test_ref="oval:org.opensuse.security:tst:2009073550" comment="freetype2-32bit less than 2.1.10-18.29.6"/> 38491 <criterion test_ref="oval:org.opensuse.security:tst:2009073551" comment="freetype2-devel-32bit less than 2.1.10-18.29.6"/> 38492 <criterion test_ref="oval:org.opensuse.security:tst:2009073552" comment="freetype2-devel less than 2.1.10-18.29.6"/> 38493 <criterion test_ref="oval:org.opensuse.security:tst:2009073553" comment="freetype2 less than 2.1.10-18.29.6"/> 38494 <criterion test_ref="oval:org.opensuse.security:tst:2009073554" comment="ft2demos less than 2.1.10-19.29.2"/> 38495 </criteria> 38496 </criteria> 38497 </definition> 38498 <definition id="oval:org.opensuse.security:def:20121143" version="1" class="vulnerability"> 38499 <metadata> 38500 <title>CVE-2012-1143</title> 38501 <affected family="unix"> 38502 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38503 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38504 </affected> 38505 <reference ref_id="CVE-2012-1143" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1143" source="CVE"/> 38506 <description> 38507 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font. 38508 </description> 38509 </metadata> 38510 <!-- 1726216ecdcd5bf2aac95567fbb683f1 --> 38511 <criteria operator="AND"> 38512 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38513 <criteria operator="OR"> 38514 <criterion test_ref="oval:org.opensuse.security:tst:2009073550" comment="freetype2-32bit less than 2.1.10-18.29.6"/> 38515 <criterion test_ref="oval:org.opensuse.security:tst:2009073551" comment="freetype2-devel-32bit less than 2.1.10-18.29.6"/> 38516 <criterion test_ref="oval:org.opensuse.security:tst:2009073552" comment="freetype2-devel less than 2.1.10-18.29.6"/> 38517 <criterion test_ref="oval:org.opensuse.security:tst:2009073553" comment="freetype2 less than 2.1.10-18.29.6"/> 38518 <criterion test_ref="oval:org.opensuse.security:tst:2009073554" comment="ft2demos less than 2.1.10-19.29.2"/> 38519 </criteria> 38520 </criteria> 38521 </definition> 38522 <definition id="oval:org.opensuse.security:def:20121147" version="1" class="vulnerability"> 38523 <metadata> 38524 <title>CVE-2012-1147</title> 38525 <affected family="unix"> 38526 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38527 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38528 </affected> 38529 <reference ref_id="CVE-2012-1147" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1147" source="CVE"/> 38530 <description> 38531 readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files. 38532 </description> 38533 </metadata> 38534 <!-- 4a77c640139b9b5a7e5b29f40a1e6f95 --> 38535 <criteria operator="AND"> 38536 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38537 <criteria operator="OR"> 38538 <criterion test_ref="oval:org.opensuse.security:tst:2009074693" comment="expat-32bit less than 2.0.0-13.15.16"/> 38539 <criterion test_ref="oval:org.opensuse.security:tst:2009074694" comment="expat less than 2.0.0-13.15.16"/> 38540 </criteria> 38541 </criteria> 38542 </definition> 38543 <definition id="oval:org.opensuse.security:def:20121148" version="1" class="vulnerability"> 38544 <metadata> 38545 <title>CVE-2012-1148</title> 38546 <affected family="unix"> 38547 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38548 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38549 </affected> 38550 <reference ref_id="CVE-2012-1148" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1148" source="CVE"/> 38551 <description> 38552 Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities. 38553 </description> 38554 </metadata> 38555 <!-- 4a77c640139b9b5a7e5b29f40a1e6f95 --> 38556 <criteria operator="AND"> 38557 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38558 <criteria operator="OR"> 38559 <criterion test_ref="oval:org.opensuse.security:tst:2009074693" comment="expat-32bit less than 2.0.0-13.15.16"/> 38560 <criterion test_ref="oval:org.opensuse.security:tst:2009074694" comment="expat less than 2.0.0-13.15.16"/> 38561 </criteria> 38562 </criteria> 38563 </definition> 38564 <definition id="oval:org.opensuse.security:def:20121149" version="1" class="vulnerability"> 38565 <metadata> 38566 <title>CVE-2012-1149</title> 38567 <affected family="unix"> 38568 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38569 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38570 </affected> 38571 <reference ref_id="CVE-2012-1149" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1149" source="CVE"/> 38572 <description> 38573 Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow. 38574 </description> 38575 </metadata> 38576 <!-- 212ca99750b4a43554de347c255f56fb --> 38577 <criteria operator="AND"> 38578 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38579 <criteria operator="OR"> 38580 <criterion test_ref="oval:org.opensuse.security:tst:2009073398" comment="libreoffice-af less than 3.4.5.5-0.7.1"/> 38581 <criterion test_ref="oval:org.opensuse.security:tst:2009073399" comment="libreoffice-ar less than 3.4.5.5-0.7.1"/> 38582 <criterion test_ref="oval:org.opensuse.security:tst:2009073400" comment="libreoffice-ca less than 3.4.5.5-0.7.1"/> 38583 <criterion test_ref="oval:org.opensuse.security:tst:2009073401" comment="libreoffice-cs less than 3.4.5.5-0.7.1"/> 38584 <criterion test_ref="oval:org.opensuse.security:tst:2009073402" comment="libreoffice-da less than 3.4.5.5-0.7.1"/> 38585 <criterion test_ref="oval:org.opensuse.security:tst:2009073403" comment="libreoffice-de less than 3.4.5.5-0.7.1"/> 38586 <criterion test_ref="oval:org.opensuse.security:tst:2009073404" comment="libreoffice-el less than 3.4.5.5-0.7.1"/> 38587 <criterion test_ref="oval:org.opensuse.security:tst:2009073405" comment="libreoffice-en-GB less than 3.4.5.5-0.7.1"/> 38588 <criterion test_ref="oval:org.opensuse.security:tst:2009073406" comment="libreoffice-es less than 3.4.5.5-0.7.1"/> 38589 <criterion test_ref="oval:org.opensuse.security:tst:2009073407" comment="libreoffice-fi less than 3.4.5.5-0.7.1"/> 38590 <criterion test_ref="oval:org.opensuse.security:tst:2009073408" comment="libreoffice-fr less than 3.4.5.5-0.7.1"/> 38591 <criterion test_ref="oval:org.opensuse.security:tst:2009073409" comment="libreoffice-galleries less than 3.4.5.5-0.7.1"/> 38592 <criterion test_ref="oval:org.opensuse.security:tst:2009073410" comment="libreoffice-gnome less than 3.4.5.5-0.7.1"/> 38593 <criterion test_ref="oval:org.opensuse.security:tst:2009073411" comment="libreoffice-gu-IN less than 3.4.5.5-0.7.1"/> 38594 <criterion test_ref="oval:org.opensuse.security:tst:2009073412" comment="libreoffice-hi-IN less than 3.4.5.5-0.7.1"/> 38595 <criterion test_ref="oval:org.opensuse.security:tst:2009073413" comment="libreoffice-hu less than 3.4.5.5-0.7.1"/> 38596 <criterion test_ref="oval:org.opensuse.security:tst:2009073414" comment="libreoffice-it less than 3.4.5.5-0.7.1"/> 38597 <criterion test_ref="oval:org.opensuse.security:tst:2009073415" comment="libreoffice-ja less than 3.4.5.5-0.7.1"/> 38598 <criterion test_ref="oval:org.opensuse.security:tst:2009073416" comment="libreoffice-kde less than 3.4.5.5-0.7.1"/> 38599 <criterion test_ref="oval:org.opensuse.security:tst:2009073417" comment="libreoffice-ko less than 3.4.5.5-0.7.1"/> 38600 <criterion test_ref="oval:org.opensuse.security:tst:2009073418" comment="libreoffice-mono less than 3.4.5.5-0.7.1"/> 38601 <criterion test_ref="oval:org.opensuse.security:tst:2009073419" comment="libreoffice-nb less than 3.4.5.5-0.7.1"/> 38602 <criterion test_ref="oval:org.opensuse.security:tst:2009073420" comment="libreoffice-nl less than 3.4.5.5-0.7.1"/> 38603 <criterion test_ref="oval:org.opensuse.security:tst:2009073421" comment="libreoffice-nn less than 3.4.5.5-0.7.1"/> 38604 <criterion test_ref="oval:org.opensuse.security:tst:2009073422" comment="libreoffice-pl less than 3.4.5.5-0.7.1"/> 38605 <criterion test_ref="oval:org.opensuse.security:tst:2009073423" comment="libreoffice-pt-BR less than 3.4.5.5-0.7.1"/> 38606 <criterion test_ref="oval:org.opensuse.security:tst:2009073424" comment="libreoffice-ru less than 3.4.5.5-0.7.1"/> 38607 <criterion test_ref="oval:org.opensuse.security:tst:2009073425" comment="libreoffice-sk less than 3.4.5.5-0.7.1"/> 38608 <criterion test_ref="oval:org.opensuse.security:tst:2009073426" comment="libreoffice-sv less than 3.4.5.5-0.7.1"/> 38609 <criterion test_ref="oval:org.opensuse.security:tst:2009073427" comment="libreoffice-xh less than 3.4.5.5-0.7.1"/> 38610 <criterion test_ref="oval:org.opensuse.security:tst:2009073428" comment="libreoffice-zh-CN less than 3.4.5.5-0.7.1"/> 38611 <criterion test_ref="oval:org.opensuse.security:tst:2009073429" comment="libreoffice-zh-TW less than 3.4.5.5-0.7.1"/> 38612 <criterion test_ref="oval:org.opensuse.security:tst:2009073430" comment="libreoffice-zu less than 3.4.5.5-0.7.1"/> 38613 <criterion test_ref="oval:org.opensuse.security:tst:2009073431" comment="libreoffice less than 3.4.5.5-0.7.1"/> 38614 </criteria> 38615 </criteria> 38616 </definition> 38617 <definition id="oval:org.opensuse.security:def:20121150" version="1" class="vulnerability"> 38618 <metadata> 38619 <title>CVE-2012-1150</title> 38620 <affected family="unix"> 38621 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38622 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38623 </affected> 38624 <reference ref_id="CVE-2012-1150" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150" source="CVE"/> 38625 <description> 38626 Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. 38627 </description> 38628 </metadata> 38629 <!-- 8cae90c294b192a41f5e7816dbad3991 --> 38630 <criteria operator="AND"> 38631 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38632 <criteria operator="OR"> 38633 <criterion test_ref="oval:org.opensuse.security:tst:2009073858" comment="python-32bit less than 2.4.2-18.41.2"/> 38634 <criterion test_ref="oval:org.opensuse.security:tst:2009073859" comment="python-curses less than 2.4.2-18.41.2"/> 38635 <criterion test_ref="oval:org.opensuse.security:tst:2009073860" comment="python-devel less than 2.4.2-18.41.2"/> 38636 <criterion test_ref="oval:org.opensuse.security:tst:2009073861" comment="python-gdbm less than 2.4.2-18.41.2"/> 38637 <criterion test_ref="oval:org.opensuse.security:tst:2009073862" comment="python-tk less than 2.4.2-18.41.2"/> 38638 <criterion test_ref="oval:org.opensuse.security:tst:2009073863" comment="python-xml less than 2.4.2-18.41.2"/> 38639 <criterion test_ref="oval:org.opensuse.security:tst:2009073864" comment="python less than 2.4.2-18.41.2"/> 38640 </criteria> 38641 </criteria> 38642 </definition> 38643 <definition id="oval:org.opensuse.security:def:20121165" version="1" class="vulnerability"> 38644 <metadata> 38645 <title>CVE-2012-1165</title> 38646 <affected family="unix"> 38647 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38648 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38649 </affected> 38650 <reference ref_id="CVE-2012-1165" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1165" source="CVE"/> 38651 <description> 38652 The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250. 38653 </description> 38654 </metadata> 38655 <!-- f6896f36048d7e8f3d49c12c286ae0d8 --> 38656 <criteria operator="AND"> 38657 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38658 <criteria operator="OR"> 38659 <criterion test_ref="oval:org.opensuse.security:tst:2009073451" comment="openssl-32bit less than 0.9.8a-18.64.3"/> 38660 <criterion test_ref="oval:org.opensuse.security:tst:2009073452" comment="openssl-devel-32bit less than 0.9.8a-18.64.3"/> 38661 <criterion test_ref="oval:org.opensuse.security:tst:2009073453" comment="openssl-devel less than 0.9.8a-18.64.3"/> 38662 <criterion test_ref="oval:org.opensuse.security:tst:2009073454" comment="openssl less than 0.9.8a-18.64.3"/> 38663 </criteria> 38664 </criteria> 38665 </definition> 38666 <definition id="oval:org.opensuse.security:def:20121173" version="1" class="vulnerability"> 38667 <metadata> 38668 <title>CVE-2012-1173</title> 38669 <affected family="unix"> 38670 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38671 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38672 </affected> 38673 <reference ref_id="CVE-2012-1173" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173" source="CVE"/> 38674 <description> 38675 Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer overflow. 38676 </description> 38677 </metadata> 38678 <!-- 3c1e26e281f6488d70976e6d76893183 --> 38679 <criteria operator="AND"> 38680 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38681 <criteria operator="OR"> 38682 <criterion test_ref="oval:org.opensuse.security:tst:2009073804" comment="libtiff-32bit less than 3.8.2-5.26.1"/> 38683 <criterion test_ref="oval:org.opensuse.security:tst:2009073805" comment="libtiff-devel less than 3.8.2-5.26.1"/> 38684 <criterion test_ref="oval:org.opensuse.security:tst:2009073806" comment="libtiff less than 3.8.2-5.26.1"/> 38685 </criteria> 38686 </criteria> 38687 </definition> 38688 <definition id="oval:org.opensuse.security:def:20121178" version="1" class="vulnerability"> 38689 <metadata> 38690 <title>CVE-2012-1178</title> 38691 <affected family="unix"> 38692 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38693 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38694 </affected> 38695 <reference ref_id="CVE-2012-1178" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1178" source="CVE"/> 38696 <description> 38697 The msn_oim_report_to_user function in oim.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.2 allows remote servers to cause a denial of service (application crash) via an OIM message that lacks UTF-8 encoding. 38698 </description> 38699 </metadata> 38700 <!-- 1444b130f542f9e056af8af62199bd10 --> 38701 <criteria operator="AND"> 38702 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38703 <criteria operator="OR"> 38704 <criterion test_ref="oval:org.opensuse.security:tst:2009074698" comment="finch less than 2.6.6-0.16.1"/> 38705 <criterion test_ref="oval:org.opensuse.security:tst:2009074699" comment="libpurple less than 2.6.6-0.16.1"/> 38706 <criterion test_ref="oval:org.opensuse.security:tst:2009074700" comment="pidgin less than 2.6.6-0.16.1"/> 38707 </criteria> 38708 </criteria> 38709 </definition> 38710 <definition id="oval:org.opensuse.security:def:20121182" version="1" class="vulnerability"> 38711 <metadata> 38712 <title>CVE-2012-1182</title> 38713 <affected family="unix"> 38714 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38715 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38716 </affected> 38717 <reference ref_id="CVE-2012-1182" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182" source="CVE"/> 38718 <description> 38719 The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call. 38720 </description> 38721 </metadata> 38722 <!-- 62cd7ec87ad16e0edc0743bc15673759 --> 38723 <criteria operator="AND"> 38724 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38725 <criteria operator="OR"> 38726 <criterion test_ref="oval:org.opensuse.security:tst:2009073646" comment="cifs-mount less than 3.0.36-0.13.20.1"/> 38727 <criterion test_ref="oval:org.opensuse.security:tst:2009073647" comment="ldapsmb less than 1.34b-25.13.20.1"/> 38728 <criterion test_ref="oval:org.opensuse.security:tst:2009073648" comment="libsmbclient-32bit less than 3.0.36-0.13.20.1"/> 38729 <criterion test_ref="oval:org.opensuse.security:tst:2009073649" comment="libsmbclient-devel less than 3.0.36-0.13.20.1"/> 38730 <criterion test_ref="oval:org.opensuse.security:tst:2009073650" comment="libsmbclient less than 3.0.36-0.13.20.1"/> 38731 <criterion test_ref="oval:org.opensuse.security:tst:2009073651" comment="samba-32bit less than 3.0.36-0.13.20.1"/> 38732 <criterion test_ref="oval:org.opensuse.security:tst:2009073652" comment="samba-client-32bit less than 3.0.36-0.13.20.1"/> 38733 <criterion test_ref="oval:org.opensuse.security:tst:2009073653" comment="samba-client less than 3.0.36-0.13.20.1"/> 38734 <criterion test_ref="oval:org.opensuse.security:tst:2009073654" comment="samba-doc less than 3.0.36-0.12.20.1"/> 38735 <criterion test_ref="oval:org.opensuse.security:tst:2009073655" comment="samba-krb-printing less than 3.0.36-0.13.20.1"/> 38736 <criterion test_ref="oval:org.opensuse.security:tst:2009073656" comment="samba-vscan less than 0.3.6b-43.13.20.1"/> 38737 <criterion test_ref="oval:org.opensuse.security:tst:2009073657" comment="samba-winbind-32bit less than 3.0.36-0.13.20.1"/> 38738 <criterion test_ref="oval:org.opensuse.security:tst:2009073658" comment="samba-winbind less than 3.0.36-0.13.20.1"/> 38739 <criterion test_ref="oval:org.opensuse.security:tst:2009073659" comment="samba less than 3.0.36-0.13.20.1"/> 38740 </criteria> 38741 </criteria> 38742 </definition> 38743 <definition id="oval:org.opensuse.security:def:20121185" version="1" class="vulnerability"> 38744 <metadata> 38745 <title>CVE-2012-1185</title> 38746 <affected family="unix"> 38747 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38748 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38749 </affected> 38750 <reference ref_id="CVE-2012-1185" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1185" source="CVE"/> 38751 <description> 38752 Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247. 38753 </description> 38754 </metadata> 38755 <!-- 73ca451abc4b60d47f7346db66e99f9a --> 38756 <criteria operator="AND"> 38757 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38758 <criteria operator="OR"> 38759 <criterion test_ref="oval:org.opensuse.security:tst:2009074678" comment="ImageMagick-Magick++ less than 6.2.5-16.34.1"/> 38760 <criterion test_ref="oval:org.opensuse.security:tst:2009074679" comment="ImageMagick-devel less than 6.2.5-16.34.1"/> 38761 <criterion test_ref="oval:org.opensuse.security:tst:2009074680" comment="ImageMagick less than 6.2.5-16.34.1"/> 38762 <criterion test_ref="oval:org.opensuse.security:tst:2009074681" comment="perl-PerlMagick less than 6.2.5-16.34.1"/> 38763 </criteria> 38764 </criteria> 38765 </definition> 38766 <definition id="oval:org.opensuse.security:def:20121186" version="1" class="vulnerability"> 38767 <metadata> 38768 <title>CVE-2012-1186</title> 38769 <affected family="unix"> 38770 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38771 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38772 </affected> 38773 <reference ref_id="CVE-2012-1186" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1186" source="CVE"/> 38774 <description> 38775 Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0248. 38776 </description> 38777 </metadata> 38778 <!-- 73ca451abc4b60d47f7346db66e99f9a --> 38779 <criteria operator="AND"> 38780 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38781 <criteria operator="OR"> 38782 <criterion test_ref="oval:org.opensuse.security:tst:2009074678" comment="ImageMagick-Magick++ less than 6.2.5-16.34.1"/> 38783 <criterion test_ref="oval:org.opensuse.security:tst:2009074679" comment="ImageMagick-devel less than 6.2.5-16.34.1"/> 38784 <criterion test_ref="oval:org.opensuse.security:tst:2009074680" comment="ImageMagick less than 6.2.5-16.34.1"/> 38785 <criterion test_ref="oval:org.opensuse.security:tst:2009074681" comment="perl-PerlMagick less than 6.2.5-16.34.1"/> 38786 </criteria> 38787 </criteria> 38788 </definition> 38789 <definition id="oval:org.opensuse.security:def:20121457" version="1" class="vulnerability"> 38790 <metadata> 38791 <title>CVE-2012-1457</title> 38792 <affected family="unix"> 38793 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38794 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38795 </affected> 38796 <reference ref_id="CVE-2012-1457" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1457" source="CVE"/> 38797 <description> 38798 The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations. 38799 </description> 38800 </metadata> 38801 <!-- 081f4d44356f37d28fa582731745c3e7 --> 38802 <criteria operator="AND"> 38803 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38804 <criterion test_ref="oval:org.opensuse.security:tst:2009074895" comment="clamav less than 0.97.5-0.5.2"/> 38805 </criteria> 38806 </definition> 38807 <definition id="oval:org.opensuse.security:def:20121458" version="1" class="vulnerability"> 38808 <metadata> 38809 <title>CVE-2012-1458</title> 38810 <affected family="unix"> 38811 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38812 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38813 </affected> 38814 <reference ref_id="CVE-2012-1458" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1458" source="CVE"/> 38815 <description> 38816 The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CHM parser implementations. 38817 </description> 38818 </metadata> 38819 <!-- 081f4d44356f37d28fa582731745c3e7 --> 38820 <criteria operator="AND"> 38821 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38822 <criterion test_ref="oval:org.opensuse.security:tst:2009074895" comment="clamav less than 0.97.5-0.5.2"/> 38823 </criteria> 38824 </definition> 38825 <definition id="oval:org.opensuse.security:def:20121459" version="1" class="vulnerability"> 38826 <metadata> 38827 <title>CVE-2012-1459</title> 38828 <affected family="unix"> 38829 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38830 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38831 </affected> 38832 <reference ref_id="CVE-2012-1459" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1459" source="CVE"/> 38833 <description> 38834 The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations. 38835 </description> 38836 </metadata> 38837 <!-- 081f4d44356f37d28fa582731745c3e7 --> 38838 <criteria operator="AND"> 38839 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38840 <criterion test_ref="oval:org.opensuse.security:tst:2009074895" comment="clamav less than 0.97.5-0.5.2"/> 38841 </criteria> 38842 </definition> 38843 <definition id="oval:org.opensuse.security:def:20121502" version="1" class="vulnerability"> 38844 <metadata> 38845 <title>CVE-2012-1502</title> 38846 <affected family="unix"> 38847 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38848 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38849 </affected> 38850 <reference ref_id="CVE-2012-1502" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1502" source="CVE"/> 38851 <description> 38852 Double free vulnerability in the PyPAM_conv in PAMmodule.c in PyPam 0.5.0 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a NULL byte in a password string. 38853 </description> 38854 </metadata> 38855 <!-- 8b8603c07c14f3887dda36dda9c6534c --> 38856 <criteria operator="AND"> 38857 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38858 <criterion test_ref="oval:org.opensuse.security:tst:2009074314" comment="python-pam less than 0.5.0-2.7.1"/> 38859 </criteria> 38860 </definition> 38861 <definition id="oval:org.opensuse.security:def:20121530" version="1" class="vulnerability"> 38862 <metadata> 38863 <title>CVE-2012-1530</title> 38864 <affected family="unix"> 38865 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38866 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38867 </affected> 38868 <reference ref_id="CVE-2012-1530" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1530" source="CVE"/> 38869 <description> 38870 Heap-based buffer overflow in the XSLT engine in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PDF file containing an XSL file that triggers memory corruption when the lang function processes XML data with a crafted node-set. 38871 </description> 38872 </metadata> 38873 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 38874 <criteria operator="AND"> 38875 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38876 <criteria operator="OR"> 38877 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 38878 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 38879 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 38880 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 38881 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 38882 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 38883 </criteria> 38884 </criteria> 38885 </definition> 38886 <definition id="oval:org.opensuse.security:def:20121531" version="1" class="vulnerability"> 38887 <metadata> 38888 <title>CVE-2012-1531</title> 38889 <affected family="unix"> 38890 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38891 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38892 </affected> 38893 <reference ref_id="CVE-2012-1531" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1531" source="CVE"/> 38894 <description> 38895 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. 38896 </description> 38897 </metadata> 38898 <!-- bb56b08850390b907db4d458f187e204 --> 38899 <criteria operator="AND"> 38900 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38901 <criteria operator="OR"> 38902 <criterion test_ref="oval:org.opensuse.security:tst:2009076041" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr15.0-0.5.1"/> 38903 <criterion test_ref="oval:org.opensuse.security:tst:2009076042" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr15.0-0.5.1"/> 38904 <criterion test_ref="oval:org.opensuse.security:tst:2009076043" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr15.0-0.5.1"/> 38905 <criterion test_ref="oval:org.opensuse.security:tst:2009076044" comment="java-1_5_0-ibm-demo less than 1.5.0_sr15.0-0.5.1"/> 38906 <criterion test_ref="oval:org.opensuse.security:tst:2009076045" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr15.0-0.5.1"/> 38907 <criterion test_ref="oval:org.opensuse.security:tst:2009076046" comment="java-1_5_0-ibm-devel less than 1.5.0_sr15.0-0.5.1"/> 38908 <criterion test_ref="oval:org.opensuse.security:tst:2009076047" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr15.0-0.5.1"/> 38909 <criterion test_ref="oval:org.opensuse.security:tst:2009076048" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr15.0-0.5.1"/> 38910 <criterion test_ref="oval:org.opensuse.security:tst:2009076049" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr15.0-0.5.1"/> 38911 <criterion test_ref="oval:org.opensuse.security:tst:2009076050" comment="java-1_5_0-ibm-src less than 1.5.0_sr15.0-0.5.1"/> 38912 <criterion test_ref="oval:org.opensuse.security:tst:2009076051" comment="java-1_5_0-ibm less than 1.5.0_sr15.0-0.5.1"/> 38913 </criteria> 38914 </criteria> 38915 </definition> 38916 <definition id="oval:org.opensuse.security:def:20121535" version="1" class="vulnerability"> 38917 <metadata> 38918 <title>CVE-2012-1535</title> 38919 <affected family="unix"> 38920 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38921 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38922 </affected> 38923 <reference ref_id="CVE-2012-1535" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1535" source="CVE"/> 38924 <description> 38925 Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted SWF content, as exploited in the wild in August 2012 with SWF content in a Word document. 38926 </description> 38927 </metadata> 38928 <!-- 288a9919aa9137400b6d0a7a6164cd2f --> 38929 <criteria operator="AND"> 38930 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38931 <criterion test_ref="oval:org.opensuse.security:tst:2009075215" comment="flash-player less than 11.2.202.238-0.5.1"/> 38932 </criteria> 38933 </definition> 38934 <definition id="oval:org.opensuse.security:def:20121569" version="1" class="vulnerability"> 38935 <metadata> 38936 <title>CVE-2012-1569</title> 38937 <affected family="unix"> 38938 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38939 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38940 </affected> 38941 <reference ref_id="CVE-2012-1569" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1569" source="CVE"/> 38942 <description> 38943 The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure. 38944 </description> 38945 </metadata> 38946 <!-- db5ce46e4686a3180984675829d5453e --> 38947 <criteria operator="AND"> 38948 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38949 <criteria operator="OR"> 38950 <criterion test_ref="oval:org.opensuse.security:tst:2009074798" comment="gnutls-32bit less than 1.2.10-13.30.1"/> 38951 <criterion test_ref="oval:org.opensuse.security:tst:2009074799" comment="gnutls-devel-32bit less than 1.2.10-13.30.1"/> 38952 <criterion test_ref="oval:org.opensuse.security:tst:2009074800" comment="gnutls-devel less than 1.2.10-13.30.1"/> 38953 <criterion test_ref="oval:org.opensuse.security:tst:2009074801" comment="gnutls less than 1.2.10-13.30.1"/> 38954 </criteria> 38955 </criteria> 38956 </definition> 38957 <definition id="oval:org.opensuse.security:def:20121573" version="1" class="vulnerability"> 38958 <metadata> 38959 <title>CVE-2012-1573</title> 38960 <affected family="unix"> 38961 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38962 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38963 </affected> 38964 <reference ref_id="CVE-2012-1573" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1573" source="CVE"/> 38965 <description> 38966 gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure. 38967 </description> 38968 </metadata> 38969 <!-- db5ce46e4686a3180984675829d5453e --> 38970 <criteria operator="AND"> 38971 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38972 <criteria operator="OR"> 38973 <criterion test_ref="oval:org.opensuse.security:tst:2009074798" comment="gnutls-32bit less than 1.2.10-13.30.1"/> 38974 <criterion test_ref="oval:org.opensuse.security:tst:2009074799" comment="gnutls-devel-32bit less than 1.2.10-13.30.1"/> 38975 <criterion test_ref="oval:org.opensuse.security:tst:2009074800" comment="gnutls-devel less than 1.2.10-13.30.1"/> 38976 <criterion test_ref="oval:org.opensuse.security:tst:2009074801" comment="gnutls less than 1.2.10-13.30.1"/> 38977 </criteria> 38978 </criteria> 38979 </definition> 38980 <definition id="oval:org.opensuse.security:def:20121584" version="1" class="vulnerability"> 38981 <metadata> 38982 <title>CVE-2012-1584</title> 38983 <affected family="unix"> 38984 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 38985 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 38986 </affected> 38987 <reference ref_id="CVE-2012-1584" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1584" source="CVE"/> 38988 <description> 38989 Integer overflow in the mid function in toolkit/tbytevector.cpp in TagLib 1.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted file header field in a media file, which triggers a large memory allocation. 38990 </description> 38991 </metadata> 38992 <!-- cd82b6b35d24911b6b1aa3e62fbad07c --> 38993 <criteria operator="AND"> 38994 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 38995 <criteria operator="OR"> 38996 <criterion test_ref="oval:org.opensuse.security:tst:2009074620" comment="taglib-32bit less than 1.4-20.8.2"/> 38997 <criterion test_ref="oval:org.opensuse.security:tst:2009074621" comment="taglib-devel less than 1.4-20.8.2"/> 38998 <criterion test_ref="oval:org.opensuse.security:tst:2009074622" comment="taglib less than 1.4-20.8.2"/> 38999 </criteria> 39000 </criteria> 39001 </definition> 39002 <definition id="oval:org.opensuse.security:def:20121586" version="1" class="vulnerability"> 39003 <metadata> 39004 <title>CVE-2012-1586</title> 39005 <affected family="unix"> 39006 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39007 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39008 </affected> 39009 <reference ref_id="CVE-2012-1586" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1586" source="CVE"/> 39010 <description> 39011 mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message. 39012 </description> 39013 </metadata> 39014 <!-- 1d50d01aa74b22f0c8645692c12273df --> 39015 <criteria operator="AND"> 39016 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39017 <criteria operator="OR"> 39018 <criterion test_ref="oval:org.opensuse.security:tst:2009076550" comment="cifs-mount less than 3.0.36-0.13.24.1"/> 39019 <criterion test_ref="oval:org.opensuse.security:tst:2009076551" comment="ldapsmb less than 1.34b-25.13.24.1"/> 39020 <criterion test_ref="oval:org.opensuse.security:tst:2009076552" comment="libsmbclient-32bit less than 3.0.36-0.13.24.1"/> 39021 <criterion test_ref="oval:org.opensuse.security:tst:2009076553" comment="libsmbclient-devel less than 3.0.36-0.13.24.1"/> 39022 <criterion test_ref="oval:org.opensuse.security:tst:2009076554" comment="libsmbclient less than 3.0.36-0.13.24.1"/> 39023 <criterion test_ref="oval:org.opensuse.security:tst:2009076555" comment="samba-32bit less than 3.0.36-0.13.24.1"/> 39024 <criterion test_ref="oval:org.opensuse.security:tst:2009076556" comment="samba-client-32bit less than 3.0.36-0.13.24.1"/> 39025 <criterion test_ref="oval:org.opensuse.security:tst:2009076557" comment="samba-client less than 3.0.36-0.13.24.1"/> 39026 <criterion test_ref="oval:org.opensuse.security:tst:2009076558" comment="samba-doc less than 3.0.36-0.12.24.1"/> 39027 <criterion test_ref="oval:org.opensuse.security:tst:2009076559" comment="samba-krb-printing less than 3.0.36-0.13.24.1"/> 39028 <criterion test_ref="oval:org.opensuse.security:tst:2009076560" comment="samba-vscan less than 0.3.6b-43.13.24.1"/> 39029 <criterion test_ref="oval:org.opensuse.security:tst:2009076561" comment="samba-winbind-32bit less than 3.0.36-0.13.24.1"/> 39030 <criterion test_ref="oval:org.opensuse.security:tst:2009076562" comment="samba-winbind less than 3.0.36-0.13.24.1"/> 39031 <criterion test_ref="oval:org.opensuse.security:tst:2009076563" comment="samba less than 3.0.36-0.13.24.1"/> 39032 </criteria> 39033 </criteria> 39034 </definition> 39035 <definition id="oval:org.opensuse.security:def:20121593" version="1" class="vulnerability"> 39036 <metadata> 39037 <title>CVE-2012-1593</title> 39038 <affected family="unix"> 39039 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39040 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39041 </affected> 39042 <reference ref_id="CVE-2012-1593" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1593" source="CVE"/> 39043 <description> 39044 epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. 39045 </description> 39046 </metadata> 39047 <!-- 23c9fd0f27644efe93d209c35cd2f52b --> 39048 <criteria operator="AND"> 39049 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39050 <criterion test_ref="oval:org.opensuse.security:tst:2009073963" comment="wireshark less than 1.4.12-0.5.6"/> 39051 </criteria> 39052 </definition> 39053 <definition id="oval:org.opensuse.security:def:20121594" version="1" class="vulnerability"> 39054 <metadata> 39055 <title>CVE-2012-1594</title> 39056 <affected family="unix"> 39057 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39058 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39059 </affected> 39060 <reference ref_id="CVE-2012-1594" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1594" source="CVE"/> 39061 <description> 39062 epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. 39063 </description> 39064 </metadata> 39065 <!-- 23c9fd0f27644efe93d209c35cd2f52b --> 39066 <criteria operator="AND"> 39067 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39068 <criterion test_ref="oval:org.opensuse.security:tst:2009073963" comment="wireshark less than 1.4.12-0.5.6"/> 39069 </criteria> 39070 </definition> 39071 <definition id="oval:org.opensuse.security:def:20121595" version="1" class="vulnerability"> 39072 <metadata> 39073 <title>CVE-2012-1595</title> 39074 <affected family="unix"> 39075 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39076 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39077 </affected> 39078 <reference ref_id="CVE-2012-1595" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1595" source="CVE"/> 39079 <description> 39080 The pcap_process_pseudo_header function in wiretap/pcap-common.c in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a WTAP_ENCAP_ERF file containing an Extension or Multi-Channel header with an invalid pseudoheader size, related to the pcap and pcap-ng file parsers. 39081 </description> 39082 </metadata> 39083 <!-- 23c9fd0f27644efe93d209c35cd2f52b --> 39084 <criteria operator="AND"> 39085 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39086 <criterion test_ref="oval:org.opensuse.security:tst:2009073963" comment="wireshark less than 1.4.12-0.5.6"/> 39087 </criteria> 39088 </definition> 39089 <definition id="oval:org.opensuse.security:def:20121596" version="1" class="vulnerability"> 39090 <metadata> 39091 <title>CVE-2012-1596</title> 39092 <affected family="unix"> 39093 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39094 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39095 </affected> 39096 <reference ref_id="CVE-2012-1596" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1596" source="CVE"/> 39097 <description> 39098 The mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in the MP2T dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a packet containing an invalid pointer value that triggers an incorrect memory-allocation attempt. 39099 </description> 39100 </metadata> 39101 <!-- 23c9fd0f27644efe93d209c35cd2f52b --> 39102 <criteria operator="AND"> 39103 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39104 <criterion test_ref="oval:org.opensuse.security:tst:2009073963" comment="wireshark less than 1.4.12-0.5.6"/> 39105 </criteria> 39106 </definition> 39107 <definition id="oval:org.opensuse.security:def:20121610" version="1" class="vulnerability"> 39108 <metadata> 39109 <title>CVE-2012-1610</title> 39110 <affected family="unix"> 39111 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39112 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39113 </affected> 39114 <reference ref_id="CVE-2012-1610" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1610" source="CVE"/> 39115 <description> 39116 Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component count for certain EXIF tags in a JPEG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0259. 39117 </description> 39118 </metadata> 39119 <!-- 73ca451abc4b60d47f7346db66e99f9a --> 39120 <criteria operator="AND"> 39121 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39122 <criteria operator="OR"> 39123 <criterion test_ref="oval:org.opensuse.security:tst:2009074678" comment="ImageMagick-Magick++ less than 6.2.5-16.34.1"/> 39124 <criterion test_ref="oval:org.opensuse.security:tst:2009074679" comment="ImageMagick-devel less than 6.2.5-16.34.1"/> 39125 <criterion test_ref="oval:org.opensuse.security:tst:2009074680" comment="ImageMagick less than 6.2.5-16.34.1"/> 39126 <criterion test_ref="oval:org.opensuse.security:tst:2009074681" comment="perl-PerlMagick less than 6.2.5-16.34.1"/> 39127 </criteria> 39128 </criteria> 39129 </definition> 39130 <definition id="oval:org.opensuse.security:def:20121667" version="1" class="vulnerability"> 39131 <metadata> 39132 <title>CVE-2012-1667</title> 39133 <affected family="unix"> 39134 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39135 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39136 </affected> 39137 <reference ref_id="CVE-2012-1667" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667" source="CVE"/> 39138 <description> 39139 ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record. 39140 </description> 39141 </metadata> 39142 <!-- 4328ed71a96bc49951a61a9a05eab4f0 --> 39143 <criteria operator="AND"> 39144 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39145 <criteria operator="OR"> 39146 <criterion test_ref="oval:org.opensuse.security:tst:2009074659" comment="bind-libs-32bit less than 9.6ESVR7P1-0.10.1"/> 39147 <criterion test_ref="oval:org.opensuse.security:tst:2009074660" comment="bind-libs less than 9.6ESVR7P1-0.10.1"/> 39148 <criterion test_ref="oval:org.opensuse.security:tst:2009074661" comment="bind-utils less than 9.6ESVR7P1-0.10.1"/> 39149 </criteria> 39150 </criteria> 39151 </definition> 39152 <definition id="oval:org.opensuse.security:def:20121713" version="1" class="vulnerability"> 39153 <metadata> 39154 <title>CVE-2012-1713</title> 39155 <affected family="unix"> 39156 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39157 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39158 </affected> 39159 <reference ref_id="CVE-2012-1713" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1713" source="CVE"/> 39160 <description> 39161 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. 39162 </description> 39163 </metadata> 39164 <!-- 458527f9aa3426cff56a9eb352661d4a --> 39165 <criteria operator="AND"> 39166 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39167 <criteria operator="OR"> 39168 <criterion test_ref="oval:org.opensuse.security:tst:2009075695" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr14.0-0.9.1"/> 39169 <criterion test_ref="oval:org.opensuse.security:tst:2009075696" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr14.0-0.9.1"/> 39170 <criterion test_ref="oval:org.opensuse.security:tst:2009075697" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr14.0-0.9.1"/> 39171 <criterion test_ref="oval:org.opensuse.security:tst:2009075698" comment="java-1_5_0-ibm-demo less than 1.5.0_sr14.0-0.9.1"/> 39172 <criterion test_ref="oval:org.opensuse.security:tst:2009075699" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr14.0-0.9.1"/> 39173 <criterion test_ref="oval:org.opensuse.security:tst:2009075700" comment="java-1_5_0-ibm-devel less than 1.5.0_sr14.0-0.9.1"/> 39174 <criterion test_ref="oval:org.opensuse.security:tst:2009075701" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr14.0-0.9.1"/> 39175 <criterion test_ref="oval:org.opensuse.security:tst:2009075702" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr14.0-0.9.1"/> 39176 <criterion test_ref="oval:org.opensuse.security:tst:2009075703" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr14.0-0.9.1"/> 39177 <criterion test_ref="oval:org.opensuse.security:tst:2009075704" comment="java-1_5_0-ibm-src less than 1.5.0_sr14.0-0.9.1"/> 39178 <criterion test_ref="oval:org.opensuse.security:tst:2009075705" comment="java-1_5_0-ibm less than 1.5.0_sr14.0-0.9.1"/> 39179 </criteria> 39180 </criteria> 39181 </definition> 39182 <definition id="oval:org.opensuse.security:def:20121716" version="1" class="vulnerability"> 39183 <metadata> 39184 <title>CVE-2012-1716</title> 39185 <affected family="unix"> 39186 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39187 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39188 </affected> 39189 <reference ref_id="CVE-2012-1716" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1716" source="CVE"/> 39190 <description> 39191 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing. 39192 </description> 39193 </metadata> 39194 <!-- 458527f9aa3426cff56a9eb352661d4a --> 39195 <criteria operator="AND"> 39196 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39197 <criteria operator="OR"> 39198 <criterion test_ref="oval:org.opensuse.security:tst:2009075695" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr14.0-0.9.1"/> 39199 <criterion test_ref="oval:org.opensuse.security:tst:2009075696" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr14.0-0.9.1"/> 39200 <criterion test_ref="oval:org.opensuse.security:tst:2009075697" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr14.0-0.9.1"/> 39201 <criterion test_ref="oval:org.opensuse.security:tst:2009075698" comment="java-1_5_0-ibm-demo less than 1.5.0_sr14.0-0.9.1"/> 39202 <criterion test_ref="oval:org.opensuse.security:tst:2009075699" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr14.0-0.9.1"/> 39203 <criterion test_ref="oval:org.opensuse.security:tst:2009075700" comment="java-1_5_0-ibm-devel less than 1.5.0_sr14.0-0.9.1"/> 39204 <criterion test_ref="oval:org.opensuse.security:tst:2009075701" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr14.0-0.9.1"/> 39205 <criterion test_ref="oval:org.opensuse.security:tst:2009075702" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr14.0-0.9.1"/> 39206 <criterion test_ref="oval:org.opensuse.security:tst:2009075703" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr14.0-0.9.1"/> 39207 <criterion test_ref="oval:org.opensuse.security:tst:2009075704" comment="java-1_5_0-ibm-src less than 1.5.0_sr14.0-0.9.1"/> 39208 <criterion test_ref="oval:org.opensuse.security:tst:2009075705" comment="java-1_5_0-ibm less than 1.5.0_sr14.0-0.9.1"/> 39209 </criteria> 39210 </criteria> 39211 </definition> 39212 <definition id="oval:org.opensuse.security:def:20121717" version="1" class="vulnerability"> 39213 <metadata> 39214 <title>CVE-2012-1717</title> 39215 <affected family="unix"> 39216 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39217 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39218 </affected> 39219 <reference ref_id="CVE-2012-1717" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1717" source="CVE"/> 39220 <description> 39221 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux. 39222 </description> 39223 </metadata> 39224 <!-- 458527f9aa3426cff56a9eb352661d4a --> 39225 <criteria operator="AND"> 39226 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39227 <criteria operator="OR"> 39228 <criterion test_ref="oval:org.opensuse.security:tst:2009075695" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr14.0-0.9.1"/> 39229 <criterion test_ref="oval:org.opensuse.security:tst:2009075696" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr14.0-0.9.1"/> 39230 <criterion test_ref="oval:org.opensuse.security:tst:2009075697" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr14.0-0.9.1"/> 39231 <criterion test_ref="oval:org.opensuse.security:tst:2009075698" comment="java-1_5_0-ibm-demo less than 1.5.0_sr14.0-0.9.1"/> 39232 <criterion test_ref="oval:org.opensuse.security:tst:2009075699" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr14.0-0.9.1"/> 39233 <criterion test_ref="oval:org.opensuse.security:tst:2009075700" comment="java-1_5_0-ibm-devel less than 1.5.0_sr14.0-0.9.1"/> 39234 <criterion test_ref="oval:org.opensuse.security:tst:2009075701" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr14.0-0.9.1"/> 39235 <criterion test_ref="oval:org.opensuse.security:tst:2009075702" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr14.0-0.9.1"/> 39236 <criterion test_ref="oval:org.opensuse.security:tst:2009075703" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr14.0-0.9.1"/> 39237 <criterion test_ref="oval:org.opensuse.security:tst:2009075704" comment="java-1_5_0-ibm-src less than 1.5.0_sr14.0-0.9.1"/> 39238 <criterion test_ref="oval:org.opensuse.security:tst:2009075705" comment="java-1_5_0-ibm less than 1.5.0_sr14.0-0.9.1"/> 39239 </criteria> 39240 </criteria> 39241 </definition> 39242 <definition id="oval:org.opensuse.security:def:20121718" version="1" class="vulnerability"> 39243 <metadata> 39244 <title>CVE-2012-1718</title> 39245 <affected family="unix"> 39246 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39247 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39248 </affected> 39249 <reference ref_id="CVE-2012-1718" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1718" source="CVE"/> 39250 <description> 39251 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect availability via unknown vectors related to Security. 39252 </description> 39253 </metadata> 39254 <!-- 458527f9aa3426cff56a9eb352661d4a --> 39255 <criteria operator="AND"> 39256 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39257 <criteria operator="OR"> 39258 <criterion test_ref="oval:org.opensuse.security:tst:2009075695" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr14.0-0.9.1"/> 39259 <criterion test_ref="oval:org.opensuse.security:tst:2009075696" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr14.0-0.9.1"/> 39260 <criterion test_ref="oval:org.opensuse.security:tst:2009075697" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr14.0-0.9.1"/> 39261 <criterion test_ref="oval:org.opensuse.security:tst:2009075698" comment="java-1_5_0-ibm-demo less than 1.5.0_sr14.0-0.9.1"/> 39262 <criterion test_ref="oval:org.opensuse.security:tst:2009075699" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr14.0-0.9.1"/> 39263 <criterion test_ref="oval:org.opensuse.security:tst:2009075700" comment="java-1_5_0-ibm-devel less than 1.5.0_sr14.0-0.9.1"/> 39264 <criterion test_ref="oval:org.opensuse.security:tst:2009075701" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr14.0-0.9.1"/> 39265 <criterion test_ref="oval:org.opensuse.security:tst:2009075702" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr14.0-0.9.1"/> 39266 <criterion test_ref="oval:org.opensuse.security:tst:2009075703" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr14.0-0.9.1"/> 39267 <criterion test_ref="oval:org.opensuse.security:tst:2009075704" comment="java-1_5_0-ibm-src less than 1.5.0_sr14.0-0.9.1"/> 39268 <criterion test_ref="oval:org.opensuse.security:tst:2009075705" comment="java-1_5_0-ibm less than 1.5.0_sr14.0-0.9.1"/> 39269 </criteria> 39270 </criteria> 39271 </definition> 39272 <definition id="oval:org.opensuse.security:def:20121719" version="1" class="vulnerability"> 39273 <metadata> 39274 <title>CVE-2012-1719</title> 39275 <affected family="unix"> 39276 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39277 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39278 </affected> 39279 <reference ref_id="CVE-2012-1719" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1719" source="CVE"/> 39280 <description> 39281 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect integrity, related to CORBA. 39282 </description> 39283 </metadata> 39284 <!-- 458527f9aa3426cff56a9eb352661d4a --> 39285 <criteria operator="AND"> 39286 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39287 <criteria operator="OR"> 39288 <criterion test_ref="oval:org.opensuse.security:tst:2009075695" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr14.0-0.9.1"/> 39289 <criterion test_ref="oval:org.opensuse.security:tst:2009075696" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr14.0-0.9.1"/> 39290 <criterion test_ref="oval:org.opensuse.security:tst:2009075697" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr14.0-0.9.1"/> 39291 <criterion test_ref="oval:org.opensuse.security:tst:2009075698" comment="java-1_5_0-ibm-demo less than 1.5.0_sr14.0-0.9.1"/> 39292 <criterion test_ref="oval:org.opensuse.security:tst:2009075699" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr14.0-0.9.1"/> 39293 <criterion test_ref="oval:org.opensuse.security:tst:2009075700" comment="java-1_5_0-ibm-devel less than 1.5.0_sr14.0-0.9.1"/> 39294 <criterion test_ref="oval:org.opensuse.security:tst:2009075701" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr14.0-0.9.1"/> 39295 <criterion test_ref="oval:org.opensuse.security:tst:2009075702" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr14.0-0.9.1"/> 39296 <criterion test_ref="oval:org.opensuse.security:tst:2009075703" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr14.0-0.9.1"/> 39297 <criterion test_ref="oval:org.opensuse.security:tst:2009075704" comment="java-1_5_0-ibm-src less than 1.5.0_sr14.0-0.9.1"/> 39298 <criterion test_ref="oval:org.opensuse.security:tst:2009075705" comment="java-1_5_0-ibm less than 1.5.0_sr14.0-0.9.1"/> 39299 </criteria> 39300 </criteria> 39301 </definition> 39302 <definition id="oval:org.opensuse.security:def:20121725" version="1" class="vulnerability"> 39303 <metadata> 39304 <title>CVE-2012-1725</title> 39305 <affected family="unix"> 39306 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39307 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39308 </affected> 39309 <reference ref_id="CVE-2012-1725" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1725" source="CVE"/> 39310 <description> 39311 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. 39312 </description> 39313 </metadata> 39314 <!-- 458527f9aa3426cff56a9eb352661d4a --> 39315 <criteria operator="AND"> 39316 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39317 <criteria operator="OR"> 39318 <criterion test_ref="oval:org.opensuse.security:tst:2009075695" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr14.0-0.9.1"/> 39319 <criterion test_ref="oval:org.opensuse.security:tst:2009075696" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr14.0-0.9.1"/> 39320 <criterion test_ref="oval:org.opensuse.security:tst:2009075697" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr14.0-0.9.1"/> 39321 <criterion test_ref="oval:org.opensuse.security:tst:2009075698" comment="java-1_5_0-ibm-demo less than 1.5.0_sr14.0-0.9.1"/> 39322 <criterion test_ref="oval:org.opensuse.security:tst:2009075699" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr14.0-0.9.1"/> 39323 <criterion test_ref="oval:org.opensuse.security:tst:2009075700" comment="java-1_5_0-ibm-devel less than 1.5.0_sr14.0-0.9.1"/> 39324 <criterion test_ref="oval:org.opensuse.security:tst:2009075701" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr14.0-0.9.1"/> 39325 <criterion test_ref="oval:org.opensuse.security:tst:2009075702" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr14.0-0.9.1"/> 39326 <criterion test_ref="oval:org.opensuse.security:tst:2009075703" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr14.0-0.9.1"/> 39327 <criterion test_ref="oval:org.opensuse.security:tst:2009075704" comment="java-1_5_0-ibm-src less than 1.5.0_sr14.0-0.9.1"/> 39328 <criterion test_ref="oval:org.opensuse.security:tst:2009075705" comment="java-1_5_0-ibm less than 1.5.0_sr14.0-0.9.1"/> 39329 </criteria> 39330 </criteria> 39331 </definition> 39332 <definition id="oval:org.opensuse.security:def:20121937" version="1" class="vulnerability"> 39333 <metadata> 39334 <title>CVE-2012-1937</title> 39335 <affected family="unix"> 39336 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39337 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39338 </affected> 39339 <reference ref_id="CVE-2012-1937" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1937" source="CVE"/> 39340 <description> 39341 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 39342 </description> 39343 </metadata> 39344 <!-- 17a6ba181710949a9ded0279ec9b1ffb --> 39345 <criteria operator="AND"> 39346 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39347 <criteria operator="OR"> 39348 <criterion test_ref="oval:org.opensuse.security:tst:2009074645" comment="MozillaFirefox-translations less than 10.0.5-0.8.4"/> 39349 <criterion test_ref="oval:org.opensuse.security:tst:2009074646" comment="MozillaFirefox less than 10.0.5-0.8.4"/> 39350 <criterion test_ref="oval:org.opensuse.security:tst:2009074647" comment="mozilla-nspr-32bit less than 4.9.1-0.8.1"/> 39351 <criterion test_ref="oval:org.opensuse.security:tst:2009074648" comment="mozilla-nspr-devel less than 4.9.1-0.8.1"/> 39352 <criterion test_ref="oval:org.opensuse.security:tst:2009074649" comment="mozilla-nspr less than 4.9.1-0.8.1"/> 39353 <criterion test_ref="oval:org.opensuse.security:tst:2009074650" comment="mozilla-nss-32bit less than 3.13.5-0.7.2"/> 39354 <criterion test_ref="oval:org.opensuse.security:tst:2009074651" comment="mozilla-nss-devel less than 3.13.5-0.7.2"/> 39355 <criterion test_ref="oval:org.opensuse.security:tst:2009074652" comment="mozilla-nss-tools less than 3.13.5-0.7.2"/> 39356 <criterion test_ref="oval:org.opensuse.security:tst:2009074653" comment="mozilla-nss less than 3.13.5-0.7.2"/> 39357 </criteria> 39358 </criteria> 39359 </definition> 39360 <definition id="oval:org.opensuse.security:def:20121938" version="1" class="vulnerability"> 39361 <metadata> 39362 <title>CVE-2012-1938</title> 39363 <affected family="unix"> 39364 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39365 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39366 </affected> 39367 <reference ref_id="CVE-2012-1938" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1938" source="CVE"/> 39368 <description> 39369 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components. 39370 </description> 39371 </metadata> 39372 <!-- 17a6ba181710949a9ded0279ec9b1ffb --> 39373 <criteria operator="AND"> 39374 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39375 <criteria operator="OR"> 39376 <criterion test_ref="oval:org.opensuse.security:tst:2009074645" comment="MozillaFirefox-translations less than 10.0.5-0.8.4"/> 39377 <criterion test_ref="oval:org.opensuse.security:tst:2009074646" comment="MozillaFirefox less than 10.0.5-0.8.4"/> 39378 <criterion test_ref="oval:org.opensuse.security:tst:2009074647" comment="mozilla-nspr-32bit less than 4.9.1-0.8.1"/> 39379 <criterion test_ref="oval:org.opensuse.security:tst:2009074648" comment="mozilla-nspr-devel less than 4.9.1-0.8.1"/> 39380 <criterion test_ref="oval:org.opensuse.security:tst:2009074649" comment="mozilla-nspr less than 4.9.1-0.8.1"/> 39381 <criterion test_ref="oval:org.opensuse.security:tst:2009074650" comment="mozilla-nss-32bit less than 3.13.5-0.7.2"/> 39382 <criterion test_ref="oval:org.opensuse.security:tst:2009074651" comment="mozilla-nss-devel less than 3.13.5-0.7.2"/> 39383 <criterion test_ref="oval:org.opensuse.security:tst:2009074652" comment="mozilla-nss-tools less than 3.13.5-0.7.2"/> 39384 <criterion test_ref="oval:org.opensuse.security:tst:2009074653" comment="mozilla-nss less than 3.13.5-0.7.2"/> 39385 </criteria> 39386 </criteria> 39387 </definition> 39388 <definition id="oval:org.opensuse.security:def:20121939" version="1" class="vulnerability"> 39389 <metadata> 39390 <title>CVE-2012-1939</title> 39391 <affected family="unix"> 39392 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39393 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39394 </affected> 39395 <reference ref_id="CVE-2012-1939" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1939" source="CVE"/> 39396 <description> 39397 jsinfer.cpp in Mozilla Firefox ESR 10.x before 10.0.5 and Thunderbird ESR 10.x before 10.0.5 does not properly determine data types, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted JavaScript code. 39398 </description> 39399 </metadata> 39400 <!-- 17a6ba181710949a9ded0279ec9b1ffb --> 39401 <criteria operator="AND"> 39402 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39403 <criteria operator="OR"> 39404 <criterion test_ref="oval:org.opensuse.security:tst:2009074645" comment="MozillaFirefox-translations less than 10.0.5-0.8.4"/> 39405 <criterion test_ref="oval:org.opensuse.security:tst:2009074646" comment="MozillaFirefox less than 10.0.5-0.8.4"/> 39406 <criterion test_ref="oval:org.opensuse.security:tst:2009074647" comment="mozilla-nspr-32bit less than 4.9.1-0.8.1"/> 39407 <criterion test_ref="oval:org.opensuse.security:tst:2009074648" comment="mozilla-nspr-devel less than 4.9.1-0.8.1"/> 39408 <criterion test_ref="oval:org.opensuse.security:tst:2009074649" comment="mozilla-nspr less than 4.9.1-0.8.1"/> 39409 <criterion test_ref="oval:org.opensuse.security:tst:2009074650" comment="mozilla-nss-32bit less than 3.13.5-0.7.2"/> 39410 <criterion test_ref="oval:org.opensuse.security:tst:2009074651" comment="mozilla-nss-devel less than 3.13.5-0.7.2"/> 39411 <criterion test_ref="oval:org.opensuse.security:tst:2009074652" comment="mozilla-nss-tools less than 3.13.5-0.7.2"/> 39412 <criterion test_ref="oval:org.opensuse.security:tst:2009074653" comment="mozilla-nss less than 3.13.5-0.7.2"/> 39413 </criteria> 39414 </criteria> 39415 </definition> 39416 <definition id="oval:org.opensuse.security:def:20121940" version="1" class="vulnerability"> 39417 <metadata> 39418 <title>CVE-2012-1940</title> 39419 <affected family="unix"> 39420 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39421 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39422 </affected> 39423 <reference ref_id="CVE-2012-1940" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1940" source="CVE"/> 39424 <description> 39425 Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by changing the size of a container of absolutely positioned elements in a column. 39426 </description> 39427 </metadata> 39428 <!-- 17a6ba181710949a9ded0279ec9b1ffb --> 39429 <criteria operator="AND"> 39430 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39431 <criteria operator="OR"> 39432 <criterion test_ref="oval:org.opensuse.security:tst:2009074645" comment="MozillaFirefox-translations less than 10.0.5-0.8.4"/> 39433 <criterion test_ref="oval:org.opensuse.security:tst:2009074646" comment="MozillaFirefox less than 10.0.5-0.8.4"/> 39434 <criterion test_ref="oval:org.opensuse.security:tst:2009074647" comment="mozilla-nspr-32bit less than 4.9.1-0.8.1"/> 39435 <criterion test_ref="oval:org.opensuse.security:tst:2009074648" comment="mozilla-nspr-devel less than 4.9.1-0.8.1"/> 39436 <criterion test_ref="oval:org.opensuse.security:tst:2009074649" comment="mozilla-nspr less than 4.9.1-0.8.1"/> 39437 <criterion test_ref="oval:org.opensuse.security:tst:2009074650" comment="mozilla-nss-32bit less than 3.13.5-0.7.2"/> 39438 <criterion test_ref="oval:org.opensuse.security:tst:2009074651" comment="mozilla-nss-devel less than 3.13.5-0.7.2"/> 39439 <criterion test_ref="oval:org.opensuse.security:tst:2009074652" comment="mozilla-nss-tools less than 3.13.5-0.7.2"/> 39440 <criterion test_ref="oval:org.opensuse.security:tst:2009074653" comment="mozilla-nss less than 3.13.5-0.7.2"/> 39441 </criteria> 39442 </criteria> 39443 </definition> 39444 <definition id="oval:org.opensuse.security:def:20121941" version="1" class="vulnerability"> 39445 <metadata> 39446 <title>CVE-2012-1941</title> 39447 <affected family="unix"> 39448 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39449 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39450 </affected> 39451 <reference ref_id="CVE-2012-1941" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1941" source="CVE"/> 39452 <description> 39453 Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code by resizing a window displaying absolutely positioned and relatively positioned elements in nested columns. 39454 </description> 39455 </metadata> 39456 <!-- 17a6ba181710949a9ded0279ec9b1ffb --> 39457 <criteria operator="AND"> 39458 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39459 <criteria operator="OR"> 39460 <criterion test_ref="oval:org.opensuse.security:tst:2009074645" comment="MozillaFirefox-translations less than 10.0.5-0.8.4"/> 39461 <criterion test_ref="oval:org.opensuse.security:tst:2009074646" comment="MozillaFirefox less than 10.0.5-0.8.4"/> 39462 <criterion test_ref="oval:org.opensuse.security:tst:2009074647" comment="mozilla-nspr-32bit less than 4.9.1-0.8.1"/> 39463 <criterion test_ref="oval:org.opensuse.security:tst:2009074648" comment="mozilla-nspr-devel less than 4.9.1-0.8.1"/> 39464 <criterion test_ref="oval:org.opensuse.security:tst:2009074649" comment="mozilla-nspr less than 4.9.1-0.8.1"/> 39465 <criterion test_ref="oval:org.opensuse.security:tst:2009074650" comment="mozilla-nss-32bit less than 3.13.5-0.7.2"/> 39466 <criterion test_ref="oval:org.opensuse.security:tst:2009074651" comment="mozilla-nss-devel less than 3.13.5-0.7.2"/> 39467 <criterion test_ref="oval:org.opensuse.security:tst:2009074652" comment="mozilla-nss-tools less than 3.13.5-0.7.2"/> 39468 <criterion test_ref="oval:org.opensuse.security:tst:2009074653" comment="mozilla-nss less than 3.13.5-0.7.2"/> 39469 </criteria> 39470 </criteria> 39471 </definition> 39472 <definition id="oval:org.opensuse.security:def:20121942" version="1" class="vulnerability"> 39473 <metadata> 39474 <title>CVE-2012-1942</title> 39475 <affected family="unix"> 39476 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39477 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39478 </affected> 39479 <reference ref_id="CVE-2012-1942" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1942" source="CVE"/> 39480 <description> 39481 The Mozilla Updater and Windows Updater Service in Mozilla Firefox 12.0, Thunderbird 12.0, and SeaMonkey 2.9 on Windows allow local users to gain privileges by loading a DLL file in a privileged context. 39482 </description> 39483 </metadata> 39484 <!-- 17a6ba181710949a9ded0279ec9b1ffb --> 39485 <criteria operator="AND"> 39486 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39487 <criteria operator="OR"> 39488 <criterion test_ref="oval:org.opensuse.security:tst:2009074645" comment="MozillaFirefox-translations less than 10.0.5-0.8.4"/> 39489 <criterion test_ref="oval:org.opensuse.security:tst:2009074646" comment="MozillaFirefox less than 10.0.5-0.8.4"/> 39490 <criterion test_ref="oval:org.opensuse.security:tst:2009074647" comment="mozilla-nspr-32bit less than 4.9.1-0.8.1"/> 39491 <criterion test_ref="oval:org.opensuse.security:tst:2009074648" comment="mozilla-nspr-devel less than 4.9.1-0.8.1"/> 39492 <criterion test_ref="oval:org.opensuse.security:tst:2009074649" comment="mozilla-nspr less than 4.9.1-0.8.1"/> 39493 <criterion test_ref="oval:org.opensuse.security:tst:2009074650" comment="mozilla-nss-32bit less than 3.13.5-0.7.2"/> 39494 <criterion test_ref="oval:org.opensuse.security:tst:2009074651" comment="mozilla-nss-devel less than 3.13.5-0.7.2"/> 39495 <criterion test_ref="oval:org.opensuse.security:tst:2009074652" comment="mozilla-nss-tools less than 3.13.5-0.7.2"/> 39496 <criterion test_ref="oval:org.opensuse.security:tst:2009074653" comment="mozilla-nss less than 3.13.5-0.7.2"/> 39497 </criteria> 39498 </criteria> 39499 </definition> 39500 <definition id="oval:org.opensuse.security:def:20121943" version="1" class="vulnerability"> 39501 <metadata> 39502 <title>CVE-2012-1943</title> 39503 <affected family="unix"> 39504 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39505 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39506 </affected> 39507 <reference ref_id="CVE-2012-1943" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1943" source="CVE"/> 39508 <description> 39509 Untrusted search path vulnerability in Updater.exe in the Windows Updater Service in Mozilla Firefox 12.0, Thunderbird 12.0, and SeaMonkey 2.9 on Windows allows local users to gain privileges via a Trojan horse wsock32.dll file in an application directory. 39510 </description> 39511 </metadata> 39512 <!-- 17a6ba181710949a9ded0279ec9b1ffb --> 39513 <criteria operator="AND"> 39514 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39515 <criteria operator="OR"> 39516 <criterion test_ref="oval:org.opensuse.security:tst:2009074645" comment="MozillaFirefox-translations less than 10.0.5-0.8.4"/> 39517 <criterion test_ref="oval:org.opensuse.security:tst:2009074646" comment="MozillaFirefox less than 10.0.5-0.8.4"/> 39518 <criterion test_ref="oval:org.opensuse.security:tst:2009074647" comment="mozilla-nspr-32bit less than 4.9.1-0.8.1"/> 39519 <criterion test_ref="oval:org.opensuse.security:tst:2009074648" comment="mozilla-nspr-devel less than 4.9.1-0.8.1"/> 39520 <criterion test_ref="oval:org.opensuse.security:tst:2009074649" comment="mozilla-nspr less than 4.9.1-0.8.1"/> 39521 <criterion test_ref="oval:org.opensuse.security:tst:2009074650" comment="mozilla-nss-32bit less than 3.13.5-0.7.2"/> 39522 <criterion test_ref="oval:org.opensuse.security:tst:2009074651" comment="mozilla-nss-devel less than 3.13.5-0.7.2"/> 39523 <criterion test_ref="oval:org.opensuse.security:tst:2009074652" comment="mozilla-nss-tools less than 3.13.5-0.7.2"/> 39524 <criterion test_ref="oval:org.opensuse.security:tst:2009074653" comment="mozilla-nss less than 3.13.5-0.7.2"/> 39525 </criteria> 39526 </criteria> 39527 </definition> 39528 <definition id="oval:org.opensuse.security:def:20121944" version="1" class="vulnerability"> 39529 <metadata> 39530 <title>CVE-2012-1944</title> 39531 <affected family="unix"> 39532 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39533 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39534 </affected> 39535 <reference ref_id="CVE-2012-1944" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1944" source="CVE"/> 39536 <description> 39537 The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document. 39538 </description> 39539 </metadata> 39540 <!-- 17a6ba181710949a9ded0279ec9b1ffb --> 39541 <criteria operator="AND"> 39542 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39543 <criteria operator="OR"> 39544 <criterion test_ref="oval:org.opensuse.security:tst:2009074645" comment="MozillaFirefox-translations less than 10.0.5-0.8.4"/> 39545 <criterion test_ref="oval:org.opensuse.security:tst:2009074646" comment="MozillaFirefox less than 10.0.5-0.8.4"/> 39546 <criterion test_ref="oval:org.opensuse.security:tst:2009074647" comment="mozilla-nspr-32bit less than 4.9.1-0.8.1"/> 39547 <criterion test_ref="oval:org.opensuse.security:tst:2009074648" comment="mozilla-nspr-devel less than 4.9.1-0.8.1"/> 39548 <criterion test_ref="oval:org.opensuse.security:tst:2009074649" comment="mozilla-nspr less than 4.9.1-0.8.1"/> 39549 <criterion test_ref="oval:org.opensuse.security:tst:2009074650" comment="mozilla-nss-32bit less than 3.13.5-0.7.2"/> 39550 <criterion test_ref="oval:org.opensuse.security:tst:2009074651" comment="mozilla-nss-devel less than 3.13.5-0.7.2"/> 39551 <criterion test_ref="oval:org.opensuse.security:tst:2009074652" comment="mozilla-nss-tools less than 3.13.5-0.7.2"/> 39552 <criterion test_ref="oval:org.opensuse.security:tst:2009074653" comment="mozilla-nss less than 3.13.5-0.7.2"/> 39553 </criteria> 39554 </criteria> 39555 </definition> 39556 <definition id="oval:org.opensuse.security:def:20121945" version="1" class="vulnerability"> 39557 <metadata> 39558 <title>CVE-2012-1945</title> 39559 <affected family="unix"> 39560 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39561 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39562 </affected> 39563 <reference ref_id="CVE-2012-1945" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1945" source="CVE"/> 39564 <description> 39565 Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut (aka .lnk) file for display within an IFRAME element, as demonstrated by a network share implemented by (1) Microsoft Windows or (2) Samba. 39566 </description> 39567 </metadata> 39568 <!-- 17a6ba181710949a9ded0279ec9b1ffb --> 39569 <criteria operator="AND"> 39570 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39571 <criteria operator="OR"> 39572 <criterion test_ref="oval:org.opensuse.security:tst:2009074645" comment="MozillaFirefox-translations less than 10.0.5-0.8.4"/> 39573 <criterion test_ref="oval:org.opensuse.security:tst:2009074646" comment="MozillaFirefox less than 10.0.5-0.8.4"/> 39574 <criterion test_ref="oval:org.opensuse.security:tst:2009074647" comment="mozilla-nspr-32bit less than 4.9.1-0.8.1"/> 39575 <criterion test_ref="oval:org.opensuse.security:tst:2009074648" comment="mozilla-nspr-devel less than 4.9.1-0.8.1"/> 39576 <criterion test_ref="oval:org.opensuse.security:tst:2009074649" comment="mozilla-nspr less than 4.9.1-0.8.1"/> 39577 <criterion test_ref="oval:org.opensuse.security:tst:2009074650" comment="mozilla-nss-32bit less than 3.13.5-0.7.2"/> 39578 <criterion test_ref="oval:org.opensuse.security:tst:2009074651" comment="mozilla-nss-devel less than 3.13.5-0.7.2"/> 39579 <criterion test_ref="oval:org.opensuse.security:tst:2009074652" comment="mozilla-nss-tools less than 3.13.5-0.7.2"/> 39580 <criterion test_ref="oval:org.opensuse.security:tst:2009074653" comment="mozilla-nss less than 3.13.5-0.7.2"/> 39581 </criteria> 39582 </criteria> 39583 </definition> 39584 <definition id="oval:org.opensuse.security:def:20121946" version="1" class="vulnerability"> 39585 <metadata> 39586 <title>CVE-2012-1946</title> 39587 <affected family="unix"> 39588 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39589 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39590 </affected> 39591 <reference ref_id="CVE-2012-1946" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1946" source="CVE"/> 39592 <description> 39593 Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 might allow remote attackers to execute arbitrary code via document changes involving replacement or insertion of a node. 39594 </description> 39595 </metadata> 39596 <!-- 17a6ba181710949a9ded0279ec9b1ffb --> 39597 <criteria operator="AND"> 39598 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39599 <criteria operator="OR"> 39600 <criterion test_ref="oval:org.opensuse.security:tst:2009074645" comment="MozillaFirefox-translations less than 10.0.5-0.8.4"/> 39601 <criterion test_ref="oval:org.opensuse.security:tst:2009074646" comment="MozillaFirefox less than 10.0.5-0.8.4"/> 39602 <criterion test_ref="oval:org.opensuse.security:tst:2009074647" comment="mozilla-nspr-32bit less than 4.9.1-0.8.1"/> 39603 <criterion test_ref="oval:org.opensuse.security:tst:2009074648" comment="mozilla-nspr-devel less than 4.9.1-0.8.1"/> 39604 <criterion test_ref="oval:org.opensuse.security:tst:2009074649" comment="mozilla-nspr less than 4.9.1-0.8.1"/> 39605 <criterion test_ref="oval:org.opensuse.security:tst:2009074650" comment="mozilla-nss-32bit less than 3.13.5-0.7.2"/> 39606 <criterion test_ref="oval:org.opensuse.security:tst:2009074651" comment="mozilla-nss-devel less than 3.13.5-0.7.2"/> 39607 <criterion test_ref="oval:org.opensuse.security:tst:2009074652" comment="mozilla-nss-tools less than 3.13.5-0.7.2"/> 39608 <criterion test_ref="oval:org.opensuse.security:tst:2009074653" comment="mozilla-nss less than 3.13.5-0.7.2"/> 39609 </criteria> 39610 </criteria> 39611 </definition> 39612 <definition id="oval:org.opensuse.security:def:20121947" version="1" class="vulnerability"> 39613 <metadata> 39614 <title>CVE-2012-1947</title> 39615 <affected family="unix"> 39616 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39617 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39618 </affected> 39619 <reference ref_id="CVE-2012-1947" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1947" source="CVE"/> 39620 <description> 39621 Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure. 39622 </description> 39623 </metadata> 39624 <!-- 17a6ba181710949a9ded0279ec9b1ffb --> 39625 <criteria operator="AND"> 39626 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39627 <criteria operator="OR"> 39628 <criterion test_ref="oval:org.opensuse.security:tst:2009074645" comment="MozillaFirefox-translations less than 10.0.5-0.8.4"/> 39629 <criterion test_ref="oval:org.opensuse.security:tst:2009074646" comment="MozillaFirefox less than 10.0.5-0.8.4"/> 39630 <criterion test_ref="oval:org.opensuse.security:tst:2009074647" comment="mozilla-nspr-32bit less than 4.9.1-0.8.1"/> 39631 <criterion test_ref="oval:org.opensuse.security:tst:2009074648" comment="mozilla-nspr-devel less than 4.9.1-0.8.1"/> 39632 <criterion test_ref="oval:org.opensuse.security:tst:2009074649" comment="mozilla-nspr less than 4.9.1-0.8.1"/> 39633 <criterion test_ref="oval:org.opensuse.security:tst:2009074650" comment="mozilla-nss-32bit less than 3.13.5-0.7.2"/> 39634 <criterion test_ref="oval:org.opensuse.security:tst:2009074651" comment="mozilla-nss-devel less than 3.13.5-0.7.2"/> 39635 <criterion test_ref="oval:org.opensuse.security:tst:2009074652" comment="mozilla-nss-tools less than 3.13.5-0.7.2"/> 39636 <criterion test_ref="oval:org.opensuse.security:tst:2009074653" comment="mozilla-nss less than 3.13.5-0.7.2"/> 39637 </criteria> 39638 </criteria> 39639 </definition> 39640 <definition id="oval:org.opensuse.security:def:20121948" version="1" class="vulnerability"> 39641 <metadata> 39642 <title>CVE-2012-1948</title> 39643 <affected family="unix"> 39644 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39645 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39646 </affected> 39647 <reference ref_id="CVE-2012-1948" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1948" source="CVE"/> 39648 <description> 39649 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 39650 </description> 39651 </metadata> 39652 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 39653 <criteria operator="AND"> 39654 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39655 <criteria operator="OR"> 39656 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 39657 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 39658 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 39659 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 39660 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 39661 </criteria> 39662 </criteria> 39663 </definition> 39664 <definition id="oval:org.opensuse.security:def:20121949" version="1" class="vulnerability"> 39665 <metadata> 39666 <title>CVE-2012-1949</title> 39667 <affected family="unix"> 39668 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39669 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39670 </affected> 39671 <reference ref_id="CVE-2012-1949" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1949" source="CVE"/> 39672 <description> 39673 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 39674 </description> 39675 </metadata> 39676 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 39677 <criteria operator="AND"> 39678 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39679 <criteria operator="OR"> 39680 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 39681 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 39682 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 39683 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 39684 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 39685 </criteria> 39686 </criteria> 39687 </definition> 39688 <definition id="oval:org.opensuse.security:def:20121950" version="1" class="vulnerability"> 39689 <metadata> 39690 <title>CVE-2012-1950</title> 39691 <affected family="unix"> 39692 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39693 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39694 </affected> 39695 <reference ref_id="CVE-2012-1950" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1950" source="CVE"/> 39696 <description> 39697 The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load. 39698 </description> 39699 </metadata> 39700 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 39701 <criteria operator="AND"> 39702 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39703 <criteria operator="OR"> 39704 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 39705 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 39706 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 39707 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 39708 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 39709 </criteria> 39710 </criteria> 39711 </definition> 39712 <definition id="oval:org.opensuse.security:def:20121951" version="1" class="vulnerability"> 39713 <metadata> 39714 <title>CVE-2012-1951</title> 39715 <affected family="unix"> 39716 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39717 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39718 </affected> 39719 <reference ref_id="CVE-2012-1951" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1951" source="CVE"/> 39720 <description> 39721 Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code by interacting with objects used for SMIL Timing. 39722 </description> 39723 </metadata> 39724 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 39725 <criteria operator="AND"> 39726 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39727 <criteria operator="OR"> 39728 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 39729 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 39730 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 39731 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 39732 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 39733 </criteria> 39734 </criteria> 39735 </definition> 39736 <definition id="oval:org.opensuse.security:def:20121952" version="1" class="vulnerability"> 39737 <metadata> 39738 <title>CVE-2012-1952</title> 39739 <affected family="unix"> 39740 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39741 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39742 </affected> 39743 <reference ref_id="CVE-2012-1952" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1952" source="CVE"/> 39744 <description> 39745 The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and column-group frames, which might allow remote attackers to execute arbitrary code via a crafted web site. 39746 </description> 39747 </metadata> 39748 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 39749 <criteria operator="AND"> 39750 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39751 <criteria operator="OR"> 39752 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 39753 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 39754 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 39755 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 39756 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 39757 </criteria> 39758 </criteria> 39759 </definition> 39760 <definition id="oval:org.opensuse.security:def:20121953" version="1" class="vulnerability"> 39761 <metadata> 39762 <title>CVE-2012-1953</title> 39763 <affected family="unix"> 39764 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39765 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39766 </affected> 39767 <reference ref_id="CVE-2012-1953" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1953" source="CVE"/> 39768 <description> 39769 The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (buffer over-read, incorrect pointer dereference, and heap-based buffer overflow) or possibly execute arbitrary code via a crafted web site. 39770 </description> 39771 </metadata> 39772 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 39773 <criteria operator="AND"> 39774 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39775 <criteria operator="OR"> 39776 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 39777 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 39778 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 39779 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 39780 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 39781 </criteria> 39782 </criteria> 39783 </definition> 39784 <definition id="oval:org.opensuse.security:def:20121954" version="1" class="vulnerability"> 39785 <metadata> 39786 <title>CVE-2012-1954</title> 39787 <affected family="unix"> 39788 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39789 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39790 </affected> 39791 <reference ref_id="CVE-2012-1954" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1954" source="CVE"/> 39792 <description> 39793 Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors involving multiple adoptions and empty documents. 39794 </description> 39795 </metadata> 39796 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 39797 <criteria operator="AND"> 39798 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39799 <criteria operator="OR"> 39800 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 39801 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 39802 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 39803 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 39804 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 39805 </criteria> 39806 </criteria> 39807 </definition> 39808 <definition id="oval:org.opensuse.security:def:20121955" version="1" class="vulnerability"> 39809 <metadata> 39810 <title>CVE-2012-1955</title> 39811 <affected family="unix"> 39812 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39813 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39814 </affected> 39815 <reference ref_id="CVE-2012-1955" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1955" source="CVE"/> 39816 <description> 39817 Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to spoof the address bar via vectors involving history.forward and history.back calls. 39818 </description> 39819 </metadata> 39820 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 39821 <criteria operator="AND"> 39822 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39823 <criteria operator="OR"> 39824 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 39825 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 39826 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 39827 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 39828 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 39829 </criteria> 39830 </criteria> 39831 </definition> 39832 <definition id="oval:org.opensuse.security:def:20121956" version="1" class="vulnerability"> 39833 <metadata> 39834 <title>CVE-2012-1956</title> 39835 <affected family="unix"> 39836 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39837 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39838 </affected> 39839 <reference ref_id="CVE-2012-1956" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1956" source="CVE"/> 39840 <description> 39841 Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 do not prevent use of the Object.defineProperty method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin. 39842 </description> 39843 </metadata> 39844 <!-- 3d961c9ba7250844680b248327a712ac --> 39845 <criteria operator="AND"> 39846 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39847 <criteria operator="OR"> 39848 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 39849 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 39850 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 39851 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 39852 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 39853 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 39854 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 39855 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 39856 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 39857 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 39858 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 39859 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 39860 </criteria> 39861 </criteria> 39862 </definition> 39863 <definition id="oval:org.opensuse.security:def:20121957" version="1" class="vulnerability"> 39864 <metadata> 39865 <title>CVE-2012-1957</title> 39866 <affected family="unix"> 39867 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39868 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39869 </affected> 39870 <reference ref_id="CVE-2012-1957" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1957" source="CVE"/> 39871 <description> 39872 An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly handle EMBED elements within description elements in RSS feeds, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a feed. 39873 </description> 39874 </metadata> 39875 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 39876 <criteria operator="AND"> 39877 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39878 <criteria operator="OR"> 39879 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 39880 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 39881 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 39882 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 39883 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 39884 </criteria> 39885 </criteria> 39886 </definition> 39887 <definition id="oval:org.opensuse.security:def:20121958" version="1" class="vulnerability"> 39888 <metadata> 39889 <title>CVE-2012-1958</title> 39890 <affected family="unix"> 39891 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39892 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39893 </affected> 39894 <reference ref_id="CVE-2012-1958" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1958" source="CVE"/> 39895 <description> 39896 Use-after-free vulnerability in the nsGlobalWindow::PageHidden function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 might allow remote attackers to execute arbitrary code via vectors related to focused content. 39897 </description> 39898 </metadata> 39899 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 39900 <criteria operator="AND"> 39901 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39902 <criteria operator="OR"> 39903 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 39904 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 39905 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 39906 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 39907 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 39908 </criteria> 39909 </criteria> 39910 </definition> 39911 <definition id="oval:org.opensuse.security:def:20121959" version="1" class="vulnerability"> 39912 <metadata> 39913 <title>CVE-2012-1959</title> 39914 <affected family="unix"> 39915 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39916 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39917 </affected> 39918 <reference ref_id="CVE-2012-1959" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1959" source="CVE"/> 39919 <description> 39920 Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not consider the presence of same-compartment security wrappers (SCSW) during the cross-compartment wrapping of objects, which allows remote attackers to bypass intended XBL access restrictions via crafted content. 39921 </description> 39922 </metadata> 39923 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 39924 <criteria operator="AND"> 39925 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39926 <criteria operator="OR"> 39927 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 39928 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 39929 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 39930 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 39931 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 39932 </criteria> 39933 </criteria> 39934 </definition> 39935 <definition id="oval:org.opensuse.security:def:20121960" version="1" class="vulnerability"> 39936 <metadata> 39937 <title>CVE-2012-1960</title> 39938 <affected family="unix"> 39939 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39940 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39941 </affected> 39942 <reference ref_id="CVE-2012-1960" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1960" source="CVE"/> 39943 <description> 39944 The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation. 39945 </description> 39946 </metadata> 39947 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 39948 <criteria operator="AND"> 39949 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39950 <criteria operator="OR"> 39951 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 39952 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 39953 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 39954 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 39955 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 39956 </criteria> 39957 </criteria> 39958 </definition> 39959 <definition id="oval:org.opensuse.security:def:20121961" version="1" class="vulnerability"> 39960 <metadata> 39961 <title>CVE-2012-1961</title> 39962 <affected family="unix"> 39963 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39964 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39965 </affected> 39966 <reference ref_id="CVE-2012-1961" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1961" source="CVE"/> 39967 <description> 39968 Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly handle duplicate values in X-Frame-Options headers, which makes it easier for remote attackers to conduct clickjacking attacks via a FRAME element referencing a web site that produces these duplicate values. 39969 </description> 39970 </metadata> 39971 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 39972 <criteria operator="AND"> 39973 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39974 <criteria operator="OR"> 39975 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 39976 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 39977 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 39978 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 39979 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 39980 </criteria> 39981 </criteria> 39982 </definition> 39983 <definition id="oval:org.opensuse.security:def:20121962" version="1" class="vulnerability"> 39984 <metadata> 39985 <title>CVE-2012-1962</title> 39986 <affected family="unix"> 39987 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 39988 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 39989 </affected> 39990 <reference ref_id="CVE-2012-1962" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1962" source="CVE"/> 39991 <description> 39992 Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving strings with multiple dependencies. 39993 </description> 39994 </metadata> 39995 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 39996 <criteria operator="AND"> 39997 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 39998 <criteria operator="OR"> 39999 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 40000 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 40001 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 40002 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 40003 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 40004 </criteria> 40005 </criteria> 40006 </definition> 40007 <definition id="oval:org.opensuse.security:def:20121963" version="1" class="vulnerability"> 40008 <metadata> 40009 <title>CVE-2012-1963</title> 40010 <affected family="unix"> 40011 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40012 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40013 </affected> 40014 <reference ref_id="CVE-2012-1963" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1963" source="CVE"/> 40015 <description> 40016 The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly restrict the strings placed into the blocked-uri parameter of a violation report, which allows remote web servers to capture OpenID credentials and OAuth 2.0 access tokens by triggering a violation. 40017 </description> 40018 </metadata> 40019 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 40020 <criteria operator="AND"> 40021 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40022 <criteria operator="OR"> 40023 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 40024 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 40025 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 40026 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 40027 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 40028 </criteria> 40029 </criteria> 40030 </definition> 40031 <definition id="oval:org.opensuse.security:def:20121964" version="1" class="vulnerability"> 40032 <metadata> 40033 <title>CVE-2012-1964</title> 40034 <affected family="unix"> 40035 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40036 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40037 </affected> 40038 <reference ref_id="CVE-2012-1964" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1964" source="CVE"/> 40039 <description> 40040 The certificate-warning functionality in browser/components/certerror/content/aboutCertError.xhtml in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.10 does not properly handle attempted clickjacking of the about:certerror page, which allows man-in-the-middle attackers to trick users into adding an unintended exception via an IFRAME element. 40041 </description> 40042 </metadata> 40043 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 40044 <criteria operator="AND"> 40045 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40046 <criteria operator="OR"> 40047 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 40048 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 40049 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 40050 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 40051 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 40052 </criteria> 40053 </criteria> 40054 </definition> 40055 <definition id="oval:org.opensuse.security:def:20121965" version="1" class="vulnerability"> 40056 <metadata> 40057 <title>CVE-2012-1965</title> 40058 <affected family="unix"> 40059 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40060 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40061 </affected> 40062 <reference ref_id="CVE-2012-1965" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1965" source="CVE"/> 40063 <description> 40064 Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL. 40065 </description> 40066 </metadata> 40067 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 40068 <criteria operator="AND"> 40069 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40070 <criteria operator="OR"> 40071 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 40072 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 40073 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 40074 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 40075 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 40076 </criteria> 40077 </criteria> 40078 </definition> 40079 <definition id="oval:org.opensuse.security:def:20121966" version="1" class="vulnerability"> 40080 <metadata> 40081 <title>CVE-2012-1966</title> 40082 <affected family="unix"> 40083 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40084 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40085 </affected> 40086 <reference ref_id="CVE-2012-1966" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1966" source="CVE"/> 40087 <description> 40088 Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL. 40089 </description> 40090 </metadata> 40091 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 40092 <criteria operator="AND"> 40093 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40094 <criteria operator="OR"> 40095 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 40096 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 40097 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 40098 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 40099 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 40100 </criteria> 40101 </criteria> 40102 </definition> 40103 <definition id="oval:org.opensuse.security:def:20121967" version="1" class="vulnerability"> 40104 <metadata> 40105 <title>CVE-2012-1967</title> 40106 <affected family="unix"> 40107 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40108 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40109 </affected> 40110 <reference ref_id="CVE-2012-1967" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1967" source="CVE"/> 40111 <description> 40112 Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper privileges via a javascript: URL. 40113 </description> 40114 </metadata> 40115 <!-- 96da6f10cbe978aeccb3ac8d9d6b7ef8 --> 40116 <criteria operator="AND"> 40117 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40118 <criteria operator="OR"> 40119 <criterion test_ref="oval:org.opensuse.security:tst:2009075001" comment="MozillaFirefox-branding-SLED less than 7-0.8.25"/> 40120 <criterion test_ref="oval:org.opensuse.security:tst:2009075002" comment="MozillaFirefox-translations less than 10.0.6-0.6.1"/> 40121 <criterion test_ref="oval:org.opensuse.security:tst:2009075003" comment="MozillaFirefox less than 10.0.6-0.6.1"/> 40122 <criterion test_ref="oval:org.opensuse.security:tst:2009075004" comment="firefox3-gtk2-32bit less than 2.10.6-0.12.1"/> 40123 <criterion test_ref="oval:org.opensuse.security:tst:2009075005" comment="firefox3-gtk2 less than 2.10.6-0.12.1"/> 40124 </criteria> 40125 </criteria> 40126 </definition> 40127 <definition id="oval:org.opensuse.security:def:20121970" version="1" class="vulnerability"> 40128 <metadata> 40129 <title>CVE-2012-1970</title> 40130 <affected family="unix"> 40131 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40132 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40133 </affected> 40134 <reference ref_id="CVE-2012-1970" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1970" source="CVE"/> 40135 <description> 40136 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 40137 </description> 40138 </metadata> 40139 <!-- 3d961c9ba7250844680b248327a712ac --> 40140 <criteria operator="AND"> 40141 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40142 <criteria operator="OR"> 40143 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 40144 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 40145 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 40146 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 40147 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 40148 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 40149 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 40150 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 40151 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 40152 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 40153 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 40154 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 40155 </criteria> 40156 </criteria> 40157 </definition> 40158 <definition id="oval:org.opensuse.security:def:20121971" version="1" class="vulnerability"> 40159 <metadata> 40160 <title>CVE-2012-1971</title> 40161 <affected family="unix"> 40162 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40163 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40164 </affected> 40165 <reference ref_id="CVE-2012-1971" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1971" source="CVE"/> 40166 <description> 40167 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to garbage collection after certain MethodJIT execution, and unknown other vectors. 40168 </description> 40169 </metadata> 40170 <!-- 3d961c9ba7250844680b248327a712ac --> 40171 <criteria operator="AND"> 40172 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40173 <criteria operator="OR"> 40174 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 40175 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 40176 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 40177 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 40178 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 40179 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 40180 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 40181 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 40182 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 40183 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 40184 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 40185 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 40186 </criteria> 40187 </criteria> 40188 </definition> 40189 <definition id="oval:org.opensuse.security:def:20121972" version="1" class="vulnerability"> 40190 <metadata> 40191 <title>CVE-2012-1972</title> 40192 <affected family="unix"> 40193 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40194 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40195 </affected> 40196 <reference ref_id="CVE-2012-1972" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1972" source="CVE"/> 40197 <description> 40198 Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 40199 </description> 40200 </metadata> 40201 <!-- 3d961c9ba7250844680b248327a712ac --> 40202 <criteria operator="AND"> 40203 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40204 <criteria operator="OR"> 40205 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 40206 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 40207 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 40208 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 40209 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 40210 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 40211 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 40212 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 40213 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 40214 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 40215 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 40216 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 40217 </criteria> 40218 </criteria> 40219 </definition> 40220 <definition id="oval:org.opensuse.security:def:20121973" version="1" class="vulnerability"> 40221 <metadata> 40222 <title>CVE-2012-1973</title> 40223 <affected family="unix"> 40224 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40225 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40226 </affected> 40227 <reference ref_id="CVE-2012-1973" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1973" source="CVE"/> 40228 <description> 40229 Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 40230 </description> 40231 </metadata> 40232 <!-- 3d961c9ba7250844680b248327a712ac --> 40233 <criteria operator="AND"> 40234 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40235 <criteria operator="OR"> 40236 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 40237 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 40238 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 40239 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 40240 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 40241 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 40242 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 40243 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 40244 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 40245 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 40246 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 40247 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 40248 </criteria> 40249 </criteria> 40250 </definition> 40251 <definition id="oval:org.opensuse.security:def:20121974" version="1" class="vulnerability"> 40252 <metadata> 40253 <title>CVE-2012-1974</title> 40254 <affected family="unix"> 40255 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40256 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40257 </affected> 40258 <reference ref_id="CVE-2012-1974" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1974" source="CVE"/> 40259 <description> 40260 Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 40261 </description> 40262 </metadata> 40263 <!-- 3d961c9ba7250844680b248327a712ac --> 40264 <criteria operator="AND"> 40265 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40266 <criteria operator="OR"> 40267 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 40268 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 40269 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 40270 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 40271 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 40272 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 40273 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 40274 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 40275 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 40276 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 40277 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 40278 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 40279 </criteria> 40280 </criteria> 40281 </definition> 40282 <definition id="oval:org.opensuse.security:def:20121975" version="1" class="vulnerability"> 40283 <metadata> 40284 <title>CVE-2012-1975</title> 40285 <affected family="unix"> 40286 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40287 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40288 </affected> 40289 <reference ref_id="CVE-2012-1975" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1975" source="CVE"/> 40290 <description> 40291 Use-after-free vulnerability in the PresShell::CompleteMove function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 40292 </description> 40293 </metadata> 40294 <!-- 3d961c9ba7250844680b248327a712ac --> 40295 <criteria operator="AND"> 40296 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40297 <criteria operator="OR"> 40298 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 40299 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 40300 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 40301 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 40302 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 40303 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 40304 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 40305 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 40306 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 40307 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 40308 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 40309 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 40310 </criteria> 40311 </criteria> 40312 </definition> 40313 <definition id="oval:org.opensuse.security:def:20121976" version="1" class="vulnerability"> 40314 <metadata> 40315 <title>CVE-2012-1976</title> 40316 <affected family="unix"> 40317 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40318 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40319 </affected> 40320 <reference ref_id="CVE-2012-1976" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1976" source="CVE"/> 40321 <description> 40322 Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 40323 </description> 40324 </metadata> 40325 <!-- 3d961c9ba7250844680b248327a712ac --> 40326 <criteria operator="AND"> 40327 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40328 <criteria operator="OR"> 40329 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 40330 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 40331 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 40332 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 40333 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 40334 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 40335 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 40336 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 40337 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 40338 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 40339 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 40340 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 40341 </criteria> 40342 </criteria> 40343 </definition> 40344 <definition id="oval:org.opensuse.security:def:20122034" version="1" class="vulnerability"> 40345 <metadata> 40346 <title>CVE-2012-2034</title> 40347 <affected family="unix"> 40348 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40349 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40350 </affected> 40351 <reference ref_id="CVE-2012-2034" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2034" source="CVE"/> 40352 <description> 40353 Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2037. 40354 </description> 40355 </metadata> 40356 <!-- 32f63c722aa23420e1bd3dc2156e2cda --> 40357 <criteria operator="AND"> 40358 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40359 <criterion test_ref="oval:org.opensuse.security:tst:2009074510" comment="flash-player less than 11.2.202.236-0.5.1"/> 40360 </criteria> 40361 </definition> 40362 <definition id="oval:org.opensuse.security:def:20122035" version="1" class="vulnerability"> 40363 <metadata> 40364 <title>CVE-2012-2035</title> 40365 <affected family="unix"> 40366 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40367 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40368 </affected> 40369 <reference ref_id="CVE-2012-2035" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2035" source="CVE"/> 40370 <description> 40371 Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors. 40372 </description> 40373 </metadata> 40374 <!-- 32f63c722aa23420e1bd3dc2156e2cda --> 40375 <criteria operator="AND"> 40376 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40377 <criterion test_ref="oval:org.opensuse.security:tst:2009074510" comment="flash-player less than 11.2.202.236-0.5.1"/> 40378 </criteria> 40379 </definition> 40380 <definition id="oval:org.opensuse.security:def:20122036" version="1" class="vulnerability"> 40381 <metadata> 40382 <title>CVE-2012-2036</title> 40383 <affected family="unix"> 40384 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40385 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40386 </affected> 40387 <reference ref_id="CVE-2012-2036" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2036" source="CVE"/> 40388 <description> 40389 Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors. 40390 </description> 40391 </metadata> 40392 <!-- 32f63c722aa23420e1bd3dc2156e2cda --> 40393 <criteria operator="AND"> 40394 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40395 <criterion test_ref="oval:org.opensuse.security:tst:2009074510" comment="flash-player less than 11.2.202.236-0.5.1"/> 40396 </criteria> 40397 </definition> 40398 <definition id="oval:org.opensuse.security:def:20122037" version="1" class="vulnerability"> 40399 <metadata> 40400 <title>CVE-2012-2037</title> 40401 <affected family="unix"> 40402 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40403 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40404 </affected> 40405 <reference ref_id="CVE-2012-2037" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2037" source="CVE"/> 40406 <description> 40407 Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2034. 40408 </description> 40409 </metadata> 40410 <!-- 32f63c722aa23420e1bd3dc2156e2cda --> 40411 <criteria operator="AND"> 40412 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40413 <criterion test_ref="oval:org.opensuse.security:tst:2009074510" comment="flash-player less than 11.2.202.236-0.5.1"/> 40414 </criteria> 40415 </definition> 40416 <definition id="oval:org.opensuse.security:def:20122038" version="1" class="vulnerability"> 40417 <metadata> 40418 <title>CVE-2012-2038</title> 40419 <affected family="unix"> 40420 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40421 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40422 </affected> 40423 <reference ref_id="CVE-2012-2038" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2038" source="CVE"/> 40424 <description> 40425 Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. 40426 </description> 40427 </metadata> 40428 <!-- 32f63c722aa23420e1bd3dc2156e2cda --> 40429 <criteria operator="AND"> 40430 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40431 <criterion test_ref="oval:org.opensuse.security:tst:2009074510" comment="flash-player less than 11.2.202.236-0.5.1"/> 40432 </criteria> 40433 </definition> 40434 <definition id="oval:org.opensuse.security:def:20122039" version="1" class="vulnerability"> 40435 <metadata> 40436 <title>CVE-2012-2039</title> 40437 <affected family="unix"> 40438 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40439 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40440 </affected> 40441 <reference ref_id="CVE-2012-2039" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2039" source="CVE"/> 40442 <description> 40443 Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors. 40444 </description> 40445 </metadata> 40446 <!-- 32f63c722aa23420e1bd3dc2156e2cda --> 40447 <criteria operator="AND"> 40448 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40449 <criterion test_ref="oval:org.opensuse.security:tst:2009074510" comment="flash-player less than 11.2.202.236-0.5.1"/> 40450 </criteria> 40451 </definition> 40452 <definition id="oval:org.opensuse.security:def:20122040" version="1" class="vulnerability"> 40453 <metadata> 40454 <title>CVE-2012-2040</title> 40455 <affected family="unix"> 40456 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40457 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40458 </affected> 40459 <reference ref_id="CVE-2012-2040" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2040" source="CVE"/> 40460 <description> 40461 Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows local users to gain privileges via a Trojan horse executable file in an unspecified directory. 40462 </description> 40463 </metadata> 40464 <!-- 32f63c722aa23420e1bd3dc2156e2cda --> 40465 <criteria operator="AND"> 40466 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40467 <criterion test_ref="oval:org.opensuse.security:tst:2009074510" comment="flash-player less than 11.2.202.236-0.5.1"/> 40468 </criteria> 40469 </definition> 40470 <definition id="oval:org.opensuse.security:def:20122088" version="1" class="vulnerability"> 40471 <metadata> 40472 <title>CVE-2012-2088</title> 40473 <affected family="unix"> 40474 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40475 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40476 </affected> 40477 <reference ref_id="CVE-2012-2088" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2088" source="CVE"/> 40478 <description> 40479 Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion between signed and unsigned types, leading to a heap-based buffer overflow. 40480 </description> 40481 </metadata> 40482 <!-- bb00258755d4c0881387cfdfcb958733 --> 40483 <criteria operator="AND"> 40484 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40485 <criteria operator="OR"> 40486 <criterion test_ref="oval:org.opensuse.security:tst:2009074988" comment="libtiff-32bit less than 3.8.2-5.28.1"/> 40487 <criterion test_ref="oval:org.opensuse.security:tst:2009074989" comment="libtiff-devel less than 3.8.2-5.28.1"/> 40488 <criterion test_ref="oval:org.opensuse.security:tst:2009074990" comment="libtiff less than 3.8.2-5.28.1"/> 40489 </criteria> 40490 </criteria> 40491 </definition> 40492 <definition id="oval:org.opensuse.security:def:20122110" version="1" class="vulnerability"> 40493 <metadata> 40494 <title>CVE-2012-2110</title> 40495 <affected family="unix"> 40496 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40497 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40498 </affected> 40499 <reference ref_id="CVE-2012-2110" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110" source="CVE"/> 40500 <description> 40501 The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. 40502 </description> 40503 </metadata> 40504 <criteria operator="OR"> 40505 <!-- 6f04264f0709c1dee299245669fdda7c --> 40506 <criteria operator="AND"> 40507 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40508 <criteria operator="OR"> 40509 <criterion test_ref="oval:org.opensuse.security:tst:2009075531" comment="compat-openssl097g-32bit less than 0.9.7g-13.23.1"/> 40510 <criterion test_ref="oval:org.opensuse.security:tst:2009075532" comment="compat-openssl097g less than 0.9.7g-13.23.1"/> 40511 </criteria> 40512 </criteria> 40513 <!-- d67d562e97a943fd087f8fa61a2ad294 --> 40514 <criteria operator="AND"> 40515 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40516 <criteria operator="OR"> 40517 <criterion test_ref="oval:org.opensuse.security:tst:2009074282" comment="openssl-32bit less than 0.9.8a-18.68.1"/> 40518 <criterion test_ref="oval:org.opensuse.security:tst:2009074283" comment="openssl-devel-32bit less than 0.9.8a-18.68.1"/> 40519 <criterion test_ref="oval:org.opensuse.security:tst:2009074284" comment="openssl-devel less than 0.9.8a-18.68.1"/> 40520 <criterion test_ref="oval:org.opensuse.security:tst:2009074285" comment="openssl less than 0.9.8a-18.68.1"/> 40521 </criteria> 40522 </criteria> 40523 </criteria> 40524 </definition> 40525 <definition id="oval:org.opensuse.security:def:20122113" version="1" class="vulnerability"> 40526 <metadata> 40527 <title>CVE-2012-2113</title> 40528 <affected family="unix"> 40529 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40530 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40531 </affected> 40532 <reference ref_id="CVE-2012-2113" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2113" source="CVE"/> 40533 <description> 40534 Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. 40535 </description> 40536 </metadata> 40537 <!-- bb00258755d4c0881387cfdfcb958733 --> 40538 <criteria operator="AND"> 40539 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40540 <criteria operator="OR"> 40541 <criterion test_ref="oval:org.opensuse.security:tst:2009074988" comment="libtiff-32bit less than 3.8.2-5.28.1"/> 40542 <criterion test_ref="oval:org.opensuse.security:tst:2009074989" comment="libtiff-devel less than 3.8.2-5.28.1"/> 40543 <criterion test_ref="oval:org.opensuse.security:tst:2009074990" comment="libtiff less than 3.8.2-5.28.1"/> 40544 </criteria> 40545 </criteria> 40546 </definition> 40547 <definition id="oval:org.opensuse.security:def:20122131" version="1" class="vulnerability"> 40548 <metadata> 40549 <title>CVE-2012-2131</title> 40550 <affected family="unix"> 40551 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40552 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40553 </affected> 40554 <reference ref_id="CVE-2012-2131" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2131" source="CVE"/> 40555 <description> 40556 Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2110. 40557 </description> 40558 </metadata> 40559 <criteria operator="OR"> 40560 <!-- 6f04264f0709c1dee299245669fdda7c --> 40561 <criteria operator="AND"> 40562 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40563 <criteria operator="OR"> 40564 <criterion test_ref="oval:org.opensuse.security:tst:2009075531" comment="compat-openssl097g-32bit less than 0.9.7g-13.23.1"/> 40565 <criterion test_ref="oval:org.opensuse.security:tst:2009075532" comment="compat-openssl097g less than 0.9.7g-13.23.1"/> 40566 </criteria> 40567 </criteria> 40568 <!-- d67d562e97a943fd087f8fa61a2ad294 --> 40569 <criteria operator="AND"> 40570 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40571 <criteria operator="OR"> 40572 <criterion test_ref="oval:org.opensuse.security:tst:2009074282" comment="openssl-32bit less than 0.9.8a-18.68.1"/> 40573 <criterion test_ref="oval:org.opensuse.security:tst:2009074283" comment="openssl-devel-32bit less than 0.9.8a-18.68.1"/> 40574 <criterion test_ref="oval:org.opensuse.security:tst:2009074284" comment="openssl-devel less than 0.9.8a-18.68.1"/> 40575 <criterion test_ref="oval:org.opensuse.security:tst:2009074285" comment="openssl less than 0.9.8a-18.68.1"/> 40576 </criteria> 40577 </criteria> 40578 </criteria> 40579 </definition> 40580 <definition id="oval:org.opensuse.security:def:20122136" version="1" class="vulnerability"> 40581 <metadata> 40582 <title>CVE-2012-2136</title> 40583 <affected family="unix"> 40584 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40585 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40586 </affected> 40587 <reference ref_id="CVE-2012-2136" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2136" source="CVE"/> 40588 <description> 40589 The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging access to a TUN/TAP device. 40590 </description> 40591 </metadata> 40592 <criteria operator="OR"> 40593 <!-- 9dc087603b172b449aa9a07b548bf3cf --> 40594 <criteria operator="AND"> 40595 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40596 <criteria operator="OR"> 40597 <criterion test_ref="oval:org.opensuse.security:tst:2009075850" comment="kernel-bigsmp less than 2.6.16.60-0.99.1"/> 40598 <criterion test_ref="oval:org.opensuse.security:tst:2009075851" comment="kernel-default less than 2.6.16.60-0.99.1"/> 40599 <criterion test_ref="oval:org.opensuse.security:tst:2009075852" comment="kernel-smp less than 2.6.16.60-0.99.1"/> 40600 <criterion test_ref="oval:org.opensuse.security:tst:2009075853" comment="kernel-source less than 2.6.16.60-0.99.1"/> 40601 <criterion test_ref="oval:org.opensuse.security:tst:2009075854" comment="kernel-syms less than 2.6.16.60-0.99.1"/> 40602 <criterion test_ref="oval:org.opensuse.security:tst:2009075855" comment="kernel-xen less than 2.6.16.60-0.99.1"/> 40603 <criterion test_ref="oval:org.opensuse.security:tst:2009075856" comment="kernel-xenpae less than 2.6.16.60-0.99.1"/> 40604 </criteria> 40605 </criteria> 40606 <!-- c77cfcc87d8e54df006cb42c12c2fadb --> 40607 <criteria operator="AND"> 40608 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40609 <criteria operator="OR"> 40610 <criterion test_ref="oval:org.opensuse.security:tst:2009075851" comment="kernel-default less than 2.6.16.60-0.99.1"/> 40611 <criterion test_ref="oval:org.opensuse.security:tst:2009075852" comment="kernel-smp less than 2.6.16.60-0.99.1"/> 40612 <criterion test_ref="oval:org.opensuse.security:tst:2009075853" comment="kernel-source less than 2.6.16.60-0.99.1"/> 40613 <criterion test_ref="oval:org.opensuse.security:tst:2009075854" comment="kernel-syms less than 2.6.16.60-0.99.1"/> 40614 <criterion test_ref="oval:org.opensuse.security:tst:2009075855" comment="kernel-xen less than 2.6.16.60-0.99.1"/> 40615 </criteria> 40616 </criteria> 40617 </criteria> 40618 </definition> 40619 <definition id="oval:org.opensuse.security:def:20122141" version="1" class="vulnerability"> 40620 <metadata> 40621 <title>CVE-2012-2141</title> 40622 <affected family="unix"> 40623 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40624 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40625 </affected> 40626 <reference ref_id="CVE-2012-2141" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2141" source="CVE"/> 40627 <description> 40628 Array index error in the handle_nsExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service (out-of-bounds read and snmpd crash) via an SNMP GET request for an entry not in the extension table. 40629 </description> 40630 </metadata> 40631 <!-- 48b04a33674cd4129a7b5210a9eb8985 --> 40632 <criteria operator="AND"> 40633 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40634 <criteria operator="OR"> 40635 <criterion test_ref="oval:org.opensuse.security:tst:2009074955" comment="net-snmp-32bit less than 5.3.0.1-25.43.1"/> 40636 <criterion test_ref="oval:org.opensuse.security:tst:2009074956" comment="net-snmp-devel less than 5.3.0.1-25.43.1"/> 40637 <criterion test_ref="oval:org.opensuse.security:tst:2009074957" comment="net-snmp less than 5.3.0.1-25.43.1"/> 40638 <criterion test_ref="oval:org.opensuse.security:tst:2009074958" comment="perl-SNMP less than 5.3.0.1-25.43.1"/> 40639 </criteria> 40640 </criteria> 40641 </definition> 40642 <definition id="oval:org.opensuse.security:def:20122214" version="1" class="vulnerability"> 40643 <metadata> 40644 <title>CVE-2012-2214</title> 40645 <affected family="unix"> 40646 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40647 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40648 </affected> 40649 <reference ref_id="CVE-2012-2214" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2214" source="CVE"/> 40650 <description> 40651 proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service (application crash) via a sequence of XMPP file-transfer requests. 40652 </description> 40653 </metadata> 40654 <!-- 1444b130f542f9e056af8af62199bd10 --> 40655 <criteria operator="AND"> 40656 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40657 <criteria operator="OR"> 40658 <criterion test_ref="oval:org.opensuse.security:tst:2009074698" comment="finch less than 2.6.6-0.16.1"/> 40659 <criterion test_ref="oval:org.opensuse.security:tst:2009074699" comment="libpurple less than 2.6.6-0.16.1"/> 40660 <criterion test_ref="oval:org.opensuse.security:tst:2009074700" comment="pidgin less than 2.6.6-0.16.1"/> 40661 </criteria> 40662 </criteria> 40663 </definition> 40664 <definition id="oval:org.opensuse.security:def:20122313" version="1" class="vulnerability"> 40665 <metadata> 40666 <title>CVE-2012-2313</title> 40667 <affected family="unix"> 40668 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40669 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40670 </affected> 40671 <reference ref_id="CVE-2012-2313" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2313" source="CVE"/> 40672 <description> 40673 The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call. 40674 </description> 40675 </metadata> 40676 <criteria operator="OR"> 40677 <!-- 3395803e5857d3e0f44b39331dc3b010 --> 40678 <criteria operator="AND"> 40679 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40680 <criteria operator="OR"> 40681 <criterion test_ref="oval:org.opensuse.security:tst:2009107340" comment="kernel-bigsmp less than 2.6.16.60-0.97.1"/> 40682 <criterion test_ref="oval:org.opensuse.security:tst:2009074611" comment="kernel-default less than 2.6.16.60-0.97.1"/> 40683 <criterion test_ref="oval:org.opensuse.security:tst:2009074614" comment="kernel-smp less than 2.6.16.60-0.97.1"/> 40684 <criterion test_ref="oval:org.opensuse.security:tst:2009074612" comment="kernel-source less than 2.6.16.60-0.97.1"/> 40685 <criterion test_ref="oval:org.opensuse.security:tst:2009074613" comment="kernel-syms less than 2.6.16.60-0.97.1"/> 40686 <criterion test_ref="oval:org.opensuse.security:tst:2009074615" comment="kernel-xen less than 2.6.16.60-0.97.1"/> 40687 <criterion test_ref="oval:org.opensuse.security:tst:2009107341" comment="kernel-xenpae less than 2.6.16.60-0.97.1"/> 40688 </criteria> 40689 </criteria> 40690 <!-- 96d47125b6fb737bee4bf3f7619aa63d --> 40691 <criteria operator="AND"> 40692 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40693 <criteria operator="OR"> 40694 <criterion test_ref="oval:org.opensuse.security:tst:2009074611" comment="kernel-default less than 2.6.16.60-0.97.1"/> 40695 <criterion test_ref="oval:org.opensuse.security:tst:2009074614" comment="kernel-smp less than 2.6.16.60-0.97.1"/> 40696 <criterion test_ref="oval:org.opensuse.security:tst:2009074612" comment="kernel-source less than 2.6.16.60-0.97.1"/> 40697 <criterion test_ref="oval:org.opensuse.security:tst:2009074613" comment="kernel-syms less than 2.6.16.60-0.97.1"/> 40698 <criterion test_ref="oval:org.opensuse.security:tst:2009074615" comment="kernel-xen less than 2.6.16.60-0.97.1"/> 40699 </criteria> 40700 </criteria> 40701 </criteria> 40702 </definition> 40703 <definition id="oval:org.opensuse.security:def:20122318" version="1" class="vulnerability"> 40704 <metadata> 40705 <title>CVE-2012-2318</title> 40706 <affected family="unix"> 40707 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40708 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40709 </affected> 40710 <reference ref_id="CVE-2012-2318" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2318" source="CVE"/> 40711 <description> 40712 msg.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.4 does not properly handle crafted characters, which allows remote servers to cause a denial of service (application crash) by placing these characters in a text/plain message. 40713 </description> 40714 </metadata> 40715 <!-- 1444b130f542f9e056af8af62199bd10 --> 40716 <criteria operator="AND"> 40717 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40718 <criteria operator="OR"> 40719 <criterion test_ref="oval:org.opensuse.security:tst:2009074698" comment="finch less than 2.6.6-0.16.1"/> 40720 <criterion test_ref="oval:org.opensuse.security:tst:2009074699" comment="libpurple less than 2.6.6-0.16.1"/> 40721 <criterion test_ref="oval:org.opensuse.security:tst:2009074700" comment="pidgin less than 2.6.6-0.16.1"/> 40722 </criteria> 40723 </criteria> 40724 </definition> 40725 <definition id="oval:org.opensuse.security:def:20122319" version="1" class="vulnerability"> 40726 <metadata> 40727 <title>CVE-2012-2319</title> 40728 <affected family="unix"> 40729 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40730 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40731 </affected> 40732 <reference ref_id="CVE-2012-2319" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2319" source="CVE"/> 40733 <description> 40734 Multiple buffer overflows in the hfsplus filesystem implementation in the Linux kernel before 3.3.5 allow local users to gain privileges via a crafted HFS plus filesystem, a related issue to CVE-2009-4020. 40735 </description> 40736 </metadata> 40737 <criteria operator="OR"> 40738 <!-- 3395803e5857d3e0f44b39331dc3b010 --> 40739 <criteria operator="AND"> 40740 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40741 <criteria operator="OR"> 40742 <criterion test_ref="oval:org.opensuse.security:tst:2009107340" comment="kernel-bigsmp less than 2.6.16.60-0.97.1"/> 40743 <criterion test_ref="oval:org.opensuse.security:tst:2009074611" comment="kernel-default less than 2.6.16.60-0.97.1"/> 40744 <criterion test_ref="oval:org.opensuse.security:tst:2009074614" comment="kernel-smp less than 2.6.16.60-0.97.1"/> 40745 <criterion test_ref="oval:org.opensuse.security:tst:2009074612" comment="kernel-source less than 2.6.16.60-0.97.1"/> 40746 <criterion test_ref="oval:org.opensuse.security:tst:2009074613" comment="kernel-syms less than 2.6.16.60-0.97.1"/> 40747 <criterion test_ref="oval:org.opensuse.security:tst:2009074615" comment="kernel-xen less than 2.6.16.60-0.97.1"/> 40748 <criterion test_ref="oval:org.opensuse.security:tst:2009107341" comment="kernel-xenpae less than 2.6.16.60-0.97.1"/> 40749 </criteria> 40750 </criteria> 40751 <!-- 96d47125b6fb737bee4bf3f7619aa63d --> 40752 <criteria operator="AND"> 40753 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40754 <criteria operator="OR"> 40755 <criterion test_ref="oval:org.opensuse.security:tst:2009074611" comment="kernel-default less than 2.6.16.60-0.97.1"/> 40756 <criterion test_ref="oval:org.opensuse.security:tst:2009074614" comment="kernel-smp less than 2.6.16.60-0.97.1"/> 40757 <criterion test_ref="oval:org.opensuse.security:tst:2009074612" comment="kernel-source less than 2.6.16.60-0.97.1"/> 40758 <criterion test_ref="oval:org.opensuse.security:tst:2009074613" comment="kernel-syms less than 2.6.16.60-0.97.1"/> 40759 <criterion test_ref="oval:org.opensuse.security:tst:2009074615" comment="kernel-xen less than 2.6.16.60-0.97.1"/> 40760 </criteria> 40761 </criteria> 40762 </criteria> 40763 </definition> 40764 <definition id="oval:org.opensuse.security:def:20122333" version="1" class="vulnerability"> 40765 <metadata> 40766 <title>CVE-2012-2333</title> 40767 <affected family="unix"> 40768 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40769 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40770 </affected> 40771 <reference ref_id="CVE-2012-2333" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333" source="CVE"/> 40772 <description> 40773 Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation. 40774 </description> 40775 </metadata> 40776 <!-- 72e4e6bb5a3e9c48dd5cb873ce95abda --> 40777 <criteria operator="AND"> 40778 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40779 <criteria operator="OR"> 40780 <criterion test_ref="oval:org.opensuse.security:tst:2009074321" comment="openssl-32bit less than 0.9.8a-18.70.5"/> 40781 <criterion test_ref="oval:org.opensuse.security:tst:2009074322" comment="openssl-devel-32bit less than 0.9.8a-18.70.5"/> 40782 <criterion test_ref="oval:org.opensuse.security:tst:2009074323" comment="openssl-devel less than 0.9.8a-18.70.5"/> 40783 <criterion test_ref="oval:org.opensuse.security:tst:2009074324" comment="openssl less than 0.9.8a-18.70.5"/> 40784 </criteria> 40785 </criteria> 40786 </definition> 40787 <definition id="oval:org.opensuse.security:def:20122334" version="1" class="vulnerability"> 40788 <metadata> 40789 <title>CVE-2012-2334</title> 40790 <affected family="unix"> 40791 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40792 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40793 </affected> 40794 <reference ref_id="CVE-2012-2334" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2334" source="CVE"/> 40795 <description> 40796 Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow. 40797 </description> 40798 </metadata> 40799 <!-- 212ca99750b4a43554de347c255f56fb --> 40800 <criteria operator="AND"> 40801 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40802 <criteria operator="OR"> 40803 <criterion test_ref="oval:org.opensuse.security:tst:2009073398" comment="libreoffice-af less than 3.4.5.5-0.7.1"/> 40804 <criterion test_ref="oval:org.opensuse.security:tst:2009073399" comment="libreoffice-ar less than 3.4.5.5-0.7.1"/> 40805 <criterion test_ref="oval:org.opensuse.security:tst:2009073400" comment="libreoffice-ca less than 3.4.5.5-0.7.1"/> 40806 <criterion test_ref="oval:org.opensuse.security:tst:2009073401" comment="libreoffice-cs less than 3.4.5.5-0.7.1"/> 40807 <criterion test_ref="oval:org.opensuse.security:tst:2009073402" comment="libreoffice-da less than 3.4.5.5-0.7.1"/> 40808 <criterion test_ref="oval:org.opensuse.security:tst:2009073403" comment="libreoffice-de less than 3.4.5.5-0.7.1"/> 40809 <criterion test_ref="oval:org.opensuse.security:tst:2009073404" comment="libreoffice-el less than 3.4.5.5-0.7.1"/> 40810 <criterion test_ref="oval:org.opensuse.security:tst:2009073405" comment="libreoffice-en-GB less than 3.4.5.5-0.7.1"/> 40811 <criterion test_ref="oval:org.opensuse.security:tst:2009073406" comment="libreoffice-es less than 3.4.5.5-0.7.1"/> 40812 <criterion test_ref="oval:org.opensuse.security:tst:2009073407" comment="libreoffice-fi less than 3.4.5.5-0.7.1"/> 40813 <criterion test_ref="oval:org.opensuse.security:tst:2009073408" comment="libreoffice-fr less than 3.4.5.5-0.7.1"/> 40814 <criterion test_ref="oval:org.opensuse.security:tst:2009073409" comment="libreoffice-galleries less than 3.4.5.5-0.7.1"/> 40815 <criterion test_ref="oval:org.opensuse.security:tst:2009073410" comment="libreoffice-gnome less than 3.4.5.5-0.7.1"/> 40816 <criterion test_ref="oval:org.opensuse.security:tst:2009073411" comment="libreoffice-gu-IN less than 3.4.5.5-0.7.1"/> 40817 <criterion test_ref="oval:org.opensuse.security:tst:2009073412" comment="libreoffice-hi-IN less than 3.4.5.5-0.7.1"/> 40818 <criterion test_ref="oval:org.opensuse.security:tst:2009073413" comment="libreoffice-hu less than 3.4.5.5-0.7.1"/> 40819 <criterion test_ref="oval:org.opensuse.security:tst:2009073414" comment="libreoffice-it less than 3.4.5.5-0.7.1"/> 40820 <criterion test_ref="oval:org.opensuse.security:tst:2009073415" comment="libreoffice-ja less than 3.4.5.5-0.7.1"/> 40821 <criterion test_ref="oval:org.opensuse.security:tst:2009073416" comment="libreoffice-kde less than 3.4.5.5-0.7.1"/> 40822 <criterion test_ref="oval:org.opensuse.security:tst:2009073417" comment="libreoffice-ko less than 3.4.5.5-0.7.1"/> 40823 <criterion test_ref="oval:org.opensuse.security:tst:2009073418" comment="libreoffice-mono less than 3.4.5.5-0.7.1"/> 40824 <criterion test_ref="oval:org.opensuse.security:tst:2009073419" comment="libreoffice-nb less than 3.4.5.5-0.7.1"/> 40825 <criterion test_ref="oval:org.opensuse.security:tst:2009073420" comment="libreoffice-nl less than 3.4.5.5-0.7.1"/> 40826 <criterion test_ref="oval:org.opensuse.security:tst:2009073421" comment="libreoffice-nn less than 3.4.5.5-0.7.1"/> 40827 <criterion test_ref="oval:org.opensuse.security:tst:2009073422" comment="libreoffice-pl less than 3.4.5.5-0.7.1"/> 40828 <criterion test_ref="oval:org.opensuse.security:tst:2009073423" comment="libreoffice-pt-BR less than 3.4.5.5-0.7.1"/> 40829 <criterion test_ref="oval:org.opensuse.security:tst:2009073424" comment="libreoffice-ru less than 3.4.5.5-0.7.1"/> 40830 <criterion test_ref="oval:org.opensuse.security:tst:2009073425" comment="libreoffice-sk less than 3.4.5.5-0.7.1"/> 40831 <criterion test_ref="oval:org.opensuse.security:tst:2009073426" comment="libreoffice-sv less than 3.4.5.5-0.7.1"/> 40832 <criterion test_ref="oval:org.opensuse.security:tst:2009073427" comment="libreoffice-xh less than 3.4.5.5-0.7.1"/> 40833 <criterion test_ref="oval:org.opensuse.security:tst:2009073428" comment="libreoffice-zh-CN less than 3.4.5.5-0.7.1"/> 40834 <criterion test_ref="oval:org.opensuse.security:tst:2009073429" comment="libreoffice-zh-TW less than 3.4.5.5-0.7.1"/> 40835 <criterion test_ref="oval:org.opensuse.security:tst:2009073430" comment="libreoffice-zu less than 3.4.5.5-0.7.1"/> 40836 <criterion test_ref="oval:org.opensuse.security:tst:2009073431" comment="libreoffice less than 3.4.5.5-0.7.1"/> 40837 </criteria> 40838 </criteria> 40839 </definition> 40840 <definition id="oval:org.opensuse.security:def:20122337" version="1" class="vulnerability"> 40841 <metadata> 40842 <title>CVE-2012-2337</title> 40843 <affected family="unix"> 40844 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40845 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40846 </affected> 40847 <reference ref_id="CVE-2012-2337" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2337" source="CVE"/> 40848 <description> 40849 sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address. 40850 </description> 40851 </metadata> 40852 <!-- 763144fd2d9bb1af8ff74b0b10f47530 --> 40853 <criteria operator="AND"> 40854 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40855 <criterion test_ref="oval:org.opensuse.security:tst:2009074313" comment="sudo less than 1.6.9p23-0.14.1"/> 40856 </criteria> 40857 </definition> 40858 <definition id="oval:org.opensuse.security:def:20122370" version="1" class="vulnerability"> 40859 <metadata> 40860 <title>CVE-2012-2370</title> 40861 <affected family="unix"> 40862 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40863 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40864 </affected> 40865 <reference ref_id="CVE-2012-2370" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2370" source="CVE"/> 40866 <description> 40867 Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow. 40868 </description> 40869 </metadata> 40870 <criteria operator="OR"> 40871 <!-- 1e4fac303fda249f28a90f89a7455837 --> 40872 <criteria operator="AND"> 40873 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40874 <criteria operator="OR"> 40875 <criterion test_ref="oval:org.opensuse.security:tst:2009074864" comment="gdk-pixbuf-32bit less than 0.22.0-93.9.1"/> 40876 <criterion test_ref="oval:org.opensuse.security:tst:2009074865" comment="gdk-pixbuf less than 0.22.0-93.9.1"/> 40877 </criteria> 40878 </criteria> 40879 <!-- d761cd6e1a31389dc3a2d6c8c56cdbd3 --> 40880 <criteria operator="AND"> 40881 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40882 <criteria operator="OR"> 40883 <criterion test_ref="oval:org.opensuse.security:tst:2009074866" comment="gtk2-32bit less than 2.8.11-0.29.2"/> 40884 <criterion test_ref="oval:org.opensuse.security:tst:2009074867" comment="gtk2-devel less than 2.8.11-0.29.2"/> 40885 <criterion test_ref="oval:org.opensuse.security:tst:2009074868" comment="gtk2-doc less than 2.8.11-0.29.2"/> 40886 <criterion test_ref="oval:org.opensuse.security:tst:2009074869" comment="gtk2 less than 2.8.11-0.29.2"/> 40887 </criteria> 40888 </criteria> 40889 </criteria> 40890 </definition> 40891 <definition id="oval:org.opensuse.security:def:20122392" version="1" class="vulnerability"> 40892 <metadata> 40893 <title>CVE-2012-2392</title> 40894 <affected family="unix"> 40895 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40896 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40897 </affected> 40898 <reference ref_id="CVE-2012-2392" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2392" source="CVE"/> 40899 <description> 40900 Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors. 40901 </description> 40902 </metadata> 40903 <!-- 5983708b2e2f0e4b7509a75f22ba2a57 --> 40904 <criteria operator="AND"> 40905 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40906 <criterion test_ref="oval:org.opensuse.security:tst:2009074787" comment="wireshark less than 1.4.13-0.5.1"/> 40907 </criteria> 40908 </definition> 40909 <definition id="oval:org.opensuse.security:def:20122393" version="1" class="vulnerability"> 40910 <metadata> 40911 <title>CVE-2012-2393</title> 40912 <affected family="unix"> 40913 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40914 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40915 </affected> 40916 <reference ref_id="CVE-2012-2393" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2393" source="CVE"/> 40917 <description> 40918 epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 does not properly construct certain array data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers incorrect memory allocation. 40919 </description> 40920 </metadata> 40921 <!-- 5983708b2e2f0e4b7509a75f22ba2a57 --> 40922 <criteria operator="AND"> 40923 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40924 <criterion test_ref="oval:org.opensuse.security:tst:2009074787" comment="wireshark less than 1.4.13-0.5.1"/> 40925 </criteria> 40926 </definition> 40927 <definition id="oval:org.opensuse.security:def:20122394" version="1" class="vulnerability"> 40928 <metadata> 40929 <title>CVE-2012-2394</title> 40930 <affected family="unix"> 40931 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40932 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40933 </affected> 40934 <reference ref_id="CVE-2012-2394" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2394" source="CVE"/> 40935 <description> 40936 Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a (1) ICMP or (2) ICMPv6 Echo Request packet. 40937 </description> 40938 </metadata> 40939 <!-- 5983708b2e2f0e4b7509a75f22ba2a57 --> 40940 <criteria operator="AND"> 40941 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40942 <criterion test_ref="oval:org.opensuse.security:tst:2009074787" comment="wireshark less than 1.4.13-0.5.1"/> 40943 </criteria> 40944 </definition> 40945 <definition id="oval:org.opensuse.security:def:20122625" version="1" class="vulnerability"> 40946 <metadata> 40947 <title>CVE-2012-2625</title> 40948 <affected family="unix"> 40949 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40950 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40951 </affected> 40952 <reference ref_id="CVE-2012-2625" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2625" source="CVE"/> 40953 <description> 40954 The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service (memory consumption) via a large (1) bzip2 or (2) lzma compressed kernel image. 40955 </description> 40956 </metadata> 40957 <!-- 7abce5ad0bd27a8e2084fe946c37389f --> 40958 <criteria operator="AND"> 40959 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40960 <criteria operator="OR"> 40961 <criterion test_ref="oval:org.opensuse.security:tst:2009107378" comment="xen-devel less than 3.2.3_17040_40-0.7.2"/> 40962 <criterion test_ref="oval:org.opensuse.security:tst:2009107379" comment="xen-doc-html less than 3.2.3_17040_40-0.7.2"/> 40963 <criterion test_ref="oval:org.opensuse.security:tst:2009107380" comment="xen-doc-pdf less than 3.2.3_17040_40-0.7.2"/> 40964 <criterion test_ref="oval:org.opensuse.security:tst:2009107381" comment="xen-doc-ps less than 3.2.3_17040_40-0.7.2"/> 40965 <criterion test_ref="oval:org.opensuse.security:tst:2009107382" comment="xen-kmp-bigsmp less than 3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2"/> 40966 <criterion test_ref="oval:org.opensuse.security:tst:2009107383" comment="xen-kmp-default less than 3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2"/> 40967 <criterion test_ref="oval:org.opensuse.security:tst:2009107384" comment="xen-kmp-smp less than 3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2"/> 40968 <criterion test_ref="oval:org.opensuse.security:tst:2009107385" comment="xen-libs-32bit less than 3.2.3_17040_40-0.7.2"/> 40969 <criterion test_ref="oval:org.opensuse.security:tst:2009107386" comment="xen-libs less than 3.2.3_17040_40-0.7.2"/> 40970 <criterion test_ref="oval:org.opensuse.security:tst:2009107387" comment="xen-tools-domU less than 3.2.3_17040_40-0.7.2"/> 40971 <criterion test_ref="oval:org.opensuse.security:tst:2009107388" comment="xen-tools-ioemu less than 3.2.3_17040_40-0.7.2"/> 40972 <criterion test_ref="oval:org.opensuse.security:tst:2009107389" comment="xen-tools less than 3.2.3_17040_40-0.7.2"/> 40973 <criterion test_ref="oval:org.opensuse.security:tst:2009107390" comment="xen less than 3.2.3_17040_40-0.7.2"/> 40974 </criteria> 40975 </criteria> 40976 </definition> 40977 <definition id="oval:org.opensuse.security:def:20122655" version="1" class="vulnerability"> 40978 <metadata> 40979 <title>CVE-2012-2655</title> 40980 <affected family="unix"> 40981 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 40982 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 40983 </affected> 40984 <reference ref_id="CVE-2012-2655" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2655" source="CVE"/> 40985 <description> 40986 PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY DEFINER or (2) SET attributes to a procedural language's call handler. 40987 </description> 40988 </metadata> 40989 <!-- ee84db0d1f4471abd4ab51536636eb1e --> 40990 <criteria operator="AND"> 40991 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 40992 <criteria operator="OR"> 40993 <criterion test_ref="oval:org.opensuse.security:tst:2009075806" comment="postgresql-devel less than 8.1.23-0.11.1"/> 40994 <criterion test_ref="oval:org.opensuse.security:tst:2009075807" comment="postgresql-libs-32bit less than 8.1.23-0.11.1"/> 40995 <criterion test_ref="oval:org.opensuse.security:tst:2009075808" comment="postgresql-libs less than 8.1.23-0.11.1"/> 40996 </criteria> 40997 </criteria> 40998 </definition> 40999 <definition id="oval:org.opensuse.security:def:20122663" version="1" class="vulnerability"> 41000 <metadata> 41001 <title>CVE-2012-2663</title> 41002 <affected family="unix"> 41003 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41004 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41005 </affected> 41006 <reference ref_id="CVE-2012-2663" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2663" source="CVE"/> 41007 <description> 41008 extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant. 41009 </description> 41010 </metadata> 41011 <criteria operator="OR"> 41012 <!-- 9dc087603b172b449aa9a07b548bf3cf --> 41013 <criteria operator="AND"> 41014 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41015 <criteria operator="OR"> 41016 <criterion test_ref="oval:org.opensuse.security:tst:2009075850" comment="kernel-bigsmp less than 2.6.16.60-0.99.1"/> 41017 <criterion test_ref="oval:org.opensuse.security:tst:2009075851" comment="kernel-default less than 2.6.16.60-0.99.1"/> 41018 <criterion test_ref="oval:org.opensuse.security:tst:2009075852" comment="kernel-smp less than 2.6.16.60-0.99.1"/> 41019 <criterion test_ref="oval:org.opensuse.security:tst:2009075853" comment="kernel-source less than 2.6.16.60-0.99.1"/> 41020 <criterion test_ref="oval:org.opensuse.security:tst:2009075854" comment="kernel-syms less than 2.6.16.60-0.99.1"/> 41021 <criterion test_ref="oval:org.opensuse.security:tst:2009075855" comment="kernel-xen less than 2.6.16.60-0.99.1"/> 41022 <criterion test_ref="oval:org.opensuse.security:tst:2009075856" comment="kernel-xenpae less than 2.6.16.60-0.99.1"/> 41023 </criteria> 41024 </criteria> 41025 <!-- c77cfcc87d8e54df006cb42c12c2fadb --> 41026 <criteria operator="AND"> 41027 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41028 <criteria operator="OR"> 41029 <criterion test_ref="oval:org.opensuse.security:tst:2009075851" comment="kernel-default less than 2.6.16.60-0.99.1"/> 41030 <criterion test_ref="oval:org.opensuse.security:tst:2009075852" comment="kernel-smp less than 2.6.16.60-0.99.1"/> 41031 <criterion test_ref="oval:org.opensuse.security:tst:2009075853" comment="kernel-source less than 2.6.16.60-0.99.1"/> 41032 <criterion test_ref="oval:org.opensuse.security:tst:2009075854" comment="kernel-syms less than 2.6.16.60-0.99.1"/> 41033 <criterion test_ref="oval:org.opensuse.security:tst:2009075855" comment="kernel-xen less than 2.6.16.60-0.99.1"/> 41034 </criteria> 41035 </criteria> 41036 </criteria> 41037 </definition> 41038 <definition id="oval:org.opensuse.security:def:20122665" version="1" class="vulnerability"> 41039 <metadata> 41040 <title>CVE-2012-2665</title> 41041 <affected family="unix"> 41042 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41043 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41044 </affected> 41045 <reference ref_id="CVE-2012-2665" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665" source="CVE"/> 41046 <description> 41047 Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Open Document Text (.odt) file with (1) a child tag within an incorrect parent tag, (2) duplicate tags, or (3) a Base64 ChecksumAttribute whose length is not evenly divisible by four. 41048 </description> 41049 </metadata> 41050 <!-- 959bec0aafc9124aee7f95faeb6d3285 --> 41051 <criteria operator="AND"> 41052 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41053 <criteria operator="OR"> 41054 <criterion test_ref="oval:org.opensuse.security:tst:2009075068" comment="libreoffice-af less than 3.5.4.7-0.7.1"/> 41055 <criterion test_ref="oval:org.opensuse.security:tst:2009075069" comment="libreoffice-ar less than 3.5.4.7-0.7.1"/> 41056 <criterion test_ref="oval:org.opensuse.security:tst:2009075070" comment="libreoffice-ca less than 3.5.4.7-0.7.1"/> 41057 <criterion test_ref="oval:org.opensuse.security:tst:2009075071" comment="libreoffice-cs less than 3.5.4.7-0.7.1"/> 41058 <criterion test_ref="oval:org.opensuse.security:tst:2009075072" comment="libreoffice-da less than 3.5.4.7-0.7.1"/> 41059 <criterion test_ref="oval:org.opensuse.security:tst:2009075073" comment="libreoffice-de less than 3.5.4.7-0.7.1"/> 41060 <criterion test_ref="oval:org.opensuse.security:tst:2009075074" comment="libreoffice-el less than 3.5.4.7-0.7.1"/> 41061 <criterion test_ref="oval:org.opensuse.security:tst:2009075075" comment="libreoffice-en-GB less than 3.5.4.7-0.7.1"/> 41062 <criterion test_ref="oval:org.opensuse.security:tst:2009075076" comment="libreoffice-es less than 3.5.4.7-0.7.1"/> 41063 <criterion test_ref="oval:org.opensuse.security:tst:2009075077" comment="libreoffice-fi less than 3.5.4.7-0.7.1"/> 41064 <criterion test_ref="oval:org.opensuse.security:tst:2009075078" comment="libreoffice-fr less than 3.5.4.7-0.7.1"/> 41065 <criterion test_ref="oval:org.opensuse.security:tst:2009075079" comment="libreoffice-galleries less than 3.5.4.7-0.7.1"/> 41066 <criterion test_ref="oval:org.opensuse.security:tst:2009075080" comment="libreoffice-gnome less than 3.5.4.7-0.7.1"/> 41067 <criterion test_ref="oval:org.opensuse.security:tst:2009075081" comment="libreoffice-gu-IN less than 3.5.4.7-0.7.1"/> 41068 <criterion test_ref="oval:org.opensuse.security:tst:2009075082" comment="libreoffice-hi-IN less than 3.5.4.7-0.7.1"/> 41069 <criterion test_ref="oval:org.opensuse.security:tst:2009075083" comment="libreoffice-hu less than 3.5.4.7-0.7.1"/> 41070 <criterion test_ref="oval:org.opensuse.security:tst:2009075084" comment="libreoffice-it less than 3.5.4.7-0.7.1"/> 41071 <criterion test_ref="oval:org.opensuse.security:tst:2009075085" comment="libreoffice-ja less than 3.5.4.7-0.7.1"/> 41072 <criterion test_ref="oval:org.opensuse.security:tst:2009075086" comment="libreoffice-kde less than 3.5.4.7-0.7.1"/> 41073 <criterion test_ref="oval:org.opensuse.security:tst:2009075087" comment="libreoffice-ko less than 3.5.4.7-0.7.1"/> 41074 <criterion test_ref="oval:org.opensuse.security:tst:2009075088" comment="libreoffice-mono less than 3.5.4.7-0.7.1"/> 41075 <criterion test_ref="oval:org.opensuse.security:tst:2009075089" comment="libreoffice-nb less than 3.5.4.7-0.7.1"/> 41076 <criterion test_ref="oval:org.opensuse.security:tst:2009075090" comment="libreoffice-nl less than 3.5.4.7-0.7.1"/> 41077 <criterion test_ref="oval:org.opensuse.security:tst:2009075091" comment="libreoffice-nn less than 3.5.4.7-0.7.1"/> 41078 <criterion test_ref="oval:org.opensuse.security:tst:2009075092" comment="libreoffice-pl less than 3.5.4.7-0.7.1"/> 41079 <criterion test_ref="oval:org.opensuse.security:tst:2009075093" comment="libreoffice-pt-BR less than 3.5.4.7-0.7.1"/> 41080 <criterion test_ref="oval:org.opensuse.security:tst:2009075094" comment="libreoffice-ru less than 3.5.4.7-0.7.1"/> 41081 <criterion test_ref="oval:org.opensuse.security:tst:2009075095" comment="libreoffice-sk less than 3.5.4.7-0.7.1"/> 41082 <criterion test_ref="oval:org.opensuse.security:tst:2009075096" comment="libreoffice-sv less than 3.5.4.7-0.7.1"/> 41083 <criterion test_ref="oval:org.opensuse.security:tst:2009075097" comment="libreoffice-xh less than 3.5.4.7-0.7.1"/> 41084 <criterion test_ref="oval:org.opensuse.security:tst:2009075098" comment="libreoffice-zh-CN less than 3.5.4.7-0.7.1"/> 41085 <criterion test_ref="oval:org.opensuse.security:tst:2009075099" comment="libreoffice-zh-TW less than 3.5.4.7-0.7.1"/> 41086 <criterion test_ref="oval:org.opensuse.security:tst:2009075100" comment="libreoffice-zu less than 3.5.4.7-0.7.1"/> 41087 <criterion test_ref="oval:org.opensuse.security:tst:2009075101" comment="libreoffice less than 3.5.4.7-0.7.1"/> 41088 </criteria> 41089 </criteria> 41090 </definition> 41091 <definition id="oval:org.opensuse.security:def:20122677" version="1" class="vulnerability"> 41092 <metadata> 41093 <title>CVE-2012-2677</title> 41094 <affected family="unix"> 41095 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41096 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41097 </affected> 41098 <reference ref_id="CVE-2012-2677" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2677" source="CVE"/> 41099 <description> 41100 Integer overflow in the ordered_malloc function in boost/pool/pool.hpp in Boost Pool before 3.9 makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large memory chunk size value, which causes less memory to be allocated than expected. 41101 </description> 41102 </metadata> 41103 <!-- f7640e04677ae81b96d69003957f49c4 --> 41104 <criteria operator="AND"> 41105 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41106 <criteria operator="OR"> 41107 <criterion test_ref="oval:org.opensuse.security:tst:2009074907" comment="boost-32bit less than 1.33.1-17.15.1"/> 41108 <criterion test_ref="oval:org.opensuse.security:tst:2009074908" comment="boost less than 1.33.1-17.15.1"/> 41109 </criteria> 41110 </criteria> 41111 </definition> 41112 <definition id="oval:org.opensuse.security:def:20122744" version="1" class="vulnerability"> 41113 <metadata> 41114 <title>CVE-2012-2744</title> 41115 <affected family="unix"> 41116 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41117 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41118 </affected> 41119 <reference ref_id="CVE-2012-2744" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2744" source="CVE"/> 41120 <description> 41121 net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux kernel before 2.6.34, when the nf_conntrack_ipv6 module is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via certain types of fragmented IPv6 packets. 41122 </description> 41123 </metadata> 41124 <criteria operator="OR"> 41125 <!-- 9dc087603b172b449aa9a07b548bf3cf --> 41126 <criteria operator="AND"> 41127 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41128 <criteria operator="OR"> 41129 <criterion test_ref="oval:org.opensuse.security:tst:2009075850" comment="kernel-bigsmp less than 2.6.16.60-0.99.1"/> 41130 <criterion test_ref="oval:org.opensuse.security:tst:2009075851" comment="kernel-default less than 2.6.16.60-0.99.1"/> 41131 <criterion test_ref="oval:org.opensuse.security:tst:2009075852" comment="kernel-smp less than 2.6.16.60-0.99.1"/> 41132 <criterion test_ref="oval:org.opensuse.security:tst:2009075853" comment="kernel-source less than 2.6.16.60-0.99.1"/> 41133 <criterion test_ref="oval:org.opensuse.security:tst:2009075854" comment="kernel-syms less than 2.6.16.60-0.99.1"/> 41134 <criterion test_ref="oval:org.opensuse.security:tst:2009075855" comment="kernel-xen less than 2.6.16.60-0.99.1"/> 41135 <criterion test_ref="oval:org.opensuse.security:tst:2009075856" comment="kernel-xenpae less than 2.6.16.60-0.99.1"/> 41136 </criteria> 41137 </criteria> 41138 <!-- c77cfcc87d8e54df006cb42c12c2fadb --> 41139 <criteria operator="AND"> 41140 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41141 <criteria operator="OR"> 41142 <criterion test_ref="oval:org.opensuse.security:tst:2009075851" comment="kernel-default less than 2.6.16.60-0.99.1"/> 41143 <criterion test_ref="oval:org.opensuse.security:tst:2009075852" comment="kernel-smp less than 2.6.16.60-0.99.1"/> 41144 <criterion test_ref="oval:org.opensuse.security:tst:2009075853" comment="kernel-source less than 2.6.16.60-0.99.1"/> 41145 <criterion test_ref="oval:org.opensuse.security:tst:2009075854" comment="kernel-syms less than 2.6.16.60-0.99.1"/> 41146 <criterion test_ref="oval:org.opensuse.security:tst:2009075855" comment="kernel-xen less than 2.6.16.60-0.99.1"/> 41147 </criteria> 41148 </criteria> 41149 </criteria> 41150 </definition> 41151 <definition id="oval:org.opensuse.security:def:20122806" version="1" class="vulnerability"> 41152 <metadata> 41153 <title>CVE-2012-2806</title> 41154 <affected family="unix"> 41155 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41156 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41157 </affected> 41158 <reference ref_id="CVE-2012-2806" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2806" source="CVE"/> 41159 <description> 41160 Heap-based buffer overflow in the get_sos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large component count in the header of a JPEG image. 41161 </description> 41162 </metadata> 41163 <!-- 93ef07584e8267eac2fbd3642ae99254 --> 41164 <criteria operator="AND"> 41165 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41166 <criteria operator="OR"> 41167 <criterion test_ref="oval:org.opensuse.security:tst:2009075201" comment="jpeg less than 6b-752.8.45"/> 41168 <criterion test_ref="oval:org.opensuse.security:tst:2009075202" comment="libjpeg-32bit less than 6.2.0-752.8.45"/> 41169 <criterion test_ref="oval:org.opensuse.security:tst:2009075203" comment="libjpeg-devel-32bit less than 6.2.0-18.8.45"/> 41170 <criterion test_ref="oval:org.opensuse.security:tst:2009075204" comment="libjpeg-devel less than 6.2.0-18.8.45"/> 41171 <criterion test_ref="oval:org.opensuse.security:tst:2009075205" comment="libjpeg less than 6.2.0-752.8.45"/> 41172 </criteria> 41173 </criteria> 41174 </definition> 41175 <definition id="oval:org.opensuse.security:def:20122807" version="1" class="vulnerability"> 41176 <metadata> 41177 <title>CVE-2012-2807</title> 41178 <affected family="unix"> 41179 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41180 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41181 </affected> 41182 <reference ref_id="CVE-2012-2807" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2807" source="CVE"/> 41183 <description> 41184 Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. 41185 </description> 41186 </metadata> 41187 <!-- e380dcebcb29c98b9351f36692fef4a7 --> 41188 <criteria operator="AND"> 41189 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41190 <criteria operator="OR"> 41191 <criterion test_ref="oval:org.opensuse.security:tst:2009075509" comment="libxml2-32bit less than 2.6.23-15.33.17"/> 41192 <criterion test_ref="oval:org.opensuse.security:tst:2009075510" comment="libxml2-devel-32bit less than 2.6.23-15.33.17"/> 41193 <criterion test_ref="oval:org.opensuse.security:tst:2009075511" comment="libxml2-devel less than 2.6.23-15.33.17"/> 41194 <criterion test_ref="oval:org.opensuse.security:tst:2009075512" comment="libxml2 less than 2.6.23-15.33.17"/> 41195 </criteria> 41196 </criteria> 41197 </definition> 41198 <definition id="oval:org.opensuse.security:def:20122812" version="1" class="vulnerability"> 41199 <metadata> 41200 <title>CVE-2012-2812</title> 41201 <affected family="unix"> 41202 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41203 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41204 </affected> 41205 <reference ref_id="CVE-2012-2812" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2812" source="CVE"/> 41206 <description> 41207 The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image. 41208 </description> 41209 </metadata> 41210 <!-- 9eed174e86533459e960c872be45c510 --> 41211 <criteria operator="AND"> 41212 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41213 <criteria operator="OR"> 41214 <criterion test_ref="oval:org.opensuse.security:tst:2009075012" comment="libexif-32bit less than 0.6.13-20.14.1"/> 41215 <criterion test_ref="oval:org.opensuse.security:tst:2009075013" comment="libexif less than 0.6.13-20.14.1"/> 41216 </criteria> 41217 </criteria> 41218 </definition> 41219 <definition id="oval:org.opensuse.security:def:20122814" version="1" class="vulnerability"> 41220 <metadata> 41221 <title>CVE-2012-2814</title> 41222 <affected family="unix"> 41223 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41224 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41225 </affected> 41226 <reference ref_id="CVE-2012-2814" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2814" source="CVE"/> 41227 <description> 41228 Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image. 41229 </description> 41230 </metadata> 41231 <!-- 9eed174e86533459e960c872be45c510 --> 41232 <criteria operator="AND"> 41233 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41234 <criteria operator="OR"> 41235 <criterion test_ref="oval:org.opensuse.security:tst:2009075012" comment="libexif-32bit less than 0.6.13-20.14.1"/> 41236 <criterion test_ref="oval:org.opensuse.security:tst:2009075013" comment="libexif less than 0.6.13-20.14.1"/> 41237 </criteria> 41238 </criteria> 41239 </definition> 41240 <definition id="oval:org.opensuse.security:def:20122825" version="1" class="vulnerability"> 41241 <metadata> 41242 <title>CVE-2012-2825</title> 41243 <affected family="unix"> 41244 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41245 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41246 </affected> 41247 <reference ref_id="CVE-2012-2825" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2825" source="CVE"/> 41248 <description> 41249 The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors. 41250 </description> 41251 </metadata> 41252 <!-- bfb749443a7fe15c20cde485a0b1485b --> 41253 <criteria operator="AND"> 41254 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41255 <criteria operator="OR"> 41256 <criterion test_ref="oval:org.opensuse.security:tst:2009075014" comment="libxslt-32bit less than 1.1.15-15.18.4"/> 41257 <criterion test_ref="oval:org.opensuse.security:tst:2009075015" comment="libxslt-devel-32bit less than 1.1.15-15.18.4"/> 41258 <criterion test_ref="oval:org.opensuse.security:tst:2009075016" comment="libxslt-devel less than 1.1.15-15.18.4"/> 41259 <criterion test_ref="oval:org.opensuse.security:tst:2009075017" comment="libxslt less than 1.1.15-15.18.4"/> 41260 </criteria> 41261 </criteria> 41262 </definition> 41263 <definition id="oval:org.opensuse.security:def:20122836" version="1" class="vulnerability"> 41264 <metadata> 41265 <title>CVE-2012-2836</title> 41266 <affected family="unix"> 41267 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41268 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41269 </affected> 41270 <reference ref_id="CVE-2012-2836" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2836" source="CVE"/> 41271 <description> 41272 The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image. 41273 </description> 41274 </metadata> 41275 <!-- 9eed174e86533459e960c872be45c510 --> 41276 <criteria operator="AND"> 41277 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41278 <criteria operator="OR"> 41279 <criterion test_ref="oval:org.opensuse.security:tst:2009075012" comment="libexif-32bit less than 0.6.13-20.14.1"/> 41280 <criterion test_ref="oval:org.opensuse.security:tst:2009075013" comment="libexif less than 0.6.13-20.14.1"/> 41281 </criteria> 41282 </criteria> 41283 </definition> 41284 <definition id="oval:org.opensuse.security:def:20122837" version="1" class="vulnerability"> 41285 <metadata> 41286 <title>CVE-2012-2837</title> 41287 <affected family="unix"> 41288 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41289 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41290 </affected> 41291 <reference ref_id="CVE-2012-2837" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2837" source="CVE"/> 41292 <description> 41293 The mnote_olympus_entry_get_value function in olympus/mnote-olympus-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (divide-by-zero error) via an image with crafted EXIF tags that are not properly handled during the formatting of EXIF maker note tags. 41294 </description> 41295 </metadata> 41296 <!-- 9eed174e86533459e960c872be45c510 --> 41297 <criteria operator="AND"> 41298 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41299 <criteria operator="OR"> 41300 <criterion test_ref="oval:org.opensuse.security:tst:2009075012" comment="libexif-32bit less than 0.6.13-20.14.1"/> 41301 <criterion test_ref="oval:org.opensuse.security:tst:2009075013" comment="libexif less than 0.6.13-20.14.1"/> 41302 </criteria> 41303 </criteria> 41304 </definition> 41305 <definition id="oval:org.opensuse.security:def:20122841" version="1" class="vulnerability"> 41306 <metadata> 41307 <title>CVE-2012-2841</title> 41308 <affected family="unix"> 41309 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41310 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41311 </affected> 41312 <reference ref_id="CVE-2012-2841" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2841" source="CVE"/> 41313 <description> 41314 Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer overflow. 41315 </description> 41316 </metadata> 41317 <!-- 9eed174e86533459e960c872be45c510 --> 41318 <criteria operator="AND"> 41319 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41320 <criteria operator="OR"> 41321 <criterion test_ref="oval:org.opensuse.security:tst:2009075012" comment="libexif-32bit less than 0.6.13-20.14.1"/> 41322 <criterion test_ref="oval:org.opensuse.security:tst:2009075013" comment="libexif less than 0.6.13-20.14.1"/> 41323 </criteria> 41324 </criteria> 41325 </definition> 41326 <definition id="oval:org.opensuse.security:def:20122934" version="1" class="vulnerability"> 41327 <metadata> 41328 <title>CVE-2012-2934</title> 41329 <affected family="unix"> 41330 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41331 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41332 </affected> 41333 <reference ref_id="CVE-2012-2934" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2934" source="CVE"/> 41334 <description> 41335 Xen 4.0, and 4.1, when running a 64-bit PV guest on "older" AMD CPUs, does not properly protect against a certain AMD processor bug, which allows local guest OS users to cause a denial of service (host hang) via sequential execution of instructions across a non-canonical boundary, a different vulnerability than CVE-2012-0217. 41336 </description> 41337 </metadata> 41338 <!-- c25fa3090bc865a8836ebaff073cd9b6 --> 41339 <criteria operator="AND"> 41340 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41341 <criteria operator="OR"> 41342 <criterion test_ref="oval:org.opensuse.security:tst:2009074544" comment="xen-devel less than 3.2.3_17040_38-0.11.1"/> 41343 <criterion test_ref="oval:org.opensuse.security:tst:2009074545" comment="xen-doc-html less than 3.2.3_17040_38-0.11.1"/> 41344 <criterion test_ref="oval:org.opensuse.security:tst:2009074546" comment="xen-doc-pdf less than 3.2.3_17040_38-0.11.1"/> 41345 <criterion test_ref="oval:org.opensuse.security:tst:2009074547" comment="xen-doc-ps less than 3.2.3_17040_38-0.11.1"/> 41346 <criterion test_ref="oval:org.opensuse.security:tst:2009074548" comment="xen-kmp-bigsmp less than 3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1"/> 41347 <criterion test_ref="oval:org.opensuse.security:tst:2009074549" comment="xen-kmp-default less than 3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1"/> 41348 <criterion test_ref="oval:org.opensuse.security:tst:2009074550" comment="xen-kmp-smp less than 3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1"/> 41349 <criterion test_ref="oval:org.opensuse.security:tst:2009074551" comment="xen-libs-32bit less than 3.2.3_17040_38-0.11.1"/> 41350 <criterion test_ref="oval:org.opensuse.security:tst:2009074552" comment="xen-libs less than 3.2.3_17040_38-0.11.1"/> 41351 <criterion test_ref="oval:org.opensuse.security:tst:2009074553" comment="xen-tools-domU less than 3.2.3_17040_38-0.11.1"/> 41352 <criterion test_ref="oval:org.opensuse.security:tst:2009074554" comment="xen-tools-ioemu less than 3.2.3_17040_38-0.11.1"/> 41353 <criterion test_ref="oval:org.opensuse.security:tst:2009074555" comment="xen-tools less than 3.2.3_17040_38-0.11.1"/> 41354 <criterion test_ref="oval:org.opensuse.security:tst:2009074556" comment="xen less than 3.2.3_17040_38-0.11.1"/> 41355 </criteria> 41356 </criteria> 41357 </definition> 41358 <definition id="oval:org.opensuse.security:def:20123143" version="1" class="vulnerability"> 41359 <metadata> 41360 <title>CVE-2012-3143</title> 41361 <affected family="unix"> 41362 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41363 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41364 </affected> 41365 <reference ref_id="CVE-2012-3143" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3143" source="CVE"/> 41366 <description> 41367 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX. 41368 </description> 41369 </metadata> 41370 <!-- bb56b08850390b907db4d458f187e204 --> 41371 <criteria operator="AND"> 41372 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41373 <criteria operator="OR"> 41374 <criterion test_ref="oval:org.opensuse.security:tst:2009076041" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr15.0-0.5.1"/> 41375 <criterion test_ref="oval:org.opensuse.security:tst:2009076042" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr15.0-0.5.1"/> 41376 <criterion test_ref="oval:org.opensuse.security:tst:2009076043" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr15.0-0.5.1"/> 41377 <criterion test_ref="oval:org.opensuse.security:tst:2009076044" comment="java-1_5_0-ibm-demo less than 1.5.0_sr15.0-0.5.1"/> 41378 <criterion test_ref="oval:org.opensuse.security:tst:2009076045" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr15.0-0.5.1"/> 41379 <criterion test_ref="oval:org.opensuse.security:tst:2009076046" comment="java-1_5_0-ibm-devel less than 1.5.0_sr15.0-0.5.1"/> 41380 <criterion test_ref="oval:org.opensuse.security:tst:2009076047" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr15.0-0.5.1"/> 41381 <criterion test_ref="oval:org.opensuse.security:tst:2009076048" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr15.0-0.5.1"/> 41382 <criterion test_ref="oval:org.opensuse.security:tst:2009076049" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr15.0-0.5.1"/> 41383 <criterion test_ref="oval:org.opensuse.security:tst:2009076050" comment="java-1_5_0-ibm-src less than 1.5.0_sr15.0-0.5.1"/> 41384 <criterion test_ref="oval:org.opensuse.security:tst:2009076051" comment="java-1_5_0-ibm less than 1.5.0_sr15.0-0.5.1"/> 41385 </criteria> 41386 </criteria> 41387 </definition> 41388 <definition id="oval:org.opensuse.security:def:20123174" version="1" class="vulnerability"> 41389 <metadata> 41390 <title>CVE-2012-3174</title> 41391 <affected family="unix"> 41392 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41393 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41394 </affected> 41395 <reference ref_id="CVE-2012-3174" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3174" source="CVE"/> 41396 <description> 41397 Unspecified vulnerability in Oracle Java 7 before Update 11 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-0422. NOTE: some parties have mapped CVE-2012-3174 to an issue involving recursive use of the Reflection API, but that issue is already covered as part of CVE-2013-0422. This identifier is for a different vulnerability whose details are not public as of 20130114. 41398 </description> 41399 </metadata> 41400 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 41401 <criteria operator="AND"> 41402 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41403 <criteria operator="OR"> 41404 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 41405 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 41406 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 41407 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 41408 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 41409 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 41410 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 41411 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 41412 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 41413 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 41414 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 41415 </criteria> 41416 </criteria> 41417 </definition> 41418 <definition id="oval:org.opensuse.security:def:20123216" version="1" class="vulnerability"> 41419 <metadata> 41420 <title>CVE-2012-3216</title> 41421 <affected family="unix"> 41422 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41423 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41424 </affected> 41425 <reference ref_id="CVE-2012-3216" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3216" source="CVE"/> 41426 <description> 41427 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. 41428 </description> 41429 </metadata> 41430 <!-- bb56b08850390b907db4d458f187e204 --> 41431 <criteria operator="AND"> 41432 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41433 <criteria operator="OR"> 41434 <criterion test_ref="oval:org.opensuse.security:tst:2009076041" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr15.0-0.5.1"/> 41435 <criterion test_ref="oval:org.opensuse.security:tst:2009076042" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr15.0-0.5.1"/> 41436 <criterion test_ref="oval:org.opensuse.security:tst:2009076043" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr15.0-0.5.1"/> 41437 <criterion test_ref="oval:org.opensuse.security:tst:2009076044" comment="java-1_5_0-ibm-demo less than 1.5.0_sr15.0-0.5.1"/> 41438 <criterion test_ref="oval:org.opensuse.security:tst:2009076045" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr15.0-0.5.1"/> 41439 <criterion test_ref="oval:org.opensuse.security:tst:2009076046" comment="java-1_5_0-ibm-devel less than 1.5.0_sr15.0-0.5.1"/> 41440 <criterion test_ref="oval:org.opensuse.security:tst:2009076047" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr15.0-0.5.1"/> 41441 <criterion test_ref="oval:org.opensuse.security:tst:2009076048" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr15.0-0.5.1"/> 41442 <criterion test_ref="oval:org.opensuse.security:tst:2009076049" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr15.0-0.5.1"/> 41443 <criterion test_ref="oval:org.opensuse.security:tst:2009076050" comment="java-1_5_0-ibm-src less than 1.5.0_sr15.0-0.5.1"/> 41444 <criterion test_ref="oval:org.opensuse.security:tst:2009076051" comment="java-1_5_0-ibm less than 1.5.0_sr15.0-0.5.1"/> 41445 </criteria> 41446 </criteria> 41447 </definition> 41448 <definition id="oval:org.opensuse.security:def:20123236" version="1" class="vulnerability"> 41449 <metadata> 41450 <title>CVE-2012-3236</title> 41451 <affected family="unix"> 41452 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41453 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41454 </affected> 41455 <reference ref_id="CVE-2012-3236" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3236" source="CVE"/> 41456 <description> 41457 fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed XTENSION header of a .fit file, as demonstrated using a long string. 41458 </description> 41459 </metadata> 41460 <!-- 715b3dd4ca6fcd9560aab8f12c861f37 --> 41461 <criteria operator="AND"> 41462 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41463 <criteria operator="OR"> 41464 <criterion test_ref="oval:org.opensuse.security:tst:2009075146" comment="gimp-devel less than 2.2.10-22.42.1"/> 41465 <criterion test_ref="oval:org.opensuse.security:tst:2009075147" comment="gimp less than 2.2.10-22.42.1"/> 41466 </criteria> 41467 </criteria> 41468 </definition> 41469 <definition id="oval:org.opensuse.security:def:20123374" version="1" class="vulnerability"> 41470 <metadata> 41471 <title>CVE-2012-3374</title> 41472 <affected family="unix"> 41473 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41474 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41475 </affected> 41476 <reference ref_id="CVE-2012-3374" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3374" source="CVE"/> 41477 <description> 41478 Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message. 41479 </description> 41480 </metadata> 41481 <!-- 6cdbffccfb7e818b850e497dc8f94724 --> 41482 <criteria operator="AND"> 41483 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41484 <criteria operator="OR"> 41485 <criterion test_ref="oval:org.opensuse.security:tst:2009074959" comment="finch less than 2.6.6-0.18.1"/> 41486 <criterion test_ref="oval:org.opensuse.security:tst:2009074960" comment="libpurple less than 2.6.6-0.18.1"/> 41487 <criterion test_ref="oval:org.opensuse.security:tst:2009074961" comment="pidgin less than 2.6.6-0.18.1"/> 41488 </criteria> 41489 </criteria> 41490 </definition> 41491 <definition id="oval:org.opensuse.security:def:20123400" version="1" class="vulnerability"> 41492 <metadata> 41493 <title>CVE-2012-3400</title> 41494 <affected family="unix"> 41495 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41496 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41497 </affected> 41498 <reference ref_id="CVE-2012-3400" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3400" source="CVE"/> 41499 <description> 41500 Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem. 41501 </description> 41502 </metadata> 41503 <criteria operator="OR"> 41504 <!-- 9dc087603b172b449aa9a07b548bf3cf --> 41505 <criteria operator="AND"> 41506 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41507 <criteria operator="OR"> 41508 <criterion test_ref="oval:org.opensuse.security:tst:2009075850" comment="kernel-bigsmp less than 2.6.16.60-0.99.1"/> 41509 <criterion test_ref="oval:org.opensuse.security:tst:2009075851" comment="kernel-default less than 2.6.16.60-0.99.1"/> 41510 <criterion test_ref="oval:org.opensuse.security:tst:2009075852" comment="kernel-smp less than 2.6.16.60-0.99.1"/> 41511 <criterion test_ref="oval:org.opensuse.security:tst:2009075853" comment="kernel-source less than 2.6.16.60-0.99.1"/> 41512 <criterion test_ref="oval:org.opensuse.security:tst:2009075854" comment="kernel-syms less than 2.6.16.60-0.99.1"/> 41513 <criterion test_ref="oval:org.opensuse.security:tst:2009075855" comment="kernel-xen less than 2.6.16.60-0.99.1"/> 41514 <criterion test_ref="oval:org.opensuse.security:tst:2009075856" comment="kernel-xenpae less than 2.6.16.60-0.99.1"/> 41515 </criteria> 41516 </criteria> 41517 <!-- c77cfcc87d8e54df006cb42c12c2fadb --> 41518 <criteria operator="AND"> 41519 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41520 <criteria operator="OR"> 41521 <criterion test_ref="oval:org.opensuse.security:tst:2009075851" comment="kernel-default less than 2.6.16.60-0.99.1"/> 41522 <criterion test_ref="oval:org.opensuse.security:tst:2009075852" comment="kernel-smp less than 2.6.16.60-0.99.1"/> 41523 <criterion test_ref="oval:org.opensuse.security:tst:2009075853" comment="kernel-source less than 2.6.16.60-0.99.1"/> 41524 <criterion test_ref="oval:org.opensuse.security:tst:2009075854" comment="kernel-syms less than 2.6.16.60-0.99.1"/> 41525 <criterion test_ref="oval:org.opensuse.security:tst:2009075855" comment="kernel-xen less than 2.6.16.60-0.99.1"/> 41526 </criteria> 41527 </criteria> 41528 </criteria> 41529 </definition> 41530 <definition id="oval:org.opensuse.security:def:20123401" version="1" class="vulnerability"> 41531 <metadata> 41532 <title>CVE-2012-3401</title> 41533 <affected family="unix"> 41534 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41535 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41536 </affected> 41537 <reference ref_id="CVE-2012-3401" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401" source="CVE"/> 41538 <description> 41539 The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow. 41540 </description> 41541 </metadata> 41542 <!-- f8b83ed2a49634464cd29a53ef0fb20a --> 41543 <criteria operator="AND"> 41544 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41545 <criteria operator="OR"> 41546 <criterion test_ref="oval:org.opensuse.security:tst:2009075102" comment="libtiff-32bit less than 3.8.2-5.30.5"/> 41547 <criterion test_ref="oval:org.opensuse.security:tst:2009075103" comment="libtiff-devel less than 3.8.2-5.30.5"/> 41548 <criterion test_ref="oval:org.opensuse.security:tst:2009075104" comment="libtiff less than 3.8.2-5.30.5"/> 41549 </criteria> 41550 </criteria> 41551 </definition> 41552 <definition id="oval:org.opensuse.security:def:20123402" version="1" class="vulnerability"> 41553 <metadata> 41554 <title>CVE-2012-3402</title> 41555 <affected family="unix"> 41556 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41557 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41558 </affected> 41559 <reference ref_id="CVE-2012-3402" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3402" source="CVE"/> 41560 <description> 41561 Integer overflow in plug-ins/common/psd.c in the Adobe Photoshop PSD plugin in GIMP 2.2.13 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted channels header value in a PSD image file, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2009-3909. 41562 </description> 41563 </metadata> 41564 <criteria operator="OR"> 41565 <!-- 12c9a930398cff75c99abf194e212747 --> 41566 <criteria operator="AND"> 41567 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41568 <criteria operator="OR"> 41569 <criterion test_ref="oval:org.opensuse.security:tst:2009075425" comment="gimp-devel less than 2.2.10-22.46.1"/> 41570 <criterion test_ref="oval:org.opensuse.security:tst:2009075426" comment="gimp less than 2.2.10-22.46.1"/> 41571 </criteria> 41572 </criteria> 41573 <!-- 5d18ef4dd81fda3effcb7cb85c6ef536 --> 41574 <criteria operator="AND"> 41575 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41576 <criteria operator="OR"> 41577 <criterion test_ref="oval:org.opensuse.security:tst:2009075266" comment="gimp-devel less than 2.2.10-22.44.1"/> 41578 <criterion test_ref="oval:org.opensuse.security:tst:2009075267" comment="gimp less than 2.2.10-22.44.1"/> 41579 </criteria> 41580 </criteria> 41581 </criteria> 41582 </definition> 41583 <definition id="oval:org.opensuse.security:def:20123403" version="1" class="vulnerability"> 41584 <metadata> 41585 <title>CVE-2012-3403</title> 41586 <affected family="unix"> 41587 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41588 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41589 </affected> 41590 <reference ref_id="CVE-2012-3403" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3403" source="CVE"/> 41591 <description> 41592 Heap-based buffer overflow in the KiSS CEL file format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted KiSS palette file, which triggers an "invalid free." 41593 </description> 41594 </metadata> 41595 <!-- 5d18ef4dd81fda3effcb7cb85c6ef536 --> 41596 <criteria operator="AND"> 41597 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41598 <criteria operator="OR"> 41599 <criterion test_ref="oval:org.opensuse.security:tst:2009075266" comment="gimp-devel less than 2.2.10-22.44.1"/> 41600 <criterion test_ref="oval:org.opensuse.security:tst:2009075267" comment="gimp less than 2.2.10-22.44.1"/> 41601 </criteria> 41602 </criteria> 41603 </definition> 41604 <definition id="oval:org.opensuse.security:def:20123406" version="1" class="vulnerability"> 41605 <metadata> 41606 <title>CVE-2012-3406</title> 41607 <affected family="unix"> 41608 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41609 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41610 </affected> 41611 <reference ref_id="CVE-2012-3406" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3406" source="CVE"/> 41612 <description> 41613 The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405. 41614 </description> 41615 </metadata> 41616 <!-- ae7b2bb12ddda522987dc10489bcbf1f --> 41617 <criteria operator="AND"> 41618 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41619 <criteria operator="OR"> 41620 <criterion test_ref="oval:org.opensuse.security:tst:2009076031" comment="glibc-32bit less than 2.4-31.103.1"/> 41621 <criterion test_ref="oval:org.opensuse.security:tst:2009076032" comment="glibc-devel-32bit less than 2.4-31.103.1"/> 41622 <criterion test_ref="oval:org.opensuse.security:tst:2009076033" comment="glibc-devel less than 2.4-31.103.1"/> 41623 <criterion test_ref="oval:org.opensuse.security:tst:2009076034" comment="glibc-html less than 2.4-31.103.1"/> 41624 <criterion test_ref="oval:org.opensuse.security:tst:2009076035" comment="glibc-i18ndata less than 2.4-31.103.1"/> 41625 <criterion test_ref="oval:org.opensuse.security:tst:2009076036" comment="glibc-info less than 2.4-31.103.1"/> 41626 <criterion test_ref="oval:org.opensuse.security:tst:2009076037" comment="glibc-locale-32bit less than 2.4-31.103.1"/> 41627 <criterion test_ref="oval:org.opensuse.security:tst:2009076038" comment="glibc-locale less than 2.4-31.103.1"/> 41628 <criterion test_ref="oval:org.opensuse.security:tst:2009076039" comment="glibc less than 2.4-31.103.1"/> 41629 <criterion test_ref="oval:org.opensuse.security:tst:2009076040" comment="nscd less than 2.4-31.103.1"/> 41630 </criteria> 41631 </criteria> 41632 </definition> 41633 <definition id="oval:org.opensuse.security:def:20123410" version="1" class="vulnerability"> 41634 <metadata> 41635 <title>CVE-2012-3410</title> 41636 <affected family="unix"> 41637 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41638 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41639 </affected> 41640 <reference ref_id="CVE-2012-3410" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3410" source="CVE"/> 41641 <description> 41642 Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix. 41643 </description> 41644 </metadata> 41645 <!-- 9f2f628509b07725b6cc9d5d8f9ede1a --> 41646 <criteria operator="AND"> 41647 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41648 <criteria operator="OR"> 41649 <criterion test_ref="oval:org.opensuse.security:tst:2009075154" comment="bash less than 3.1-24.30.1"/> 41650 <criterion test_ref="oval:org.opensuse.security:tst:2009075155" comment="readline-32bit less than 5.1-24.30.1"/> 41651 <criterion test_ref="oval:org.opensuse.security:tst:2009075156" comment="readline-devel-32bit less than 5.1-24.30.1"/> 41652 <criterion test_ref="oval:org.opensuse.security:tst:2009075157" comment="readline-devel less than 5.1-24.30.1"/> 41653 <criterion test_ref="oval:org.opensuse.security:tst:2009075158" comment="readline less than 5.1-24.30.1"/> 41654 </criteria> 41655 </criteria> 41656 </definition> 41657 <definition id="oval:org.opensuse.security:def:20123417" version="1" class="vulnerability"> 41658 <metadata> 41659 <title>CVE-2012-3417</title> 41660 <affected family="unix"> 41661 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41662 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41663 </affected> 41664 <reference ref_id="CVE-2012-3417" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3417" source="CVE"/> 41665 <description> 41666 The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota (aka quota) before 3.17 invokes the hosts_ctl function the first time without a host name, which might allow remote attackers to bypass TCP Wrappers rules in hosts.deny. 41667 </description> 41668 </metadata> 41669 <!-- 0a46fef03534da311570e6b60db7e6c2 --> 41670 <criteria operator="AND"> 41671 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41672 <criterion test_ref="oval:org.opensuse.security:tst:2009075497" comment="quota less than 3.13-17.18.1"/> 41673 </criteria> 41674 </definition> 41675 <definition id="oval:org.opensuse.security:def:20123418" version="1" class="vulnerability"> 41676 <metadata> 41677 <title>CVE-2012-3418</title> 41678 <affected family="unix"> 41679 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41680 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41681 </affected> 41682 <reference ref_id="CVE-2012-3418" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3418" source="CVE"/> 41683 <description> 41684 libpcp in Performance Co-Pilot (PCP) before 3.6.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a PDU with the numcreds field value greater than the number of actual elements to the __pmDecodeCreds function in p_creds.c; (2) the string byte number value to the __pmDecodeNameList function in p_pmns.c; (3) the numids value to the __pmDecodeIDList function in p_pmns.c; (4) unspecified vectors to the __pmDecodeProfile function in p_profile.c; the (5) status number value or (6) string number value to the __pmDecodeNameList function in p_pmns.c; (7) certain input to the __pmDecodeResult function in p_result.c; (8) the name length field (namelen) to the DecodeNameReq function in p_pmns.c; (9) a crafted PDU_FETCH request to the __pmDecodeFetch function in p_fetch.c; (10) the namelen field in the __pmDecodeInstanceReq function in p_instance.c; (11) the buflen field to the __pmDecodeText function in p_text.c; (12) PDU_INSTANCE packets to the __pmDecodeInstance in p_instance.c; or the (13) c_numpmid or (14) v_numval fields to the __pmDecodeLogControl function in p_lcontrol.c, which triggers integer overflows, heap-based buffer overflows, and/or buffer over-reads. 41685 </description> 41686 </metadata> 41687 <!-- 86d59a2714828a99a56a3fdba3660c73 --> 41688 <criteria operator="AND"> 41689 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41690 <criterion test_ref="oval:org.opensuse.security:tst:2009076353" comment="permissions less than 2013.1.7-0.5.1"/> 41691 </criteria> 41692 </definition> 41693 <definition id="oval:org.opensuse.security:def:20123419" version="1" class="vulnerability"> 41694 <metadata> 41695 <title>CVE-2012-3419</title> 41696 <affected family="unix"> 41697 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41698 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41699 </affected> 41700 <reference ref_id="CVE-2012-3419" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3419" source="CVE"/> 41701 <description> 41702 Performance Co-Pilot (PCP) before 3.6.5 exports some of the /proc file system, which allows attackers to obtain sensitive information such as proc/pid/maps and command line arguments. 41703 </description> 41704 </metadata> 41705 <!-- 86d59a2714828a99a56a3fdba3660c73 --> 41706 <criteria operator="AND"> 41707 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41708 <criterion test_ref="oval:org.opensuse.security:tst:2009076353" comment="permissions less than 2013.1.7-0.5.1"/> 41709 </criteria> 41710 </definition> 41711 <definition id="oval:org.opensuse.security:def:20123420" version="1" class="vulnerability"> 41712 <metadata> 41713 <title>CVE-2012-3420</title> 41714 <affected family="unix"> 41715 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41716 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41717 </affected> 41718 <reference ref_id="CVE-2012-3420" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3420" source="CVE"/> 41719 <description> 41720 Multiple memory leaks in Performance Co-Pilot (PCP) before 3.6.5 allow remote attackers to cause a denial of service (memory consumption or daemon crash) via a large number of PDUs with (1) a crafted context number to the DoFetch function in pmcd/src/dofetch.c or (2) a negative type value to the __pmGetPDU function in libpcp/src/pdu.c. 41721 </description> 41722 </metadata> 41723 <!-- 86d59a2714828a99a56a3fdba3660c73 --> 41724 <criteria operator="AND"> 41725 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41726 <criterion test_ref="oval:org.opensuse.security:tst:2009076353" comment="permissions less than 2013.1.7-0.5.1"/> 41727 </criteria> 41728 </definition> 41729 <definition id="oval:org.opensuse.security:def:20123421" version="1" class="vulnerability"> 41730 <metadata> 41731 <title>CVE-2012-3421</title> 41732 <affected family="unix"> 41733 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41734 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41735 </affected> 41736 <reference ref_id="CVE-2012-3421" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3421" source="CVE"/> 41737 <description> 41738 The pduread function in pdu.c in libpcp in Performance Co-Pilot (PCP) before 3.6.5 does not properly time out connections, which allows remote attackers to cause a denial of service (pmcd hang) by sending individual bytes of a PDU separately, related to an "event-driven programming flaw." 41739 </description> 41740 </metadata> 41741 <!-- 86d59a2714828a99a56a3fdba3660c73 --> 41742 <criteria operator="AND"> 41743 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41744 <criterion test_ref="oval:org.opensuse.security:tst:2009076353" comment="permissions less than 2013.1.7-0.5.1"/> 41745 </criteria> 41746 </definition> 41747 <definition id="oval:org.opensuse.security:def:20123425" version="1" class="vulnerability"> 41748 <metadata> 41749 <title>CVE-2012-3425</title> 41750 <affected family="unix"> 41751 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41752 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41753 </affected> 41754 <reference ref_id="CVE-2012-3425" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3425" source="CVE"/> 41755 <description> 41756 The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before 1.0.58, 1.2.x before 1.2.48, 1.4.x before 1.4.10, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large avail_in field value in a PNG image. 41757 </description> 41758 </metadata> 41759 <!-- ee829997acb6ea8605d61043117319b5 --> 41760 <criteria operator="AND"> 41761 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41762 <criteria operator="OR"> 41763 <criterion test_ref="oval:org.opensuse.security:tst:2009075189" comment="libpng-32bit less than 1.2.8-19.37.24"/> 41764 <criterion test_ref="oval:org.opensuse.security:tst:2009075190" comment="libpng-devel-32bit less than 1.2.8-19.37.24"/> 41765 <criterion test_ref="oval:org.opensuse.security:tst:2009075191" comment="libpng-devel less than 1.2.8-19.37.24"/> 41766 <criterion test_ref="oval:org.opensuse.security:tst:2009075192" comment="libpng less than 1.2.8-19.37.24"/> 41767 </criteria> 41768 </criteria> 41769 </definition> 41770 <definition id="oval:org.opensuse.security:def:20123438" version="1" class="vulnerability"> 41771 <metadata> 41772 <title>CVE-2012-3438</title> 41773 <affected family="unix"> 41774 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41775 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41776 </affected> 41777 <reference ref_id="CVE-2012-3438" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3438" source="CVE"/> 41778 <description> 41779 The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation. 41780 </description> 41781 </metadata> 41782 <!-- 197e00af8ca9eee4ffb65e54b040e40d --> 41783 <criteria operator="AND"> 41784 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41785 <criteria operator="OR"> 41786 <criterion test_ref="oval:org.opensuse.security:tst:2009077155" comment="ImageMagick-Magick++ less than 6.2.5-16.36.2"/> 41787 <criterion test_ref="oval:org.opensuse.security:tst:2009077156" comment="ImageMagick-devel less than 6.2.5-16.36.2"/> 41788 <criterion test_ref="oval:org.opensuse.security:tst:2009077157" comment="ImageMagick less than 6.2.5-16.36.2"/> 41789 <criterion test_ref="oval:org.opensuse.security:tst:2009077158" comment="perl-PerlMagick less than 6.2.5-16.36.2"/> 41790 </criteria> 41791 </criteria> 41792 </definition> 41793 <definition id="oval:org.opensuse.security:def:20123461" version="1" class="vulnerability"> 41794 <metadata> 41795 <title>CVE-2012-3461</title> 41796 <affected family="unix"> 41797 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41798 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41799 </affected> 41800 <reference ref_id="CVE-2012-3461" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3461" source="CVE"/> 41801 <description> 41802 The (1) otrl_base64_otr_decode function in src/b64.c; (2) otrl_proto_data_read_flags and (3) otrl_proto_accept_data functions in src/proto.c; and (4) decode function in toolkit/parse.c in libotr before 3.2.1 allocates a zero-length buffer when decoding a base64 string, which allows remote attackers to cause a denial of service (application crash) via a message with the value "?OTR:===.", which triggers a heap-based buffer overflow. 41803 </description> 41804 </metadata> 41805 <!-- fe4d1b88e23655d9450cf3fc8115a6e8 --> 41806 <criteria operator="AND"> 41807 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41808 <criterion test_ref="oval:org.opensuse.security:tst:2009076090" comment="libotr less than 3.0.0-16.9.1"/> 41809 </criteria> 41810 </definition> 41811 <definition id="oval:org.opensuse.security:def:20123480" version="1" class="vulnerability"> 41812 <metadata> 41813 <title>CVE-2012-3480</title> 41814 <affected family="unix"> 41815 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41816 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41817 </affected> 41818 <reference ref_id="CVE-2012-3480" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3480" source="CVE"/> 41819 <description> 41820 Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow. 41821 </description> 41822 </metadata> 41823 <!-- 2fc8aabbc955d43968edab9c35bd650e --> 41824 <criteria operator="AND"> 41825 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41826 <criteria operator="OR"> 41827 <criterion test_ref="oval:org.opensuse.security:tst:2009076207" comment="glibc-32bit less than 2.4-31.107.1"/> 41828 <criterion test_ref="oval:org.opensuse.security:tst:2009076208" comment="glibc-devel-32bit less than 2.4-31.107.1"/> 41829 <criterion test_ref="oval:org.opensuse.security:tst:2009076209" comment="glibc-devel less than 2.4-31.107.1"/> 41830 <criterion test_ref="oval:org.opensuse.security:tst:2009076210" comment="glibc-html less than 2.4-31.107.1"/> 41831 <criterion test_ref="oval:org.opensuse.security:tst:2009076211" comment="glibc-i18ndata less than 2.4-31.107.1"/> 41832 <criterion test_ref="oval:org.opensuse.security:tst:2009076212" comment="glibc-info less than 2.4-31.107.1"/> 41833 <criterion test_ref="oval:org.opensuse.security:tst:2009076213" comment="glibc-locale-32bit less than 2.4-31.107.1"/> 41834 <criterion test_ref="oval:org.opensuse.security:tst:2009076214" comment="glibc-locale less than 2.4-31.107.1"/> 41835 <criterion test_ref="oval:org.opensuse.security:tst:2009076215" comment="glibc less than 2.4-31.107.1"/> 41836 <criterion test_ref="oval:org.opensuse.security:tst:2009076216" comment="nscd less than 2.4-31.107.1"/> 41837 </criteria> 41838 </criteria> 41839 </definition> 41840 <definition id="oval:org.opensuse.security:def:20123481" version="1" class="vulnerability"> 41841 <metadata> 41842 <title>CVE-2012-3481</title> 41843 <affected family="unix"> 41844 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41845 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41846 </affected> 41847 <reference ref_id="CVE-2012-3481" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3481" source="CVE"/> 41848 <description> 41849 Integer overflow in the ReadImage function in plug-ins/common/file-gif-load.c in the GIF image format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted height and len properties in a GIF image file, which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. 41850 </description> 41851 </metadata> 41852 <!-- 12c9a930398cff75c99abf194e212747 --> 41853 <criteria operator="AND"> 41854 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41855 <criteria operator="OR"> 41856 <criterion test_ref="oval:org.opensuse.security:tst:2009075425" comment="gimp-devel less than 2.2.10-22.46.1"/> 41857 <criterion test_ref="oval:org.opensuse.security:tst:2009075426" comment="gimp less than 2.2.10-22.46.1"/> 41858 </criteria> 41859 </criteria> 41860 </definition> 41861 <definition id="oval:org.opensuse.security:def:20123488" version="1" class="vulnerability"> 41862 <metadata> 41863 <title>CVE-2012-3488</title> 41864 <affected family="unix"> 41865 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41866 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41867 </affected> 41868 <reference ref_id="CVE-2012-3488" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3488" source="CVE"/> 41869 <description> 41870 The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 does not properly restrict access to files and URLs, which allows remote authenticated users to modify data, obtain sensitive information, or trigger outbound traffic to arbitrary external hosts by leveraging (1) stylesheet commands that are permitted by the libxslt security options or (2) an xslt_process feature, related to an XML External Entity (aka XXE) issue. 41871 </description> 41872 </metadata> 41873 <!-- ee84db0d1f4471abd4ab51536636eb1e --> 41874 <criteria operator="AND"> 41875 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41876 <criteria operator="OR"> 41877 <criterion test_ref="oval:org.opensuse.security:tst:2009075806" comment="postgresql-devel less than 8.1.23-0.11.1"/> 41878 <criterion test_ref="oval:org.opensuse.security:tst:2009075807" comment="postgresql-libs-32bit less than 8.1.23-0.11.1"/> 41879 <criterion test_ref="oval:org.opensuse.security:tst:2009075808" comment="postgresql-libs less than 8.1.23-0.11.1"/> 41880 </criteria> 41881 </criteria> 41882 </definition> 41883 <definition id="oval:org.opensuse.security:def:20123489" version="1" class="vulnerability"> 41884 <metadata> 41885 <title>CVE-2012-3489</title> 41886 <affected family="unix"> 41887 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41888 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41889 </affected> 41890 <reference ref_id="CVE-2012-3489" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3489" source="CVE"/> 41891 <description> 41892 The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content that triggers a parsing error, via an XML value that refers to (1) a DTD or (2) an entity, related to an XML External Entity (aka XXE) issue. 41893 </description> 41894 </metadata> 41895 <!-- ee84db0d1f4471abd4ab51536636eb1e --> 41896 <criteria operator="AND"> 41897 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41898 <criteria operator="OR"> 41899 <criterion test_ref="oval:org.opensuse.security:tst:2009075806" comment="postgresql-devel less than 8.1.23-0.11.1"/> 41900 <criterion test_ref="oval:org.opensuse.security:tst:2009075807" comment="postgresql-libs-32bit less than 8.1.23-0.11.1"/> 41901 <criterion test_ref="oval:org.opensuse.security:tst:2009075808" comment="postgresql-libs less than 8.1.23-0.11.1"/> 41902 </criteria> 41903 </criteria> 41904 </definition> 41905 <definition id="oval:org.opensuse.security:def:20123494" version="1" class="vulnerability"> 41906 <metadata> 41907 <title>CVE-2012-3494</title> 41908 <affected family="unix"> 41909 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41910 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41911 </affected> 41912 <reference ref_id="CVE-2012-3494" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3494" source="CVE"/> 41913 <description> 41914 The set_debugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service (host crash) by writing to the reserved bits of the DR7 debug control register. 41915 </description> 41916 </metadata> 41917 <!-- 7abce5ad0bd27a8e2084fe946c37389f --> 41918 <criteria operator="AND"> 41919 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41920 <criteria operator="OR"> 41921 <criterion test_ref="oval:org.opensuse.security:tst:2009107378" comment="xen-devel less than 3.2.3_17040_40-0.7.2"/> 41922 <criterion test_ref="oval:org.opensuse.security:tst:2009107379" comment="xen-doc-html less than 3.2.3_17040_40-0.7.2"/> 41923 <criterion test_ref="oval:org.opensuse.security:tst:2009107380" comment="xen-doc-pdf less than 3.2.3_17040_40-0.7.2"/> 41924 <criterion test_ref="oval:org.opensuse.security:tst:2009107381" comment="xen-doc-ps less than 3.2.3_17040_40-0.7.2"/> 41925 <criterion test_ref="oval:org.opensuse.security:tst:2009107382" comment="xen-kmp-bigsmp less than 3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2"/> 41926 <criterion test_ref="oval:org.opensuse.security:tst:2009107383" comment="xen-kmp-default less than 3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2"/> 41927 <criterion test_ref="oval:org.opensuse.security:tst:2009107384" comment="xen-kmp-smp less than 3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2"/> 41928 <criterion test_ref="oval:org.opensuse.security:tst:2009107385" comment="xen-libs-32bit less than 3.2.3_17040_40-0.7.2"/> 41929 <criterion test_ref="oval:org.opensuse.security:tst:2009107386" comment="xen-libs less than 3.2.3_17040_40-0.7.2"/> 41930 <criterion test_ref="oval:org.opensuse.security:tst:2009107387" comment="xen-tools-domU less than 3.2.3_17040_40-0.7.2"/> 41931 <criterion test_ref="oval:org.opensuse.security:tst:2009107388" comment="xen-tools-ioemu less than 3.2.3_17040_40-0.7.2"/> 41932 <criterion test_ref="oval:org.opensuse.security:tst:2009107389" comment="xen-tools less than 3.2.3_17040_40-0.7.2"/> 41933 <criterion test_ref="oval:org.opensuse.security:tst:2009107390" comment="xen less than 3.2.3_17040_40-0.7.2"/> 41934 </criteria> 41935 </criteria> 41936 </definition> 41937 <definition id="oval:org.opensuse.security:def:20123497" version="1" class="vulnerability"> 41938 <metadata> 41939 <title>CVE-2012-3497</title> 41940 <affected family="unix"> 41941 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41942 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41943 </affected> 41944 <reference ref_id="CVE-2012-3497" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3497" source="CVE"/> 41945 <description> 41946 (1) TMEMC_SAVE_GET_CLIENT_WEIGHT, (2) TMEMC_SAVE_GET_CLIENT_CAP, (3) TMEMC_SAVE_GET_CLIENT_FLAGS and (4) TMEMC_SAVE_END in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (NULL pointer dereference or memory corruption and host crash) or possibly have other unspecified impacts via a NULL client id. 41947 </description> 41948 </metadata> 41949 <!-- 1e9042debead5d88c23444a904a4e0c9 --> 41950 <criteria operator="AND"> 41951 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41952 <criteria operator="OR"> 41953 <criterion test_ref="oval:org.opensuse.security:tst:2009107426" comment="xen-devel less than 3.2.3_17040_42-0.7.1"/> 41954 <criterion test_ref="oval:org.opensuse.security:tst:2009107427" comment="xen-devel less than 3.2.3_17040_42-0.7.2"/> 41955 <criterion test_ref="oval:org.opensuse.security:tst:2009107428" comment="xen-doc-html less than 3.2.3_17040_42-0.7.1"/> 41956 <criterion test_ref="oval:org.opensuse.security:tst:2009107429" comment="xen-doc-html less than 3.2.3_17040_42-0.7.2"/> 41957 <criterion test_ref="oval:org.opensuse.security:tst:2009107430" comment="xen-doc-pdf less than 3.2.3_17040_42-0.7.1"/> 41958 <criterion test_ref="oval:org.opensuse.security:tst:2009107431" comment="xen-doc-pdf less than 3.2.3_17040_42-0.7.2"/> 41959 <criterion test_ref="oval:org.opensuse.security:tst:2009107432" comment="xen-doc-ps less than 3.2.3_17040_42-0.7.1"/> 41960 <criterion test_ref="oval:org.opensuse.security:tst:2009107433" comment="xen-doc-ps less than 3.2.3_17040_42-0.7.2"/> 41961 <criterion test_ref="oval:org.opensuse.security:tst:2009107434" comment="xen-kmp-bigsmp less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 41962 <criterion test_ref="oval:org.opensuse.security:tst:2009107435" comment="xen-kmp-default less than 3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2"/> 41963 <criterion test_ref="oval:org.opensuse.security:tst:2009107436" comment="xen-kmp-default less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 41964 <criterion test_ref="oval:org.opensuse.security:tst:2009107437" comment="xen-kmp-smp less than 3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2"/> 41965 <criterion test_ref="oval:org.opensuse.security:tst:2009107438" comment="xen-kmp-smp less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 41966 <criterion test_ref="oval:org.opensuse.security:tst:2009107439" comment="xen-libs-32bit less than 3.2.3_17040_42-0.7.1"/> 41967 <criterion test_ref="oval:org.opensuse.security:tst:2009107440" comment="xen-libs less than 3.2.3_17040_42-0.7.1"/> 41968 <criterion test_ref="oval:org.opensuse.security:tst:2009107441" comment="xen-libs less than 3.2.3_17040_42-0.7.2"/> 41969 <criterion test_ref="oval:org.opensuse.security:tst:2009107442" comment="xen-tools-domU less than 3.2.3_17040_42-0.7.1"/> 41970 <criterion test_ref="oval:org.opensuse.security:tst:2009107443" comment="xen-tools-domU less than 3.2.3_17040_42-0.7.2"/> 41971 <criterion test_ref="oval:org.opensuse.security:tst:2009107444" comment="xen-tools-ioemu less than 3.2.3_17040_42-0.7.1"/> 41972 <criterion test_ref="oval:org.opensuse.security:tst:2009107445" comment="xen-tools-ioemu less than 3.2.3_17040_42-0.7.2"/> 41973 <criterion test_ref="oval:org.opensuse.security:tst:2009107446" comment="xen-tools less than 3.2.3_17040_42-0.7.1"/> 41974 <criterion test_ref="oval:org.opensuse.security:tst:2009107447" comment="xen-tools less than 3.2.3_17040_42-0.7.2"/> 41975 <criterion test_ref="oval:org.opensuse.security:tst:2009107448" comment="xen less than 3.2.3_17040_42-0.7.1"/> 41976 <criterion test_ref="oval:org.opensuse.security:tst:2009107449" comment="xen less than 3.2.3_17040_42-0.7.2"/> 41977 </criteria> 41978 </criteria> 41979 </definition> 41980 <definition id="oval:org.opensuse.security:def:20123498" version="1" class="vulnerability"> 41981 <metadata> 41982 <title>CVE-2012-3498</title> 41983 <affected family="unix"> 41984 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 41985 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 41986 </affected> 41987 <reference ref_id="CVE-2012-3498" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3498" source="CVE"/> 41988 <description> 41989 PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory via vectors related to a missing range check of map->index. 41990 </description> 41991 </metadata> 41992 <!-- 7abce5ad0bd27a8e2084fe946c37389f --> 41993 <criteria operator="AND"> 41994 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 41995 <criteria operator="OR"> 41996 <criterion test_ref="oval:org.opensuse.security:tst:2009107378" comment="xen-devel less than 3.2.3_17040_40-0.7.2"/> 41997 <criterion test_ref="oval:org.opensuse.security:tst:2009107379" comment="xen-doc-html less than 3.2.3_17040_40-0.7.2"/> 41998 <criterion test_ref="oval:org.opensuse.security:tst:2009107380" comment="xen-doc-pdf less than 3.2.3_17040_40-0.7.2"/> 41999 <criterion test_ref="oval:org.opensuse.security:tst:2009107381" comment="xen-doc-ps less than 3.2.3_17040_40-0.7.2"/> 42000 <criterion test_ref="oval:org.opensuse.security:tst:2009107382" comment="xen-kmp-bigsmp less than 3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2"/> 42001 <criterion test_ref="oval:org.opensuse.security:tst:2009107383" comment="xen-kmp-default less than 3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2"/> 42002 <criterion test_ref="oval:org.opensuse.security:tst:2009107384" comment="xen-kmp-smp less than 3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2"/> 42003 <criterion test_ref="oval:org.opensuse.security:tst:2009107385" comment="xen-libs-32bit less than 3.2.3_17040_40-0.7.2"/> 42004 <criterion test_ref="oval:org.opensuse.security:tst:2009107386" comment="xen-libs less than 3.2.3_17040_40-0.7.2"/> 42005 <criterion test_ref="oval:org.opensuse.security:tst:2009107387" comment="xen-tools-domU less than 3.2.3_17040_40-0.7.2"/> 42006 <criterion test_ref="oval:org.opensuse.security:tst:2009107388" comment="xen-tools-ioemu less than 3.2.3_17040_40-0.7.2"/> 42007 <criterion test_ref="oval:org.opensuse.security:tst:2009107389" comment="xen-tools less than 3.2.3_17040_40-0.7.2"/> 42008 <criterion test_ref="oval:org.opensuse.security:tst:2009107390" comment="xen less than 3.2.3_17040_40-0.7.2"/> 42009 </criteria> 42010 </criteria> 42011 </definition> 42012 <definition id="oval:org.opensuse.security:def:20123510" version="1" class="vulnerability"> 42013 <metadata> 42014 <title>CVE-2012-3510</title> 42015 <affected family="unix"> 42016 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42017 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42018 </affected> 42019 <reference ref_id="CVE-2012-3510" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3510" source="CVE"/> 42020 <description> 42021 Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command. 42022 </description> 42023 </metadata> 42024 <criteria operator="OR"> 42025 <!-- 9dc087603b172b449aa9a07b548bf3cf --> 42026 <criteria operator="AND"> 42027 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42028 <criteria operator="OR"> 42029 <criterion test_ref="oval:org.opensuse.security:tst:2009075850" comment="kernel-bigsmp less than 2.6.16.60-0.99.1"/> 42030 <criterion test_ref="oval:org.opensuse.security:tst:2009075851" comment="kernel-default less than 2.6.16.60-0.99.1"/> 42031 <criterion test_ref="oval:org.opensuse.security:tst:2009075852" comment="kernel-smp less than 2.6.16.60-0.99.1"/> 42032 <criterion test_ref="oval:org.opensuse.security:tst:2009075853" comment="kernel-source less than 2.6.16.60-0.99.1"/> 42033 <criterion test_ref="oval:org.opensuse.security:tst:2009075854" comment="kernel-syms less than 2.6.16.60-0.99.1"/> 42034 <criterion test_ref="oval:org.opensuse.security:tst:2009075855" comment="kernel-xen less than 2.6.16.60-0.99.1"/> 42035 <criterion test_ref="oval:org.opensuse.security:tst:2009075856" comment="kernel-xenpae less than 2.6.16.60-0.99.1"/> 42036 </criteria> 42037 </criteria> 42038 <!-- c77cfcc87d8e54df006cb42c12c2fadb --> 42039 <criteria operator="AND"> 42040 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42041 <criteria operator="OR"> 42042 <criterion test_ref="oval:org.opensuse.security:tst:2009075851" comment="kernel-default less than 2.6.16.60-0.99.1"/> 42043 <criterion test_ref="oval:org.opensuse.security:tst:2009075852" comment="kernel-smp less than 2.6.16.60-0.99.1"/> 42044 <criterion test_ref="oval:org.opensuse.security:tst:2009075853" comment="kernel-source less than 2.6.16.60-0.99.1"/> 42045 <criterion test_ref="oval:org.opensuse.security:tst:2009075854" comment="kernel-syms less than 2.6.16.60-0.99.1"/> 42046 <criterion test_ref="oval:org.opensuse.security:tst:2009075855" comment="kernel-xen less than 2.6.16.60-0.99.1"/> 42047 </criteria> 42048 </criteria> 42049 </criteria> 42050 </definition> 42051 <definition id="oval:org.opensuse.security:def:20123515" version="1" class="vulnerability"> 42052 <metadata> 42053 <title>CVE-2012-3515</title> 42054 <affected family="unix"> 42055 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42056 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42057 </affected> 42058 <reference ref_id="CVE-2012-3515" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3515" source="CVE"/> 42059 <description> 42060 Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." 42061 </description> 42062 </metadata> 42063 <!-- 7abce5ad0bd27a8e2084fe946c37389f --> 42064 <criteria operator="AND"> 42065 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42066 <criteria operator="OR"> 42067 <criterion test_ref="oval:org.opensuse.security:tst:2009107378" comment="xen-devel less than 3.2.3_17040_40-0.7.2"/> 42068 <criterion test_ref="oval:org.opensuse.security:tst:2009107379" comment="xen-doc-html less than 3.2.3_17040_40-0.7.2"/> 42069 <criterion test_ref="oval:org.opensuse.security:tst:2009107380" comment="xen-doc-pdf less than 3.2.3_17040_40-0.7.2"/> 42070 <criterion test_ref="oval:org.opensuse.security:tst:2009107381" comment="xen-doc-ps less than 3.2.3_17040_40-0.7.2"/> 42071 <criterion test_ref="oval:org.opensuse.security:tst:2009107382" comment="xen-kmp-bigsmp less than 3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2"/> 42072 <criterion test_ref="oval:org.opensuse.security:tst:2009107383" comment="xen-kmp-default less than 3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2"/> 42073 <criterion test_ref="oval:org.opensuse.security:tst:2009107384" comment="xen-kmp-smp less than 3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2"/> 42074 <criterion test_ref="oval:org.opensuse.security:tst:2009107385" comment="xen-libs-32bit less than 3.2.3_17040_40-0.7.2"/> 42075 <criterion test_ref="oval:org.opensuse.security:tst:2009107386" comment="xen-libs less than 3.2.3_17040_40-0.7.2"/> 42076 <criterion test_ref="oval:org.opensuse.security:tst:2009107387" comment="xen-tools-domU less than 3.2.3_17040_40-0.7.2"/> 42077 <criterion test_ref="oval:org.opensuse.security:tst:2009107388" comment="xen-tools-ioemu less than 3.2.3_17040_40-0.7.2"/> 42078 <criterion test_ref="oval:org.opensuse.security:tst:2009107389" comment="xen-tools less than 3.2.3_17040_40-0.7.2"/> 42079 <criterion test_ref="oval:org.opensuse.security:tst:2009107390" comment="xen less than 3.2.3_17040_40-0.7.2"/> 42080 </criteria> 42081 </criteria> 42082 </definition> 42083 <definition id="oval:org.opensuse.security:def:20123571" version="1" class="vulnerability"> 42084 <metadata> 42085 <title>CVE-2012-3571</title> 42086 <affected family="unix"> 42087 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42088 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42089 </affected> 42090 <reference ref_id="CVE-2012-3571" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3571" source="CVE"/> 42091 <description> 42092 ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier. 42093 </description> 42094 </metadata> 42095 <!-- da94d5b3d48594aadd850e6fdb67f6f2 --> 42096 <criteria operator="AND"> 42097 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42098 <criteria operator="OR"> 42099 <criterion test_ref="oval:org.opensuse.security:tst:2009075216" comment="dhcp-client less than 3.0.7-7.17.1"/> 42100 <criterion test_ref="oval:org.opensuse.security:tst:2009075217" comment="dhcp less than 3.0.7-7.17.1"/> 42101 </criteria> 42102 </criteria> 42103 </definition> 42104 <definition id="oval:org.opensuse.security:def:20123817" version="1" class="vulnerability"> 42105 <metadata> 42106 <title>CVE-2012-3817</title> 42107 <affected family="unix"> 42108 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42109 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42110 </affected> 42111 <reference ref_id="CVE-2012-3817" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817" source="CVE"/> 42112 <description> 42113 ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) by sending many queries. 42114 </description> 42115 </metadata> 42116 <!-- 336ff0f5a24d826e2d8f3e523f06fe9c --> 42117 <criteria operator="AND"> 42118 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42119 <criteria operator="OR"> 42120 <criterion test_ref="oval:org.opensuse.security:tst:2009075483" comment="bind-libs-32bit less than 9.6ESVR7P2-0.7.1"/> 42121 <criterion test_ref="oval:org.opensuse.security:tst:2009075484" comment="bind-libs less than 9.6ESVR7P2-0.7.1"/> 42122 <criterion test_ref="oval:org.opensuse.security:tst:2009075485" comment="bind-utils less than 9.6ESVR7P2-0.7.1"/> 42123 </criteria> 42124 </criteria> 42125 </definition> 42126 <definition id="oval:org.opensuse.security:def:20123868" version="1" class="vulnerability"> 42127 <metadata> 42128 <title>CVE-2012-3868</title> 42129 <affected family="unix"> 42130 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42131 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42132 </affected> 42133 <reference ref_id="CVE-2012-3868" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3868" source="CVE"/> 42134 <description> 42135 Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries. 42136 </description> 42137 </metadata> 42138 <!-- 336ff0f5a24d826e2d8f3e523f06fe9c --> 42139 <criteria operator="AND"> 42140 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42141 <criteria operator="OR"> 42142 <criterion test_ref="oval:org.opensuse.security:tst:2009075483" comment="bind-libs-32bit less than 9.6ESVR7P2-0.7.1"/> 42143 <criterion test_ref="oval:org.opensuse.security:tst:2009075484" comment="bind-libs less than 9.6ESVR7P2-0.7.1"/> 42144 <criterion test_ref="oval:org.opensuse.security:tst:2009075485" comment="bind-utils less than 9.6ESVR7P2-0.7.1"/> 42145 </criteria> 42146 </criteria> 42147 </definition> 42148 <definition id="oval:org.opensuse.security:def:20123954" version="1" class="vulnerability"> 42149 <metadata> 42150 <title>CVE-2012-3954</title> 42151 <affected family="unix"> 42152 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42153 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42154 </affected> 42155 <reference ref_id="CVE-2012-3954" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3954" source="CVE"/> 42156 <description> 42157 Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests. 42158 </description> 42159 </metadata> 42160 <!-- da94d5b3d48594aadd850e6fdb67f6f2 --> 42161 <criteria operator="AND"> 42162 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42163 <criteria operator="OR"> 42164 <criterion test_ref="oval:org.opensuse.security:tst:2009075216" comment="dhcp-client less than 3.0.7-7.17.1"/> 42165 <criterion test_ref="oval:org.opensuse.security:tst:2009075217" comment="dhcp less than 3.0.7-7.17.1"/> 42166 </criteria> 42167 </criteria> 42168 </definition> 42169 <definition id="oval:org.opensuse.security:def:20123956" version="1" class="vulnerability"> 42170 <metadata> 42171 <title>CVE-2012-3956</title> 42172 <affected family="unix"> 42173 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42174 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42175 </affected> 42176 <reference ref_id="CVE-2012-3956" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3956" source="CVE"/> 42177 <description> 42178 Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 42179 </description> 42180 </metadata> 42181 <!-- 3d961c9ba7250844680b248327a712ac --> 42182 <criteria operator="AND"> 42183 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42184 <criteria operator="OR"> 42185 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42186 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42187 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42188 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42189 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42190 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42191 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42192 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42193 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42194 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42195 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42196 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42197 </criteria> 42198 </criteria> 42199 </definition> 42200 <definition id="oval:org.opensuse.security:def:20123957" version="1" class="vulnerability"> 42201 <metadata> 42202 <title>CVE-2012-3957</title> 42203 <affected family="unix"> 42204 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42205 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42206 </affected> 42207 <reference ref_id="CVE-2012-3957" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3957" source="CVE"/> 42208 <description> 42209 Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors. 42210 </description> 42211 </metadata> 42212 <!-- 3d961c9ba7250844680b248327a712ac --> 42213 <criteria operator="AND"> 42214 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42215 <criteria operator="OR"> 42216 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42217 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42218 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42219 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42220 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42221 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42222 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42223 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42224 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42225 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42226 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42227 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42228 </criteria> 42229 </criteria> 42230 </definition> 42231 <definition id="oval:org.opensuse.security:def:20123958" version="1" class="vulnerability"> 42232 <metadata> 42233 <title>CVE-2012-3958</title> 42234 <affected family="unix"> 42235 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42236 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42237 </affected> 42238 <reference ref_id="CVE-2012-3958" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3958" source="CVE"/> 42239 <description> 42240 Use-after-free vulnerability in the nsHTMLEditRules::DeleteNonTableElements function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 42241 </description> 42242 </metadata> 42243 <!-- 3d961c9ba7250844680b248327a712ac --> 42244 <criteria operator="AND"> 42245 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42246 <criteria operator="OR"> 42247 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42248 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42249 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42250 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42251 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42252 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42253 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42254 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42255 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42256 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42257 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42258 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42259 </criteria> 42260 </criteria> 42261 </definition> 42262 <definition id="oval:org.opensuse.security:def:20123959" version="1" class="vulnerability"> 42263 <metadata> 42264 <title>CVE-2012-3959</title> 42265 <affected family="unix"> 42266 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42267 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42268 </affected> 42269 <reference ref_id="CVE-2012-3959" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3959" source="CVE"/> 42270 <description> 42271 Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 42272 </description> 42273 </metadata> 42274 <!-- 3d961c9ba7250844680b248327a712ac --> 42275 <criteria operator="AND"> 42276 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42277 <criteria operator="OR"> 42278 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42279 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42280 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42281 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42282 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42283 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42284 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42285 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42286 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42287 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42288 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42289 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42290 </criteria> 42291 </criteria> 42292 </definition> 42293 <definition id="oval:org.opensuse.security:def:20123960" version="1" class="vulnerability"> 42294 <metadata> 42295 <title>CVE-2012-3960</title> 42296 <affected family="unix"> 42297 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42298 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42299 </affected> 42300 <reference ref_id="CVE-2012-3960" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3960" source="CVE"/> 42301 <description> 42302 Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 42303 </description> 42304 </metadata> 42305 <!-- 3d961c9ba7250844680b248327a712ac --> 42306 <criteria operator="AND"> 42307 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42308 <criteria operator="OR"> 42309 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42310 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42311 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42312 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42313 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42314 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42315 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42316 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42317 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42318 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42319 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42320 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42321 </criteria> 42322 </criteria> 42323 </definition> 42324 <definition id="oval:org.opensuse.security:def:20123961" version="1" class="vulnerability"> 42325 <metadata> 42326 <title>CVE-2012-3961</title> 42327 <affected family="unix"> 42328 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42329 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42330 </affected> 42331 <reference ref_id="CVE-2012-3961" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3961" source="CVE"/> 42332 <description> 42333 Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 42334 </description> 42335 </metadata> 42336 <!-- 3d961c9ba7250844680b248327a712ac --> 42337 <criteria operator="AND"> 42338 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42339 <criteria operator="OR"> 42340 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42341 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42342 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42343 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42344 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42345 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42346 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42347 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42348 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42349 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42350 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42351 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42352 </criteria> 42353 </criteria> 42354 </definition> 42355 <definition id="oval:org.opensuse.security:def:20123962" version="1" class="vulnerability"> 42356 <metadata> 42357 <title>CVE-2012-3962</title> 42358 <affected family="unix"> 42359 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42360 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42361 </affected> 42362 <reference ref_id="CVE-2012-3962" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3962" source="CVE"/> 42363 <description> 42364 Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly iterate through the characters in a text run, which allows remote attackers to execute arbitrary code via a crafted document. 42365 </description> 42366 </metadata> 42367 <!-- 3d961c9ba7250844680b248327a712ac --> 42368 <criteria operator="AND"> 42369 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42370 <criteria operator="OR"> 42371 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42372 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42373 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42374 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42375 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42376 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42377 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42378 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42379 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42380 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42381 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42382 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42383 </criteria> 42384 </criteria> 42385 </definition> 42386 <definition id="oval:org.opensuse.security:def:20123963" version="1" class="vulnerability"> 42387 <metadata> 42388 <title>CVE-2012-3963</title> 42389 <affected family="unix"> 42390 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42391 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42392 </affected> 42393 <reference ref_id="CVE-2012-3963" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3963" source="CVE"/> 42394 <description> 42395 Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors. 42396 </description> 42397 </metadata> 42398 <!-- 3d961c9ba7250844680b248327a712ac --> 42399 <criteria operator="AND"> 42400 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42401 <criteria operator="OR"> 42402 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42403 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42404 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42405 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42406 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42407 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42408 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42409 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42410 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42411 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42412 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42413 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42414 </criteria> 42415 </criteria> 42416 </definition> 42417 <definition id="oval:org.opensuse.security:def:20123964" version="1" class="vulnerability"> 42418 <metadata> 42419 <title>CVE-2012-3964</title> 42420 <affected family="unix"> 42421 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42422 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42423 </affected> 42424 <reference ref_id="CVE-2012-3964" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3964" source="CVE"/> 42425 <description> 42426 Use-after-free vulnerability in the gfxTextRun::GetUserData function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 42427 </description> 42428 </metadata> 42429 <!-- 3d961c9ba7250844680b248327a712ac --> 42430 <criteria operator="AND"> 42431 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42432 <criteria operator="OR"> 42433 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42434 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42435 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42436 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42437 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42438 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42439 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42440 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42441 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42442 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42443 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42444 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42445 </criteria> 42446 </criteria> 42447 </definition> 42448 <definition id="oval:org.opensuse.security:def:20123965" version="1" class="vulnerability"> 42449 <metadata> 42450 <title>CVE-2012-3965</title> 42451 <affected family="unix"> 42452 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42453 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42454 </affected> 42455 <reference ref_id="CVE-2012-3965" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3965" source="CVE"/> 42456 <description> 42457 Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window. 42458 </description> 42459 </metadata> 42460 <!-- 3d961c9ba7250844680b248327a712ac --> 42461 <criteria operator="AND"> 42462 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42463 <criteria operator="OR"> 42464 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42465 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42466 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42467 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42468 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42469 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42470 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42471 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42472 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42473 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42474 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42475 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42476 </criteria> 42477 </criteria> 42478 </definition> 42479 <definition id="oval:org.opensuse.security:def:20123966" version="1" class="vulnerability"> 42480 <metadata> 42481 <title>CVE-2012-3966</title> 42482 <affected family="unix"> 42483 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42484 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42485 </affected> 42486 <reference ref_id="CVE-2012-3966" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3966" source="CVE"/> 42487 <description> 42488 Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a negative height value in a BMP image within a .ICO file, related to (1) improper handling of the transparency bitmask by the nsICODecoder component and (2) improper processing of the alpha channel by the nsBMPDecoder component. 42489 </description> 42490 </metadata> 42491 <!-- 3d961c9ba7250844680b248327a712ac --> 42492 <criteria operator="AND"> 42493 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42494 <criteria operator="OR"> 42495 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42496 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42497 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42498 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42499 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42500 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42501 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42502 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42503 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42504 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42505 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42506 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42507 </criteria> 42508 </criteria> 42509 </definition> 42510 <definition id="oval:org.opensuse.security:def:20123967" version="1" class="vulnerability"> 42511 <metadata> 42512 <title>CVE-2012-3967</title> 42513 <affected family="unix"> 42514 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42515 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42516 </affected> 42517 <reference ref_id="CVE-2012-3967" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3967" source="CVE"/> 42518 <description> 42519 The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large number of sampler uniforms are used, does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted web site. 42520 </description> 42521 </metadata> 42522 <!-- 3d961c9ba7250844680b248327a712ac --> 42523 <criteria operator="AND"> 42524 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42525 <criteria operator="OR"> 42526 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42527 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42528 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42529 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42530 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42531 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42532 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42533 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42534 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42535 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42536 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42537 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42538 </criteria> 42539 </criteria> 42540 </definition> 42541 <definition id="oval:org.opensuse.security:def:20123968" version="1" class="vulnerability"> 42542 <metadata> 42543 <title>CVE-2012-3968</title> 42544 <affected family="unix"> 42545 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42546 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42547 </affected> 42548 <reference ref_id="CVE-2012-3968" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3968" source="CVE"/> 42549 <description> 42550 Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via vectors related to deletion of a fragment shader by its accessor. 42551 </description> 42552 </metadata> 42553 <!-- 3d961c9ba7250844680b248327a712ac --> 42554 <criteria operator="AND"> 42555 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42556 <criteria operator="OR"> 42557 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42558 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42559 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42560 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42561 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42562 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42563 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42564 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42565 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42566 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42567 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42568 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42569 </criteria> 42570 </criteria> 42571 </definition> 42572 <definition id="oval:org.opensuse.security:def:20123969" version="1" class="vulnerability"> 42573 <metadata> 42574 <title>CVE-2012-3969</title> 42575 <affected family="unix"> 42576 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42577 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42578 </affected> 42579 <reference ref_id="CVE-2012-3969" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3969" source="CVE"/> 42580 <description> 42581 Integer overflow in the nsSVGFEMorphologyElement::Filter function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via a crafted SVG filter that triggers an incorrect sum calculation, leading to a heap-based buffer overflow. 42582 </description> 42583 </metadata> 42584 <!-- 3d961c9ba7250844680b248327a712ac --> 42585 <criteria operator="AND"> 42586 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42587 <criteria operator="OR"> 42588 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42589 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42590 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42591 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42592 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42593 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42594 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42595 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42596 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42597 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42598 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42599 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42600 </criteria> 42601 </criteria> 42602 </definition> 42603 <definition id="oval:org.opensuse.security:def:20123970" version="1" class="vulnerability"> 42604 <metadata> 42605 <title>CVE-2012-3970</title> 42606 <affected family="unix"> 42607 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42608 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42609 </affected> 42610 <reference ref_id="CVE-2012-3970" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3970" source="CVE"/> 42611 <description> 42612 Use-after-free vulnerability in the nsTArray_base::Length function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving movement of a requiredFeatures attribute from one SVG document to another. 42613 </description> 42614 </metadata> 42615 <!-- 3d961c9ba7250844680b248327a712ac --> 42616 <criteria operator="AND"> 42617 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42618 <criteria operator="OR"> 42619 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42620 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42621 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42622 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42623 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42624 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42625 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42626 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42627 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42628 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42629 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42630 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42631 </criteria> 42632 </criteria> 42633 </definition> 42634 <definition id="oval:org.opensuse.security:def:20123971" version="1" class="vulnerability"> 42635 <metadata> 42636 <title>CVE-2012-3971</title> 42637 <affected family="unix"> 42638 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42639 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42640 </affected> 42641 <reference ref_id="CVE-2012-3971" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3971" source="CVE"/> 42642 <description> 42643 Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the (1) Silf::readClassMap and (2) Pass::readPass functions. 42644 </description> 42645 </metadata> 42646 <!-- 3d961c9ba7250844680b248327a712ac --> 42647 <criteria operator="AND"> 42648 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42649 <criteria operator="OR"> 42650 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42651 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42652 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42653 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42654 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42655 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42656 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42657 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42658 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42659 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42660 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42661 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42662 </criteria> 42663 </criteria> 42664 </definition> 42665 <definition id="oval:org.opensuse.security:def:20123972" version="1" class="vulnerability"> 42666 <metadata> 42667 <title>CVE-2012-3972</title> 42668 <affected family="unix"> 42669 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42670 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42671 </affected> 42672 <reference ref_id="CVE-2012-3972" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3972" source="CVE"/> 42673 <description> 42674 The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based buffer over-read. 42675 </description> 42676 </metadata> 42677 <!-- 3d961c9ba7250844680b248327a712ac --> 42678 <criteria operator="AND"> 42679 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42680 <criteria operator="OR"> 42681 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42682 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42683 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42684 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42685 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42686 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42687 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42688 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42689 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42690 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42691 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42692 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42693 </criteria> 42694 </criteria> 42695 </definition> 42696 <definition id="oval:org.opensuse.security:def:20123973" version="1" class="vulnerability"> 42697 <metadata> 42698 <title>CVE-2012-3973</title> 42699 <affected family="unix"> 42700 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42701 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42702 </affected> 42703 <reference ref_id="CVE-2012-3973" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3973" source="CVE"/> 42704 <description> 42705 The debugger in the developer-tools subsystem in Mozilla Firefox before 15.0, when remote debugging is disabled, does not properly restrict access to the remote-debugging service, which allows remote attackers to execute arbitrary code by leveraging the presence of the HTTPMonitor extension and connecting to that service through the HTTPMonitor port. 42706 </description> 42707 </metadata> 42708 <!-- 3d961c9ba7250844680b248327a712ac --> 42709 <criteria operator="AND"> 42710 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42711 <criteria operator="OR"> 42712 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42713 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42714 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42715 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42716 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42717 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42718 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42719 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42720 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42721 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42722 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42723 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42724 </criteria> 42725 </criteria> 42726 </definition> 42727 <definition id="oval:org.opensuse.security:def:20123974" version="1" class="vulnerability"> 42728 <metadata> 42729 <title>CVE-2012-3974</title> 42730 <affected family="unix"> 42731 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42732 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42733 </affected> 42734 <reference ref_id="CVE-2012-3974" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3974" source="CVE"/> 42735 <description> 42736 Untrusted search path vulnerability in the installer in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 on Windows allows local users to gain privileges via a Trojan horse executable file in a root directory. 42737 </description> 42738 </metadata> 42739 <!-- 3d961c9ba7250844680b248327a712ac --> 42740 <criteria operator="AND"> 42741 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42742 <criteria operator="OR"> 42743 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42744 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42745 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42746 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42747 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42748 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42749 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42750 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42751 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42752 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42753 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42754 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42755 </criteria> 42756 </criteria> 42757 </definition> 42758 <definition id="oval:org.opensuse.security:def:20123975" version="1" class="vulnerability"> 42759 <metadata> 42760 <title>CVE-2012-3975</title> 42761 <affected family="unix"> 42762 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42763 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42764 </affected> 42765 <reference ref_id="CVE-2012-3975" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3975" source="CVE"/> 42766 <description> 42767 The DOMParser component in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 loads subresources during parsing of text/html data within an extension, which allows remote attackers to obtain sensitive information by providing crafted data to privileged extension code. 42768 </description> 42769 </metadata> 42770 <!-- 3d961c9ba7250844680b248327a712ac --> 42771 <criteria operator="AND"> 42772 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42773 <criteria operator="OR"> 42774 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42775 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42776 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42777 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42778 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42779 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42780 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42781 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42782 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42783 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42784 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42785 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42786 </criteria> 42787 </criteria> 42788 </definition> 42789 <definition id="oval:org.opensuse.security:def:20123976" version="1" class="vulnerability"> 42790 <metadata> 42791 <title>CVE-2012-3976</title> 42792 <affected family="unix"> 42793 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42794 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42795 </affected> 42796 <reference ref_id="CVE-2012-3976" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3976" source="CVE"/> 42797 <description> 42798 Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page. 42799 </description> 42800 </metadata> 42801 <!-- 3d961c9ba7250844680b248327a712ac --> 42802 <criteria operator="AND"> 42803 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42804 <criteria operator="OR"> 42805 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42806 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42807 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42808 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42809 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42810 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42811 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42812 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42813 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42814 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42815 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42816 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42817 </criteria> 42818 </criteria> 42819 </definition> 42820 <definition id="oval:org.opensuse.security:def:20123977" version="1" class="vulnerability"> 42821 <metadata> 42822 <title>CVE-2012-3977</title> 42823 <affected family="unix"> 42824 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42825 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42826 </affected> 42827 <reference ref_id="CVE-2012-3977" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3977" source="CVE"/> 42828 <description> 42829 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4930. Reason: This candidate is a duplicate of CVE-2012-4930. Notes: All CVE users should reference CVE-2012-4930 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. 42830 </description> 42831 </metadata> 42832 <!-- b54051bb7b93d9b879c04f373ce0061d --> 42833 <criteria operator="AND"> 42834 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42835 <criteria operator="OR"> 42836 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 42837 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 42838 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 42839 </criteria> 42840 </criteria> 42841 </definition> 42842 <definition id="oval:org.opensuse.security:def:20123978" version="1" class="vulnerability"> 42843 <metadata> 42844 <title>CVE-2012-3978</title> 42845 <affected family="unix"> 42846 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42847 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42848 </affected> 42849 <reference ref_id="CVE-2012-3978" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3978" source="CVE"/> 42850 <description> 42851 The nsLocation::CheckURL function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 does not properly follow the security model of the location object, which allows remote attackers to bypass intended content-loading restrictions or possibly have unspecified other impact via vectors involving chrome code. 42852 </description> 42853 </metadata> 42854 <!-- 3d961c9ba7250844680b248327a712ac --> 42855 <criteria operator="AND"> 42856 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42857 <criteria operator="OR"> 42858 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42859 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42860 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42861 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42862 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42863 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42864 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42865 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42866 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42867 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42868 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42869 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42870 </criteria> 42871 </criteria> 42872 </definition> 42873 <definition id="oval:org.opensuse.security:def:20123979" version="1" class="vulnerability"> 42874 <metadata> 42875 <title>CVE-2012-3979</title> 42876 <affected family="unix"> 42877 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42878 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42879 </affected> 42880 <reference ref_id="CVE-2012-3979" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3979" source="CVE"/> 42881 <description> 42882 Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web page that calls the JavaScript dump function. 42883 </description> 42884 </metadata> 42885 <!-- 3d961c9ba7250844680b248327a712ac --> 42886 <criteria operator="AND"> 42887 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42888 <criteria operator="OR"> 42889 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42890 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42891 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42892 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42893 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42894 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42895 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42896 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42897 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42898 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42899 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42900 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42901 </criteria> 42902 </criteria> 42903 </definition> 42904 <definition id="oval:org.opensuse.security:def:20123980" version="1" class="vulnerability"> 42905 <metadata> 42906 <title>CVE-2012-3980</title> 42907 <affected family="unix"> 42908 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42909 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42910 </affected> 42911 <reference ref_id="CVE-2012-3980" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3980" source="CVE"/> 42912 <description> 42913 The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that injects this code and triggers an eval operation. 42914 </description> 42915 </metadata> 42916 <!-- 3d961c9ba7250844680b248327a712ac --> 42917 <criteria operator="AND"> 42918 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42919 <criteria operator="OR"> 42920 <criterion test_ref="oval:org.opensuse.security:tst:2009075519" comment="MozillaFirefox-branding-SLED less than 7-0.8.31"/> 42921 <criterion test_ref="oval:org.opensuse.security:tst:2009075520" comment="MozillaFirefox-translations less than 10.0.7-0.5.1"/> 42922 <criterion test_ref="oval:org.opensuse.security:tst:2009075521" comment="MozillaFirefox less than 10.0.7-0.5.1"/> 42923 <criterion test_ref="oval:org.opensuse.security:tst:2009075522" comment="firefox3-cairo-32bit less than 1.2.4-0.8.1"/> 42924 <criterion test_ref="oval:org.opensuse.security:tst:2009075523" comment="firefox3-cairo less than 1.2.4-0.8.1"/> 42925 <criterion test_ref="oval:org.opensuse.security:tst:2009075524" comment="mozilla-nspr-32bit less than 4.9.2-0.9.1"/> 42926 <criterion test_ref="oval:org.opensuse.security:tst:2009075525" comment="mozilla-nspr-devel less than 4.9.2-0.9.1"/> 42927 <criterion test_ref="oval:org.opensuse.security:tst:2009075526" comment="mozilla-nspr less than 4.9.2-0.9.1"/> 42928 <criterion test_ref="oval:org.opensuse.security:tst:2009075527" comment="mozilla-nss-32bit less than 3.13.6-0.8.1"/> 42929 <criterion test_ref="oval:org.opensuse.security:tst:2009075528" comment="mozilla-nss-devel less than 3.13.6-0.8.1"/> 42930 <criterion test_ref="oval:org.opensuse.security:tst:2009075529" comment="mozilla-nss-tools less than 3.13.6-0.8.1"/> 42931 <criterion test_ref="oval:org.opensuse.security:tst:2009075530" comment="mozilla-nss less than 3.13.6-0.8.1"/> 42932 </criteria> 42933 </criteria> 42934 </definition> 42935 <definition id="oval:org.opensuse.security:def:20123982" version="1" class="vulnerability"> 42936 <metadata> 42937 <title>CVE-2012-3982</title> 42938 <affected family="unix"> 42939 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42940 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42941 </affected> 42942 <reference ref_id="CVE-2012-3982" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3982" source="CVE"/> 42943 <description> 42944 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 42945 </description> 42946 </metadata> 42947 <!-- b54051bb7b93d9b879c04f373ce0061d --> 42948 <criteria operator="AND"> 42949 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42950 <criteria operator="OR"> 42951 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 42952 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 42953 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 42954 </criteria> 42955 </criteria> 42956 </definition> 42957 <definition id="oval:org.opensuse.security:def:20123983" version="1" class="vulnerability"> 42958 <metadata> 42959 <title>CVE-2012-3983</title> 42960 <affected family="unix"> 42961 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42962 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42963 </affected> 42964 <reference ref_id="CVE-2012-3983" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3983" source="CVE"/> 42965 <description> 42966 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 42967 </description> 42968 </metadata> 42969 <!-- b54051bb7b93d9b879c04f373ce0061d --> 42970 <criteria operator="AND"> 42971 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42972 <criteria operator="OR"> 42973 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 42974 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 42975 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 42976 </criteria> 42977 </criteria> 42978 </definition> 42979 <definition id="oval:org.opensuse.security:def:20123984" version="1" class="vulnerability"> 42980 <metadata> 42981 <title>CVE-2012-3984</title> 42982 <affected family="unix"> 42983 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 42984 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 42985 </affected> 42986 <reference ref_id="CVE-2012-3984" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3984" source="CVE"/> 42987 <description> 42988 Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT element's menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling. 42989 </description> 42990 </metadata> 42991 <!-- b54051bb7b93d9b879c04f373ce0061d --> 42992 <criteria operator="AND"> 42993 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 42994 <criteria operator="OR"> 42995 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 42996 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 42997 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 42998 </criteria> 42999 </criteria> 43000 </definition> 43001 <definition id="oval:org.opensuse.security:def:20123985" version="1" class="vulnerability"> 43002 <metadata> 43003 <title>CVE-2012-3985</title> 43004 <affected family="unix"> 43005 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43006 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43007 </affected> 43008 <reference ref_id="CVE-2012-3985" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3985" source="CVE"/> 43009 <description> 43010 Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly implement the HTML5 Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging initial-origin access after document.domain has been set. 43011 </description> 43012 </metadata> 43013 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43014 <criteria operator="AND"> 43015 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43016 <criteria operator="OR"> 43017 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43018 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43019 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43020 </criteria> 43021 </criteria> 43022 </definition> 43023 <definition id="oval:org.opensuse.security:def:20123986" version="1" class="vulnerability"> 43024 <metadata> 43025 <title>CVE-2012-3986</title> 43026 <affected family="unix"> 43027 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43028 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43029 </affected> 43030 <reference ref_id="CVE-2012-3986" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3986" source="CVE"/> 43031 <description> 43032 Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict calls to DOMWindowUtils (aka nsDOMWindowUtils) methods, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code. 43033 </description> 43034 </metadata> 43035 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43036 <criteria operator="AND"> 43037 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43038 <criteria operator="OR"> 43039 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43040 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43041 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43042 </criteria> 43043 </criteria> 43044 </definition> 43045 <definition id="oval:org.opensuse.security:def:20123987" version="1" class="vulnerability"> 43046 <metadata> 43047 <title>CVE-2012-3987</title> 43048 <affected family="unix"> 43049 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43050 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43051 </affected> 43052 <reference ref_id="CVE-2012-3987" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3987" source="CVE"/> 43053 <description> 43054 Mozilla Firefox before 16.0 on Android assigns chrome privileges to Reader Mode pages, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site. 43055 </description> 43056 </metadata> 43057 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43058 <criteria operator="AND"> 43059 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43060 <criteria operator="OR"> 43061 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43062 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43063 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43064 </criteria> 43065 </criteria> 43066 </definition> 43067 <definition id="oval:org.opensuse.security:def:20123988" version="1" class="vulnerability"> 43068 <metadata> 43069 <title>CVE-2012-3988</title> 43070 <affected family="unix"> 43071 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43072 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43073 </affected> 43074 <reference ref_id="CVE-2012-3988" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3988" source="CVE"/> 43075 <description> 43076 Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScreen to enter full-screen mode, and use of the history.back method for backwards history navigation. 43077 </description> 43078 </metadata> 43079 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43080 <criteria operator="AND"> 43081 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43082 <criteria operator="OR"> 43083 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43084 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43085 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43086 </criteria> 43087 </criteria> 43088 </definition> 43089 <definition id="oval:org.opensuse.security:def:20123989" version="1" class="vulnerability"> 43090 <metadata> 43091 <title>CVE-2012-3989</title> 43092 <affected family="unix"> 43093 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43094 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43095 </affected> 43096 <reference ref_id="CVE-2012-3989" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3989" source="CVE"/> 43097 <description> 43098 Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly perform a cast of an unspecified variable during use of the instanceof operator on a JavaScript object, which allows remote attackers to execute arbitrary code or cause a denial of service (assertion failure) via a crafted web site. 43099 </description> 43100 </metadata> 43101 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43102 <criteria operator="AND"> 43103 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43104 <criteria operator="OR"> 43105 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43106 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43107 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43108 </criteria> 43109 </criteria> 43110 </definition> 43111 <definition id="oval:org.opensuse.security:def:20123990" version="1" class="vulnerability"> 43112 <metadata> 43113 <title>CVE-2012-3990</title> 43114 <affected family="unix"> 43115 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43116 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43117 </affected> 43118 <reference ref_id="CVE-2012-3990" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3990" source="CVE"/> 43119 <description> 43120 Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors, related to the nsIContent::GetNameSpaceID function. 43121 </description> 43122 </metadata> 43123 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43124 <criteria operator="AND"> 43125 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43126 <criteria operator="OR"> 43127 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43128 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43129 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43130 </criteria> 43131 </criteria> 43132 </definition> 43133 <definition id="oval:org.opensuse.security:def:20123991" version="1" class="vulnerability"> 43134 <metadata> 43135 <title>CVE-2012-3991</title> 43136 <affected family="unix"> 43137 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43138 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43139 </affected> 43140 <reference ref_id="CVE-2012-3991" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3991" source="CVE"/> 43141 <description> 43142 Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict JSAPI access to the GetProperty function, which allows remote attackers to bypass the Same Origin Policy and possibly have unspecified other impact via a crafted web site. 43143 </description> 43144 </metadata> 43145 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43146 <criteria operator="AND"> 43147 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43148 <criteria operator="OR"> 43149 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43150 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43151 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43152 </criteria> 43153 </criteria> 43154 </definition> 43155 <definition id="oval:org.opensuse.security:def:20123992" version="1" class="vulnerability"> 43156 <metadata> 43157 <title>CVE-2012-3992</title> 43158 <affected family="unix"> 43159 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43160 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43161 </affected> 43162 <reference ref_id="CVE-2012-3992" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3992" source="CVE"/> 43163 <description> 43164 Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive POST content via vectors involving a location.hash write operation and history navigation that triggers the loading of a URL into the history object. 43165 </description> 43166 </metadata> 43167 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43168 <criteria operator="AND"> 43169 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43170 <criteria operator="OR"> 43171 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43172 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43173 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43174 </criteria> 43175 </criteria> 43176 </definition> 43177 <definition id="oval:org.opensuse.security:def:20123993" version="1" class="vulnerability"> 43178 <metadata> 43179 <title>CVE-2012-3993</title> 43180 <affected family="unix"> 43181 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43182 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43183 </affected> 43184 <reference ref_id="CVE-2012-3993" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3993" source="CVE"/> 43185 <description> 43186 The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallTrigger methods, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site, related to an "XrayWrapper pollution" issue. 43187 </description> 43188 </metadata> 43189 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43190 <criteria operator="AND"> 43191 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43192 <criteria operator="OR"> 43193 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43194 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43195 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43196 </criteria> 43197 </criteria> 43198 </definition> 43199 <definition id="oval:org.opensuse.security:def:20123994" version="1" class="vulnerability"> 43200 <metadata> 43201 <title>CVE-2012-3994</title> 43202 <affected family="unix"> 43203 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43204 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43205 </affected> 43206 <reference ref_id="CVE-2012-3994" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3994" source="CVE"/> 43207 <description> 43208 Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and leverages the relationship between top.location and the location property. 43209 </description> 43210 </metadata> 43211 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43212 <criteria operator="AND"> 43213 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43214 <criteria operator="OR"> 43215 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43216 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43217 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43218 </criteria> 43219 </criteria> 43220 </definition> 43221 <definition id="oval:org.opensuse.security:def:20123995" version="1" class="vulnerability"> 43222 <metadata> 43223 <title>CVE-2012-3995</title> 43224 <affected family="unix"> 43225 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43226 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43227 </affected> 43228 <reference ref_id="CVE-2012-3995" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3995" source="CVE"/> 43229 <description> 43230 The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. 43231 </description> 43232 </metadata> 43233 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43234 <criteria operator="AND"> 43235 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43236 <criteria operator="OR"> 43237 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43238 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43239 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43240 </criteria> 43241 </criteria> 43242 </definition> 43243 <definition id="oval:org.opensuse.security:def:20124048" version="1" class="vulnerability"> 43244 <metadata> 43245 <title>CVE-2012-4048</title> 43246 <affected family="unix"> 43247 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43248 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43249 </affected> 43250 <reference ref_id="CVE-2012-4048" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4048" source="CVE"/> 43251 <description> 43252 The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted packet, as demonstrated by a usbmon dump. 43253 </description> 43254 </metadata> 43255 <!-- 8c97d5c98c64afe228e7a248367ecd19 --> 43256 <criteria operator="AND"> 43257 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43258 <criterion test_ref="oval:org.opensuse.security:tst:2009075533" comment="wireshark less than 1.4.15-0.5.1"/> 43259 </criteria> 43260 </definition> 43261 <definition id="oval:org.opensuse.security:def:20124049" version="1" class="vulnerability"> 43262 <metadata> 43263 <title>CVE-2012-4049</title> 43264 <affected family="unix"> 43265 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43266 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43267 </affected> 43268 <reference ref_id="CVE-2012-4049" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4049" source="CVE"/> 43269 <description> 43270 epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet. 43271 </description> 43272 </metadata> 43273 <!-- 8c97d5c98c64afe228e7a248367ecd19 --> 43274 <criteria operator="AND"> 43275 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43276 <criterion test_ref="oval:org.opensuse.security:tst:2009075533" comment="wireshark less than 1.4.15-0.5.1"/> 43277 </criteria> 43278 </definition> 43279 <definition id="oval:org.opensuse.security:def:20124179" version="1" class="vulnerability"> 43280 <metadata> 43281 <title>CVE-2012-4179</title> 43282 <affected family="unix"> 43283 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43284 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43285 </affected> 43286 <reference ref_id="CVE-2012-4179" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4179" source="CVE"/> 43287 <description> 43288 Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 43289 </description> 43290 </metadata> 43291 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43292 <criteria operator="AND"> 43293 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43294 <criteria operator="OR"> 43295 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43296 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43297 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43298 </criteria> 43299 </criteria> 43300 </definition> 43301 <definition id="oval:org.opensuse.security:def:20124180" version="1" class="vulnerability"> 43302 <metadata> 43303 <title>CVE-2012-4180</title> 43304 <affected family="unix"> 43305 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43306 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43307 </affected> 43308 <reference ref_id="CVE-2012-4180" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4180" source="CVE"/> 43309 <description> 43310 Heap-based buffer overflow in the nsHTMLEditor::IsPrevCharInNodeWhitespace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors. 43311 </description> 43312 </metadata> 43313 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43314 <criteria operator="AND"> 43315 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43316 <criteria operator="OR"> 43317 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43318 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43319 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43320 </criteria> 43321 </criteria> 43322 </definition> 43323 <definition id="oval:org.opensuse.security:def:20124181" version="1" class="vulnerability"> 43324 <metadata> 43325 <title>CVE-2012-4181</title> 43326 <affected family="unix"> 43327 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43328 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43329 </affected> 43330 <reference ref_id="CVE-2012-4181" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4181" source="CVE"/> 43331 <description> 43332 Use-after-free vulnerability in the nsSMILAnimationController::DoSample function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 43333 </description> 43334 </metadata> 43335 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43336 <criteria operator="AND"> 43337 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43338 <criteria operator="OR"> 43339 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43340 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43341 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43342 </criteria> 43343 </criteria> 43344 </definition> 43345 <definition id="oval:org.opensuse.security:def:20124182" version="1" class="vulnerability"> 43346 <metadata> 43347 <title>CVE-2012-4182</title> 43348 <affected family="unix"> 43349 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43350 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43351 </affected> 43352 <reference ref_id="CVE-2012-4182" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4182" source="CVE"/> 43353 <description> 43354 Use-after-free vulnerability in the nsTextEditRules::WillInsert function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 43355 </description> 43356 </metadata> 43357 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43358 <criteria operator="AND"> 43359 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43360 <criteria operator="OR"> 43361 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43362 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43363 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43364 </criteria> 43365 </criteria> 43366 </definition> 43367 <definition id="oval:org.opensuse.security:def:20124183" version="1" class="vulnerability"> 43368 <metadata> 43369 <title>CVE-2012-4183</title> 43370 <affected family="unix"> 43371 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43372 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43373 </affected> 43374 <reference ref_id="CVE-2012-4183" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4183" source="CVE"/> 43375 <description> 43376 Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 43377 </description> 43378 </metadata> 43379 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43380 <criteria operator="AND"> 43381 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43382 <criteria operator="OR"> 43383 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43384 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43385 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43386 </criteria> 43387 </criteria> 43388 </definition> 43389 <definition id="oval:org.opensuse.security:def:20124184" version="1" class="vulnerability"> 43390 <metadata> 43391 <title>CVE-2012-4184</title> 43392 <affected family="unix"> 43393 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43394 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43395 </affected> 43396 <reference ref_id="CVE-2012-4184" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4184" source="CVE"/> 43397 <description> 43398 The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not prevent access to properties of a prototype for a standard class, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site. 43399 </description> 43400 </metadata> 43401 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43402 <criteria operator="AND"> 43403 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43404 <criteria operator="OR"> 43405 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43406 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43407 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43408 </criteria> 43409 </criteria> 43410 </definition> 43411 <definition id="oval:org.opensuse.security:def:20124185" version="1" class="vulnerability"> 43412 <metadata> 43413 <title>CVE-2012-4185</title> 43414 <affected family="unix"> 43415 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43416 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43417 </affected> 43418 <reference ref_id="CVE-2012-4185" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4185" source="CVE"/> 43419 <description> 43420 Buffer overflow in the nsCharTraits::length function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 43421 </description> 43422 </metadata> 43423 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43424 <criteria operator="AND"> 43425 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43426 <criteria operator="OR"> 43427 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43428 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43429 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43430 </criteria> 43431 </criteria> 43432 </definition> 43433 <definition id="oval:org.opensuse.security:def:20124186" version="1" class="vulnerability"> 43434 <metadata> 43435 <title>CVE-2012-4186</title> 43436 <affected family="unix"> 43437 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43438 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43439 </affected> 43440 <reference ref_id="CVE-2012-4186" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4186" source="CVE"/> 43441 <description> 43442 Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors. 43443 </description> 43444 </metadata> 43445 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43446 <criteria operator="AND"> 43447 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43448 <criteria operator="OR"> 43449 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43450 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43451 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43452 </criteria> 43453 </criteria> 43454 </definition> 43455 <definition id="oval:org.opensuse.security:def:20124187" version="1" class="vulnerability"> 43456 <metadata> 43457 <title>CVE-2012-4187</title> 43458 <affected family="unix"> 43459 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43460 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43461 </affected> 43462 <reference ref_id="CVE-2012-4187" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4187" source="CVE"/> 43463 <description> 43464 Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and assertion failure) via unspecified vectors. 43465 </description> 43466 </metadata> 43467 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43468 <criteria operator="AND"> 43469 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43470 <criteria operator="OR"> 43471 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43472 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43473 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43474 </criteria> 43475 </criteria> 43476 </definition> 43477 <definition id="oval:org.opensuse.security:def:20124188" version="1" class="vulnerability"> 43478 <metadata> 43479 <title>CVE-2012-4188</title> 43480 <affected family="unix"> 43481 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43482 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43483 </affected> 43484 <reference ref_id="CVE-2012-4188" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4188" source="CVE"/> 43485 <description> 43486 Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors. 43487 </description> 43488 </metadata> 43489 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43490 <criteria operator="AND"> 43491 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43492 <criteria operator="OR"> 43493 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43494 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43495 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43496 </criteria> 43497 </criteria> 43498 </definition> 43499 <definition id="oval:org.opensuse.security:def:20124192" version="1" class="vulnerability"> 43500 <metadata> 43501 <title>CVE-2012-4192</title> 43502 <affected family="unix"> 43503 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43504 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43505 </affected> 43506 <reference ref_id="CVE-2012-4192" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4192" source="CVE"/> 43507 <description> 43508 Mozilla Firefox 16.0, Thunderbird 16.0, and SeaMonkey 2.13 allow remote attackers to bypass the Same Origin Policy and read the properties of a Location object via a crafted web site, a related issue to CVE-2012-4193. 43509 </description> 43510 </metadata> 43511 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43512 <criteria operator="AND"> 43513 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43514 <criteria operator="OR"> 43515 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43516 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43517 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43518 </criteria> 43519 </criteria> 43520 </definition> 43521 <definition id="oval:org.opensuse.security:def:20124193" version="1" class="vulnerability"> 43522 <metadata> 43523 <title>CVE-2012-4193</title> 43524 <affected family="unix"> 43525 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43526 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43527 </affected> 43528 <reference ref_id="CVE-2012-4193" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4193" source="CVE"/> 43529 <description> 43530 Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same Origin Policy and read the properties of a Location object, or execute arbitrary JavaScript code, via a crafted web site. 43531 </description> 43532 </metadata> 43533 <!-- b54051bb7b93d9b879c04f373ce0061d --> 43534 <criteria operator="AND"> 43535 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43536 <criteria operator="OR"> 43537 <criterion test_ref="oval:org.opensuse.security:tst:2009075842" comment="MozillaFirefox-branding-SLED less than 7-0.8.35"/> 43538 <criterion test_ref="oval:org.opensuse.security:tst:2009075843" comment="MozillaFirefox-translations less than 10.0.9-0.5.1"/> 43539 <criterion test_ref="oval:org.opensuse.security:tst:2009075844" comment="MozillaFirefox less than 10.0.9-0.5.1"/> 43540 </criteria> 43541 </criteria> 43542 </definition> 43543 <definition id="oval:org.opensuse.security:def:20124194" version="1" class="vulnerability"> 43544 <metadata> 43545 <title>CVE-2012-4194</title> 43546 <affected family="unix"> 43547 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43548 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43549 </affected> 43550 <reference ref_id="CVE-2012-4194" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4194" source="CVE"/> 43551 <description> 43552 Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin. 43553 </description> 43554 </metadata> 43555 <!-- a779e3f3d65e3943cbd34d5b913f5501 --> 43556 <criteria operator="AND"> 43557 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43558 <criteria operator="OR"> 43559 <criterion test_ref="oval:org.opensuse.security:tst:2009075887" comment="MozillaFirefox-translations less than 10.0.10-0.5.2"/> 43560 <criterion test_ref="oval:org.opensuse.security:tst:2009075888" comment="MozillaFirefox less than 10.0.10-0.5.2"/> 43561 <criterion test_ref="oval:org.opensuse.security:tst:2009075889" comment="mozilla-nspr-32bit less than 4.9.3-0.5.1"/> 43562 <criterion test_ref="oval:org.opensuse.security:tst:2009075890" comment="mozilla-nspr-devel less than 4.9.3-0.5.1"/> 43563 <criterion test_ref="oval:org.opensuse.security:tst:2009075891" comment="mozilla-nspr less than 4.9.3-0.5.1"/> 43564 </criteria> 43565 </criteria> 43566 </definition> 43567 <definition id="oval:org.opensuse.security:def:20124195" version="1" class="vulnerability"> 43568 <metadata> 43569 <title>CVE-2012-4195</title> 43570 <affected family="unix"> 43571 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43572 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43573 </affected> 43574 <reference ref_id="CVE-2012-4195" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4195" source="CVE"/> 43575 <description> 43576 The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior. 43577 </description> 43578 </metadata> 43579 <!-- a779e3f3d65e3943cbd34d5b913f5501 --> 43580 <criteria operator="AND"> 43581 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43582 <criteria operator="OR"> 43583 <criterion test_ref="oval:org.opensuse.security:tst:2009075887" comment="MozillaFirefox-translations less than 10.0.10-0.5.2"/> 43584 <criterion test_ref="oval:org.opensuse.security:tst:2009075888" comment="MozillaFirefox less than 10.0.10-0.5.2"/> 43585 <criterion test_ref="oval:org.opensuse.security:tst:2009075889" comment="mozilla-nspr-32bit less than 4.9.3-0.5.1"/> 43586 <criterion test_ref="oval:org.opensuse.security:tst:2009075890" comment="mozilla-nspr-devel less than 4.9.3-0.5.1"/> 43587 <criterion test_ref="oval:org.opensuse.security:tst:2009075891" comment="mozilla-nspr less than 4.9.3-0.5.1"/> 43588 </criteria> 43589 </criteria> 43590 </definition> 43591 <definition id="oval:org.opensuse.security:def:20124196" version="1" class="vulnerability"> 43592 <metadata> 43593 <title>CVE-2012-4196</title> 43594 <affected family="unix"> 43595 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43596 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43597 </affected> 43598 <reference ref_id="CVE-2012-4196" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4196" source="CVE"/> 43599 <description> 43600 Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object. 43601 </description> 43602 </metadata> 43603 <!-- a779e3f3d65e3943cbd34d5b913f5501 --> 43604 <criteria operator="AND"> 43605 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43606 <criteria operator="OR"> 43607 <criterion test_ref="oval:org.opensuse.security:tst:2009075887" comment="MozillaFirefox-translations less than 10.0.10-0.5.2"/> 43608 <criterion test_ref="oval:org.opensuse.security:tst:2009075888" comment="MozillaFirefox less than 10.0.10-0.5.2"/> 43609 <criterion test_ref="oval:org.opensuse.security:tst:2009075889" comment="mozilla-nspr-32bit less than 4.9.3-0.5.1"/> 43610 <criterion test_ref="oval:org.opensuse.security:tst:2009075890" comment="mozilla-nspr-devel less than 4.9.3-0.5.1"/> 43611 <criterion test_ref="oval:org.opensuse.security:tst:2009075891" comment="mozilla-nspr less than 4.9.3-0.5.1"/> 43612 </criteria> 43613 </criteria> 43614 </definition> 43615 <definition id="oval:org.opensuse.security:def:20124201" version="1" class="vulnerability"> 43616 <metadata> 43617 <title>CVE-2012-4201</title> 43618 <affected family="unix"> 43619 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43620 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43621 </affected> 43622 <reference ref_id="CVE-2012-4201" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4201" source="CVE"/> 43623 <description> 43624 The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code that sets the location.href property, which allows remote attackers to conduct cross-site scripting (XSS) attacks or read arbitrary files by leveraging a sandboxed add-on. 43625 </description> 43626 </metadata> 43627 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 43628 <criteria operator="AND"> 43629 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43630 <criteria operator="OR"> 43631 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 43632 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 43633 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 43634 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 43635 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 43636 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 43637 </criteria> 43638 </criteria> 43639 </definition> 43640 <definition id="oval:org.opensuse.security:def:20124202" version="1" class="vulnerability"> 43641 <metadata> 43642 <title>CVE-2012-4202</title> 43643 <affected family="unix"> 43644 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43645 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43646 </affected> 43647 <reference ref_id="CVE-2012-4202" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4202" source="CVE"/> 43648 <description> 43649 Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image. 43650 </description> 43651 </metadata> 43652 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 43653 <criteria operator="AND"> 43654 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43655 <criteria operator="OR"> 43656 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 43657 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 43658 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 43659 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 43660 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 43661 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 43662 </criteria> 43663 </criteria> 43664 </definition> 43665 <definition id="oval:org.opensuse.security:def:20124203" version="1" class="vulnerability"> 43666 <metadata> 43667 <title>CVE-2012-4203</title> 43668 <affected family="unix"> 43669 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43670 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43671 </affected> 43672 <reference ref_id="CVE-2012-4203" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4203" source="CVE"/> 43673 <description> 43674 The New Tab page in Mozilla Firefox before 17.0 uses a privileged context for execution of JavaScript code by bookmarklets, which allows user-assisted remote attackers to run arbitrary programs by leveraging a javascript: URL in a bookmark. 43675 </description> 43676 </metadata> 43677 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 43678 <criteria operator="AND"> 43679 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43680 <criteria operator="OR"> 43681 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 43682 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 43683 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 43684 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 43685 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 43686 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 43687 </criteria> 43688 </criteria> 43689 </definition> 43690 <definition id="oval:org.opensuse.security:def:20124204" version="1" class="vulnerability"> 43691 <metadata> 43692 <title>CVE-2012-4204</title> 43693 <affected family="unix"> 43694 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43695 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43696 </affected> 43697 <reference ref_id="CVE-2012-4204" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4204" source="CVE"/> 43698 <description> 43699 The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. 43700 </description> 43701 </metadata> 43702 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 43703 <criteria operator="AND"> 43704 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43705 <criteria operator="OR"> 43706 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 43707 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 43708 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 43709 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 43710 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 43711 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 43712 </criteria> 43713 </criteria> 43714 </definition> 43715 <definition id="oval:org.opensuse.security:def:20124205" version="1" class="vulnerability"> 43716 <metadata> 43717 <title>CVE-2012-4205</title> 43718 <affected family="unix"> 43719 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43720 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43721 </affected> 43722 <reference ref_id="CVE-2012-4205" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4205" source="CVE"/> 43723 <description> 43724 Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 assign the system principal, rather than the sandbox principal, to XMLHttpRequest objects created in sandboxes, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks or obtain sensitive information by leveraging a sandboxed add-on. 43725 </description> 43726 </metadata> 43727 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 43728 <criteria operator="AND"> 43729 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43730 <criteria operator="OR"> 43731 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 43732 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 43733 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 43734 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 43735 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 43736 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 43737 </criteria> 43738 </criteria> 43739 </definition> 43740 <definition id="oval:org.opensuse.security:def:20124206" version="1" class="vulnerability"> 43741 <metadata> 43742 <title>CVE-2012-4206</title> 43743 <affected family="unix"> 43744 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43745 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43746 </affected> 43747 <reference ref_id="CVE-2012-4206" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4206" source="CVE"/> 43748 <description> 43749 Untrusted search path vulnerability in the installer in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 on Windows allows local users to gain privileges via a Trojan horse DLL in the default downloads directory. 43750 </description> 43751 </metadata> 43752 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 43753 <criteria operator="AND"> 43754 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43755 <criteria operator="OR"> 43756 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 43757 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 43758 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 43759 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 43760 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 43761 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 43762 </criteria> 43763 </criteria> 43764 </definition> 43765 <definition id="oval:org.opensuse.security:def:20124207" version="1" class="vulnerability"> 43766 <metadata> 43767 <title>CVE-2012-4207</title> 43768 <affected family="unix"> 43769 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43770 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43771 </affected> 43772 <reference ref_id="CVE-2012-4207" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4207" source="CVE"/> 43773 <description> 43774 The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document. 43775 </description> 43776 </metadata> 43777 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 43778 <criteria operator="AND"> 43779 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43780 <criteria operator="OR"> 43781 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 43782 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 43783 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 43784 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 43785 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 43786 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 43787 </criteria> 43788 </criteria> 43789 </definition> 43790 <definition id="oval:org.opensuse.security:def:20124208" version="1" class="vulnerability"> 43791 <metadata> 43792 <title>CVE-2012-4208</title> 43793 <affected family="unix"> 43794 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43795 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43796 </affected> 43797 <reference ref_id="CVE-2012-4208" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4208" source="CVE"/> 43798 <description> 43799 The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote attackers to bypass intended chrome-only restrictions on reading DOM object properties via a crafted web site. 43800 </description> 43801 </metadata> 43802 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 43803 <criteria operator="AND"> 43804 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43805 <criteria operator="OR"> 43806 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 43807 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 43808 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 43809 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 43810 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 43811 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 43812 </criteria> 43813 </criteria> 43814 </definition> 43815 <definition id="oval:org.opensuse.security:def:20124209" version="1" class="vulnerability"> 43816 <metadata> 43817 <title>CVE-2012-4209</title> 43818 <affected family="unix"> 43819 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43820 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43821 </affected> 43822 <reference ref_id="CVE-2012-4209" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4209" source="CVE"/> 43823 <description> 43824 Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a "top" frame name-attribute value to access the location property, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a binary plugin. 43825 </description> 43826 </metadata> 43827 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 43828 <criteria operator="AND"> 43829 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43830 <criteria operator="OR"> 43831 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 43832 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 43833 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 43834 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 43835 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 43836 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 43837 </criteria> 43838 </criteria> 43839 </definition> 43840 <definition id="oval:org.opensuse.security:def:20124210" version="1" class="vulnerability"> 43841 <metadata> 43842 <title>CVE-2012-4210</title> 43843 <affected family="unix"> 43844 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43845 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43846 </affected> 43847 <reference ref_id="CVE-2012-4210" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4210" source="CVE"/> 43848 <description> 43849 The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 does not properly restrict the context of HTML markup and Cascading Style Sheets (CSS) token sequences, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted stylesheet. 43850 </description> 43851 </metadata> 43852 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 43853 <criteria operator="AND"> 43854 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43855 <criteria operator="OR"> 43856 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 43857 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 43858 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 43859 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 43860 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 43861 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 43862 </criteria> 43863 </criteria> 43864 </definition> 43865 <definition id="oval:org.opensuse.security:def:20124212" version="1" class="vulnerability"> 43866 <metadata> 43867 <title>CVE-2012-4212</title> 43868 <affected family="unix"> 43869 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43870 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43871 </affected> 43872 <reference ref_id="CVE-2012-4212" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4212" source="CVE"/> 43873 <description> 43874 Use-after-free vulnerability in the XPCWrappedNative::Mark function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 43875 </description> 43876 </metadata> 43877 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 43878 <criteria operator="AND"> 43879 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43880 <criteria operator="OR"> 43881 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 43882 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 43883 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 43884 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 43885 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 43886 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 43887 </criteria> 43888 </criteria> 43889 </definition> 43890 <definition id="oval:org.opensuse.security:def:20124213" version="1" class="vulnerability"> 43891 <metadata> 43892 <title>CVE-2012-4213</title> 43893 <affected family="unix"> 43894 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43895 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43896 </affected> 43897 <reference ref_id="CVE-2012-4213" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4213" source="CVE"/> 43898 <description> 43899 Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 43900 </description> 43901 </metadata> 43902 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 43903 <criteria operator="AND"> 43904 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43905 <criteria operator="OR"> 43906 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 43907 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 43908 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 43909 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 43910 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 43911 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 43912 </criteria> 43913 </criteria> 43914 </definition> 43915 <definition id="oval:org.opensuse.security:def:20124214" version="1" class="vulnerability"> 43916 <metadata> 43917 <title>CVE-2012-4214</title> 43918 <affected family="unix"> 43919 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43920 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43921 </affected> 43922 <reference ref_id="CVE-2012-4214" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4214" source="CVE"/> 43923 <description> 43924 Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-5840. 43925 </description> 43926 </metadata> 43927 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 43928 <criteria operator="AND"> 43929 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43930 <criteria operator="OR"> 43931 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 43932 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 43933 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 43934 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 43935 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 43936 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 43937 </criteria> 43938 </criteria> 43939 </definition> 43940 <definition id="oval:org.opensuse.security:def:20124215" version="1" class="vulnerability"> 43941 <metadata> 43942 <title>CVE-2012-4215</title> 43943 <affected family="unix"> 43944 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43945 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43946 </affected> 43947 <reference ref_id="CVE-2012-4215" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4215" source="CVE"/> 43948 <description> 43949 Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 43950 </description> 43951 </metadata> 43952 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 43953 <criteria operator="AND"> 43954 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43955 <criteria operator="OR"> 43956 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 43957 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 43958 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 43959 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 43960 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 43961 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 43962 </criteria> 43963 </criteria> 43964 </definition> 43965 <definition id="oval:org.opensuse.security:def:20124216" version="1" class="vulnerability"> 43966 <metadata> 43967 <title>CVE-2012-4216</title> 43968 <affected family="unix"> 43969 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43970 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43971 </affected> 43972 <reference ref_id="CVE-2012-4216" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4216" source="CVE"/> 43973 <description> 43974 Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 43975 </description> 43976 </metadata> 43977 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 43978 <criteria operator="AND"> 43979 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 43980 <criteria operator="OR"> 43981 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 43982 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 43983 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 43984 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 43985 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 43986 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 43987 </criteria> 43988 </criteria> 43989 </definition> 43990 <definition id="oval:org.opensuse.security:def:20124217" version="1" class="vulnerability"> 43991 <metadata> 43992 <title>CVE-2012-4217</title> 43993 <affected family="unix"> 43994 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 43995 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 43996 </affected> 43997 <reference ref_id="CVE-2012-4217" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4217" source="CVE"/> 43998 <description> 43999 Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdates function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 44000 </description> 44001 </metadata> 44002 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 44003 <criteria operator="AND"> 44004 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44005 <criteria operator="OR"> 44006 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 44007 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 44008 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 44009 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 44010 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 44011 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 44012 </criteria> 44013 </criteria> 44014 </definition> 44015 <definition id="oval:org.opensuse.security:def:20124218" version="1" class="vulnerability"> 44016 <metadata> 44017 <title>CVE-2012-4218</title> 44018 <affected family="unix"> 44019 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44020 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44021 </affected> 44022 <reference ref_id="CVE-2012-4218" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4218" source="CVE"/> 44023 <description> 44024 Use-after-free vulnerability in the BuildTextRunsScanner::BreakSink::SetBreaks function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 44025 </description> 44026 </metadata> 44027 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 44028 <criteria operator="AND"> 44029 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44030 <criteria operator="OR"> 44031 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 44032 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 44033 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 44034 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 44035 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 44036 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 44037 </criteria> 44038 </criteria> 44039 </definition> 44040 <definition id="oval:org.opensuse.security:def:20124233" version="1" class="vulnerability"> 44041 <metadata> 44042 <title>CVE-2012-4233</title> 44043 <affected family="unix"> 44044 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44045 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44046 </affected> 44047 <reference ref_id="CVE-2012-4233" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4233" source="CVE"/> 44048 <description> 44049 LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in a .wmf (Window Meta File) file embedded in a ppt (PowerPoint) file to tllo.dll, or (4) xls (Excel) file to scfiltlo.dll. 44050 </description> 44051 </metadata> 44052 <!-- 75b0fcb15ca3749c7c3e6082b74f167b --> 44053 <criteria operator="AND"> 44054 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44055 <criteria operator="OR"> 44056 <criterion test_ref="oval:org.opensuse.security:tst:2009075892" comment="libreoffice-af less than 3.5.4.13-0.7.1"/> 44057 <criterion test_ref="oval:org.opensuse.security:tst:2009075893" comment="libreoffice-ar less than 3.5.4.13-0.7.1"/> 44058 <criterion test_ref="oval:org.opensuse.security:tst:2009075894" comment="libreoffice-ca less than 3.5.4.13-0.7.1"/> 44059 <criterion test_ref="oval:org.opensuse.security:tst:2009075895" comment="libreoffice-cs less than 3.5.4.13-0.7.1"/> 44060 <criterion test_ref="oval:org.opensuse.security:tst:2009075896" comment="libreoffice-da less than 3.5.4.13-0.7.1"/> 44061 <criterion test_ref="oval:org.opensuse.security:tst:2009075897" comment="libreoffice-de less than 3.5.4.13-0.7.1"/> 44062 <criterion test_ref="oval:org.opensuse.security:tst:2009075898" comment="libreoffice-el less than 3.5.4.13-0.7.1"/> 44063 <criterion test_ref="oval:org.opensuse.security:tst:2009075899" comment="libreoffice-en-GB less than 3.5.4.13-0.7.1"/> 44064 <criterion test_ref="oval:org.opensuse.security:tst:2009075900" comment="libreoffice-es less than 3.5.4.13-0.7.1"/> 44065 <criterion test_ref="oval:org.opensuse.security:tst:2009075901" comment="libreoffice-fi less than 3.5.4.13-0.7.1"/> 44066 <criterion test_ref="oval:org.opensuse.security:tst:2009075902" comment="libreoffice-fr less than 3.5.4.13-0.7.1"/> 44067 <criterion test_ref="oval:org.opensuse.security:tst:2009075903" comment="libreoffice-galleries less than 3.5.4.13-0.7.1"/> 44068 <criterion test_ref="oval:org.opensuse.security:tst:2009075904" comment="libreoffice-gnome less than 3.5.4.13-0.7.1"/> 44069 <criterion test_ref="oval:org.opensuse.security:tst:2009075905" comment="libreoffice-gu-IN less than 3.5.4.13-0.7.1"/> 44070 <criterion test_ref="oval:org.opensuse.security:tst:2009075906" comment="libreoffice-hi-IN less than 3.5.4.13-0.7.1"/> 44071 <criterion test_ref="oval:org.opensuse.security:tst:2009075907" comment="libreoffice-hu less than 3.5.4.13-0.7.1"/> 44072 <criterion test_ref="oval:org.opensuse.security:tst:2009075908" comment="libreoffice-it less than 3.5.4.13-0.7.1"/> 44073 <criterion test_ref="oval:org.opensuse.security:tst:2009075909" comment="libreoffice-ja less than 3.5.4.13-0.7.1"/> 44074 <criterion test_ref="oval:org.opensuse.security:tst:2009075910" comment="libreoffice-kde less than 3.5.4.13-0.7.1"/> 44075 <criterion test_ref="oval:org.opensuse.security:tst:2009075911" comment="libreoffice-ko less than 3.5.4.13-0.7.1"/> 44076 <criterion test_ref="oval:org.opensuse.security:tst:2009075912" comment="libreoffice-mono less than 3.5.4.13-0.7.1"/> 44077 <criterion test_ref="oval:org.opensuse.security:tst:2009075913" comment="libreoffice-nb less than 3.5.4.13-0.7.1"/> 44078 <criterion test_ref="oval:org.opensuse.security:tst:2009075914" comment="libreoffice-nl less than 3.5.4.13-0.7.1"/> 44079 <criterion test_ref="oval:org.opensuse.security:tst:2009075915" comment="libreoffice-nn less than 3.5.4.13-0.7.1"/> 44080 <criterion test_ref="oval:org.opensuse.security:tst:2009075916" comment="libreoffice-pl less than 3.5.4.13-0.7.1"/> 44081 <criterion test_ref="oval:org.opensuse.security:tst:2009075917" comment="libreoffice-pt-BR less than 3.5.4.13-0.7.1"/> 44082 <criterion test_ref="oval:org.opensuse.security:tst:2009075918" comment="libreoffice-ru less than 3.5.4.13-0.7.1"/> 44083 <criterion test_ref="oval:org.opensuse.security:tst:2009075919" comment="libreoffice-sk less than 3.5.4.13-0.7.1"/> 44084 <criterion test_ref="oval:org.opensuse.security:tst:2009075920" comment="libreoffice-sv less than 3.5.4.13-0.7.1"/> 44085 <criterion test_ref="oval:org.opensuse.security:tst:2009075921" comment="libreoffice-xh less than 3.5.4.13-0.7.1"/> 44086 <criterion test_ref="oval:org.opensuse.security:tst:2009075922" comment="libreoffice-zh-CN less than 3.5.4.13-0.7.1"/> 44087 <criterion test_ref="oval:org.opensuse.security:tst:2009075923" comment="libreoffice-zh-TW less than 3.5.4.13-0.7.1"/> 44088 <criterion test_ref="oval:org.opensuse.security:tst:2009075924" comment="libreoffice-zu less than 3.5.4.13-0.7.1"/> 44089 <criterion test_ref="oval:org.opensuse.security:tst:2009075925" comment="libreoffice less than 3.5.4.13-0.7.1"/> 44090 </criteria> 44091 </criteria> 44092 </definition> 44093 <definition id="oval:org.opensuse.security:def:20124244" version="1" class="vulnerability"> 44094 <metadata> 44095 <title>CVE-2012-4244</title> 44096 <affected family="unix"> 44097 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44098 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44099 </affected> 44100 <reference ref_id="CVE-2012-4244" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4244" source="CVE"/> 44101 <description> 44102 ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record. 44103 </description> 44104 </metadata> 44105 <criteria operator="OR"> 44106 <!-- 0491290854c3af020f68ff0d5b8b26cd --> 44107 <criteria operator="AND"> 44108 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44109 <criteria operator="OR"> 44110 <criterion test_ref="oval:org.opensuse.security:tst:2009075857" comment="bind-libs-32bit less than 9.6ESVR7P4-0.7.1"/> 44111 <criterion test_ref="oval:org.opensuse.security:tst:2009075858" comment="bind-libs less than 9.6ESVR7P4-0.7.1"/> 44112 <criterion test_ref="oval:org.opensuse.security:tst:2009075859" comment="bind-utils less than 9.6ESVR7P4-0.7.1"/> 44113 </criteria> 44114 </criteria> 44115 <!-- 32ca5e50f79b64a5f382bb2f2821acc6 --> 44116 <criteria operator="AND"> 44117 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44118 <criteria operator="OR"> 44119 <criterion test_ref="oval:org.opensuse.security:tst:2009075676" comment="bind-libs-32bit less than 9.6ESVR7P3-0.7.1"/> 44120 <criterion test_ref="oval:org.opensuse.security:tst:2009075677" comment="bind-libs less than 9.6ESVR7P3-0.7.1"/> 44121 <criterion test_ref="oval:org.opensuse.security:tst:2009075678" comment="bind-utils less than 9.6ESVR7P3-0.7.1"/> 44122 </criteria> 44123 </criteria> 44124 </criteria> 44125 </definition> 44126 <definition id="oval:org.opensuse.security:def:20124285" version="1" class="vulnerability"> 44127 <metadata> 44128 <title>CVE-2012-4285</title> 44129 <affected family="unix"> 44130 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44131 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44132 </affected> 44133 <reference ref_id="CVE-2012-4285" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4285" source="CVE"/> 44134 <description> 44135 The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message. 44136 </description> 44137 </metadata> 44138 <!-- 8c97d5c98c64afe228e7a248367ecd19 --> 44139 <criteria operator="AND"> 44140 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44141 <criterion test_ref="oval:org.opensuse.security:tst:2009075533" comment="wireshark less than 1.4.15-0.5.1"/> 44142 </criteria> 44143 </definition> 44144 <definition id="oval:org.opensuse.security:def:20124288" version="1" class="vulnerability"> 44145 <metadata> 44146 <title>CVE-2012-4288</title> 44147 <affected family="unix"> 44148 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44149 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44150 </affected> 44151 <reference ref_id="CVE-2012-4288" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4288" source="CVE"/> 44152 <description> 44153 Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length. 44154 </description> 44155 </metadata> 44156 <!-- 8c97d5c98c64afe228e7a248367ecd19 --> 44157 <criteria operator="AND"> 44158 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44159 <criterion test_ref="oval:org.opensuse.security:tst:2009075533" comment="wireshark less than 1.4.15-0.5.1"/> 44160 </criteria> 44161 </definition> 44162 <definition id="oval:org.opensuse.security:def:20124289" version="1" class="vulnerability"> 44163 <metadata> 44164 <title>CVE-2012-4289</title> 44165 <affected family="unix"> 44166 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44167 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44168 </affected> 44169 <reference ref_id="CVE-2012-4289" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4289" source="CVE"/> 44170 <description> 44171 epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries. 44172 </description> 44173 </metadata> 44174 <!-- 8c97d5c98c64afe228e7a248367ecd19 --> 44175 <criteria operator="AND"> 44176 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44177 <criterion test_ref="oval:org.opensuse.security:tst:2009075533" comment="wireshark less than 1.4.15-0.5.1"/> 44178 </criteria> 44179 </definition> 44180 <definition id="oval:org.opensuse.security:def:20124290" version="1" class="vulnerability"> 44181 <metadata> 44182 <title>CVE-2012-4290</title> 44183 <affected family="unix"> 44184 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44185 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44186 </affected> 44187 <reference ref_id="CVE-2012-4290" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4290" source="CVE"/> 44188 <description> 44189 The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet. 44190 </description> 44191 </metadata> 44192 <!-- 8c97d5c98c64afe228e7a248367ecd19 --> 44193 <criteria operator="AND"> 44194 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44195 <criterion test_ref="oval:org.opensuse.security:tst:2009075533" comment="wireshark less than 1.4.15-0.5.1"/> 44196 </criteria> 44197 </definition> 44198 <definition id="oval:org.opensuse.security:def:20124291" version="1" class="vulnerability"> 44199 <metadata> 44200 <title>CVE-2012-4291</title> 44201 <affected family="unix"> 44202 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44203 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44204 </affected> 44205 <reference ref_id="CVE-2012-4291" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4291" source="CVE"/> 44206 <description> 44207 The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. 44208 </description> 44209 </metadata> 44210 <!-- 8c97d5c98c64afe228e7a248367ecd19 --> 44211 <criteria operator="AND"> 44212 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44213 <criterion test_ref="oval:org.opensuse.security:tst:2009075533" comment="wireshark less than 1.4.15-0.5.1"/> 44214 </criteria> 44215 </definition> 44216 <definition id="oval:org.opensuse.security:def:20124292" version="1" class="vulnerability"> 44217 <metadata> 44218 <title>CVE-2012-4292</title> 44219 <affected family="unix"> 44220 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44221 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44222 </affected> 44223 <reference ref_id="CVE-2012-4292" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4292" source="CVE"/> 44224 <description> 44225 The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. 44226 </description> 44227 </metadata> 44228 <!-- 8c97d5c98c64afe228e7a248367ecd19 --> 44229 <criteria operator="AND"> 44230 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44231 <criterion test_ref="oval:org.opensuse.security:tst:2009075533" comment="wireshark less than 1.4.15-0.5.1"/> 44232 </criteria> 44233 </definition> 44234 <definition id="oval:org.opensuse.security:def:20124293" version="1" class="vulnerability"> 44235 <metadata> 44236 <title>CVE-2012-4293</title> 44237 <affected family="unix"> 44238 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44239 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44240 </affected> 44241 <reference ref_id="CVE-2012-4293" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4293" source="CVE"/> 44242 <description> 44243 plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a malformed packet. 44244 </description> 44245 </metadata> 44246 <!-- 8c97d5c98c64afe228e7a248367ecd19 --> 44247 <criteria operator="AND"> 44248 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44249 <criterion test_ref="oval:org.opensuse.security:tst:2009075533" comment="wireshark less than 1.4.15-0.5.1"/> 44250 </criteria> 44251 </definition> 44252 <definition id="oval:org.opensuse.security:def:20124296" version="1" class="vulnerability"> 44253 <metadata> 44254 <title>CVE-2012-4296</title> 44255 <affected family="unix"> 44256 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44257 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44258 </affected> 44259 <reference ref_id="CVE-2012-4296" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4296" source="CVE"/> 44260 <description> 44261 Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet. 44262 </description> 44263 </metadata> 44264 <!-- 8c97d5c98c64afe228e7a248367ecd19 --> 44265 <criteria operator="AND"> 44266 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44267 <criterion test_ref="oval:org.opensuse.security:tst:2009075533" comment="wireshark less than 1.4.15-0.5.1"/> 44268 </criteria> 44269 </definition> 44270 <definition id="oval:org.opensuse.security:def:20124405" version="1" class="vulnerability"> 44271 <metadata> 44272 <title>CVE-2012-4405</title> 44273 <affected family="unix"> 44274 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44275 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44276 </affected> 44277 <reference ref_id="CVE-2012-4405" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4405" source="CVE"/> 44278 <description> 44279 Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PostScript or (2) PDF file with embedded images, which triggers a heap-based buffer overflow. NOTE: this issue is also described as an array index error. 44280 </description> 44281 </metadata> 44282 <!-- 16655a319f6c06a08b5e85f00894fcfd --> 44283 <criteria operator="AND"> 44284 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44285 <criteria operator="OR"> 44286 <criterion test_ref="oval:org.opensuse.security:tst:2009075759" comment="ghostscript-fonts-other less than 8.15.4-16.28.1"/> 44287 <criterion test_ref="oval:org.opensuse.security:tst:2009075760" comment="ghostscript-fonts-std less than 8.15.4-16.28.1"/> 44288 <criterion test_ref="oval:org.opensuse.security:tst:2009075761" comment="ghostscript-library less than 8.15.4-16.28.1"/> 44289 <criterion test_ref="oval:org.opensuse.security:tst:2009075762" comment="ghostscript-x11 less than 8.15.4-16.28.1"/> 44290 <criterion test_ref="oval:org.opensuse.security:tst:2009075763" comment="libgimpprint less than 4.2.7-62.28.1"/> 44291 </criteria> 44292 </criteria> 44293 </definition> 44294 <definition id="oval:org.opensuse.security:def:20124411" version="1" class="vulnerability"> 44295 <metadata> 44296 <title>CVE-2012-4411</title> 44297 <affected family="unix"> 44298 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44299 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44300 </affected> 44301 <reference ref_id="CVE-2012-4411" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4411" source="CVE"/> 44302 <description> 44303 The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor. NOTE: this might be a duplicate of CVE-2007-0998. 44304 </description> 44305 </metadata> 44306 <!-- 1e9042debead5d88c23444a904a4e0c9 --> 44307 <criteria operator="AND"> 44308 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44309 <criteria operator="OR"> 44310 <criterion test_ref="oval:org.opensuse.security:tst:2009107426" comment="xen-devel less than 3.2.3_17040_42-0.7.1"/> 44311 <criterion test_ref="oval:org.opensuse.security:tst:2009107427" comment="xen-devel less than 3.2.3_17040_42-0.7.2"/> 44312 <criterion test_ref="oval:org.opensuse.security:tst:2009107428" comment="xen-doc-html less than 3.2.3_17040_42-0.7.1"/> 44313 <criterion test_ref="oval:org.opensuse.security:tst:2009107429" comment="xen-doc-html less than 3.2.3_17040_42-0.7.2"/> 44314 <criterion test_ref="oval:org.opensuse.security:tst:2009107430" comment="xen-doc-pdf less than 3.2.3_17040_42-0.7.1"/> 44315 <criterion test_ref="oval:org.opensuse.security:tst:2009107431" comment="xen-doc-pdf less than 3.2.3_17040_42-0.7.2"/> 44316 <criterion test_ref="oval:org.opensuse.security:tst:2009107432" comment="xen-doc-ps less than 3.2.3_17040_42-0.7.1"/> 44317 <criterion test_ref="oval:org.opensuse.security:tst:2009107433" comment="xen-doc-ps less than 3.2.3_17040_42-0.7.2"/> 44318 <criterion test_ref="oval:org.opensuse.security:tst:2009107434" comment="xen-kmp-bigsmp less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44319 <criterion test_ref="oval:org.opensuse.security:tst:2009107435" comment="xen-kmp-default less than 3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2"/> 44320 <criterion test_ref="oval:org.opensuse.security:tst:2009107436" comment="xen-kmp-default less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44321 <criterion test_ref="oval:org.opensuse.security:tst:2009107437" comment="xen-kmp-smp less than 3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2"/> 44322 <criterion test_ref="oval:org.opensuse.security:tst:2009107438" comment="xen-kmp-smp less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44323 <criterion test_ref="oval:org.opensuse.security:tst:2009107439" comment="xen-libs-32bit less than 3.2.3_17040_42-0.7.1"/> 44324 <criterion test_ref="oval:org.opensuse.security:tst:2009107440" comment="xen-libs less than 3.2.3_17040_42-0.7.1"/> 44325 <criterion test_ref="oval:org.opensuse.security:tst:2009107441" comment="xen-libs less than 3.2.3_17040_42-0.7.2"/> 44326 <criterion test_ref="oval:org.opensuse.security:tst:2009107442" comment="xen-tools-domU less than 3.2.3_17040_42-0.7.1"/> 44327 <criterion test_ref="oval:org.opensuse.security:tst:2009107443" comment="xen-tools-domU less than 3.2.3_17040_42-0.7.2"/> 44328 <criterion test_ref="oval:org.opensuse.security:tst:2009107444" comment="xen-tools-ioemu less than 3.2.3_17040_42-0.7.1"/> 44329 <criterion test_ref="oval:org.opensuse.security:tst:2009107445" comment="xen-tools-ioemu less than 3.2.3_17040_42-0.7.2"/> 44330 <criterion test_ref="oval:org.opensuse.security:tst:2009107446" comment="xen-tools less than 3.2.3_17040_42-0.7.1"/> 44331 <criterion test_ref="oval:org.opensuse.security:tst:2009107447" comment="xen-tools less than 3.2.3_17040_42-0.7.2"/> 44332 <criterion test_ref="oval:org.opensuse.security:tst:2009107448" comment="xen less than 3.2.3_17040_42-0.7.1"/> 44333 <criterion test_ref="oval:org.opensuse.security:tst:2009107449" comment="xen less than 3.2.3_17040_42-0.7.2"/> 44334 </criteria> 44335 </criteria> 44336 </definition> 44337 <definition id="oval:org.opensuse.security:def:20124444" version="1" class="vulnerability"> 44338 <metadata> 44339 <title>CVE-2012-4444</title> 44340 <affected family="unix"> 44341 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44342 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44343 </affected> 44344 <reference ref_id="CVE-2012-4444" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4444" source="CVE"/> 44345 <description> 44346 The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux kernel before 2.6.36 allows remote attackers to bypass intended network restrictions via overlapping IPv6 fragments. 44347 </description> 44348 </metadata> 44349 <criteria operator="OR"> 44350 <!-- 42590e04eddb51fa31379710deb16611 --> 44351 <criteria operator="AND"> 44352 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44353 <criteria operator="OR"> 44354 <criterion test_ref="oval:org.opensuse.security:tst:2009077356" comment="kernel-default less than 2.6.16.60-0.103.1"/> 44355 <criterion test_ref="oval:org.opensuse.security:tst:2009077357" comment="kernel-smp less than 2.6.16.60-0.103.1"/> 44356 <criterion test_ref="oval:org.opensuse.security:tst:2009077358" comment="kernel-source less than 2.6.16.60-0.103.1"/> 44357 <criterion test_ref="oval:org.opensuse.security:tst:2009077359" comment="kernel-syms less than 2.6.16.60-0.103.1"/> 44358 <criterion test_ref="oval:org.opensuse.security:tst:2009077360" comment="kernel-xen less than 2.6.16.60-0.103.1"/> 44359 </criteria> 44360 </criteria> 44361 <!-- 60a0921c1bb3961c00333f60f45fee0b --> 44362 <criteria operator="AND"> 44363 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44364 <criteria operator="OR"> 44365 <criterion test_ref="oval:org.opensuse.security:tst:2009077361" comment="kernel-bigsmp less than 2.6.16.60-0.103.1"/> 44366 <criterion test_ref="oval:org.opensuse.security:tst:2009077356" comment="kernel-default less than 2.6.16.60-0.103.1"/> 44367 <criterion test_ref="oval:org.opensuse.security:tst:2009077357" comment="kernel-smp less than 2.6.16.60-0.103.1"/> 44368 <criterion test_ref="oval:org.opensuse.security:tst:2009077358" comment="kernel-source less than 2.6.16.60-0.103.1"/> 44369 <criterion test_ref="oval:org.opensuse.security:tst:2009077359" comment="kernel-syms less than 2.6.16.60-0.103.1"/> 44370 <criterion test_ref="oval:org.opensuse.security:tst:2009077360" comment="kernel-xen less than 2.6.16.60-0.103.1"/> 44371 <criterion test_ref="oval:org.opensuse.security:tst:2009077362" comment="kernel-xenpae less than 2.6.16.60-0.103.1"/> 44372 </criteria> 44373 </criteria> 44374 </criteria> 44375 </definition> 44376 <definition id="oval:org.opensuse.security:def:20124447" version="1" class="vulnerability"> 44377 <metadata> 44378 <title>CVE-2012-4447</title> 44379 <affected family="unix"> 44380 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44381 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44382 </affected> 44383 <reference ref_id="CVE-2012-4447" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447" source="CVE"/> 44384 <description> 44385 Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format. 44386 </description> 44387 </metadata> 44388 <!-- e82a9ac77700ce38cd74ae7a74f81150 --> 44389 <criteria operator="AND"> 44390 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44391 <criteria operator="OR"> 44392 <criterion test_ref="oval:org.opensuse.security:tst:2009076448" comment="libtiff-32bit less than 3.8.2-5.32.1"/> 44393 <criterion test_ref="oval:org.opensuse.security:tst:2009076449" comment="libtiff-devel less than 3.8.2-5.32.1"/> 44394 <criterion test_ref="oval:org.opensuse.security:tst:2009076450" comment="libtiff less than 3.8.2-5.32.1"/> 44395 </criteria> 44396 </criteria> 44397 </definition> 44398 <definition id="oval:org.opensuse.security:def:20124466" version="1" class="vulnerability"> 44399 <metadata> 44400 <title>CVE-2012-4466</title> 44401 <affected family="unix"> 44402 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44403 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44404 </affected> 44405 <reference ref_id="CVE-2012-4466" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4466" source="CVE"/> 44406 <description> 44407 Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005. 44408 </description> 44409 </metadata> 44410 <!-- 4c9e95f258c3139c5c70de419c8f734b --> 44411 <criteria operator="AND"> 44412 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44413 <criterion test_ref="oval:org.opensuse.security:tst:2009076967" comment="ruby less than 1.8.6.p369-0.14.1"/> 44414 </criteria> 44415 </definition> 44416 <definition id="oval:org.opensuse.security:def:20124522" version="1" class="vulnerability"> 44417 <metadata> 44418 <title>CVE-2012-4522</title> 44419 <affected family="unix"> 44420 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44421 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44422 </affected> 44423 <reference ref_id="CVE-2012-4522" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4522" source="CVE"/> 44424 <description> 44425 The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path. 44426 </description> 44427 </metadata> 44428 <!-- 4c9e95f258c3139c5c70de419c8f734b --> 44429 <criteria operator="AND"> 44430 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44431 <criterion test_ref="oval:org.opensuse.security:tst:2009076967" comment="ruby less than 1.8.6.p369-0.14.1"/> 44432 </criteria> 44433 </definition> 44434 <definition id="oval:org.opensuse.security:def:20124530" version="1" class="vulnerability"> 44435 <metadata> 44436 <title>CVE-2012-4530</title> 44437 <affected family="unix"> 44438 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44439 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44440 </affected> 44441 <reference ref_id="CVE-2012-4530" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4530" source="CVE"/> 44442 <description> 44443 The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. 44444 </description> 44445 </metadata> 44446 <criteria operator="OR"> 44447 <!-- 2b51bf3e02179f8f70c7b2ada2571a2d --> 44448 <criteria operator="AND"> 44449 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44450 <criteria operator="OR"> 44451 <criterion test_ref="oval:org.opensuse.security:tst:2009077027" comment="kernel-bigsmp less than 2.6.16.60-0.101.1"/> 44452 <criterion test_ref="oval:org.opensuse.security:tst:2009077028" comment="kernel-default less than 2.6.16.60-0.101.1"/> 44453 <criterion test_ref="oval:org.opensuse.security:tst:2009077029" comment="kernel-smp less than 2.6.16.60-0.101.1"/> 44454 <criterion test_ref="oval:org.opensuse.security:tst:2009077030" comment="kernel-source less than 2.6.16.60-0.101.1"/> 44455 <criterion test_ref="oval:org.opensuse.security:tst:2009077031" comment="kernel-syms less than 2.6.16.60-0.101.1"/> 44456 <criterion test_ref="oval:org.opensuse.security:tst:2009077032" comment="kernel-xen less than 2.6.16.60-0.101.1"/> 44457 <criterion test_ref="oval:org.opensuse.security:tst:2009077033" comment="kernel-xenpae less than 2.6.16.60-0.101.1"/> 44458 </criteria> 44459 </criteria> 44460 <!-- ac5626f6e7f483c6dac1cc5fe253fcf9 --> 44461 <criteria operator="AND"> 44462 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44463 <criteria operator="OR"> 44464 <criterion test_ref="oval:org.opensuse.security:tst:2009077028" comment="kernel-default less than 2.6.16.60-0.101.1"/> 44465 <criterion test_ref="oval:org.opensuse.security:tst:2009077029" comment="kernel-smp less than 2.6.16.60-0.101.1"/> 44466 <criterion test_ref="oval:org.opensuse.security:tst:2009077030" comment="kernel-source less than 2.6.16.60-0.101.1"/> 44467 <criterion test_ref="oval:org.opensuse.security:tst:2009077031" comment="kernel-syms less than 2.6.16.60-0.101.1"/> 44468 <criterion test_ref="oval:org.opensuse.security:tst:2009077032" comment="kernel-xen less than 2.6.16.60-0.101.1"/> 44469 </criteria> 44470 </criteria> 44471 </criteria> 44472 </definition> 44473 <definition id="oval:org.opensuse.security:def:20124535" version="1" class="vulnerability"> 44474 <metadata> 44475 <title>CVE-2012-4535</title> 44476 <affected family="unix"> 44477 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44478 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44479 </affected> 44480 <reference ref_id="CVE-2012-4535" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4535" source="CVE"/> 44481 <description> 44482 Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inappropriate deadline." 44483 </description> 44484 </metadata> 44485 <!-- 1e9042debead5d88c23444a904a4e0c9 --> 44486 <criteria operator="AND"> 44487 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44488 <criteria operator="OR"> 44489 <criterion test_ref="oval:org.opensuse.security:tst:2009107426" comment="xen-devel less than 3.2.3_17040_42-0.7.1"/> 44490 <criterion test_ref="oval:org.opensuse.security:tst:2009107427" comment="xen-devel less than 3.2.3_17040_42-0.7.2"/> 44491 <criterion test_ref="oval:org.opensuse.security:tst:2009107428" comment="xen-doc-html less than 3.2.3_17040_42-0.7.1"/> 44492 <criterion test_ref="oval:org.opensuse.security:tst:2009107429" comment="xen-doc-html less than 3.2.3_17040_42-0.7.2"/> 44493 <criterion test_ref="oval:org.opensuse.security:tst:2009107430" comment="xen-doc-pdf less than 3.2.3_17040_42-0.7.1"/> 44494 <criterion test_ref="oval:org.opensuse.security:tst:2009107431" comment="xen-doc-pdf less than 3.2.3_17040_42-0.7.2"/> 44495 <criterion test_ref="oval:org.opensuse.security:tst:2009107432" comment="xen-doc-ps less than 3.2.3_17040_42-0.7.1"/> 44496 <criterion test_ref="oval:org.opensuse.security:tst:2009107433" comment="xen-doc-ps less than 3.2.3_17040_42-0.7.2"/> 44497 <criterion test_ref="oval:org.opensuse.security:tst:2009107434" comment="xen-kmp-bigsmp less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44498 <criterion test_ref="oval:org.opensuse.security:tst:2009107435" comment="xen-kmp-default less than 3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2"/> 44499 <criterion test_ref="oval:org.opensuse.security:tst:2009107436" comment="xen-kmp-default less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44500 <criterion test_ref="oval:org.opensuse.security:tst:2009107437" comment="xen-kmp-smp less than 3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2"/> 44501 <criterion test_ref="oval:org.opensuse.security:tst:2009107438" comment="xen-kmp-smp less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44502 <criterion test_ref="oval:org.opensuse.security:tst:2009107439" comment="xen-libs-32bit less than 3.2.3_17040_42-0.7.1"/> 44503 <criterion test_ref="oval:org.opensuse.security:tst:2009107440" comment="xen-libs less than 3.2.3_17040_42-0.7.1"/> 44504 <criterion test_ref="oval:org.opensuse.security:tst:2009107441" comment="xen-libs less than 3.2.3_17040_42-0.7.2"/> 44505 <criterion test_ref="oval:org.opensuse.security:tst:2009107442" comment="xen-tools-domU less than 3.2.3_17040_42-0.7.1"/> 44506 <criterion test_ref="oval:org.opensuse.security:tst:2009107443" comment="xen-tools-domU less than 3.2.3_17040_42-0.7.2"/> 44507 <criterion test_ref="oval:org.opensuse.security:tst:2009107444" comment="xen-tools-ioemu less than 3.2.3_17040_42-0.7.1"/> 44508 <criterion test_ref="oval:org.opensuse.security:tst:2009107445" comment="xen-tools-ioemu less than 3.2.3_17040_42-0.7.2"/> 44509 <criterion test_ref="oval:org.opensuse.security:tst:2009107446" comment="xen-tools less than 3.2.3_17040_42-0.7.1"/> 44510 <criterion test_ref="oval:org.opensuse.security:tst:2009107447" comment="xen-tools less than 3.2.3_17040_42-0.7.2"/> 44511 <criterion test_ref="oval:org.opensuse.security:tst:2009107448" comment="xen less than 3.2.3_17040_42-0.7.1"/> 44512 <criterion test_ref="oval:org.opensuse.security:tst:2009107449" comment="xen less than 3.2.3_17040_42-0.7.2"/> 44513 </criteria> 44514 </criteria> 44515 </definition> 44516 <definition id="oval:org.opensuse.security:def:20124536" version="1" class="vulnerability"> 44517 <metadata> 44518 <title>CVE-2012-4536</title> 44519 <affected family="unix"> 44520 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44521 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44522 </affected> 44523 <reference ref_id="CVE-2012-4536" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4536" source="CVE"/> 44524 <description> 44525 The (1) domain_pirq_to_emuirq and (2) physdev_unmap_pirq functions in Xen 2.2 allows local guest OS administrators to cause a denial of service (Xen crash) via a crafted pirq value that triggers an out-of-bounds read. 44526 </description> 44527 </metadata> 44528 <!-- 1e9042debead5d88c23444a904a4e0c9 --> 44529 <criteria operator="AND"> 44530 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44531 <criteria operator="OR"> 44532 <criterion test_ref="oval:org.opensuse.security:tst:2009107426" comment="xen-devel less than 3.2.3_17040_42-0.7.1"/> 44533 <criterion test_ref="oval:org.opensuse.security:tst:2009107427" comment="xen-devel less than 3.2.3_17040_42-0.7.2"/> 44534 <criterion test_ref="oval:org.opensuse.security:tst:2009107428" comment="xen-doc-html less than 3.2.3_17040_42-0.7.1"/> 44535 <criterion test_ref="oval:org.opensuse.security:tst:2009107429" comment="xen-doc-html less than 3.2.3_17040_42-0.7.2"/> 44536 <criterion test_ref="oval:org.opensuse.security:tst:2009107430" comment="xen-doc-pdf less than 3.2.3_17040_42-0.7.1"/> 44537 <criterion test_ref="oval:org.opensuse.security:tst:2009107431" comment="xen-doc-pdf less than 3.2.3_17040_42-0.7.2"/> 44538 <criterion test_ref="oval:org.opensuse.security:tst:2009107432" comment="xen-doc-ps less than 3.2.3_17040_42-0.7.1"/> 44539 <criterion test_ref="oval:org.opensuse.security:tst:2009107433" comment="xen-doc-ps less than 3.2.3_17040_42-0.7.2"/> 44540 <criterion test_ref="oval:org.opensuse.security:tst:2009107434" comment="xen-kmp-bigsmp less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44541 <criterion test_ref="oval:org.opensuse.security:tst:2009107435" comment="xen-kmp-default less than 3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2"/> 44542 <criterion test_ref="oval:org.opensuse.security:tst:2009107436" comment="xen-kmp-default less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44543 <criterion test_ref="oval:org.opensuse.security:tst:2009107437" comment="xen-kmp-smp less than 3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2"/> 44544 <criterion test_ref="oval:org.opensuse.security:tst:2009107438" comment="xen-kmp-smp less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44545 <criterion test_ref="oval:org.opensuse.security:tst:2009107439" comment="xen-libs-32bit less than 3.2.3_17040_42-0.7.1"/> 44546 <criterion test_ref="oval:org.opensuse.security:tst:2009107440" comment="xen-libs less than 3.2.3_17040_42-0.7.1"/> 44547 <criterion test_ref="oval:org.opensuse.security:tst:2009107441" comment="xen-libs less than 3.2.3_17040_42-0.7.2"/> 44548 <criterion test_ref="oval:org.opensuse.security:tst:2009107442" comment="xen-tools-domU less than 3.2.3_17040_42-0.7.1"/> 44549 <criterion test_ref="oval:org.opensuse.security:tst:2009107443" comment="xen-tools-domU less than 3.2.3_17040_42-0.7.2"/> 44550 <criterion test_ref="oval:org.opensuse.security:tst:2009107444" comment="xen-tools-ioemu less than 3.2.3_17040_42-0.7.1"/> 44551 <criterion test_ref="oval:org.opensuse.security:tst:2009107445" comment="xen-tools-ioemu less than 3.2.3_17040_42-0.7.2"/> 44552 <criterion test_ref="oval:org.opensuse.security:tst:2009107446" comment="xen-tools less than 3.2.3_17040_42-0.7.1"/> 44553 <criterion test_ref="oval:org.opensuse.security:tst:2009107447" comment="xen-tools less than 3.2.3_17040_42-0.7.2"/> 44554 <criterion test_ref="oval:org.opensuse.security:tst:2009107448" comment="xen less than 3.2.3_17040_42-0.7.1"/> 44555 <criterion test_ref="oval:org.opensuse.security:tst:2009107449" comment="xen less than 3.2.3_17040_42-0.7.2"/> 44556 </criteria> 44557 </criteria> 44558 </definition> 44559 <definition id="oval:org.opensuse.security:def:20124537" version="1" class="vulnerability"> 44560 <metadata> 44561 <title>CVE-2012-4537</title> 44562 <affected family="unix"> 44563 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44564 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44565 </affected> 44566 <reference ref_id="CVE-2012-4537" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4537" source="CVE"/> 44567 <description> 44568 Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause a denial of service (memory consumption and assertion failure), aka "Memory mapping failure DoS vulnerability." 44569 </description> 44570 </metadata> 44571 <!-- 1e9042debead5d88c23444a904a4e0c9 --> 44572 <criteria operator="AND"> 44573 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44574 <criteria operator="OR"> 44575 <criterion test_ref="oval:org.opensuse.security:tst:2009107426" comment="xen-devel less than 3.2.3_17040_42-0.7.1"/> 44576 <criterion test_ref="oval:org.opensuse.security:tst:2009107427" comment="xen-devel less than 3.2.3_17040_42-0.7.2"/> 44577 <criterion test_ref="oval:org.opensuse.security:tst:2009107428" comment="xen-doc-html less than 3.2.3_17040_42-0.7.1"/> 44578 <criterion test_ref="oval:org.opensuse.security:tst:2009107429" comment="xen-doc-html less than 3.2.3_17040_42-0.7.2"/> 44579 <criterion test_ref="oval:org.opensuse.security:tst:2009107430" comment="xen-doc-pdf less than 3.2.3_17040_42-0.7.1"/> 44580 <criterion test_ref="oval:org.opensuse.security:tst:2009107431" comment="xen-doc-pdf less than 3.2.3_17040_42-0.7.2"/> 44581 <criterion test_ref="oval:org.opensuse.security:tst:2009107432" comment="xen-doc-ps less than 3.2.3_17040_42-0.7.1"/> 44582 <criterion test_ref="oval:org.opensuse.security:tst:2009107433" comment="xen-doc-ps less than 3.2.3_17040_42-0.7.2"/> 44583 <criterion test_ref="oval:org.opensuse.security:tst:2009107434" comment="xen-kmp-bigsmp less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44584 <criterion test_ref="oval:org.opensuse.security:tst:2009107435" comment="xen-kmp-default less than 3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2"/> 44585 <criterion test_ref="oval:org.opensuse.security:tst:2009107436" comment="xen-kmp-default less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44586 <criterion test_ref="oval:org.opensuse.security:tst:2009107437" comment="xen-kmp-smp less than 3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2"/> 44587 <criterion test_ref="oval:org.opensuse.security:tst:2009107438" comment="xen-kmp-smp less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44588 <criterion test_ref="oval:org.opensuse.security:tst:2009107439" comment="xen-libs-32bit less than 3.2.3_17040_42-0.7.1"/> 44589 <criterion test_ref="oval:org.opensuse.security:tst:2009107440" comment="xen-libs less than 3.2.3_17040_42-0.7.1"/> 44590 <criterion test_ref="oval:org.opensuse.security:tst:2009107441" comment="xen-libs less than 3.2.3_17040_42-0.7.2"/> 44591 <criterion test_ref="oval:org.opensuse.security:tst:2009107442" comment="xen-tools-domU less than 3.2.3_17040_42-0.7.1"/> 44592 <criterion test_ref="oval:org.opensuse.security:tst:2009107443" comment="xen-tools-domU less than 3.2.3_17040_42-0.7.2"/> 44593 <criterion test_ref="oval:org.opensuse.security:tst:2009107444" comment="xen-tools-ioemu less than 3.2.3_17040_42-0.7.1"/> 44594 <criterion test_ref="oval:org.opensuse.security:tst:2009107445" comment="xen-tools-ioemu less than 3.2.3_17040_42-0.7.2"/> 44595 <criterion test_ref="oval:org.opensuse.security:tst:2009107446" comment="xen-tools less than 3.2.3_17040_42-0.7.1"/> 44596 <criterion test_ref="oval:org.opensuse.security:tst:2009107447" comment="xen-tools less than 3.2.3_17040_42-0.7.2"/> 44597 <criterion test_ref="oval:org.opensuse.security:tst:2009107448" comment="xen less than 3.2.3_17040_42-0.7.1"/> 44598 <criterion test_ref="oval:org.opensuse.security:tst:2009107449" comment="xen less than 3.2.3_17040_42-0.7.2"/> 44599 </criteria> 44600 </criteria> 44601 </definition> 44602 <definition id="oval:org.opensuse.security:def:20124538" version="1" class="vulnerability"> 44603 <metadata> 44604 <title>CVE-2012-4538</title> 44605 <affected family="unix"> 44606 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44607 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44608 </affected> 44609 <reference ref_id="CVE-2012-4538" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4538" source="CVE"/> 44610 <description> 44611 The HVMOP_pagetable_dying hypercall in Xen 4.0, 4.1, and 4.2 does not properly check the pagetable state when running on shadow pagetables, which allows a local HVM guest OS to cause a denial of service (hypervisor crash) via unspecified vectors. 44612 </description> 44613 </metadata> 44614 <!-- 1e9042debead5d88c23444a904a4e0c9 --> 44615 <criteria operator="AND"> 44616 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44617 <criteria operator="OR"> 44618 <criterion test_ref="oval:org.opensuse.security:tst:2009107426" comment="xen-devel less than 3.2.3_17040_42-0.7.1"/> 44619 <criterion test_ref="oval:org.opensuse.security:tst:2009107427" comment="xen-devel less than 3.2.3_17040_42-0.7.2"/> 44620 <criterion test_ref="oval:org.opensuse.security:tst:2009107428" comment="xen-doc-html less than 3.2.3_17040_42-0.7.1"/> 44621 <criterion test_ref="oval:org.opensuse.security:tst:2009107429" comment="xen-doc-html less than 3.2.3_17040_42-0.7.2"/> 44622 <criterion test_ref="oval:org.opensuse.security:tst:2009107430" comment="xen-doc-pdf less than 3.2.3_17040_42-0.7.1"/> 44623 <criterion test_ref="oval:org.opensuse.security:tst:2009107431" comment="xen-doc-pdf less than 3.2.3_17040_42-0.7.2"/> 44624 <criterion test_ref="oval:org.opensuse.security:tst:2009107432" comment="xen-doc-ps less than 3.2.3_17040_42-0.7.1"/> 44625 <criterion test_ref="oval:org.opensuse.security:tst:2009107433" comment="xen-doc-ps less than 3.2.3_17040_42-0.7.2"/> 44626 <criterion test_ref="oval:org.opensuse.security:tst:2009107434" comment="xen-kmp-bigsmp less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44627 <criterion test_ref="oval:org.opensuse.security:tst:2009107435" comment="xen-kmp-default less than 3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2"/> 44628 <criterion test_ref="oval:org.opensuse.security:tst:2009107436" comment="xen-kmp-default less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44629 <criterion test_ref="oval:org.opensuse.security:tst:2009107437" comment="xen-kmp-smp less than 3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2"/> 44630 <criterion test_ref="oval:org.opensuse.security:tst:2009107438" comment="xen-kmp-smp less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44631 <criterion test_ref="oval:org.opensuse.security:tst:2009107439" comment="xen-libs-32bit less than 3.2.3_17040_42-0.7.1"/> 44632 <criterion test_ref="oval:org.opensuse.security:tst:2009107440" comment="xen-libs less than 3.2.3_17040_42-0.7.1"/> 44633 <criterion test_ref="oval:org.opensuse.security:tst:2009107441" comment="xen-libs less than 3.2.3_17040_42-0.7.2"/> 44634 <criterion test_ref="oval:org.opensuse.security:tst:2009107442" comment="xen-tools-domU less than 3.2.3_17040_42-0.7.1"/> 44635 <criterion test_ref="oval:org.opensuse.security:tst:2009107443" comment="xen-tools-domU less than 3.2.3_17040_42-0.7.2"/> 44636 <criterion test_ref="oval:org.opensuse.security:tst:2009107444" comment="xen-tools-ioemu less than 3.2.3_17040_42-0.7.1"/> 44637 <criterion test_ref="oval:org.opensuse.security:tst:2009107445" comment="xen-tools-ioemu less than 3.2.3_17040_42-0.7.2"/> 44638 <criterion test_ref="oval:org.opensuse.security:tst:2009107446" comment="xen-tools less than 3.2.3_17040_42-0.7.1"/> 44639 <criterion test_ref="oval:org.opensuse.security:tst:2009107447" comment="xen-tools less than 3.2.3_17040_42-0.7.2"/> 44640 <criterion test_ref="oval:org.opensuse.security:tst:2009107448" comment="xen less than 3.2.3_17040_42-0.7.1"/> 44641 <criterion test_ref="oval:org.opensuse.security:tst:2009107449" comment="xen less than 3.2.3_17040_42-0.7.2"/> 44642 </criteria> 44643 </criteria> 44644 </definition> 44645 <definition id="oval:org.opensuse.security:def:20124539" version="1" class="vulnerability"> 44646 <metadata> 44647 <title>CVE-2012-4539</title> 44648 <affected family="unix"> 44649 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44650 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44651 </affected> 44652 <reference ref_id="CVE-2012-4539" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4539" source="CVE"/> 44653 <description> 44654 Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka "Grant table hypercall infinite loop DoS vulnerability." 44655 </description> 44656 </metadata> 44657 <!-- 1e9042debead5d88c23444a904a4e0c9 --> 44658 <criteria operator="AND"> 44659 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44660 <criteria operator="OR"> 44661 <criterion test_ref="oval:org.opensuse.security:tst:2009107426" comment="xen-devel less than 3.2.3_17040_42-0.7.1"/> 44662 <criterion test_ref="oval:org.opensuse.security:tst:2009107427" comment="xen-devel less than 3.2.3_17040_42-0.7.2"/> 44663 <criterion test_ref="oval:org.opensuse.security:tst:2009107428" comment="xen-doc-html less than 3.2.3_17040_42-0.7.1"/> 44664 <criterion test_ref="oval:org.opensuse.security:tst:2009107429" comment="xen-doc-html less than 3.2.3_17040_42-0.7.2"/> 44665 <criterion test_ref="oval:org.opensuse.security:tst:2009107430" comment="xen-doc-pdf less than 3.2.3_17040_42-0.7.1"/> 44666 <criterion test_ref="oval:org.opensuse.security:tst:2009107431" comment="xen-doc-pdf less than 3.2.3_17040_42-0.7.2"/> 44667 <criterion test_ref="oval:org.opensuse.security:tst:2009107432" comment="xen-doc-ps less than 3.2.3_17040_42-0.7.1"/> 44668 <criterion test_ref="oval:org.opensuse.security:tst:2009107433" comment="xen-doc-ps less than 3.2.3_17040_42-0.7.2"/> 44669 <criterion test_ref="oval:org.opensuse.security:tst:2009107434" comment="xen-kmp-bigsmp less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44670 <criterion test_ref="oval:org.opensuse.security:tst:2009107435" comment="xen-kmp-default less than 3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2"/> 44671 <criterion test_ref="oval:org.opensuse.security:tst:2009107436" comment="xen-kmp-default less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44672 <criterion test_ref="oval:org.opensuse.security:tst:2009107437" comment="xen-kmp-smp less than 3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2"/> 44673 <criterion test_ref="oval:org.opensuse.security:tst:2009107438" comment="xen-kmp-smp less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44674 <criterion test_ref="oval:org.opensuse.security:tst:2009107439" comment="xen-libs-32bit less than 3.2.3_17040_42-0.7.1"/> 44675 <criterion test_ref="oval:org.opensuse.security:tst:2009107440" comment="xen-libs less than 3.2.3_17040_42-0.7.1"/> 44676 <criterion test_ref="oval:org.opensuse.security:tst:2009107441" comment="xen-libs less than 3.2.3_17040_42-0.7.2"/> 44677 <criterion test_ref="oval:org.opensuse.security:tst:2009107442" comment="xen-tools-domU less than 3.2.3_17040_42-0.7.1"/> 44678 <criterion test_ref="oval:org.opensuse.security:tst:2009107443" comment="xen-tools-domU less than 3.2.3_17040_42-0.7.2"/> 44679 <criterion test_ref="oval:org.opensuse.security:tst:2009107444" comment="xen-tools-ioemu less than 3.2.3_17040_42-0.7.1"/> 44680 <criterion test_ref="oval:org.opensuse.security:tst:2009107445" comment="xen-tools-ioemu less than 3.2.3_17040_42-0.7.2"/> 44681 <criterion test_ref="oval:org.opensuse.security:tst:2009107446" comment="xen-tools less than 3.2.3_17040_42-0.7.1"/> 44682 <criterion test_ref="oval:org.opensuse.security:tst:2009107447" comment="xen-tools less than 3.2.3_17040_42-0.7.2"/> 44683 <criterion test_ref="oval:org.opensuse.security:tst:2009107448" comment="xen less than 3.2.3_17040_42-0.7.1"/> 44684 <criterion test_ref="oval:org.opensuse.security:tst:2009107449" comment="xen less than 3.2.3_17040_42-0.7.2"/> 44685 </criteria> 44686 </criteria> 44687 </definition> 44688 <definition id="oval:org.opensuse.security:def:20124544" version="1" class="vulnerability"> 44689 <metadata> 44690 <title>CVE-2012-4544</title> 44691 <affected family="unix"> 44692 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44693 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44694 </affected> 44695 <reference ref_id="CVE-2012-4544" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4544" source="CVE"/> 44696 <description> 44697 The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk (1) before or (2) after decompression, which allows local guest administrators to cause a denial of service (domain 0 memory consumption) via a crafted (a) kernel or (b) ramdisk. 44698 </description> 44699 </metadata> 44700 <!-- 1e9042debead5d88c23444a904a4e0c9 --> 44701 <criteria operator="AND"> 44702 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44703 <criteria operator="OR"> 44704 <criterion test_ref="oval:org.opensuse.security:tst:2009107426" comment="xen-devel less than 3.2.3_17040_42-0.7.1"/> 44705 <criterion test_ref="oval:org.opensuse.security:tst:2009107427" comment="xen-devel less than 3.2.3_17040_42-0.7.2"/> 44706 <criterion test_ref="oval:org.opensuse.security:tst:2009107428" comment="xen-doc-html less than 3.2.3_17040_42-0.7.1"/> 44707 <criterion test_ref="oval:org.opensuse.security:tst:2009107429" comment="xen-doc-html less than 3.2.3_17040_42-0.7.2"/> 44708 <criterion test_ref="oval:org.opensuse.security:tst:2009107430" comment="xen-doc-pdf less than 3.2.3_17040_42-0.7.1"/> 44709 <criterion test_ref="oval:org.opensuse.security:tst:2009107431" comment="xen-doc-pdf less than 3.2.3_17040_42-0.7.2"/> 44710 <criterion test_ref="oval:org.opensuse.security:tst:2009107432" comment="xen-doc-ps less than 3.2.3_17040_42-0.7.1"/> 44711 <criterion test_ref="oval:org.opensuse.security:tst:2009107433" comment="xen-doc-ps less than 3.2.3_17040_42-0.7.2"/> 44712 <criterion test_ref="oval:org.opensuse.security:tst:2009107434" comment="xen-kmp-bigsmp less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44713 <criterion test_ref="oval:org.opensuse.security:tst:2009107435" comment="xen-kmp-default less than 3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2"/> 44714 <criterion test_ref="oval:org.opensuse.security:tst:2009107436" comment="xen-kmp-default less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44715 <criterion test_ref="oval:org.opensuse.security:tst:2009107437" comment="xen-kmp-smp less than 3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2"/> 44716 <criterion test_ref="oval:org.opensuse.security:tst:2009107438" comment="xen-kmp-smp less than 3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1"/> 44717 <criterion test_ref="oval:org.opensuse.security:tst:2009107439" comment="xen-libs-32bit less than 3.2.3_17040_42-0.7.1"/> 44718 <criterion test_ref="oval:org.opensuse.security:tst:2009107440" comment="xen-libs less than 3.2.3_17040_42-0.7.1"/> 44719 <criterion test_ref="oval:org.opensuse.security:tst:2009107441" comment="xen-libs less than 3.2.3_17040_42-0.7.2"/> 44720 <criterion test_ref="oval:org.opensuse.security:tst:2009107442" comment="xen-tools-domU less than 3.2.3_17040_42-0.7.1"/> 44721 <criterion test_ref="oval:org.opensuse.security:tst:2009107443" comment="xen-tools-domU less than 3.2.3_17040_42-0.7.2"/> 44722 <criterion test_ref="oval:org.opensuse.security:tst:2009107444" comment="xen-tools-ioemu less than 3.2.3_17040_42-0.7.1"/> 44723 <criterion test_ref="oval:org.opensuse.security:tst:2009107445" comment="xen-tools-ioemu less than 3.2.3_17040_42-0.7.2"/> 44724 <criterion test_ref="oval:org.opensuse.security:tst:2009107446" comment="xen-tools less than 3.2.3_17040_42-0.7.1"/> 44725 <criterion test_ref="oval:org.opensuse.security:tst:2009107447" comment="xen-tools less than 3.2.3_17040_42-0.7.2"/> 44726 <criterion test_ref="oval:org.opensuse.security:tst:2009107448" comment="xen less than 3.2.3_17040_42-0.7.1"/> 44727 <criterion test_ref="oval:org.opensuse.security:tst:2009107449" comment="xen less than 3.2.3_17040_42-0.7.2"/> 44728 </criteria> 44729 </criteria> 44730 </definition> 44731 <definition id="oval:org.opensuse.security:def:20124564" version="1" class="vulnerability"> 44732 <metadata> 44733 <title>CVE-2012-4564</title> 44734 <affected family="unix"> 44735 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44736 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44737 </affected> 44738 <reference ref_id="CVE-2012-4564" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4564" source="CVE"/> 44739 <description> 44740 ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow. 44741 </description> 44742 </metadata> 44743 <!-- e82a9ac77700ce38cd74ae7a74f81150 --> 44744 <criteria operator="AND"> 44745 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44746 <criteria operator="OR"> 44747 <criterion test_ref="oval:org.opensuse.security:tst:2009076448" comment="libtiff-32bit less than 3.8.2-5.32.1"/> 44748 <criterion test_ref="oval:org.opensuse.security:tst:2009076449" comment="libtiff-devel less than 3.8.2-5.32.1"/> 44749 <criterion test_ref="oval:org.opensuse.security:tst:2009076450" comment="libtiff less than 3.8.2-5.32.1"/> 44750 </criteria> 44751 </criteria> 44752 </definition> 44753 <definition id="oval:org.opensuse.security:def:20124929" version="1" class="vulnerability"> 44754 <metadata> 44755 <title>CVE-2012-4929</title> 44756 <affected family="unix"> 44757 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44758 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44759 </affected> 44760 <reference ref_id="CVE-2012-4929" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929" source="CVE"/> 44761 <description> 44762 The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a "CRIME" attack. 44763 </description> 44764 </metadata> 44765 <!-- 42741ff95d9d4f1604b9b2d2fc5ec078 --> 44766 <criteria operator="AND"> 44767 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44768 <criteria operator="OR"> 44769 <criterion test_ref="oval:org.opensuse.security:tst:2009076919" comment="openssl-32bit less than 0.9.8a-18.76.1"/> 44770 <criterion test_ref="oval:org.opensuse.security:tst:2009076920" comment="openssl-devel-32bit less than 0.9.8a-18.76.1"/> 44771 <criterion test_ref="oval:org.opensuse.security:tst:2009076921" comment="openssl-devel less than 0.9.8a-18.76.1"/> 44772 <criterion test_ref="oval:org.opensuse.security:tst:2009076922" comment="openssl less than 0.9.8a-18.76.1"/> 44773 </criteria> 44774 </criteria> 44775 </definition> 44776 <definition id="oval:org.opensuse.security:def:20125069" version="1" class="vulnerability"> 44777 <metadata> 44778 <title>CVE-2012-5069</title> 44779 <affected family="unix"> 44780 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44781 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44782 </affected> 44783 <reference ref_id="CVE-2012-5069" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5069" source="CVE"/> 44784 <description> 44785 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency. 44786 </description> 44787 </metadata> 44788 <!-- bb56b08850390b907db4d458f187e204 --> 44789 <criteria operator="AND"> 44790 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44791 <criteria operator="OR"> 44792 <criterion test_ref="oval:org.opensuse.security:tst:2009076041" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr15.0-0.5.1"/> 44793 <criterion test_ref="oval:org.opensuse.security:tst:2009076042" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr15.0-0.5.1"/> 44794 <criterion test_ref="oval:org.opensuse.security:tst:2009076043" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr15.0-0.5.1"/> 44795 <criterion test_ref="oval:org.opensuse.security:tst:2009076044" comment="java-1_5_0-ibm-demo less than 1.5.0_sr15.0-0.5.1"/> 44796 <criterion test_ref="oval:org.opensuse.security:tst:2009076045" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr15.0-0.5.1"/> 44797 <criterion test_ref="oval:org.opensuse.security:tst:2009076046" comment="java-1_5_0-ibm-devel less than 1.5.0_sr15.0-0.5.1"/> 44798 <criterion test_ref="oval:org.opensuse.security:tst:2009076047" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr15.0-0.5.1"/> 44799 <criterion test_ref="oval:org.opensuse.security:tst:2009076048" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr15.0-0.5.1"/> 44800 <criterion test_ref="oval:org.opensuse.security:tst:2009076049" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr15.0-0.5.1"/> 44801 <criterion test_ref="oval:org.opensuse.security:tst:2009076050" comment="java-1_5_0-ibm-src less than 1.5.0_sr15.0-0.5.1"/> 44802 <criterion test_ref="oval:org.opensuse.security:tst:2009076051" comment="java-1_5_0-ibm less than 1.5.0_sr15.0-0.5.1"/> 44803 </criteria> 44804 </criteria> 44805 </definition> 44806 <definition id="oval:org.opensuse.security:def:20125071" version="1" class="vulnerability"> 44807 <metadata> 44808 <title>CVE-2012-5071</title> 44809 <affected family="unix"> 44810 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44811 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44812 </affected> 44813 <reference ref_id="CVE-2012-5071" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5071" source="CVE"/> 44814 <description> 44815 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX. 44816 </description> 44817 </metadata> 44818 <!-- bb56b08850390b907db4d458f187e204 --> 44819 <criteria operator="AND"> 44820 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44821 <criteria operator="OR"> 44822 <criterion test_ref="oval:org.opensuse.security:tst:2009076041" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr15.0-0.5.1"/> 44823 <criterion test_ref="oval:org.opensuse.security:tst:2009076042" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr15.0-0.5.1"/> 44824 <criterion test_ref="oval:org.opensuse.security:tst:2009076043" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr15.0-0.5.1"/> 44825 <criterion test_ref="oval:org.opensuse.security:tst:2009076044" comment="java-1_5_0-ibm-demo less than 1.5.0_sr15.0-0.5.1"/> 44826 <criterion test_ref="oval:org.opensuse.security:tst:2009076045" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr15.0-0.5.1"/> 44827 <criterion test_ref="oval:org.opensuse.security:tst:2009076046" comment="java-1_5_0-ibm-devel less than 1.5.0_sr15.0-0.5.1"/> 44828 <criterion test_ref="oval:org.opensuse.security:tst:2009076047" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr15.0-0.5.1"/> 44829 <criterion test_ref="oval:org.opensuse.security:tst:2009076048" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr15.0-0.5.1"/> 44830 <criterion test_ref="oval:org.opensuse.security:tst:2009076049" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr15.0-0.5.1"/> 44831 <criterion test_ref="oval:org.opensuse.security:tst:2009076050" comment="java-1_5_0-ibm-src less than 1.5.0_sr15.0-0.5.1"/> 44832 <criterion test_ref="oval:org.opensuse.security:tst:2009076051" comment="java-1_5_0-ibm less than 1.5.0_sr15.0-0.5.1"/> 44833 </criteria> 44834 </criteria> 44835 </definition> 44836 <definition id="oval:org.opensuse.security:def:20125073" version="1" class="vulnerability"> 44837 <metadata> 44838 <title>CVE-2012-5073</title> 44839 <affected family="unix"> 44840 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44841 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44842 </affected> 44843 <reference ref_id="CVE-2012-5073" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5073" source="CVE"/> 44844 <description> 44845 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. 44846 </description> 44847 </metadata> 44848 <!-- bb56b08850390b907db4d458f187e204 --> 44849 <criteria operator="AND"> 44850 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44851 <criteria operator="OR"> 44852 <criterion test_ref="oval:org.opensuse.security:tst:2009076041" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr15.0-0.5.1"/> 44853 <criterion test_ref="oval:org.opensuse.security:tst:2009076042" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr15.0-0.5.1"/> 44854 <criterion test_ref="oval:org.opensuse.security:tst:2009076043" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr15.0-0.5.1"/> 44855 <criterion test_ref="oval:org.opensuse.security:tst:2009076044" comment="java-1_5_0-ibm-demo less than 1.5.0_sr15.0-0.5.1"/> 44856 <criterion test_ref="oval:org.opensuse.security:tst:2009076045" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr15.0-0.5.1"/> 44857 <criterion test_ref="oval:org.opensuse.security:tst:2009076046" comment="java-1_5_0-ibm-devel less than 1.5.0_sr15.0-0.5.1"/> 44858 <criterion test_ref="oval:org.opensuse.security:tst:2009076047" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr15.0-0.5.1"/> 44859 <criterion test_ref="oval:org.opensuse.security:tst:2009076048" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr15.0-0.5.1"/> 44860 <criterion test_ref="oval:org.opensuse.security:tst:2009076049" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr15.0-0.5.1"/> 44861 <criterion test_ref="oval:org.opensuse.security:tst:2009076050" comment="java-1_5_0-ibm-src less than 1.5.0_sr15.0-0.5.1"/> 44862 <criterion test_ref="oval:org.opensuse.security:tst:2009076051" comment="java-1_5_0-ibm less than 1.5.0_sr15.0-0.5.1"/> 44863 </criteria> 44864 </criteria> 44865 </definition> 44866 <definition id="oval:org.opensuse.security:def:20125075" version="1" class="vulnerability"> 44867 <metadata> 44868 <title>CVE-2012-5075</title> 44869 <affected family="unix"> 44870 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44871 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44872 </affected> 44873 <reference ref_id="CVE-2012-5075" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5075" source="CVE"/> 44874 <description> 44875 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX. 44876 </description> 44877 </metadata> 44878 <!-- bb56b08850390b907db4d458f187e204 --> 44879 <criteria operator="AND"> 44880 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44881 <criteria operator="OR"> 44882 <criterion test_ref="oval:org.opensuse.security:tst:2009076041" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr15.0-0.5.1"/> 44883 <criterion test_ref="oval:org.opensuse.security:tst:2009076042" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr15.0-0.5.1"/> 44884 <criterion test_ref="oval:org.opensuse.security:tst:2009076043" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr15.0-0.5.1"/> 44885 <criterion test_ref="oval:org.opensuse.security:tst:2009076044" comment="java-1_5_0-ibm-demo less than 1.5.0_sr15.0-0.5.1"/> 44886 <criterion test_ref="oval:org.opensuse.security:tst:2009076045" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr15.0-0.5.1"/> 44887 <criterion test_ref="oval:org.opensuse.security:tst:2009076046" comment="java-1_5_0-ibm-devel less than 1.5.0_sr15.0-0.5.1"/> 44888 <criterion test_ref="oval:org.opensuse.security:tst:2009076047" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr15.0-0.5.1"/> 44889 <criterion test_ref="oval:org.opensuse.security:tst:2009076048" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr15.0-0.5.1"/> 44890 <criterion test_ref="oval:org.opensuse.security:tst:2009076049" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr15.0-0.5.1"/> 44891 <criterion test_ref="oval:org.opensuse.security:tst:2009076050" comment="java-1_5_0-ibm-src less than 1.5.0_sr15.0-0.5.1"/> 44892 <criterion test_ref="oval:org.opensuse.security:tst:2009076051" comment="java-1_5_0-ibm less than 1.5.0_sr15.0-0.5.1"/> 44893 </criteria> 44894 </criteria> 44895 </definition> 44896 <definition id="oval:org.opensuse.security:def:20125079" version="1" class="vulnerability"> 44897 <metadata> 44898 <title>CVE-2012-5079</title> 44899 <affected family="unix"> 44900 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44901 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44902 </affected> 44903 <reference ref_id="CVE-2012-5079" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5079" source="CVE"/> 44904 <description> 44905 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. 44906 </description> 44907 </metadata> 44908 <!-- bb56b08850390b907db4d458f187e204 --> 44909 <criteria operator="AND"> 44910 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44911 <criteria operator="OR"> 44912 <criterion test_ref="oval:org.opensuse.security:tst:2009076041" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr15.0-0.5.1"/> 44913 <criterion test_ref="oval:org.opensuse.security:tst:2009076042" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr15.0-0.5.1"/> 44914 <criterion test_ref="oval:org.opensuse.security:tst:2009076043" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr15.0-0.5.1"/> 44915 <criterion test_ref="oval:org.opensuse.security:tst:2009076044" comment="java-1_5_0-ibm-demo less than 1.5.0_sr15.0-0.5.1"/> 44916 <criterion test_ref="oval:org.opensuse.security:tst:2009076045" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr15.0-0.5.1"/> 44917 <criterion test_ref="oval:org.opensuse.security:tst:2009076046" comment="java-1_5_0-ibm-devel less than 1.5.0_sr15.0-0.5.1"/> 44918 <criterion test_ref="oval:org.opensuse.security:tst:2009076047" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr15.0-0.5.1"/> 44919 <criterion test_ref="oval:org.opensuse.security:tst:2009076048" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr15.0-0.5.1"/> 44920 <criterion test_ref="oval:org.opensuse.security:tst:2009076049" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr15.0-0.5.1"/> 44921 <criterion test_ref="oval:org.opensuse.security:tst:2009076050" comment="java-1_5_0-ibm-src less than 1.5.0_sr15.0-0.5.1"/> 44922 <criterion test_ref="oval:org.opensuse.security:tst:2009076051" comment="java-1_5_0-ibm less than 1.5.0_sr15.0-0.5.1"/> 44923 </criteria> 44924 </criteria> 44925 </definition> 44926 <definition id="oval:org.opensuse.security:def:20125081" version="1" class="vulnerability"> 44927 <metadata> 44928 <title>CVE-2012-5081</title> 44929 <affected family="unix"> 44930 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44931 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44932 </affected> 44933 <reference ref_id="CVE-2012-5081" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5081" source="CVE"/> 44934 <description> 44935 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE. 44936 </description> 44937 </metadata> 44938 <!-- bb56b08850390b907db4d458f187e204 --> 44939 <criteria operator="AND"> 44940 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44941 <criteria operator="OR"> 44942 <criterion test_ref="oval:org.opensuse.security:tst:2009076041" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr15.0-0.5.1"/> 44943 <criterion test_ref="oval:org.opensuse.security:tst:2009076042" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr15.0-0.5.1"/> 44944 <criterion test_ref="oval:org.opensuse.security:tst:2009076043" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr15.0-0.5.1"/> 44945 <criterion test_ref="oval:org.opensuse.security:tst:2009076044" comment="java-1_5_0-ibm-demo less than 1.5.0_sr15.0-0.5.1"/> 44946 <criterion test_ref="oval:org.opensuse.security:tst:2009076045" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr15.0-0.5.1"/> 44947 <criterion test_ref="oval:org.opensuse.security:tst:2009076046" comment="java-1_5_0-ibm-devel less than 1.5.0_sr15.0-0.5.1"/> 44948 <criterion test_ref="oval:org.opensuse.security:tst:2009076047" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr15.0-0.5.1"/> 44949 <criterion test_ref="oval:org.opensuse.security:tst:2009076048" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr15.0-0.5.1"/> 44950 <criterion test_ref="oval:org.opensuse.security:tst:2009076049" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr15.0-0.5.1"/> 44951 <criterion test_ref="oval:org.opensuse.security:tst:2009076050" comment="java-1_5_0-ibm-src less than 1.5.0_sr15.0-0.5.1"/> 44952 <criterion test_ref="oval:org.opensuse.security:tst:2009076051" comment="java-1_5_0-ibm less than 1.5.0_sr15.0-0.5.1"/> 44953 </criteria> 44954 </criteria> 44955 </definition> 44956 <definition id="oval:org.opensuse.security:def:20125083" version="1" class="vulnerability"> 44957 <metadata> 44958 <title>CVE-2012-5083</title> 44959 <affected family="unix"> 44960 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44961 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44962 </affected> 44963 <reference ref_id="CVE-2012-5083" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5083" source="CVE"/> 44964 <description> 44965 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.2_38 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. 44966 </description> 44967 </metadata> 44968 <!-- bb56b08850390b907db4d458f187e204 --> 44969 <criteria operator="AND"> 44970 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 44971 <criteria operator="OR"> 44972 <criterion test_ref="oval:org.opensuse.security:tst:2009076041" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr15.0-0.5.1"/> 44973 <criterion test_ref="oval:org.opensuse.security:tst:2009076042" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr15.0-0.5.1"/> 44974 <criterion test_ref="oval:org.opensuse.security:tst:2009076043" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr15.0-0.5.1"/> 44975 <criterion test_ref="oval:org.opensuse.security:tst:2009076044" comment="java-1_5_0-ibm-demo less than 1.5.0_sr15.0-0.5.1"/> 44976 <criterion test_ref="oval:org.opensuse.security:tst:2009076045" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr15.0-0.5.1"/> 44977 <criterion test_ref="oval:org.opensuse.security:tst:2009076046" comment="java-1_5_0-ibm-devel less than 1.5.0_sr15.0-0.5.1"/> 44978 <criterion test_ref="oval:org.opensuse.security:tst:2009076047" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr15.0-0.5.1"/> 44979 <criterion test_ref="oval:org.opensuse.security:tst:2009076048" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr15.0-0.5.1"/> 44980 <criterion test_ref="oval:org.opensuse.security:tst:2009076049" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr15.0-0.5.1"/> 44981 <criterion test_ref="oval:org.opensuse.security:tst:2009076050" comment="java-1_5_0-ibm-src less than 1.5.0_sr15.0-0.5.1"/> 44982 <criterion test_ref="oval:org.opensuse.security:tst:2009076051" comment="java-1_5_0-ibm less than 1.5.0_sr15.0-0.5.1"/> 44983 </criteria> 44984 </criteria> 44985 </definition> 44986 <definition id="oval:org.opensuse.security:def:20125084" version="1" class="vulnerability"> 44987 <metadata> 44988 <title>CVE-2012-5084</title> 44989 <affected family="unix"> 44990 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 44991 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 44992 </affected> 44993 <reference ref_id="CVE-2012-5084" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5084" source="CVE"/> 44994 <description> 44995 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing. 44996 </description> 44997 </metadata> 44998 <!-- bb56b08850390b907db4d458f187e204 --> 44999 <criteria operator="AND"> 45000 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45001 <criteria operator="OR"> 45002 <criterion test_ref="oval:org.opensuse.security:tst:2009076041" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr15.0-0.5.1"/> 45003 <criterion test_ref="oval:org.opensuse.security:tst:2009076042" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr15.0-0.5.1"/> 45004 <criterion test_ref="oval:org.opensuse.security:tst:2009076043" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr15.0-0.5.1"/> 45005 <criterion test_ref="oval:org.opensuse.security:tst:2009076044" comment="java-1_5_0-ibm-demo less than 1.5.0_sr15.0-0.5.1"/> 45006 <criterion test_ref="oval:org.opensuse.security:tst:2009076045" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr15.0-0.5.1"/> 45007 <criterion test_ref="oval:org.opensuse.security:tst:2009076046" comment="java-1_5_0-ibm-devel less than 1.5.0_sr15.0-0.5.1"/> 45008 <criterion test_ref="oval:org.opensuse.security:tst:2009076047" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr15.0-0.5.1"/> 45009 <criterion test_ref="oval:org.opensuse.security:tst:2009076048" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr15.0-0.5.1"/> 45010 <criterion test_ref="oval:org.opensuse.security:tst:2009076049" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr15.0-0.5.1"/> 45011 <criterion test_ref="oval:org.opensuse.security:tst:2009076050" comment="java-1_5_0-ibm-src less than 1.5.0_sr15.0-0.5.1"/> 45012 <criterion test_ref="oval:org.opensuse.security:tst:2009076051" comment="java-1_5_0-ibm less than 1.5.0_sr15.0-0.5.1"/> 45013 </criteria> 45014 </criteria> 45015 </definition> 45016 <definition id="oval:org.opensuse.security:def:20125089" version="1" class="vulnerability"> 45017 <metadata> 45018 <title>CVE-2012-5089</title> 45019 <affected family="unix"> 45020 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45021 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45022 </affected> 45023 <reference ref_id="CVE-2012-5089" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5089" source="CVE"/> 45024 <description> 45025 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX. 45026 </description> 45027 </metadata> 45028 <!-- bb56b08850390b907db4d458f187e204 --> 45029 <criteria operator="AND"> 45030 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45031 <criteria operator="OR"> 45032 <criterion test_ref="oval:org.opensuse.security:tst:2009076041" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr15.0-0.5.1"/> 45033 <criterion test_ref="oval:org.opensuse.security:tst:2009076042" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr15.0-0.5.1"/> 45034 <criterion test_ref="oval:org.opensuse.security:tst:2009076043" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr15.0-0.5.1"/> 45035 <criterion test_ref="oval:org.opensuse.security:tst:2009076044" comment="java-1_5_0-ibm-demo less than 1.5.0_sr15.0-0.5.1"/> 45036 <criterion test_ref="oval:org.opensuse.security:tst:2009076045" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr15.0-0.5.1"/> 45037 <criterion test_ref="oval:org.opensuse.security:tst:2009076046" comment="java-1_5_0-ibm-devel less than 1.5.0_sr15.0-0.5.1"/> 45038 <criterion test_ref="oval:org.opensuse.security:tst:2009076047" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr15.0-0.5.1"/> 45039 <criterion test_ref="oval:org.opensuse.security:tst:2009076048" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr15.0-0.5.1"/> 45040 <criterion test_ref="oval:org.opensuse.security:tst:2009076049" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr15.0-0.5.1"/> 45041 <criterion test_ref="oval:org.opensuse.security:tst:2009076050" comment="java-1_5_0-ibm-src less than 1.5.0_sr15.0-0.5.1"/> 45042 <criterion test_ref="oval:org.opensuse.security:tst:2009076051" comment="java-1_5_0-ibm less than 1.5.0_sr15.0-0.5.1"/> 45043 </criteria> 45044 </criteria> 45045 </definition> 45046 <definition id="oval:org.opensuse.security:def:20125134" version="1" class="vulnerability"> 45047 <metadata> 45048 <title>CVE-2012-5134</title> 45049 <affected family="unix"> 45050 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45051 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45052 </affected> 45053 <reference ref_id="CVE-2012-5134" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134" source="CVE"/> 45054 <description> 45055 Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document. 45056 </description> 45057 </metadata> 45058 <!-- 109525a062f4923fd62bd1c1a3772bd8 --> 45059 <criteria operator="AND"> 45060 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45061 <criteria operator="OR"> 45062 <criterion test_ref="oval:org.opensuse.security:tst:2009076162" comment="libxml2-32bit less than 2.6.23-15.35.1"/> 45063 <criterion test_ref="oval:org.opensuse.security:tst:2009076163" comment="libxml2-devel-32bit less than 2.6.23-15.35.1"/> 45064 <criterion test_ref="oval:org.opensuse.security:tst:2009076164" comment="libxml2-devel less than 2.6.23-15.35.1"/> 45065 <criterion test_ref="oval:org.opensuse.security:tst:2009076165" comment="libxml2-python less than 2.6.23-15.35.1"/> 45066 <criterion test_ref="oval:org.opensuse.security:tst:2009076166" comment="libxml2 less than 2.6.23-15.35.1"/> 45067 </criteria> 45068 </criteria> 45069 </definition> 45070 <definition id="oval:org.opensuse.security:def:20125166" version="1" class="vulnerability"> 45071 <metadata> 45072 <title>CVE-2012-5166</title> 45073 <affected family="unix"> 45074 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45075 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45076 </affected> 45077 <reference ref_id="CVE-2012-5166" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166" source="CVE"/> 45078 <description> 45079 ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records. 45080 </description> 45081 </metadata> 45082 <!-- 0491290854c3af020f68ff0d5b8b26cd --> 45083 <criteria operator="AND"> 45084 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45085 <criteria operator="OR"> 45086 <criterion test_ref="oval:org.opensuse.security:tst:2009075857" comment="bind-libs-32bit less than 9.6ESVR7P4-0.7.1"/> 45087 <criterion test_ref="oval:org.opensuse.security:tst:2009075858" comment="bind-libs less than 9.6ESVR7P4-0.7.1"/> 45088 <criterion test_ref="oval:org.opensuse.security:tst:2009075859" comment="bind-utils less than 9.6ESVR7P4-0.7.1"/> 45089 </criteria> 45090 </criteria> 45091 </definition> 45092 <definition id="oval:org.opensuse.security:def:20125248" version="1" class="vulnerability"> 45093 <metadata> 45094 <title>CVE-2012-5248</title> 45095 <affected family="unix"> 45096 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45097 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45098 </affected> 45099 <reference ref_id="CVE-2012-5248" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5248" source="CVE"/> 45100 <description> 45101 Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. 45102 </description> 45103 </metadata> 45104 <!-- 9861c635f16f057af9420d20facf5938 --> 45105 <criteria operator="AND"> 45106 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45107 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45108 </criteria> 45109 </definition> 45110 <definition id="oval:org.opensuse.security:def:20125249" version="1" class="vulnerability"> 45111 <metadata> 45112 <title>CVE-2012-5249</title> 45113 <affected family="unix"> 45114 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45115 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45116 </affected> 45117 <reference ref_id="CVE-2012-5249" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5249" source="CVE"/> 45118 <description> 45119 Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. 45120 </description> 45121 </metadata> 45122 <!-- 9861c635f16f057af9420d20facf5938 --> 45123 <criteria operator="AND"> 45124 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45125 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45126 </criteria> 45127 </definition> 45128 <definition id="oval:org.opensuse.security:def:20125250" version="1" class="vulnerability"> 45129 <metadata> 45130 <title>CVE-2012-5250</title> 45131 <affected family="unix"> 45132 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45133 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45134 </affected> 45135 <reference ref_id="CVE-2012-5250" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5250" source="CVE"/> 45136 <description> 45137 Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. 45138 </description> 45139 </metadata> 45140 <!-- 9861c635f16f057af9420d20facf5938 --> 45141 <criteria operator="AND"> 45142 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45143 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45144 </criteria> 45145 </definition> 45146 <definition id="oval:org.opensuse.security:def:20125251" version="1" class="vulnerability"> 45147 <metadata> 45148 <title>CVE-2012-5251</title> 45149 <affected family="unix"> 45150 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45151 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45152 </affected> 45153 <reference ref_id="CVE-2012-5251" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5251" source="CVE"/> 45154 <description> 45155 Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. 45156 </description> 45157 </metadata> 45158 <!-- 9861c635f16f057af9420d20facf5938 --> 45159 <criteria operator="AND"> 45160 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45161 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45162 </criteria> 45163 </definition> 45164 <definition id="oval:org.opensuse.security:def:20125252" version="1" class="vulnerability"> 45165 <metadata> 45166 <title>CVE-2012-5252</title> 45167 <affected family="unix"> 45168 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45169 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45170 </affected> 45171 <reference ref_id="CVE-2012-5252" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5252" source="CVE"/> 45172 <description> 45173 Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. 45174 </description> 45175 </metadata> 45176 <!-- 9861c635f16f057af9420d20facf5938 --> 45177 <criteria operator="AND"> 45178 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45179 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45180 </criteria> 45181 </definition> 45182 <definition id="oval:org.opensuse.security:def:20125253" version="1" class="vulnerability"> 45183 <metadata> 45184 <title>CVE-2012-5253</title> 45185 <affected family="unix"> 45186 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45187 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45188 </affected> 45189 <reference ref_id="CVE-2012-5253" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5253" source="CVE"/> 45190 <description> 45191 Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. 45192 </description> 45193 </metadata> 45194 <!-- 9861c635f16f057af9420d20facf5938 --> 45195 <criteria operator="AND"> 45196 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45197 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45198 </criteria> 45199 </definition> 45200 <definition id="oval:org.opensuse.security:def:20125254" version="1" class="vulnerability"> 45201 <metadata> 45202 <title>CVE-2012-5254</title> 45203 <affected family="unix"> 45204 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45205 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45206 </affected> 45207 <reference ref_id="CVE-2012-5254" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5254" source="CVE"/> 45208 <description> 45209 Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. 45210 </description> 45211 </metadata> 45212 <!-- 9861c635f16f057af9420d20facf5938 --> 45213 <criteria operator="AND"> 45214 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45215 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45216 </criteria> 45217 </definition> 45218 <definition id="oval:org.opensuse.security:def:20125255" version="1" class="vulnerability"> 45219 <metadata> 45220 <title>CVE-2012-5255</title> 45221 <affected family="unix"> 45222 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45223 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45224 </affected> 45225 <reference ref_id="CVE-2012-5255" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5255" source="CVE"/> 45226 <description> 45227 Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. 45228 </description> 45229 </metadata> 45230 <!-- 9861c635f16f057af9420d20facf5938 --> 45231 <criteria operator="AND"> 45232 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45233 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45234 </criteria> 45235 </definition> 45236 <definition id="oval:org.opensuse.security:def:20125256" version="1" class="vulnerability"> 45237 <metadata> 45238 <title>CVE-2012-5256</title> 45239 <affected family="unix"> 45240 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45241 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45242 </affected> 45243 <reference ref_id="CVE-2012-5256" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5256" source="CVE"/> 45244 <description> 45245 Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. 45246 </description> 45247 </metadata> 45248 <!-- 9861c635f16f057af9420d20facf5938 --> 45249 <criteria operator="AND"> 45250 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45251 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45252 </criteria> 45253 </definition> 45254 <definition id="oval:org.opensuse.security:def:20125257" version="1" class="vulnerability"> 45255 <metadata> 45256 <title>CVE-2012-5257</title> 45257 <affected family="unix"> 45258 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45259 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45260 </affected> 45261 <reference ref_id="CVE-2012-5257" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5257" source="CVE"/> 45262 <description> 45263 Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. 45264 </description> 45265 </metadata> 45266 <!-- 9861c635f16f057af9420d20facf5938 --> 45267 <criteria operator="AND"> 45268 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45269 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45270 </criteria> 45271 </definition> 45272 <definition id="oval:org.opensuse.security:def:20125258" version="1" class="vulnerability"> 45273 <metadata> 45274 <title>CVE-2012-5258</title> 45275 <affected family="unix"> 45276 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45277 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45278 </affected> 45279 <reference ref_id="CVE-2012-5258" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5258" source="CVE"/> 45280 <description> 45281 Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. 45282 </description> 45283 </metadata> 45284 <!-- 9861c635f16f057af9420d20facf5938 --> 45285 <criteria operator="AND"> 45286 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45287 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45288 </criteria> 45289 </definition> 45290 <definition id="oval:org.opensuse.security:def:20125259" version="1" class="vulnerability"> 45291 <metadata> 45292 <title>CVE-2012-5259</title> 45293 <affected family="unix"> 45294 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45295 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45296 </affected> 45297 <reference ref_id="CVE-2012-5259" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5259" source="CVE"/> 45298 <description> 45299 Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. 45300 </description> 45301 </metadata> 45302 <!-- 9861c635f16f057af9420d20facf5938 --> 45303 <criteria operator="AND"> 45304 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45305 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45306 </criteria> 45307 </definition> 45308 <definition id="oval:org.opensuse.security:def:20125260" version="1" class="vulnerability"> 45309 <metadata> 45310 <title>CVE-2012-5260</title> 45311 <affected family="unix"> 45312 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45313 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45314 </affected> 45315 <reference ref_id="CVE-2012-5260" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5260" source="CVE"/> 45316 <description> 45317 Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. 45318 </description> 45319 </metadata> 45320 <!-- 9861c635f16f057af9420d20facf5938 --> 45321 <criteria operator="AND"> 45322 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45323 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45324 </criteria> 45325 </definition> 45326 <definition id="oval:org.opensuse.security:def:20125261" version="1" class="vulnerability"> 45327 <metadata> 45328 <title>CVE-2012-5261</title> 45329 <affected family="unix"> 45330 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45331 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45332 </affected> 45333 <reference ref_id="CVE-2012-5261" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5261" source="CVE"/> 45334 <description> 45335 Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. 45336 </description> 45337 </metadata> 45338 <!-- 9861c635f16f057af9420d20facf5938 --> 45339 <criteria operator="AND"> 45340 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45341 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45342 </criteria> 45343 </definition> 45344 <definition id="oval:org.opensuse.security:def:20125262" version="1" class="vulnerability"> 45345 <metadata> 45346 <title>CVE-2012-5262</title> 45347 <affected family="unix"> 45348 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45349 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45350 </affected> 45351 <reference ref_id="CVE-2012-5262" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5262" source="CVE"/> 45352 <description> 45353 Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. 45354 </description> 45355 </metadata> 45356 <!-- 9861c635f16f057af9420d20facf5938 --> 45357 <criteria operator="AND"> 45358 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45359 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45360 </criteria> 45361 </definition> 45362 <definition id="oval:org.opensuse.security:def:20125263" version="1" class="vulnerability"> 45363 <metadata> 45364 <title>CVE-2012-5263</title> 45365 <affected family="unix"> 45366 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45367 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45368 </affected> 45369 <reference ref_id="CVE-2012-5263" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5263" source="CVE"/> 45370 <description> 45371 Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. 45372 </description> 45373 </metadata> 45374 <!-- 9861c635f16f057af9420d20facf5938 --> 45375 <criteria operator="AND"> 45376 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45377 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45378 </criteria> 45379 </definition> 45380 <definition id="oval:org.opensuse.security:def:20125264" version="1" class="vulnerability"> 45381 <metadata> 45382 <title>CVE-2012-5264</title> 45383 <affected family="unix"> 45384 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45385 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45386 </affected> 45387 <reference ref_id="CVE-2012-5264" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5264" source="CVE"/> 45388 <description> 45389 Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. 45390 </description> 45391 </metadata> 45392 <!-- 9861c635f16f057af9420d20facf5938 --> 45393 <criteria operator="AND"> 45394 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45395 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45396 </criteria> 45397 </definition> 45398 <definition id="oval:org.opensuse.security:def:20125265" version="1" class="vulnerability"> 45399 <metadata> 45400 <title>CVE-2012-5265</title> 45401 <affected family="unix"> 45402 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45403 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45404 </affected> 45405 <reference ref_id="CVE-2012-5265" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5265" source="CVE"/> 45406 <description> 45407 Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. 45408 </description> 45409 </metadata> 45410 <!-- 9861c635f16f057af9420d20facf5938 --> 45411 <criteria operator="AND"> 45412 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45413 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45414 </criteria> 45415 </definition> 45416 <definition id="oval:org.opensuse.security:def:20125266" version="1" class="vulnerability"> 45417 <metadata> 45418 <title>CVE-2012-5266</title> 45419 <affected family="unix"> 45420 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45421 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45422 </affected> 45423 <reference ref_id="CVE-2012-5266" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5266" source="CVE"/> 45424 <description> 45425 Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. 45426 </description> 45427 </metadata> 45428 <!-- 9861c635f16f057af9420d20facf5938 --> 45429 <criteria operator="AND"> 45430 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45431 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45432 </criteria> 45433 </definition> 45434 <definition id="oval:org.opensuse.security:def:20125267" version="1" class="vulnerability"> 45435 <metadata> 45436 <title>CVE-2012-5267</title> 45437 <affected family="unix"> 45438 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45439 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45440 </affected> 45441 <reference ref_id="CVE-2012-5267" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5267" source="CVE"/> 45442 <description> 45443 Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. 45444 </description> 45445 </metadata> 45446 <!-- 9861c635f16f057af9420d20facf5938 --> 45447 <criteria operator="AND"> 45448 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45449 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45450 </criteria> 45451 </definition> 45452 <definition id="oval:org.opensuse.security:def:20125268" version="1" class="vulnerability"> 45453 <metadata> 45454 <title>CVE-2012-5268</title> 45455 <affected family="unix"> 45456 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45457 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45458 </affected> 45459 <reference ref_id="CVE-2012-5268" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5268" source="CVE"/> 45460 <description> 45461 Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. 45462 </description> 45463 </metadata> 45464 <!-- 9861c635f16f057af9420d20facf5938 --> 45465 <criteria operator="AND"> 45466 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45467 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45468 </criteria> 45469 </definition> 45470 <definition id="oval:org.opensuse.security:def:20125269" version="1" class="vulnerability"> 45471 <metadata> 45472 <title>CVE-2012-5269</title> 45473 <affected family="unix"> 45474 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45475 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45476 </affected> 45477 <reference ref_id="CVE-2012-5269" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5269" source="CVE"/> 45478 <description> 45479 Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. 45480 </description> 45481 </metadata> 45482 <!-- 9861c635f16f057af9420d20facf5938 --> 45483 <criteria operator="AND"> 45484 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45485 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45486 </criteria> 45487 </definition> 45488 <definition id="oval:org.opensuse.security:def:20125270" version="1" class="vulnerability"> 45489 <metadata> 45490 <title>CVE-2012-5270</title> 45491 <affected family="unix"> 45492 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45493 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45494 </affected> 45495 <reference ref_id="CVE-2012-5270" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5270" source="CVE"/> 45496 <description> 45497 Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. 45498 </description> 45499 </metadata> 45500 <!-- 9861c635f16f057af9420d20facf5938 --> 45501 <criteria operator="AND"> 45502 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45503 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45504 </criteria> 45505 </definition> 45506 <definition id="oval:org.opensuse.security:def:20125271" version="1" class="vulnerability"> 45507 <metadata> 45508 <title>CVE-2012-5271</title> 45509 <affected family="unix"> 45510 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45511 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45512 </affected> 45513 <reference ref_id="CVE-2012-5271" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5271" source="CVE"/> 45514 <description> 45515 Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. 45516 </description> 45517 </metadata> 45518 <!-- 9861c635f16f057af9420d20facf5938 --> 45519 <criteria operator="AND"> 45520 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45521 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45522 </criteria> 45523 </definition> 45524 <definition id="oval:org.opensuse.security:def:20125272" version="1" class="vulnerability"> 45525 <metadata> 45526 <title>CVE-2012-5272</title> 45527 <affected family="unix"> 45528 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45529 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45530 </affected> 45531 <reference ref_id="CVE-2012-5272" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5272" source="CVE"/> 45532 <description> 45533 Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. 45534 </description> 45535 </metadata> 45536 <!-- 9861c635f16f057af9420d20facf5938 --> 45537 <criteria operator="AND"> 45538 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45539 <criterion test_ref="oval:org.opensuse.security:tst:2009075800" comment="flash-player less than 11.2.202.243-0.5.1"/> 45540 </criteria> 45541 </definition> 45542 <definition id="oval:org.opensuse.security:def:20125274" version="1" class="vulnerability"> 45543 <metadata> 45544 <title>CVE-2012-5274</title> 45545 <affected family="unix"> 45546 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45547 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45548 </affected> 45549 <reference ref_id="CVE-2012-5274" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5274" source="CVE"/> 45550 <description> 45551 Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, and CVE-2012-5280. 45552 </description> 45553 </metadata> 45554 <!-- 8a2ea2251ceaffe0fb0d2fb2849a774e --> 45555 <criteria operator="AND"> 45556 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45557 <criterion test_ref="oval:org.opensuse.security:tst:2009076018" comment="flash-player less than 11.2.202.251-0.5.1"/> 45558 </criteria> 45559 </definition> 45560 <definition id="oval:org.opensuse.security:def:20125275" version="1" class="vulnerability"> 45561 <metadata> 45562 <title>CVE-2012-5275</title> 45563 <affected family="unix"> 45564 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45565 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45566 </affected> 45567 <reference ref_id="CVE-2012-5275" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5275" source="CVE"/> 45568 <description> 45569 Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5276, CVE-2012-5277, and CVE-2012-5280. 45570 </description> 45571 </metadata> 45572 <!-- 8a2ea2251ceaffe0fb0d2fb2849a774e --> 45573 <criteria operator="AND"> 45574 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45575 <criterion test_ref="oval:org.opensuse.security:tst:2009076018" comment="flash-player less than 11.2.202.251-0.5.1"/> 45576 </criteria> 45577 </definition> 45578 <definition id="oval:org.opensuse.security:def:20125276" version="1" class="vulnerability"> 45579 <metadata> 45580 <title>CVE-2012-5276</title> 45581 <affected family="unix"> 45582 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45583 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45584 </affected> 45585 <reference ref_id="CVE-2012-5276" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5276" source="CVE"/> 45586 <description> 45587 Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5277, and CVE-2012-5280. 45588 </description> 45589 </metadata> 45590 <!-- 8a2ea2251ceaffe0fb0d2fb2849a774e --> 45591 <criteria operator="AND"> 45592 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45593 <criterion test_ref="oval:org.opensuse.security:tst:2009076018" comment="flash-player less than 11.2.202.251-0.5.1"/> 45594 </criteria> 45595 </definition> 45596 <definition id="oval:org.opensuse.security:def:20125277" version="1" class="vulnerability"> 45597 <metadata> 45598 <title>CVE-2012-5277</title> 45599 <affected family="unix"> 45600 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45601 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45602 </affected> 45603 <reference ref_id="CVE-2012-5277" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5277" source="CVE"/> 45604 <description> 45605 Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, and CVE-2012-5280. 45606 </description> 45607 </metadata> 45608 <!-- 8a2ea2251ceaffe0fb0d2fb2849a774e --> 45609 <criteria operator="AND"> 45610 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45611 <criterion test_ref="oval:org.opensuse.security:tst:2009076018" comment="flash-player less than 11.2.202.251-0.5.1"/> 45612 </criteria> 45613 </definition> 45614 <definition id="oval:org.opensuse.security:def:20125278" version="1" class="vulnerability"> 45615 <metadata> 45616 <title>CVE-2012-5278</title> 45617 <affected family="unix"> 45618 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45619 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45620 </affected> 45621 <reference ref_id="CVE-2012-5278" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5278" source="CVE"/> 45622 <description> 45623 Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors. 45624 </description> 45625 </metadata> 45626 <!-- 8a2ea2251ceaffe0fb0d2fb2849a774e --> 45627 <criteria operator="AND"> 45628 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45629 <criterion test_ref="oval:org.opensuse.security:tst:2009076018" comment="flash-player less than 11.2.202.251-0.5.1"/> 45630 </criteria> 45631 </definition> 45632 <definition id="oval:org.opensuse.security:def:20125279" version="1" class="vulnerability"> 45633 <metadata> 45634 <title>CVE-2012-5279</title> 45635 <affected family="unix"> 45636 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45637 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45638 </affected> 45639 <reference ref_id="CVE-2012-5279" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5279" source="CVE"/> 45640 <description> 45641 Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. 45642 </description> 45643 </metadata> 45644 <!-- 8a2ea2251ceaffe0fb0d2fb2849a774e --> 45645 <criteria operator="AND"> 45646 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45647 <criterion test_ref="oval:org.opensuse.security:tst:2009076018" comment="flash-player less than 11.2.202.251-0.5.1"/> 45648 </criteria> 45649 </definition> 45650 <definition id="oval:org.opensuse.security:def:20125280" version="1" class="vulnerability"> 45651 <metadata> 45652 <title>CVE-2012-5280</title> 45653 <affected family="unix"> 45654 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45655 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45656 </affected> 45657 <reference ref_id="CVE-2012-5280" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5280" source="CVE"/> 45658 <description> 45659 Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, and CVE-2012-5277. 45660 </description> 45661 </metadata> 45662 <!-- 8a2ea2251ceaffe0fb0d2fb2849a774e --> 45663 <criteria operator="AND"> 45664 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45665 <criterion test_ref="oval:org.opensuse.security:tst:2009076018" comment="flash-player less than 11.2.202.251-0.5.1"/> 45666 </criteria> 45667 </definition> 45668 <definition id="oval:org.opensuse.security:def:20125513" version="1" class="vulnerability"> 45669 <metadata> 45670 <title>CVE-2012-5513</title> 45671 <affected family="unix"> 45672 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45673 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45674 </affected> 45675 <reference ref_id="CVE-2012-5513" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5513" source="CVE"/> 45676 <description> 45677 The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range. 45678 </description> 45679 </metadata> 45680 <!-- 193b206adfdaf6da1ce1c5ced79e9f29 --> 45681 <criteria operator="AND"> 45682 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45683 <criteria operator="OR"> 45684 <criterion test_ref="oval:org.opensuse.security:tst:2009076124" comment="xen-devel less than 3.2.3_17040_44-0.7.1"/> 45685 <criterion test_ref="oval:org.opensuse.security:tst:2009076125" comment="xen-doc-html less than 3.2.3_17040_44-0.7.1"/> 45686 <criterion test_ref="oval:org.opensuse.security:tst:2009076126" comment="xen-doc-pdf less than 3.2.3_17040_44-0.7.1"/> 45687 <criterion test_ref="oval:org.opensuse.security:tst:2009076127" comment="xen-doc-ps less than 3.2.3_17040_44-0.7.1"/> 45688 <criterion test_ref="oval:org.opensuse.security:tst:2009076128" comment="xen-kmp-bigsmp less than 3.2.3_17040_44_2.6.16.60_0.99.13-0.7.1"/> 45689 <criterion test_ref="oval:org.opensuse.security:tst:2009076129" comment="xen-kmp-default less than 3.2.3_17040_44_2.6.16.60_0.99.13-0.7.1"/> 45690 <criterion test_ref="oval:org.opensuse.security:tst:2009076130" comment="xen-kmp-smp less than 3.2.3_17040_44_2.6.16.60_0.99.13-0.7.1"/> 45691 <criterion test_ref="oval:org.opensuse.security:tst:2009076131" comment="xen-libs-32bit less than 3.2.3_17040_44-0.7.1"/> 45692 <criterion test_ref="oval:org.opensuse.security:tst:2009076132" comment="xen-libs less than 3.2.3_17040_44-0.7.1"/> 45693 <criterion test_ref="oval:org.opensuse.security:tst:2009076133" comment="xen-tools-domU less than 3.2.3_17040_44-0.7.1"/> 45694 <criterion test_ref="oval:org.opensuse.security:tst:2009076134" comment="xen-tools-ioemu less than 3.2.3_17040_44-0.7.1"/> 45695 <criterion test_ref="oval:org.opensuse.security:tst:2009076135" comment="xen-tools less than 3.2.3_17040_44-0.7.1"/> 45696 <criterion test_ref="oval:org.opensuse.security:tst:2009076136" comment="xen less than 3.2.3_17040_44-0.7.1"/> 45697 </criteria> 45698 </criteria> 45699 </definition> 45700 <definition id="oval:org.opensuse.security:def:20125515" version="1" class="vulnerability"> 45701 <metadata> 45702 <title>CVE-2012-5515</title> 45703 <affected family="unix"> 45704 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45705 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45706 </affected> 45707 <reference ref_id="CVE-2012-5515" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5515" source="CVE"/> 45708 <description> 45709 The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and earlier allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value. 45710 </description> 45711 </metadata> 45712 <!-- 193b206adfdaf6da1ce1c5ced79e9f29 --> 45713 <criteria operator="AND"> 45714 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45715 <criteria operator="OR"> 45716 <criterion test_ref="oval:org.opensuse.security:tst:2009076124" comment="xen-devel less than 3.2.3_17040_44-0.7.1"/> 45717 <criterion test_ref="oval:org.opensuse.security:tst:2009076125" comment="xen-doc-html less than 3.2.3_17040_44-0.7.1"/> 45718 <criterion test_ref="oval:org.opensuse.security:tst:2009076126" comment="xen-doc-pdf less than 3.2.3_17040_44-0.7.1"/> 45719 <criterion test_ref="oval:org.opensuse.security:tst:2009076127" comment="xen-doc-ps less than 3.2.3_17040_44-0.7.1"/> 45720 <criterion test_ref="oval:org.opensuse.security:tst:2009076128" comment="xen-kmp-bigsmp less than 3.2.3_17040_44_2.6.16.60_0.99.13-0.7.1"/> 45721 <criterion test_ref="oval:org.opensuse.security:tst:2009076129" comment="xen-kmp-default less than 3.2.3_17040_44_2.6.16.60_0.99.13-0.7.1"/> 45722 <criterion test_ref="oval:org.opensuse.security:tst:2009076130" comment="xen-kmp-smp less than 3.2.3_17040_44_2.6.16.60_0.99.13-0.7.1"/> 45723 <criterion test_ref="oval:org.opensuse.security:tst:2009076131" comment="xen-libs-32bit less than 3.2.3_17040_44-0.7.1"/> 45724 <criterion test_ref="oval:org.opensuse.security:tst:2009076132" comment="xen-libs less than 3.2.3_17040_44-0.7.1"/> 45725 <criterion test_ref="oval:org.opensuse.security:tst:2009076133" comment="xen-tools-domU less than 3.2.3_17040_44-0.7.1"/> 45726 <criterion test_ref="oval:org.opensuse.security:tst:2009076134" comment="xen-tools-ioemu less than 3.2.3_17040_44-0.7.1"/> 45727 <criterion test_ref="oval:org.opensuse.security:tst:2009076135" comment="xen-tools less than 3.2.3_17040_44-0.7.1"/> 45728 <criterion test_ref="oval:org.opensuse.security:tst:2009076136" comment="xen less than 3.2.3_17040_44-0.7.1"/> 45729 </criteria> 45730 </criteria> 45731 </definition> 45732 <definition id="oval:org.opensuse.security:def:20125525" version="1" class="vulnerability"> 45733 <metadata> 45734 <title>CVE-2012-5525</title> 45735 <affected family="unix"> 45736 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45737 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45738 </affected> 45739 <reference ref_id="CVE-2012-5525" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5525" source="CVE"/> 45740 <description> 45741 The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read. 45742 </description> 45743 </metadata> 45744 <!-- 193b206adfdaf6da1ce1c5ced79e9f29 --> 45745 <criteria operator="AND"> 45746 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45747 <criteria operator="OR"> 45748 <criterion test_ref="oval:org.opensuse.security:tst:2009076124" comment="xen-devel less than 3.2.3_17040_44-0.7.1"/> 45749 <criterion test_ref="oval:org.opensuse.security:tst:2009076125" comment="xen-doc-html less than 3.2.3_17040_44-0.7.1"/> 45750 <criterion test_ref="oval:org.opensuse.security:tst:2009076126" comment="xen-doc-pdf less than 3.2.3_17040_44-0.7.1"/> 45751 <criterion test_ref="oval:org.opensuse.security:tst:2009076127" comment="xen-doc-ps less than 3.2.3_17040_44-0.7.1"/> 45752 <criterion test_ref="oval:org.opensuse.security:tst:2009076128" comment="xen-kmp-bigsmp less than 3.2.3_17040_44_2.6.16.60_0.99.13-0.7.1"/> 45753 <criterion test_ref="oval:org.opensuse.security:tst:2009076129" comment="xen-kmp-default less than 3.2.3_17040_44_2.6.16.60_0.99.13-0.7.1"/> 45754 <criterion test_ref="oval:org.opensuse.security:tst:2009076130" comment="xen-kmp-smp less than 3.2.3_17040_44_2.6.16.60_0.99.13-0.7.1"/> 45755 <criterion test_ref="oval:org.opensuse.security:tst:2009076131" comment="xen-libs-32bit less than 3.2.3_17040_44-0.7.1"/> 45756 <criterion test_ref="oval:org.opensuse.security:tst:2009076132" comment="xen-libs less than 3.2.3_17040_44-0.7.1"/> 45757 <criterion test_ref="oval:org.opensuse.security:tst:2009076133" comment="xen-tools-domU less than 3.2.3_17040_44-0.7.1"/> 45758 <criterion test_ref="oval:org.opensuse.security:tst:2009076134" comment="xen-tools-ioemu less than 3.2.3_17040_44-0.7.1"/> 45759 <criterion test_ref="oval:org.opensuse.security:tst:2009076135" comment="xen-tools less than 3.2.3_17040_44-0.7.1"/> 45760 <criterion test_ref="oval:org.opensuse.security:tst:2009076136" comment="xen less than 3.2.3_17040_44-0.7.1"/> 45761 </criteria> 45762 </criteria> 45763 </definition> 45764 <definition id="oval:org.opensuse.security:def:20125526" version="1" class="vulnerability"> 45765 <metadata> 45766 <title>CVE-2012-5526</title> 45767 <affected family="unix"> 45768 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45769 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45770 </affected> 45771 <reference ref_id="CVE-2012-5526" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5526" source="CVE"/> 45772 <description> 45773 CGI.pm module before 3.63 for Perl does not properly escape newlines in (1) Set-Cookie or (2) P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm. 45774 </description> 45775 </metadata> 45776 <!-- ed1929d51b82752f08399dada0ae2769 --> 45777 <criteria operator="AND"> 45778 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45779 <criteria operator="OR"> 45780 <criterion test_ref="oval:org.opensuse.security:tst:2009076769" comment="perl-32bit less than 5.8.8-14.21.3"/> 45781 <criterion test_ref="oval:org.opensuse.security:tst:2009076770" comment="perl less than 5.8.8-14.21.3"/> 45782 </criteria> 45783 </criteria> 45784 </definition> 45785 <definition id="oval:org.opensuse.security:def:20125530" version="1" class="vulnerability"> 45786 <metadata> 45787 <title>CVE-2012-5530</title> 45788 <affected family="unix"> 45789 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45790 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45791 </affected> 45792 <reference ref_id="CVE-2012-5530" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5530" source="CVE"/> 45793 <description> 45794 The (1) pcmd and (2) pmlogger init scripts in Performance Co-Pilot (PCP) before 3.6.10 allow local users to overwrite arbitrary files via a symlink attack on a /var/tmp/##### temporary file. 45795 </description> 45796 </metadata> 45797 <!-- 86d59a2714828a99a56a3fdba3660c73 --> 45798 <criteria operator="AND"> 45799 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45800 <criterion test_ref="oval:org.opensuse.security:tst:2009076353" comment="permissions less than 2013.1.7-0.5.1"/> 45801 </criteria> 45802 </definition> 45803 <definition id="oval:org.opensuse.security:def:20125581" version="1" class="vulnerability"> 45804 <metadata> 45805 <title>CVE-2012-5581</title> 45806 <affected family="unix"> 45807 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45808 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45809 </affected> 45810 <reference ref_id="CVE-2012-5581" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5581" source="CVE"/> 45811 <description> 45812 Stack-based buffer overflow in tif_dir.c in LibTIFF before 4.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DOTRANGE tag in a TIFF image. 45813 </description> 45814 </metadata> 45815 <!-- e82a9ac77700ce38cd74ae7a74f81150 --> 45816 <criteria operator="AND"> 45817 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45818 <criteria operator="OR"> 45819 <criterion test_ref="oval:org.opensuse.security:tst:2009076448" comment="libtiff-32bit less than 3.8.2-5.32.1"/> 45820 <criterion test_ref="oval:org.opensuse.security:tst:2009076449" comment="libtiff-devel less than 3.8.2-5.32.1"/> 45821 <criterion test_ref="oval:org.opensuse.security:tst:2009076450" comment="libtiff less than 3.8.2-5.32.1"/> 45822 </criteria> 45823 </criteria> 45824 </definition> 45825 <definition id="oval:org.opensuse.security:def:20125594" version="1" class="vulnerability"> 45826 <metadata> 45827 <title>CVE-2012-5594</title> 45828 <affected family="unix"> 45829 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45830 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45831 </affected> 45832 <reference ref_id="CVE-2012-5594" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5594" source="CVE"/> 45833 <description> 45834 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6054. Reason: This candidate is a reservation duplicate of CVE-2012-6054. Notes: All CVE users should reference CVE-2012-6054 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. 45835 </description> 45836 </metadata> 45837 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 45838 <criteria operator="AND"> 45839 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45840 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 45841 </criteria> 45842 </definition> 45843 <definition id="oval:org.opensuse.security:def:20125595" version="1" class="vulnerability"> 45844 <metadata> 45845 <title>CVE-2012-5595</title> 45846 <affected family="unix"> 45847 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45848 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45849 </affected> 45850 <reference ref_id="CVE-2012-5595" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5595" source="CVE"/> 45851 <description> 45852 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6056. Reason: This candidate is a reservation duplicate of CVE-2012-6056. Notes: All CVE users should reference CVE-2012-6056 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. 45853 </description> 45854 </metadata> 45855 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 45856 <criteria operator="AND"> 45857 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45858 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 45859 </criteria> 45860 </definition> 45861 <definition id="oval:org.opensuse.security:def:20125643" version="1" class="vulnerability"> 45862 <metadata> 45863 <title>CVE-2012-5643</title> 45864 <affected family="unix"> 45865 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45866 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45867 </affected> 45868 <reference ref_id="CVE-2012-5643" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5643" source="CVE"/> 45869 <description> 45870 Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST requests, or (3) crafted authentication credentials. 45871 </description> 45872 </metadata> 45873 <!-- 850346f40016e8457b0ca1c737fbfd5d --> 45874 <criteria operator="AND"> 45875 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45876 <criterion test_ref="oval:org.opensuse.security:tst:2009076564" comment="squid less than 2.5.STABLE12-18.13.982.4.1"/> 45877 </criteria> 45878 </definition> 45879 <definition id="oval:org.opensuse.security:def:20125656" version="1" class="vulnerability"> 45880 <metadata> 45881 <title>CVE-2012-5656</title> 45882 <affected family="unix"> 45883 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45884 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45885 </affected> 45886 <reference ref_id="CVE-2012-5656" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5656" source="CVE"/> 45887 <description> 45888 The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack. 45889 </description> 45890 </metadata> 45891 <!-- d5a97ae9b73a7b9ad83db7b862966e52 --> 45892 <criteria operator="AND"> 45893 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45894 <criterion test_ref="oval:org.opensuse.security:tst:2009076677" comment="inkscape less than 0.43-20.22.1"/> 45895 </criteria> 45896 </definition> 45897 <definition id="oval:org.opensuse.security:def:20125668" version="1" class="vulnerability"> 45898 <metadata> 45899 <title>CVE-2012-5668</title> 45900 <affected family="unix"> 45901 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45902 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45903 </affected> 45904 <reference ref_id="CVE-2012-5668" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5668" source="CVE"/> 45905 <description> 45906 FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdf_free_font function. 45907 </description> 45908 </metadata> 45909 <!-- dae01abeb154b602c10bb1999a8eb916 --> 45910 <criteria operator="AND"> 45911 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45912 <criteria operator="OR"> 45913 <criterion test_ref="oval:org.opensuse.security:tst:2009076451" comment="freetype2-32bit less than 2.1.10-18.31.1"/> 45914 <criterion test_ref="oval:org.opensuse.security:tst:2009076452" comment="freetype2-devel-32bit less than 2.1.10-18.31.1"/> 45915 <criterion test_ref="oval:org.opensuse.security:tst:2009076453" comment="freetype2-devel less than 2.1.10-18.31.1"/> 45916 <criterion test_ref="oval:org.opensuse.security:tst:2009076454" comment="freetype2 less than 2.1.10-18.31.1"/> 45917 <criterion test_ref="oval:org.opensuse.security:tst:2009076455" comment="ft2demos less than 2.1.10-19.31.1"/> 45918 </criteria> 45919 </criteria> 45920 </definition> 45921 <definition id="oval:org.opensuse.security:def:20125676" version="1" class="vulnerability"> 45922 <metadata> 45923 <title>CVE-2012-5676</title> 45924 <affected family="unix"> 45925 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45926 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45927 </affected> 45928 <reference ref_id="CVE-2012-5676" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5676" source="CVE"/> 45929 <description> 45930 Buffer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; Adobe AIR before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X; and Adobe AIR SDK before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X allows attackers to execute arbitrary code via unspecified vectors. 45931 </description> 45932 </metadata> 45933 <!-- b7ac6ecdf7451e0c0240a0c459360503 --> 45934 <criteria operator="AND"> 45935 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45936 <criterion test_ref="oval:org.opensuse.security:tst:2009076204" comment="flash-player less than 11.2.202.258-0.5.1"/> 45937 </criteria> 45938 </definition> 45939 <definition id="oval:org.opensuse.security:def:20125677" version="1" class="vulnerability"> 45940 <metadata> 45941 <title>CVE-2012-5677</title> 45942 <affected family="unix"> 45943 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45944 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45945 </affected> 45946 <reference ref_id="CVE-2012-5677" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5677" source="CVE"/> 45947 <description> 45948 Integer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; Adobe AIR before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X; and Adobe AIR SDK before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X allows attackers to execute arbitrary code via unspecified vectors. 45949 </description> 45950 </metadata> 45951 <!-- b7ac6ecdf7451e0c0240a0c459360503 --> 45952 <criteria operator="AND"> 45953 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45954 <criterion test_ref="oval:org.opensuse.security:tst:2009076204" comment="flash-player less than 11.2.202.258-0.5.1"/> 45955 </criteria> 45956 </definition> 45957 <definition id="oval:org.opensuse.security:def:20125678" version="1" class="vulnerability"> 45958 <metadata> 45959 <title>CVE-2012-5678</title> 45960 <affected family="unix"> 45961 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45962 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45963 </affected> 45964 <reference ref_id="CVE-2012-5678" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5678" source="CVE"/> 45965 <description> 45966 Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; Adobe AIR before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X; and Adobe AIR SDK before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. 45967 </description> 45968 </metadata> 45969 <!-- b7ac6ecdf7451e0c0240a0c459360503 --> 45970 <criteria operator="AND"> 45971 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45972 <criterion test_ref="oval:org.opensuse.security:tst:2009076204" comment="flash-player less than 11.2.202.258-0.5.1"/> 45973 </criteria> 45974 </definition> 45975 <definition id="oval:org.opensuse.security:def:20125829" version="1" class="vulnerability"> 45976 <metadata> 45977 <title>CVE-2012-5829</title> 45978 <affected family="unix"> 45979 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 45980 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 45981 </affected> 45982 <reference ref_id="CVE-2012-5829" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5829" source="CVE"/> 45983 <description> 45984 Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors. 45985 </description> 45986 </metadata> 45987 <criteria operator="OR"> 45988 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 45989 <criteria operator="AND"> 45990 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 45991 <criteria operator="OR"> 45992 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 45993 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 45994 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 45995 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 45996 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 45997 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 45998 </criteria> 45999 </criteria> 46000 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 46001 <criteria operator="AND"> 46002 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46003 <criteria operator="OR"> 46004 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 46005 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 46006 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 46007 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 46008 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 46009 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 46010 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 46011 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 46012 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 46013 </criteria> 46014 </criteria> 46015 </criteria> 46016 </definition> 46017 <definition id="oval:org.opensuse.security:def:20125830" version="1" class="vulnerability"> 46018 <metadata> 46019 <title>CVE-2012-5830</title> 46020 <affected family="unix"> 46021 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46022 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46023 </affected> 46024 <reference ref_id="CVE-2012-5830" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5830" source="CVE"/> 46025 <description> 46026 Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document. 46027 </description> 46028 </metadata> 46029 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 46030 <criteria operator="AND"> 46031 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46032 <criteria operator="OR"> 46033 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 46034 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 46035 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 46036 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 46037 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 46038 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 46039 </criteria> 46040 </criteria> 46041 </definition> 46042 <definition id="oval:org.opensuse.security:def:20125833" version="1" class="vulnerability"> 46043 <metadata> 46044 <title>CVE-2012-5833</title> 46045 <affected family="unix"> 46046 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46047 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46048 </affected> 46049 <reference ref_id="CVE-2012-5833" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5833" source="CVE"/> 46050 <description> 46051 The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via function calls involving certain values of the level parameter. 46052 </description> 46053 </metadata> 46054 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 46055 <criteria operator="AND"> 46056 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46057 <criteria operator="OR"> 46058 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 46059 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 46060 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 46061 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 46062 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 46063 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 46064 </criteria> 46065 </criteria> 46066 </definition> 46067 <definition id="oval:org.opensuse.security:def:20125835" version="1" class="vulnerability"> 46068 <metadata> 46069 <title>CVE-2012-5835</title> 46070 <affected family="unix"> 46071 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46072 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46073 </affected> 46074 <reference ref_id="CVE-2012-5835" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5835" source="CVE"/> 46075 <description> 46076 Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via crafted data. 46077 </description> 46078 </metadata> 46079 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 46080 <criteria operator="AND"> 46081 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46082 <criteria operator="OR"> 46083 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 46084 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 46085 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 46086 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 46087 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 46088 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 46089 </criteria> 46090 </criteria> 46091 </definition> 46092 <definition id="oval:org.opensuse.security:def:20125836" version="1" class="vulnerability"> 46093 <metadata> 46094 <title>CVE-2012-5836</title> 46095 <affected family="unix"> 46096 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46097 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46098 </affected> 46099 <reference ref_id="CVE-2012-5836" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5836" source="CVE"/> 46100 <description> 46101 Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the setting of Cascading Style Sheets (CSS) properties in conjunction with SVG text. 46102 </description> 46103 </metadata> 46104 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 46105 <criteria operator="AND"> 46106 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46107 <criteria operator="OR"> 46108 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 46109 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 46110 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 46111 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 46112 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 46113 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 46114 </criteria> 46115 </criteria> 46116 </definition> 46117 <definition id="oval:org.opensuse.security:def:20125837" version="1" class="vulnerability"> 46118 <metadata> 46119 <title>CVE-2012-5837</title> 46120 <affected family="unix"> 46121 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46122 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46123 </affected> 46124 <reference ref_id="CVE-2012-5837" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5837" source="CVE"/> 46125 <description> 46126 The Web Developer Toolbar in Mozilla Firefox before 17.0 executes script with chrome privileges, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted string. 46127 </description> 46128 </metadata> 46129 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 46130 <criteria operator="AND"> 46131 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46132 <criteria operator="OR"> 46133 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 46134 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 46135 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 46136 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 46137 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 46138 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 46139 </criteria> 46140 </criteria> 46141 </definition> 46142 <definition id="oval:org.opensuse.security:def:20125838" version="1" class="vulnerability"> 46143 <metadata> 46144 <title>CVE-2012-5838</title> 46145 <affected family="unix"> 46146 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46147 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46148 </affected> 46149 <reference ref_id="CVE-2012-5838" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5838" source="CVE"/> 46150 <description> 46151 The copyTexImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via large image dimensions. 46152 </description> 46153 </metadata> 46154 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 46155 <criteria operator="AND"> 46156 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46157 <criteria operator="OR"> 46158 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 46159 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 46160 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 46161 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 46162 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 46163 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 46164 </criteria> 46165 </criteria> 46166 </definition> 46167 <definition id="oval:org.opensuse.security:def:20125839" version="1" class="vulnerability"> 46168 <metadata> 46169 <title>CVE-2012-5839</title> 46170 <affected family="unix"> 46171 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46172 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46173 </affected> 46174 <reference ref_id="CVE-2012-5839" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5839" source="CVE"/> 46175 <description> 46176 Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors. 46177 </description> 46178 </metadata> 46179 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 46180 <criteria operator="AND"> 46181 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46182 <criteria operator="OR"> 46183 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 46184 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 46185 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 46186 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 46187 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 46188 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 46189 </criteria> 46190 </criteria> 46191 </definition> 46192 <definition id="oval:org.opensuse.security:def:20125840" version="1" class="vulnerability"> 46193 <metadata> 46194 <title>CVE-2012-5840</title> 46195 <affected family="unix"> 46196 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46197 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46198 </affected> 46199 <reference ref_id="CVE-2012-5840" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5840" source="CVE"/> 46200 <description> 46201 Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4214. 46202 </description> 46203 </metadata> 46204 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 46205 <criteria operator="AND"> 46206 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46207 <criteria operator="OR"> 46208 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 46209 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 46210 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 46211 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 46212 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 46213 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 46214 </criteria> 46215 </criteria> 46216 </definition> 46217 <definition id="oval:org.opensuse.security:def:20125841" version="1" class="vulnerability"> 46218 <metadata> 46219 <title>CVE-2012-5841</title> 46220 <affected family="unix"> 46221 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46222 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46223 </affected> 46224 <reference ref_id="CVE-2012-5841" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5841" source="CVE"/> 46225 <description> 46226 Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 implement cross-origin wrappers with a filtering behavior that does not properly restrict write actions, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site. 46227 </description> 46228 </metadata> 46229 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 46230 <criteria operator="AND"> 46231 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46232 <criteria operator="OR"> 46233 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 46234 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 46235 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 46236 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 46237 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 46238 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 46239 </criteria> 46240 </criteria> 46241 </definition> 46242 <definition id="oval:org.opensuse.security:def:20125842" version="1" class="vulnerability"> 46243 <metadata> 46244 <title>CVE-2012-5842</title> 46245 <affected family="unix"> 46246 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46247 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46248 </affected> 46249 <reference ref_id="CVE-2012-5842" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5842" source="CVE"/> 46250 <description> 46251 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 46252 </description> 46253 </metadata> 46254 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 46255 <criteria operator="AND"> 46256 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46257 <criteria operator="OR"> 46258 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 46259 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 46260 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 46261 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 46262 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 46263 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 46264 </criteria> 46265 </criteria> 46266 </definition> 46267 <definition id="oval:org.opensuse.security:def:20125843" version="1" class="vulnerability"> 46268 <metadata> 46269 <title>CVE-2012-5843</title> 46270 <affected family="unix"> 46271 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46272 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46273 </affected> 46274 <reference ref_id="CVE-2012-5843" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5843" source="CVE"/> 46275 <description> 46276 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 46277 </description> 46278 </metadata> 46279 <!-- 8f4e08deca5960ae494ddceeb6c10708 --> 46280 <criteria operator="AND"> 46281 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46282 <criteria operator="OR"> 46283 <criterion test_ref="oval:org.opensuse.security:tst:2009076094" comment="MozillaFirefox-translations less than 10.0.11-0.5.1"/> 46284 <criterion test_ref="oval:org.opensuse.security:tst:2009076095" comment="MozillaFirefox less than 10.0.11-0.5.1"/> 46285 <criterion test_ref="oval:org.opensuse.security:tst:2009076096" comment="mozilla-nss-32bit less than 3.14-0.6.1"/> 46286 <criterion test_ref="oval:org.opensuse.security:tst:2009076097" comment="mozilla-nss-devel less than 3.14-0.6.1"/> 46287 <criterion test_ref="oval:org.opensuse.security:tst:2009076098" comment="mozilla-nss-tools less than 3.14-0.6.1"/> 46288 <criterion test_ref="oval:org.opensuse.security:tst:2009076099" comment="mozilla-nss less than 3.14-0.6.1"/> 46289 </criteria> 46290 </criteria> 46291 </definition> 46292 <definition id="oval:org.opensuse.security:def:20126054" version="1" class="vulnerability"> 46293 <metadata> 46294 <title>CVE-2012-6054</title> 46295 <affected family="unix"> 46296 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46297 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46298 </affected> 46299 <reference ref_id="CVE-2012-6054" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6054" source="CVE"/> 46300 <description> 46301 The dissect_sflow_245_address_type function in epan/dissectors/packet-sflow.c in the sFlow dissector in Wireshark 1.8.x before 1.8.4 does not properly handle length calculations for an invalid IP address type, which allows remote attackers to cause a denial of service (infinite loop) via a packet that is neither IPv4 nor IPv6. 46302 </description> 46303 </metadata> 46304 <!-- 3db4a4d24062a3721e7cba8ec8f8d3a4 --> 46305 <criteria operator="AND"> 46306 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46307 <criterion test_ref="oval:org.opensuse.security:tst:2009077106" comment="wireshark less than 1.6.14-0.5.1"/> 46308 </criteria> 46309 </definition> 46310 <definition id="oval:org.opensuse.security:def:20126056" version="1" class="vulnerability"> 46311 <metadata> 46312 <title>CVE-2012-6056</title> 46313 <affected family="unix"> 46314 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46315 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46316 </affected> 46317 <reference ref_id="CVE-2012-6056" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6056" source="CVE"/> 46318 <description> 46319 Integer overflow in the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted Duplicate TSN count. 46320 </description> 46321 </metadata> 46322 <!-- 3db4a4d24062a3721e7cba8ec8f8d3a4 --> 46323 <criteria operator="AND"> 46324 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46325 <criterion test_ref="oval:org.opensuse.security:tst:2009077106" comment="wireshark less than 1.6.14-0.5.1"/> 46326 </criteria> 46327 </definition> 46328 <definition id="oval:org.opensuse.security:def:20126085" version="1" class="vulnerability"> 46329 <metadata> 46330 <title>CVE-2012-6085</title> 46331 <affected family="unix"> 46332 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46333 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46334 </affected> 46335 <reference ref_id="CVE-2012-6085" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085" source="CVE"/> 46336 <description> 46337 The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet. 46338 </description> 46339 </metadata> 46340 <criteria operator="OR"> 46341 <!-- 3fc2b24dc90bda3b61202a7c4ffc0814 --> 46342 <criteria operator="AND"> 46343 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46344 <criterion test_ref="oval:org.opensuse.security:tst:2009077455" comment="gpg less than 1.4.2-23.21.1"/> 46345 </criteria> 46346 <!-- c63e1c0dad4c5e8848b14230545d1ec2 --> 46347 <criteria operator="AND"> 46348 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46349 <criterion test_ref="oval:org.opensuse.security:tst:2009077456" comment="gpg2 less than 1.9.18-17.23.1"/> 46350 </criteria> 46351 </criteria> 46352 </definition> 46353 <definition id="oval:org.opensuse.security:def:20126139" version="1" class="vulnerability"> 46354 <metadata> 46355 <title>CVE-2012-6139</title> 46356 <affected family="unix"> 46357 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46358 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46359 </affected> 46360 <reference ref_id="CVE-2012-6139" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6139" source="CVE"/> 46361 <description> 46362 libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (2) uninitialized variable to the xsltDocumentFunction function in functions.c. 46363 </description> 46364 </metadata> 46365 <!-- f2c4e439c56211a8185d4b4e23db8694 --> 46366 <criteria operator="AND"> 46367 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46368 <criteria operator="OR"> 46369 <criterion test_ref="oval:org.opensuse.security:tst:2009077111" comment="libxslt-32bit less than 1.1.15-15.20.1"/> 46370 <criterion test_ref="oval:org.opensuse.security:tst:2009077112" comment="libxslt-devel-32bit less than 1.1.15-15.20.1"/> 46371 <criterion test_ref="oval:org.opensuse.security:tst:2009077113" comment="libxslt-devel less than 1.1.15-15.20.1"/> 46372 <criterion test_ref="oval:org.opensuse.security:tst:2009077114" comment="libxslt less than 1.1.15-15.20.1"/> 46373 </criteria> 46374 </criteria> 46375 </definition> 46376 <definition id="oval:org.opensuse.security:def:20126329" version="1" class="vulnerability"> 46377 <metadata> 46378 <title>CVE-2012-6329</title> 46379 <affected family="unix"> 46380 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46381 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46382 </affected> 46383 <reference ref_id="CVE-2012-6329" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6329" source="CVE"/> 46384 <description> 46385 The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent attackers to execute arbitrary commands via crafted input to an application that accepts translation strings from users, as demonstrated by the TWiki application before 5.1.3, and the Foswiki application 1.0.x through 1.0.10 and 1.1.x through 1.1.6. 46386 </description> 46387 </metadata> 46388 <!-- ed1929d51b82752f08399dada0ae2769 --> 46389 <criteria operator="AND"> 46390 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46391 <criteria operator="OR"> 46392 <criterion test_ref="oval:org.opensuse.security:tst:2009076769" comment="perl-32bit less than 5.8.8-14.21.3"/> 46393 <criterion test_ref="oval:org.opensuse.security:tst:2009076770" comment="perl less than 5.8.8-14.21.3"/> 46394 </criteria> 46395 </criteria> 46396 </definition> 46397 <definition id="oval:org.opensuse.security:def:20130160" version="1" class="vulnerability"> 46398 <metadata> 46399 <title>CVE-2013-0160</title> 46400 <affected family="unix"> 46401 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46402 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46403 </affected> 46404 <reference ref_id="CVE-2013-0160" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0160" source="CVE"/> 46405 <description> 46406 The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device. 46407 </description> 46408 </metadata> 46409 <criteria operator="OR"> 46410 <!-- 2b51bf3e02179f8f70c7b2ada2571a2d --> 46411 <criteria operator="AND"> 46412 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46413 <criteria operator="OR"> 46414 <criterion test_ref="oval:org.opensuse.security:tst:2009077027" comment="kernel-bigsmp less than 2.6.16.60-0.101.1"/> 46415 <criterion test_ref="oval:org.opensuse.security:tst:2009077028" comment="kernel-default less than 2.6.16.60-0.101.1"/> 46416 <criterion test_ref="oval:org.opensuse.security:tst:2009077029" comment="kernel-smp less than 2.6.16.60-0.101.1"/> 46417 <criterion test_ref="oval:org.opensuse.security:tst:2009077030" comment="kernel-source less than 2.6.16.60-0.101.1"/> 46418 <criterion test_ref="oval:org.opensuse.security:tst:2009077031" comment="kernel-syms less than 2.6.16.60-0.101.1"/> 46419 <criterion test_ref="oval:org.opensuse.security:tst:2009077032" comment="kernel-xen less than 2.6.16.60-0.101.1"/> 46420 <criterion test_ref="oval:org.opensuse.security:tst:2009077033" comment="kernel-xenpae less than 2.6.16.60-0.101.1"/> 46421 </criteria> 46422 </criteria> 46423 <!-- ac5626f6e7f483c6dac1cc5fe253fcf9 --> 46424 <criteria operator="AND"> 46425 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46426 <criteria operator="OR"> 46427 <criterion test_ref="oval:org.opensuse.security:tst:2009077028" comment="kernel-default less than 2.6.16.60-0.101.1"/> 46428 <criterion test_ref="oval:org.opensuse.security:tst:2009077029" comment="kernel-smp less than 2.6.16.60-0.101.1"/> 46429 <criterion test_ref="oval:org.opensuse.security:tst:2009077030" comment="kernel-source less than 2.6.16.60-0.101.1"/> 46430 <criterion test_ref="oval:org.opensuse.security:tst:2009077031" comment="kernel-syms less than 2.6.16.60-0.101.1"/> 46431 <criterion test_ref="oval:org.opensuse.security:tst:2009077032" comment="kernel-xen less than 2.6.16.60-0.101.1"/> 46432 </criteria> 46433 </criteria> 46434 </criteria> 46435 </definition> 46436 <definition id="oval:org.opensuse.security:def:20130166" version="1" class="vulnerability"> 46437 <metadata> 46438 <title>CVE-2013-0166</title> 46439 <affected family="unix"> 46440 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46441 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46442 </affected> 46443 <reference ref_id="CVE-2013-0166" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0166" source="CVE"/> 46444 <description> 46445 OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key. 46446 </description> 46447 </metadata> 46448 <!-- 42741ff95d9d4f1604b9b2d2fc5ec078 --> 46449 <criteria operator="AND"> 46450 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46451 <criteria operator="OR"> 46452 <criterion test_ref="oval:org.opensuse.security:tst:2009076919" comment="openssl-32bit less than 0.9.8a-18.76.1"/> 46453 <criterion test_ref="oval:org.opensuse.security:tst:2009076920" comment="openssl-devel-32bit less than 0.9.8a-18.76.1"/> 46454 <criterion test_ref="oval:org.opensuse.security:tst:2009076921" comment="openssl-devel less than 0.9.8a-18.76.1"/> 46455 <criterion test_ref="oval:org.opensuse.security:tst:2009076922" comment="openssl less than 0.9.8a-18.76.1"/> 46456 </criteria> 46457 </criteria> 46458 </definition> 46459 <definition id="oval:org.opensuse.security:def:20130169" version="1" class="vulnerability"> 46460 <metadata> 46461 <title>CVE-2013-0169</title> 46462 <affected family="unix"> 46463 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46464 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46465 </affected> 46466 <reference ref_id="CVE-2013-0169" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169" source="CVE"/> 46467 <description> 46468 The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue. 46469 </description> 46470 </metadata> 46471 <!-- 42741ff95d9d4f1604b9b2d2fc5ec078 --> 46472 <criteria operator="AND"> 46473 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46474 <criteria operator="OR"> 46475 <criterion test_ref="oval:org.opensuse.security:tst:2009076919" comment="openssl-32bit less than 0.9.8a-18.76.1"/> 46476 <criterion test_ref="oval:org.opensuse.security:tst:2009076920" comment="openssl-devel-32bit less than 0.9.8a-18.76.1"/> 46477 <criterion test_ref="oval:org.opensuse.security:tst:2009076921" comment="openssl-devel less than 0.9.8a-18.76.1"/> 46478 <criterion test_ref="oval:org.opensuse.security:tst:2009076922" comment="openssl less than 0.9.8a-18.76.1"/> 46479 </criteria> 46480 </criteria> 46481 </definition> 46482 <definition id="oval:org.opensuse.security:def:20130188" version="1" class="vulnerability"> 46483 <metadata> 46484 <title>CVE-2013-0188</title> 46485 <affected family="unix"> 46486 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46487 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46488 </affected> 46489 <reference ref_id="CVE-2013-0188" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0188" source="CVE"/> 46490 <description> 46491 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-0189, CVE-2013-0191. Reason: this identifier was intended for one issue, but it was inadvertently associated with multiple issues. Notes: All CVE users should consult CVE-2013-0189 and CVE-2013-0191 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage. 46492 </description> 46493 </metadata> 46494 <!-- 850346f40016e8457b0ca1c737fbfd5d --> 46495 <criteria operator="AND"> 46496 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46497 <criterion test_ref="oval:org.opensuse.security:tst:2009076564" comment="squid less than 2.5.STABLE12-18.13.982.4.1"/> 46498 </criteria> 46499 </definition> 46500 <definition id="oval:org.opensuse.security:def:20130189" version="1" class="vulnerability"> 46501 <metadata> 46502 <title>CVE-2013-0189</title> 46503 <affected family="unix"> 46504 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46505 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46506 </affected> 46507 <reference ref_id="CVE-2013-0189" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0189" source="CVE"/> 46508 <description> 46509 cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote attackers to cause a denial of service (resource consumption) via a crafted request. NOTE: this issue is due to an incorrect fix for CVE-2012-5643, possibly involving an incorrect order of arguments or incorrect comparison. 46510 </description> 46511 </metadata> 46512 <!-- 850346f40016e8457b0ca1c737fbfd5d --> 46513 <criteria operator="AND"> 46514 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46515 <criterion test_ref="oval:org.opensuse.security:tst:2009076564" comment="squid less than 2.5.STABLE12-18.13.982.4.1"/> 46516 </criteria> 46517 </definition> 46518 <definition id="oval:org.opensuse.security:def:20130213" version="1" class="vulnerability"> 46519 <metadata> 46520 <title>CVE-2013-0213</title> 46521 <affected family="unix"> 46522 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46523 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46524 </affected> 46525 <reference ref_id="CVE-2013-0213" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0213" source="CVE"/> 46526 <description> 46527 The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element. 46528 </description> 46529 </metadata> 46530 <!-- 1d50d01aa74b22f0c8645692c12273df --> 46531 <criteria operator="AND"> 46532 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46533 <criteria operator="OR"> 46534 <criterion test_ref="oval:org.opensuse.security:tst:2009076550" comment="cifs-mount less than 3.0.36-0.13.24.1"/> 46535 <criterion test_ref="oval:org.opensuse.security:tst:2009076551" comment="ldapsmb less than 1.34b-25.13.24.1"/> 46536 <criterion test_ref="oval:org.opensuse.security:tst:2009076552" comment="libsmbclient-32bit less than 3.0.36-0.13.24.1"/> 46537 <criterion test_ref="oval:org.opensuse.security:tst:2009076553" comment="libsmbclient-devel less than 3.0.36-0.13.24.1"/> 46538 <criterion test_ref="oval:org.opensuse.security:tst:2009076554" comment="libsmbclient less than 3.0.36-0.13.24.1"/> 46539 <criterion test_ref="oval:org.opensuse.security:tst:2009076555" comment="samba-32bit less than 3.0.36-0.13.24.1"/> 46540 <criterion test_ref="oval:org.opensuse.security:tst:2009076556" comment="samba-client-32bit less than 3.0.36-0.13.24.1"/> 46541 <criterion test_ref="oval:org.opensuse.security:tst:2009076557" comment="samba-client less than 3.0.36-0.13.24.1"/> 46542 <criterion test_ref="oval:org.opensuse.security:tst:2009076558" comment="samba-doc less than 3.0.36-0.12.24.1"/> 46543 <criterion test_ref="oval:org.opensuse.security:tst:2009076559" comment="samba-krb-printing less than 3.0.36-0.13.24.1"/> 46544 <criterion test_ref="oval:org.opensuse.security:tst:2009076560" comment="samba-vscan less than 0.3.6b-43.13.24.1"/> 46545 <criterion test_ref="oval:org.opensuse.security:tst:2009076561" comment="samba-winbind-32bit less than 3.0.36-0.13.24.1"/> 46546 <criterion test_ref="oval:org.opensuse.security:tst:2009076562" comment="samba-winbind less than 3.0.36-0.13.24.1"/> 46547 <criterion test_ref="oval:org.opensuse.security:tst:2009076563" comment="samba less than 3.0.36-0.13.24.1"/> 46548 </criteria> 46549 </criteria> 46550 </definition> 46551 <definition id="oval:org.opensuse.security:def:20130214" version="1" class="vulnerability"> 46552 <metadata> 46553 <title>CVE-2013-0214</title> 46554 <affected family="unix"> 46555 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46556 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46557 </affected> 46558 <reference ref_id="CVE-2013-0214" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0214" source="CVE"/> 46559 <description> 46560 Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to hijack the authentication of arbitrary users by leveraging knowledge of a password and composing requests that perform SWAT actions. 46561 </description> 46562 </metadata> 46563 <!-- 1d50d01aa74b22f0c8645692c12273df --> 46564 <criteria operator="AND"> 46565 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46566 <criteria operator="OR"> 46567 <criterion test_ref="oval:org.opensuse.security:tst:2009076550" comment="cifs-mount less than 3.0.36-0.13.24.1"/> 46568 <criterion test_ref="oval:org.opensuse.security:tst:2009076551" comment="ldapsmb less than 1.34b-25.13.24.1"/> 46569 <criterion test_ref="oval:org.opensuse.security:tst:2009076552" comment="libsmbclient-32bit less than 3.0.36-0.13.24.1"/> 46570 <criterion test_ref="oval:org.opensuse.security:tst:2009076553" comment="libsmbclient-devel less than 3.0.36-0.13.24.1"/> 46571 <criterion test_ref="oval:org.opensuse.security:tst:2009076554" comment="libsmbclient less than 3.0.36-0.13.24.1"/> 46572 <criterion test_ref="oval:org.opensuse.security:tst:2009076555" comment="samba-32bit less than 3.0.36-0.13.24.1"/> 46573 <criterion test_ref="oval:org.opensuse.security:tst:2009076556" comment="samba-client-32bit less than 3.0.36-0.13.24.1"/> 46574 <criterion test_ref="oval:org.opensuse.security:tst:2009076557" comment="samba-client less than 3.0.36-0.13.24.1"/> 46575 <criterion test_ref="oval:org.opensuse.security:tst:2009076558" comment="samba-doc less than 3.0.36-0.12.24.1"/> 46576 <criterion test_ref="oval:org.opensuse.security:tst:2009076559" comment="samba-krb-printing less than 3.0.36-0.13.24.1"/> 46577 <criterion test_ref="oval:org.opensuse.security:tst:2009076560" comment="samba-vscan less than 0.3.6b-43.13.24.1"/> 46578 <criterion test_ref="oval:org.opensuse.security:tst:2009076561" comment="samba-winbind-32bit less than 3.0.36-0.13.24.1"/> 46579 <criterion test_ref="oval:org.opensuse.security:tst:2009076562" comment="samba-winbind less than 3.0.36-0.13.24.1"/> 46580 <criterion test_ref="oval:org.opensuse.security:tst:2009076563" comment="samba less than 3.0.36-0.13.24.1"/> 46581 </criteria> 46582 </criteria> 46583 </definition> 46584 <definition id="oval:org.opensuse.security:def:20130216" version="1" class="vulnerability"> 46585 <metadata> 46586 <title>CVE-2013-0216</title> 46587 <affected family="unix"> 46588 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46589 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46590 </affected> 46591 <reference ref_id="CVE-2013-0216" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0216" source="CVE"/> 46592 <description> 46593 The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption. 46594 </description> 46595 </metadata> 46596 <criteria operator="OR"> 46597 <!-- 2b51bf3e02179f8f70c7b2ada2571a2d --> 46598 <criteria operator="AND"> 46599 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46600 <criteria operator="OR"> 46601 <criterion test_ref="oval:org.opensuse.security:tst:2009077027" comment="kernel-bigsmp less than 2.6.16.60-0.101.1"/> 46602 <criterion test_ref="oval:org.opensuse.security:tst:2009077028" comment="kernel-default less than 2.6.16.60-0.101.1"/> 46603 <criterion test_ref="oval:org.opensuse.security:tst:2009077029" comment="kernel-smp less than 2.6.16.60-0.101.1"/> 46604 <criterion test_ref="oval:org.opensuse.security:tst:2009077030" comment="kernel-source less than 2.6.16.60-0.101.1"/> 46605 <criterion test_ref="oval:org.opensuse.security:tst:2009077031" comment="kernel-syms less than 2.6.16.60-0.101.1"/> 46606 <criterion test_ref="oval:org.opensuse.security:tst:2009077032" comment="kernel-xen less than 2.6.16.60-0.101.1"/> 46607 <criterion test_ref="oval:org.opensuse.security:tst:2009077033" comment="kernel-xenpae less than 2.6.16.60-0.101.1"/> 46608 </criteria> 46609 </criteria> 46610 <!-- ac5626f6e7f483c6dac1cc5fe253fcf9 --> 46611 <criteria operator="AND"> 46612 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46613 <criteria operator="OR"> 46614 <criterion test_ref="oval:org.opensuse.security:tst:2009077028" comment="kernel-default less than 2.6.16.60-0.101.1"/> 46615 <criterion test_ref="oval:org.opensuse.security:tst:2009077029" comment="kernel-smp less than 2.6.16.60-0.101.1"/> 46616 <criterion test_ref="oval:org.opensuse.security:tst:2009077030" comment="kernel-source less than 2.6.16.60-0.101.1"/> 46617 <criterion test_ref="oval:org.opensuse.security:tst:2009077031" comment="kernel-syms less than 2.6.16.60-0.101.1"/> 46618 <criterion test_ref="oval:org.opensuse.security:tst:2009077032" comment="kernel-xen less than 2.6.16.60-0.101.1"/> 46619 </criteria> 46620 </criteria> 46621 </criteria> 46622 </definition> 46623 <definition id="oval:org.opensuse.security:def:20130231" version="1" class="vulnerability"> 46624 <metadata> 46625 <title>CVE-2013-0231</title> 46626 <affected family="unix"> 46627 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46628 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46629 </affected> 46630 <reference ref_id="CVE-2013-0231" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0231" source="CVE"/> 46631 <description> 46632 The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information. 46633 </description> 46634 </metadata> 46635 <criteria operator="OR"> 46636 <!-- 2b51bf3e02179f8f70c7b2ada2571a2d --> 46637 <criteria operator="AND"> 46638 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46639 <criteria operator="OR"> 46640 <criterion test_ref="oval:org.opensuse.security:tst:2009077027" comment="kernel-bigsmp less than 2.6.16.60-0.101.1"/> 46641 <criterion test_ref="oval:org.opensuse.security:tst:2009077028" comment="kernel-default less than 2.6.16.60-0.101.1"/> 46642 <criterion test_ref="oval:org.opensuse.security:tst:2009077029" comment="kernel-smp less than 2.6.16.60-0.101.1"/> 46643 <criterion test_ref="oval:org.opensuse.security:tst:2009077030" comment="kernel-source less than 2.6.16.60-0.101.1"/> 46644 <criterion test_ref="oval:org.opensuse.security:tst:2009077031" comment="kernel-syms less than 2.6.16.60-0.101.1"/> 46645 <criterion test_ref="oval:org.opensuse.security:tst:2009077032" comment="kernel-xen less than 2.6.16.60-0.101.1"/> 46646 <criterion test_ref="oval:org.opensuse.security:tst:2009077033" comment="kernel-xenpae less than 2.6.16.60-0.101.1"/> 46647 </criteria> 46648 </criteria> 46649 <!-- ac5626f6e7f483c6dac1cc5fe253fcf9 --> 46650 <criteria operator="AND"> 46651 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46652 <criteria operator="OR"> 46653 <criterion test_ref="oval:org.opensuse.security:tst:2009077028" comment="kernel-default less than 2.6.16.60-0.101.1"/> 46654 <criterion test_ref="oval:org.opensuse.security:tst:2009077029" comment="kernel-smp less than 2.6.16.60-0.101.1"/> 46655 <criterion test_ref="oval:org.opensuse.security:tst:2009077030" comment="kernel-source less than 2.6.16.60-0.101.1"/> 46656 <criterion test_ref="oval:org.opensuse.security:tst:2009077031" comment="kernel-syms less than 2.6.16.60-0.101.1"/> 46657 <criterion test_ref="oval:org.opensuse.security:tst:2009077032" comment="kernel-xen less than 2.6.16.60-0.101.1"/> 46658 </criteria> 46659 </criteria> 46660 </criteria> 46661 </definition> 46662 <definition id="oval:org.opensuse.security:def:20130268" version="1" class="vulnerability"> 46663 <metadata> 46664 <title>CVE-2013-0268</title> 46665 <affected family="unix"> 46666 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46667 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46668 </affected> 46669 <reference ref_id="CVE-2013-0268" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0268" source="CVE"/> 46670 <description> 46671 The msr_open function in arch/x86/kernel/msr.c in the Linux kernel before 3.7.6 allows local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c. 46672 </description> 46673 </metadata> 46674 <criteria operator="OR"> 46675 <!-- 2b51bf3e02179f8f70c7b2ada2571a2d --> 46676 <criteria operator="AND"> 46677 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46678 <criteria operator="OR"> 46679 <criterion test_ref="oval:org.opensuse.security:tst:2009077027" comment="kernel-bigsmp less than 2.6.16.60-0.101.1"/> 46680 <criterion test_ref="oval:org.opensuse.security:tst:2009077028" comment="kernel-default less than 2.6.16.60-0.101.1"/> 46681 <criterion test_ref="oval:org.opensuse.security:tst:2009077029" comment="kernel-smp less than 2.6.16.60-0.101.1"/> 46682 <criterion test_ref="oval:org.opensuse.security:tst:2009077030" comment="kernel-source less than 2.6.16.60-0.101.1"/> 46683 <criterion test_ref="oval:org.opensuse.security:tst:2009077031" comment="kernel-syms less than 2.6.16.60-0.101.1"/> 46684 <criterion test_ref="oval:org.opensuse.security:tst:2009077032" comment="kernel-xen less than 2.6.16.60-0.101.1"/> 46685 <criterion test_ref="oval:org.opensuse.security:tst:2009077033" comment="kernel-xenpae less than 2.6.16.60-0.101.1"/> 46686 </criteria> 46687 </criteria> 46688 <!-- ac5626f6e7f483c6dac1cc5fe253fcf9 --> 46689 <criteria operator="AND"> 46690 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46691 <criteria operator="OR"> 46692 <criterion test_ref="oval:org.opensuse.security:tst:2009077028" comment="kernel-default less than 2.6.16.60-0.101.1"/> 46693 <criterion test_ref="oval:org.opensuse.security:tst:2009077029" comment="kernel-smp less than 2.6.16.60-0.101.1"/> 46694 <criterion test_ref="oval:org.opensuse.security:tst:2009077030" comment="kernel-source less than 2.6.16.60-0.101.1"/> 46695 <criterion test_ref="oval:org.opensuse.security:tst:2009077031" comment="kernel-syms less than 2.6.16.60-0.101.1"/> 46696 <criterion test_ref="oval:org.opensuse.security:tst:2009077032" comment="kernel-xen less than 2.6.16.60-0.101.1"/> 46697 </criteria> 46698 </criteria> 46699 </criteria> 46700 </definition> 46701 <definition id="oval:org.opensuse.security:def:20130271" version="1" class="vulnerability"> 46702 <metadata> 46703 <title>CVE-2013-0271</title> 46704 <affected family="unix"> 46705 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46706 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46707 </affected> 46708 <reference ref_id="CVE-2013-0271" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0271" source="CVE"/> 46709 <description> 46710 The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted (1) mxit or (2) mxit/imagestrips pathname. 46711 </description> 46712 </metadata> 46713 <!-- 51b5f7c142afdeafafca33c1a4681683 --> 46714 <criteria operator="AND"> 46715 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46716 <criteria operator="OR"> 46717 <criterion test_ref="oval:org.opensuse.security:tst:2009076718" comment="finch less than 2.6.6-0.20.1"/> 46718 <criterion test_ref="oval:org.opensuse.security:tst:2009076719" comment="libpurple less than 2.6.6-0.20.1"/> 46719 <criterion test_ref="oval:org.opensuse.security:tst:2009076720" comment="pidgin less than 2.6.6-0.20.1"/> 46720 </criteria> 46721 </criteria> 46722 </definition> 46723 <definition id="oval:org.opensuse.security:def:20130272" version="1" class="vulnerability"> 46724 <metadata> 46725 <title>CVE-2013-0272</title> 46726 <affected family="unix"> 46727 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46728 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46729 </affected> 46730 <reference ref_id="CVE-2013-0272" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0272" source="CVE"/> 46731 <description> 46732 Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.7 allows remote servers to execute arbitrary code via a long HTTP header. 46733 </description> 46734 </metadata> 46735 <!-- 51b5f7c142afdeafafca33c1a4681683 --> 46736 <criteria operator="AND"> 46737 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46738 <criteria operator="OR"> 46739 <criterion test_ref="oval:org.opensuse.security:tst:2009076718" comment="finch less than 2.6.6-0.20.1"/> 46740 <criterion test_ref="oval:org.opensuse.security:tst:2009076719" comment="libpurple less than 2.6.6-0.20.1"/> 46741 <criterion test_ref="oval:org.opensuse.security:tst:2009076720" comment="pidgin less than 2.6.6-0.20.1"/> 46742 </criteria> 46743 </criteria> 46744 </definition> 46745 <definition id="oval:org.opensuse.security:def:20130273" version="1" class="vulnerability"> 46746 <metadata> 46747 <title>CVE-2013-0273</title> 46748 <affected family="unix"> 46749 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46750 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46751 </affected> 46752 <reference ref_id="CVE-2013-0273" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0273" source="CVE"/> 46753 <description> 46754 sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service (application crash) via a crafted packet. 46755 </description> 46756 </metadata> 46757 <!-- 51b5f7c142afdeafafca33c1a4681683 --> 46758 <criteria operator="AND"> 46759 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46760 <criteria operator="OR"> 46761 <criterion test_ref="oval:org.opensuse.security:tst:2009076718" comment="finch less than 2.6.6-0.20.1"/> 46762 <criterion test_ref="oval:org.opensuse.security:tst:2009076719" comment="libpurple less than 2.6.6-0.20.1"/> 46763 <criterion test_ref="oval:org.opensuse.security:tst:2009076720" comment="pidgin less than 2.6.6-0.20.1"/> 46764 </criteria> 46765 </criteria> 46766 </definition> 46767 <definition id="oval:org.opensuse.security:def:20130274" version="1" class="vulnerability"> 46768 <metadata> 46769 <title>CVE-2013-0274</title> 46770 <affected family="unix"> 46771 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46772 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46773 </affected> 46774 <reference ref_id="CVE-2013-0274" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0274" source="CVE"/> 46775 <description> 46776 upnp.c in libpurple in Pidgin before 2.10.7 does not properly terminate long strings in UPnP responses, which allows remote attackers to cause a denial of service (application crash) by leveraging access to the local network. 46777 </description> 46778 </metadata> 46779 <!-- 51b5f7c142afdeafafca33c1a4681683 --> 46780 <criteria operator="AND"> 46781 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46782 <criteria operator="OR"> 46783 <criterion test_ref="oval:org.opensuse.security:tst:2009076718" comment="finch less than 2.6.6-0.20.1"/> 46784 <criterion test_ref="oval:org.opensuse.security:tst:2009076719" comment="libpurple less than 2.6.6-0.20.1"/> 46785 <criterion test_ref="oval:org.opensuse.security:tst:2009076720" comment="pidgin less than 2.6.6-0.20.1"/> 46786 </criteria> 46787 </criteria> 46788 </definition> 46789 <definition id="oval:org.opensuse.security:def:20130338" version="1" class="vulnerability"> 46790 <metadata> 46791 <title>CVE-2013-0338</title> 46792 <affected family="unix"> 46793 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46794 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46795 </affected> 46796 <reference ref_id="CVE-2013-0338" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0338" source="CVE"/> 46797 <description> 46798 libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansion" with linear complexity. 46799 </description> 46800 </metadata> 46801 <!-- dfd9d469ee1615731b1403a0c070bfa5 --> 46802 <criteria operator="AND"> 46803 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46804 <criteria operator="OR"> 46805 <criterion test_ref="oval:org.opensuse.security:tst:2009077139" comment="libxml2-32bit less than 2.6.23-15.37.1"/> 46806 <criterion test_ref="oval:org.opensuse.security:tst:2009077140" comment="libxml2-devel-32bit less than 2.6.23-15.37.1"/> 46807 <criterion test_ref="oval:org.opensuse.security:tst:2009077141" comment="libxml2-devel less than 2.6.23-15.37.1"/> 46808 <criterion test_ref="oval:org.opensuse.security:tst:2009077142" comment="libxml2-python less than 2.6.23-15.37.1"/> 46809 <criterion test_ref="oval:org.opensuse.security:tst:2009077143" comment="libxml2 less than 2.6.23-15.37.1"/> 46810 </criteria> 46811 </criteria> 46812 </definition> 46813 <definition id="oval:org.opensuse.security:def:20130339" version="1" class="vulnerability"> 46814 <metadata> 46815 <title>CVE-2013-0339</title> 46816 <affected family="unix"> 46817 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46818 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46819 </affected> 46820 <reference ref_id="CVE-2013-0339" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0339" source="CVE"/> 46821 <description> 46822 libxml2 through 2.9.1 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because libxml2 already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed and each affected application would need its own CVE. 46823 </description> 46824 </metadata> 46825 <!-- dfd9d469ee1615731b1403a0c070bfa5 --> 46826 <criteria operator="AND"> 46827 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46828 <criteria operator="OR"> 46829 <criterion test_ref="oval:org.opensuse.security:tst:2009077139" comment="libxml2-32bit less than 2.6.23-15.37.1"/> 46830 <criterion test_ref="oval:org.opensuse.security:tst:2009077140" comment="libxml2-devel-32bit less than 2.6.23-15.37.1"/> 46831 <criterion test_ref="oval:org.opensuse.security:tst:2009077141" comment="libxml2-devel less than 2.6.23-15.37.1"/> 46832 <criterion test_ref="oval:org.opensuse.security:tst:2009077142" comment="libxml2-python less than 2.6.23-15.37.1"/> 46833 <criterion test_ref="oval:org.opensuse.security:tst:2009077143" comment="libxml2 less than 2.6.23-15.37.1"/> 46834 </criteria> 46835 </criteria> 46836 </definition> 46837 <definition id="oval:org.opensuse.security:def:20130401" version="1" class="vulnerability"> 46838 <metadata> 46839 <title>CVE-2013-0401</title> 46840 <affected family="unix"> 46841 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46842 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46843 </affected> 46844 <reference ref_id="CVE-2013-0401" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0401" source="CVE"/> 46845 <description> 46846 The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions. 46847 </description> 46848 </metadata> 46849 <!-- a36ba08c692a30308a29e6242e31eea2 --> 46850 <criteria operator="AND"> 46851 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46852 <criteria operator="OR"> 46853 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 46854 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 46855 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 46856 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 46857 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 46858 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 46859 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 46860 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 46861 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 46862 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 46863 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 46864 </criteria> 46865 </criteria> 46866 </definition> 46867 <definition id="oval:org.opensuse.security:def:20130409" version="1" class="vulnerability"> 46868 <metadata> 46869 <title>CVE-2013-0409</title> 46870 <affected family="unix"> 46871 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46872 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46873 </affected> 46874 <reference ref_id="CVE-2013-0409" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0409" source="CVE"/> 46875 <description> 46876 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38 allows remote attackers to affect confidentiality via vectors related to JMX. 46877 </description> 46878 </metadata> 46879 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 46880 <criteria operator="AND"> 46881 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46882 <criteria operator="OR"> 46883 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 46884 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 46885 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 46886 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 46887 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 46888 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 46889 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 46890 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 46891 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 46892 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 46893 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 46894 </criteria> 46895 </criteria> 46896 </definition> 46897 <definition id="oval:org.opensuse.security:def:20130424" version="1" class="vulnerability"> 46898 <metadata> 46899 <title>CVE-2013-0424</title> 46900 <affected family="unix"> 46901 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46902 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46903 </affected> 46904 <reference ref_id="CVE-2013-0424" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0424" source="CVE"/> 46905 <description> 46906 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to RMI. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to cross-site scripting (XSS) in the sun.rmi.transport.proxy CGIHandler class that does not properly handle error messages in a (1) command or (2) port number. 46907 </description> 46908 </metadata> 46909 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 46910 <criteria operator="AND"> 46911 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46912 <criteria operator="OR"> 46913 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 46914 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 46915 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 46916 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 46917 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 46918 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 46919 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 46920 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 46921 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 46922 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 46923 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 46924 </criteria> 46925 </criteria> 46926 </definition> 46927 <definition id="oval:org.opensuse.security:def:20130425" version="1" class="vulnerability"> 46928 <metadata> 46929 <title>CVE-2013-0425</title> 46930 <affected family="unix"> 46931 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46932 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46933 </affected> 46934 <reference ref_id="CVE-2013-0425" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0425" source="CVE"/> 46935 <description> 46936 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0428 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions. 46937 </description> 46938 </metadata> 46939 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 46940 <criteria operator="AND"> 46941 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46942 <criteria operator="OR"> 46943 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 46944 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 46945 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 46946 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 46947 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 46948 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 46949 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 46950 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 46951 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 46952 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 46953 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 46954 </criteria> 46955 </criteria> 46956 </definition> 46957 <definition id="oval:org.opensuse.security:def:20130426" version="1" class="vulnerability"> 46958 <metadata> 46959 <title>CVE-2013-0426</title> 46960 <affected family="unix"> 46961 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46962 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46963 </affected> 46964 <reference ref_id="CVE-2013-0426" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0426" source="CVE"/> 46965 <description> 46966 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0428. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions. 46967 </description> 46968 </metadata> 46969 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 46970 <criteria operator="AND"> 46971 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 46972 <criteria operator="OR"> 46973 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 46974 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 46975 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 46976 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 46977 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 46978 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 46979 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 46980 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 46981 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 46982 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 46983 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 46984 </criteria> 46985 </criteria> 46986 </definition> 46987 <definition id="oval:org.opensuse.security:def:20130427" version="1" class="vulnerability"> 46988 <metadata> 46989 <title>CVE-2013-0427</title> 46990 <affected family="unix"> 46991 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 46992 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 46993 </affected> 46994 <reference ref_id="CVE-2013-0427" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0427" source="CVE"/> 46995 <description> 46996 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Libraries. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to interrupt certain threads that should not be interrupted. 46997 </description> 46998 </metadata> 46999 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 47000 <criteria operator="AND"> 47001 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47002 <criteria operator="OR"> 47003 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 47004 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 47005 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 47006 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 47007 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 47008 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 47009 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 47010 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 47011 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 47012 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 47013 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 47014 </criteria> 47015 </criteria> 47016 </definition> 47017 <definition id="oval:org.opensuse.security:def:20130428" version="1" class="vulnerability"> 47018 <metadata> 47019 <title>CVE-2013-0428</title> 47020 <affected family="unix"> 47021 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47022 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47023 </affected> 47024 <reference ref_id="CVE-2013-0428" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0428" source="CVE"/> 47025 <description> 47026 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect checks for proxy classes" in the Reflection API. 47027 </description> 47028 </metadata> 47029 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 47030 <criteria operator="AND"> 47031 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47032 <criteria operator="OR"> 47033 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 47034 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 47035 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 47036 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 47037 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 47038 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 47039 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 47040 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 47041 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 47042 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 47043 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 47044 </criteria> 47045 </criteria> 47046 </definition> 47047 <definition id="oval:org.opensuse.security:def:20130432" version="1" class="vulnerability"> 47048 <metadata> 47049 <title>CVE-2013-0432</title> 47050 <affected family="unix"> 47051 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47052 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47053 </affected> 47054 <reference ref_id="CVE-2013-0432" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0432" source="CVE"/> 47055 <description> 47056 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient clipboard access premission checks." 47057 </description> 47058 </metadata> 47059 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 47060 <criteria operator="AND"> 47061 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47062 <criteria operator="OR"> 47063 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 47064 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 47065 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 47066 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 47067 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 47068 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 47069 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 47070 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 47071 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 47072 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 47073 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 47074 </criteria> 47075 </criteria> 47076 </definition> 47077 <definition id="oval:org.opensuse.security:def:20130433" version="1" class="vulnerability"> 47078 <metadata> 47079 <title>CVE-2013-0433</title> 47080 <affected family="unix"> 47081 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47082 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47083 </affected> 47084 <reference ref_id="CVE-2013-0433" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0433" source="CVE"/> 47085 <description> 47086 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Networking. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to avoid triggering an exception during the deserialization of invalid InetSocketAddress data. 47087 </description> 47088 </metadata> 47089 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 47090 <criteria operator="AND"> 47091 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47092 <criteria operator="OR"> 47093 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 47094 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 47095 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 47096 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 47097 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 47098 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 47099 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 47100 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 47101 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 47102 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 47103 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 47104 </criteria> 47105 </criteria> 47106 </definition> 47107 <definition id="oval:org.opensuse.security:def:20130434" version="1" class="vulnerability"> 47108 <metadata> 47109 <title>CVE-2013-0434</title> 47110 <affected family="unix"> 47111 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47112 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47113 </affected> 47114 <reference ref_id="CVE-2013-0434" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0434" source="CVE"/> 47115 <description> 47116 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the public declaration of the loadPropertyFile method in the JAXP FuncSystemProperty class, which allows remote attackers to obtain sensitive information. 47117 </description> 47118 </metadata> 47119 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 47120 <criteria operator="AND"> 47121 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47122 <criteria operator="OR"> 47123 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 47124 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 47125 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 47126 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 47127 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 47128 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 47129 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 47130 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 47131 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 47132 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 47133 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 47134 </criteria> 47135 </criteria> 47136 </definition> 47137 <definition id="oval:org.opensuse.security:def:20130440" version="1" class="vulnerability"> 47138 <metadata> 47139 <title>CVE-2013-0440</title> 47140 <affected family="unix"> 47141 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47142 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47143 </affected> 47144 <reference ref_id="CVE-2013-0440" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0440" source="CVE"/> 47145 <description> 47146 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect availability via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to CPU consumption in the the SSL/TLS implementation via a large number of ClientHello packets that are not properly handled by (1) ClientHandshaker.java and (2) ServerHandshaker.java. 47147 </description> 47148 </metadata> 47149 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 47150 <criteria operator="AND"> 47151 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47152 <criteria operator="OR"> 47153 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 47154 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 47155 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 47156 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 47157 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 47158 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 47159 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 47160 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 47161 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 47162 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 47163 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 47164 </criteria> 47165 </criteria> 47166 </definition> 47167 <definition id="oval:org.opensuse.security:def:20130442" version="1" class="vulnerability"> 47168 <metadata> 47169 <title>CVE-2013-0442</title> 47170 <affected family="unix"> 47171 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47172 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47173 </affected> 47174 <reference ref_id="CVE-2013-0442" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0442" source="CVE"/> 47175 <description> 47176 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox. 47177 </description> 47178 </metadata> 47179 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 47180 <criteria operator="AND"> 47181 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47182 <criteria operator="OR"> 47183 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 47184 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 47185 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 47186 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 47187 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 47188 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 47189 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 47190 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 47191 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 47192 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 47193 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 47194 </criteria> 47195 </criteria> 47196 </definition> 47197 <definition id="oval:org.opensuse.security:def:20130443" version="1" class="vulnerability"> 47198 <metadata> 47199 <title>CVE-2013-0443</title> 47200 <affected family="unix"> 47201 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47202 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47203 </affected> 47204 <reference ref_id="CVE-2013-0443" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0443" source="CVE"/> 47205 <description> 47206 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect validation of Diffie-Hellman keys, which allows remote attackers to conduct a "small subgroup attack" to force the use of weak session keys or obtain sensitive information about the private key. 47207 </description> 47208 </metadata> 47209 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 47210 <criteria operator="AND"> 47211 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47212 <criteria operator="OR"> 47213 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 47214 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 47215 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 47216 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 47217 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 47218 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 47219 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 47220 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 47221 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 47222 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 47223 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 47224 </criteria> 47225 </criteria> 47226 </definition> 47227 <definition id="oval:org.opensuse.security:def:20130445" version="1" class="vulnerability"> 47228 <metadata> 47229 <title>CVE-2013-0445</title> 47230 <affected family="unix"> 47231 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47232 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47233 </affected> 47234 <reference ref_id="CVE-2013-0445" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0445" source="CVE"/> 47235 <description> 47236 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox. 47237 </description> 47238 </metadata> 47239 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 47240 <criteria operator="AND"> 47241 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47242 <criteria operator="OR"> 47243 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 47244 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 47245 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 47246 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 47247 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 47248 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 47249 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 47250 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 47251 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 47252 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 47253 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 47254 </criteria> 47255 </criteria> 47256 </definition> 47257 <definition id="oval:org.opensuse.security:def:20130485" version="1" class="vulnerability"> 47258 <metadata> 47259 <title>CVE-2013-0485</title> 47260 <affected family="unix"> 47261 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47262 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47263 </affected> 47264 <reference ref_id="CVE-2013-0485" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0485" source="CVE"/> 47265 <description> 47266 Unspecified vulnerability in IBM Java SDK before 7 before SR4-FP1, 6 before SR13-FP1, 5.0 before SR16-FP1, and 1.4.2 before SR13-FP16 has unknown impact and attack vectors related to Class Libraries. 47267 </description> 47268 </metadata> 47269 <!-- 68dff9a90877961ddadf162e06d37083 --> 47270 <criteria operator="AND"> 47271 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47272 <criteria operator="OR"> 47273 <criterion test_ref="oval:org.opensuse.security:tst:2009077068" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.1-0.5.1"/> 47274 <criterion test_ref="oval:org.opensuse.security:tst:2009077069" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.1-0.5.1"/> 47275 <criterion test_ref="oval:org.opensuse.security:tst:2009077070" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.1-0.5.1"/> 47276 <criterion test_ref="oval:org.opensuse.security:tst:2009077071" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.1-0.5.1"/> 47277 <criterion test_ref="oval:org.opensuse.security:tst:2009077072" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.1-0.5.1"/> 47278 <criterion test_ref="oval:org.opensuse.security:tst:2009077073" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.1-0.5.1"/> 47279 <criterion test_ref="oval:org.opensuse.security:tst:2009077074" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.1-0.5.1"/> 47280 <criterion test_ref="oval:org.opensuse.security:tst:2009077075" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.1-0.5.1"/> 47281 <criterion test_ref="oval:org.opensuse.security:tst:2009077076" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.1-0.5.1"/> 47282 <criterion test_ref="oval:org.opensuse.security:tst:2009077077" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.1-0.5.1"/> 47283 <criterion test_ref="oval:org.opensuse.security:tst:2009077078" comment="java-1_5_0-ibm less than 1.5.0_sr16.1-0.5.1"/> 47284 </criteria> 47285 </criteria> 47286 </definition> 47287 <definition id="oval:org.opensuse.security:def:20130504" version="1" class="vulnerability"> 47288 <metadata> 47289 <title>CVE-2013-0504</title> 47290 <affected family="unix"> 47291 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47292 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47293 </affected> 47294 <reference ref_id="CVE-2013-0504" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0504" source="CVE"/> 47295 <description> 47296 Buffer overflow in the broker service in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows attackers to execute arbitrary code via unspecified vectors. 47297 </description> 47298 </metadata> 47299 <!-- 3b0ce797a974270691c8512e9146c1aa --> 47300 <criteria operator="AND"> 47301 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47302 <criterion test_ref="oval:org.opensuse.security:tst:2009076713" comment="flash-player less than 11.2.202.273-0.5.1"/> 47303 </criteria> 47304 </definition> 47305 <definition id="oval:org.opensuse.security:def:20130601" version="1" class="vulnerability"> 47306 <metadata> 47307 <title>CVE-2013-0601</title> 47308 <affected family="unix"> 47309 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47310 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47311 </affected> 47312 <reference ref_id="CVE-2013-0601" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0601" source="CVE"/> 47313 <description> 47314 Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623. 47315 </description> 47316 </metadata> 47317 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47318 <criteria operator="AND"> 47319 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47320 <criteria operator="OR"> 47321 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47322 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47323 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47324 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47325 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47326 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47327 </criteria> 47328 </criteria> 47329 </definition> 47330 <definition id="oval:org.opensuse.security:def:20130602" version="1" class="vulnerability"> 47331 <metadata> 47332 <title>CVE-2013-0602</title> 47333 <affected family="unix"> 47334 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47335 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47336 </affected> 47337 <reference ref_id="CVE-2013-0602" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0602" source="CVE"/> 47338 <description> 47339 Use-after-free vulnerability in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors. 47340 </description> 47341 </metadata> 47342 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47343 <criteria operator="AND"> 47344 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47345 <criteria operator="OR"> 47346 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47347 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47348 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47349 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47350 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47351 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47352 </criteria> 47353 </criteria> 47354 </definition> 47355 <definition id="oval:org.opensuse.security:def:20130603" version="1" class="vulnerability"> 47356 <metadata> 47357 <title>CVE-2013-0603</title> 47358 <affected family="unix"> 47359 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47360 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47361 </affected> 47362 <reference ref_id="CVE-2013-0603" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0603" source="CVE"/> 47363 <description> 47364 Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0604. 47365 </description> 47366 </metadata> 47367 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47368 <criteria operator="AND"> 47369 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47370 <criteria operator="OR"> 47371 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47372 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47373 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47374 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47375 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47376 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47377 </criteria> 47378 </criteria> 47379 </definition> 47380 <definition id="oval:org.opensuse.security:def:20130604" version="1" class="vulnerability"> 47381 <metadata> 47382 <title>CVE-2013-0604</title> 47383 <affected family="unix"> 47384 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47385 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47386 </affected> 47387 <reference ref_id="CVE-2013-0604" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0604" source="CVE"/> 47388 <description> 47389 Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0603. 47390 </description> 47391 </metadata> 47392 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47393 <criteria operator="AND"> 47394 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47395 <criteria operator="OR"> 47396 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47397 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47398 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47399 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47400 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47401 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47402 </criteria> 47403 </criteria> 47404 </definition> 47405 <definition id="oval:org.opensuse.security:def:20130605" version="1" class="vulnerability"> 47406 <metadata> 47407 <title>CVE-2013-0605</title> 47408 <affected family="unix"> 47409 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47410 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47411 </affected> 47412 <reference ref_id="CVE-2013-0605" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0605" source="CVE"/> 47413 <description> 47414 Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0616, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623. 47415 </description> 47416 </metadata> 47417 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47418 <criteria operator="AND"> 47419 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47420 <criteria operator="OR"> 47421 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47422 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47423 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47424 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47425 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47426 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47427 </criteria> 47428 </criteria> 47429 </definition> 47430 <definition id="oval:org.opensuse.security:def:20130606" version="1" class="vulnerability"> 47431 <metadata> 47432 <title>CVE-2013-0606</title> 47433 <affected family="unix"> 47434 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47435 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47436 </affected> 47437 <reference ref_id="CVE-2013-0606" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0606" source="CVE"/> 47438 <description> 47439 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0612, CVE-2013-0615, CVE-2013-0617, and CVE-2013-0621. 47440 </description> 47441 </metadata> 47442 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47443 <criteria operator="AND"> 47444 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47445 <criteria operator="OR"> 47446 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47447 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47448 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47449 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47450 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47451 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47452 </criteria> 47453 </criteria> 47454 </definition> 47455 <definition id="oval:org.opensuse.security:def:20130607" version="1" class="vulnerability"> 47456 <metadata> 47457 <title>CVE-2013-0607</title> 47458 <affected family="unix"> 47459 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47460 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47461 </affected> 47462 <reference ref_id="CVE-2013-0607" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0607" source="CVE"/> 47463 <description> 47464 Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0608, CVE-2013-0611, CVE-2013-0614, and CVE-2013-0618. 47465 </description> 47466 </metadata> 47467 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47468 <criteria operator="AND"> 47469 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47470 <criteria operator="OR"> 47471 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47472 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47473 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47474 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47475 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47476 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47477 </criteria> 47478 </criteria> 47479 </definition> 47480 <definition id="oval:org.opensuse.security:def:20130608" version="1" class="vulnerability"> 47481 <metadata> 47482 <title>CVE-2013-0608</title> 47483 <affected family="unix"> 47484 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47485 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47486 </affected> 47487 <reference ref_id="CVE-2013-0608" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0608" source="CVE"/> 47488 <description> 47489 Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0611, CVE-2013-0614, and CVE-2013-0618. 47490 </description> 47491 </metadata> 47492 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47493 <criteria operator="AND"> 47494 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47495 <criteria operator="OR"> 47496 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47497 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47498 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47499 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47500 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47501 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47502 </criteria> 47503 </criteria> 47504 </definition> 47505 <definition id="oval:org.opensuse.security:def:20130609" version="1" class="vulnerability"> 47506 <metadata> 47507 <title>CVE-2013-0609</title> 47508 <affected family="unix"> 47509 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47510 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47511 </affected> 47512 <reference ref_id="CVE-2013-0609" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0609" source="CVE"/> 47513 <description> 47514 Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0613. 47515 </description> 47516 </metadata> 47517 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47518 <criteria operator="AND"> 47519 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47520 <criteria operator="OR"> 47521 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47522 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47523 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47524 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47525 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47526 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47527 </criteria> 47528 </criteria> 47529 </definition> 47530 <definition id="oval:org.opensuse.security:def:20130610" version="1" class="vulnerability"> 47531 <metadata> 47532 <title>CVE-2013-0610</title> 47533 <affected family="unix"> 47534 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47535 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47536 </affected> 47537 <reference ref_id="CVE-2013-0610" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0610" source="CVE"/> 47538 <description> 47539 Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0626. 47540 </description> 47541 </metadata> 47542 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47543 <criteria operator="AND"> 47544 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47545 <criteria operator="OR"> 47546 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47547 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47548 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47549 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47550 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47551 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47552 </criteria> 47553 </criteria> 47554 </definition> 47555 <definition id="oval:org.opensuse.security:def:20130611" version="1" class="vulnerability"> 47556 <metadata> 47557 <title>CVE-2013-0611</title> 47558 <affected family="unix"> 47559 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47560 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47561 </affected> 47562 <reference ref_id="CVE-2013-0611" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0611" source="CVE"/> 47563 <description> 47564 Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0608, CVE-2013-0614, and CVE-2013-0618. 47565 </description> 47566 </metadata> 47567 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47568 <criteria operator="AND"> 47569 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47570 <criteria operator="OR"> 47571 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47572 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47573 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47574 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47575 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47576 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47577 </criteria> 47578 </criteria> 47579 </definition> 47580 <definition id="oval:org.opensuse.security:def:20130612" version="1" class="vulnerability"> 47581 <metadata> 47582 <title>CVE-2013-0612</title> 47583 <affected family="unix"> 47584 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47585 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47586 </affected> 47587 <reference ref_id="CVE-2013-0612" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0612" source="CVE"/> 47588 <description> 47589 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0615, CVE-2013-0617, and CVE-2013-0621. 47590 </description> 47591 </metadata> 47592 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47593 <criteria operator="AND"> 47594 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47595 <criteria operator="OR"> 47596 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47597 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47598 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47599 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47600 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47601 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47602 </criteria> 47603 </criteria> 47604 </definition> 47605 <definition id="oval:org.opensuse.security:def:20130613" version="1" class="vulnerability"> 47606 <metadata> 47607 <title>CVE-2013-0613</title> 47608 <affected family="unix"> 47609 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47610 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47611 </affected> 47612 <reference ref_id="CVE-2013-0613" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0613" source="CVE"/> 47613 <description> 47614 Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0609. 47615 </description> 47616 </metadata> 47617 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47618 <criteria operator="AND"> 47619 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47620 <criteria operator="OR"> 47621 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47622 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47623 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47624 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47625 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47626 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47627 </criteria> 47628 </criteria> 47629 </definition> 47630 <definition id="oval:org.opensuse.security:def:20130614" version="1" class="vulnerability"> 47631 <metadata> 47632 <title>CVE-2013-0614</title> 47633 <affected family="unix"> 47634 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47635 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47636 </affected> 47637 <reference ref_id="CVE-2013-0614" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0614" source="CVE"/> 47638 <description> 47639 Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0608, CVE-2013-0611, and CVE-2013-0618. 47640 </description> 47641 </metadata> 47642 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47643 <criteria operator="AND"> 47644 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47645 <criteria operator="OR"> 47646 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47647 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47648 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47649 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47650 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47651 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47652 </criteria> 47653 </criteria> 47654 </definition> 47655 <definition id="oval:org.opensuse.security:def:20130615" version="1" class="vulnerability"> 47656 <metadata> 47657 <title>CVE-2013-0615</title> 47658 <affected family="unix"> 47659 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47660 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47661 </affected> 47662 <reference ref_id="CVE-2013-0615" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0615" source="CVE"/> 47663 <description> 47664 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0617, and CVE-2013-0621. 47665 </description> 47666 </metadata> 47667 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47668 <criteria operator="AND"> 47669 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47670 <criteria operator="OR"> 47671 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47672 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47673 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47674 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47675 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47676 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47677 </criteria> 47678 </criteria> 47679 </definition> 47680 <definition id="oval:org.opensuse.security:def:20130616" version="1" class="vulnerability"> 47681 <metadata> 47682 <title>CVE-2013-0616</title> 47683 <affected family="unix"> 47684 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47685 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47686 </affected> 47687 <reference ref_id="CVE-2013-0616" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0616" source="CVE"/> 47688 <description> 47689 Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623. 47690 </description> 47691 </metadata> 47692 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47693 <criteria operator="AND"> 47694 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47695 <criteria operator="OR"> 47696 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47697 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47698 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47699 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47700 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47701 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47702 </criteria> 47703 </criteria> 47704 </definition> 47705 <definition id="oval:org.opensuse.security:def:20130617" version="1" class="vulnerability"> 47706 <metadata> 47707 <title>CVE-2013-0617</title> 47708 <affected family="unix"> 47709 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47710 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47711 </affected> 47712 <reference ref_id="CVE-2013-0617" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0617" source="CVE"/> 47713 <description> 47714 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, and CVE-2013-0621. 47715 </description> 47716 </metadata> 47717 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47718 <criteria operator="AND"> 47719 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47720 <criteria operator="OR"> 47721 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47722 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47723 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47724 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47725 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47726 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47727 </criteria> 47728 </criteria> 47729 </definition> 47730 <definition id="oval:org.opensuse.security:def:20130618" version="1" class="vulnerability"> 47731 <metadata> 47732 <title>CVE-2013-0618</title> 47733 <affected family="unix"> 47734 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47735 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47736 </affected> 47737 <reference ref_id="CVE-2013-0618" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0618" source="CVE"/> 47738 <description> 47739 Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0608, CVE-2013-0611, and CVE-2013-0614. 47740 </description> 47741 </metadata> 47742 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47743 <criteria operator="AND"> 47744 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47745 <criteria operator="OR"> 47746 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47747 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47748 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47749 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47750 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47751 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47752 </criteria> 47753 </criteria> 47754 </definition> 47755 <definition id="oval:org.opensuse.security:def:20130619" version="1" class="vulnerability"> 47756 <metadata> 47757 <title>CVE-2013-0619</title> 47758 <affected family="unix"> 47759 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47760 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47761 </affected> 47762 <reference ref_id="CVE-2013-0619" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0619" source="CVE"/> 47763 <description> 47764 Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0620, and CVE-2013-0623. 47765 </description> 47766 </metadata> 47767 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47768 <criteria operator="AND"> 47769 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47770 <criteria operator="OR"> 47771 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47772 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47773 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47774 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47775 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47776 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47777 </criteria> 47778 </criteria> 47779 </definition> 47780 <definition id="oval:org.opensuse.security:def:20130620" version="1" class="vulnerability"> 47781 <metadata> 47782 <title>CVE-2013-0620</title> 47783 <affected family="unix"> 47784 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47785 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47786 </affected> 47787 <reference ref_id="CVE-2013-0620" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0620" source="CVE"/> 47788 <description> 47789 Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, and CVE-2013-0623. 47790 </description> 47791 </metadata> 47792 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47793 <criteria operator="AND"> 47794 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47795 <criteria operator="OR"> 47796 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47797 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47798 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47799 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47800 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47801 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47802 </criteria> 47803 </criteria> 47804 </definition> 47805 <definition id="oval:org.opensuse.security:def:20130621" version="1" class="vulnerability"> 47806 <metadata> 47807 <title>CVE-2013-0621</title> 47808 <affected family="unix"> 47809 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47810 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47811 </affected> 47812 <reference ref_id="CVE-2013-0621" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0621" source="CVE"/> 47813 <description> 47814 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, and CVE-2013-0617. 47815 </description> 47816 </metadata> 47817 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47818 <criteria operator="AND"> 47819 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47820 <criteria operator="OR"> 47821 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47822 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47823 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47824 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47825 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47826 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47827 </criteria> 47828 </criteria> 47829 </definition> 47830 <definition id="oval:org.opensuse.security:def:20130622" version="1" class="vulnerability"> 47831 <metadata> 47832 <title>CVE-2013-0622</title> 47833 <affected family="unix"> 47834 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47835 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47836 </affected> 47837 <reference ref_id="CVE-2013-0622" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0622" source="CVE"/> 47838 <description> 47839 Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2013-0624. 47840 </description> 47841 </metadata> 47842 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47843 <criteria operator="AND"> 47844 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47845 <criteria operator="OR"> 47846 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47847 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47848 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47849 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47850 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47851 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47852 </criteria> 47853 </criteria> 47854 </definition> 47855 <definition id="oval:org.opensuse.security:def:20130623" version="1" class="vulnerability"> 47856 <metadata> 47857 <title>CVE-2013-0623</title> 47858 <affected family="unix"> 47859 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47860 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47861 </affected> 47862 <reference ref_id="CVE-2013-0623" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0623" source="CVE"/> 47863 <description> 47864 Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, and CVE-2013-0620. 47865 </description> 47866 </metadata> 47867 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47868 <criteria operator="AND"> 47869 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47870 <criteria operator="OR"> 47871 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47872 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47873 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47874 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47875 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47876 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47877 </criteria> 47878 </criteria> 47879 </definition> 47880 <definition id="oval:org.opensuse.security:def:20130624" version="1" class="vulnerability"> 47881 <metadata> 47882 <title>CVE-2013-0624</title> 47883 <affected family="unix"> 47884 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47885 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47886 </affected> 47887 <reference ref_id="CVE-2013-0624" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0624" source="CVE"/> 47888 <description> 47889 Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2013-0622. 47890 </description> 47891 </metadata> 47892 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47893 <criteria operator="AND"> 47894 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47895 <criteria operator="OR"> 47896 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47897 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47898 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47899 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47900 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47901 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47902 </criteria> 47903 </criteria> 47904 </definition> 47905 <definition id="oval:org.opensuse.security:def:20130626" version="1" class="vulnerability"> 47906 <metadata> 47907 <title>CVE-2013-0626</title> 47908 <affected family="unix"> 47909 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47910 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47911 </affected> 47912 <reference ref_id="CVE-2013-0626" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0626" source="CVE"/> 47913 <description> 47914 Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0610. 47915 </description> 47916 </metadata> 47917 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47918 <criteria operator="AND"> 47919 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47920 <criteria operator="OR"> 47921 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47922 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47923 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47924 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47925 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47926 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47927 </criteria> 47928 </criteria> 47929 </definition> 47930 <definition id="oval:org.opensuse.security:def:20130627" version="1" class="vulnerability"> 47931 <metadata> 47932 <title>CVE-2013-0627</title> 47933 <affected family="unix"> 47934 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47935 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47936 </affected> 47937 <reference ref_id="CVE-2013-0627" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0627" source="CVE"/> 47938 <description> 47939 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows local users to gain privileges via unknown vectors. 47940 </description> 47941 </metadata> 47942 <!-- 439f017a53eac3afd9cf07feecd10c66 --> 47943 <criteria operator="AND"> 47944 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47945 <criteria operator="OR"> 47946 <criterion test_ref="oval:org.opensuse.security:tst:2009076306" comment="acroread-cmaps less than 9.4.6-0.6.59"/> 47947 <criterion test_ref="oval:org.opensuse.security:tst:2009076307" comment="acroread-fonts-ja less than 9.4.6-0.6.59"/> 47948 <criterion test_ref="oval:org.opensuse.security:tst:2009076308" comment="acroread-fonts-ko less than 9.4.6-0.6.59"/> 47949 <criterion test_ref="oval:org.opensuse.security:tst:2009076309" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.59"/> 47950 <criterion test_ref="oval:org.opensuse.security:tst:2009076310" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.59"/> 47951 <criterion test_ref="oval:org.opensuse.security:tst:2009076311" comment="acroread less than 9.5.3-0.6.2"/> 47952 </criteria> 47953 </criteria> 47954 </definition> 47955 <definition id="oval:org.opensuse.security:def:20130630" version="1" class="vulnerability"> 47956 <metadata> 47957 <title>CVE-2013-0630</title> 47958 <affected family="unix"> 47959 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47960 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47961 </affected> 47962 <reference ref_id="CVE-2013-0630" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0630" source="CVE"/> 47963 <description> 47964 Buffer overflow in Adobe Flash Player before 10.3.183.50 and 11.x before 11.5.502.146 on Windows and Mac OS X, before 10.3.183.50 and 11.x before 11.2.202.261 on Linux, before 11.1.111.31 on Android 2.x and 3.x, and before 11.1.115.36 on Android 4.x; Adobe AIR before 3.5.0.1060; and Adobe AIR SDK before 3.5.0.1060 allows attackers to execute arbitrary code via unspecified vectors. 47965 </description> 47966 </metadata> 47967 <!-- 8177195047504934df723753177b611e --> 47968 <criteria operator="AND"> 47969 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47970 <criterion test_ref="oval:org.opensuse.security:tst:2009076304" comment="flash-player less than 11.2.202.261-0.5.1"/> 47971 </criteria> 47972 </definition> 47973 <definition id="oval:org.opensuse.security:def:20130633" version="1" class="vulnerability"> 47974 <metadata> 47975 <title>CVE-2013-0633</title> 47976 <affected family="unix"> 47977 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47978 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47979 </affected> 47980 <reference ref_id="CVE-2013-0633" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0633" source="CVE"/> 47981 <description> 47982 Buffer overflow in Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allows remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013. 47983 </description> 47984 </metadata> 47985 <!-- 048b4e48a8d9af16008045b1c6b96cec --> 47986 <criteria operator="AND"> 47987 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 47988 <criterion test_ref="oval:org.opensuse.security:tst:2009076528" comment="flash-player less than 11.2.202.262-0.5.1"/> 47989 </criteria> 47990 </definition> 47991 <definition id="oval:org.opensuse.security:def:20130634" version="1" class="vulnerability"> 47992 <metadata> 47993 <title>CVE-2013-0634</title> 47994 <affected family="unix"> 47995 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 47996 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 47997 </affected> 47998 <reference ref_id="CVE-2013-0634" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0634" source="CVE"/> 47999 <description> 48000 Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, as exploited in the wild in February 2013. 48001 </description> 48002 </metadata> 48003 <!-- 048b4e48a8d9af16008045b1c6b96cec --> 48004 <criteria operator="AND"> 48005 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48006 <criterion test_ref="oval:org.opensuse.security:tst:2009076528" comment="flash-player less than 11.2.202.262-0.5.1"/> 48007 </criteria> 48008 </definition> 48009 <definition id="oval:org.opensuse.security:def:20130637" version="1" class="vulnerability"> 48010 <metadata> 48011 <title>CVE-2013-0637</title> 48012 <affected family="unix"> 48013 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48014 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48015 </affected> 48016 <reference ref_id="CVE-2013-0637" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0637" source="CVE"/> 48017 <description> 48018 Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to obtain sensitive information via unspecified vectors. 48019 </description> 48020 </metadata> 48021 <!-- 3c1e2d8109d0393f30c137f2f4d16628 --> 48022 <criteria operator="AND"> 48023 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48024 <criterion test_ref="oval:org.opensuse.security:tst:2009076532" comment="flash-player less than 11.2.202.270-0.5.1"/> 48025 </criteria> 48026 </definition> 48027 <definition id="oval:org.opensuse.security:def:20130638" version="1" class="vulnerability"> 48028 <metadata> 48029 <title>CVE-2013-0638</title> 48030 <affected family="unix"> 48031 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48032 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48033 </affected> 48034 <reference ref_id="CVE-2013-0638" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0638" source="CVE"/> 48035 <description> 48036 Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-0647. 48037 </description> 48038 </metadata> 48039 <!-- 3c1e2d8109d0393f30c137f2f4d16628 --> 48040 <criteria operator="AND"> 48041 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48042 <criterion test_ref="oval:org.opensuse.security:tst:2009076532" comment="flash-player less than 11.2.202.270-0.5.1"/> 48043 </criteria> 48044 </definition> 48045 <definition id="oval:org.opensuse.security:def:20130639" version="1" class="vulnerability"> 48046 <metadata> 48047 <title>CVE-2013-0639</title> 48048 <affected family="unix"> 48049 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48050 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48051 </affected> 48052 <reference ref_id="CVE-2013-0639" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0639" source="CVE"/> 48053 <description> 48054 Integer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors. 48055 </description> 48056 </metadata> 48057 <!-- 3c1e2d8109d0393f30c137f2f4d16628 --> 48058 <criteria operator="AND"> 48059 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48060 <criterion test_ref="oval:org.opensuse.security:tst:2009076532" comment="flash-player less than 11.2.202.270-0.5.1"/> 48061 </criteria> 48062 </definition> 48063 <definition id="oval:org.opensuse.security:def:20130640" version="1" class="vulnerability"> 48064 <metadata> 48065 <title>CVE-2013-0640</title> 48066 <affected family="unix"> 48067 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48068 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48069 </affected> 48070 <reference ref_id="CVE-2013-0640" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0640" source="CVE"/> 48071 <description> 48072 Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, as exploited in the wild in February 2013. 48073 </description> 48074 </metadata> 48075 <!-- 8900cb8f67a730308586567ea97b51a9 --> 48076 <criteria operator="AND"> 48077 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48078 <criteria operator="OR"> 48079 <criterion test_ref="oval:org.opensuse.security:tst:2009076678" comment="acroread-cmaps less than 9.4.6-0.6.60"/> 48080 <criterion test_ref="oval:org.opensuse.security:tst:2009076679" comment="acroread-fonts-ja less than 9.4.6-0.6.60"/> 48081 <criterion test_ref="oval:org.opensuse.security:tst:2009076680" comment="acroread-fonts-ko less than 9.4.6-0.6.60"/> 48082 <criterion test_ref="oval:org.opensuse.security:tst:2009076681" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.60"/> 48083 <criterion test_ref="oval:org.opensuse.security:tst:2009076682" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.60"/> 48084 <criterion test_ref="oval:org.opensuse.security:tst:2009076683" comment="acroread less than 9.5.4-0.6.1"/> 48085 </criteria> 48086 </criteria> 48087 </definition> 48088 <definition id="oval:org.opensuse.security:def:20130641" version="1" class="vulnerability"> 48089 <metadata> 48090 <title>CVE-2013-0641</title> 48091 <affected family="unix"> 48092 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48093 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48094 </affected> 48095 <reference ref_id="CVE-2013-0641" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0641" source="CVE"/> 48096 <description> 48097 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute arbitrary code via a crafted PDF document, as exploited in the wild in February 2013. 48098 </description> 48099 </metadata> 48100 <!-- 8900cb8f67a730308586567ea97b51a9 --> 48101 <criteria operator="AND"> 48102 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48103 <criteria operator="OR"> 48104 <criterion test_ref="oval:org.opensuse.security:tst:2009076678" comment="acroread-cmaps less than 9.4.6-0.6.60"/> 48105 <criterion test_ref="oval:org.opensuse.security:tst:2009076679" comment="acroread-fonts-ja less than 9.4.6-0.6.60"/> 48106 <criterion test_ref="oval:org.opensuse.security:tst:2009076680" comment="acroread-fonts-ko less than 9.4.6-0.6.60"/> 48107 <criterion test_ref="oval:org.opensuse.security:tst:2009076681" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.60"/> 48108 <criterion test_ref="oval:org.opensuse.security:tst:2009076682" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.60"/> 48109 <criterion test_ref="oval:org.opensuse.security:tst:2009076683" comment="acroread less than 9.5.4-0.6.1"/> 48110 </criteria> 48111 </criteria> 48112 </definition> 48113 <definition id="oval:org.opensuse.security:def:20130642" version="1" class="vulnerability"> 48114 <metadata> 48115 <title>CVE-2013-0642</title> 48116 <affected family="unix"> 48117 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48118 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48119 </affected> 48120 <reference ref_id="CVE-2013-0642" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0642" source="CVE"/> 48121 <description> 48122 Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. 48123 </description> 48124 </metadata> 48125 <!-- 3c1e2d8109d0393f30c137f2f4d16628 --> 48126 <criteria operator="AND"> 48127 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48128 <criterion test_ref="oval:org.opensuse.security:tst:2009076532" comment="flash-player less than 11.2.202.270-0.5.1"/> 48129 </criteria> 48130 </definition> 48131 <definition id="oval:org.opensuse.security:def:20130643" version="1" class="vulnerability"> 48132 <metadata> 48133 <title>CVE-2013-0643</title> 48134 <affected family="unix"> 48135 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48136 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48137 </affected> 48138 <reference ref_id="CVE-2013-0643" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0643" source="CVE"/> 48139 <description> 48140 The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013. 48141 </description> 48142 </metadata> 48143 <!-- 3b0ce797a974270691c8512e9146c1aa --> 48144 <criteria operator="AND"> 48145 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48146 <criterion test_ref="oval:org.opensuse.security:tst:2009076713" comment="flash-player less than 11.2.202.273-0.5.1"/> 48147 </criteria> 48148 </definition> 48149 <definition id="oval:org.opensuse.security:def:20130644" version="1" class="vulnerability"> 48150 <metadata> 48151 <title>CVE-2013-0644</title> 48152 <affected family="unix"> 48153 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48154 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48155 </affected> 48156 <reference ref_id="CVE-2013-0644" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0644" source="CVE"/> 48157 <description> 48158 Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0649 and CVE-2013-1374. 48159 </description> 48160 </metadata> 48161 <!-- 3c1e2d8109d0393f30c137f2f4d16628 --> 48162 <criteria operator="AND"> 48163 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48164 <criterion test_ref="oval:org.opensuse.security:tst:2009076532" comment="flash-player less than 11.2.202.270-0.5.1"/> 48165 </criteria> 48166 </definition> 48167 <definition id="oval:org.opensuse.security:def:20130645" version="1" class="vulnerability"> 48168 <metadata> 48169 <title>CVE-2013-0645</title> 48170 <affected family="unix"> 48171 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48172 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48173 </affected> 48174 <reference ref_id="CVE-2013-0645" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0645" source="CVE"/> 48175 <description> 48176 Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. 48177 </description> 48178 </metadata> 48179 <!-- 3c1e2d8109d0393f30c137f2f4d16628 --> 48180 <criteria operator="AND"> 48181 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48182 <criterion test_ref="oval:org.opensuse.security:tst:2009076532" comment="flash-player less than 11.2.202.270-0.5.1"/> 48183 </criteria> 48184 </definition> 48185 <definition id="oval:org.opensuse.security:def:20130646" version="1" class="vulnerability"> 48186 <metadata> 48187 <title>CVE-2013-0646</title> 48188 <affected family="unix"> 48189 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48190 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48191 </affected> 48192 <reference ref_id="CVE-2013-0646" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0646" source="CVE"/> 48193 <description> 48194 Integer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors. 48195 </description> 48196 </metadata> 48197 <!-- a590b251093353c9a532d47fac07b211 --> 48198 <criteria operator="AND"> 48199 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48200 <criterion test_ref="oval:org.opensuse.security:tst:2009076803" comment="flash-player less than 11.2.202.275-0.5.1"/> 48201 </criteria> 48202 </definition> 48203 <definition id="oval:org.opensuse.security:def:20130647" version="1" class="vulnerability"> 48204 <metadata> 48205 <title>CVE-2013-0647</title> 48206 <affected family="unix"> 48207 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48208 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48209 </affected> 48210 <reference ref_id="CVE-2013-0647" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0647" source="CVE"/> 48211 <description> 48212 Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-0638. 48213 </description> 48214 </metadata> 48215 <!-- 3c1e2d8109d0393f30c137f2f4d16628 --> 48216 <criteria operator="AND"> 48217 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48218 <criterion test_ref="oval:org.opensuse.security:tst:2009076532" comment="flash-player less than 11.2.202.270-0.5.1"/> 48219 </criteria> 48220 </definition> 48221 <definition id="oval:org.opensuse.security:def:20130648" version="1" class="vulnerability"> 48222 <metadata> 48223 <title>CVE-2013-0648</title> 48224 <affected family="unix"> 48225 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48226 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48227 </affected> 48228 <reference ref_id="CVE-2013-0648" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0648" source="CVE"/> 48229 <description> 48230 Unspecified vulnerability in the ExternalInterface ActionScript functionality in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013. 48231 </description> 48232 </metadata> 48233 <!-- 3b0ce797a974270691c8512e9146c1aa --> 48234 <criteria operator="AND"> 48235 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48236 <criterion test_ref="oval:org.opensuse.security:tst:2009076713" comment="flash-player less than 11.2.202.273-0.5.1"/> 48237 </criteria> 48238 </definition> 48239 <definition id="oval:org.opensuse.security:def:20130649" version="1" class="vulnerability"> 48240 <metadata> 48241 <title>CVE-2013-0649</title> 48242 <affected family="unix"> 48243 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48244 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48245 </affected> 48246 <reference ref_id="CVE-2013-0649" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0649" source="CVE"/> 48247 <description> 48248 Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0644 and CVE-2013-1374. 48249 </description> 48250 </metadata> 48251 <!-- 3c1e2d8109d0393f30c137f2f4d16628 --> 48252 <criteria operator="AND"> 48253 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48254 <criterion test_ref="oval:org.opensuse.security:tst:2009076532" comment="flash-player less than 11.2.202.270-0.5.1"/> 48255 </criteria> 48256 </definition> 48257 <definition id="oval:org.opensuse.security:def:20130650" version="1" class="vulnerability"> 48258 <metadata> 48259 <title>CVE-2013-0650</title> 48260 <affected family="unix"> 48261 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48262 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48263 </affected> 48264 <reference ref_id="CVE-2013-0650" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0650" source="CVE"/> 48265 <description> 48266 Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors. 48267 </description> 48268 </metadata> 48269 <!-- a590b251093353c9a532d47fac07b211 --> 48270 <criteria operator="AND"> 48271 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48272 <criterion test_ref="oval:org.opensuse.security:tst:2009076803" comment="flash-player less than 11.2.202.275-0.5.1"/> 48273 </criteria> 48274 </definition> 48275 <definition id="oval:org.opensuse.security:def:20130743" version="1" class="vulnerability"> 48276 <metadata> 48277 <title>CVE-2013-0743</title> 48278 <affected family="unix"> 48279 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48280 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48281 </affected> 48282 <reference ref_id="CVE-2013-0743" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0743" source="CVE"/> 48283 <description> 48284 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA at the suggestion of the CVE project team. The candidate had been associated with a correct report of a security problem, but not a problem that is categorized as a vulnerability within CVE. Compromised or unauthorized SSL certificates are not within CVE's scope. Notes: none. 48285 </description> 48286 </metadata> 48287 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48288 <criteria operator="AND"> 48289 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48290 <criteria operator="OR"> 48291 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48292 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48293 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48294 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48295 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48296 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48297 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48298 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48299 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48300 </criteria> 48301 </criteria> 48302 </definition> 48303 <definition id="oval:org.opensuse.security:def:20130744" version="1" class="vulnerability"> 48304 <metadata> 48305 <title>CVE-2013-0744</title> 48306 <affected family="unix"> 48307 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48308 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48309 </affected> 48310 <reference ref_id="CVE-2013-0744" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0744" source="CVE"/> 48311 <description> 48312 Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups. 48313 </description> 48314 </metadata> 48315 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48316 <criteria operator="AND"> 48317 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48318 <criteria operator="OR"> 48319 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48320 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48321 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48322 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48323 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48324 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48325 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48326 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48327 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48328 </criteria> 48329 </criteria> 48330 </definition> 48331 <definition id="oval:org.opensuse.security:def:20130745" version="1" class="vulnerability"> 48332 <metadata> 48333 <title>CVE-2013-0745</title> 48334 <affected family="unix"> 48335 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48336 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48337 </affected> 48338 <reference ref_id="CVE-2013-0745" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0745" source="CVE"/> 48339 <description> 48340 The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly interact with garbage collection, which allows remote attackers to execute arbitrary code via a crafted HTML document referencing JavaScript objects. 48341 </description> 48342 </metadata> 48343 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48344 <criteria operator="AND"> 48345 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48346 <criteria operator="OR"> 48347 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48348 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48349 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48350 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48351 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48352 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48353 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48354 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48355 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48356 </criteria> 48357 </criteria> 48358 </definition> 48359 <definition id="oval:org.opensuse.security:def:20130746" version="1" class="vulnerability"> 48360 <metadata> 48361 <title>CVE-2013-0746</title> 48362 <affected family="unix"> 48363 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48364 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48365 </affected> 48366 <reference ref_id="CVE-2013-0746" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0746" source="CVE"/> 48367 <description> 48368 Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a denial of service (compartment mismatch and application crash) via crafted JavaScript code that is not properly handled during garbage collection. 48369 </description> 48370 </metadata> 48371 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48372 <criteria operator="AND"> 48373 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48374 <criteria operator="OR"> 48375 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48376 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48377 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48378 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48379 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48380 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48381 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48382 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48383 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48384 </criteria> 48385 </criteria> 48386 </definition> 48387 <definition id="oval:org.opensuse.security:def:20130747" version="1" class="vulnerability"> 48388 <metadata> 48389 <title>CVE-2013-0747</title> 48390 <affected family="unix"> 48391 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48392 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48393 </affected> 48394 <reference ref_id="CVE-2013-0747" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0747" source="CVE"/> 48395 <description> 48396 The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly enforce the Same Origin Policy, which allows remote attackers to conduct clickjacking attacks via crafted JavaScript code that listens for a mutation event. 48397 </description> 48398 </metadata> 48399 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48400 <criteria operator="AND"> 48401 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48402 <criteria operator="OR"> 48403 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48404 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48405 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48406 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48407 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48408 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48409 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48410 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48411 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48412 </criteria> 48413 </criteria> 48414 </definition> 48415 <definition id="oval:org.opensuse.security:def:20130748" version="1" class="vulnerability"> 48416 <metadata> 48417 <title>CVE-2013-0748</title> 48418 <affected family="unix"> 48419 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48420 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48421 </affected> 48422 <reference ref_id="CVE-2013-0748" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0748" source="CVE"/> 48423 <description> 48424 The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 makes it easier for remote attackers to bypass the ASLR protection mechanism by calling the toString function of an XBL object. 48425 </description> 48426 </metadata> 48427 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48428 <criteria operator="AND"> 48429 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48430 <criteria operator="OR"> 48431 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48432 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48433 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48434 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48435 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48436 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48437 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48438 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48439 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48440 </criteria> 48441 </criteria> 48442 </definition> 48443 <definition id="oval:org.opensuse.security:def:20130749" version="1" class="vulnerability"> 48444 <metadata> 48445 <title>CVE-2013-0749</title> 48446 <affected family="unix"> 48447 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48448 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48449 </affected> 48450 <reference ref_id="CVE-2013-0749" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0749" source="CVE"/> 48451 <description> 48452 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 48453 </description> 48454 </metadata> 48455 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48456 <criteria operator="AND"> 48457 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48458 <criteria operator="OR"> 48459 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48460 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48461 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48462 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48463 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48464 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48465 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48466 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48467 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48468 </criteria> 48469 </criteria> 48470 </definition> 48471 <definition id="oval:org.opensuse.security:def:20130750" version="1" class="vulnerability"> 48472 <metadata> 48473 <title>CVE-2013-0750</title> 48474 <affected family="unix"> 48475 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48476 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48477 </affected> 48478 <reference ref_id="CVE-2013-0750" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0750" source="CVE"/> 48479 <description> 48480 Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted string concatenation, leading to improper memory allocation and a heap-based buffer overflow. 48481 </description> 48482 </metadata> 48483 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48484 <criteria operator="AND"> 48485 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48486 <criteria operator="OR"> 48487 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48488 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48489 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48490 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48491 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48492 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48493 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48494 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48495 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48496 </criteria> 48497 </criteria> 48498 </definition> 48499 <definition id="oval:org.opensuse.security:def:20130751" version="1" class="vulnerability"> 48500 <metadata> 48501 <title>CVE-2013-0751</title> 48502 <affected family="unix"> 48503 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48504 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48505 </affected> 48506 <reference ref_id="CVE-2013-0751" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0751" source="CVE"/> 48507 <description> 48508 Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do not restrict a touch event to a single IFRAME element, which allows remote attackers to obtain sensitive information or possibly conduct cross-site scripting (XSS) attacks via a crafted HTML document. 48509 </description> 48510 </metadata> 48511 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48512 <criteria operator="AND"> 48513 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48514 <criteria operator="OR"> 48515 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48516 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48517 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48518 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48519 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48520 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48521 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48522 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48523 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48524 </criteria> 48525 </criteria> 48526 </definition> 48527 <definition id="oval:org.opensuse.security:def:20130752" version="1" class="vulnerability"> 48528 <metadata> 48529 <title>CVE-2013-0752</title> 48530 <affected family="unix"> 48531 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48532 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48533 </affected> 48534 <reference ref_id="CVE-2013-0752" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0752" source="CVE"/> 48535 <description> 48536 Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XBL file with multiple bindings that have SVG content. 48537 </description> 48538 </metadata> 48539 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48540 <criteria operator="AND"> 48541 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48542 <criteria operator="OR"> 48543 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48544 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48545 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48546 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48547 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48548 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48549 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48550 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48551 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48552 </criteria> 48553 </criteria> 48554 </definition> 48555 <definition id="oval:org.opensuse.security:def:20130753" version="1" class="vulnerability"> 48556 <metadata> 48557 <title>CVE-2013-0753</title> 48558 <affected family="unix"> 48559 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48560 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48561 </affected> 48562 <reference ref_id="CVE-2013-0753" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0753" source="CVE"/> 48563 <description> 48564 Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via crafted web content. 48565 </description> 48566 </metadata> 48567 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48568 <criteria operator="AND"> 48569 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48570 <criteria operator="OR"> 48571 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48572 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48573 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48574 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48575 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48576 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48577 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48578 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48579 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48580 </criteria> 48581 </criteria> 48582 </definition> 48583 <definition id="oval:org.opensuse.security:def:20130754" version="1" class="vulnerability"> 48584 <metadata> 48585 <title>CVE-2013-0754</title> 48586 <affected family="unix"> 48587 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48588 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48589 </affected> 48590 <reference ref_id="CVE-2013-0754" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0754" source="CVE"/> 48591 <description> 48592 Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors involving the triggering of garbage collection after memory allocation for listener objects. 48593 </description> 48594 </metadata> 48595 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48596 <criteria operator="AND"> 48597 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48598 <criteria operator="OR"> 48599 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48600 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48601 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48602 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48603 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48604 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48605 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48606 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48607 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48608 </criteria> 48609 </criteria> 48610 </definition> 48611 <definition id="oval:org.opensuse.security:def:20130755" version="1" class="vulnerability"> 48612 <metadata> 48613 <title>CVE-2013-0755</title> 48614 <affected family="unix"> 48615 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48616 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48617 </affected> 48618 <reference ref_id="CVE-2013-0755" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0755" source="CVE"/> 48619 <description> 48620 Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors related to the domDoc pointer. 48621 </description> 48622 </metadata> 48623 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48624 <criteria operator="AND"> 48625 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48626 <criteria operator="OR"> 48627 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48628 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48629 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48630 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48631 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48632 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48633 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48634 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48635 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48636 </criteria> 48637 </criteria> 48638 </definition> 48639 <definition id="oval:org.opensuse.security:def:20130756" version="1" class="vulnerability"> 48640 <metadata> 48641 <title>CVE-2013-0756</title> 48642 <affected family="unix"> 48643 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48644 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48645 </affected> 48646 <reference ref_id="CVE-2013-0756" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0756" source="CVE"/> 48647 <description> 48648 Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted web page referencing JavaScript Proxy objects that are not properly handled during garbage collection. 48649 </description> 48650 </metadata> 48651 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48652 <criteria operator="AND"> 48653 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48654 <criteria operator="OR"> 48655 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48656 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48657 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48658 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48659 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48660 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48661 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48662 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48663 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48664 </criteria> 48665 </criteria> 48666 </definition> 48667 <definition id="oval:org.opensuse.security:def:20130757" version="1" class="vulnerability"> 48668 <metadata> 48669 <title>CVE-2013-0757</title> 48670 <affected family="unix"> 48671 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48672 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48673 </affected> 48674 <reference ref_id="CVE-2013-0757" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0757" source="CVE"/> 48675 <description> 48676 The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by referencing Object.prototype.__proto__ in a crafted HTML document. 48677 </description> 48678 </metadata> 48679 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48680 <criteria operator="AND"> 48681 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48682 <criteria operator="OR"> 48683 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48684 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48685 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48686 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48687 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48688 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48689 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48690 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48691 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48692 </criteria> 48693 </criteria> 48694 </definition> 48695 <definition id="oval:org.opensuse.security:def:20130758" version="1" class="vulnerability"> 48696 <metadata> 48697 <title>CVE-2013-0758</title> 48698 <affected family="unix"> 48699 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48700 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48701 </affected> 48702 <reference ref_id="CVE-2013-0758" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0758" source="CVE"/> 48703 <description> 48704 Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging improper interaction between plugin objects and SVG elements. 48705 </description> 48706 </metadata> 48707 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48708 <criteria operator="AND"> 48709 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48710 <criteria operator="OR"> 48711 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48712 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48713 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48714 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48715 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48716 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48717 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48718 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48719 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48720 </criteria> 48721 </criteria> 48722 </definition> 48723 <definition id="oval:org.opensuse.security:def:20130759" version="1" class="vulnerability"> 48724 <metadata> 48725 <title>CVE-2013-0759</title> 48726 <affected family="unix"> 48727 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48728 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48729 </affected> 48730 <reference ref_id="CVE-2013-0759" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0759" source="CVE"/> 48731 <description> 48732 Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to spoof the address bar via vectors involving authentication information in the userinfo field of a URL, in conjunction with a 204 (aka No Content) HTTP status code. 48733 </description> 48734 </metadata> 48735 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48736 <criteria operator="AND"> 48737 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48738 <criteria operator="OR"> 48739 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48740 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48741 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48742 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48743 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48744 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48745 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48746 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48747 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48748 </criteria> 48749 </criteria> 48750 </definition> 48751 <definition id="oval:org.opensuse.security:def:20130760" version="1" class="vulnerability"> 48752 <metadata> 48753 <title>CVE-2013-0760</title> 48754 <affected family="unix"> 48755 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48756 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48757 </affected> 48758 <reference ref_id="CVE-2013-0760" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0760" source="CVE"/> 48759 <description> 48760 Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document. 48761 </description> 48762 </metadata> 48763 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48764 <criteria operator="AND"> 48765 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48766 <criteria operator="OR"> 48767 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48768 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48769 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48770 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48771 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48772 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48773 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48774 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48775 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48776 </criteria> 48777 </criteria> 48778 </definition> 48779 <definition id="oval:org.opensuse.security:def:20130761" version="1" class="vulnerability"> 48780 <metadata> 48781 <title>CVE-2013-0761</title> 48782 <affected family="unix"> 48783 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48784 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48785 </affected> 48786 <reference ref_id="CVE-2013-0761" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0761" source="CVE"/> 48787 <description> 48788 Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 48789 </description> 48790 </metadata> 48791 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48792 <criteria operator="AND"> 48793 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48794 <criteria operator="OR"> 48795 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48796 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48797 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48798 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48799 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48800 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48801 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48802 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48803 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48804 </criteria> 48805 </criteria> 48806 </definition> 48807 <definition id="oval:org.opensuse.security:def:20130762" version="1" class="vulnerability"> 48808 <metadata> 48809 <title>CVE-2013-0762</title> 48810 <affected family="unix"> 48811 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48812 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48813 </affected> 48814 <reference ref_id="CVE-2013-0762" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0762" source="CVE"/> 48815 <description> 48816 Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 48817 </description> 48818 </metadata> 48819 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48820 <criteria operator="AND"> 48821 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48822 <criteria operator="OR"> 48823 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48824 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48825 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48826 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48827 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48828 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48829 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48830 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48831 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48832 </criteria> 48833 </criteria> 48834 </definition> 48835 <definition id="oval:org.opensuse.security:def:20130763" version="1" class="vulnerability"> 48836 <metadata> 48837 <title>CVE-2013-0763</title> 48838 <affected family="unix"> 48839 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48840 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48841 </affected> 48842 <reference ref_id="CVE-2013-0763" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0763" source="CVE"/> 48843 <description> 48844 Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to Mesa drivers and a resized WebGL canvas. 48845 </description> 48846 </metadata> 48847 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48848 <criteria operator="AND"> 48849 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48850 <criteria operator="OR"> 48851 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48852 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48853 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48854 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48855 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48856 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48857 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48858 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48859 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48860 </criteria> 48861 </criteria> 48862 </definition> 48863 <definition id="oval:org.opensuse.security:def:20130764" version="1" class="vulnerability"> 48864 <metadata> 48865 <title>CVE-2013-0764</title> 48866 <affected family="unix"> 48867 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48868 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48869 </affected> 48870 <reference ref_id="CVE-2013-0764" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0764" source="CVE"/> 48871 <description> 48872 The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not ensure thread safety for SSL sessions, which allows remote attackers to execute arbitrary code via crafted data, as demonstrated by e-mail message data. 48873 </description> 48874 </metadata> 48875 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48876 <criteria operator="AND"> 48877 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48878 <criteria operator="OR"> 48879 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48880 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48881 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48882 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48883 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48884 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48885 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48886 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48887 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48888 </criteria> 48889 </criteria> 48890 </definition> 48891 <definition id="oval:org.opensuse.security:def:20130765" version="1" class="vulnerability"> 48892 <metadata> 48893 <title>CVE-2013-0765</title> 48894 <affected family="unix"> 48895 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48896 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48897 </affected> 48898 <reference ref_id="CVE-2013-0765" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0765" source="CVE"/> 48899 <description> 48900 Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote attackers to bypass intended access restrictions via unspecified vectors. 48901 </description> 48902 </metadata> 48903 <!-- e8a17727b5ca4754a7c066ed49b6d2d9 --> 48904 <criteria operator="AND"> 48905 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48906 <criteria operator="OR"> 48907 <criterion test_ref="oval:org.opensuse.security:tst:2009076862" comment="MozillaFirefox-branding-SLED less than 7-0.10.4"/> 48908 <criterion test_ref="oval:org.opensuse.security:tst:2009076863" comment="MozillaFirefox-translations less than 17.0.4esr-0.7.1"/> 48909 <criterion test_ref="oval:org.opensuse.security:tst:2009076864" comment="MozillaFirefox less than 17.0.4esr-0.7.1"/> 48910 <criterion test_ref="oval:org.opensuse.security:tst:2009076865" comment="mhtml-firefox less than 0.5-1.13.4"/> 48911 <criterion test_ref="oval:org.opensuse.security:tst:2009076866" comment="mozilla-nspr-32bit less than 4.9.4-0.6.3"/> 48912 <criterion test_ref="oval:org.opensuse.security:tst:2009076867" comment="mozilla-nspr-devel less than 4.9.4-0.6.3"/> 48913 <criterion test_ref="oval:org.opensuse.security:tst:2009076868" comment="mozilla-nspr less than 4.9.4-0.6.3"/> 48914 <criterion test_ref="oval:org.opensuse.security:tst:2009076869" comment="mozilla-nss-32bit less than 3.14.1-0.6.3"/> 48915 <criterion test_ref="oval:org.opensuse.security:tst:2009076870" comment="mozilla-nss-devel less than 3.14.1-0.6.3"/> 48916 <criterion test_ref="oval:org.opensuse.security:tst:2009076871" comment="mozilla-nss-tools less than 3.14.1-0.6.3"/> 48917 <criterion test_ref="oval:org.opensuse.security:tst:2009076872" comment="mozilla-nss less than 3.14.1-0.6.3"/> 48918 </criteria> 48919 </criteria> 48920 </definition> 48921 <definition id="oval:org.opensuse.security:def:20130766" version="1" class="vulnerability"> 48922 <metadata> 48923 <title>CVE-2013-0766</title> 48924 <affected family="unix"> 48925 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48926 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48927 </affected> 48928 <reference ref_id="CVE-2013-0766" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0766" source="CVE"/> 48929 <description> 48930 Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 48931 </description> 48932 </metadata> 48933 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48934 <criteria operator="AND"> 48935 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48936 <criteria operator="OR"> 48937 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48938 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48939 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48940 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48941 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48942 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48943 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48944 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48945 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48946 </criteria> 48947 </criteria> 48948 </definition> 48949 <definition id="oval:org.opensuse.security:def:20130767" version="1" class="vulnerability"> 48950 <metadata> 48951 <title>CVE-2013-0767</title> 48952 <affected family="unix"> 48953 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48954 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48955 </affected> 48956 <reference ref_id="CVE-2013-0767" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0767" source="CVE"/> 48957 <description> 48958 The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. 48959 </description> 48960 </metadata> 48961 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48962 <criteria operator="AND"> 48963 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48964 <criteria operator="OR"> 48965 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48966 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48967 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48968 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48969 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48970 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48971 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 48972 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 48973 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 48974 </criteria> 48975 </criteria> 48976 </definition> 48977 <definition id="oval:org.opensuse.security:def:20130768" version="1" class="vulnerability"> 48978 <metadata> 48979 <title>CVE-2013-0768</title> 48980 <affected family="unix"> 48981 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 48982 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 48983 </affected> 48984 <reference ref_id="CVE-2013-0768" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0768" source="CVE"/> 48985 <description> 48986 Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via an HTML document that specifies invalid width and height values. 48987 </description> 48988 </metadata> 48989 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 48990 <criteria operator="AND"> 48991 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 48992 <criteria operator="OR"> 48993 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 48994 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 48995 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 48996 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 48997 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 48998 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 48999 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 49000 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 49001 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 49002 </criteria> 49003 </criteria> 49004 </definition> 49005 <definition id="oval:org.opensuse.security:def:20130769" version="1" class="vulnerability"> 49006 <metadata> 49007 <title>CVE-2013-0769</title> 49008 <affected family="unix"> 49009 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49010 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49011 </affected> 49012 <reference ref_id="CVE-2013-0769" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0769" source="CVE"/> 49013 <description> 49014 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 49015 </description> 49016 </metadata> 49017 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 49018 <criteria operator="AND"> 49019 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49020 <criteria operator="OR"> 49021 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 49022 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 49023 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 49024 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 49025 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 49026 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 49027 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 49028 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 49029 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 49030 </criteria> 49031 </criteria> 49032 </definition> 49033 <definition id="oval:org.opensuse.security:def:20130770" version="1" class="vulnerability"> 49034 <metadata> 49035 <title>CVE-2013-0770</title> 49036 <affected family="unix"> 49037 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49038 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49039 </affected> 49040 <reference ref_id="CVE-2013-0770" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0770" source="CVE"/> 49041 <description> 49042 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 49043 </description> 49044 </metadata> 49045 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 49046 <criteria operator="AND"> 49047 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49048 <criteria operator="OR"> 49049 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 49050 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 49051 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 49052 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 49053 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 49054 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 49055 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 49056 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 49057 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 49058 </criteria> 49059 </criteria> 49060 </definition> 49061 <definition id="oval:org.opensuse.security:def:20130771" version="1" class="vulnerability"> 49062 <metadata> 49063 <title>CVE-2013-0771</title> 49064 <affected family="unix"> 49065 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49066 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49067 </affected> 49068 <reference ref_id="CVE-2013-0771" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0771" source="CVE"/> 49069 <description> 49070 Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document. 49071 </description> 49072 </metadata> 49073 <!-- dbe0a7820fa20c51a9e400f8a2814641 --> 49074 <criteria operator="AND"> 49075 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49076 <criteria operator="OR"> 49077 <criterion test_ref="oval:org.opensuse.security:tst:2009076318" comment="MozillaFirefox-translations less than 10.0.12-0.6.1"/> 49078 <criterion test_ref="oval:org.opensuse.security:tst:2009076319" comment="MozillaFirefox less than 10.0.12-0.6.1"/> 49079 <criterion test_ref="oval:org.opensuse.security:tst:2009076320" comment="mozilla-nspr-32bit less than 4.9.4-0.6.1"/> 49080 <criterion test_ref="oval:org.opensuse.security:tst:2009076321" comment="mozilla-nspr-devel less than 4.9.4-0.6.1"/> 49081 <criterion test_ref="oval:org.opensuse.security:tst:2009076322" comment="mozilla-nspr less than 4.9.4-0.6.1"/> 49082 <criterion test_ref="oval:org.opensuse.security:tst:2009076323" comment="mozilla-nss-32bit less than 3.14.1-0.6.1"/> 49083 <criterion test_ref="oval:org.opensuse.security:tst:2009076324" comment="mozilla-nss-devel less than 3.14.1-0.6.1"/> 49084 <criterion test_ref="oval:org.opensuse.security:tst:2009076325" comment="mozilla-nss-tools less than 3.14.1-0.6.1"/> 49085 <criterion test_ref="oval:org.opensuse.security:tst:2009076326" comment="mozilla-nss less than 3.14.1-0.6.1"/> 49086 </criteria> 49087 </criteria> 49088 </definition> 49089 <definition id="oval:org.opensuse.security:def:20130772" version="1" class="vulnerability"> 49090 <metadata> 49091 <title>CVE-2013-0772</title> 49092 <affected family="unix"> 49093 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49094 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49095 </affected> 49096 <reference ref_id="CVE-2013-0772" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0772" source="CVE"/> 49097 <description> 49098 The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) via a crafted GIF image. 49099 </description> 49100 </metadata> 49101 <!-- e8a17727b5ca4754a7c066ed49b6d2d9 --> 49102 <criteria operator="AND"> 49103 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49104 <criteria operator="OR"> 49105 <criterion test_ref="oval:org.opensuse.security:tst:2009076862" comment="MozillaFirefox-branding-SLED less than 7-0.10.4"/> 49106 <criterion test_ref="oval:org.opensuse.security:tst:2009076863" comment="MozillaFirefox-translations less than 17.0.4esr-0.7.1"/> 49107 <criterion test_ref="oval:org.opensuse.security:tst:2009076864" comment="MozillaFirefox less than 17.0.4esr-0.7.1"/> 49108 <criterion test_ref="oval:org.opensuse.security:tst:2009076865" comment="mhtml-firefox less than 0.5-1.13.4"/> 49109 <criterion test_ref="oval:org.opensuse.security:tst:2009076866" comment="mozilla-nspr-32bit less than 4.9.4-0.6.3"/> 49110 <criterion test_ref="oval:org.opensuse.security:tst:2009076867" comment="mozilla-nspr-devel less than 4.9.4-0.6.3"/> 49111 <criterion test_ref="oval:org.opensuse.security:tst:2009076868" comment="mozilla-nspr less than 4.9.4-0.6.3"/> 49112 <criterion test_ref="oval:org.opensuse.security:tst:2009076869" comment="mozilla-nss-32bit less than 3.14.1-0.6.3"/> 49113 <criterion test_ref="oval:org.opensuse.security:tst:2009076870" comment="mozilla-nss-devel less than 3.14.1-0.6.3"/> 49114 <criterion test_ref="oval:org.opensuse.security:tst:2009076871" comment="mozilla-nss-tools less than 3.14.1-0.6.3"/> 49115 <criterion test_ref="oval:org.opensuse.security:tst:2009076872" comment="mozilla-nss less than 3.14.1-0.6.3"/> 49116 </criteria> 49117 </criteria> 49118 </definition> 49119 <definition id="oval:org.opensuse.security:def:20130773" version="1" class="vulnerability"> 49120 <metadata> 49121 <title>CVE-2013-0773</title> 49122 <affected family="unix"> 49123 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49124 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49125 </affected> 49126 <reference ref_id="CVE-2013-0773" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0773" source="CVE"/> 49127 <description> 49128 The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent modifications to a prototype, which allows remote attackers to obtain sensitive information from chrome objects or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site. 49129 </description> 49130 </metadata> 49131 <!-- e8a17727b5ca4754a7c066ed49b6d2d9 --> 49132 <criteria operator="AND"> 49133 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49134 <criteria operator="OR"> 49135 <criterion test_ref="oval:org.opensuse.security:tst:2009076862" comment="MozillaFirefox-branding-SLED less than 7-0.10.4"/> 49136 <criterion test_ref="oval:org.opensuse.security:tst:2009076863" comment="MozillaFirefox-translations less than 17.0.4esr-0.7.1"/> 49137 <criterion test_ref="oval:org.opensuse.security:tst:2009076864" comment="MozillaFirefox less than 17.0.4esr-0.7.1"/> 49138 <criterion test_ref="oval:org.opensuse.security:tst:2009076865" comment="mhtml-firefox less than 0.5-1.13.4"/> 49139 <criterion test_ref="oval:org.opensuse.security:tst:2009076866" comment="mozilla-nspr-32bit less than 4.9.4-0.6.3"/> 49140 <criterion test_ref="oval:org.opensuse.security:tst:2009076867" comment="mozilla-nspr-devel less than 4.9.4-0.6.3"/> 49141 <criterion test_ref="oval:org.opensuse.security:tst:2009076868" comment="mozilla-nspr less than 4.9.4-0.6.3"/> 49142 <criterion test_ref="oval:org.opensuse.security:tst:2009076869" comment="mozilla-nss-32bit less than 3.14.1-0.6.3"/> 49143 <criterion test_ref="oval:org.opensuse.security:tst:2009076870" comment="mozilla-nss-devel less than 3.14.1-0.6.3"/> 49144 <criterion test_ref="oval:org.opensuse.security:tst:2009076871" comment="mozilla-nss-tools less than 3.14.1-0.6.3"/> 49145 <criterion test_ref="oval:org.opensuse.security:tst:2009076872" comment="mozilla-nss less than 3.14.1-0.6.3"/> 49146 </criteria> 49147 </criteria> 49148 </definition> 49149 <definition id="oval:org.opensuse.security:def:20130774" version="1" class="vulnerability"> 49150 <metadata> 49151 <title>CVE-2013-0774</title> 49152 <affected family="unix"> 49153 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49154 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49155 </affected> 49156 <reference ref_id="CVE-2013-0774" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0774" source="CVE"/> 49157 <description> 49158 Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors. 49159 </description> 49160 </metadata> 49161 <!-- e8a17727b5ca4754a7c066ed49b6d2d9 --> 49162 <criteria operator="AND"> 49163 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49164 <criteria operator="OR"> 49165 <criterion test_ref="oval:org.opensuse.security:tst:2009076862" comment="MozillaFirefox-branding-SLED less than 7-0.10.4"/> 49166 <criterion test_ref="oval:org.opensuse.security:tst:2009076863" comment="MozillaFirefox-translations less than 17.0.4esr-0.7.1"/> 49167 <criterion test_ref="oval:org.opensuse.security:tst:2009076864" comment="MozillaFirefox less than 17.0.4esr-0.7.1"/> 49168 <criterion test_ref="oval:org.opensuse.security:tst:2009076865" comment="mhtml-firefox less than 0.5-1.13.4"/> 49169 <criterion test_ref="oval:org.opensuse.security:tst:2009076866" comment="mozilla-nspr-32bit less than 4.9.4-0.6.3"/> 49170 <criterion test_ref="oval:org.opensuse.security:tst:2009076867" comment="mozilla-nspr-devel less than 4.9.4-0.6.3"/> 49171 <criterion test_ref="oval:org.opensuse.security:tst:2009076868" comment="mozilla-nspr less than 4.9.4-0.6.3"/> 49172 <criterion test_ref="oval:org.opensuse.security:tst:2009076869" comment="mozilla-nss-32bit less than 3.14.1-0.6.3"/> 49173 <criterion test_ref="oval:org.opensuse.security:tst:2009076870" comment="mozilla-nss-devel less than 3.14.1-0.6.3"/> 49174 <criterion test_ref="oval:org.opensuse.security:tst:2009076871" comment="mozilla-nss-tools less than 3.14.1-0.6.3"/> 49175 <criterion test_ref="oval:org.opensuse.security:tst:2009076872" comment="mozilla-nss less than 3.14.1-0.6.3"/> 49176 </criteria> 49177 </criteria> 49178 </definition> 49179 <definition id="oval:org.opensuse.security:def:20130775" version="1" class="vulnerability"> 49180 <metadata> 49181 <title>CVE-2013-0775</title> 49182 <affected family="unix"> 49183 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49184 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49185 </affected> 49186 <reference ref_id="CVE-2013-0775" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0775" source="CVE"/> 49187 <description> 49188 Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via crafted web script. 49189 </description> 49190 </metadata> 49191 <!-- e8a17727b5ca4754a7c066ed49b6d2d9 --> 49192 <criteria operator="AND"> 49193 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49194 <criteria operator="OR"> 49195 <criterion test_ref="oval:org.opensuse.security:tst:2009076862" comment="MozillaFirefox-branding-SLED less than 7-0.10.4"/> 49196 <criterion test_ref="oval:org.opensuse.security:tst:2009076863" comment="MozillaFirefox-translations less than 17.0.4esr-0.7.1"/> 49197 <criterion test_ref="oval:org.opensuse.security:tst:2009076864" comment="MozillaFirefox less than 17.0.4esr-0.7.1"/> 49198 <criterion test_ref="oval:org.opensuse.security:tst:2009076865" comment="mhtml-firefox less than 0.5-1.13.4"/> 49199 <criterion test_ref="oval:org.opensuse.security:tst:2009076866" comment="mozilla-nspr-32bit less than 4.9.4-0.6.3"/> 49200 <criterion test_ref="oval:org.opensuse.security:tst:2009076867" comment="mozilla-nspr-devel less than 4.9.4-0.6.3"/> 49201 <criterion test_ref="oval:org.opensuse.security:tst:2009076868" comment="mozilla-nspr less than 4.9.4-0.6.3"/> 49202 <criterion test_ref="oval:org.opensuse.security:tst:2009076869" comment="mozilla-nss-32bit less than 3.14.1-0.6.3"/> 49203 <criterion test_ref="oval:org.opensuse.security:tst:2009076870" comment="mozilla-nss-devel less than 3.14.1-0.6.3"/> 49204 <criterion test_ref="oval:org.opensuse.security:tst:2009076871" comment="mozilla-nss-tools less than 3.14.1-0.6.3"/> 49205 <criterion test_ref="oval:org.opensuse.security:tst:2009076872" comment="mozilla-nss less than 3.14.1-0.6.3"/> 49206 </criteria> 49207 </criteria> 49208 </definition> 49209 <definition id="oval:org.opensuse.security:def:20130776" version="1" class="vulnerability"> 49210 <metadata> 49211 <title>CVE-2013-0776</title> 49212 <affected family="unix"> 49213 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49214 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49215 </affected> 49216 <reference ref_id="CVE-2013-0776" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0776" source="CVE"/> 49217 <description> 49218 Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script, as demonstrated by a phishing attack on an HTTPS site. 49219 </description> 49220 </metadata> 49221 <!-- e8a17727b5ca4754a7c066ed49b6d2d9 --> 49222 <criteria operator="AND"> 49223 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49224 <criteria operator="OR"> 49225 <criterion test_ref="oval:org.opensuse.security:tst:2009076862" comment="MozillaFirefox-branding-SLED less than 7-0.10.4"/> 49226 <criterion test_ref="oval:org.opensuse.security:tst:2009076863" comment="MozillaFirefox-translations less than 17.0.4esr-0.7.1"/> 49227 <criterion test_ref="oval:org.opensuse.security:tst:2009076864" comment="MozillaFirefox less than 17.0.4esr-0.7.1"/> 49228 <criterion test_ref="oval:org.opensuse.security:tst:2009076865" comment="mhtml-firefox less than 0.5-1.13.4"/> 49229 <criterion test_ref="oval:org.opensuse.security:tst:2009076866" comment="mozilla-nspr-32bit less than 4.9.4-0.6.3"/> 49230 <criterion test_ref="oval:org.opensuse.security:tst:2009076867" comment="mozilla-nspr-devel less than 4.9.4-0.6.3"/> 49231 <criterion test_ref="oval:org.opensuse.security:tst:2009076868" comment="mozilla-nspr less than 4.9.4-0.6.3"/> 49232 <criterion test_ref="oval:org.opensuse.security:tst:2009076869" comment="mozilla-nss-32bit less than 3.14.1-0.6.3"/> 49233 <criterion test_ref="oval:org.opensuse.security:tst:2009076870" comment="mozilla-nss-devel less than 3.14.1-0.6.3"/> 49234 <criterion test_ref="oval:org.opensuse.security:tst:2009076871" comment="mozilla-nss-tools less than 3.14.1-0.6.3"/> 49235 <criterion test_ref="oval:org.opensuse.security:tst:2009076872" comment="mozilla-nss less than 3.14.1-0.6.3"/> 49236 </criteria> 49237 </criteria> 49238 </definition> 49239 <definition id="oval:org.opensuse.security:def:20130780" version="1" class="vulnerability"> 49240 <metadata> 49241 <title>CVE-2013-0780</title> 49242 <affected family="unix"> 49243 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49244 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49245 </affected> 49246 <reference ref_id="CVE-2013-0780" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0780" source="CVE"/> 49247 <description> 49248 Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document that uses Cascading Style Sheets (CSS) -moz-column-* properties. 49249 </description> 49250 </metadata> 49251 <!-- e8a17727b5ca4754a7c066ed49b6d2d9 --> 49252 <criteria operator="AND"> 49253 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49254 <criteria operator="OR"> 49255 <criterion test_ref="oval:org.opensuse.security:tst:2009076862" comment="MozillaFirefox-branding-SLED less than 7-0.10.4"/> 49256 <criterion test_ref="oval:org.opensuse.security:tst:2009076863" comment="MozillaFirefox-translations less than 17.0.4esr-0.7.1"/> 49257 <criterion test_ref="oval:org.opensuse.security:tst:2009076864" comment="MozillaFirefox less than 17.0.4esr-0.7.1"/> 49258 <criterion test_ref="oval:org.opensuse.security:tst:2009076865" comment="mhtml-firefox less than 0.5-1.13.4"/> 49259 <criterion test_ref="oval:org.opensuse.security:tst:2009076866" comment="mozilla-nspr-32bit less than 4.9.4-0.6.3"/> 49260 <criterion test_ref="oval:org.opensuse.security:tst:2009076867" comment="mozilla-nspr-devel less than 4.9.4-0.6.3"/> 49261 <criterion test_ref="oval:org.opensuse.security:tst:2009076868" comment="mozilla-nspr less than 4.9.4-0.6.3"/> 49262 <criterion test_ref="oval:org.opensuse.security:tst:2009076869" comment="mozilla-nss-32bit less than 3.14.1-0.6.3"/> 49263 <criterion test_ref="oval:org.opensuse.security:tst:2009076870" comment="mozilla-nss-devel less than 3.14.1-0.6.3"/> 49264 <criterion test_ref="oval:org.opensuse.security:tst:2009076871" comment="mozilla-nss-tools less than 3.14.1-0.6.3"/> 49265 <criterion test_ref="oval:org.opensuse.security:tst:2009076872" comment="mozilla-nss less than 3.14.1-0.6.3"/> 49266 </criteria> 49267 </criteria> 49268 </definition> 49269 <definition id="oval:org.opensuse.security:def:20130782" version="1" class="vulnerability"> 49270 <metadata> 49271 <title>CVE-2013-0782</title> 49272 <affected family="unix"> 49273 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49274 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49275 </affected> 49276 <reference ref_id="CVE-2013-0782" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0782" source="CVE"/> 49277 <description> 49278 Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via unspecified vectors. 49279 </description> 49280 </metadata> 49281 <!-- e8a17727b5ca4754a7c066ed49b6d2d9 --> 49282 <criteria operator="AND"> 49283 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49284 <criteria operator="OR"> 49285 <criterion test_ref="oval:org.opensuse.security:tst:2009076862" comment="MozillaFirefox-branding-SLED less than 7-0.10.4"/> 49286 <criterion test_ref="oval:org.opensuse.security:tst:2009076863" comment="MozillaFirefox-translations less than 17.0.4esr-0.7.1"/> 49287 <criterion test_ref="oval:org.opensuse.security:tst:2009076864" comment="MozillaFirefox less than 17.0.4esr-0.7.1"/> 49288 <criterion test_ref="oval:org.opensuse.security:tst:2009076865" comment="mhtml-firefox less than 0.5-1.13.4"/> 49289 <criterion test_ref="oval:org.opensuse.security:tst:2009076866" comment="mozilla-nspr-32bit less than 4.9.4-0.6.3"/> 49290 <criterion test_ref="oval:org.opensuse.security:tst:2009076867" comment="mozilla-nspr-devel less than 4.9.4-0.6.3"/> 49291 <criterion test_ref="oval:org.opensuse.security:tst:2009076868" comment="mozilla-nspr less than 4.9.4-0.6.3"/> 49292 <criterion test_ref="oval:org.opensuse.security:tst:2009076869" comment="mozilla-nss-32bit less than 3.14.1-0.6.3"/> 49293 <criterion test_ref="oval:org.opensuse.security:tst:2009076870" comment="mozilla-nss-devel less than 3.14.1-0.6.3"/> 49294 <criterion test_ref="oval:org.opensuse.security:tst:2009076871" comment="mozilla-nss-tools less than 3.14.1-0.6.3"/> 49295 <criterion test_ref="oval:org.opensuse.security:tst:2009076872" comment="mozilla-nss less than 3.14.1-0.6.3"/> 49296 </criteria> 49297 </criteria> 49298 </definition> 49299 <definition id="oval:org.opensuse.security:def:20130783" version="1" class="vulnerability"> 49300 <metadata> 49301 <title>CVE-2013-0783</title> 49302 <affected family="unix"> 49303 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49304 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49305 </affected> 49306 <reference ref_id="CVE-2013-0783" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0783" source="CVE"/> 49307 <description> 49308 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 49309 </description> 49310 </metadata> 49311 <!-- e8a17727b5ca4754a7c066ed49b6d2d9 --> 49312 <criteria operator="AND"> 49313 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49314 <criteria operator="OR"> 49315 <criterion test_ref="oval:org.opensuse.security:tst:2009076862" comment="MozillaFirefox-branding-SLED less than 7-0.10.4"/> 49316 <criterion test_ref="oval:org.opensuse.security:tst:2009076863" comment="MozillaFirefox-translations less than 17.0.4esr-0.7.1"/> 49317 <criterion test_ref="oval:org.opensuse.security:tst:2009076864" comment="MozillaFirefox less than 17.0.4esr-0.7.1"/> 49318 <criterion test_ref="oval:org.opensuse.security:tst:2009076865" comment="mhtml-firefox less than 0.5-1.13.4"/> 49319 <criterion test_ref="oval:org.opensuse.security:tst:2009076866" comment="mozilla-nspr-32bit less than 4.9.4-0.6.3"/> 49320 <criterion test_ref="oval:org.opensuse.security:tst:2009076867" comment="mozilla-nspr-devel less than 4.9.4-0.6.3"/> 49321 <criterion test_ref="oval:org.opensuse.security:tst:2009076868" comment="mozilla-nspr less than 4.9.4-0.6.3"/> 49322 <criterion test_ref="oval:org.opensuse.security:tst:2009076869" comment="mozilla-nss-32bit less than 3.14.1-0.6.3"/> 49323 <criterion test_ref="oval:org.opensuse.security:tst:2009076870" comment="mozilla-nss-devel less than 3.14.1-0.6.3"/> 49324 <criterion test_ref="oval:org.opensuse.security:tst:2009076871" comment="mozilla-nss-tools less than 3.14.1-0.6.3"/> 49325 <criterion test_ref="oval:org.opensuse.security:tst:2009076872" comment="mozilla-nss less than 3.14.1-0.6.3"/> 49326 </criteria> 49327 </criteria> 49328 </definition> 49329 <definition id="oval:org.opensuse.security:def:20130787" version="1" class="vulnerability"> 49330 <metadata> 49331 <title>CVE-2013-0787</title> 49332 <affected family="unix"> 49333 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49334 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49335 </affected> 49336 <reference ref_id="CVE-2013-0787" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0787" source="CVE"/> 49337 <description> 49338 Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call. 49339 </description> 49340 </metadata> 49341 <!-- e8a17727b5ca4754a7c066ed49b6d2d9 --> 49342 <criteria operator="AND"> 49343 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49344 <criteria operator="OR"> 49345 <criterion test_ref="oval:org.opensuse.security:tst:2009076862" comment="MozillaFirefox-branding-SLED less than 7-0.10.4"/> 49346 <criterion test_ref="oval:org.opensuse.security:tst:2009076863" comment="MozillaFirefox-translations less than 17.0.4esr-0.7.1"/> 49347 <criterion test_ref="oval:org.opensuse.security:tst:2009076864" comment="MozillaFirefox less than 17.0.4esr-0.7.1"/> 49348 <criterion test_ref="oval:org.opensuse.security:tst:2009076865" comment="mhtml-firefox less than 0.5-1.13.4"/> 49349 <criterion test_ref="oval:org.opensuse.security:tst:2009076866" comment="mozilla-nspr-32bit less than 4.9.4-0.6.3"/> 49350 <criterion test_ref="oval:org.opensuse.security:tst:2009076867" comment="mozilla-nspr-devel less than 4.9.4-0.6.3"/> 49351 <criterion test_ref="oval:org.opensuse.security:tst:2009076868" comment="mozilla-nspr less than 4.9.4-0.6.3"/> 49352 <criterion test_ref="oval:org.opensuse.security:tst:2009076869" comment="mozilla-nss-32bit less than 3.14.1-0.6.3"/> 49353 <criterion test_ref="oval:org.opensuse.security:tst:2009076870" comment="mozilla-nss-devel less than 3.14.1-0.6.3"/> 49354 <criterion test_ref="oval:org.opensuse.security:tst:2009076871" comment="mozilla-nss-tools less than 3.14.1-0.6.3"/> 49355 <criterion test_ref="oval:org.opensuse.security:tst:2009076872" comment="mozilla-nss less than 3.14.1-0.6.3"/> 49356 </criteria> 49357 </criteria> 49358 </definition> 49359 <definition id="oval:org.opensuse.security:def:20130788" version="1" class="vulnerability"> 49360 <metadata> 49361 <title>CVE-2013-0788</title> 49362 <affected family="unix"> 49363 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49364 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49365 </affected> 49366 <reference ref_id="CVE-2013-0788" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0788" source="CVE"/> 49367 <description> 49368 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 49369 </description> 49370 </metadata> 49371 <criteria operator="OR"> 49372 <!-- bb37c4e63c825ec7312dcfd2614bcab2 --> 49373 <criteria operator="AND"> 49374 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49375 <criteria operator="OR"> 49376 <criterion test_ref="oval:org.opensuse.security:tst:2009076997" comment="MozillaFirefox-branding-SLED less than 7-0.10.11"/> 49377 <criterion test_ref="oval:org.opensuse.security:tst:2009076998" comment="MozillaFirefox-translations less than 17.0.5esr-0.8.1"/> 49378 <criterion test_ref="oval:org.opensuse.security:tst:2009076999" comment="MozillaFirefox less than 17.0.5esr-0.8.1"/> 49379 <criterion test_ref="oval:org.opensuse.security:tst:2009077000" comment="mozilla-nspr-32bit less than 4.9.6-0.5.1"/> 49380 <criterion test_ref="oval:org.opensuse.security:tst:2009077001" comment="mozilla-nspr-devel less than 4.9.6-0.5.1"/> 49381 <criterion test_ref="oval:org.opensuse.security:tst:2009077002" comment="mozilla-nspr less than 4.9.6-0.5.1"/> 49382 <criterion test_ref="oval:org.opensuse.security:tst:2009077003" comment="mozilla-nss-32bit less than 3.14.3-0.5.1"/> 49383 <criterion test_ref="oval:org.opensuse.security:tst:2009077004" comment="mozilla-nss-devel less than 3.14.3-0.5.1"/> 49384 <criterion test_ref="oval:org.opensuse.security:tst:2009077005" comment="mozilla-nss-tools less than 3.14.3-0.5.1"/> 49385 <criterion test_ref="oval:org.opensuse.security:tst:2009077006" comment="mozilla-nss less than 3.14.3-0.5.1"/> 49386 </criteria> 49387 </criteria> 49388 <!-- e59d3899bcb89883ea3648e8d94fbf3c --> 49389 <criteria operator="AND"> 49390 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49391 <criteria operator="OR"> 49392 <criterion test_ref="oval:org.opensuse.security:tst:2009077308" comment="MozillaFirefox-translations less than 17.0.6esr-0.8.1"/> 49393 <criterion test_ref="oval:org.opensuse.security:tst:2009077309" comment="MozillaFirefox less than 17.0.6esr-0.8.1"/> 49394 </criteria> 49395 </criteria> 49396 </criteria> 49397 </definition> 49398 <definition id="oval:org.opensuse.security:def:20130789" version="1" class="vulnerability"> 49399 <metadata> 49400 <title>CVE-2013-0789</title> 49401 <affected family="unix"> 49402 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49403 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49404 </affected> 49405 <reference ref_id="CVE-2013-0789" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0789" source="CVE"/> 49406 <description> 49407 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0 and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsContentUtils::HoldJSObjects function and the nsAutoPtr class, and other vectors. 49408 </description> 49409 </metadata> 49410 <!-- bb37c4e63c825ec7312dcfd2614bcab2 --> 49411 <criteria operator="AND"> 49412 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49413 <criteria operator="OR"> 49414 <criterion test_ref="oval:org.opensuse.security:tst:2009076997" comment="MozillaFirefox-branding-SLED less than 7-0.10.11"/> 49415 <criterion test_ref="oval:org.opensuse.security:tst:2009076998" comment="MozillaFirefox-translations less than 17.0.5esr-0.8.1"/> 49416 <criterion test_ref="oval:org.opensuse.security:tst:2009076999" comment="MozillaFirefox less than 17.0.5esr-0.8.1"/> 49417 <criterion test_ref="oval:org.opensuse.security:tst:2009077000" comment="mozilla-nspr-32bit less than 4.9.6-0.5.1"/> 49418 <criterion test_ref="oval:org.opensuse.security:tst:2009077001" comment="mozilla-nspr-devel less than 4.9.6-0.5.1"/> 49419 <criterion test_ref="oval:org.opensuse.security:tst:2009077002" comment="mozilla-nspr less than 4.9.6-0.5.1"/> 49420 <criterion test_ref="oval:org.opensuse.security:tst:2009077003" comment="mozilla-nss-32bit less than 3.14.3-0.5.1"/> 49421 <criterion test_ref="oval:org.opensuse.security:tst:2009077004" comment="mozilla-nss-devel less than 3.14.3-0.5.1"/> 49422 <criterion test_ref="oval:org.opensuse.security:tst:2009077005" comment="mozilla-nss-tools less than 3.14.3-0.5.1"/> 49423 <criterion test_ref="oval:org.opensuse.security:tst:2009077006" comment="mozilla-nss less than 3.14.3-0.5.1"/> 49424 </criteria> 49425 </criteria> 49426 </definition> 49427 <definition id="oval:org.opensuse.security:def:20130790" version="1" class="vulnerability"> 49428 <metadata> 49429 <title>CVE-2013-0790</title> 49430 <affected family="unix"> 49431 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49432 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49433 </affected> 49434 <reference ref_id="CVE-2013-0790" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0790" source="CVE"/> 49435 <description> 49436 Unspecified vulnerability in the browser engine in Mozilla Firefox before 20.0 on Android allows remote attackers to cause a denial of service (stack memory corruption and application crash) or possibly execute arbitrary code via unknown vectors involving a plug-in. 49437 </description> 49438 </metadata> 49439 <!-- bb37c4e63c825ec7312dcfd2614bcab2 --> 49440 <criteria operator="AND"> 49441 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49442 <criteria operator="OR"> 49443 <criterion test_ref="oval:org.opensuse.security:tst:2009076997" comment="MozillaFirefox-branding-SLED less than 7-0.10.11"/> 49444 <criterion test_ref="oval:org.opensuse.security:tst:2009076998" comment="MozillaFirefox-translations less than 17.0.5esr-0.8.1"/> 49445 <criterion test_ref="oval:org.opensuse.security:tst:2009076999" comment="MozillaFirefox less than 17.0.5esr-0.8.1"/> 49446 <criterion test_ref="oval:org.opensuse.security:tst:2009077000" comment="mozilla-nspr-32bit less than 4.9.6-0.5.1"/> 49447 <criterion test_ref="oval:org.opensuse.security:tst:2009077001" comment="mozilla-nspr-devel less than 4.9.6-0.5.1"/> 49448 <criterion test_ref="oval:org.opensuse.security:tst:2009077002" comment="mozilla-nspr less than 4.9.6-0.5.1"/> 49449 <criterion test_ref="oval:org.opensuse.security:tst:2009077003" comment="mozilla-nss-32bit less than 3.14.3-0.5.1"/> 49450 <criterion test_ref="oval:org.opensuse.security:tst:2009077004" comment="mozilla-nss-devel less than 3.14.3-0.5.1"/> 49451 <criterion test_ref="oval:org.opensuse.security:tst:2009077005" comment="mozilla-nss-tools less than 3.14.3-0.5.1"/> 49452 <criterion test_ref="oval:org.opensuse.security:tst:2009077006" comment="mozilla-nss less than 3.14.3-0.5.1"/> 49453 </criteria> 49454 </criteria> 49455 </definition> 49456 <definition id="oval:org.opensuse.security:def:20130791" version="1" class="vulnerability"> 49457 <metadata> 49458 <title>CVE-2013-0791</title> 49459 <affected family="unix"> 49460 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49461 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49462 </affected> 49463 <reference ref_id="CVE-2013-0791" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0791" source="CVE"/> 49464 <description> 49465 The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate. 49466 </description> 49467 </metadata> 49468 <criteria operator="OR"> 49469 <!-- bb37c4e63c825ec7312dcfd2614bcab2 --> 49470 <criteria operator="AND"> 49471 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49472 <criteria operator="OR"> 49473 <criterion test_ref="oval:org.opensuse.security:tst:2009076997" comment="MozillaFirefox-branding-SLED less than 7-0.10.11"/> 49474 <criterion test_ref="oval:org.opensuse.security:tst:2009076998" comment="MozillaFirefox-translations less than 17.0.5esr-0.8.1"/> 49475 <criterion test_ref="oval:org.opensuse.security:tst:2009076999" comment="MozillaFirefox less than 17.0.5esr-0.8.1"/> 49476 <criterion test_ref="oval:org.opensuse.security:tst:2009077000" comment="mozilla-nspr-32bit less than 4.9.6-0.5.1"/> 49477 <criterion test_ref="oval:org.opensuse.security:tst:2009077001" comment="mozilla-nspr-devel less than 4.9.6-0.5.1"/> 49478 <criterion test_ref="oval:org.opensuse.security:tst:2009077002" comment="mozilla-nspr less than 4.9.6-0.5.1"/> 49479 <criterion test_ref="oval:org.opensuse.security:tst:2009077003" comment="mozilla-nss-32bit less than 3.14.3-0.5.1"/> 49480 <criterion test_ref="oval:org.opensuse.security:tst:2009077004" comment="mozilla-nss-devel less than 3.14.3-0.5.1"/> 49481 <criterion test_ref="oval:org.opensuse.security:tst:2009077005" comment="mozilla-nss-tools less than 3.14.3-0.5.1"/> 49482 <criterion test_ref="oval:org.opensuse.security:tst:2009077006" comment="mozilla-nss less than 3.14.3-0.5.1"/> 49483 </criteria> 49484 </criteria> 49485 <!-- e59d3899bcb89883ea3648e8d94fbf3c --> 49486 <criteria operator="AND"> 49487 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49488 <criteria operator="OR"> 49489 <criterion test_ref="oval:org.opensuse.security:tst:2009077308" comment="MozillaFirefox-translations less than 17.0.6esr-0.8.1"/> 49490 <criterion test_ref="oval:org.opensuse.security:tst:2009077309" comment="MozillaFirefox less than 17.0.6esr-0.8.1"/> 49491 </criteria> 49492 </criteria> 49493 </criteria> 49494 </definition> 49495 <definition id="oval:org.opensuse.security:def:20130792" version="1" class="vulnerability"> 49496 <metadata> 49497 <title>CVE-2013-0792</title> 49498 <affected family="unix"> 49499 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49500 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49501 </affected> 49502 <reference ref_id="CVE-2013-0792" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0792" source="CVE"/> 49503 <description> 49504 Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_management.enablev4 is used, do not properly handle color profiles during PNG rendering, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a grayscale PNG image. 49505 </description> 49506 </metadata> 49507 <criteria operator="OR"> 49508 <!-- bb37c4e63c825ec7312dcfd2614bcab2 --> 49509 <criteria operator="AND"> 49510 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49511 <criteria operator="OR"> 49512 <criterion test_ref="oval:org.opensuse.security:tst:2009076997" comment="MozillaFirefox-branding-SLED less than 7-0.10.11"/> 49513 <criterion test_ref="oval:org.opensuse.security:tst:2009076998" comment="MozillaFirefox-translations less than 17.0.5esr-0.8.1"/> 49514 <criterion test_ref="oval:org.opensuse.security:tst:2009076999" comment="MozillaFirefox less than 17.0.5esr-0.8.1"/> 49515 <criterion test_ref="oval:org.opensuse.security:tst:2009077000" comment="mozilla-nspr-32bit less than 4.9.6-0.5.1"/> 49516 <criterion test_ref="oval:org.opensuse.security:tst:2009077001" comment="mozilla-nspr-devel less than 4.9.6-0.5.1"/> 49517 <criterion test_ref="oval:org.opensuse.security:tst:2009077002" comment="mozilla-nspr less than 4.9.6-0.5.1"/> 49518 <criterion test_ref="oval:org.opensuse.security:tst:2009077003" comment="mozilla-nss-32bit less than 3.14.3-0.5.1"/> 49519 <criterion test_ref="oval:org.opensuse.security:tst:2009077004" comment="mozilla-nss-devel less than 3.14.3-0.5.1"/> 49520 <criterion test_ref="oval:org.opensuse.security:tst:2009077005" comment="mozilla-nss-tools less than 3.14.3-0.5.1"/> 49521 <criterion test_ref="oval:org.opensuse.security:tst:2009077006" comment="mozilla-nss less than 3.14.3-0.5.1"/> 49522 </criteria> 49523 </criteria> 49524 <!-- e59d3899bcb89883ea3648e8d94fbf3c --> 49525 <criteria operator="AND"> 49526 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49527 <criteria operator="OR"> 49528 <criterion test_ref="oval:org.opensuse.security:tst:2009077308" comment="MozillaFirefox-translations less than 17.0.6esr-0.8.1"/> 49529 <criterion test_ref="oval:org.opensuse.security:tst:2009077309" comment="MozillaFirefox less than 17.0.6esr-0.8.1"/> 49530 </criteria> 49531 </criteria> 49532 </criteria> 49533 </definition> 49534 <definition id="oval:org.opensuse.security:def:20130793" version="1" class="vulnerability"> 49535 <metadata> 49536 <title>CVE-2013-0793</title> 49537 <affected family="unix"> 49538 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49539 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49540 </affected> 49541 <reference ref_id="CVE-2013-0793" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0793" source="CVE"/> 49542 <description> 49543 Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing. 49544 </description> 49545 </metadata> 49546 <!-- e59d3899bcb89883ea3648e8d94fbf3c --> 49547 <criteria operator="AND"> 49548 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49549 <criteria operator="OR"> 49550 <criterion test_ref="oval:org.opensuse.security:tst:2009077308" comment="MozillaFirefox-translations less than 17.0.6esr-0.8.1"/> 49551 <criterion test_ref="oval:org.opensuse.security:tst:2009077309" comment="MozillaFirefox less than 17.0.6esr-0.8.1"/> 49552 </criteria> 49553 </criteria> 49554 </definition> 49555 <definition id="oval:org.opensuse.security:def:20130794" version="1" class="vulnerability"> 49556 <metadata> 49557 <title>CVE-2013-0794</title> 49558 <affected family="unix"> 49559 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49560 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49561 </affected> 49562 <reference ref_id="CVE-2013-0794" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0794" source="CVE"/> 49563 <description> 49564 Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent origin spoofing of tab-modal dialogs, which allows remote attackers to conduct phishing attacks via a crafted web site. 49565 </description> 49566 </metadata> 49567 <criteria operator="OR"> 49568 <!-- bb37c4e63c825ec7312dcfd2614bcab2 --> 49569 <criteria operator="AND"> 49570 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49571 <criteria operator="OR"> 49572 <criterion test_ref="oval:org.opensuse.security:tst:2009076997" comment="MozillaFirefox-branding-SLED less than 7-0.10.11"/> 49573 <criterion test_ref="oval:org.opensuse.security:tst:2009076998" comment="MozillaFirefox-translations less than 17.0.5esr-0.8.1"/> 49574 <criterion test_ref="oval:org.opensuse.security:tst:2009076999" comment="MozillaFirefox less than 17.0.5esr-0.8.1"/> 49575 <criterion test_ref="oval:org.opensuse.security:tst:2009077000" comment="mozilla-nspr-32bit less than 4.9.6-0.5.1"/> 49576 <criterion test_ref="oval:org.opensuse.security:tst:2009077001" comment="mozilla-nspr-devel less than 4.9.6-0.5.1"/> 49577 <criterion test_ref="oval:org.opensuse.security:tst:2009077002" comment="mozilla-nspr less than 4.9.6-0.5.1"/> 49578 <criterion test_ref="oval:org.opensuse.security:tst:2009077003" comment="mozilla-nss-32bit less than 3.14.3-0.5.1"/> 49579 <criterion test_ref="oval:org.opensuse.security:tst:2009077004" comment="mozilla-nss-devel less than 3.14.3-0.5.1"/> 49580 <criterion test_ref="oval:org.opensuse.security:tst:2009077005" comment="mozilla-nss-tools less than 3.14.3-0.5.1"/> 49581 <criterion test_ref="oval:org.opensuse.security:tst:2009077006" comment="mozilla-nss less than 3.14.3-0.5.1"/> 49582 </criteria> 49583 </criteria> 49584 <!-- e59d3899bcb89883ea3648e8d94fbf3c --> 49585 <criteria operator="AND"> 49586 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49587 <criteria operator="OR"> 49588 <criterion test_ref="oval:org.opensuse.security:tst:2009077308" comment="MozillaFirefox-translations less than 17.0.6esr-0.8.1"/> 49589 <criterion test_ref="oval:org.opensuse.security:tst:2009077309" comment="MozillaFirefox less than 17.0.6esr-0.8.1"/> 49590 </criteria> 49591 </criteria> 49592 </criteria> 49593 </definition> 49594 <definition id="oval:org.opensuse.security:def:20130795" version="1" class="vulnerability"> 49595 <metadata> 49596 <title>CVE-2013-0795</title> 49597 <affected family="unix"> 49598 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49599 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49600 </affected> 49601 <reference ref_id="CVE-2013-0795" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0795" source="CVE"/> 49602 <description> 49603 The System Only Wrapper (SOW) implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote attackers to bypass the Same Origin Policy or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site. 49604 </description> 49605 </metadata> 49606 <criteria operator="OR"> 49607 <!-- bb37c4e63c825ec7312dcfd2614bcab2 --> 49608 <criteria operator="AND"> 49609 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49610 <criteria operator="OR"> 49611 <criterion test_ref="oval:org.opensuse.security:tst:2009076997" comment="MozillaFirefox-branding-SLED less than 7-0.10.11"/> 49612 <criterion test_ref="oval:org.opensuse.security:tst:2009076998" comment="MozillaFirefox-translations less than 17.0.5esr-0.8.1"/> 49613 <criterion test_ref="oval:org.opensuse.security:tst:2009076999" comment="MozillaFirefox less than 17.0.5esr-0.8.1"/> 49614 <criterion test_ref="oval:org.opensuse.security:tst:2009077000" comment="mozilla-nspr-32bit less than 4.9.6-0.5.1"/> 49615 <criterion test_ref="oval:org.opensuse.security:tst:2009077001" comment="mozilla-nspr-devel less than 4.9.6-0.5.1"/> 49616 <criterion test_ref="oval:org.opensuse.security:tst:2009077002" comment="mozilla-nspr less than 4.9.6-0.5.1"/> 49617 <criterion test_ref="oval:org.opensuse.security:tst:2009077003" comment="mozilla-nss-32bit less than 3.14.3-0.5.1"/> 49618 <criterion test_ref="oval:org.opensuse.security:tst:2009077004" comment="mozilla-nss-devel less than 3.14.3-0.5.1"/> 49619 <criterion test_ref="oval:org.opensuse.security:tst:2009077005" comment="mozilla-nss-tools less than 3.14.3-0.5.1"/> 49620 <criterion test_ref="oval:org.opensuse.security:tst:2009077006" comment="mozilla-nss less than 3.14.3-0.5.1"/> 49621 </criteria> 49622 </criteria> 49623 <!-- e59d3899bcb89883ea3648e8d94fbf3c --> 49624 <criteria operator="AND"> 49625 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49626 <criteria operator="OR"> 49627 <criterion test_ref="oval:org.opensuse.security:tst:2009077308" comment="MozillaFirefox-translations less than 17.0.6esr-0.8.1"/> 49628 <criterion test_ref="oval:org.opensuse.security:tst:2009077309" comment="MozillaFirefox less than 17.0.6esr-0.8.1"/> 49629 </criteria> 49630 </criteria> 49631 </criteria> 49632 </definition> 49633 <definition id="oval:org.opensuse.security:def:20130796" version="1" class="vulnerability"> 49634 <metadata> 49635 <title>CVE-2013-0796</title> 49636 <affected family="unix"> 49637 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49638 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49639 </affected> 49640 <reference ref_id="CVE-2013-0796" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0796" source="CVE"/> 49641 <description> 49642 The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (free of unallocated memory) via unspecified vectors. 49643 </description> 49644 </metadata> 49645 <criteria operator="OR"> 49646 <!-- bb37c4e63c825ec7312dcfd2614bcab2 --> 49647 <criteria operator="AND"> 49648 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49649 <criteria operator="OR"> 49650 <criterion test_ref="oval:org.opensuse.security:tst:2009076997" comment="MozillaFirefox-branding-SLED less than 7-0.10.11"/> 49651 <criterion test_ref="oval:org.opensuse.security:tst:2009076998" comment="MozillaFirefox-translations less than 17.0.5esr-0.8.1"/> 49652 <criterion test_ref="oval:org.opensuse.security:tst:2009076999" comment="MozillaFirefox less than 17.0.5esr-0.8.1"/> 49653 <criterion test_ref="oval:org.opensuse.security:tst:2009077000" comment="mozilla-nspr-32bit less than 4.9.6-0.5.1"/> 49654 <criterion test_ref="oval:org.opensuse.security:tst:2009077001" comment="mozilla-nspr-devel less than 4.9.6-0.5.1"/> 49655 <criterion test_ref="oval:org.opensuse.security:tst:2009077002" comment="mozilla-nspr less than 4.9.6-0.5.1"/> 49656 <criterion test_ref="oval:org.opensuse.security:tst:2009077003" comment="mozilla-nss-32bit less than 3.14.3-0.5.1"/> 49657 <criterion test_ref="oval:org.opensuse.security:tst:2009077004" comment="mozilla-nss-devel less than 3.14.3-0.5.1"/> 49658 <criterion test_ref="oval:org.opensuse.security:tst:2009077005" comment="mozilla-nss-tools less than 3.14.3-0.5.1"/> 49659 <criterion test_ref="oval:org.opensuse.security:tst:2009077006" comment="mozilla-nss less than 3.14.3-0.5.1"/> 49660 </criteria> 49661 </criteria> 49662 <!-- e59d3899bcb89883ea3648e8d94fbf3c --> 49663 <criteria operator="AND"> 49664 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49665 <criteria operator="OR"> 49666 <criterion test_ref="oval:org.opensuse.security:tst:2009077308" comment="MozillaFirefox-translations less than 17.0.6esr-0.8.1"/> 49667 <criterion test_ref="oval:org.opensuse.security:tst:2009077309" comment="MozillaFirefox less than 17.0.6esr-0.8.1"/> 49668 </criteria> 49669 </criteria> 49670 </criteria> 49671 </definition> 49672 <definition id="oval:org.opensuse.security:def:20130797" version="1" class="vulnerability"> 49673 <metadata> 49674 <title>CVE-2013-0797</title> 49675 <affected family="unix"> 49676 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49677 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49678 </affected> 49679 <reference ref_id="CVE-2013-0797" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0797" source="CVE"/> 49680 <description> 49681 Untrusted search path vulnerability in the Mozilla Updater in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allows local users to gain privileges via a Trojan horse DLL file in an unspecified directory. 49682 </description> 49683 </metadata> 49684 <criteria operator="OR"> 49685 <!-- bb37c4e63c825ec7312dcfd2614bcab2 --> 49686 <criteria operator="AND"> 49687 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49688 <criteria operator="OR"> 49689 <criterion test_ref="oval:org.opensuse.security:tst:2009076997" comment="MozillaFirefox-branding-SLED less than 7-0.10.11"/> 49690 <criterion test_ref="oval:org.opensuse.security:tst:2009076998" comment="MozillaFirefox-translations less than 17.0.5esr-0.8.1"/> 49691 <criterion test_ref="oval:org.opensuse.security:tst:2009076999" comment="MozillaFirefox less than 17.0.5esr-0.8.1"/> 49692 <criterion test_ref="oval:org.opensuse.security:tst:2009077000" comment="mozilla-nspr-32bit less than 4.9.6-0.5.1"/> 49693 <criterion test_ref="oval:org.opensuse.security:tst:2009077001" comment="mozilla-nspr-devel less than 4.9.6-0.5.1"/> 49694 <criterion test_ref="oval:org.opensuse.security:tst:2009077002" comment="mozilla-nspr less than 4.9.6-0.5.1"/> 49695 <criterion test_ref="oval:org.opensuse.security:tst:2009077003" comment="mozilla-nss-32bit less than 3.14.3-0.5.1"/> 49696 <criterion test_ref="oval:org.opensuse.security:tst:2009077004" comment="mozilla-nss-devel less than 3.14.3-0.5.1"/> 49697 <criterion test_ref="oval:org.opensuse.security:tst:2009077005" comment="mozilla-nss-tools less than 3.14.3-0.5.1"/> 49698 <criterion test_ref="oval:org.opensuse.security:tst:2009077006" comment="mozilla-nss less than 3.14.3-0.5.1"/> 49699 </criteria> 49700 </criteria> 49701 <!-- e59d3899bcb89883ea3648e8d94fbf3c --> 49702 <criteria operator="AND"> 49703 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49704 <criteria operator="OR"> 49705 <criterion test_ref="oval:org.opensuse.security:tst:2009077308" comment="MozillaFirefox-translations less than 17.0.6esr-0.8.1"/> 49706 <criterion test_ref="oval:org.opensuse.security:tst:2009077309" comment="MozillaFirefox less than 17.0.6esr-0.8.1"/> 49707 </criteria> 49708 </criteria> 49709 </criteria> 49710 </definition> 49711 <definition id="oval:org.opensuse.security:def:20130798" version="1" class="vulnerability"> 49712 <metadata> 49713 <title>CVE-2013-0798</title> 49714 <affected family="unix"> 49715 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49716 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49717 </affected> 49718 <reference ref_id="CVE-2013-0798" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0798" source="CVE"/> 49719 <description> 49720 Mozilla Firefox before 20.0 on Android uses world-writable and world-readable permissions for the app_tmp installation directory in the local filesystem, which allows attackers to modify add-ons before installation via an application that leverages the time window during which app_tmp is used. 49721 </description> 49722 </metadata> 49723 <!-- bb37c4e63c825ec7312dcfd2614bcab2 --> 49724 <criteria operator="AND"> 49725 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49726 <criteria operator="OR"> 49727 <criterion test_ref="oval:org.opensuse.security:tst:2009076997" comment="MozillaFirefox-branding-SLED less than 7-0.10.11"/> 49728 <criterion test_ref="oval:org.opensuse.security:tst:2009076998" comment="MozillaFirefox-translations less than 17.0.5esr-0.8.1"/> 49729 <criterion test_ref="oval:org.opensuse.security:tst:2009076999" comment="MozillaFirefox less than 17.0.5esr-0.8.1"/> 49730 <criterion test_ref="oval:org.opensuse.security:tst:2009077000" comment="mozilla-nspr-32bit less than 4.9.6-0.5.1"/> 49731 <criterion test_ref="oval:org.opensuse.security:tst:2009077001" comment="mozilla-nspr-devel less than 4.9.6-0.5.1"/> 49732 <criterion test_ref="oval:org.opensuse.security:tst:2009077002" comment="mozilla-nspr less than 4.9.6-0.5.1"/> 49733 <criterion test_ref="oval:org.opensuse.security:tst:2009077003" comment="mozilla-nss-32bit less than 3.14.3-0.5.1"/> 49734 <criterion test_ref="oval:org.opensuse.security:tst:2009077004" comment="mozilla-nss-devel less than 3.14.3-0.5.1"/> 49735 <criterion test_ref="oval:org.opensuse.security:tst:2009077005" comment="mozilla-nss-tools less than 3.14.3-0.5.1"/> 49736 <criterion test_ref="oval:org.opensuse.security:tst:2009077006" comment="mozilla-nss less than 3.14.3-0.5.1"/> 49737 </criteria> 49738 </criteria> 49739 </definition> 49740 <definition id="oval:org.opensuse.security:def:20130799" version="1" class="vulnerability"> 49741 <metadata> 49742 <title>CVE-2013-0799</title> 49743 <affected family="unix"> 49744 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49745 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49746 </affected> 49747 <reference ref_id="CVE-2013-0799" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0799" source="CVE"/> 49748 <description> 49749 Buffer overflow in the Mozilla Maintenance Service in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, and Thunderbird ESR 17.x before 17.0.5 on Windows allows local users to gain privileges via crafted arguments. 49750 </description> 49751 </metadata> 49752 <criteria operator="OR"> 49753 <!-- bb37c4e63c825ec7312dcfd2614bcab2 --> 49754 <criteria operator="AND"> 49755 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49756 <criteria operator="OR"> 49757 <criterion test_ref="oval:org.opensuse.security:tst:2009076997" comment="MozillaFirefox-branding-SLED less than 7-0.10.11"/> 49758 <criterion test_ref="oval:org.opensuse.security:tst:2009076998" comment="MozillaFirefox-translations less than 17.0.5esr-0.8.1"/> 49759 <criterion test_ref="oval:org.opensuse.security:tst:2009076999" comment="MozillaFirefox less than 17.0.5esr-0.8.1"/> 49760 <criterion test_ref="oval:org.opensuse.security:tst:2009077000" comment="mozilla-nspr-32bit less than 4.9.6-0.5.1"/> 49761 <criterion test_ref="oval:org.opensuse.security:tst:2009077001" comment="mozilla-nspr-devel less than 4.9.6-0.5.1"/> 49762 <criterion test_ref="oval:org.opensuse.security:tst:2009077002" comment="mozilla-nspr less than 4.9.6-0.5.1"/> 49763 <criterion test_ref="oval:org.opensuse.security:tst:2009077003" comment="mozilla-nss-32bit less than 3.14.3-0.5.1"/> 49764 <criterion test_ref="oval:org.opensuse.security:tst:2009077004" comment="mozilla-nss-devel less than 3.14.3-0.5.1"/> 49765 <criterion test_ref="oval:org.opensuse.security:tst:2009077005" comment="mozilla-nss-tools less than 3.14.3-0.5.1"/> 49766 <criterion test_ref="oval:org.opensuse.security:tst:2009077006" comment="mozilla-nss less than 3.14.3-0.5.1"/> 49767 </criteria> 49768 </criteria> 49769 <!-- e59d3899bcb89883ea3648e8d94fbf3c --> 49770 <criteria operator="AND"> 49771 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49772 <criteria operator="OR"> 49773 <criterion test_ref="oval:org.opensuse.security:tst:2009077308" comment="MozillaFirefox-translations less than 17.0.6esr-0.8.1"/> 49774 <criterion test_ref="oval:org.opensuse.security:tst:2009077309" comment="MozillaFirefox less than 17.0.6esr-0.8.1"/> 49775 </criteria> 49776 </criteria> 49777 </criteria> 49778 </definition> 49779 <definition id="oval:org.opensuse.security:def:20130800" version="1" class="vulnerability"> 49780 <metadata> 49781 <title>CVE-2013-0800</title> 49782 <affected family="unix"> 49783 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49784 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49785 </affected> 49786 <reference ref_id="CVE-2013-0800" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0800" source="CVE"/> 49787 <description> 49788 Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation. 49789 </description> 49790 </metadata> 49791 <criteria operator="OR"> 49792 <!-- bb37c4e63c825ec7312dcfd2614bcab2 --> 49793 <criteria operator="AND"> 49794 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49795 <criteria operator="OR"> 49796 <criterion test_ref="oval:org.opensuse.security:tst:2009076997" comment="MozillaFirefox-branding-SLED less than 7-0.10.11"/> 49797 <criterion test_ref="oval:org.opensuse.security:tst:2009076998" comment="MozillaFirefox-translations less than 17.0.5esr-0.8.1"/> 49798 <criterion test_ref="oval:org.opensuse.security:tst:2009076999" comment="MozillaFirefox less than 17.0.5esr-0.8.1"/> 49799 <criterion test_ref="oval:org.opensuse.security:tst:2009077000" comment="mozilla-nspr-32bit less than 4.9.6-0.5.1"/> 49800 <criterion test_ref="oval:org.opensuse.security:tst:2009077001" comment="mozilla-nspr-devel less than 4.9.6-0.5.1"/> 49801 <criterion test_ref="oval:org.opensuse.security:tst:2009077002" comment="mozilla-nspr less than 4.9.6-0.5.1"/> 49802 <criterion test_ref="oval:org.opensuse.security:tst:2009077003" comment="mozilla-nss-32bit less than 3.14.3-0.5.1"/> 49803 <criterion test_ref="oval:org.opensuse.security:tst:2009077004" comment="mozilla-nss-devel less than 3.14.3-0.5.1"/> 49804 <criterion test_ref="oval:org.opensuse.security:tst:2009077005" comment="mozilla-nss-tools less than 3.14.3-0.5.1"/> 49805 <criterion test_ref="oval:org.opensuse.security:tst:2009077006" comment="mozilla-nss less than 3.14.3-0.5.1"/> 49806 </criteria> 49807 </criteria> 49808 <!-- e59d3899bcb89883ea3648e8d94fbf3c --> 49809 <criteria operator="AND"> 49810 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49811 <criteria operator="OR"> 49812 <criterion test_ref="oval:org.opensuse.security:tst:2009077308" comment="MozillaFirefox-translations less than 17.0.6esr-0.8.1"/> 49813 <criterion test_ref="oval:org.opensuse.security:tst:2009077309" comment="MozillaFirefox less than 17.0.6esr-0.8.1"/> 49814 </criteria> 49815 </criteria> 49816 </criteria> 49817 </definition> 49818 <definition id="oval:org.opensuse.security:def:20130809" version="1" class="vulnerability"> 49819 <metadata> 49820 <title>CVE-2013-0809</title> 49821 <affected family="unix"> 49822 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49823 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49824 </affected> 49825 <reference ref_id="CVE-2013-0809" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0809" source="CVE"/> 49826 <description> 49827 Unspecified vulnerability in the 2D component in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-1493. 49828 </description> 49829 </metadata> 49830 <!-- 68dff9a90877961ddadf162e06d37083 --> 49831 <criteria operator="AND"> 49832 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49833 <criteria operator="OR"> 49834 <criterion test_ref="oval:org.opensuse.security:tst:2009077068" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.1-0.5.1"/> 49835 <criterion test_ref="oval:org.opensuse.security:tst:2009077069" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.1-0.5.1"/> 49836 <criterion test_ref="oval:org.opensuse.security:tst:2009077070" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.1-0.5.1"/> 49837 <criterion test_ref="oval:org.opensuse.security:tst:2009077071" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.1-0.5.1"/> 49838 <criterion test_ref="oval:org.opensuse.security:tst:2009077072" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.1-0.5.1"/> 49839 <criterion test_ref="oval:org.opensuse.security:tst:2009077073" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.1-0.5.1"/> 49840 <criterion test_ref="oval:org.opensuse.security:tst:2009077074" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.1-0.5.1"/> 49841 <criterion test_ref="oval:org.opensuse.security:tst:2009077075" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.1-0.5.1"/> 49842 <criterion test_ref="oval:org.opensuse.security:tst:2009077076" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.1-0.5.1"/> 49843 <criterion test_ref="oval:org.opensuse.security:tst:2009077077" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.1-0.5.1"/> 49844 <criterion test_ref="oval:org.opensuse.security:tst:2009077078" comment="java-1_5_0-ibm less than 1.5.0_sr16.1-0.5.1"/> 49845 </criteria> 49846 </criteria> 49847 </definition> 49848 <definition id="oval:org.opensuse.security:def:20130871" version="1" class="vulnerability"> 49849 <metadata> 49850 <title>CVE-2013-0871</title> 49851 <affected family="unix"> 49852 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49853 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49854 </affected> 49855 <reference ref_id="CVE-2013-0871" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0871" source="CVE"/> 49856 <description> 49857 Race condition in the ptrace functionality in the Linux kernel before 3.7.5 allows local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death. 49858 </description> 49859 </metadata> 49860 <criteria operator="OR"> 49861 <!-- 2b51bf3e02179f8f70c7b2ada2571a2d --> 49862 <criteria operator="AND"> 49863 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49864 <criteria operator="OR"> 49865 <criterion test_ref="oval:org.opensuse.security:tst:2009077027" comment="kernel-bigsmp less than 2.6.16.60-0.101.1"/> 49866 <criterion test_ref="oval:org.opensuse.security:tst:2009077028" comment="kernel-default less than 2.6.16.60-0.101.1"/> 49867 <criterion test_ref="oval:org.opensuse.security:tst:2009077029" comment="kernel-smp less than 2.6.16.60-0.101.1"/> 49868 <criterion test_ref="oval:org.opensuse.security:tst:2009077030" comment="kernel-source less than 2.6.16.60-0.101.1"/> 49869 <criterion test_ref="oval:org.opensuse.security:tst:2009077031" comment="kernel-syms less than 2.6.16.60-0.101.1"/> 49870 <criterion test_ref="oval:org.opensuse.security:tst:2009077032" comment="kernel-xen less than 2.6.16.60-0.101.1"/> 49871 <criterion test_ref="oval:org.opensuse.security:tst:2009077033" comment="kernel-xenpae less than 2.6.16.60-0.101.1"/> 49872 </criteria> 49873 </criteria> 49874 <!-- ac5626f6e7f483c6dac1cc5fe253fcf9 --> 49875 <criteria operator="AND"> 49876 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49877 <criteria operator="OR"> 49878 <criterion test_ref="oval:org.opensuse.security:tst:2009077028" comment="kernel-default less than 2.6.16.60-0.101.1"/> 49879 <criterion test_ref="oval:org.opensuse.security:tst:2009077029" comment="kernel-smp less than 2.6.16.60-0.101.1"/> 49880 <criterion test_ref="oval:org.opensuse.security:tst:2009077030" comment="kernel-source less than 2.6.16.60-0.101.1"/> 49881 <criterion test_ref="oval:org.opensuse.security:tst:2009077031" comment="kernel-syms less than 2.6.16.60-0.101.1"/> 49882 <criterion test_ref="oval:org.opensuse.security:tst:2009077032" comment="kernel-xen less than 2.6.16.60-0.101.1"/> 49883 </criteria> 49884 </criteria> 49885 </criteria> 49886 </definition> 49887 <definition id="oval:org.opensuse.security:def:20131365" version="1" class="vulnerability"> 49888 <metadata> 49889 <title>CVE-2013-1365</title> 49890 <affected family="unix"> 49891 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49892 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49893 </affected> 49894 <reference ref_id="CVE-2013-1365" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1365" source="CVE"/> 49895 <description> 49896 Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. 49897 </description> 49898 </metadata> 49899 <!-- 3c1e2d8109d0393f30c137f2f4d16628 --> 49900 <criteria operator="AND"> 49901 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49902 <criterion test_ref="oval:org.opensuse.security:tst:2009076532" comment="flash-player less than 11.2.202.270-0.5.1"/> 49903 </criteria> 49904 </definition> 49905 <definition id="oval:org.opensuse.security:def:20131366" version="1" class="vulnerability"> 49906 <metadata> 49907 <title>CVE-2013-1366</title> 49908 <affected family="unix"> 49909 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49910 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49911 </affected> 49912 <reference ref_id="CVE-2013-1366" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1366" source="CVE"/> 49913 <description> 49914 Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. 49915 </description> 49916 </metadata> 49917 <!-- 3c1e2d8109d0393f30c137f2f4d16628 --> 49918 <criteria operator="AND"> 49919 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49920 <criterion test_ref="oval:org.opensuse.security:tst:2009076532" comment="flash-player less than 11.2.202.270-0.5.1"/> 49921 </criteria> 49922 </definition> 49923 <definition id="oval:org.opensuse.security:def:20131367" version="1" class="vulnerability"> 49924 <metadata> 49925 <title>CVE-2013-1367</title> 49926 <affected family="unix"> 49927 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49928 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49929 </affected> 49930 <reference ref_id="CVE-2013-1367" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1367" source="CVE"/> 49931 <description> 49932 Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. 49933 </description> 49934 </metadata> 49935 <!-- 3c1e2d8109d0393f30c137f2f4d16628 --> 49936 <criteria operator="AND"> 49937 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49938 <criterion test_ref="oval:org.opensuse.security:tst:2009076532" comment="flash-player less than 11.2.202.270-0.5.1"/> 49939 </criteria> 49940 </definition> 49941 <definition id="oval:org.opensuse.security:def:20131368" version="1" class="vulnerability"> 49942 <metadata> 49943 <title>CVE-2013-1368</title> 49944 <affected family="unix"> 49945 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49946 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49947 </affected> 49948 <reference ref_id="CVE-2013-1368" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1368" source="CVE"/> 49949 <description> 49950 Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. 49951 </description> 49952 </metadata> 49953 <!-- 3c1e2d8109d0393f30c137f2f4d16628 --> 49954 <criteria operator="AND"> 49955 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49956 <criterion test_ref="oval:org.opensuse.security:tst:2009076532" comment="flash-player less than 11.2.202.270-0.5.1"/> 49957 </criteria> 49958 </definition> 49959 <definition id="oval:org.opensuse.security:def:20131369" version="1" class="vulnerability"> 49960 <metadata> 49961 <title>CVE-2013-1369</title> 49962 <affected family="unix"> 49963 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49964 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49965 </affected> 49966 <reference ref_id="CVE-2013-1369" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1369" source="CVE"/> 49967 <description> 49968 Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. 49969 </description> 49970 </metadata> 49971 <!-- 3c1e2d8109d0393f30c137f2f4d16628 --> 49972 <criteria operator="AND"> 49973 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49974 <criterion test_ref="oval:org.opensuse.security:tst:2009076532" comment="flash-player less than 11.2.202.270-0.5.1"/> 49975 </criteria> 49976 </definition> 49977 <definition id="oval:org.opensuse.security:def:20131370" version="1" class="vulnerability"> 49978 <metadata> 49979 <title>CVE-2013-1370</title> 49980 <affected family="unix"> 49981 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 49982 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 49983 </affected> 49984 <reference ref_id="CVE-2013-1370" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1370" source="CVE"/> 49985 <description> 49986 Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1372, and CVE-2013-1373. 49987 </description> 49988 </metadata> 49989 <!-- 3c1e2d8109d0393f30c137f2f4d16628 --> 49990 <criteria operator="AND"> 49991 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 49992 <criterion test_ref="oval:org.opensuse.security:tst:2009076532" comment="flash-player less than 11.2.202.270-0.5.1"/> 49993 </criteria> 49994 </definition> 49995 <definition id="oval:org.opensuse.security:def:20131371" version="1" class="vulnerability"> 49996 <metadata> 49997 <title>CVE-2013-1371</title> 49998 <affected family="unix"> 49999 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50000 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50001 </affected> 50002 <reference ref_id="CVE-2013-1371" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1371" source="CVE"/> 50003 <description> 50004 Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. 50005 </description> 50006 </metadata> 50007 <!-- a590b251093353c9a532d47fac07b211 --> 50008 <criteria operator="AND"> 50009 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50010 <criterion test_ref="oval:org.opensuse.security:tst:2009076803" comment="flash-player less than 11.2.202.275-0.5.1"/> 50011 </criteria> 50012 </definition> 50013 <definition id="oval:org.opensuse.security:def:20131372" version="1" class="vulnerability"> 50014 <metadata> 50015 <title>CVE-2013-1372</title> 50016 <affected family="unix"> 50017 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50018 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50019 </affected> 50020 <reference ref_id="CVE-2013-1372" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1372" source="CVE"/> 50021 <description> 50022 Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, and CVE-2013-1373. 50023 </description> 50024 </metadata> 50025 <!-- 3c1e2d8109d0393f30c137f2f4d16628 --> 50026 <criteria operator="AND"> 50027 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50028 <criterion test_ref="oval:org.opensuse.security:tst:2009076532" comment="flash-player less than 11.2.202.270-0.5.1"/> 50029 </criteria> 50030 </definition> 50031 <definition id="oval:org.opensuse.security:def:20131373" version="1" class="vulnerability"> 50032 <metadata> 50033 <title>CVE-2013-1373</title> 50034 <affected family="unix"> 50035 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50036 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50037 </affected> 50038 <reference ref_id="CVE-2013-1373" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1373" source="CVE"/> 50039 <description> 50040 Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, and CVE-2013-1372. 50041 </description> 50042 </metadata> 50043 <!-- 3c1e2d8109d0393f30c137f2f4d16628 --> 50044 <criteria operator="AND"> 50045 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50046 <criterion test_ref="oval:org.opensuse.security:tst:2009076532" comment="flash-player less than 11.2.202.270-0.5.1"/> 50047 </criteria> 50048 </definition> 50049 <definition id="oval:org.opensuse.security:def:20131374" version="1" class="vulnerability"> 50050 <metadata> 50051 <title>CVE-2013-1374</title> 50052 <affected family="unix"> 50053 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50054 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50055 </affected> 50056 <reference ref_id="CVE-2013-1374" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1374" source="CVE"/> 50057 <description> 50058 Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0644 and CVE-2013-0649. 50059 </description> 50060 </metadata> 50061 <!-- 3c1e2d8109d0393f30c137f2f4d16628 --> 50062 <criteria operator="AND"> 50063 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50064 <criterion test_ref="oval:org.opensuse.security:tst:2009076532" comment="flash-player less than 11.2.202.270-0.5.1"/> 50065 </criteria> 50066 </definition> 50067 <definition id="oval:org.opensuse.security:def:20131375" version="1" class="vulnerability"> 50068 <metadata> 50069 <title>CVE-2013-1375</title> 50070 <affected family="unix"> 50071 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50072 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50073 </affected> 50074 <reference ref_id="CVE-2013-1375" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1375" source="CVE"/> 50075 <description> 50076 Heap-based buffer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors. 50077 </description> 50078 </metadata> 50079 <!-- a590b251093353c9a532d47fac07b211 --> 50080 <criteria operator="AND"> 50081 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50082 <criterion test_ref="oval:org.opensuse.security:tst:2009076803" comment="flash-player less than 11.2.202.275-0.5.1"/> 50083 </criteria> 50084 </definition> 50085 <definition id="oval:org.opensuse.security:def:20131378" version="1" class="vulnerability"> 50086 <metadata> 50087 <title>CVE-2013-1378</title> 50088 <affected family="unix"> 50089 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50090 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50091 </affected> 50092 <reference ref_id="CVE-2013-1378" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1378" source="CVE"/> 50093 <description> 50094 Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-1380. 50095 </description> 50096 </metadata> 50097 <!-- 43a0afb56e4fabafdd73f008f7cc5db2 --> 50098 <criteria operator="AND"> 50099 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50100 <criterion test_ref="oval:org.opensuse.security:tst:2009077034" comment="flash-player less than 11.2.202.280-0.5.1"/> 50101 </criteria> 50102 </definition> 50103 <definition id="oval:org.opensuse.security:def:20131379" version="1" class="vulnerability"> 50104 <metadata> 50105 <title>CVE-2013-1379</title> 50106 <affected family="unix"> 50107 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50108 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50109 </affected> 50110 <reference ref_id="CVE-2013-1379" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1379" source="CVE"/> 50111 <description> 50112 Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 do not properly initialize pointer arrays, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. 50113 </description> 50114 </metadata> 50115 <!-- 43a0afb56e4fabafdd73f008f7cc5db2 --> 50116 <criteria operator="AND"> 50117 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50118 <criterion test_ref="oval:org.opensuse.security:tst:2009077034" comment="flash-player less than 11.2.202.280-0.5.1"/> 50119 </criteria> 50120 </definition> 50121 <definition id="oval:org.opensuse.security:def:20131380" version="1" class="vulnerability"> 50122 <metadata> 50123 <title>CVE-2013-1380</title> 50124 <affected family="unix"> 50125 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50126 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50127 </affected> 50128 <reference ref_id="CVE-2013-1380" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1380" source="CVE"/> 50129 <description> 50130 Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-1378. 50131 </description> 50132 </metadata> 50133 <!-- 43a0afb56e4fabafdd73f008f7cc5db2 --> 50134 <criteria operator="AND"> 50135 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50136 <criterion test_ref="oval:org.opensuse.security:tst:2009077034" comment="flash-player less than 11.2.202.280-0.5.1"/> 50137 </criteria> 50138 </definition> 50139 <definition id="oval:org.opensuse.security:def:20131476" version="1" class="vulnerability"> 50140 <metadata> 50141 <title>CVE-2013-1476</title> 50142 <affected family="unix"> 50143 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50144 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50145 </affected> 50146 <reference ref_id="CVE-2013-1476" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1476" source="CVE"/> 50147 <description> 50148 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-0441 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via "certain value handler constructors." 50149 </description> 50150 </metadata> 50151 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 50152 <criteria operator="AND"> 50153 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50154 <criteria operator="OR"> 50155 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 50156 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 50157 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 50158 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 50159 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 50160 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 50161 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 50162 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 50163 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 50164 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 50165 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 50166 </criteria> 50167 </criteria> 50168 </definition> 50169 <definition id="oval:org.opensuse.security:def:20131478" version="1" class="vulnerability"> 50170 <metadata> 50171 <title>CVE-2013-1478</title> 50172 <affected family="unix"> 50173 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50174 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50175 </affected> 50176 <reference ref_id="CVE-2013-1478" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1478" source="CVE"/> 50177 <description> 50178 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" that can trigger an integer overflow and memory corruption. 50179 </description> 50180 </metadata> 50181 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 50182 <criteria operator="AND"> 50183 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50184 <criteria operator="OR"> 50185 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 50186 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 50187 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 50188 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 50189 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 50190 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 50191 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 50192 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 50193 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 50194 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 50195 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 50196 </criteria> 50197 </criteria> 50198 </definition> 50199 <definition id="oval:org.opensuse.security:def:20131480" version="1" class="vulnerability"> 50200 <metadata> 50201 <title>CVE-2013-1480</title> 50202 <affected family="unix"> 50203 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50204 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50205 </affected> 50206 <reference ref_id="CVE-2013-1480" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1480" source="CVE"/> 50207 <description> 50208 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption. 50209 </description> 50210 </metadata> 50211 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 50212 <criteria operator="AND"> 50213 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50214 <criteria operator="OR"> 50215 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 50216 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 50217 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 50218 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 50219 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 50220 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 50221 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 50222 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 50223 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 50224 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 50225 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 50226 </criteria> 50227 </criteria> 50228 </definition> 50229 <definition id="oval:org.opensuse.security:def:20131481" version="1" class="vulnerability"> 50230 <metadata> 50231 <title>CVE-2013-1481</title> 50232 <affected family="unix"> 50233 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50234 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50235 </affected> 50236 <reference ref_id="CVE-2013-1481" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1481" source="CVE"/> 50237 <description> 50238 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. 50239 </description> 50240 </metadata> 50241 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 50242 <criteria operator="AND"> 50243 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50244 <criteria operator="OR"> 50245 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 50246 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 50247 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 50248 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 50249 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 50250 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 50251 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 50252 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 50253 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 50254 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 50255 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 50256 </criteria> 50257 </criteria> 50258 </definition> 50259 <definition id="oval:org.opensuse.security:def:20131486" version="1" class="vulnerability"> 50260 <metadata> 50261 <title>CVE-2013-1486</title> 50262 <affected family="unix"> 50263 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50264 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50265 </affected> 50266 <reference ref_id="CVE-2013-1486" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1486" source="CVE"/> 50267 <description> 50268 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. 50269 </description> 50270 </metadata> 50271 <!-- f3e49a4d1f2884a3b859fbf98da12261 --> 50272 <criteria operator="AND"> 50273 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50274 <criteria operator="OR"> 50275 <criterion test_ref="oval:org.opensuse.security:tst:2009076851" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.0-0.6.1"/> 50276 <criterion test_ref="oval:org.opensuse.security:tst:2009076852" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.0-0.6.1"/> 50277 <criterion test_ref="oval:org.opensuse.security:tst:2009076853" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.0-0.6.1"/> 50278 <criterion test_ref="oval:org.opensuse.security:tst:2009076854" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.0-0.6.1"/> 50279 <criterion test_ref="oval:org.opensuse.security:tst:2009076855" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.0-0.6.1"/> 50280 <criterion test_ref="oval:org.opensuse.security:tst:2009076856" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.0-0.6.1"/> 50281 <criterion test_ref="oval:org.opensuse.security:tst:2009076857" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.0-0.6.1"/> 50282 <criterion test_ref="oval:org.opensuse.security:tst:2009076858" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.0-0.6.1"/> 50283 <criterion test_ref="oval:org.opensuse.security:tst:2009076859" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.0-0.6.1"/> 50284 <criterion test_ref="oval:org.opensuse.security:tst:2009076860" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.0-0.6.1"/> 50285 <criterion test_ref="oval:org.opensuse.security:tst:2009076861" comment="java-1_5_0-ibm less than 1.5.0_sr16.0-0.6.1"/> 50286 </criteria> 50287 </criteria> 50288 </definition> 50289 <definition id="oval:org.opensuse.security:def:20131491" version="1" class="vulnerability"> 50290 <metadata> 50291 <title>CVE-2013-1491</title> 50292 <affected family="unix"> 50293 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50294 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50295 </affected> 50296 <reference ref_id="CVE-2013-1491" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1491" source="CVE"/> 50297 <description> 50298 The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via vectors related to 2D, as demonstrated by Joshua Drake during a Pwn2Own competition at CanSecWest 2013. 50299 </description> 50300 </metadata> 50301 <!-- a36ba08c692a30308a29e6242e31eea2 --> 50302 <criteria operator="AND"> 50303 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50304 <criteria operator="OR"> 50305 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 50306 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 50307 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 50308 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 50309 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 50310 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 50311 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 50312 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 50313 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 50314 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 50315 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 50316 </criteria> 50317 </criteria> 50318 </definition> 50319 <definition id="oval:org.opensuse.security:def:20131493" version="1" class="vulnerability"> 50320 <metadata> 50321 <title>CVE-2013-1493</title> 50322 <affected family="unix"> 50323 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50324 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50325 </affected> 50326 <reference ref_id="CVE-2013-1493" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1493" source="CVE"/> 50327 <description> 50328 The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. 50329 </description> 50330 </metadata> 50331 <!-- 68dff9a90877961ddadf162e06d37083 --> 50332 <criteria operator="AND"> 50333 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50334 <criteria operator="OR"> 50335 <criterion test_ref="oval:org.opensuse.security:tst:2009077068" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.1-0.5.1"/> 50336 <criterion test_ref="oval:org.opensuse.security:tst:2009077069" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.1-0.5.1"/> 50337 <criterion test_ref="oval:org.opensuse.security:tst:2009077070" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.1-0.5.1"/> 50338 <criterion test_ref="oval:org.opensuse.security:tst:2009077071" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.1-0.5.1"/> 50339 <criterion test_ref="oval:org.opensuse.security:tst:2009077072" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.1-0.5.1"/> 50340 <criterion test_ref="oval:org.opensuse.security:tst:2009077073" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.1-0.5.1"/> 50341 <criterion test_ref="oval:org.opensuse.security:tst:2009077074" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.1-0.5.1"/> 50342 <criterion test_ref="oval:org.opensuse.security:tst:2009077075" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.1-0.5.1"/> 50343 <criterion test_ref="oval:org.opensuse.security:tst:2009077076" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.1-0.5.1"/> 50344 <criterion test_ref="oval:org.opensuse.security:tst:2009077077" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.1-0.5.1"/> 50345 <criterion test_ref="oval:org.opensuse.security:tst:2009077078" comment="java-1_5_0-ibm less than 1.5.0_sr16.1-0.5.1"/> 50346 </criteria> 50347 </criteria> 50348 </definition> 50349 <definition id="oval:org.opensuse.security:def:20131500" version="1" class="vulnerability"> 50350 <metadata> 50351 <title>CVE-2013-1500</title> 50352 <affected family="unix"> 50353 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50354 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50355 </affected> 50356 <reference ref_id="CVE-2013-1500" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1500" source="CVE"/> 50357 <description> 50358 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows local users to affect confidentiality and integrity via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to weak permissions for shared memory. 50359 </description> 50360 </metadata> 50361 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 50362 <criteria operator="AND"> 50363 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50364 <criteria operator="OR"> 50365 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 50366 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 50367 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 50368 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 50369 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 50370 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 50371 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 50372 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 50373 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 50374 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 50375 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 50376 </criteria> 50377 </criteria> 50378 </definition> 50379 <definition id="oval:org.opensuse.security:def:20131518" version="1" class="vulnerability"> 50380 <metadata> 50381 <title>CVE-2013-1518</title> 50382 <affected family="unix"> 50383 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50384 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50385 </affected> 50386 <reference ref_id="CVE-2013-1518" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1518" source="CVE"/> 50387 <description> 50388 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "missing security restrictions." 50389 </description> 50390 </metadata> 50391 <!-- a36ba08c692a30308a29e6242e31eea2 --> 50392 <criteria operator="AND"> 50393 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50394 <criteria operator="OR"> 50395 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 50396 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 50397 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 50398 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 50399 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 50400 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 50401 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 50402 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 50403 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 50404 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 50405 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 50406 </criteria> 50407 </criteria> 50408 </definition> 50409 <definition id="oval:org.opensuse.security:def:20131537" version="1" class="vulnerability"> 50410 <metadata> 50411 <title>CVE-2013-1537</title> 50412 <affected family="unix"> 50413 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50414 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50415 </affected> 50416 <reference ref_id="CVE-2013-1537" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1537" source="CVE"/> 50417 <description> 50418 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the default java.rmi.server.useCodebaseOnly setting of false, which allows remote attackers to perform "dynamic class downloading" and execute arbitrary code. 50419 </description> 50420 </metadata> 50421 <!-- a36ba08c692a30308a29e6242e31eea2 --> 50422 <criteria operator="AND"> 50423 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50424 <criteria operator="OR"> 50425 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 50426 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 50427 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 50428 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 50429 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 50430 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 50431 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 50432 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 50433 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 50434 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 50435 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 50436 </criteria> 50437 </criteria> 50438 </definition> 50439 <definition id="oval:org.opensuse.security:def:20131540" version="1" class="vulnerability"> 50440 <metadata> 50441 <title>CVE-2013-1540</title> 50442 <affected family="unix"> 50443 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50444 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50445 </affected> 50446 <reference ref_id="CVE-2013-1540" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1540" source="CVE"/> 50447 <description> 50448 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2433. 50449 </description> 50450 </metadata> 50451 <!-- a36ba08c692a30308a29e6242e31eea2 --> 50452 <criteria operator="AND"> 50453 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50454 <criteria operator="OR"> 50455 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 50456 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 50457 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 50458 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 50459 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 50460 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 50461 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 50462 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 50463 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 50464 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 50465 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 50466 </criteria> 50467 </criteria> 50468 </definition> 50469 <definition id="oval:org.opensuse.security:def:20131557" version="1" class="vulnerability"> 50470 <metadata> 50471 <title>CVE-2013-1557</title> 50472 <affected family="unix"> 50473 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50474 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50475 </affected> 50476 <reference ref_id="CVE-2013-1557" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1557" source="CVE"/> 50477 <description> 50478 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "missing security restrictions" in the LogStream.setDefaultStream method. 50479 </description> 50480 </metadata> 50481 <!-- a36ba08c692a30308a29e6242e31eea2 --> 50482 <criteria operator="AND"> 50483 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50484 <criteria operator="OR"> 50485 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 50486 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 50487 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 50488 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 50489 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 50490 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 50491 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 50492 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 50493 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 50494 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 50495 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 50496 </criteria> 50497 </criteria> 50498 </definition> 50499 <definition id="oval:org.opensuse.security:def:20131563" version="1" class="vulnerability"> 50500 <metadata> 50501 <title>CVE-2013-1563</title> 50502 <affected family="unix"> 50503 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50504 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50505 </affected> 50506 <reference ref_id="CVE-2013-1563" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1563" source="CVE"/> 50507 <description> 50508 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install. 50509 </description> 50510 </metadata> 50511 <!-- a36ba08c692a30308a29e6242e31eea2 --> 50512 <criteria operator="AND"> 50513 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50514 <criteria operator="OR"> 50515 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 50516 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 50517 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 50518 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 50519 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 50520 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 50521 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 50522 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 50523 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 50524 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 50525 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 50526 </criteria> 50527 </criteria> 50528 </definition> 50529 <definition id="oval:org.opensuse.security:def:20131569" version="1" class="vulnerability"> 50530 <metadata> 50531 <title>CVE-2013-1569</title> 50532 <affected family="unix"> 50533 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50534 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50535 </affected> 50536 <reference ref_id="CVE-2013-1569" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" source="CVE"/> 50537 <description> 50538 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "checking of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2. 50539 </description> 50540 </metadata> 50541 <!-- a36ba08c692a30308a29e6242e31eea2 --> 50542 <criteria operator="AND"> 50543 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50544 <criteria operator="OR"> 50545 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 50546 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 50547 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 50548 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 50549 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 50550 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 50551 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 50552 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 50553 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 50554 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 50555 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 50556 </criteria> 50557 </criteria> 50558 </definition> 50559 <definition id="oval:org.opensuse.security:def:20131571" version="1" class="vulnerability"> 50560 <metadata> 50561 <title>CVE-2013-1571</title> 50562 <affected family="unix"> 50563 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50564 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50565 </affected> 50566 <reference ref_id="CVE-2013-1571" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571" source="CVE"/> 50567 <description> 50568 Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to frame injection in HTML that is generated by Javadoc. 50569 </description> 50570 </metadata> 50571 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 50572 <criteria operator="AND"> 50573 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50574 <criteria operator="OR"> 50575 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 50576 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 50577 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 50578 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 50579 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 50580 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 50581 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 50582 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 50583 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 50584 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 50585 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 50586 </criteria> 50587 </criteria> 50588 </definition> 50589 <definition id="oval:org.opensuse.security:def:20131572" version="1" class="vulnerability"> 50590 <metadata> 50591 <title>CVE-2013-1572</title> 50592 <affected family="unix"> 50593 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50594 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50595 </affected> 50596 <reference ref_id="CVE-2013-1572" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1572" source="CVE"/> 50597 <description> 50598 The dissect_oampdu_event_notification function in epan/dissectors/packet-slowprotocols.c in the IEEE 802.3 Slow Protocols dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle certain short lengths, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. 50599 </description> 50600 </metadata> 50601 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 50602 <criteria operator="AND"> 50603 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50604 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 50605 </criteria> 50606 </definition> 50607 <definition id="oval:org.opensuse.security:def:20131573" version="1" class="vulnerability"> 50608 <metadata> 50609 <title>CVE-2013-1573</title> 50610 <affected family="unix"> 50611 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50612 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50613 </affected> 50614 <reference ref_id="CVE-2013-1573" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1573" source="CVE"/> 50615 <description> 50616 The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a large number of padding bits, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. 50617 </description> 50618 </metadata> 50619 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 50620 <criteria operator="AND"> 50621 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50622 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 50623 </criteria> 50624 </definition> 50625 <definition id="oval:org.opensuse.security:def:20131574" version="1" class="vulnerability"> 50626 <metadata> 50627 <title>CVE-2013-1574</title> 50628 <affected family="unix"> 50629 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50630 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50631 </affected> 50632 <reference ref_id="CVE-2013-1574" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1574" source="CVE"/> 50633 <description> 50634 The dissect_bthci_eir_ad_data function in epan/dissectors/packet-bthci_cmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a counter variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. 50635 </description> 50636 </metadata> 50637 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 50638 <criteria operator="AND"> 50639 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50640 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 50641 </criteria> 50642 </definition> 50643 <definition id="oval:org.opensuse.security:def:20131575" version="1" class="vulnerability"> 50644 <metadata> 50645 <title>CVE-2013-1575</title> 50646 <affected family="unix"> 50647 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50648 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50649 </affected> 50650 <reference ref_id="CVE-2013-1575" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1575" source="CVE"/> 50651 <description> 50652 The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-assa_r3.c in the R3 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a certain alarm length, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. 50653 </description> 50654 </metadata> 50655 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 50656 <criteria operator="AND"> 50657 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50658 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 50659 </criteria> 50660 </definition> 50661 <definition id="oval:org.opensuse.security:def:20131576" version="1" class="vulnerability"> 50662 <metadata> 50663 <title>CVE-2013-1576</title> 50664 <affected family="unix"> 50665 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50666 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50667 </affected> 50668 <reference ref_id="CVE-2013-1576" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1576" source="CVE"/> 50669 <description> 50670 The dissect_sdp_media_attribute function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly process crypto-suite parameters, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. 50671 </description> 50672 </metadata> 50673 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 50674 <criteria operator="AND"> 50675 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50676 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 50677 </criteria> 50678 </definition> 50679 <definition id="oval:org.opensuse.security:def:20131577" version="1" class="vulnerability"> 50680 <metadata> 50681 <title>CVE-2013-1577</title> 50682 <affected family="unix"> 50683 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50684 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50685 </affected> 50686 <reference ref_id="CVE-2013-1577" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1577" source="CVE"/> 50687 <description> 50688 The dissect_sip_p_charging_func_addresses function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle offset data associated with a quoted string, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. 50689 </description> 50690 </metadata> 50691 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 50692 <criteria operator="AND"> 50693 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50694 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 50695 </criteria> 50696 </definition> 50697 <definition id="oval:org.opensuse.security:def:20131578" version="1" class="vulnerability"> 50698 <metadata> 50699 <title>CVE-2013-1578</title> 50700 <affected family="unix"> 50701 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50702 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50703 </affected> 50704 <reference ref_id="CVE-2013-1578" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1578" source="CVE"/> 50705 <description> 50706 The dissect_pw_eth_heuristic function in epan/dissectors/packet-pw-eth.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle apparent Ethernet address values at the beginning of MPLS data, which allows remote attackers to cause a denial of service (loop) via a malformed packet. 50707 </description> 50708 </metadata> 50709 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 50710 <criteria operator="AND"> 50711 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50712 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 50713 </criteria> 50714 </definition> 50715 <definition id="oval:org.opensuse.security:def:20131579" version="1" class="vulnerability"> 50716 <metadata> 50717 <title>CVE-2013-1579</title> 50718 <affected family="unix"> 50719 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50720 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50721 </affected> 50722 <reference ref_id="CVE-2013-1579" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1579" source="CVE"/> 50723 <description> 50724 The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in the RTPS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly implement certain nested loops for processing bitmap data, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. 50725 </description> 50726 </metadata> 50727 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 50728 <criteria operator="AND"> 50729 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50730 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 50731 </criteria> 50732 </definition> 50733 <definition id="oval:org.opensuse.security:def:20131580" version="1" class="vulnerability"> 50734 <metadata> 50735 <title>CVE-2013-1580</title> 50736 <affected family="unix"> 50737 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50738 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50739 </affected> 50740 <reference ref_id="CVE-2013-1580" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1580" source="CVE"/> 50741 <description> 50742 The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. 50743 </description> 50744 </metadata> 50745 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 50746 <criteria operator="AND"> 50747 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50748 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 50749 </criteria> 50750 </definition> 50751 <definition id="oval:org.opensuse.security:def:20131581" version="1" class="vulnerability"> 50752 <metadata> 50753 <title>CVE-2013-1581</title> 50754 <affected family="unix"> 50755 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50756 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50757 </affected> 50758 <reference ref_id="CVE-2013-1581" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1581" source="CVE"/> 50759 <description> 50760 The dissect_pft_fec_detailed function in epan/dissectors/packet-dcp-etsi.c in the DCP-ETSI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle fragment gaps, which allows remote attackers to cause a denial of service (loop) via a malformed packet. 50761 </description> 50762 </metadata> 50763 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 50764 <criteria operator="AND"> 50765 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50766 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 50767 </criteria> 50768 </definition> 50769 <definition id="oval:org.opensuse.security:def:20131582" version="1" class="vulnerability"> 50770 <metadata> 50771 <title>CVE-2013-1582</title> 50772 <affected family="unix"> 50773 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50774 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50775 </affected> 50776 <reference ref_id="CVE-2013-1582" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1582" source="CVE"/> 50777 <description> 50778 The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly manage an offset variable, which allows remote attackers to cause a denial of service (infinite loop or application crash) via a malformed packet. 50779 </description> 50780 </metadata> 50781 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 50782 <criteria operator="AND"> 50783 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50784 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 50785 </criteria> 50786 </definition> 50787 <definition id="oval:org.opensuse.security:def:20131583" version="1" class="vulnerability"> 50788 <metadata> 50789 <title>CVE-2013-1583</title> 50790 <affected family="unix"> 50791 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50792 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50793 </affected> 50794 <reference ref_id="CVE-2013-1583" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1583" source="CVE"/> 50795 <description> 50796 The dissect_version_4_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. 50797 </description> 50798 </metadata> 50799 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 50800 <criteria operator="AND"> 50801 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50802 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 50803 </criteria> 50804 </definition> 50805 <definition id="oval:org.opensuse.security:def:20131584" version="1" class="vulnerability"> 50806 <metadata> 50807 <title>CVE-2013-1584</title> 50808 <affected family="unix"> 50809 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50810 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50811 </affected> 50812 <reference ref_id="CVE-2013-1584" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1584" source="CVE"/> 50813 <description> 50814 The dissect_version_5_and_6_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. 50815 </description> 50816 </metadata> 50817 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 50818 <criteria operator="AND"> 50819 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50820 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 50821 </criteria> 50822 </definition> 50823 <definition id="oval:org.opensuse.security:def:20131585" version="1" class="vulnerability"> 50824 <metadata> 50825 <title>CVE-2013-1585</title> 50826 <affected family="unix"> 50827 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50828 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50829 </affected> 50830 <reference ref_id="CVE-2013-1585" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1585" source="CVE"/> 50831 <description> 50832 epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly validate certain length values for the MS-MMC dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. 50833 </description> 50834 </metadata> 50835 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 50836 <criteria operator="AND"> 50837 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50838 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 50839 </criteria> 50840 </definition> 50841 <definition id="oval:org.opensuse.security:def:20131586" version="1" class="vulnerability"> 50842 <metadata> 50843 <title>CVE-2013-1586</title> 50844 <affected family="unix"> 50845 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50846 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50847 </affected> 50848 <reference ref_id="CVE-2013-1586" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1586" source="CVE"/> 50849 <description> 50850 The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. 50851 </description> 50852 </metadata> 50853 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 50854 <criteria operator="AND"> 50855 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50856 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 50857 </criteria> 50858 </definition> 50859 <definition id="oval:org.opensuse.security:def:20131588" version="1" class="vulnerability"> 50860 <metadata> 50861 <title>CVE-2013-1588</title> 50862 <affected family="unix"> 50863 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50864 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50865 </affected> 50866 <reference ref_id="CVE-2013-1588" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1588" source="CVE"/> 50867 <description> 50868 Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote attackers to cause a denial of service (application crash) via a malformed packet. 50869 </description> 50870 </metadata> 50871 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 50872 <criteria operator="AND"> 50873 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50874 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 50875 </criteria> 50876 </definition> 50877 <definition id="oval:org.opensuse.security:def:20131589" version="1" class="vulnerability"> 50878 <metadata> 50879 <title>CVE-2013-1589</title> 50880 <affected family="unix"> 50881 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50882 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50883 </affected> 50884 <reference ref_id="CVE-2013-1589" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1589" source="CVE"/> 50885 <description> 50886 Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet. 50887 </description> 50888 </metadata> 50889 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 50890 <criteria operator="AND"> 50891 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50892 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 50893 </criteria> 50894 </definition> 50895 <definition id="oval:org.opensuse.security:def:20131590" version="1" class="vulnerability"> 50896 <metadata> 50897 <title>CVE-2013-1590</title> 50898 <affected family="unix"> 50899 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50900 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50901 </affected> 50902 <reference ref_id="CVE-2013-1590" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1590" source="CVE"/> 50903 <description> 50904 Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet. 50905 </description> 50906 </metadata> 50907 <!-- 00d047ef2619f2e2b31e0f986b29d382 --> 50908 <criteria operator="AND"> 50909 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50910 <criterion test_ref="oval:org.opensuse.security:tst:2009076539" comment="wireshark less than 1.6.13-0.5.1"/> 50911 </criteria> 50912 </definition> 50913 <definition id="oval:org.opensuse.security:def:20131619" version="1" class="vulnerability"> 50914 <metadata> 50915 <title>CVE-2013-1619</title> 50916 <affected family="unix"> 50917 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50918 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50919 </affected> 50920 <reference ref_id="CVE-2013-1619" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1619" source="CVE"/> 50921 <description> 50922 The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. 50923 </description> 50924 </metadata> 50925 <!-- 25bff8c073ecb5178ad094a1a09f8a33 --> 50926 <criteria operator="AND"> 50927 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50928 <criteria operator="OR"> 50929 <criterion test_ref="oval:org.opensuse.security:tst:2009077115" comment="gnutls-32bit less than 1.2.10-13.32.1"/> 50930 <criterion test_ref="oval:org.opensuse.security:tst:2009077116" comment="gnutls-devel-32bit less than 1.2.10-13.32.1"/> 50931 <criterion test_ref="oval:org.opensuse.security:tst:2009077117" comment="gnutls-devel less than 1.2.10-13.32.1"/> 50932 <criterion test_ref="oval:org.opensuse.security:tst:2009077118" comment="gnutls less than 1.2.10-13.32.1"/> 50933 </criteria> 50934 </criteria> 50935 </definition> 50936 <definition id="oval:org.opensuse.security:def:20131667" version="1" class="vulnerability"> 50937 <metadata> 50938 <title>CVE-2013-1667</title> 50939 <affected family="unix"> 50940 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50941 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50942 </affected> 50943 <reference ref_id="CVE-2013-1667" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1667" source="CVE"/> 50944 <description> 50945 The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key. 50946 </description> 50947 </metadata> 50948 <!-- ed1929d51b82752f08399dada0ae2769 --> 50949 <criteria operator="AND"> 50950 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50951 <criteria operator="OR"> 50952 <criterion test_ref="oval:org.opensuse.security:tst:2009076769" comment="perl-32bit less than 5.8.8-14.21.3"/> 50953 <criterion test_ref="oval:org.opensuse.security:tst:2009076770" comment="perl less than 5.8.8-14.21.3"/> 50954 </criteria> 50955 </criteria> 50956 </definition> 50957 <definition id="oval:org.opensuse.security:def:20131682" version="1" class="vulnerability"> 50958 <metadata> 50959 <title>CVE-2013-1682</title> 50960 <affected family="unix"> 50961 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50962 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50963 </affected> 50964 <reference ref_id="CVE-2013-1682" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1682" source="CVE"/> 50965 <description> 50966 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. 50967 </description> 50968 </metadata> 50969 <!-- 061026413fe3bb69a7f42e0b70363e4a --> 50970 <criteria operator="AND"> 50971 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50972 <criteria operator="OR"> 50973 <criterion test_ref="oval:org.opensuse.security:tst:2009077536" comment="MozillaFirefox-branding-SLED less than 7-0.10.28"/> 50974 <criterion test_ref="oval:org.opensuse.security:tst:2009077537" comment="MozillaFirefox-translations less than 17.0.7esr-0.6.1"/> 50975 <criterion test_ref="oval:org.opensuse.security:tst:2009077538" comment="MozillaFirefox less than 17.0.7esr-0.6.1"/> 50976 </criteria> 50977 </criteria> 50978 </definition> 50979 <definition id="oval:org.opensuse.security:def:20131684" version="1" class="vulnerability"> 50980 <metadata> 50981 <title>CVE-2013-1684</title> 50982 <affected family="unix"> 50983 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 50984 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 50985 </affected> 50986 <reference ref_id="CVE-2013-1684" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1684" source="CVE"/> 50987 <description> 50988 Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site. 50989 </description> 50990 </metadata> 50991 <!-- 061026413fe3bb69a7f42e0b70363e4a --> 50992 <criteria operator="AND"> 50993 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 50994 <criteria operator="OR"> 50995 <criterion test_ref="oval:org.opensuse.security:tst:2009077536" comment="MozillaFirefox-branding-SLED less than 7-0.10.28"/> 50996 <criterion test_ref="oval:org.opensuse.security:tst:2009077537" comment="MozillaFirefox-translations less than 17.0.7esr-0.6.1"/> 50997 <criterion test_ref="oval:org.opensuse.security:tst:2009077538" comment="MozillaFirefox less than 17.0.7esr-0.6.1"/> 50998 </criteria> 50999 </criteria> 51000 </definition> 51001 <definition id="oval:org.opensuse.security:def:20131685" version="1" class="vulnerability"> 51002 <metadata> 51003 <title>CVE-2013-1685</title> 51004 <affected family="unix"> 51005 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51006 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51007 </affected> 51008 <reference ref_id="CVE-2013-1685" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1685" source="CVE"/> 51009 <description> 51010 Use-after-free vulnerability in the nsIDocument::GetRootElement function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site. 51011 </description> 51012 </metadata> 51013 <!-- 061026413fe3bb69a7f42e0b70363e4a --> 51014 <criteria operator="AND"> 51015 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51016 <criteria operator="OR"> 51017 <criterion test_ref="oval:org.opensuse.security:tst:2009077536" comment="MozillaFirefox-branding-SLED less than 7-0.10.28"/> 51018 <criterion test_ref="oval:org.opensuse.security:tst:2009077537" comment="MozillaFirefox-translations less than 17.0.7esr-0.6.1"/> 51019 <criterion test_ref="oval:org.opensuse.security:tst:2009077538" comment="MozillaFirefox less than 17.0.7esr-0.6.1"/> 51020 </criteria> 51021 </criteria> 51022 </definition> 51023 <definition id="oval:org.opensuse.security:def:20131686" version="1" class="vulnerability"> 51024 <metadata> 51025 <title>CVE-2013-1686</title> 51026 <affected family="unix"> 51027 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51028 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51029 </affected> 51030 <reference ref_id="CVE-2013-1686" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1686" source="CVE"/> 51031 <description> 51032 Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. 51033 </description> 51034 </metadata> 51035 <!-- 061026413fe3bb69a7f42e0b70363e4a --> 51036 <criteria operator="AND"> 51037 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51038 <criteria operator="OR"> 51039 <criterion test_ref="oval:org.opensuse.security:tst:2009077536" comment="MozillaFirefox-branding-SLED less than 7-0.10.28"/> 51040 <criterion test_ref="oval:org.opensuse.security:tst:2009077537" comment="MozillaFirefox-translations less than 17.0.7esr-0.6.1"/> 51041 <criterion test_ref="oval:org.opensuse.security:tst:2009077538" comment="MozillaFirefox less than 17.0.7esr-0.6.1"/> 51042 </criteria> 51043 </criteria> 51044 </definition> 51045 <definition id="oval:org.opensuse.security:def:20131687" version="1" class="vulnerability"> 51046 <metadata> 51047 <title>CVE-2013-1687</title> 51048 <affected family="unix"> 51049 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51050 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51051 </affected> 51052 <reference ref_id="CVE-2013-1687" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1687" source="CVE"/> 51053 <description> 51054 The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly restrict XBL user-defined functions, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges, or conduct cross-site scripting (XSS) attacks, via a crafted web site. 51055 </description> 51056 </metadata> 51057 <!-- 061026413fe3bb69a7f42e0b70363e4a --> 51058 <criteria operator="AND"> 51059 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51060 <criteria operator="OR"> 51061 <criterion test_ref="oval:org.opensuse.security:tst:2009077536" comment="MozillaFirefox-branding-SLED less than 7-0.10.28"/> 51062 <criterion test_ref="oval:org.opensuse.security:tst:2009077537" comment="MozillaFirefox-translations less than 17.0.7esr-0.6.1"/> 51063 <criterion test_ref="oval:org.opensuse.security:tst:2009077538" comment="MozillaFirefox less than 17.0.7esr-0.6.1"/> 51064 </criteria> 51065 </criteria> 51066 </definition> 51067 <definition id="oval:org.opensuse.security:def:20131690" version="1" class="vulnerability"> 51068 <metadata> 51069 <title>CVE-2013-1690</title> 51070 <affected family="unix"> 51071 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51072 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51073 </affected> 51074 <reference ref_id="CVE-2013-1690" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1690" source="CVE"/> 51075 <description> 51076 Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location. 51077 </description> 51078 </metadata> 51079 <!-- 061026413fe3bb69a7f42e0b70363e4a --> 51080 <criteria operator="AND"> 51081 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51082 <criteria operator="OR"> 51083 <criterion test_ref="oval:org.opensuse.security:tst:2009077536" comment="MozillaFirefox-branding-SLED less than 7-0.10.28"/> 51084 <criterion test_ref="oval:org.opensuse.security:tst:2009077537" comment="MozillaFirefox-translations less than 17.0.7esr-0.6.1"/> 51085 <criterion test_ref="oval:org.opensuse.security:tst:2009077538" comment="MozillaFirefox less than 17.0.7esr-0.6.1"/> 51086 </criteria> 51087 </criteria> 51088 </definition> 51089 <definition id="oval:org.opensuse.security:def:20131692" version="1" class="vulnerability"> 51090 <metadata> 51091 <title>CVE-2013-1692</title> 51092 <affected family="unix"> 51093 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51094 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51095 </affected> 51096 <reference ref_id="CVE-2013-1692" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1692" source="CVE"/> 51097 <description> 51098 Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web site. 51099 </description> 51100 </metadata> 51101 <!-- 061026413fe3bb69a7f42e0b70363e4a --> 51102 <criteria operator="AND"> 51103 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51104 <criteria operator="OR"> 51105 <criterion test_ref="oval:org.opensuse.security:tst:2009077536" comment="MozillaFirefox-branding-SLED less than 7-0.10.28"/> 51106 <criterion test_ref="oval:org.opensuse.security:tst:2009077537" comment="MozillaFirefox-translations less than 17.0.7esr-0.6.1"/> 51107 <criterion test_ref="oval:org.opensuse.security:tst:2009077538" comment="MozillaFirefox less than 17.0.7esr-0.6.1"/> 51108 </criteria> 51109 </criteria> 51110 </definition> 51111 <definition id="oval:org.opensuse.security:def:20131693" version="1" class="vulnerability"> 51112 <metadata> 51113 <title>CVE-2013-1693</title> 51114 <affected family="unix"> 51115 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51116 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51117 </affected> 51118 <reference ref_id="CVE-2013-1693" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1693" source="CVE"/> 51119 <description> 51120 The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to read pixel values, and possibly bypass the Same Origin Policy and read text from a different domain, by observing timing differences in execution of filter code. 51121 </description> 51122 </metadata> 51123 <!-- 061026413fe3bb69a7f42e0b70363e4a --> 51124 <criteria operator="AND"> 51125 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51126 <criteria operator="OR"> 51127 <criterion test_ref="oval:org.opensuse.security:tst:2009077536" comment="MozillaFirefox-branding-SLED less than 7-0.10.28"/> 51128 <criterion test_ref="oval:org.opensuse.security:tst:2009077537" comment="MozillaFirefox-translations less than 17.0.7esr-0.6.1"/> 51129 <criterion test_ref="oval:org.opensuse.security:tst:2009077538" comment="MozillaFirefox less than 17.0.7esr-0.6.1"/> 51130 </criteria> 51131 </criteria> 51132 </definition> 51133 <definition id="oval:org.opensuse.security:def:20131697" version="1" class="vulnerability"> 51134 <metadata> 51135 <title>CVE-2013-1697</title> 51136 <affected family="unix"> 51137 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51138 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51139 </affected> 51140 <reference ref_id="CVE-2013-1697" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1697" source="CVE"/> 51141 <description> 51142 The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method. 51143 </description> 51144 </metadata> 51145 <!-- 061026413fe3bb69a7f42e0b70363e4a --> 51146 <criteria operator="AND"> 51147 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51148 <criteria operator="OR"> 51149 <criterion test_ref="oval:org.opensuse.security:tst:2009077536" comment="MozillaFirefox-branding-SLED less than 7-0.10.28"/> 51150 <criterion test_ref="oval:org.opensuse.security:tst:2009077537" comment="MozillaFirefox-translations less than 17.0.7esr-0.6.1"/> 51151 <criterion test_ref="oval:org.opensuse.security:tst:2009077538" comment="MozillaFirefox less than 17.0.7esr-0.6.1"/> 51152 </criteria> 51153 </criteria> 51154 </definition> 51155 <definition id="oval:org.opensuse.security:def:20131775" version="1" class="vulnerability"> 51156 <metadata> 51157 <title>CVE-2013-1775</title> 51158 <affected family="unix"> 51159 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51160 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51161 </affected> 51162 <reference ref_id="CVE-2013-1775" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1775" source="CVE"/> 51163 <description> 51164 sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch. 51165 </description> 51166 </metadata> 51167 <!-- 68356be24d3ee0305b115b7f77e08946 --> 51168 <criteria operator="AND"> 51169 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51170 <criterion test_ref="oval:org.opensuse.security:tst:2009077212" comment="sudo less than 1.6.9p23-0.18.1"/> 51171 </criteria> 51172 </definition> 51173 <definition id="oval:org.opensuse.security:def:20131776" version="1" class="vulnerability"> 51174 <metadata> 51175 <title>CVE-2013-1776</title> 51176 <affected family="unix"> 51177 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51178 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51179 </affected> 51180 <reference ref_id="CVE-2013-1776" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1776" source="CVE"/> 51181 <description> 51182 sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions. 51183 </description> 51184 </metadata> 51185 <!-- 68356be24d3ee0305b115b7f77e08946 --> 51186 <criteria operator="AND"> 51187 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51188 <criterion test_ref="oval:org.opensuse.security:tst:2009077212" comment="sudo less than 1.6.9p23-0.18.1"/> 51189 </criteria> 51190 </definition> 51191 <definition id="oval:org.opensuse.security:def:20131788" version="1" class="vulnerability"> 51192 <metadata> 51193 <title>CVE-2013-1788</title> 51194 <affected family="unix"> 51195 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51196 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51197 </affected> 51198 <reference ref_id="CVE-2013-1788" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1788" source="CVE"/> 51199 <description> 51200 poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Splash.cc, (2) poppler/Function.cc, and (3) poppler/Stream.cc. 51201 </description> 51202 </metadata> 51203 <!-- c6f02331d1ee67b8fc7c6997d72f8cf0 --> 51204 <criteria operator="AND"> 51205 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51206 <criteria operator="OR"> 51207 <criterion test_ref="oval:org.opensuse.security:tst:2009076954" comment="poppler-devel less than 0.4.4-19.29.1"/> 51208 <criterion test_ref="oval:org.opensuse.security:tst:2009076955" comment="poppler-glib less than 0.4.4-19.29.1"/> 51209 <criterion test_ref="oval:org.opensuse.security:tst:2009076956" comment="poppler-qt less than 0.4.4-19.29.1"/> 51210 <criterion test_ref="oval:org.opensuse.security:tst:2009076957" comment="poppler less than 0.4.4-19.29.1"/> 51211 </criteria> 51212 </criteria> 51213 </definition> 51214 <definition id="oval:org.opensuse.security:def:20131789" version="1" class="vulnerability"> 51215 <metadata> 51216 <title>CVE-2013-1789</title> 51217 <affected family="unix"> 51218 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51219 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51220 </affected> 51221 <reference ref_id="CVE-2013-1789" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1789" source="CVE"/> 51222 <description> 51223 splash/Splash.cc in poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to the (1) Splash::arbitraryTransformMask, (2) Splash::blitMask, and (3) Splash::scaleMaskYuXu functions. 51224 </description> 51225 </metadata> 51226 <!-- c6f02331d1ee67b8fc7c6997d72f8cf0 --> 51227 <criteria operator="AND"> 51228 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51229 <criteria operator="OR"> 51230 <criterion test_ref="oval:org.opensuse.security:tst:2009076954" comment="poppler-devel less than 0.4.4-19.29.1"/> 51231 <criterion test_ref="oval:org.opensuse.security:tst:2009076955" comment="poppler-glib less than 0.4.4-19.29.1"/> 51232 <criterion test_ref="oval:org.opensuse.security:tst:2009076956" comment="poppler-qt less than 0.4.4-19.29.1"/> 51233 <criterion test_ref="oval:org.opensuse.security:tst:2009076957" comment="poppler less than 0.4.4-19.29.1"/> 51234 </criteria> 51235 </criteria> 51236 </definition> 51237 <definition id="oval:org.opensuse.security:def:20131790" version="1" class="vulnerability"> 51238 <metadata> 51239 <title>CVE-2013-1790</title> 51240 <affected family="unix"> 51241 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51242 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51243 </affected> 51244 <reference ref_id="CVE-2013-1790" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1790" source="CVE"/> 51245 <description> 51246 poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function. 51247 </description> 51248 </metadata> 51249 <!-- c6f02331d1ee67b8fc7c6997d72f8cf0 --> 51250 <criteria operator="AND"> 51251 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51252 <criteria operator="OR"> 51253 <criterion test_ref="oval:org.opensuse.security:tst:2009076954" comment="poppler-devel less than 0.4.4-19.29.1"/> 51254 <criterion test_ref="oval:org.opensuse.security:tst:2009076955" comment="poppler-glib less than 0.4.4-19.29.1"/> 51255 <criterion test_ref="oval:org.opensuse.security:tst:2009076956" comment="poppler-qt less than 0.4.4-19.29.1"/> 51256 <criterion test_ref="oval:org.opensuse.security:tst:2009076957" comment="poppler less than 0.4.4-19.29.1"/> 51257 </criteria> 51258 </criteria> 51259 </definition> 51260 <definition id="oval:org.opensuse.security:def:20131821" version="1" class="vulnerability"> 51261 <metadata> 51262 <title>CVE-2013-1821</title> 51263 <affected family="unix"> 51264 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51265 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51266 </affected> 51267 <reference ref_id="CVE-2013-1821" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1821" source="CVE"/> 51268 <description> 51269 lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack. 51270 </description> 51271 </metadata> 51272 <!-- 4c9e95f258c3139c5c70de419c8f734b --> 51273 <criteria operator="AND"> 51274 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51275 <criterion test_ref="oval:org.opensuse.security:tst:2009076967" comment="ruby less than 1.8.6.p369-0.14.1"/> 51276 </criteria> 51277 </definition> 51278 <definition id="oval:org.opensuse.security:def:20131845" version="1" class="vulnerability"> 51279 <metadata> 51280 <title>CVE-2013-1845</title> 51281 <affected family="unix"> 51282 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51283 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51284 </affected> 51285 <reference ref_id="CVE-2013-1845" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1845" source="CVE"/> 51286 <description> 51287 The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting or (2) deleting a large number of properties for a file or directory. 51288 </description> 51289 </metadata> 51290 <!-- 21e270ec8a024f0ab0ccf967180f9802 --> 51291 <criteria operator="AND"> 51292 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51293 <criteria operator="OR"> 51294 <criterion test_ref="oval:org.opensuse.security:tst:2009077278" comment="subversion-devel less than 1.3.1-1.22.1"/> 51295 <criterion test_ref="oval:org.opensuse.security:tst:2009077279" comment="subversion less than 1.3.1-1.22.1"/> 51296 </criteria> 51297 </criteria> 51298 </definition> 51299 <definition id="oval:org.opensuse.security:def:20131846" version="1" class="vulnerability"> 51300 <metadata> 51301 <title>CVE-2013-1846</title> 51302 <affected family="unix"> 51303 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51304 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51305 </affected> 51306 <reference ref_id="CVE-2013-1846" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1846" source="CVE"/> 51307 <description> 51308 The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL. 51309 </description> 51310 </metadata> 51311 <!-- 21e270ec8a024f0ab0ccf967180f9802 --> 51312 <criteria operator="AND"> 51313 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51314 <criteria operator="OR"> 51315 <criterion test_ref="oval:org.opensuse.security:tst:2009077278" comment="subversion-devel less than 1.3.1-1.22.1"/> 51316 <criterion test_ref="oval:org.opensuse.security:tst:2009077279" comment="subversion less than 1.3.1-1.22.1"/> 51317 </criteria> 51318 </criteria> 51319 </definition> 51320 <definition id="oval:org.opensuse.security:def:20131849" version="1" class="vulnerability"> 51321 <metadata> 51322 <title>CVE-2013-1849</title> 51323 <affected family="unix"> 51324 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51325 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51326 </affected> 51327 <reference ref_id="CVE-2013-1849" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1849" source="CVE"/> 51328 <description> 51329 The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a PROPFIND request for an activity URL. 51330 </description> 51331 </metadata> 51332 <!-- 21e270ec8a024f0ab0ccf967180f9802 --> 51333 <criteria operator="AND"> 51334 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51335 <criteria operator="OR"> 51336 <criterion test_ref="oval:org.opensuse.security:tst:2009077278" comment="subversion-devel less than 1.3.1-1.22.1"/> 51337 <criterion test_ref="oval:org.opensuse.security:tst:2009077279" comment="subversion less than 1.3.1-1.22.1"/> 51338 </criteria> 51339 </criteria> 51340 </definition> 51341 <definition id="oval:org.opensuse.security:def:20131914" version="1" class="vulnerability"> 51342 <metadata> 51343 <title>CVE-2013-1914</title> 51344 <affected family="unix"> 51345 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51346 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51347 </affected> 51348 <reference ref_id="CVE-2013-1914" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1914" source="CVE"/> 51349 <description> 51350 Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of domain conversion results. 51351 </description> 51352 </metadata> 51353 <!-- 4ca050db7cee063070fd004b2b257e13 --> 51354 <criteria operator="AND"> 51355 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51356 <criteria operator="OR"> 51357 <criterion test_ref="oval:org.opensuse.security:tst:2009077370" comment="glibc-32bit less than 2.4-31.109.1"/> 51358 <criterion test_ref="oval:org.opensuse.security:tst:2009077371" comment="glibc-devel-32bit less than 2.4-31.109.1"/> 51359 <criterion test_ref="oval:org.opensuse.security:tst:2009077372" comment="glibc-devel less than 2.4-31.109.1"/> 51360 <criterion test_ref="oval:org.opensuse.security:tst:2009077373" comment="glibc-html less than 2.4-31.109.1"/> 51361 <criterion test_ref="oval:org.opensuse.security:tst:2009077374" comment="glibc-i18ndata less than 2.4-31.109.1"/> 51362 <criterion test_ref="oval:org.opensuse.security:tst:2009077375" comment="glibc-info less than 2.4-31.109.1"/> 51363 <criterion test_ref="oval:org.opensuse.security:tst:2009077376" comment="glibc-locale-32bit less than 2.4-31.109.1"/> 51364 <criterion test_ref="oval:org.opensuse.security:tst:2009077377" comment="glibc-locale less than 2.4-31.109.1"/> 51365 <criterion test_ref="oval:org.opensuse.security:tst:2009077378" comment="glibc less than 2.4-31.109.1"/> 51366 <criterion test_ref="oval:org.opensuse.security:tst:2009077379" comment="nscd less than 2.4-31.109.1"/> 51367 </criteria> 51368 </criteria> 51369 </definition> 51370 <definition id="oval:org.opensuse.security:def:20131923" version="1" class="vulnerability"> 51371 <metadata> 51372 <title>CVE-2013-1923</title> 51373 <affected family="unix"> 51374 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51375 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51376 </affected> 51377 <reference ref_id="CVE-2013-1923" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1923" source="CVE"/> 51378 <description> 51379 rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks. 51380 </description> 51381 </metadata> 51382 <!-- ef37ac88c972140f7b0899d49079ba8c --> 51383 <criteria operator="AND"> 51384 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51385 <criterion test_ref="oval:org.opensuse.security:tst:2009077276" comment="nfs-utils less than 1.0.7-36.52.1"/> 51386 </criteria> 51387 </definition> 51388 <definition id="oval:org.opensuse.security:def:20131928" version="1" class="vulnerability"> 51389 <metadata> 51390 <title>CVE-2013-1928</title> 51391 <affected family="unix"> 51392 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51393 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51394 </affected> 51395 <reference ref_id="CVE-2013-1928" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1928" source="CVE"/> 51396 <description> 51397 The do_video_set_spu_palette function in fs/compat_ioctl.c in the Linux kernel before 3.6.5 on unspecified architectures lacks a certain error check, which might allow local users to obtain sensitive information from kernel stack memory via a crafted VIDEO_SET_SPU_PALETTE ioctl call on a /dev/dvb device. 51398 </description> 51399 </metadata> 51400 <criteria operator="OR"> 51401 <!-- 42590e04eddb51fa31379710deb16611 --> 51402 <criteria operator="AND"> 51403 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51404 <criteria operator="OR"> 51405 <criterion test_ref="oval:org.opensuse.security:tst:2009077356" comment="kernel-default less than 2.6.16.60-0.103.1"/> 51406 <criterion test_ref="oval:org.opensuse.security:tst:2009077357" comment="kernel-smp less than 2.6.16.60-0.103.1"/> 51407 <criterion test_ref="oval:org.opensuse.security:tst:2009077358" comment="kernel-source less than 2.6.16.60-0.103.1"/> 51408 <criterion test_ref="oval:org.opensuse.security:tst:2009077359" comment="kernel-syms less than 2.6.16.60-0.103.1"/> 51409 <criterion test_ref="oval:org.opensuse.security:tst:2009077360" comment="kernel-xen less than 2.6.16.60-0.103.1"/> 51410 </criteria> 51411 </criteria> 51412 <!-- 60a0921c1bb3961c00333f60f45fee0b --> 51413 <criteria operator="AND"> 51414 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51415 <criteria operator="OR"> 51416 <criterion test_ref="oval:org.opensuse.security:tst:2009077361" comment="kernel-bigsmp less than 2.6.16.60-0.103.1"/> 51417 <criterion test_ref="oval:org.opensuse.security:tst:2009077356" comment="kernel-default less than 2.6.16.60-0.103.1"/> 51418 <criterion test_ref="oval:org.opensuse.security:tst:2009077357" comment="kernel-smp less than 2.6.16.60-0.103.1"/> 51419 <criterion test_ref="oval:org.opensuse.security:tst:2009077358" comment="kernel-source less than 2.6.16.60-0.103.1"/> 51420 <criterion test_ref="oval:org.opensuse.security:tst:2009077359" comment="kernel-syms less than 2.6.16.60-0.103.1"/> 51421 <criterion test_ref="oval:org.opensuse.security:tst:2009077360" comment="kernel-xen less than 2.6.16.60-0.103.1"/> 51422 <criterion test_ref="oval:org.opensuse.security:tst:2009077362" comment="kernel-xenpae less than 2.6.16.60-0.103.1"/> 51423 </criteria> 51424 </criteria> 51425 </criteria> 51426 </definition> 51427 <definition id="oval:org.opensuse.security:def:20131940" version="1" class="vulnerability"> 51428 <metadata> 51429 <title>CVE-2013-1940</title> 51430 <affected family="unix"> 51431 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51432 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51433 </affected> 51434 <reference ref_id="CVE-2013-1940" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1940" source="CVE"/> 51435 <description> 51436 X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict access to input events when adding a new hot-plug device, which might allow physically proximate attackers to obtain sensitive information, as demonstrated by reading passwords from a tty. 51437 </description> 51438 </metadata> 51439 <!-- 69cb26f8a0705fcf17f6341d54cdb9e1 --> 51440 <criteria operator="AND"> 51441 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51442 <criterion test_ref="oval:org.opensuse.security:tst:2009077380" comment="xorg-x11-server less than 6.9.0-50.82.1"/> 51443 </criteria> 51444 </definition> 51445 <definition id="oval:org.opensuse.security:def:20131944" version="1" class="vulnerability"> 51446 <metadata> 51447 <title>CVE-2013-1944</title> 51448 <affected family="unix"> 51449 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51450 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51451 </affected> 51452 <reference ref_id="CVE-2013-1944" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1944" source="CVE"/> 51453 <description> 51454 The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL. 51455 </description> 51456 </metadata> 51457 <criteria operator="OR"> 51458 <!-- 2ccca265ff5a56f164062acebb540e5d --> 51459 <criteria operator="AND"> 51460 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51461 <criteria operator="OR"> 51462 <criterion test_ref="oval:org.opensuse.security:tst:2009077196" comment="curl-32bit less than 7.15.1-19.26.1"/> 51463 <criterion test_ref="oval:org.opensuse.security:tst:2009077197" comment="curl-devel less than 7.15.1-19.26.1"/> 51464 <criterion test_ref="oval:org.opensuse.security:tst:2009077198" comment="curl less than 7.15.1-19.26.1"/> 51465 </criteria> 51466 </criteria> 51467 <!-- 4dd1f084a8e5b92825d43c3c3d0a2326 --> 51468 <criteria operator="AND"> 51469 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51470 <criteria operator="OR"> 51471 <criterion test_ref="oval:org.opensuse.security:tst:2009077199" comment="compat-curl2-32bit less than 7.11.0-20.9.1"/> 51472 <criterion test_ref="oval:org.opensuse.security:tst:2009077200" comment="compat-curl2 less than 7.11.0-20.9.1"/> 51473 </criteria> 51474 </criteria> 51475 <!-- e3950ab87a0b449a0d3d8313b4086042 --> 51476 <criteria operator="AND"> 51477 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51478 <criteria operator="OR"> 51479 <criterion test_ref="oval:org.opensuse.security:tst:2009077556" comment="libcurl4-32bit less than 7.19.0-11.6.1"/> 51480 <criterion test_ref="oval:org.opensuse.security:tst:2009077557" comment="libcurl4 less than 7.19.0-11.6.1"/> 51481 </criteria> 51482 </criteria> 51483 </criteria> 51484 </definition> 51485 <definition id="oval:org.opensuse.security:def:20131960" version="1" class="vulnerability"> 51486 <metadata> 51487 <title>CVE-2013-1960</title> 51488 <affected family="unix"> 51489 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51490 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51491 </affected> 51492 <reference ref_id="CVE-2013-1960" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1960" source="CVE"/> 51493 <description> 51494 Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file. 51495 </description> 51496 </metadata> 51497 <!-- 2281c07d506043b014b0b2aa06f2d47f --> 51498 <criteria operator="AND"> 51499 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51500 <criteria operator="OR"> 51501 <criterion test_ref="oval:org.opensuse.security:tst:2009077213" comment="libtiff-32bit less than 3.8.2-5.34.1"/> 51502 <criterion test_ref="oval:org.opensuse.security:tst:2009077214" comment="libtiff-devel less than 3.8.2-5.34.1"/> 51503 <criterion test_ref="oval:org.opensuse.security:tst:2009077215" comment="libtiff less than 3.8.2-5.34.1"/> 51504 </criteria> 51505 </criteria> 51506 </definition> 51507 <definition id="oval:org.opensuse.security:def:20131961" version="1" class="vulnerability"> 51508 <metadata> 51509 <title>CVE-2013-1961</title> 51510 <affected family="unix"> 51511 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51512 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51513 </affected> 51514 <reference ref_id="CVE-2013-1961" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1961" source="CVE"/> 51515 <description> 51516 Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted image length and resolution in a TIFF image file. 51517 </description> 51518 </metadata> 51519 <!-- 2281c07d506043b014b0b2aa06f2d47f --> 51520 <criteria operator="AND"> 51521 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51522 <criteria operator="OR"> 51523 <criterion test_ref="oval:org.opensuse.security:tst:2009077213" comment="libtiff-32bit less than 3.8.2-5.34.1"/> 51524 <criterion test_ref="oval:org.opensuse.security:tst:2009077214" comment="libtiff-devel less than 3.8.2-5.34.1"/> 51525 <criterion test_ref="oval:org.opensuse.security:tst:2009077215" comment="libtiff less than 3.8.2-5.34.1"/> 51526 </criteria> 51527 </criteria> 51528 </definition> 51529 <definition id="oval:org.opensuse.security:def:20131968" version="1" class="vulnerability"> 51530 <metadata> 51531 <title>CVE-2013-1968</title> 51532 <affected family="unix"> 51533 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51534 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51535 </affected> 51536 <reference ref_id="CVE-2013-1968" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1968" source="CVE"/> 51537 <description> 51538 Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name. 51539 </description> 51540 </metadata> 51541 <!-- 64648aca6f33898d15cd8c0c4956232f --> 51542 <criteria operator="AND"> 51543 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51544 <criteria operator="OR"> 51545 <criterion test_ref="oval:org.opensuse.security:tst:2009077646" comment="subversion-devel less than 1.3.1-1.24.1"/> 51546 <criterion test_ref="oval:org.opensuse.security:tst:2009077647" comment="subversion less than 1.3.1-1.24.1"/> 51547 </criteria> 51548 </criteria> 51549 </definition> 51550 <definition id="oval:org.opensuse.security:def:20131981" version="1" class="vulnerability"> 51551 <metadata> 51552 <title>CVE-2013-1981</title> 51553 <affected family="unix"> 51554 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51555 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51556 </affected> 51557 <reference ref_id="CVE-2013-1981" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1981" source="CVE"/> 51558 <description> 51559 Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions. 51560 </description> 51561 </metadata> 51562 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 51563 <criteria operator="AND"> 51564 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51565 <criteria operator="OR"> 51566 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 51567 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 51568 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 51569 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 51570 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 51571 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 51572 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 51573 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 51574 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 51575 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 51576 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 51577 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 51578 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 51579 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 51580 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 51581 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 51582 </criteria> 51583 </criteria> 51584 </definition> 51585 <definition id="oval:org.opensuse.security:def:20131982" version="1" class="vulnerability"> 51586 <metadata> 51587 <title>CVE-2013-1982</title> 51588 <affected family="unix"> 51589 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51590 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51591 </affected> 51592 <reference ref_id="CVE-2013-1982" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1982" source="CVE"/> 51593 <description> 51594 Multiple integer overflows in X.org libXext 1.3.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XcupGetReservedColormapEntries, (2) XcupStoreColors, (3) XdbeGetVisualInfo, (4) XeviGetVisualInfo, (5) XShapeGetRectangles, and (6) XSyncListSystemCounters functions. 51595 </description> 51596 </metadata> 51597 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 51598 <criteria operator="AND"> 51599 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51600 <criteria operator="OR"> 51601 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 51602 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 51603 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 51604 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 51605 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 51606 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 51607 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 51608 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 51609 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 51610 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 51611 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 51612 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 51613 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 51614 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 51615 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 51616 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 51617 </criteria> 51618 </criteria> 51619 </definition> 51620 <definition id="oval:org.opensuse.security:def:20131983" version="1" class="vulnerability"> 51621 <metadata> 51622 <title>CVE-2013-1983</title> 51623 <affected family="unix"> 51624 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51625 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51626 </affected> 51627 <reference ref_id="CVE-2013-1983" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1983" source="CVE"/> 51628 <description> 51629 Integer overflow in X.org libXfixes 5.0 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XFixesGetCursorImage function. 51630 </description> 51631 </metadata> 51632 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 51633 <criteria operator="AND"> 51634 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51635 <criteria operator="OR"> 51636 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 51637 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 51638 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 51639 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 51640 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 51641 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 51642 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 51643 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 51644 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 51645 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 51646 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 51647 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 51648 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 51649 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 51650 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 51651 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 51652 </criteria> 51653 </criteria> 51654 </definition> 51655 <definition id="oval:org.opensuse.security:def:20131984" version="1" class="vulnerability"> 51656 <metadata> 51657 <title>CVE-2013-1984</title> 51658 <affected family="unix"> 51659 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51660 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51661 </affected> 51662 <reference ref_id="CVE-2013-1984" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1984" source="CVE"/> 51663 <description> 51664 Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions. 51665 </description> 51666 </metadata> 51667 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 51668 <criteria operator="AND"> 51669 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51670 <criteria operator="OR"> 51671 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 51672 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 51673 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 51674 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 51675 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 51676 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 51677 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 51678 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 51679 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 51680 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 51681 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 51682 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 51683 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 51684 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 51685 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 51686 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 51687 </criteria> 51688 </criteria> 51689 </definition> 51690 <definition id="oval:org.opensuse.security:def:20131985" version="1" class="vulnerability"> 51691 <metadata> 51692 <title>CVE-2013-1985</title> 51693 <affected family="unix"> 51694 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51695 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51696 </affected> 51697 <reference ref_id="CVE-2013-1985" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1985" source="CVE"/> 51698 <description> 51699 Integer overflow in X.org libXinerama 1.1.2 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XineramaQueryScreens function. 51700 </description> 51701 </metadata> 51702 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 51703 <criteria operator="AND"> 51704 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51705 <criteria operator="OR"> 51706 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 51707 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 51708 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 51709 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 51710 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 51711 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 51712 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 51713 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 51714 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 51715 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 51716 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 51717 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 51718 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 51719 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 51720 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 51721 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 51722 </criteria> 51723 </criteria> 51724 </definition> 51725 <definition id="oval:org.opensuse.security:def:20131987" version="1" class="vulnerability"> 51726 <metadata> 51727 <title>CVE-2013-1987</title> 51728 <affected family="unix"> 51729 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51730 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51731 </affected> 51732 <reference ref_id="CVE-2013-1987" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1987" source="CVE"/> 51733 <description> 51734 Multiple integer overflows in X.org libXrender 0.9.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRenderQueryFilters, (2) XRenderQueryFormats, and (3) XRenderQueryPictIndexValues functions. 51735 </description> 51736 </metadata> 51737 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 51738 <criteria operator="AND"> 51739 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51740 <criteria operator="OR"> 51741 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 51742 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 51743 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 51744 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 51745 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 51746 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 51747 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 51748 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 51749 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 51750 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 51751 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 51752 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 51753 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 51754 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 51755 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 51756 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 51757 </criteria> 51758 </criteria> 51759 </definition> 51760 <definition id="oval:org.opensuse.security:def:20131988" version="1" class="vulnerability"> 51761 <metadata> 51762 <title>CVE-2013-1988</title> 51763 <affected family="unix"> 51764 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51765 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51766 </affected> 51767 <reference ref_id="CVE-2013-1988" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1988" source="CVE"/> 51768 <description> 51769 Multiple integer overflows in X.org libXRes 1.0.6 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XResQueryClients and (2) XResQueryClientResources functions. 51770 </description> 51771 </metadata> 51772 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 51773 <criteria operator="AND"> 51774 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51775 <criteria operator="OR"> 51776 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 51777 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 51778 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 51779 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 51780 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 51781 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 51782 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 51783 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 51784 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 51785 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 51786 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 51787 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 51788 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 51789 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 51790 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 51791 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 51792 </criteria> 51793 </criteria> 51794 </definition> 51795 <definition id="oval:org.opensuse.security:def:20131989" version="1" class="vulnerability"> 51796 <metadata> 51797 <title>CVE-2013-1989</title> 51798 <affected family="unix"> 51799 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51800 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51801 </affected> 51802 <reference ref_id="CVE-2013-1989" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1989" source="CVE"/> 51803 <description> 51804 Multiple integer overflows in X.org libXv 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XvQueryPortAttributes, (2) XvListImageFormats, and (3) XvCreateImage function. 51805 </description> 51806 </metadata> 51807 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 51808 <criteria operator="AND"> 51809 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51810 <criteria operator="OR"> 51811 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 51812 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 51813 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 51814 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 51815 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 51816 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 51817 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 51818 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 51819 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 51820 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 51821 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 51822 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 51823 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 51824 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 51825 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 51826 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 51827 </criteria> 51828 </criteria> 51829 </definition> 51830 <definition id="oval:org.opensuse.security:def:20131990" version="1" class="vulnerability"> 51831 <metadata> 51832 <title>CVE-2013-1990</title> 51833 <affected family="unix"> 51834 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51835 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51836 </affected> 51837 <reference ref_id="CVE-2013-1990" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1990" source="CVE"/> 51838 <description> 51839 Multiple integer overflows in X.org libXvMC 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XvMCListSurfaceTypes and (2) XvMCListSubpictureTypes functions. 51840 </description> 51841 </metadata> 51842 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 51843 <criteria operator="AND"> 51844 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51845 <criteria operator="OR"> 51846 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 51847 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 51848 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 51849 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 51850 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 51851 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 51852 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 51853 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 51854 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 51855 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 51856 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 51857 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 51858 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 51859 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 51860 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 51861 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 51862 </criteria> 51863 </criteria> 51864 </definition> 51865 <definition id="oval:org.opensuse.security:def:20131991" version="1" class="vulnerability"> 51866 <metadata> 51867 <title>CVE-2013-1991</title> 51868 <affected family="unix"> 51869 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51870 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51871 </affected> 51872 <reference ref_id="CVE-2013-1991" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1991" source="CVE"/> 51873 <description> 51874 Multiple integer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XDGAQueryModes and (2) XDGASetMode functions. 51875 </description> 51876 </metadata> 51877 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 51878 <criteria operator="AND"> 51879 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51880 <criteria operator="OR"> 51881 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 51882 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 51883 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 51884 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 51885 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 51886 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 51887 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 51888 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 51889 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 51890 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 51891 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 51892 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 51893 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 51894 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 51895 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 51896 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 51897 </criteria> 51898 </criteria> 51899 </definition> 51900 <definition id="oval:org.opensuse.security:def:20131992" version="1" class="vulnerability"> 51901 <metadata> 51902 <title>CVE-2013-1992</title> 51903 <affected family="unix"> 51904 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51905 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51906 </affected> 51907 <reference ref_id="CVE-2013-1992" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1992" source="CVE"/> 51908 <description> 51909 Multiple integer overflows in X.org libdmx 1.1.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) DMXGetScreenAttributes, (2) DMXGetWindowAttributes, and (3) DMXGetInputAttributes functions. 51910 </description> 51911 </metadata> 51912 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 51913 <criteria operator="AND"> 51914 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51915 <criteria operator="OR"> 51916 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 51917 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 51918 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 51919 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 51920 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 51921 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 51922 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 51923 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 51924 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 51925 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 51926 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 51927 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 51928 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 51929 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 51930 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 51931 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 51932 </criteria> 51933 </criteria> 51934 </definition> 51935 <definition id="oval:org.opensuse.security:def:20131993" version="1" class="vulnerability"> 51936 <metadata> 51937 <title>CVE-2013-1993</title> 51938 <affected family="unix"> 51939 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51940 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51941 </affected> 51942 <reference ref_id="CVE-2013-1993" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1993" source="CVE"/> 51943 <description> 51944 Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XF86DRIOpenConnection and (2) XF86DRIGetClientDriverName functions. 51945 </description> 51946 </metadata> 51947 <!-- ead44002505a3c1d8f81d2f879ef6d0c --> 51948 <criteria operator="AND"> 51949 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51950 <criteria operator="OR"> 51951 <criterion test_ref="oval:org.opensuse.security:tst:2009077599" comment="Mesa-32bit less than 6.4.2-19.20.2"/> 51952 <criterion test_ref="oval:org.opensuse.security:tst:2009077600" comment="Mesa-devel-32bit less than 6.4.2-19.20.2"/> 51953 <criterion test_ref="oval:org.opensuse.security:tst:2009077601" comment="Mesa-devel less than 6.4.2-19.20.2"/> 51954 <criterion test_ref="oval:org.opensuse.security:tst:2009077602" comment="Mesa less than 6.4.2-19.20.2"/> 51955 </criteria> 51956 </criteria> 51957 </definition> 51958 <definition id="oval:org.opensuse.security:def:20131995" version="1" class="vulnerability"> 51959 <metadata> 51960 <title>CVE-2013-1995</title> 51961 <affected family="unix"> 51962 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51963 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51964 </affected> 51965 <reference ref_id="CVE-2013-1995" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1995" source="CVE"/> 51966 <description> 51967 X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function. 51968 </description> 51969 </metadata> 51970 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 51971 <criteria operator="AND"> 51972 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 51973 <criteria operator="OR"> 51974 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 51975 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 51976 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 51977 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 51978 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 51979 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 51980 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 51981 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 51982 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 51983 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 51984 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 51985 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 51986 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 51987 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 51988 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 51989 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 51990 </criteria> 51991 </criteria> 51992 </definition> 51993 <definition id="oval:org.opensuse.security:def:20131996" version="1" class="vulnerability"> 51994 <metadata> 51995 <title>CVE-2013-1996</title> 51996 <affected family="unix"> 51997 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 51998 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 51999 </affected> 52000 <reference ref_id="CVE-2013-1996" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1996" source="CVE"/> 52001 <description> 52002 X.org libFS 1.0.4 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the FSOpenServer function. 52003 </description> 52004 </metadata> 52005 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 52006 <criteria operator="AND"> 52007 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52008 <criteria operator="OR"> 52009 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 52010 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 52011 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 52012 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 52013 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 52014 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 52015 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 52016 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 52017 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 52018 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 52019 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 52020 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 52021 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 52022 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 52023 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 52024 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 52025 </criteria> 52026 </criteria> 52027 </definition> 52028 <definition id="oval:org.opensuse.security:def:20131997" version="1" class="vulnerability"> 52029 <metadata> 52030 <title>CVE-2013-1997</title> 52031 <affected family="unix"> 52032 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52033 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52034 </affected> 52035 <reference ref_id="CVE-2013-1997" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1997" source="CVE"/> 52036 <description> 52037 Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply, (13) _XimXGetReadData, (14) XListFonts, (15) XListExtensions, and (16) XGetFontPath functions. 52038 </description> 52039 </metadata> 52040 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 52041 <criteria operator="AND"> 52042 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52043 <criteria operator="OR"> 52044 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 52045 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 52046 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 52047 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 52048 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 52049 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 52050 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 52051 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 52052 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 52053 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 52054 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 52055 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 52056 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 52057 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 52058 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 52059 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 52060 </criteria> 52061 </criteria> 52062 </definition> 52063 <definition id="oval:org.opensuse.security:def:20131998" version="1" class="vulnerability"> 52064 <metadata> 52065 <title>CVE-2013-1998</title> 52066 <affected family="unix"> 52067 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52068 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52069 </affected> 52070 <reference ref_id="CVE-2013-1998" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1998" source="CVE"/> 52071 <description> 52072 Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions. 52073 </description> 52074 </metadata> 52075 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 52076 <criteria operator="AND"> 52077 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52078 <criteria operator="OR"> 52079 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 52080 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 52081 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 52082 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 52083 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 52084 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 52085 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 52086 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 52087 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 52088 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 52089 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 52090 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 52091 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 52092 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 52093 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 52094 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 52095 </criteria> 52096 </criteria> 52097 </definition> 52098 <definition id="oval:org.opensuse.security:def:20131999" version="1" class="vulnerability"> 52099 <metadata> 52100 <title>CVE-2013-1999</title> 52101 <affected family="unix"> 52102 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52103 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52104 </affected> 52105 <reference ref_id="CVE-2013-1999" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1999" source="CVE"/> 52106 <description> 52107 Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function. 52108 </description> 52109 </metadata> 52110 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 52111 <criteria operator="AND"> 52112 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52113 <criteria operator="OR"> 52114 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 52115 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 52116 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 52117 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 52118 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 52119 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 52120 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 52121 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 52122 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 52123 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 52124 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 52125 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 52126 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 52127 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 52128 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 52129 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 52130 </criteria> 52131 </criteria> 52132 </definition> 52133 <definition id="oval:org.opensuse.security:def:20132000" version="1" class="vulnerability"> 52134 <metadata> 52135 <title>CVE-2013-2000</title> 52136 <affected family="unix"> 52137 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52138 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52139 </affected> 52140 <reference ref_id="CVE-2013-2000" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2000" source="CVE"/> 52141 <description> 52142 Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XDGAQueryModes and (2) XDGASetMode functions. 52143 </description> 52144 </metadata> 52145 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 52146 <criteria operator="AND"> 52147 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52148 <criteria operator="OR"> 52149 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 52150 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 52151 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 52152 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 52153 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 52154 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 52155 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 52156 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 52157 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 52158 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 52159 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 52160 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 52161 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 52162 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 52163 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 52164 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 52165 </criteria> 52166 </criteria> 52167 </definition> 52168 <definition id="oval:org.opensuse.security:def:20132001" version="1" class="vulnerability"> 52169 <metadata> 52170 <title>CVE-2013-2001</title> 52171 <affected family="unix"> 52172 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52173 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52174 </affected> 52175 <reference ref_id="CVE-2013-2001" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2001" source="CVE"/> 52176 <description> 52177 Buffer overflow in X.org libXxf86vm 1.1.2 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XF86VidModeGetGammaRamp function. 52178 </description> 52179 </metadata> 52180 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 52181 <criteria operator="AND"> 52182 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52183 <criteria operator="OR"> 52184 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 52185 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 52186 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 52187 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 52188 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 52189 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 52190 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 52191 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 52192 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 52193 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 52194 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 52195 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 52196 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 52197 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 52198 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 52199 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 52200 </criteria> 52201 </criteria> 52202 </definition> 52203 <definition id="oval:org.opensuse.security:def:20132002" version="1" class="vulnerability"> 52204 <metadata> 52205 <title>CVE-2013-2002</title> 52206 <affected family="unix"> 52207 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52208 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52209 </affected> 52210 <reference ref_id="CVE-2013-2002" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2002" source="CVE"/> 52211 <description> 52212 Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the _XtResourceConfigurationEH function. 52213 </description> 52214 </metadata> 52215 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 52216 <criteria operator="AND"> 52217 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52218 <criteria operator="OR"> 52219 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 52220 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 52221 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 52222 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 52223 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 52224 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 52225 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 52226 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 52227 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 52228 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 52229 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 52230 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 52231 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 52232 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 52233 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 52234 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 52235 </criteria> 52236 </criteria> 52237 </definition> 52238 <definition id="oval:org.opensuse.security:def:20132003" version="1" class="vulnerability"> 52239 <metadata> 52240 <title>CVE-2013-2003</title> 52241 <affected family="unix"> 52242 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52243 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52244 </affected> 52245 <reference ref_id="CVE-2013-2003" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2003" source="CVE"/> 52246 <description> 52247 Integer overflow in X.org libXcursor 1.1.13 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the _XcursorFileHeaderCreate function. 52248 </description> 52249 </metadata> 52250 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 52251 <criteria operator="AND"> 52252 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52253 <criteria operator="OR"> 52254 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 52255 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 52256 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 52257 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 52258 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 52259 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 52260 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 52261 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 52262 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 52263 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 52264 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 52265 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 52266 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 52267 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 52268 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 52269 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 52270 </criteria> 52271 </criteria> 52272 </definition> 52273 <definition id="oval:org.opensuse.security:def:20132004" version="1" class="vulnerability"> 52274 <metadata> 52275 <title>CVE-2013-2004</title> 52276 <affected family="unix"> 52277 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52278 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52279 </affected> 52280 <reference ref_id="CVE-2013-2004" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2004" source="CVE"/> 52281 <description> 52282 The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file. 52283 </description> 52284 </metadata> 52285 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 52286 <criteria operator="AND"> 52287 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52288 <criteria operator="OR"> 52289 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 52290 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 52291 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 52292 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 52293 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 52294 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 52295 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 52296 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 52297 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 52298 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 52299 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 52300 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 52301 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 52302 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 52303 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 52304 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 52305 </criteria> 52306 </criteria> 52307 </definition> 52308 <definition id="oval:org.opensuse.security:def:20132005" version="1" class="vulnerability"> 52309 <metadata> 52310 <title>CVE-2013-2005</title> 52311 <affected family="unix"> 52312 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52313 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52314 </affected> 52315 <reference ref_id="CVE-2013-2005" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2005" source="CVE"/> 52316 <description> 52317 X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions. 52318 </description> 52319 </metadata> 52320 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 52321 <criteria operator="AND"> 52322 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52323 <criteria operator="OR"> 52324 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 52325 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 52326 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 52327 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 52328 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 52329 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 52330 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 52331 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 52332 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 52333 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 52334 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 52335 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 52336 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 52337 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 52338 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 52339 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 52340 </criteria> 52341 </criteria> 52342 </definition> 52343 <definition id="oval:org.opensuse.security:def:20132020" version="1" class="vulnerability"> 52344 <metadata> 52345 <title>CVE-2013-2020</title> 52346 <affected family="unix"> 52347 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52348 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52349 </affected> 52350 <reference ref_id="CVE-2013-2020" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2020" source="CVE"/> 52351 <description> 52352 Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read. 52353 </description> 52354 </metadata> 52355 <!-- 9d302ad645143524072bb084bf9f2ded --> 52356 <criteria operator="AND"> 52357 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52358 <criterion test_ref="oval:org.opensuse.security:tst:2009077457" comment="clamav less than 0.97.8-0.5.1"/> 52359 </criteria> 52360 </definition> 52361 <definition id="oval:org.opensuse.security:def:20132021" version="1" class="vulnerability"> 52362 <metadata> 52363 <title>CVE-2013-2021</title> 52364 <affected family="unix"> 52365 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52366 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52367 </affected> 52368 <reference ref_id="CVE-2013-2021" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2021" source="CVE"/> 52369 <description> 52370 pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file. 52371 </description> 52372 </metadata> 52373 <!-- 9d302ad645143524072bb084bf9f2ded --> 52374 <criteria operator="AND"> 52375 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52376 <criterion test_ref="oval:org.opensuse.security:tst:2009077457" comment="clamav less than 0.97.8-0.5.1"/> 52377 </criteria> 52378 </definition> 52379 <definition id="oval:org.opensuse.security:def:20132053" version="1" class="vulnerability"> 52380 <metadata> 52381 <title>CVE-2013-2053</title> 52382 <affected family="unix"> 52383 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52384 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52385 </affected> 52386 <reference ref_id="CVE-2013-2053" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2053" source="CVE"/> 52387 <description> 52388 Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2052 and CVE-2013-2054. 52389 </description> 52390 </metadata> 52391 <!-- 4e623ae4a993ce51b1b6b7d9b96ebcb5 --> 52392 <criteria operator="AND"> 52393 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52394 <criterion test_ref="oval:org.opensuse.security:tst:2009077539" comment="openswan less than 2.4.4-18.21.1"/> 52395 </criteria> 52396 </definition> 52397 <definition id="oval:org.opensuse.security:def:20132062" version="1" class="vulnerability"> 52398 <metadata> 52399 <title>CVE-2013-2062</title> 52400 <affected family="unix"> 52401 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52402 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52403 </affected> 52404 <reference ref_id="CVE-2013-2062" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2062" source="CVE"/> 52405 <description> 52406 Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XpGetAttributes, (2) XpGetOneAttribute, (3) XpGetPrinterList, and (4) XpQueryScreens functions. 52407 </description> 52408 </metadata> 52409 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 52410 <criteria operator="AND"> 52411 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52412 <criteria operator="OR"> 52413 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 52414 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 52415 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 52416 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 52417 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 52418 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 52419 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 52420 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 52421 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 52422 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 52423 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 52424 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 52425 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 52426 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 52427 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 52428 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 52429 </criteria> 52430 </criteria> 52431 </definition> 52432 <definition id="oval:org.opensuse.security:def:20132063" version="1" class="vulnerability"> 52433 <metadata> 52434 <title>CVE-2013-2063</title> 52435 <affected family="unix"> 52436 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52437 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52438 </affected> 52439 <reference ref_id="CVE-2013-2063" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2063" source="CVE"/> 52440 <description> 52441 Integer overflow in X.org libXtst 1.2.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XRecordGetContext function. 52442 </description> 52443 </metadata> 52444 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 52445 <criteria operator="AND"> 52446 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52447 <criteria operator="OR"> 52448 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 52449 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 52450 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 52451 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 52452 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 52453 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 52454 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 52455 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 52456 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 52457 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 52458 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 52459 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 52460 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 52461 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 52462 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 52463 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 52464 </criteria> 52465 </criteria> 52466 </definition> 52467 <definition id="oval:org.opensuse.security:def:20132066" version="1" class="vulnerability"> 52468 <metadata> 52469 <title>CVE-2013-2066</title> 52470 <affected family="unix"> 52471 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52472 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52473 </affected> 52474 <reference ref_id="CVE-2013-2066" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2066" source="CVE"/> 52475 <description> 52476 Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvQueryPortAttributes function. 52477 </description> 52478 </metadata> 52479 <!-- 0d0adbe855f0a576da72ba4a295c3364 --> 52480 <criteria operator="AND"> 52481 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52482 <criteria operator="OR"> 52483 <criterion test_ref="oval:org.opensuse.security:tst:2009077583" comment="xorg-x11-Xnest less than 6.9.0-50.84.4"/> 52484 <criterion test_ref="oval:org.opensuse.security:tst:2009077584" comment="xorg-x11-Xvfb less than 6.9.0-50.84.4"/> 52485 <criterion test_ref="oval:org.opensuse.security:tst:2009077585" comment="xorg-x11-Xvnc less than 6.9.0-50.84.4"/> 52486 <criterion test_ref="oval:org.opensuse.security:tst:2009077586" comment="xorg-x11-devel-32bit less than 6.9.0-50.84.4"/> 52487 <criterion test_ref="oval:org.opensuse.security:tst:2009077587" comment="xorg-x11-devel less than 6.9.0-50.84.4"/> 52488 <criterion test_ref="oval:org.opensuse.security:tst:2009077588" comment="xorg-x11-fonts-100dpi less than 6.9.0-50.84.4"/> 52489 <criterion test_ref="oval:org.opensuse.security:tst:2009077589" comment="xorg-x11-fonts-75dpi less than 6.9.0-50.84.4"/> 52490 <criterion test_ref="oval:org.opensuse.security:tst:2009077590" comment="xorg-x11-fonts-cyrillic less than 6.9.0-50.84.4"/> 52491 <criterion test_ref="oval:org.opensuse.security:tst:2009077591" comment="xorg-x11-fonts-scalable less than 6.9.0-50.84.4"/> 52492 <criterion test_ref="oval:org.opensuse.security:tst:2009077592" comment="xorg-x11-fonts-syriac less than 6.9.0-50.84.4"/> 52493 <criterion test_ref="oval:org.opensuse.security:tst:2009077593" comment="xorg-x11-libs-32bit less than 6.9.0-50.84.4"/> 52494 <criterion test_ref="oval:org.opensuse.security:tst:2009077594" comment="xorg-x11-libs less than 6.9.0-50.84.4"/> 52495 <criterion test_ref="oval:org.opensuse.security:tst:2009077595" comment="xorg-x11-man less than 6.9.0-50.84.4"/> 52496 <criterion test_ref="oval:org.opensuse.security:tst:2009077596" comment="xorg-x11-server-glx less than 6.9.0-50.84.4"/> 52497 <criterion test_ref="oval:org.opensuse.security:tst:2009077597" comment="xorg-x11-server less than 6.9.0-50.84.4"/> 52498 <criterion test_ref="oval:org.opensuse.security:tst:2009077598" comment="xorg-x11 less than 6.9.0-50.84.4"/> 52499 </criteria> 52500 </criteria> 52501 </definition> 52502 <definition id="oval:org.opensuse.security:def:20132112" version="1" class="vulnerability"> 52503 <metadata> 52504 <title>CVE-2013-2112</title> 52505 <affected family="unix"> 52506 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52507 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52508 </affected> 52509 <reference ref_id="CVE-2013-2112" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2112" source="CVE"/> 52510 <description> 52511 The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection. 52512 </description> 52513 </metadata> 52514 <!-- 64648aca6f33898d15cd8c0c4956232f --> 52515 <criteria operator="AND"> 52516 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52517 <criteria operator="OR"> 52518 <criterion test_ref="oval:org.opensuse.security:tst:2009077646" comment="subversion-devel less than 1.3.1-1.24.1"/> 52519 <criterion test_ref="oval:org.opensuse.security:tst:2009077647" comment="subversion less than 1.3.1-1.24.1"/> 52520 </criteria> 52521 </criteria> 52522 </definition> 52523 <definition id="oval:org.opensuse.security:def:20132116" version="1" class="vulnerability"> 52524 <metadata> 52525 <title>CVE-2013-2116</title> 52526 <affected family="unix"> 52527 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52528 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52529 </affected> 52530 <reference ref_id="CVE-2013-2116" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2116" source="CVE"/> 52531 <description> 52532 The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service (buffer over-read and crash) via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169. 52533 </description> 52534 </metadata> 52535 <!-- c39cabef26db30df30eff8a1bbef4088 --> 52536 <criteria operator="AND"> 52537 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52538 <criteria operator="OR"> 52539 <criterion test_ref="oval:org.opensuse.security:tst:2009077458" comment="gnutls-32bit less than 1.2.10-13.36.1"/> 52540 <criterion test_ref="oval:org.opensuse.security:tst:2009077459" comment="gnutls-devel-32bit less than 1.2.10-13.36.1"/> 52541 <criterion test_ref="oval:org.opensuse.security:tst:2009077460" comment="gnutls-devel less than 1.2.10-13.36.1"/> 52542 <criterion test_ref="oval:org.opensuse.security:tst:2009077461" comment="gnutls less than 1.2.10-13.36.1"/> 52543 </criteria> 52544 </criteria> 52545 </definition> 52546 <definition id="oval:org.opensuse.security:def:20132174" version="1" class="vulnerability"> 52547 <metadata> 52548 <title>CVE-2013-2174</title> 52549 <affected family="unix"> 52550 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52551 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52552 </affected> 52553 <reference ref_id="CVE-2013-2174" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174" source="CVE"/> 52554 <description> 52555 Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a "%" (percent) character. 52556 </description> 52557 </metadata> 52558 <criteria operator="OR"> 52559 <!-- 08501b52d2872aa5cb15654bf0e2cc4b --> 52560 <criteria operator="AND"> 52561 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52562 <criteria operator="OR"> 52563 <criterion test_ref="oval:org.opensuse.security:tst:2009077558" comment="compat-curl2-32bit less than 7.11.0-20.11.1"/> 52564 <criterion test_ref="oval:org.opensuse.security:tst:2009077559" comment="compat-curl2 less than 7.11.0-20.11.1"/> 52565 </criteria> 52566 </criteria> 52567 <!-- 36472a9fc55e64701eef885c5ac34ebd --> 52568 <criteria operator="AND"> 52569 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52570 <criteria operator="OR"> 52571 <criterion test_ref="oval:org.opensuse.security:tst:2009077572" comment="curl-32bit less than 7.15.1-19.30.1"/> 52572 <criterion test_ref="oval:org.opensuse.security:tst:2009077573" comment="curl-devel less than 7.15.1-19.30.1"/> 52573 <criterion test_ref="oval:org.opensuse.security:tst:2009077574" comment="curl less than 7.15.1-19.30.1"/> 52574 </criteria> 52575 </criteria> 52576 <!-- e3950ab87a0b449a0d3d8313b4086042 --> 52577 <criteria operator="AND"> 52578 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52579 <criteria operator="OR"> 52580 <criterion test_ref="oval:org.opensuse.security:tst:2009077556" comment="libcurl4-32bit less than 7.19.0-11.6.1"/> 52581 <criterion test_ref="oval:org.opensuse.security:tst:2009077557" comment="libcurl4 less than 7.19.0-11.6.1"/> 52582 </criteria> 52583 </criteria> 52584 </criteria> 52585 </definition> 52586 <definition id="oval:org.opensuse.security:def:20132383" version="1" class="vulnerability"> 52587 <metadata> 52588 <title>CVE-2013-2383</title> 52589 <affected family="unix"> 52590 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52591 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52592 </affected> 52593 <reference ref_id="CVE-2013-2383" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" source="CVE"/> 52594 <description> 52595 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "handling of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2. 52596 </description> 52597 </metadata> 52598 <!-- a36ba08c692a30308a29e6242e31eea2 --> 52599 <criteria operator="AND"> 52600 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52601 <criteria operator="OR"> 52602 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 52603 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 52604 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 52605 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 52606 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 52607 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 52608 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 52609 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 52610 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 52611 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 52612 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 52613 </criteria> 52614 </criteria> 52615 </definition> 52616 <definition id="oval:org.opensuse.security:def:20132384" version="1" class="vulnerability"> 52617 <metadata> 52618 <title>CVE-2013-2384</title> 52619 <affected family="unix"> 52620 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52621 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52622 </affected> 52623 <reference ref_id="CVE-2013-2384" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" source="CVE"/> 52624 <description> 52625 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2383, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font layout" in the International Components for Unicode (ICU) Layout Engine before 51.2. 52626 </description> 52627 </metadata> 52628 <!-- a36ba08c692a30308a29e6242e31eea2 --> 52629 <criteria operator="AND"> 52630 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52631 <criteria operator="OR"> 52632 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 52633 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 52634 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 52635 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 52636 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 52637 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 52638 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 52639 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 52640 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 52641 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 52642 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 52643 </criteria> 52644 </criteria> 52645 </definition> 52646 <definition id="oval:org.opensuse.security:def:20132394" version="1" class="vulnerability"> 52647 <metadata> 52648 <title>CVE-2013-2394</title> 52649 <affected family="unix"> 52650 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52651 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52652 </affected> 52653 <reference ref_id="CVE-2013-2394" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2394" source="CVE"/> 52654 <description> 52655 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2432 and CVE-2013-1491. 52656 </description> 52657 </metadata> 52658 <!-- a36ba08c692a30308a29e6242e31eea2 --> 52659 <criteria operator="AND"> 52660 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52661 <criteria operator="OR"> 52662 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 52663 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 52664 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 52665 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 52666 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 52667 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 52668 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 52669 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 52670 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 52671 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 52672 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 52673 </criteria> 52674 </criteria> 52675 </definition> 52676 <definition id="oval:org.opensuse.security:def:20132417" version="1" class="vulnerability"> 52677 <metadata> 52678 <title>CVE-2013-2417</title> 52679 <affected family="unix"> 52680 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52681 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52682 </affected> 52683 <reference ref_id="CVE-2013-2417" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2417" source="CVE"/> 52684 <description> 52685 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to Networking. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an information leak involving InetAddress serialization. CVE has not investigated the apparent discrepancy between vendor reports regarding the impact of this issue. 52686 </description> 52687 </metadata> 52688 <!-- a36ba08c692a30308a29e6242e31eea2 --> 52689 <criteria operator="AND"> 52690 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52691 <criteria operator="OR"> 52692 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 52693 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 52694 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 52695 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 52696 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 52697 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 52698 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 52699 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 52700 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 52701 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 52702 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 52703 </criteria> 52704 </criteria> 52705 </definition> 52706 <definition id="oval:org.opensuse.security:def:20132418" version="1" class="vulnerability"> 52707 <metadata> 52708 <title>CVE-2013-2418</title> 52709 <affected family="unix"> 52710 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52711 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52712 </affected> 52713 <reference ref_id="CVE-2013-2418" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2418" source="CVE"/> 52714 <description> 52715 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. 52716 </description> 52717 </metadata> 52718 <!-- a36ba08c692a30308a29e6242e31eea2 --> 52719 <criteria operator="AND"> 52720 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52721 <criteria operator="OR"> 52722 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 52723 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 52724 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 52725 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 52726 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 52727 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 52728 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 52729 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 52730 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 52731 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 52732 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 52733 </criteria> 52734 </criteria> 52735 </definition> 52736 <definition id="oval:org.opensuse.security:def:20132419" version="1" class="vulnerability"> 52737 <metadata> 52738 <title>CVE-2013-2419</title> 52739 <affected family="unix"> 52740 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52741 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52742 </affected> 52743 <reference ref_id="CVE-2013-2419" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" source="CVE"/> 52744 <description> 52745 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font processing errors" in the International Components for Unicode (ICU) Layout Engine before 51.2. 52746 </description> 52747 </metadata> 52748 <!-- a36ba08c692a30308a29e6242e31eea2 --> 52749 <criteria operator="AND"> 52750 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52751 <criteria operator="OR"> 52752 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 52753 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 52754 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 52755 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 52756 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 52757 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 52758 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 52759 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 52760 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 52761 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 52762 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 52763 </criteria> 52764 </criteria> 52765 </definition> 52766 <definition id="oval:org.opensuse.security:def:20132420" version="1" class="vulnerability"> 52767 <metadata> 52768 <title>CVE-2013-2420</title> 52769 <affected family="unix"> 52770 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52771 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52772 </affected> 52773 <reference ref_id="CVE-2013-2420" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2420" source="CVE"/> 52774 <description> 52775 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient "validation of images" in share/native/sun/awt/image/awt_ImageRep.c, possibly involving offsets. 52776 </description> 52777 </metadata> 52778 <!-- a36ba08c692a30308a29e6242e31eea2 --> 52779 <criteria operator="AND"> 52780 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52781 <criteria operator="OR"> 52782 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 52783 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 52784 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 52785 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 52786 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 52787 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 52788 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 52789 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 52790 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 52791 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 52792 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 52793 </criteria> 52794 </criteria> 52795 </definition> 52796 <definition id="oval:org.opensuse.security:def:20132422" version="1" class="vulnerability"> 52797 <metadata> 52798 <title>CVE-2013-2422</title> 52799 <affected family="unix"> 52800 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52801 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52802 </affected> 52803 <reference ref_id="CVE-2013-2422" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2422" source="CVE"/> 52804 <description> 52805 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper method-invocation restrictions by the MethodUtil trampoline class, which allows remote attackers to bypass the Java sandbox. 52806 </description> 52807 </metadata> 52808 <!-- a36ba08c692a30308a29e6242e31eea2 --> 52809 <criteria operator="AND"> 52810 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52811 <criteria operator="OR"> 52812 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 52813 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 52814 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 52815 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 52816 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 52817 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 52818 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 52819 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 52820 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 52821 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 52822 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 52823 </criteria> 52824 </criteria> 52825 </definition> 52826 <definition id="oval:org.opensuse.security:def:20132424" version="1" class="vulnerability"> 52827 <metadata> 52828 <title>CVE-2013-2424</title> 52829 <affected family="unix"> 52830 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52831 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52832 </affected> 52833 <reference ref_id="CVE-2013-2424" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2424" source="CVE"/> 52834 <description> 52835 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality via vectors related to JMX. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient class access checks" when "creating new instances" using MBeanInstantiator. 52836 </description> 52837 </metadata> 52838 <!-- a36ba08c692a30308a29e6242e31eea2 --> 52839 <criteria operator="AND"> 52840 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52841 <criteria operator="OR"> 52842 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 52843 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 52844 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 52845 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 52846 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 52847 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 52848 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 52849 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 52850 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 52851 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 52852 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 52853 </criteria> 52854 </criteria> 52855 </definition> 52856 <definition id="oval:org.opensuse.security:def:20132429" version="1" class="vulnerability"> 52857 <metadata> 52858 <title>CVE-2013-2429</title> 52859 <affected family="unix"> 52860 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52861 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52862 </affected> 52863 <reference ref_id="CVE-2013-2429" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2429" source="CVE"/> 52864 <description> 52865 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageWriter state corruption" when using native code, which triggers memory corruption. 52866 </description> 52867 </metadata> 52868 <!-- a36ba08c692a30308a29e6242e31eea2 --> 52869 <criteria operator="AND"> 52870 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52871 <criteria operator="OR"> 52872 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 52873 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 52874 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 52875 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 52876 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 52877 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 52878 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 52879 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 52880 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 52881 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 52882 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 52883 </criteria> 52884 </criteria> 52885 </definition> 52886 <definition id="oval:org.opensuse.security:def:20132430" version="1" class="vulnerability"> 52887 <metadata> 52888 <title>CVE-2013-2430</title> 52889 <affected family="unix"> 52890 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52891 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52892 </affected> 52893 <reference ref_id="CVE-2013-2430" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2430" source="CVE"/> 52894 <description> 52895 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageReader state corruption" when using native code. 52896 </description> 52897 </metadata> 52898 <!-- a36ba08c692a30308a29e6242e31eea2 --> 52899 <criteria operator="AND"> 52900 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52901 <criteria operator="OR"> 52902 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 52903 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 52904 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 52905 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 52906 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 52907 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 52908 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 52909 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 52910 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 52911 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 52912 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 52913 </criteria> 52914 </criteria> 52915 </definition> 52916 <definition id="oval:org.opensuse.security:def:20132432" version="1" class="vulnerability"> 52917 <metadata> 52918 <title>CVE-2013-2432</title> 52919 <affected family="unix"> 52920 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52921 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52922 </affected> 52923 <reference ref_id="CVE-2013-2432" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2432" source="CVE"/> 52924 <description> 52925 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2394 and CVE-2013-1491. 52926 </description> 52927 </metadata> 52928 <!-- a36ba08c692a30308a29e6242e31eea2 --> 52929 <criteria operator="AND"> 52930 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52931 <criteria operator="OR"> 52932 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 52933 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 52934 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 52935 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 52936 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 52937 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 52938 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 52939 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 52940 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 52941 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 52942 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 52943 </criteria> 52944 </criteria> 52945 </definition> 52946 <definition id="oval:org.opensuse.security:def:20132433" version="1" class="vulnerability"> 52947 <metadata> 52948 <title>CVE-2013-2433</title> 52949 <affected family="unix"> 52950 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52951 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52952 </affected> 52953 <reference ref_id="CVE-2013-2433" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2433" source="CVE"/> 52954 <description> 52955 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-1540. 52956 </description> 52957 </metadata> 52958 <!-- a36ba08c692a30308a29e6242e31eea2 --> 52959 <criteria operator="AND"> 52960 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52961 <criteria operator="OR"> 52962 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 52963 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 52964 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 52965 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 52966 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 52967 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 52968 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 52969 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 52970 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 52971 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 52972 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 52973 </criteria> 52974 </criteria> 52975 </definition> 52976 <definition id="oval:org.opensuse.security:def:20132435" version="1" class="vulnerability"> 52977 <metadata> 52978 <title>CVE-2013-2435</title> 52979 <affected family="unix"> 52980 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 52981 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 52982 </affected> 52983 <reference ref_id="CVE-2013-2435" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2435" source="CVE"/> 52984 <description> 52985 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2440. 52986 </description> 52987 </metadata> 52988 <!-- a36ba08c692a30308a29e6242e31eea2 --> 52989 <criteria operator="AND"> 52990 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 52991 <criteria operator="OR"> 52992 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 52993 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 52994 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 52995 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 52996 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 52997 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 52998 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 52999 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 53000 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 53001 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 53002 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 53003 </criteria> 53004 </criteria> 53005 </definition> 53006 <definition id="oval:org.opensuse.security:def:20132440" version="1" class="vulnerability"> 53007 <metadata> 53008 <title>CVE-2013-2440</title> 53009 <affected family="unix"> 53010 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53011 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53012 </affected> 53013 <reference ref_id="CVE-2013-2440" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2440" source="CVE"/> 53014 <description> 53015 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435. 53016 </description> 53017 </metadata> 53018 <!-- a36ba08c692a30308a29e6242e31eea2 --> 53019 <criteria operator="AND"> 53020 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53021 <criteria operator="OR"> 53022 <criterion test_ref="oval:org.opensuse.security:tst:2009077398" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.2-0.5.1"/> 53023 <criterion test_ref="oval:org.opensuse.security:tst:2009077399" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.2-0.5.1"/> 53024 <criterion test_ref="oval:org.opensuse.security:tst:2009077400" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.2-0.5.1"/> 53025 <criterion test_ref="oval:org.opensuse.security:tst:2009077401" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.2-0.5.1"/> 53026 <criterion test_ref="oval:org.opensuse.security:tst:2009077402" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.2-0.5.1"/> 53027 <criterion test_ref="oval:org.opensuse.security:tst:2009077403" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.2-0.5.1"/> 53028 <criterion test_ref="oval:org.opensuse.security:tst:2009077404" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.2-0.5.1"/> 53029 <criterion test_ref="oval:org.opensuse.security:tst:2009077405" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.2-0.5.1"/> 53030 <criterion test_ref="oval:org.opensuse.security:tst:2009077406" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.2-0.5.1"/> 53031 <criterion test_ref="oval:org.opensuse.security:tst:2009077407" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.2-0.5.1"/> 53032 <criterion test_ref="oval:org.opensuse.security:tst:2009077408" comment="java-1_5_0-ibm less than 1.5.0_sr16.2-0.5.1"/> 53033 </criteria> 53034 </criteria> 53035 </definition> 53036 <definition id="oval:org.opensuse.security:def:20132443" version="1" class="vulnerability"> 53037 <metadata> 53038 <title>CVE-2013-2443</title> 53039 <affected family="unix"> 53040 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53041 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53042 </affected> 53043 <reference ref_id="CVE-2013-2443" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2443" source="CVE"/> 53044 <description> 53045 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2452 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to an incorrect "checking order" within the AccessControlContext class. 53046 </description> 53047 </metadata> 53048 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53049 <criteria operator="AND"> 53050 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53051 <criteria operator="OR"> 53052 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53053 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53054 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53055 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53056 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53057 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53058 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53059 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53060 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53061 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53062 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53063 </criteria> 53064 </criteria> 53065 </definition> 53066 <definition id="oval:org.opensuse.security:def:20132444" version="1" class="vulnerability"> 53067 <metadata> 53068 <title>CVE-2013-2444</title> 53069 <affected family="unix"> 53070 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53071 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53072 </affected> 53073 <reference ref_id="CVE-2013-2444" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2444" source="CVE"/> 53074 <description> 53075 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not "properly manage and restrict certain resources related to the processing of fonts," possibly involving temporary files. 53076 </description> 53077 </metadata> 53078 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53079 <criteria operator="AND"> 53080 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53081 <criteria operator="OR"> 53082 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53083 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53084 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53085 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53086 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53087 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53088 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53089 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53090 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53091 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53092 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53093 </criteria> 53094 </criteria> 53095 </definition> 53096 <definition id="oval:org.opensuse.security:def:20132446" version="1" class="vulnerability"> 53097 <metadata> 53098 <title>CVE-2013-2446</title> 53099 <affected family="unix"> 53100 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53101 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53102 </affected> 53103 <reference ref_id="CVE-2013-2446" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2446" source="CVE"/> 53104 <description> 53105 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly enforce access restrictions for CORBA output streams. 53106 </description> 53107 </metadata> 53108 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53109 <criteria operator="AND"> 53110 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53111 <criteria operator="OR"> 53112 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53113 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53114 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53115 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53116 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53117 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53118 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53119 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53120 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53121 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53122 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53123 </criteria> 53124 </criteria> 53125 </definition> 53126 <definition id="oval:org.opensuse.security:def:20132447" version="1" class="vulnerability"> 53127 <metadata> 53128 <title>CVE-2013-2447</title> 53129 <affected family="unix"> 53130 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53131 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53132 </affected> 53133 <reference ref_id="CVE-2013-2447" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2447" source="CVE"/> 53134 <description> 53135 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to obtain a socket's local address via vectors involving inconsistencies between Socket.getLocalAddress and InetAddress.getLocalHost. 53136 </description> 53137 </metadata> 53138 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53139 <criteria operator="AND"> 53140 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53141 <criteria operator="OR"> 53142 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53143 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53144 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53145 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53146 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53147 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53148 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53149 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53150 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53151 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53152 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53153 </criteria> 53154 </criteria> 53155 </definition> 53156 <definition id="oval:org.opensuse.security:def:20132448" version="1" class="vulnerability"> 53157 <metadata> 53158 <title>CVE-2013-2448</title> 53159 <affected family="unix"> 53160 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53161 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53162 </affected> 53163 <reference ref_id="CVE-2013-2448" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2448" source="CVE"/> 53164 <description> 53165 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to insufficient "access restrictions" and "robustness of sound classes." 53166 </description> 53167 </metadata> 53168 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53169 <criteria operator="AND"> 53170 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53171 <criteria operator="OR"> 53172 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53173 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53174 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53175 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53176 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53177 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53178 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53179 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53180 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53181 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53182 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53183 </criteria> 53184 </criteria> 53185 </definition> 53186 <definition id="oval:org.opensuse.security:def:20132450" version="1" class="vulnerability"> 53187 <metadata> 53188 <title>CVE-2013-2450</title> 53189 <affected family="unix"> 53190 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53191 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53192 </affected> 53193 <reference ref_id="CVE-2013-2450" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2450" source="CVE"/> 53194 <description> 53195 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper handling of circular references in ObjectStreamClass. 53196 </description> 53197 </metadata> 53198 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53199 <criteria operator="AND"> 53200 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53201 <criteria operator="OR"> 53202 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53203 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53204 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53205 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53206 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53207 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53208 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53209 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53210 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53211 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53212 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53213 </criteria> 53214 </criteria> 53215 </definition> 53216 <definition id="oval:org.opensuse.security:def:20132452" version="1" class="vulnerability"> 53217 <metadata> 53218 <title>CVE-2013-2452</title> 53219 <affected family="unix"> 53220 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53221 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53222 </affected> 53223 <reference ref_id="CVE-2013-2452" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2452" source="CVE"/> 53224 <description> 53225 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "network address handling in virtual machine identifiers" and the lack of "unique and unpredictable IDs" in the java.rmi.dgc.VMID class. 53226 </description> 53227 </metadata> 53228 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53229 <criteria operator="AND"> 53230 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53231 <criteria operator="OR"> 53232 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53233 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53234 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53235 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53236 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53237 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53238 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53239 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53240 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53241 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53242 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53243 </criteria> 53244 </criteria> 53245 </definition> 53246 <definition id="oval:org.opensuse.security:def:20132454" version="1" class="vulnerability"> 53247 <metadata> 53248 <title>CVE-2013-2454</title> 53249 <affected family="unix"> 53250 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53251 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53252 </affected> 53253 <reference ref_id="CVE-2013-2454" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2454" source="CVE"/> 53254 <description> 53255 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via vectors related to JDBC. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly restrict access to certain class packages in the SerialJavaObject class, which allows remote attackers to bypass the Java sandbox. 53256 </description> 53257 </metadata> 53258 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53259 <criteria operator="AND"> 53260 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53261 <criteria operator="OR"> 53262 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53263 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53264 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53265 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53266 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53267 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53268 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53269 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53270 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53271 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53272 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53273 </criteria> 53274 </criteria> 53275 </definition> 53276 <definition id="oval:org.opensuse.security:def:20132455" version="1" class="vulnerability"> 53277 <metadata> 53278 <title>CVE-2013-2455</title> 53279 <affected family="unix"> 53280 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53281 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53282 </affected> 53283 <reference ref_id="CVE-2013-2455" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2455" source="CVE"/> 53284 <description> 53285 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2452. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect access checks by the (1) getEnclosingClass, (2) getEnclosingMethod, and (3) getEnclosingConstructor methods. 53286 </description> 53287 </metadata> 53288 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53289 <criteria operator="AND"> 53290 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53291 <criteria operator="OR"> 53292 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53293 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53294 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53295 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53296 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53297 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53298 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53299 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53300 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53301 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53302 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53303 </criteria> 53304 </criteria> 53305 </definition> 53306 <definition id="oval:org.opensuse.security:def:20132456" version="1" class="vulnerability"> 53307 <metadata> 53308 <title>CVE-2013-2456</title> 53309 <affected family="unix"> 53310 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53311 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53312 </affected> 53313 <reference ref_id="CVE-2013-2456" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2456" source="CVE"/> 53314 <description> 53315 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper access checks for subclasses in the ObjectOutputStream class. 53316 </description> 53317 </metadata> 53318 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53319 <criteria operator="AND"> 53320 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53321 <criteria operator="OR"> 53322 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53323 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53324 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53325 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53326 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53327 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53328 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53329 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53330 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53331 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53332 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53333 </criteria> 53334 </criteria> 53335 </definition> 53336 <definition id="oval:org.opensuse.security:def:20132457" version="1" class="vulnerability"> 53337 <metadata> 53338 <title>CVE-2013-2457</title> 53339 <affected family="unix"> 53340 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53341 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53342 </affected> 53343 <reference ref_id="CVE-2013-2457" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2457" source="CVE"/> 53344 <description> 53345 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to an incorrect implementation of "certain class checks" that allows remote attackers to bypass intended class restrictions. 53346 </description> 53347 </metadata> 53348 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53349 <criteria operator="AND"> 53350 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53351 <criteria operator="OR"> 53352 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53353 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53354 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53355 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53356 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53357 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53358 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53359 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53360 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53361 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53362 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53363 </criteria> 53364 </criteria> 53365 </definition> 53366 <definition id="oval:org.opensuse.security:def:20132459" version="1" class="vulnerability"> 53367 <metadata> 53368 <title>CVE-2013-2459</title> 53369 <affected family="unix"> 53370 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53371 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53372 </affected> 53373 <reference ref_id="CVE-2013-2459" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2459" source="CVE"/> 53374 <description> 53375 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "integer overflow checks." 53376 </description> 53377 </metadata> 53378 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53379 <criteria operator="AND"> 53380 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53381 <criteria operator="OR"> 53382 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53383 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53384 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53385 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53386 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53387 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53388 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53389 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53390 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53391 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53392 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53393 </criteria> 53394 </criteria> 53395 </definition> 53396 <definition id="oval:org.opensuse.security:def:20132463" version="1" class="vulnerability"> 53397 <metadata> 53398 <title>CVE-2013-2463</title> 53399 <affected family="unix"> 53400 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53401 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53402 </affected> 53403 <reference ref_id="CVE-2013-2463" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2463" source="CVE"/> 53404 <description> 53405 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image attribute verification" in 2D. 53406 </description> 53407 </metadata> 53408 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53409 <criteria operator="AND"> 53410 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53411 <criteria operator="OR"> 53412 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53413 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53414 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53415 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53416 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53417 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53418 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53419 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53420 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53421 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53422 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53423 </criteria> 53424 </criteria> 53425 </definition> 53426 <definition id="oval:org.opensuse.security:def:20132464" version="1" class="vulnerability"> 53427 <metadata> 53428 <title>CVE-2013-2464</title> 53429 <affected family="unix"> 53430 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53431 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53432 </affected> 53433 <reference ref_id="CVE-2013-2464" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2464" source="CVE"/> 53434 <description> 53435 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, and CVE-2013-2473. 53436 </description> 53437 </metadata> 53438 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53439 <criteria operator="AND"> 53440 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53441 <criteria operator="OR"> 53442 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53443 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53444 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53445 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53446 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53447 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53448 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53449 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53450 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53451 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53452 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53453 </criteria> 53454 </criteria> 53455 </definition> 53456 <definition id="oval:org.opensuse.security:def:20132465" version="1" class="vulnerability"> 53457 <metadata> 53458 <title>CVE-2013-2465</title> 53459 <affected family="unix"> 53460 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53461 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53462 </affected> 53463 <reference ref_id="CVE-2013-2465" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2465" source="CVE"/> 53464 <description> 53465 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D. 53466 </description> 53467 </metadata> 53468 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53469 <criteria operator="AND"> 53470 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53471 <criteria operator="OR"> 53472 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53473 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53474 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53475 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53476 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53477 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53478 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53479 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53480 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53481 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53482 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53483 </criteria> 53484 </criteria> 53485 </definition> 53486 <definition id="oval:org.opensuse.security:def:20132469" version="1" class="vulnerability"> 53487 <metadata> 53488 <title>CVE-2013-2469</title> 53489 <affected family="unix"> 53490 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53491 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53492 </affected> 53493 <reference ref_id="CVE-2013-2469" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2469" source="CVE"/> 53494 <description> 53495 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image layout verification" in 2D. 53496 </description> 53497 </metadata> 53498 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53499 <criteria operator="AND"> 53500 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53501 <criteria operator="OR"> 53502 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53503 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53504 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53505 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53506 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53507 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53508 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53509 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53510 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53511 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53512 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53513 </criteria> 53514 </criteria> 53515 </definition> 53516 <definition id="oval:org.opensuse.security:def:20132470" version="1" class="vulnerability"> 53517 <metadata> 53518 <title>CVE-2013-2470</title> 53519 <affected family="unix"> 53520 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53521 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53522 </affected> 53523 <reference ref_id="CVE-2013-2470" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2470" source="CVE"/> 53524 <description> 53525 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "ImagingLib byte lookup processing." 53526 </description> 53527 </metadata> 53528 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53529 <criteria operator="AND"> 53530 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53531 <criteria operator="OR"> 53532 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53533 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53534 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53535 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53536 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53537 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53538 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53539 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53540 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53541 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53542 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53543 </criteria> 53544 </criteria> 53545 </definition> 53546 <definition id="oval:org.opensuse.security:def:20132471" version="1" class="vulnerability"> 53547 <metadata> 53548 <title>CVE-2013-2471</title> 53549 <affected family="unix"> 53550 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53551 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53552 </affected> 53553 <reference ref_id="CVE-2013-2471" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2471" source="CVE"/> 53554 <description> 53555 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect IntegerComponentRaster size checks." 53556 </description> 53557 </metadata> 53558 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53559 <criteria operator="AND"> 53560 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53561 <criteria operator="OR"> 53562 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53563 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53564 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53565 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53566 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53567 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53568 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53569 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53570 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53571 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53572 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53573 </criteria> 53574 </criteria> 53575 </definition> 53576 <definition id="oval:org.opensuse.security:def:20132472" version="1" class="vulnerability"> 53577 <metadata> 53578 <title>CVE-2013-2472</title> 53579 <affected family="unix"> 53580 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53581 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53582 </affected> 53583 <reference ref_id="CVE-2013-2472" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2472" source="CVE"/> 53584 <description> 53585 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ShortBandedRaster size checks" in 2D. 53586 </description> 53587 </metadata> 53588 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53589 <criteria operator="AND"> 53590 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53591 <criteria operator="OR"> 53592 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53593 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53594 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53595 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53596 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53597 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53598 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53599 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53600 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53601 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53602 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53603 </criteria> 53604 </criteria> 53605 </definition> 53606 <definition id="oval:org.opensuse.security:def:20132473" version="1" class="vulnerability"> 53607 <metadata> 53608 <title>CVE-2013-2473</title> 53609 <affected family="unix"> 53610 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53611 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53612 </affected> 53613 <reference ref_id="CVE-2013-2473" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2473" source="CVE"/> 53614 <description> 53615 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D. 53616 </description> 53617 </metadata> 53618 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 53619 <criteria operator="AND"> 53620 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53621 <criteria operator="OR"> 53622 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 53623 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 53624 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 53625 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 53626 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 53627 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 53628 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 53629 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 53630 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 53631 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 53632 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 53633 </criteria> 53634 </criteria> 53635 </definition> 53636 <definition id="oval:org.opensuse.security:def:20132475" version="1" class="vulnerability"> 53637 <metadata> 53638 <title>CVE-2013-2475</title> 53639 <affected family="unix"> 53640 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53641 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53642 </affected> 53643 <reference ref_id="CVE-2013-2475" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2475" source="CVE"/> 53644 <description> 53645 The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet. 53646 </description> 53647 </metadata> 53648 <!-- 3db4a4d24062a3721e7cba8ec8f8d3a4 --> 53649 <criteria operator="AND"> 53650 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53651 <criterion test_ref="oval:org.opensuse.security:tst:2009077106" comment="wireshark less than 1.6.14-0.5.1"/> 53652 </criteria> 53653 </definition> 53654 <definition id="oval:org.opensuse.security:def:20132476" version="1" class="vulnerability"> 53655 <metadata> 53656 <title>CVE-2013-2476</title> 53657 <affected family="unix"> 53658 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53659 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53660 </affected> 53661 <reference ref_id="CVE-2013-2476" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2476" source="CVE"/> 53662 <description> 53663 The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a packet with a header that is too short. 53664 </description> 53665 </metadata> 53666 <!-- 3db4a4d24062a3721e7cba8ec8f8d3a4 --> 53667 <criteria operator="AND"> 53668 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53669 <criterion test_ref="oval:org.opensuse.security:tst:2009077106" comment="wireshark less than 1.6.14-0.5.1"/> 53670 </criteria> 53671 </definition> 53672 <definition id="oval:org.opensuse.security:def:20132477" version="1" class="vulnerability"> 53673 <metadata> 53674 <title>CVE-2013-2477</title> 53675 <affected family="unix"> 53676 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53677 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53678 </affected> 53679 <reference ref_id="CVE-2013-2477" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2477" source="CVE"/> 53680 <description> 53681 The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. 53682 </description> 53683 </metadata> 53684 <!-- 3db4a4d24062a3721e7cba8ec8f8d3a4 --> 53685 <criteria operator="AND"> 53686 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53687 <criterion test_ref="oval:org.opensuse.security:tst:2009077106" comment="wireshark less than 1.6.14-0.5.1"/> 53688 </criteria> 53689 </definition> 53690 <definition id="oval:org.opensuse.security:def:20132478" version="1" class="vulnerability"> 53691 <metadata> 53692 <title>CVE-2013-2478</title> 53693 <affected family="unix"> 53694 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53695 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53696 </affected> 53697 <reference ref_id="CVE-2013-2478" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2478" source="CVE"/> 53698 <description> 53699 The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (application crash) via a malformed packet that (1) triggers an integer overflow or (2) has embedded '\0' characters in a string. 53700 </description> 53701 </metadata> 53702 <!-- 3db4a4d24062a3721e7cba8ec8f8d3a4 --> 53703 <criteria operator="AND"> 53704 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53705 <criterion test_ref="oval:org.opensuse.security:tst:2009077106" comment="wireshark less than 1.6.14-0.5.1"/> 53706 </criteria> 53707 </definition> 53708 <definition id="oval:org.opensuse.security:def:20132479" version="1" class="vulnerability"> 53709 <metadata> 53710 <title>CVE-2013-2479</title> 53711 <affected family="unix"> 53712 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53713 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53714 </affected> 53715 <reference ref_id="CVE-2013-2479" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2479" source="CVE"/> 53716 <description> 53717 The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via invalid Sub-tlv data. 53718 </description> 53719 </metadata> 53720 <!-- 3db4a4d24062a3721e7cba8ec8f8d3a4 --> 53721 <criteria operator="AND"> 53722 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53723 <criterion test_ref="oval:org.opensuse.security:tst:2009077106" comment="wireshark less than 1.6.14-0.5.1"/> 53724 </criteria> 53725 </definition> 53726 <definition id="oval:org.opensuse.security:def:20132480" version="1" class="vulnerability"> 53727 <metadata> 53728 <title>CVE-2013-2480</title> 53729 <affected family="unix"> 53730 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53731 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53732 </affected> 53733 <reference ref_id="CVE-2013-2480" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2480" source="CVE"/> 53734 <description> 53735 The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet. 53736 </description> 53737 </metadata> 53738 <!-- 3db4a4d24062a3721e7cba8ec8f8d3a4 --> 53739 <criteria operator="AND"> 53740 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53741 <criterion test_ref="oval:org.opensuse.security:tst:2009077106" comment="wireshark less than 1.6.14-0.5.1"/> 53742 </criteria> 53743 </definition> 53744 <definition id="oval:org.opensuse.security:def:20132481" version="1" class="vulnerability"> 53745 <metadata> 53746 <title>CVE-2013-2481</title> 53747 <affected family="unix"> 53748 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53749 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53750 </affected> 53751 <reference ref_id="CVE-2013-2481" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2481" source="CVE"/> 53752 <description> 53753 Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (application crash) via a negative length value. 53754 </description> 53755 </metadata> 53756 <!-- 3db4a4d24062a3721e7cba8ec8f8d3a4 --> 53757 <criteria operator="AND"> 53758 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53759 <criterion test_ref="oval:org.opensuse.security:tst:2009077106" comment="wireshark less than 1.6.14-0.5.1"/> 53760 </criteria> 53761 </definition> 53762 <definition id="oval:org.opensuse.security:def:20132482" version="1" class="vulnerability"> 53763 <metadata> 53764 <title>CVE-2013-2482</title> 53765 <affected family="unix"> 53766 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53767 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53768 </affected> 53769 <reference ref_id="CVE-2013-2482" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2482" source="CVE"/> 53770 <description> 53771 The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. 53772 </description> 53773 </metadata> 53774 <!-- 3db4a4d24062a3721e7cba8ec8f8d3a4 --> 53775 <criteria operator="AND"> 53776 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53777 <criterion test_ref="oval:org.opensuse.security:tst:2009077106" comment="wireshark less than 1.6.14-0.5.1"/> 53778 </criteria> 53779 </definition> 53780 <definition id="oval:org.opensuse.security:def:20132483" version="1" class="vulnerability"> 53781 <metadata> 53782 <title>CVE-2013-2483</title> 53783 <affected family="unix"> 53784 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53785 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53786 </affected> 53787 <reference ref_id="CVE-2013-2483" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2483" source="CVE"/> 53788 <description> 53789 The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid count value in ACN_DMP_ADT_D_RE DMP data. 53790 </description> 53791 </metadata> 53792 <!-- 3db4a4d24062a3721e7cba8ec8f8d3a4 --> 53793 <criteria operator="AND"> 53794 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53795 <criterion test_ref="oval:org.opensuse.security:tst:2009077106" comment="wireshark less than 1.6.14-0.5.1"/> 53796 </criteria> 53797 </definition> 53798 <definition id="oval:org.opensuse.security:def:20132484" version="1" class="vulnerability"> 53799 <metadata> 53800 <title>CVE-2013-2484</title> 53801 <affected family="unix"> 53802 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53803 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53804 </affected> 53805 <reference ref_id="CVE-2013-2484" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2484" source="CVE"/> 53806 <description> 53807 The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet. 53808 </description> 53809 </metadata> 53810 <!-- 3db4a4d24062a3721e7cba8ec8f8d3a4 --> 53811 <criteria operator="AND"> 53812 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53813 <criterion test_ref="oval:org.opensuse.security:tst:2009077106" comment="wireshark less than 1.6.14-0.5.1"/> 53814 </criteria> 53815 </definition> 53816 <definition id="oval:org.opensuse.security:def:20132485" version="1" class="vulnerability"> 53817 <metadata> 53818 <title>CVE-2013-2485</title> 53819 <affected family="unix"> 53820 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53821 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53822 </affected> 53823 <reference ref_id="CVE-2013-2485" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2485" source="CVE"/> 53824 <description> 53825 The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. 53826 </description> 53827 </metadata> 53828 <!-- 3db4a4d24062a3721e7cba8ec8f8d3a4 --> 53829 <criteria operator="AND"> 53830 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53831 <criterion test_ref="oval:org.opensuse.security:tst:2009077106" comment="wireshark less than 1.6.14-0.5.1"/> 53832 </criteria> 53833 </definition> 53834 <definition id="oval:org.opensuse.security:def:20132486" version="1" class="vulnerability"> 53835 <metadata> 53836 <title>CVE-2013-2486</title> 53837 <affected family="unix"> 53838 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53839 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53840 </affected> 53841 <reference ref_id="CVE-2013-2486" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2486" source="CVE"/> 53842 <description> 53843 The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet. 53844 </description> 53845 </metadata> 53846 <criteria operator="OR"> 53847 <!-- 3db4a4d24062a3721e7cba8ec8f8d3a4 --> 53848 <criteria operator="AND"> 53849 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53850 <criterion test_ref="oval:org.opensuse.security:tst:2009077106" comment="wireshark less than 1.6.14-0.5.1"/> 53851 </criteria> 53852 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 53853 <criteria operator="AND"> 53854 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53855 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 53856 </criteria> 53857 </criteria> 53858 </definition> 53859 <definition id="oval:org.opensuse.security:def:20132487" version="1" class="vulnerability"> 53860 <metadata> 53861 <title>CVE-2013-2487</title> 53862 <affected family="unix"> 53863 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53864 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53865 </affected> 53866 <reference ref_id="CVE-2013-2487" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2487" source="CVE"/> 53867 <description> 53868 epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, related to the (1) dissect_icecandidates, (2) dissect_kinddata, (3) dissect_nodeid_list, (4) dissect_storeans, (5) dissect_storereq, (6) dissect_storeddataspecifier, (7) dissect_fetchreq, (8) dissect_findans, (9) dissect_diagnosticinfo, (10) dissect_diagnosticresponse, (11) dissect_reload_messagecontents, and (12) dissect_reload_message functions, a different vulnerability than CVE-2013-2486. 53869 </description> 53870 </metadata> 53871 <criteria operator="OR"> 53872 <!-- 3db4a4d24062a3721e7cba8ec8f8d3a4 --> 53873 <criteria operator="AND"> 53874 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53875 <criterion test_ref="oval:org.opensuse.security:tst:2009077106" comment="wireshark less than 1.6.14-0.5.1"/> 53876 </criteria> 53877 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 53878 <criteria operator="AND"> 53879 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53880 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 53881 </criteria> 53882 </criteria> 53883 </definition> 53884 <definition id="oval:org.opensuse.security:def:20132488" version="1" class="vulnerability"> 53885 <metadata> 53886 <title>CVE-2013-2488</title> 53887 <affected family="unix"> 53888 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53889 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53890 </affected> 53891 <reference ref_id="CVE-2013-2488" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2488" source="CVE"/> 53892 <description> 53893 The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location. 53894 </description> 53895 </metadata> 53896 <!-- 3db4a4d24062a3721e7cba8ec8f8d3a4 --> 53897 <criteria operator="AND"> 53898 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53899 <criterion test_ref="oval:org.opensuse.security:tst:2009077106" comment="wireshark less than 1.6.14-0.5.1"/> 53900 </criteria> 53901 </definition> 53902 <definition id="oval:org.opensuse.security:def:20132549" version="1" class="vulnerability"> 53903 <metadata> 53904 <title>CVE-2013-2549</title> 53905 <affected family="unix"> 53906 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53907 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53908 </affected> 53909 <reference ref_id="CVE-2013-2549" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2549" source="CVE"/> 53910 <description> 53911 Unspecified vulnerability in Adobe Reader 11.0.02 allows remote attackers to execute arbitrary code via vectors related to a "break into the sandbox," as demonstrated by George Hotz during a Pwn2Own competition at CanSecWest 2013. 53912 </description> 53913 </metadata> 53914 <!-- 771b7d069a8e369062487e3b94acb033 --> 53915 <criteria operator="AND"> 53916 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53917 <criteria operator="OR"> 53918 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 53919 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 53920 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 53921 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 53922 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 53923 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 53924 </criteria> 53925 </criteria> 53926 </definition> 53927 <definition id="oval:org.opensuse.security:def:20132550" version="1" class="vulnerability"> 53928 <metadata> 53929 <title>CVE-2013-2550</title> 53930 <affected family="unix"> 53931 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53932 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53933 </affected> 53934 <reference ref_id="CVE-2013-2550" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2550" source="CVE"/> 53935 <description> 53936 Unspecified vulnerability in Adobe Reader 11.0.02 allows attackers to bypass the sandbox protection mechanism via unknown vectors, as demonstrated by George Hotz during a Pwn2Own competition at CanSecWest 2013. 53937 </description> 53938 </metadata> 53939 <!-- 771b7d069a8e369062487e3b94acb033 --> 53940 <criteria operator="AND"> 53941 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53942 <criteria operator="OR"> 53943 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 53944 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 53945 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 53946 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 53947 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 53948 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 53949 </criteria> 53950 </criteria> 53951 </definition> 53952 <definition id="oval:org.opensuse.security:def:20132555" version="1" class="vulnerability"> 53953 <metadata> 53954 <title>CVE-2013-2555</title> 53955 <affected family="unix"> 53956 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53957 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53958 </affected> 53959 <reference ref_id="CVE-2013-2555" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2555" source="CVE"/> 53960 <description> 53961 Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013. 53962 </description> 53963 </metadata> 53964 <!-- 43a0afb56e4fabafdd73f008f7cc5db2 --> 53965 <criteria operator="AND"> 53966 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53967 <criterion test_ref="oval:org.opensuse.security:tst:2009077034" comment="flash-player less than 11.2.202.280-0.5.1"/> 53968 </criteria> 53969 </definition> 53970 <definition id="oval:org.opensuse.security:def:20132718" version="1" class="vulnerability"> 53971 <metadata> 53972 <title>CVE-2013-2718</title> 53973 <affected family="unix"> 53974 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 53975 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 53976 </affected> 53977 <reference ref_id="CVE-2013-2718" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2718" source="CVE"/> 53978 <description> 53979 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. 53980 </description> 53981 </metadata> 53982 <!-- 771b7d069a8e369062487e3b94acb033 --> 53983 <criteria operator="AND"> 53984 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 53985 <criteria operator="OR"> 53986 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 53987 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 53988 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 53989 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 53990 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 53991 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 53992 </criteria> 53993 </criteria> 53994 </definition> 53995 <definition id="oval:org.opensuse.security:def:20132719" version="1" class="vulnerability"> 53996 <metadata> 53997 <title>CVE-2013-2719</title> 53998 <affected family="unix"> 53999 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54000 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54001 </affected> 54002 <reference ref_id="CVE-2013-2719" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2719" source="CVE"/> 54003 <description> 54004 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. 54005 </description> 54006 </metadata> 54007 <!-- 771b7d069a8e369062487e3b94acb033 --> 54008 <criteria operator="AND"> 54009 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54010 <criteria operator="OR"> 54011 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54012 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54013 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54014 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54015 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54016 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54017 </criteria> 54018 </criteria> 54019 </definition> 54020 <definition id="oval:org.opensuse.security:def:20132720" version="1" class="vulnerability"> 54021 <metadata> 54022 <title>CVE-2013-2720</title> 54023 <affected family="unix"> 54024 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54025 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54026 </affected> 54027 <reference ref_id="CVE-2013-2720" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2720" source="CVE"/> 54028 <description> 54029 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. 54030 </description> 54031 </metadata> 54032 <!-- 771b7d069a8e369062487e3b94acb033 --> 54033 <criteria operator="AND"> 54034 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54035 <criteria operator="OR"> 54036 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54037 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54038 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54039 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54040 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54041 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54042 </criteria> 54043 </criteria> 54044 </definition> 54045 <definition id="oval:org.opensuse.security:def:20132721" version="1" class="vulnerability"> 54046 <metadata> 54047 <title>CVE-2013-2721</title> 54048 <affected family="unix"> 54049 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54050 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54051 </affected> 54052 <reference ref_id="CVE-2013-2721" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2721" source="CVE"/> 54053 <description> 54054 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. 54055 </description> 54056 </metadata> 54057 <!-- 771b7d069a8e369062487e3b94acb033 --> 54058 <criteria operator="AND"> 54059 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54060 <criteria operator="OR"> 54061 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54062 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54063 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54064 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54065 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54066 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54067 </criteria> 54068 </criteria> 54069 </definition> 54070 <definition id="oval:org.opensuse.security:def:20132722" version="1" class="vulnerability"> 54071 <metadata> 54072 <title>CVE-2013-2722</title> 54073 <affected family="unix"> 54074 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54075 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54076 </affected> 54077 <reference ref_id="CVE-2013-2722" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2722" source="CVE"/> 54078 <description> 54079 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. 54080 </description> 54081 </metadata> 54082 <!-- 771b7d069a8e369062487e3b94acb033 --> 54083 <criteria operator="AND"> 54084 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54085 <criteria operator="OR"> 54086 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54087 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54088 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54089 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54090 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54091 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54092 </criteria> 54093 </criteria> 54094 </definition> 54095 <definition id="oval:org.opensuse.security:def:20132723" version="1" class="vulnerability"> 54096 <metadata> 54097 <title>CVE-2013-2723</title> 54098 <affected family="unix"> 54099 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54100 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54101 </affected> 54102 <reference ref_id="CVE-2013-2723" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2723" source="CVE"/> 54103 <description> 54104 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. 54105 </description> 54106 </metadata> 54107 <!-- 771b7d069a8e369062487e3b94acb033 --> 54108 <criteria operator="AND"> 54109 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54110 <criteria operator="OR"> 54111 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54112 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54113 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54114 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54115 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54116 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54117 </criteria> 54118 </criteria> 54119 </definition> 54120 <definition id="oval:org.opensuse.security:def:20132724" version="1" class="vulnerability"> 54121 <metadata> 54122 <title>CVE-2013-2724</title> 54123 <affected family="unix"> 54124 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54125 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54126 </affected> 54127 <reference ref_id="CVE-2013-2724" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2724" source="CVE"/> 54128 <description> 54129 Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors. 54130 </description> 54131 </metadata> 54132 <!-- 771b7d069a8e369062487e3b94acb033 --> 54133 <criteria operator="AND"> 54134 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54135 <criteria operator="OR"> 54136 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54137 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54138 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54139 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54140 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54141 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54142 </criteria> 54143 </criteria> 54144 </definition> 54145 <definition id="oval:org.opensuse.security:def:20132725" version="1" class="vulnerability"> 54146 <metadata> 54147 <title>CVE-2013-2725</title> 54148 <affected family="unix"> 54149 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54150 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54151 </affected> 54152 <reference ref_id="CVE-2013-2725" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2725" source="CVE"/> 54153 <description> 54154 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. 54155 </description> 54156 </metadata> 54157 <!-- 771b7d069a8e369062487e3b94acb033 --> 54158 <criteria operator="AND"> 54159 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54160 <criteria operator="OR"> 54161 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54162 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54163 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54164 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54165 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54166 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54167 </criteria> 54168 </criteria> 54169 </definition> 54170 <definition id="oval:org.opensuse.security:def:20132726" version="1" class="vulnerability"> 54171 <metadata> 54172 <title>CVE-2013-2726</title> 54173 <affected family="unix"> 54174 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54175 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54176 </affected> 54177 <reference ref_id="CVE-2013-2726" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2726" source="CVE"/> 54178 <description> 54179 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. 54180 </description> 54181 </metadata> 54182 <!-- 771b7d069a8e369062487e3b94acb033 --> 54183 <criteria operator="AND"> 54184 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54185 <criteria operator="OR"> 54186 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54187 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54188 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54189 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54190 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54191 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54192 </criteria> 54193 </criteria> 54194 </definition> 54195 <definition id="oval:org.opensuse.security:def:20132727" version="1" class="vulnerability"> 54196 <metadata> 54197 <title>CVE-2013-2727</title> 54198 <affected family="unix"> 54199 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54200 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54201 </affected> 54202 <reference ref_id="CVE-2013-2727" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2727" source="CVE"/> 54203 <description> 54204 Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2729. 54205 </description> 54206 </metadata> 54207 <!-- 771b7d069a8e369062487e3b94acb033 --> 54208 <criteria operator="AND"> 54209 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54210 <criteria operator="OR"> 54211 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54212 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54213 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54214 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54215 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54216 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54217 </criteria> 54218 </criteria> 54219 </definition> 54220 <definition id="oval:org.opensuse.security:def:20132728" version="1" class="vulnerability"> 54221 <metadata> 54222 <title>CVE-2013-2728</title> 54223 <affected family="unix"> 54224 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54225 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54226 </affected> 54227 <reference ref_id="CVE-2013-2728" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2728" source="CVE"/> 54228 <description> 54229 Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. 54230 </description> 54231 </metadata> 54232 <!-- a5fa8585bb27b34c11c4dca03b7743de --> 54233 <criteria operator="AND"> 54234 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54235 <criterion test_ref="oval:org.opensuse.security:tst:2009077227" comment="flash-player less than 11.2.202.285-0.5.1"/> 54236 </criteria> 54237 </definition> 54238 <definition id="oval:org.opensuse.security:def:20132729" version="1" class="vulnerability"> 54239 <metadata> 54240 <title>CVE-2013-2729</title> 54241 <affected family="unix"> 54242 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54243 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54244 </affected> 54245 <reference ref_id="CVE-2013-2729" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2729" source="CVE"/> 54246 <description> 54247 Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2727. 54248 </description> 54249 </metadata> 54250 <!-- 771b7d069a8e369062487e3b94acb033 --> 54251 <criteria operator="AND"> 54252 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54253 <criteria operator="OR"> 54254 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54255 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54256 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54257 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54258 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54259 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54260 </criteria> 54261 </criteria> 54262 </definition> 54263 <definition id="oval:org.opensuse.security:def:20132730" version="1" class="vulnerability"> 54264 <metadata> 54265 <title>CVE-2013-2730</title> 54266 <affected family="unix"> 54267 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54268 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54269 </affected> 54270 <reference ref_id="CVE-2013-2730" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2730" source="CVE"/> 54271 <description> 54272 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2733. 54273 </description> 54274 </metadata> 54275 <!-- 771b7d069a8e369062487e3b94acb033 --> 54276 <criteria operator="AND"> 54277 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54278 <criteria operator="OR"> 54279 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54280 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54281 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54282 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54283 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54284 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54285 </criteria> 54286 </criteria> 54287 </definition> 54288 <definition id="oval:org.opensuse.security:def:20132731" version="1" class="vulnerability"> 54289 <metadata> 54290 <title>CVE-2013-2731</title> 54291 <affected family="unix"> 54292 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54293 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54294 </affected> 54295 <reference ref_id="CVE-2013-2731" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2731" source="CVE"/> 54296 <description> 54297 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. 54298 </description> 54299 </metadata> 54300 <!-- 771b7d069a8e369062487e3b94acb033 --> 54301 <criteria operator="AND"> 54302 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54303 <criteria operator="OR"> 54304 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54305 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54306 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54307 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54308 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54309 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54310 </criteria> 54311 </criteria> 54312 </definition> 54313 <definition id="oval:org.opensuse.security:def:20132732" version="1" class="vulnerability"> 54314 <metadata> 54315 <title>CVE-2013-2732</title> 54316 <affected family="unix"> 54317 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54318 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54319 </affected> 54320 <reference ref_id="CVE-2013-2732" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2732" source="CVE"/> 54321 <description> 54322 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. 54323 </description> 54324 </metadata> 54325 <!-- 771b7d069a8e369062487e3b94acb033 --> 54326 <criteria operator="AND"> 54327 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54328 <criteria operator="OR"> 54329 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54330 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54331 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54332 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54333 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54334 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54335 </criteria> 54336 </criteria> 54337 </definition> 54338 <definition id="oval:org.opensuse.security:def:20132733" version="1" class="vulnerability"> 54339 <metadata> 54340 <title>CVE-2013-2733</title> 54341 <affected family="unix"> 54342 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54343 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54344 </affected> 54345 <reference ref_id="CVE-2013-2733" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2733" source="CVE"/> 54346 <description> 54347 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2730. 54348 </description> 54349 </metadata> 54350 <!-- 771b7d069a8e369062487e3b94acb033 --> 54351 <criteria operator="AND"> 54352 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54353 <criteria operator="OR"> 54354 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54355 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54356 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54357 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54358 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54359 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54360 </criteria> 54361 </criteria> 54362 </definition> 54363 <definition id="oval:org.opensuse.security:def:20132734" version="1" class="vulnerability"> 54364 <metadata> 54365 <title>CVE-2013-2734</title> 54366 <affected family="unix"> 54367 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54368 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54369 </affected> 54370 <reference ref_id="CVE-2013-2734" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2734" source="CVE"/> 54371 <description> 54372 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. 54373 </description> 54374 </metadata> 54375 <!-- 771b7d069a8e369062487e3b94acb033 --> 54376 <criteria operator="AND"> 54377 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54378 <criteria operator="OR"> 54379 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54380 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54381 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54382 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54383 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54384 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54385 </criteria> 54386 </criteria> 54387 </definition> 54388 <definition id="oval:org.opensuse.security:def:20132735" version="1" class="vulnerability"> 54389 <metadata> 54390 <title>CVE-2013-2735</title> 54391 <affected family="unix"> 54392 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54393 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54394 </affected> 54395 <reference ref_id="CVE-2013-2735" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2735" source="CVE"/> 54396 <description> 54397 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. 54398 </description> 54399 </metadata> 54400 <!-- 771b7d069a8e369062487e3b94acb033 --> 54401 <criteria operator="AND"> 54402 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54403 <criteria operator="OR"> 54404 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54405 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54406 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54407 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54408 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54409 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54410 </criteria> 54411 </criteria> 54412 </definition> 54413 <definition id="oval:org.opensuse.security:def:20132736" version="1" class="vulnerability"> 54414 <metadata> 54415 <title>CVE-2013-2736</title> 54416 <affected family="unix"> 54417 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54418 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54419 </affected> 54420 <reference ref_id="CVE-2013-2736" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2736" source="CVE"/> 54421 <description> 54422 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. 54423 </description> 54424 </metadata> 54425 <!-- 771b7d069a8e369062487e3b94acb033 --> 54426 <criteria operator="AND"> 54427 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54428 <criteria operator="OR"> 54429 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54430 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54431 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54432 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54433 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54434 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54435 </criteria> 54436 </criteria> 54437 </definition> 54438 <definition id="oval:org.opensuse.security:def:20132737" version="1" class="vulnerability"> 54439 <metadata> 54440 <title>CVE-2013-2737</title> 54441 <affected family="unix"> 54442 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54443 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54444 </affected> 54445 <reference ref_id="CVE-2013-2737" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2737" source="CVE"/> 54446 <description> 54447 A JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to obtain sensitive information via unspecified vectors. 54448 </description> 54449 </metadata> 54450 <!-- 771b7d069a8e369062487e3b94acb033 --> 54451 <criteria operator="AND"> 54452 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54453 <criteria operator="OR"> 54454 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54455 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54456 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54457 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54458 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54459 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54460 </criteria> 54461 </criteria> 54462 </definition> 54463 <definition id="oval:org.opensuse.security:def:20132776" version="1" class="vulnerability"> 54464 <metadata> 54465 <title>CVE-2013-2776</title> 54466 <affected family="unix"> 54467 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54468 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54469 </affected> 54470 <reference ref_id="CVE-2013-2776" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2776" source="CVE"/> 54471 <description> 54472 sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions. 54473 </description> 54474 </metadata> 54475 <!-- 68356be24d3ee0305b115b7f77e08946 --> 54476 <criteria operator="AND"> 54477 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54478 <criterion test_ref="oval:org.opensuse.security:tst:2009077212" comment="sudo less than 1.6.9p23-0.18.1"/> 54479 </criteria> 54480 </definition> 54481 <definition id="oval:org.opensuse.security:def:20132777" version="1" class="vulnerability"> 54482 <metadata> 54483 <title>CVE-2013-2777</title> 54484 <affected family="unix"> 54485 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54486 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54487 </affected> 54488 <reference ref_id="CVE-2013-2777" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2777" source="CVE"/> 54489 <description> 54490 sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling terminal device and connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions. 54491 </description> 54492 </metadata> 54493 <!-- 68356be24d3ee0305b115b7f77e08946 --> 54494 <criteria operator="AND"> 54495 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54496 <criterion test_ref="oval:org.opensuse.security:tst:2009077212" comment="sudo less than 1.6.9p23-0.18.1"/> 54497 </criteria> 54498 </definition> 54499 <definition id="oval:org.opensuse.security:def:20133009" version="1" class="vulnerability"> 54500 <metadata> 54501 <title>CVE-2013-3009</title> 54502 <affected family="unix"> 54503 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54504 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54505 </affected> 54506 <reference ref_id="CVE-2013-3009" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3009" source="CVE"/> 54507 <description> 54508 Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3011 and CVE-2013-3012. 54509 </description> 54510 </metadata> 54511 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 54512 <criteria operator="AND"> 54513 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54514 <criteria operator="OR"> 54515 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 54516 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 54517 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 54518 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 54519 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 54520 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 54521 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 54522 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 54523 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 54524 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 54525 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 54526 </criteria> 54527 </criteria> 54528 </definition> 54529 <definition id="oval:org.opensuse.security:def:20133011" version="1" class="vulnerability"> 54530 <metadata> 54531 <title>CVE-2013-3011</title> 54532 <affected family="unix"> 54533 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54534 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54535 </affected> 54536 <reference ref_id="CVE-2013-3011" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3011" source="CVE"/> 54537 <description> 54538 Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3012. 54539 </description> 54540 </metadata> 54541 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 54542 <criteria operator="AND"> 54543 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54544 <criteria operator="OR"> 54545 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 54546 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 54547 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 54548 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 54549 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 54550 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 54551 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 54552 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 54553 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 54554 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 54555 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 54556 </criteria> 54557 </criteria> 54558 </definition> 54559 <definition id="oval:org.opensuse.security:def:20133012" version="1" class="vulnerability"> 54560 <metadata> 54561 <title>CVE-2013-3012</title> 54562 <affected family="unix"> 54563 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54564 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54565 </affected> 54566 <reference ref_id="CVE-2013-3012" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3012" source="CVE"/> 54567 <description> 54568 Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3011. 54569 </description> 54570 </metadata> 54571 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 54572 <criteria operator="AND"> 54573 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54574 <criteria operator="OR"> 54575 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 54576 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 54577 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 54578 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 54579 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 54580 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 54581 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 54582 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 54583 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 54584 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 54585 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 54586 </criteria> 54587 </criteria> 54588 </definition> 54589 <definition id="oval:org.opensuse.security:def:20133324" version="1" class="vulnerability"> 54590 <metadata> 54591 <title>CVE-2013-3324</title> 54592 <affected family="unix"> 54593 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54594 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54595 </affected> 54596 <reference ref_id="CVE-2013-3324" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3324" source="CVE"/> 54597 <description> 54598 Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. 54599 </description> 54600 </metadata> 54601 <!-- a5fa8585bb27b34c11c4dca03b7743de --> 54602 <criteria operator="AND"> 54603 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54604 <criterion test_ref="oval:org.opensuse.security:tst:2009077227" comment="flash-player less than 11.2.202.285-0.5.1"/> 54605 </criteria> 54606 </definition> 54607 <definition id="oval:org.opensuse.security:def:20133325" version="1" class="vulnerability"> 54608 <metadata> 54609 <title>CVE-2013-3325</title> 54610 <affected family="unix"> 54611 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54612 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54613 </affected> 54614 <reference ref_id="CVE-2013-3325" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3325" source="CVE"/> 54615 <description> 54616 Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. 54617 </description> 54618 </metadata> 54619 <!-- a5fa8585bb27b34c11c4dca03b7743de --> 54620 <criteria operator="AND"> 54621 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54622 <criterion test_ref="oval:org.opensuse.security:tst:2009077227" comment="flash-player less than 11.2.202.285-0.5.1"/> 54623 </criteria> 54624 </definition> 54625 <definition id="oval:org.opensuse.security:def:20133326" version="1" class="vulnerability"> 54626 <metadata> 54627 <title>CVE-2013-3326</title> 54628 <affected family="unix"> 54629 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54630 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54631 </affected> 54632 <reference ref_id="CVE-2013-3326" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3326" source="CVE"/> 54633 <description> 54634 Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. 54635 </description> 54636 </metadata> 54637 <!-- a5fa8585bb27b34c11c4dca03b7743de --> 54638 <criteria operator="AND"> 54639 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54640 <criterion test_ref="oval:org.opensuse.security:tst:2009077227" comment="flash-player less than 11.2.202.285-0.5.1"/> 54641 </criteria> 54642 </definition> 54643 <definition id="oval:org.opensuse.security:def:20133327" version="1" class="vulnerability"> 54644 <metadata> 54645 <title>CVE-2013-3327</title> 54646 <affected family="unix"> 54647 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54648 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54649 </affected> 54650 <reference ref_id="CVE-2013-3327" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3327" source="CVE"/> 54651 <description> 54652 Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. 54653 </description> 54654 </metadata> 54655 <!-- a5fa8585bb27b34c11c4dca03b7743de --> 54656 <criteria operator="AND"> 54657 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54658 <criterion test_ref="oval:org.opensuse.security:tst:2009077227" comment="flash-player less than 11.2.202.285-0.5.1"/> 54659 </criteria> 54660 </definition> 54661 <definition id="oval:org.opensuse.security:def:20133328" version="1" class="vulnerability"> 54662 <metadata> 54663 <title>CVE-2013-3328</title> 54664 <affected family="unix"> 54665 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54666 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54667 </affected> 54668 <reference ref_id="CVE-2013-3328" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3328" source="CVE"/> 54669 <description> 54670 Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. 54671 </description> 54672 </metadata> 54673 <!-- a5fa8585bb27b34c11c4dca03b7743de --> 54674 <criteria operator="AND"> 54675 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54676 <criterion test_ref="oval:org.opensuse.security:tst:2009077227" comment="flash-player less than 11.2.202.285-0.5.1"/> 54677 </criteria> 54678 </definition> 54679 <definition id="oval:org.opensuse.security:def:20133329" version="1" class="vulnerability"> 54680 <metadata> 54681 <title>CVE-2013-3329</title> 54682 <affected family="unix"> 54683 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54684 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54685 </affected> 54686 <reference ref_id="CVE-2013-3329" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3329" source="CVE"/> 54687 <description> 54688 Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. 54689 </description> 54690 </metadata> 54691 <!-- a5fa8585bb27b34c11c4dca03b7743de --> 54692 <criteria operator="AND"> 54693 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54694 <criterion test_ref="oval:org.opensuse.security:tst:2009077227" comment="flash-player less than 11.2.202.285-0.5.1"/> 54695 </criteria> 54696 </definition> 54697 <definition id="oval:org.opensuse.security:def:20133330" version="1" class="vulnerability"> 54698 <metadata> 54699 <title>CVE-2013-3330</title> 54700 <affected family="unix"> 54701 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54702 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54703 </affected> 54704 <reference ref_id="CVE-2013-3330" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3330" source="CVE"/> 54705 <description> 54706 Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. 54707 </description> 54708 </metadata> 54709 <!-- a5fa8585bb27b34c11c4dca03b7743de --> 54710 <criteria operator="AND"> 54711 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54712 <criterion test_ref="oval:org.opensuse.security:tst:2009077227" comment="flash-player less than 11.2.202.285-0.5.1"/> 54713 </criteria> 54714 </definition> 54715 <definition id="oval:org.opensuse.security:def:20133331" version="1" class="vulnerability"> 54716 <metadata> 54717 <title>CVE-2013-3331</title> 54718 <affected family="unix"> 54719 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54720 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54721 </affected> 54722 <reference ref_id="CVE-2013-3331" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3331" source="CVE"/> 54723 <description> 54724 Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. 54725 </description> 54726 </metadata> 54727 <!-- a5fa8585bb27b34c11c4dca03b7743de --> 54728 <criteria operator="AND"> 54729 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54730 <criterion test_ref="oval:org.opensuse.security:tst:2009077227" comment="flash-player less than 11.2.202.285-0.5.1"/> 54731 </criteria> 54732 </definition> 54733 <definition id="oval:org.opensuse.security:def:20133332" version="1" class="vulnerability"> 54734 <metadata> 54735 <title>CVE-2013-3332</title> 54736 <affected family="unix"> 54737 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54738 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54739 </affected> 54740 <reference ref_id="CVE-2013-3332" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3332" source="CVE"/> 54741 <description> 54742 Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. 54743 </description> 54744 </metadata> 54745 <!-- a5fa8585bb27b34c11c4dca03b7743de --> 54746 <criteria operator="AND"> 54747 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54748 <criterion test_ref="oval:org.opensuse.security:tst:2009077227" comment="flash-player less than 11.2.202.285-0.5.1"/> 54749 </criteria> 54750 </definition> 54751 <definition id="oval:org.opensuse.security:def:20133333" version="1" class="vulnerability"> 54752 <metadata> 54753 <title>CVE-2013-3333</title> 54754 <affected family="unix"> 54755 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54756 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54757 </affected> 54758 <reference ref_id="CVE-2013-3333" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3333" source="CVE"/> 54759 <description> 54760 Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3334, and CVE-2013-3335. 54761 </description> 54762 </metadata> 54763 <!-- a5fa8585bb27b34c11c4dca03b7743de --> 54764 <criteria operator="AND"> 54765 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54766 <criterion test_ref="oval:org.opensuse.security:tst:2009077227" comment="flash-player less than 11.2.202.285-0.5.1"/> 54767 </criteria> 54768 </definition> 54769 <definition id="oval:org.opensuse.security:def:20133334" version="1" class="vulnerability"> 54770 <metadata> 54771 <title>CVE-2013-3334</title> 54772 <affected family="unix"> 54773 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54774 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54775 </affected> 54776 <reference ref_id="CVE-2013-3334" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3334" source="CVE"/> 54777 <description> 54778 Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, and CVE-2013-3335. 54779 </description> 54780 </metadata> 54781 <!-- a5fa8585bb27b34c11c4dca03b7743de --> 54782 <criteria operator="AND"> 54783 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54784 <criterion test_ref="oval:org.opensuse.security:tst:2009077227" comment="flash-player less than 11.2.202.285-0.5.1"/> 54785 </criteria> 54786 </definition> 54787 <definition id="oval:org.opensuse.security:def:20133335" version="1" class="vulnerability"> 54788 <metadata> 54789 <title>CVE-2013-3335</title> 54790 <affected family="unix"> 54791 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54792 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54793 </affected> 54794 <reference ref_id="CVE-2013-3335" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3335" source="CVE"/> 54795 <description> 54796 Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, and CVE-2013-3334. 54797 </description> 54798 </metadata> 54799 <!-- a5fa8585bb27b34c11c4dca03b7743de --> 54800 <criteria operator="AND"> 54801 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54802 <criterion test_ref="oval:org.opensuse.security:tst:2009077227" comment="flash-player less than 11.2.202.285-0.5.1"/> 54803 </criteria> 54804 </definition> 54805 <definition id="oval:org.opensuse.security:def:20133337" version="1" class="vulnerability"> 54806 <metadata> 54807 <title>CVE-2013-3337</title> 54808 <affected family="unix"> 54809 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54810 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54811 </affected> 54812 <reference ref_id="CVE-2013-3337" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3337" source="CVE"/> 54813 <description> 54814 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. 54815 </description> 54816 </metadata> 54817 <!-- 771b7d069a8e369062487e3b94acb033 --> 54818 <criteria operator="AND"> 54819 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54820 <criteria operator="OR"> 54821 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54822 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54823 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54824 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54825 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54826 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54827 </criteria> 54828 </criteria> 54829 </definition> 54830 <definition id="oval:org.opensuse.security:def:20133338" version="1" class="vulnerability"> 54831 <metadata> 54832 <title>CVE-2013-3338</title> 54833 <affected family="unix"> 54834 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54835 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54836 </affected> 54837 <reference ref_id="CVE-2013-3338" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3338" source="CVE"/> 54838 <description> 54839 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. 54840 </description> 54841 </metadata> 54842 <!-- 771b7d069a8e369062487e3b94acb033 --> 54843 <criteria operator="AND"> 54844 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54845 <criteria operator="OR"> 54846 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54847 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54848 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54849 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54850 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54851 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54852 </criteria> 54853 </criteria> 54854 </definition> 54855 <definition id="oval:org.opensuse.security:def:20133339" version="1" class="vulnerability"> 54856 <metadata> 54857 <title>CVE-2013-3339</title> 54858 <affected family="unix"> 54859 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54860 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54861 </affected> 54862 <reference ref_id="CVE-2013-3339" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3339" source="CVE"/> 54863 <description> 54864 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3340, and CVE-2013-3341. 54865 </description> 54866 </metadata> 54867 <!-- 771b7d069a8e369062487e3b94acb033 --> 54868 <criteria operator="AND"> 54869 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54870 <criteria operator="OR"> 54871 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54872 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54873 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54874 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54875 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54876 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54877 </criteria> 54878 </criteria> 54879 </definition> 54880 <definition id="oval:org.opensuse.security:def:20133340" version="1" class="vulnerability"> 54881 <metadata> 54882 <title>CVE-2013-3340</title> 54883 <affected family="unix"> 54884 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54885 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54886 </affected> 54887 <reference ref_id="CVE-2013-3340" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3340" source="CVE"/> 54888 <description> 54889 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, and CVE-2013-3341. 54890 </description> 54891 </metadata> 54892 <!-- 771b7d069a8e369062487e3b94acb033 --> 54893 <criteria operator="AND"> 54894 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54895 <criteria operator="OR"> 54896 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54897 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54898 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54899 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54900 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54901 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54902 </criteria> 54903 </criteria> 54904 </definition> 54905 <definition id="oval:org.opensuse.security:def:20133341" version="1" class="vulnerability"> 54906 <metadata> 54907 <title>CVE-2013-3341</title> 54908 <affected family="unix"> 54909 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54910 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54911 </affected> 54912 <reference ref_id="CVE-2013-3341" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3341" source="CVE"/> 54913 <description> 54914 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, and CVE-2013-3340. 54915 </description> 54916 </metadata> 54917 <!-- 771b7d069a8e369062487e3b94acb033 --> 54918 <criteria operator="AND"> 54919 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54920 <criteria operator="OR"> 54921 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54922 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54923 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54924 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54925 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54926 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54927 </criteria> 54928 </criteria> 54929 </definition> 54930 <definition id="oval:org.opensuse.security:def:20133342" version="1" class="vulnerability"> 54931 <metadata> 54932 <title>CVE-2013-3342</title> 54933 <affected family="unix"> 54934 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54935 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54936 </affected> 54937 <reference ref_id="CVE-2013-3342" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3342" source="CVE"/> 54938 <description> 54939 Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 do not properly handle operating-system domain blacklists, which has unspecified impact and attack vectors. 54940 </description> 54941 </metadata> 54942 <!-- 771b7d069a8e369062487e3b94acb033 --> 54943 <criteria operator="AND"> 54944 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54945 <criteria operator="OR"> 54946 <criterion test_ref="oval:org.opensuse.security:tst:2009077231" comment="acroread-cmaps less than 9.4.6-0.6.63"/> 54947 <criterion test_ref="oval:org.opensuse.security:tst:2009077232" comment="acroread-fonts-ja less than 9.4.6-0.6.63"/> 54948 <criterion test_ref="oval:org.opensuse.security:tst:2009077233" comment="acroread-fonts-ko less than 9.4.6-0.6.63"/> 54949 <criterion test_ref="oval:org.opensuse.security:tst:2009077234" comment="acroread-fonts-zh_CN less than 9.4.6-0.6.63"/> 54950 <criterion test_ref="oval:org.opensuse.security:tst:2009077235" comment="acroread-fonts-zh_TW less than 9.4.6-0.6.63"/> 54951 <criterion test_ref="oval:org.opensuse.security:tst:2009077236" comment="acroread less than 9.5.5-0.6.1"/> 54952 </criteria> 54953 </criteria> 54954 </definition> 54955 <definition id="oval:org.opensuse.security:def:20133343" version="1" class="vulnerability"> 54956 <metadata> 54957 <title>CVE-2013-3343</title> 54958 <affected family="unix"> 54959 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54960 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54961 </affected> 54962 <reference ref_id="CVE-2013-3343" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3343" source="CVE"/> 54963 <description> 54964 Adobe Flash Player before 10.3.183.90 and 11.x before 11.7.700.224 on Windows, before 10.3.183.90 and 11.x before 11.7.700.225 on Mac OS X, before 10.3.183.90 and 11.x before 11.2.202.291 on Linux, before 11.1.111.59 on Android 2.x and 3.x, and before 11.1.115.63 on Android 4.x; Adobe AIR before 3.7.0.2090 on Windows and Android and before 3.7.0.2100 on Mac OS X; and Adobe AIR SDK & Compiler before 3.7.0.2090 on Windows and before 3.7.0.2100 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. 54965 </description> 54966 </metadata> 54967 <!-- 79c597776eb65522c777c2c31d78be79 --> 54968 <criteria operator="AND"> 54969 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54970 <criterion test_ref="oval:org.opensuse.security:tst:2009077451" comment="flash-player less than 11.2.202.291-0.5.1"/> 54971 </criteria> 54972 </definition> 54973 <definition id="oval:org.opensuse.security:def:20133344" version="1" class="vulnerability"> 54974 <metadata> 54975 <title>CVE-2013-3344</title> 54976 <affected family="unix"> 54977 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54978 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54979 </affected> 54980 <reference ref_id="CVE-2013-3344" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3344" source="CVE"/> 54981 <description> 54982 Heap-based buffer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code via unspecified vectors. 54983 </description> 54984 </metadata> 54985 <!-- 2a99ce6c544e43d5065f403d412927eb --> 54986 <criteria operator="AND"> 54987 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 54988 <criterion test_ref="oval:org.opensuse.security:tst:2009077648" comment="flash-player less than 11.2.202.297-0.5.2"/> 54989 </criteria> 54990 </definition> 54991 <definition id="oval:org.opensuse.security:def:20133345" version="1" class="vulnerability"> 54992 <metadata> 54993 <title>CVE-2013-3345</title> 54994 <affected family="unix"> 54995 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 54996 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 54997 </affected> 54998 <reference ref_id="CVE-2013-3345" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3345" source="CVE"/> 54999 <description> 55000 Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. 55001 </description> 55002 </metadata> 55003 <!-- 2a99ce6c544e43d5065f403d412927eb --> 55004 <criteria operator="AND"> 55005 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55006 <criterion test_ref="oval:org.opensuse.security:tst:2009077648" comment="flash-player less than 11.2.202.297-0.5.2"/> 55007 </criteria> 55008 </definition> 55009 <definition id="oval:org.opensuse.security:def:20133347" version="1" class="vulnerability"> 55010 <metadata> 55011 <title>CVE-2013-3347</title> 55012 <affected family="unix"> 55013 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55014 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55015 </affected> 55016 <reference ref_id="CVE-2013-3347" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3347" source="CVE"/> 55017 <description> 55018 Integer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code via PCM data that is not properly handled during resampling. 55019 </description> 55020 </metadata> 55021 <!-- 2a99ce6c544e43d5065f403d412927eb --> 55022 <criteria operator="AND"> 55023 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55024 <criterion test_ref="oval:org.opensuse.security:tst:2009077648" comment="flash-player less than 11.2.202.297-0.5.2"/> 55025 </criteria> 55026 </definition> 55027 <definition id="oval:org.opensuse.security:def:20133555" version="1" class="vulnerability"> 55028 <metadata> 55029 <title>CVE-2013-3555</title> 55030 <affected family="unix"> 55031 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55032 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55033 </affected> 55034 <reference ref_id="CVE-2013-3555" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3555" source="CVE"/> 55035 <description> 55036 epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. 55037 </description> 55038 </metadata> 55039 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 55040 <criteria operator="AND"> 55041 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55042 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 55043 </criteria> 55044 </definition> 55045 <definition id="oval:org.opensuse.security:def:20133556" version="1" class="vulnerability"> 55046 <metadata> 55047 <title>CVE-2013-3556</title> 55048 <affected family="unix"> 55049 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55050 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55051 </affected> 55052 <reference ref_id="CVE-2013-3556" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3556" source="CVE"/> 55053 <description> 55054 The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. 55055 </description> 55056 </metadata> 55057 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 55058 <criteria operator="AND"> 55059 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55060 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 55061 </criteria> 55062 </definition> 55063 <definition id="oval:org.opensuse.security:def:20133557" version="1" class="vulnerability"> 55064 <metadata> 55065 <title>CVE-2013-3557</title> 55066 <affected family="unix"> 55067 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55068 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55069 </affected> 55070 <reference ref_id="CVE-2013-3557" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3557" source="CVE"/> 55071 <description> 55072 The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. 55073 </description> 55074 </metadata> 55075 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 55076 <criteria operator="AND"> 55077 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55078 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 55079 </criteria> 55080 </definition> 55081 <definition id="oval:org.opensuse.security:def:20133558" version="1" class="vulnerability"> 55082 <metadata> 55083 <title>CVE-2013-3558</title> 55084 <affected family="unix"> 55085 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55086 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55087 </affected> 55088 <reference ref_id="CVE-2013-3558" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3558" source="CVE"/> 55089 <description> 55090 The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. 55091 </description> 55092 </metadata> 55093 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 55094 <criteria operator="AND"> 55095 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55096 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 55097 </criteria> 55098 </definition> 55099 <definition id="oval:org.opensuse.security:def:20133559" version="1" class="vulnerability"> 55100 <metadata> 55101 <title>CVE-2013-3559</title> 55102 <affected family="unix"> 55103 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55104 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55105 </affected> 55106 <reference ref_id="CVE-2013-3559" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3559" source="CVE"/> 55107 <description> 55108 epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet. 55109 </description> 55110 </metadata> 55111 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 55112 <criteria operator="AND"> 55113 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55114 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 55115 </criteria> 55116 </definition> 55117 <definition id="oval:org.opensuse.security:def:20133560" version="1" class="vulnerability"> 55118 <metadata> 55119 <title>CVE-2013-3560</title> 55120 <affected family="unix"> 55121 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55122 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55123 </affected> 55124 <reference ref_id="CVE-2013-3560" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3560" source="CVE"/> 55125 <description> 55126 The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. 55127 </description> 55128 </metadata> 55129 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 55130 <criteria operator="AND"> 55131 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55132 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 55133 </criteria> 55134 </definition> 55135 <definition id="oval:org.opensuse.security:def:20133561" version="1" class="vulnerability"> 55136 <metadata> 55137 <title>CVE-2013-3561</title> 55138 <affected family="unix"> 55139 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55140 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55141 </affected> 55142 <reference ref_id="CVE-2013-3561" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3561" source="CVE"/> 55143 <description> 55144 Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector. 55145 </description> 55146 </metadata> 55147 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 55148 <criteria operator="AND"> 55149 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55150 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 55151 </criteria> 55152 </definition> 55153 <definition id="oval:org.opensuse.security:def:20133562" version="1" class="vulnerability"> 55154 <metadata> 55155 <title>CVE-2013-3562</title> 55156 <affected family="unix"> 55157 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55158 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55159 </affected> 55160 <reference ref_id="CVE-2013-3562" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3562" source="CVE"/> 55161 <description> 55162 Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet. 55163 </description> 55164 </metadata> 55165 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 55166 <criteria operator="AND"> 55167 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55168 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 55169 </criteria> 55170 </definition> 55171 <definition id="oval:org.opensuse.security:def:20133743" version="1" class="vulnerability"> 55172 <metadata> 55173 <title>CVE-2013-3743</title> 55174 <affected family="unix"> 55175 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55176 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55177 </affected> 55178 <reference ref_id="CVE-2013-3743" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3743" source="CVE"/> 55179 <description> 55180 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. 55181 </description> 55182 </metadata> 55183 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 55184 <criteria operator="AND"> 55185 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55186 <criteria operator="OR"> 55187 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 55188 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 55189 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 55190 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 55191 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 55192 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 55193 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 55194 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 55195 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 55196 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 55197 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 55198 </criteria> 55199 </criteria> 55200 </definition> 55201 <definition id="oval:org.opensuse.security:def:20134002" version="1" class="vulnerability"> 55202 <metadata> 55203 <title>CVE-2013-4002</title> 55204 <affected family="unix"> 55205 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55206 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55207 </affected> 55208 <reference ref_id="CVE-2013-4002" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4002" source="CVE"/> 55209 <description> 55210 Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect availability via unknown vectors. 55211 </description> 55212 </metadata> 55213 <!-- 4ed92cf0de9b3b679aefd2605f9c3f66 --> 55214 <criteria operator="AND"> 55215 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55216 <criteria operator="OR"> 55217 <criterion test_ref="oval:org.opensuse.security:tst:2009077699" comment="java-1_5_0-ibm-32bit less than 1.5.0_sr16.3-0.5.1"/> 55218 <criterion test_ref="oval:org.opensuse.security:tst:2009077700" comment="java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr16.3-0.5.1"/> 55219 <criterion test_ref="oval:org.opensuse.security:tst:2009077701" comment="java-1_5_0-ibm-alsa less than 1.5.0_sr16.3-0.5.1"/> 55220 <criterion test_ref="oval:org.opensuse.security:tst:2009077702" comment="java-1_5_0-ibm-demo less than 1.5.0_sr16.3-0.5.1"/> 55221 <criterion test_ref="oval:org.opensuse.security:tst:2009077703" comment="java-1_5_0-ibm-devel-32bit less than 1.5.0_sr16.3-0.5.1"/> 55222 <criterion test_ref="oval:org.opensuse.security:tst:2009077704" comment="java-1_5_0-ibm-devel less than 1.5.0_sr16.3-0.5.1"/> 55223 <criterion test_ref="oval:org.opensuse.security:tst:2009077705" comment="java-1_5_0-ibm-fonts less than 1.5.0_sr16.3-0.5.1"/> 55224 <criterion test_ref="oval:org.opensuse.security:tst:2009077706" comment="java-1_5_0-ibm-jdbc less than 1.5.0_sr16.3-0.5.1"/> 55225 <criterion test_ref="oval:org.opensuse.security:tst:2009077707" comment="java-1_5_0-ibm-plugin less than 1.5.0_sr16.3-0.5.1"/> 55226 <criterion test_ref="oval:org.opensuse.security:tst:2009077708" comment="java-1_5_0-ibm-src less than 1.5.0_sr16.3-0.5.1"/> 55227 <criterion test_ref="oval:org.opensuse.security:tst:2009077709" comment="java-1_5_0-ibm less than 1.5.0_sr16.3-0.5.1"/> 55228 </criteria> 55229 </criteria> 55230 </definition> 55231 <definition id="oval:org.opensuse.security:def:20134073" version="1" class="vulnerability"> 55232 <metadata> 55233 <title>CVE-2013-4073</title> 55234 <affected family="unix"> 55235 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55236 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55237 </affected> 55238 <reference ref_id="CVE-2013-4073" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4073" source="CVE"/> 55239 <description> 55240 The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. 55241 </description> 55242 </metadata> 55243 <!-- 5ac82f78b15c4acb20e9a4af1b508de8 --> 55244 <criteria operator="AND"> 55245 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55246 <criterion test_ref="oval:org.opensuse.security:tst:2009077721" comment="ruby less than 1.8.6.p369-0.16.1"/> 55247 </criteria> 55248 </definition> 55249 <definition id="oval:org.opensuse.security:def:20134074" version="1" class="vulnerability"> 55250 <metadata> 55251 <title>CVE-2013-4074</title> 55252 <affected family="unix"> 55253 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55254 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55255 </affected> 55256 <reference ref_id="CVE-2013-4074" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4074" source="CVE"/> 55257 <description> 55258 The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. 55259 </description> 55260 </metadata> 55261 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 55262 <criteria operator="AND"> 55263 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55264 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 55265 </criteria> 55266 </definition> 55267 <definition id="oval:org.opensuse.security:def:20134075" version="1" class="vulnerability"> 55268 <metadata> 55269 <title>CVE-2013-4075</title> 55270 <affected family="unix"> 55271 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55272 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55273 </affected> 55274 <reference ref_id="CVE-2013-4075" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4075" source="CVE"/> 55275 <description> 55276 epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. 55277 </description> 55278 </metadata> 55279 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 55280 <criteria operator="AND"> 55281 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55282 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 55283 </criteria> 55284 </definition> 55285 <definition id="oval:org.opensuse.security:def:20134076" version="1" class="vulnerability"> 55286 <metadata> 55287 <title>CVE-2013-4076</title> 55288 <affected family="unix"> 55289 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55290 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55291 </affected> 55292 <reference ref_id="CVE-2013-4076" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4076" source="CVE"/> 55293 <description> 55294 Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet. 55295 </description> 55296 </metadata> 55297 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 55298 <criteria operator="AND"> 55299 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55300 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 55301 </criteria> 55302 </definition> 55303 <definition id="oval:org.opensuse.security:def:20134077" version="1" class="vulnerability"> 55304 <metadata> 55305 <title>CVE-2013-4077</title> 55306 <affected family="unix"> 55307 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55308 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55309 </affected> 55310 <reference ref_id="CVE-2013-4077" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4077" source="CVE"/> 55311 <description> 55312 Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and packet-nbap.c. 55313 </description> 55314 </metadata> 55315 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 55316 <criteria operator="AND"> 55317 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55318 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 55319 </criteria> 55320 </definition> 55321 <definition id="oval:org.opensuse.security:def:20134078" version="1" class="vulnerability"> 55322 <metadata> 55323 <title>CVE-2013-4078</title> 55324 <affected family="unix"> 55325 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55326 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55327 </affected> 55328 <reference ref_id="CVE-2013-4078" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4078" source="CVE"/> 55329 <description> 55330 epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. 55331 </description> 55332 </metadata> 55333 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 55334 <criteria operator="AND"> 55335 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55336 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 55337 </criteria> 55338 </definition> 55339 <definition id="oval:org.opensuse.security:def:20134079" version="1" class="vulnerability"> 55340 <metadata> 55341 <title>CVE-2013-4079</title> 55342 <affected family="unix"> 55343 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55344 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55345 </affected> 55346 <reference ref_id="CVE-2013-4079" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4079" source="CVE"/> 55347 <description> 55348 The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet. 55349 </description> 55350 </metadata> 55351 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 55352 <criteria operator="AND"> 55353 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55354 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 55355 </criteria> 55356 </definition> 55357 <definition id="oval:org.opensuse.security:def:20134080" version="1" class="vulnerability"> 55358 <metadata> 55359 <title>CVE-2013-4080</title> 55360 <affected family="unix"> 55361 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55362 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55363 </affected> 55364 <reference ref_id="CVE-2013-4080" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4080" source="CVE"/> 55365 <description> 55366 The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item, which allows remote attackers to cause a denial of service (infinite loop, and CPU and memory consumption) via a crafted packet. 55367 </description> 55368 </metadata> 55369 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 55370 <criteria operator="AND"> 55371 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55372 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 55373 </criteria> 55374 </definition> 55375 <definition id="oval:org.opensuse.security:def:20134081" version="1" class="vulnerability"> 55376 <metadata> 55377 <title>CVE-2013-4081</title> 55378 <affected family="unix"> 55379 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55380 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55381 </affected> 55382 <reference ref_id="CVE-2013-4081" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4081" source="CVE"/> 55383 <description> 55384 The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet. 55385 </description> 55386 </metadata> 55387 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 55388 <criteria operator="AND"> 55389 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55390 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 55391 </criteria> 55392 </definition> 55393 <definition id="oval:org.opensuse.security:def:20134082" version="1" class="vulnerability"> 55394 <metadata> 55395 <title>CVE-2013-4082</title> 55396 <affected family="unix"> 55397 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55398 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55399 </affected> 55400 <reference ref_id="CVE-2013-4082" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4082" source="CVE"/> 55401 <description> 55402 The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted packet. 55403 </description> 55404 </metadata> 55405 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 55406 <criteria operator="AND"> 55407 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55408 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 55409 </criteria> 55410 </definition> 55411 <definition id="oval:org.opensuse.security:def:20134083" version="1" class="vulnerability"> 55412 <metadata> 55413 <title>CVE-2013-4083</title> 55414 <affected family="unix"> 55415 <platform>SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T</platform> 55416 <platform>SUSE Linux Enterprise Desktop 10 SP4 for x86</platform> 55417 </affected> 55418 <reference ref_id="CVE-2013-4083" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4083" source="CVE"/> 55419 <description> 55420 The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. 55421 </description> 55422 </metadata> 55423 <!-- cb4504a53f9b3d0625f514d688e2c947 --> 55424 <criteria operator="AND"> 55425 <criterion test_ref="oval:org.opensuse.security:tst:2009036678" comment="sled10-sp4 is installed"/> 55426 <criterion test_ref="oval:org.opensuse.security:tst:2009077758" comment="wireshark less than 1.6.16-0.5.5"/> 55427 </criteria> 55428 </definition> 55429 </definitions> 55430 <tests> 55431 <rpminfo_test id="oval:org.opensuse.security:tst:2009036678" version="1" comment="sled-release is ==10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55432 <object object_ref="oval:org.opensuse.security:obj:2009031917"/> 55433 <state state_ref="oval:org.opensuse.security:ste:2009032190"/> 55434 </rpminfo_test> 55435 <rpminfo_test id="oval:org.opensuse.security:tst:2009077611" version="1" comment="krb5-32bit is <1.4.3-19.49.53.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55436 <object object_ref="oval:org.opensuse.security:obj:2009031038"/> 55437 <state state_ref="oval:org.opensuse.security:ste:2009041060"/> 55438 </rpminfo_test> 55439 <rpminfo_test id="oval:org.opensuse.security:tst:2009077612" version="1" comment="krb5-client is <1.4.3-19.49.53.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55440 <object object_ref="oval:org.opensuse.security:obj:2009031041"/> 55441 <state state_ref="oval:org.opensuse.security:ste:2009041060"/> 55442 </rpminfo_test> 55443 <rpminfo_test id="oval:org.opensuse.security:tst:2009077613" version="1" comment="krb5-devel-32bit is <1.4.3-19.49.53.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55444 <object object_ref="oval:org.opensuse.security:obj:2009031476"/> 55445 <state state_ref="oval:org.opensuse.security:ste:2009041060"/> 55446 </rpminfo_test> 55447 <rpminfo_test id="oval:org.opensuse.security:tst:2009077614" version="1" comment="krb5-devel is <1.4.3-19.49.53.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55448 <object object_ref="oval:org.opensuse.security:obj:2009031478"/> 55449 <state state_ref="oval:org.opensuse.security:ste:2009041060"/> 55450 </rpminfo_test> 55451 <rpminfo_test id="oval:org.opensuse.security:tst:2009077615" version="1" comment="krb5 is <1.4.3-19.49.53.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55452 <object object_ref="oval:org.opensuse.security:obj:2009031044"/> 55453 <state state_ref="oval:org.opensuse.security:ste:2009041060"/> 55454 </rpminfo_test> 55455 <rpminfo_test id="oval:org.opensuse.security:tst:2009037717" version="1" comment="xorg-x11-devel-32bit is <6.9.0-50.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55456 <object object_ref="oval:org.opensuse.security:obj:2009031328"/> 55457 <state state_ref="oval:org.opensuse.security:ste:2009032914"/> 55458 </rpminfo_test> 55459 <rpminfo_test id="oval:org.opensuse.security:tst:2009037718" version="1" comment="xorg-x11-devel is <6.9.0-50.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55460 <object object_ref="oval:org.opensuse.security:obj:2009031330"/> 55461 <state state_ref="oval:org.opensuse.security:ste:2009032914"/> 55462 </rpminfo_test> 55463 <rpminfo_test id="oval:org.opensuse.security:tst:2009037767" version="1" comment="gtk2-devel is <2.8.11-0.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55464 <object object_ref="oval:org.opensuse.security:obj:2009030533"/> 55465 <state state_ref="oval:org.opensuse.security:ste:2009032940"/> 55466 </rpminfo_test> 55467 <rpminfo_test id="oval:org.opensuse.security:tst:2009037827" version="1" comment="NetworkManager-devel is <0.6.4-60.26" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55468 <object object_ref="oval:org.opensuse.security:obj:2009031891"/> 55469 <state state_ref="oval:org.opensuse.security:ste:2009032975"/> 55470 </rpminfo_test> 55471 <rpminfo_test id="oval:org.opensuse.security:tst:2009037828" version="1" comment="NetworkManager-glib is <0.6.4-60.26" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55472 <object object_ref="oval:org.opensuse.security:obj:2009030980"/> 55473 <state state_ref="oval:org.opensuse.security:ste:2009032975"/> 55474 </rpminfo_test> 55475 <rpminfo_test id="oval:org.opensuse.security:tst:2009037829" version="1" comment="NetworkManager-gnome is <0.6.4-60.26" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55476 <object object_ref="oval:org.opensuse.security:obj:2009030982"/> 55477 <state state_ref="oval:org.opensuse.security:ste:2009032975"/> 55478 </rpminfo_test> 55479 <rpminfo_test id="oval:org.opensuse.security:tst:2009037830" version="1" comment="NetworkManager-openvpn is <0.3.2cvs20060202-20.25" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55480 <object object_ref="oval:org.opensuse.security:obj:2009032004"/> 55481 <state state_ref="oval:org.opensuse.security:ste:2009032976"/> 55482 </rpminfo_test> 55483 <rpminfo_test id="oval:org.opensuse.security:tst:2009037831" version="1" comment="NetworkManager-vpnc is <0.5.0cvs20060202-19.30" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55484 <object object_ref="oval:org.opensuse.security:obj:2009032005"/> 55485 <state state_ref="oval:org.opensuse.security:ste:2009032977"/> 55486 </rpminfo_test> 55487 <rpminfo_test id="oval:org.opensuse.security:tst:2009037832" version="1" comment="NetworkManager is <0.6.4-60.26" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55488 <object object_ref="oval:org.opensuse.security:obj:2009030981"/> 55489 <state state_ref="oval:org.opensuse.security:ste:2009032975"/> 55490 </rpminfo_test> 55491 <rpminfo_test id="oval:org.opensuse.security:tst:2009037833" version="1" comment="art-sharp is <1.0.10-30.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55492 <object object_ref="oval:org.opensuse.security:obj:2009032006"/> 55493 <state state_ref="oval:org.opensuse.security:ste:2009032978"/> 55494 </rpminfo_test> 55495 <rpminfo_test id="oval:org.opensuse.security:tst:2009037834" version="1" comment="audit-libs-32bit is <1.2.9-6.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55496 <object object_ref="oval:org.opensuse.security:obj:2009031681"/> 55497 <state state_ref="oval:org.opensuse.security:ste:2009032979"/> 55498 </rpminfo_test> 55499 <rpminfo_test id="oval:org.opensuse.security:tst:2009037835" version="1" comment="audit-libs-python is <1.2.9-12.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55500 <object object_ref="oval:org.opensuse.security:obj:2009031683"/> 55501 <state state_ref="oval:org.opensuse.security:ste:2009032980"/> 55502 </rpminfo_test> 55503 <rpminfo_test id="oval:org.opensuse.security:tst:2009037836" version="1" comment="audit-libs is <1.2.9-6.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55504 <object object_ref="oval:org.opensuse.security:obj:2009031684"/> 55505 <state state_ref="oval:org.opensuse.security:ste:2009032979"/> 55506 </rpminfo_test> 55507 <rpminfo_test id="oval:org.opensuse.security:tst:2009037837" version="1" comment="audit is <1.2.9-6.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55508 <object object_ref="oval:org.opensuse.security:obj:2009031685"/> 55509 <state state_ref="oval:org.opensuse.security:ste:2009032979"/> 55510 </rpminfo_test> 55511 <rpminfo_test id="oval:org.opensuse.security:tst:2009037838" version="1" comment="beagle-evolution is <0.2.16.3-1.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55512 <object object_ref="oval:org.opensuse.security:obj:2009032007"/> 55513 <state state_ref="oval:org.opensuse.security:ste:2009032981"/> 55514 </rpminfo_test> 55515 <rpminfo_test id="oval:org.opensuse.security:tst:2009037839" version="1" comment="beagle-firefox is <0.2.16.3-1.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55516 <object object_ref="oval:org.opensuse.security:obj:2009032008"/> 55517 <state state_ref="oval:org.opensuse.security:ste:2009032981"/> 55518 </rpminfo_test> 55519 <rpminfo_test id="oval:org.opensuse.security:tst:2009037840" version="1" comment="beagle-gui is <0.2.16.3-1.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55520 <object object_ref="oval:org.opensuse.security:obj:2009032009"/> 55521 <state state_ref="oval:org.opensuse.security:ste:2009032981"/> 55522 </rpminfo_test> 55523 <rpminfo_test id="oval:org.opensuse.security:tst:2009037841" version="1" comment="beagle is <0.2.16.3-1.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55524 <object object_ref="oval:org.opensuse.security:obj:2009032010"/> 55525 <state state_ref="oval:org.opensuse.security:ste:2009032981"/> 55526 </rpminfo_test> 55527 <rpminfo_test id="oval:org.opensuse.security:tst:2009037842" version="1" comment="cifs-mount is <3.0.24-2.23" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55528 <object object_ref="oval:org.opensuse.security:obj:2009031336"/> 55529 <state state_ref="oval:org.opensuse.security:ste:2009032982"/> 55530 </rpminfo_test> 55531 <rpminfo_test id="oval:org.opensuse.security:tst:2009037843" version="1" comment="compiz is <0.4.0-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55532 <object object_ref="oval:org.opensuse.security:obj:2009032011"/> 55533 <state state_ref="oval:org.opensuse.security:ste:2009032983"/> 55534 </rpminfo_test> 55535 <rpminfo_test id="oval:org.opensuse.security:tst:2009037844" version="1" comment="contact-lookup-applet is <0.13-21.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55536 <object object_ref="oval:org.opensuse.security:obj:2009032012"/> 55537 <state state_ref="oval:org.opensuse.security:ste:2009032984"/> 55538 </rpminfo_test> 55539 <rpminfo_test id="oval:org.opensuse.security:tst:2009037845" version="1" comment="dhcp-client is <3.0.3-23.33" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55540 <object object_ref="oval:org.opensuse.security:obj:2009030726"/> 55541 <state state_ref="oval:org.opensuse.security:ste:2009032985"/> 55542 </rpminfo_test> 55543 <rpminfo_test id="oval:org.opensuse.security:tst:2009037846" version="1" comment="dhcp is <3.0.3-23.33" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55544 <object object_ref="oval:org.opensuse.security:obj:2009030729"/> 55545 <state state_ref="oval:org.opensuse.security:ste:2009032985"/> 55546 </rpminfo_test> 55547 <rpminfo_test id="oval:org.opensuse.security:tst:2009037847" version="1" comment="dia is <0.94-41.22" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55548 <object object_ref="oval:org.opensuse.security:obj:2009030607"/> 55549 <state state_ref="oval:org.opensuse.security:ste:2009032986"/> 55550 </rpminfo_test> 55551 <rpminfo_test id="oval:org.opensuse.security:tst:2009037848" version="1" comment="evolution-devel is <2.6.0-49.55" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55552 <object object_ref="oval:org.opensuse.security:obj:2009030569"/> 55553 <state state_ref="oval:org.opensuse.security:ste:2009032987"/> 55554 </rpminfo_test> 55555 <rpminfo_test id="oval:org.opensuse.security:tst:2009037849" version="1" comment="evolution-exchange is <2.6.0-27.34" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55556 <object object_ref="oval:org.opensuse.security:obj:2009032013"/> 55557 <state state_ref="oval:org.opensuse.security:ste:2009032988"/> 55558 </rpminfo_test> 55559 <rpminfo_test id="oval:org.opensuse.security:tst:2009037850" version="1" comment="evolution-pilot is <2.6.0-49.55" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55560 <object object_ref="oval:org.opensuse.security:obj:2009030464"/> 55561 <state state_ref="oval:org.opensuse.security:ste:2009032987"/> 55562 </rpminfo_test> 55563 <rpminfo_test id="oval:org.opensuse.security:tst:2009037851" version="1" comment="evolution-webcal is <2.4.1-18.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55564 <object object_ref="oval:org.opensuse.security:obj:2009032014"/> 55565 <state state_ref="oval:org.opensuse.security:ste:2009032989"/> 55566 </rpminfo_test> 55567 <rpminfo_test id="oval:org.opensuse.security:tst:2009037852" version="1" comment="evolution is <2.6.0-49.55" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55568 <object object_ref="oval:org.opensuse.security:obj:2009030465"/> 55569 <state state_ref="oval:org.opensuse.security:ste:2009032987"/> 55570 </rpminfo_test> 55571 <rpminfo_test id="oval:org.opensuse.security:tst:2009037853" version="1" comment="f-spot is <0.3.5-0.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55572 <object object_ref="oval:org.opensuse.security:obj:2009032015"/> 55573 <state state_ref="oval:org.opensuse.security:ste:2009032990"/> 55574 </rpminfo_test> 55575 <rpminfo_test id="oval:org.opensuse.security:tst:2009037854" version="1" comment="gaim-devel is <1.5.0-50.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55576 <object object_ref="oval:org.opensuse.security:obj:2009032016"/> 55577 <state state_ref="oval:org.opensuse.security:ste:2009032991"/> 55578 </rpminfo_test> 55579 <rpminfo_test id="oval:org.opensuse.security:tst:2009037855" version="1" comment="gaim is <1.5.0-50.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55580 <object object_ref="oval:org.opensuse.security:obj:2009030467"/> 55581 <state state_ref="oval:org.opensuse.security:ste:2009032991"/> 55582 </rpminfo_test> 55583 <rpminfo_test id="oval:org.opensuse.security:tst:2009037856" version="1" comment="gconf-sharp is <1.0.10-30.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55584 <object object_ref="oval:org.opensuse.security:obj:2009032017"/> 55585 <state state_ref="oval:org.opensuse.security:ste:2009032978"/> 55586 </rpminfo_test> 55587 <rpminfo_test id="oval:org.opensuse.security:tst:2009037857" version="1" comment="gda-sharp is <1.0.10-30.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55588 <object object_ref="oval:org.opensuse.security:obj:2009032018"/> 55589 <state state_ref="oval:org.opensuse.security:ste:2009032978"/> 55590 </rpminfo_test> 55591 <rpminfo_test id="oval:org.opensuse.security:tst:2009037858" version="1" comment="gdb is <6.6-12.20" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55592 <object object_ref="oval:org.opensuse.security:obj:2009032019"/> 55593 <state state_ref="oval:org.opensuse.security:ste:2009032992"/> 55594 </rpminfo_test> 55595 <rpminfo_test id="oval:org.opensuse.security:tst:2009037859" version="1" comment="gftp is <2.0.18-25.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55596 <object object_ref="oval:org.opensuse.security:obj:2009032020"/> 55597 <state state_ref="oval:org.opensuse.security:ste:2009032993"/> 55598 </rpminfo_test> 55599 <rpminfo_test id="oval:org.opensuse.security:tst:2009037860" version="1" comment="glade-sharp is <1.0.10-30.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55600 <object object_ref="oval:org.opensuse.security:obj:2009032021"/> 55601 <state state_ref="oval:org.opensuse.security:ste:2009032978"/> 55602 </rpminfo_test> 55603 <rpminfo_test id="oval:org.opensuse.security:tst:2009037861" version="1" comment="glib-sharp is <1.0.10-30.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55604 <object object_ref="oval:org.opensuse.security:obj:2009032022"/> 55605 <state state_ref="oval:org.opensuse.security:ste:2009032978"/> 55606 </rpminfo_test> 55607 <rpminfo_test id="oval:org.opensuse.security:tst:2009037862" version="1" comment="glib2-32bit is <2.8.6-0.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55608 <object object_ref="oval:org.opensuse.security:obj:2009030529"/> 55609 <state state_ref="oval:org.opensuse.security:ste:2009032994"/> 55610 </rpminfo_test> 55611 <rpminfo_test id="oval:org.opensuse.security:tst:2009037863" version="1" comment="glib2-devel is <2.8.6-0.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55612 <object object_ref="oval:org.opensuse.security:obj:2009031274"/> 55613 <state state_ref="oval:org.opensuse.security:ste:2009032994"/> 55614 </rpminfo_test> 55615 <rpminfo_test id="oval:org.opensuse.security:tst:2009037864" version="1" comment="glib2-doc is <2.8.6-0.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55616 <object object_ref="oval:org.opensuse.security:obj:2009030892"/> 55617 <state state_ref="oval:org.opensuse.security:ste:2009032994"/> 55618 </rpminfo_test> 55619 <rpminfo_test id="oval:org.opensuse.security:tst:2009037865" version="1" comment="glib2 is <2.8.6-0.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55620 <object object_ref="oval:org.opensuse.security:obj:2009030530"/> 55621 <state state_ref="oval:org.opensuse.security:ste:2009032994"/> 55622 </rpminfo_test> 55623 <rpminfo_test id="oval:org.opensuse.security:tst:2009037866" version="1" comment="gnome-backgrounds is <2.12.3.1-0.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55624 <object object_ref="oval:org.opensuse.security:obj:2009032023"/> 55625 <state state_ref="oval:org.opensuse.security:ste:2009032995"/> 55626 </rpminfo_test> 55627 <rpminfo_test id="oval:org.opensuse.security:tst:2009037867" version="1" comment="gnome-filesystem is <0.1-261.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55628 <object object_ref="oval:org.opensuse.security:obj:2009032024"/> 55629 <state state_ref="oval:org.opensuse.security:ste:2009032996"/> 55630 </rpminfo_test> 55631 <rpminfo_test id="oval:org.opensuse.security:tst:2009037868" version="1" comment="gnome-games is <2.12.3-0.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55632 <object object_ref="oval:org.opensuse.security:obj:2009032025"/> 55633 <state state_ref="oval:org.opensuse.security:ste:2009032997"/> 55634 </rpminfo_test> 55635 <rpminfo_test id="oval:org.opensuse.security:tst:2009037869" version="1" comment="gnome-sharp is <1.0.10-30.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55636 <object object_ref="oval:org.opensuse.security:obj:2009032026"/> 55637 <state state_ref="oval:org.opensuse.security:ste:2009032978"/> 55638 </rpminfo_test> 55639 <rpminfo_test id="oval:org.opensuse.security:tst:2009037870" version="1" comment="gnomedb-sharp is <1.0.10-30.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55640 <object object_ref="oval:org.opensuse.security:obj:2009032027"/> 55641 <state state_ref="oval:org.opensuse.security:ste:2009032978"/> 55642 </rpminfo_test> 55643 <rpminfo_test id="oval:org.opensuse.security:tst:2009037871" version="1" comment="gnopernicus-devel is <1.0.0-23.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55644 <object object_ref="oval:org.opensuse.security:obj:2009032028"/> 55645 <state state_ref="oval:org.opensuse.security:ste:2009032998"/> 55646 </rpminfo_test> 55647 <rpminfo_test id="oval:org.opensuse.security:tst:2009037872" version="1" comment="gnopernicus is <1.0.0-23.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55648 <object object_ref="oval:org.opensuse.security:obj:2009032029"/> 55649 <state state_ref="oval:org.opensuse.security:ste:2009032998"/> 55650 </rpminfo_test> 55651 <rpminfo_test id="oval:org.opensuse.security:tst:2009037873" version="1" comment="gstreamer010-plugins-base-32bit is <0.10.5-11.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55652 <object object_ref="oval:org.opensuse.security:obj:2009032030"/> 55653 <state state_ref="oval:org.opensuse.security:ste:2009032999"/> 55654 </rpminfo_test> 55655 <rpminfo_test id="oval:org.opensuse.security:tst:2009037874" version="1" comment="gstreamer010-plugins-base-devel is <0.10.5-11.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55656 <object object_ref="oval:org.opensuse.security:obj:2009032031"/> 55657 <state state_ref="oval:org.opensuse.security:ste:2009032999"/> 55658 </rpminfo_test> 55659 <rpminfo_test id="oval:org.opensuse.security:tst:2009037875" version="1" comment="gstreamer010-plugins-base-doc is <0.10.5-11.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55660 <object object_ref="oval:org.opensuse.security:obj:2009032032"/> 55661 <state state_ref="oval:org.opensuse.security:ste:2009032999"/> 55662 </rpminfo_test> 55663 <rpminfo_test id="oval:org.opensuse.security:tst:2009037876" version="1" comment="gstreamer010-plugins-base-oil-32bit is <0.10.5-11.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55664 <object object_ref="oval:org.opensuse.security:obj:2009032033"/> 55665 <state state_ref="oval:org.opensuse.security:ste:2009032999"/> 55666 </rpminfo_test> 55667 <rpminfo_test id="oval:org.opensuse.security:tst:2009037877" version="1" comment="gstreamer010-plugins-base-oil is <0.10.5-11.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55668 <object object_ref="oval:org.opensuse.security:obj:2009032034"/> 55669 <state state_ref="oval:org.opensuse.security:ste:2009032999"/> 55670 </rpminfo_test> 55671 <rpminfo_test id="oval:org.opensuse.security:tst:2009037878" version="1" comment="gstreamer010-plugins-base-visual-32bit is <0.10.5-11.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55672 <object object_ref="oval:org.opensuse.security:obj:2009032035"/> 55673 <state state_ref="oval:org.opensuse.security:ste:2009032999"/> 55674 </rpminfo_test> 55675 <rpminfo_test id="oval:org.opensuse.security:tst:2009037879" version="1" comment="gstreamer010-plugins-base-visual is <0.10.5-11.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55676 <object object_ref="oval:org.opensuse.security:obj:2009032036"/> 55677 <state state_ref="oval:org.opensuse.security:ste:2009032999"/> 55678 </rpminfo_test> 55679 <rpminfo_test id="oval:org.opensuse.security:tst:2009037880" version="1" comment="gstreamer010-plugins-base is <0.10.5-11.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55680 <object object_ref="oval:org.opensuse.security:obj:2009032037"/> 55681 <state state_ref="oval:org.opensuse.security:ste:2009032999"/> 55682 </rpminfo_test> 55683 <rpminfo_test id="oval:org.opensuse.security:tst:2009037881" version="1" comment="gtk-sharp-32bit is <1.0.10-30.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55684 <object object_ref="oval:org.opensuse.security:obj:2009032038"/> 55685 <state state_ref="oval:org.opensuse.security:ste:2009032978"/> 55686 </rpminfo_test> 55687 <rpminfo_test id="oval:org.opensuse.security:tst:2009037882" version="1" comment="gtk-sharp-complete is <1.0.10-30.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55688 <object object_ref="oval:org.opensuse.security:obj:2009032039"/> 55689 <state state_ref="oval:org.opensuse.security:ste:2009032978"/> 55690 </rpminfo_test> 55691 <rpminfo_test id="oval:org.opensuse.security:tst:2009037883" version="1" comment="gtk-sharp-gapi is <1.0.10-30.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55692 <object object_ref="oval:org.opensuse.security:obj:2009032040"/> 55693 <state state_ref="oval:org.opensuse.security:ste:2009032978"/> 55694 </rpminfo_test> 55695 <rpminfo_test id="oval:org.opensuse.security:tst:2009037884" version="1" comment="gtk-sharp is <1.0.10-30.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55696 <object object_ref="oval:org.opensuse.security:obj:2009032041"/> 55697 <state state_ref="oval:org.opensuse.security:ste:2009032978"/> 55698 </rpminfo_test> 55699 <rpminfo_test id="oval:org.opensuse.security:tst:2009037885" version="1" comment="gtkhtml-sharp is <1.0.10-30.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55700 <object object_ref="oval:org.opensuse.security:obj:2009032042"/> 55701 <state state_ref="oval:org.opensuse.security:ste:2009032978"/> 55702 </rpminfo_test> 55703 <rpminfo_test id="oval:org.opensuse.security:tst:2009037886" version="1" comment="helix-dbus-server is <0.4.0-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55704 <object object_ref="oval:org.opensuse.security:obj:2009032043"/> 55705 <state state_ref="oval:org.opensuse.security:ste:2009033000"/> 55706 </rpminfo_test> 55707 <rpminfo_test id="oval:org.opensuse.security:tst:2009037887" version="1" comment="inkscape is <0.43-20.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55708 <object object_ref="oval:org.opensuse.security:obj:2009032044"/> 55709 <state state_ref="oval:org.opensuse.security:ste:2009033001"/> 55710 </rpminfo_test> 55711 <rpminfo_test id="oval:org.opensuse.security:tst:2009037888" version="1" comment="libbeagle-32bit is <0.2.16.3-1.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55712 <object object_ref="oval:org.opensuse.security:obj:2009032045"/> 55713 <state state_ref="oval:org.opensuse.security:ste:2009033002"/> 55714 </rpminfo_test> 55715 <rpminfo_test id="oval:org.opensuse.security:tst:2009037889" version="1" comment="libbeagle-devel is <0.2.16.3-1.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55716 <object object_ref="oval:org.opensuse.security:obj:2009032046"/> 55717 <state state_ref="oval:org.opensuse.security:ste:2009033002"/> 55718 </rpminfo_test> 55719 <rpminfo_test id="oval:org.opensuse.security:tst:2009037890" version="1" comment="libbeagle is <0.2.16.3-1.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55720 <object object_ref="oval:org.opensuse.security:obj:2009032047"/> 55721 <state state_ref="oval:org.opensuse.security:ste:2009033002"/> 55722 </rpminfo_test> 55723 <rpminfo_test id="oval:org.opensuse.security:tst:2009037891" version="1" comment="libgail-gnome-devel is <1.1.3-41.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55724 <object object_ref="oval:org.opensuse.security:obj:2009032048"/> 55725 <state state_ref="oval:org.opensuse.security:ste:2009033003"/> 55726 </rpminfo_test> 55727 <rpminfo_test id="oval:org.opensuse.security:tst:2009037892" version="1" comment="libgail-gnome is <1.1.3-41.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55728 <object object_ref="oval:org.opensuse.security:obj:2009032049"/> 55729 <state state_ref="oval:org.opensuse.security:ste:2009033003"/> 55730 </rpminfo_test> 55731 <rpminfo_test id="oval:org.opensuse.security:tst:2009037893" version="1" comment="libgdiplus is <1.2.2-13.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55732 <object object_ref="oval:org.opensuse.security:obj:2009032050"/> 55733 <state state_ref="oval:org.opensuse.security:ste:2009033004"/> 55734 </rpminfo_test> 55735 <rpminfo_test id="oval:org.opensuse.security:tst:2009037894" version="1" comment="libipoddevice-32bit is <0.5.2-1.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55736 <object object_ref="oval:org.opensuse.security:obj:2009032051"/> 55737 <state state_ref="oval:org.opensuse.security:ste:2009033005"/> 55738 </rpminfo_test> 55739 <rpminfo_test id="oval:org.opensuse.security:tst:2009037895" version="1" comment="libipoddevice is <0.5.2-1.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55740 <object object_ref="oval:org.opensuse.security:obj:2009032052"/> 55741 <state state_ref="oval:org.opensuse.security:ste:2009033005"/> 55742 </rpminfo_test> 55743 <rpminfo_test id="oval:org.opensuse.security:tst:2009037896" version="1" comment="libsmbclient-32bit is <3.0.24-2.23" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55744 <object object_ref="oval:org.opensuse.security:obj:2009030745"/> 55745 <state state_ref="oval:org.opensuse.security:ste:2009032982"/> 55746 </rpminfo_test> 55747 <rpminfo_test id="oval:org.opensuse.security:tst:2009037897" version="1" comment="libsmbclient-devel is <3.0.24-2.23" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55748 <object object_ref="oval:org.opensuse.security:obj:2009030441"/> 55749 <state state_ref="oval:org.opensuse.security:ste:2009032982"/> 55750 </rpminfo_test> 55751 <rpminfo_test id="oval:org.opensuse.security:tst:2009037898" version="1" comment="libsmbclient is <3.0.24-2.23" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55752 <object object_ref="oval:org.opensuse.security:obj:2009030442"/> 55753 <state state_ref="oval:org.opensuse.security:ste:2009032982"/> 55754 </rpminfo_test> 55755 <rpminfo_test id="oval:org.opensuse.security:tst:2009037899" version="1" comment="libtool-32bit is <1.5.22-13.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55756 <object object_ref="oval:org.opensuse.security:obj:2009032053"/> 55757 <state state_ref="oval:org.opensuse.security:ste:2009033006"/> 55758 </rpminfo_test> 55759 <rpminfo_test id="oval:org.opensuse.security:tst:2009037900" version="1" comment="libtool is <1.5.22-13.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55760 <object object_ref="oval:org.opensuse.security:obj:2009032054"/> 55761 <state state_ref="oval:org.opensuse.security:ste:2009033006"/> 55762 </rpminfo_test> 55763 <rpminfo_test id="oval:org.opensuse.security:tst:2009037901" version="1" comment="linphone-applet is <1.2.0-16.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55764 <object object_ref="oval:org.opensuse.security:obj:2009032055"/> 55765 <state state_ref="oval:org.opensuse.security:ste:2009033007"/> 55766 </rpminfo_test> 55767 <rpminfo_test id="oval:org.opensuse.security:tst:2009037902" version="1" comment="linphone is <1.2.0-16.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55768 <object object_ref="oval:org.opensuse.security:obj:2009032056"/> 55769 <state state_ref="oval:org.opensuse.security:ste:2009033007"/> 55770 </rpminfo_test> 55771 <rpminfo_test id="oval:org.opensuse.security:tst:2009037903" version="1" comment="openobex-devel is <1.3-28.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55772 <object object_ref="oval:org.opensuse.security:obj:2009032057"/> 55773 <state state_ref="oval:org.opensuse.security:ste:2009033008"/> 55774 </rpminfo_test> 55775 <rpminfo_test id="oval:org.opensuse.security:tst:2009037904" version="1" comment="openobex is <1.3-28.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55776 <object object_ref="oval:org.opensuse.security:obj:2009032058"/> 55777 <state state_ref="oval:org.opensuse.security:ste:2009033008"/> 55778 </rpminfo_test> 55779 <rpminfo_test id="oval:org.opensuse.security:tst:2009037905" version="1" comment="planner-devel is <0.14.1-24.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55780 <object object_ref="oval:org.opensuse.security:obj:2009032059"/> 55781 <state state_ref="oval:org.opensuse.security:ste:2009033009"/> 55782 </rpminfo_test> 55783 <rpminfo_test id="oval:org.opensuse.security:tst:2009037906" version="1" comment="planner is <0.14.1-24.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55784 <object object_ref="oval:org.opensuse.security:obj:2009032060"/> 55785 <state state_ref="oval:org.opensuse.security:ste:2009033009"/> 55786 </rpminfo_test> 55787 <rpminfo_test id="oval:org.opensuse.security:tst:2009037907" version="1" comment="pwlib-devel is <1.10.4-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55788 <object object_ref="oval:org.opensuse.security:obj:2009032061"/> 55789 <state state_ref="oval:org.opensuse.security:ste:2009033010"/> 55790 </rpminfo_test> 55791 <rpminfo_test id="oval:org.opensuse.security:tst:2009037908" version="1" comment="pwlib is <1.10.4-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55792 <object object_ref="oval:org.opensuse.security:obj:2009031982"/> 55793 <state state_ref="oval:org.opensuse.security:ste:2009033010"/> 55794 </rpminfo_test> 55795 <rpminfo_test id="oval:org.opensuse.security:tst:2009037909" version="1" comment="resapplet is <0.1.4-5.20" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55796 <object object_ref="oval:org.opensuse.security:obj:2009032062"/> 55797 <state state_ref="oval:org.opensuse.security:ste:2009033011"/> 55798 </rpminfo_test> 55799 <rpminfo_test id="oval:org.opensuse.security:tst:2009037910" version="1" comment="rsvg-sharp is <1.0.10-30.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55800 <object object_ref="oval:org.opensuse.security:obj:2009032063"/> 55801 <state state_ref="oval:org.opensuse.security:ste:2009032978"/> 55802 </rpminfo_test> 55803 <rpminfo_test id="oval:org.opensuse.security:tst:2009037911" version="1" comment="sabayon-admin is <2.12.3-21.29" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55804 <object object_ref="oval:org.opensuse.security:obj:2009032064"/> 55805 <state state_ref="oval:org.opensuse.security:ste:2009033012"/> 55806 </rpminfo_test> 55807 <rpminfo_test id="oval:org.opensuse.security:tst:2009037912" version="1" comment="sabayon is <2.12.3-21.29" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55808 <object object_ref="oval:org.opensuse.security:obj:2009032065"/> 55809 <state state_ref="oval:org.opensuse.security:ste:2009033012"/> 55810 </rpminfo_test> 55811 <rpminfo_test id="oval:org.opensuse.security:tst:2009037913" version="1" comment="samba-32bit is <3.0.24-2.23" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55812 <object object_ref="oval:org.opensuse.security:obj:2009030769"/> 55813 <state state_ref="oval:org.opensuse.security:ste:2009032982"/> 55814 </rpminfo_test> 55815 <rpminfo_test id="oval:org.opensuse.security:tst:2009037914" version="1" comment="samba-client-32bit is <3.0.24-2.23" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55816 <object object_ref="oval:org.opensuse.security:obj:2009030770"/> 55817 <state state_ref="oval:org.opensuse.security:ste:2009032982"/> 55818 </rpminfo_test> 55819 <rpminfo_test id="oval:org.opensuse.security:tst:2009037915" version="1" comment="samba-client is <3.0.24-2.23" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55820 <object object_ref="oval:org.opensuse.security:obj:2009030443"/> 55821 <state state_ref="oval:org.opensuse.security:ste:2009032982"/> 55822 </rpminfo_test> 55823 <rpminfo_test id="oval:org.opensuse.security:tst:2009037916" version="1" comment="samba-doc is <3.0.24-2.23" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55824 <object object_ref="oval:org.opensuse.security:obj:2009030444"/> 55825 <state state_ref="oval:org.opensuse.security:ste:2009032982"/> 55826 </rpminfo_test> 55827 <rpminfo_test id="oval:org.opensuse.security:tst:2009037917" version="1" comment="samba-krb-printing is <3.0.24-2.23" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55828 <object object_ref="oval:org.opensuse.security:obj:2009031344"/> 55829 <state state_ref="oval:org.opensuse.security:ste:2009032982"/> 55830 </rpminfo_test> 55831 <rpminfo_test id="oval:org.opensuse.security:tst:2009037918" version="1" comment="samba-pdb is <3.0.24-2.23" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55832 <object object_ref="oval:org.opensuse.security:obj:2009030445"/> 55833 <state state_ref="oval:org.opensuse.security:ste:2009032982"/> 55834 </rpminfo_test> 55835 <rpminfo_test id="oval:org.opensuse.security:tst:2009037919" version="1" comment="samba-vscan is <0.3.6b-42.49" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55836 <object object_ref="oval:org.opensuse.security:obj:2009030447"/> 55837 <state state_ref="oval:org.opensuse.security:ste:2009033013"/> 55838 </rpminfo_test> 55839 <rpminfo_test id="oval:org.opensuse.security:tst:2009037920" version="1" comment="samba-winbind-32bit is <3.0.24-2.23" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55840 <object object_ref="oval:org.opensuse.security:obj:2009030771"/> 55841 <state state_ref="oval:org.opensuse.security:ste:2009032982"/> 55842 </rpminfo_test> 55843 <rpminfo_test id="oval:org.opensuse.security:tst:2009037921" version="1" comment="samba-winbind is <3.0.24-2.23" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55844 <object object_ref="oval:org.opensuse.security:obj:2009030448"/> 55845 <state state_ref="oval:org.opensuse.security:ste:2009032982"/> 55846 </rpminfo_test> 55847 <rpminfo_test id="oval:org.opensuse.security:tst:2009037922" version="1" comment="samba is <3.0.24-2.23" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55848 <object object_ref="oval:org.opensuse.security:obj:2009030429"/> 55849 <state state_ref="oval:org.opensuse.security:ste:2009032982"/> 55850 </rpminfo_test> 55851 <rpminfo_test id="oval:org.opensuse.security:tst:2009037923" version="1" comment="tomboy is <0.6.0-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55852 <object object_ref="oval:org.opensuse.security:obj:2009031247"/> 55853 <state state_ref="oval:org.opensuse.security:ste:2009033014"/> 55854 </rpminfo_test> 55855 <rpminfo_test id="oval:org.opensuse.security:tst:2009037924" version="1" comment="vte-sharp is <1.0.10-30.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55856 <object object_ref="oval:org.opensuse.security:obj:2009032066"/> 55857 <state state_ref="oval:org.opensuse.security:ste:2009032978"/> 55858 </rpminfo_test> 55859 <rpminfo_test id="oval:org.opensuse.security:tst:2009037925" version="1" comment="wbxml2 is <0.9.0-18.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55860 <object object_ref="oval:org.opensuse.security:obj:2009032067"/> 55861 <state state_ref="oval:org.opensuse.security:ste:2009033015"/> 55862 </rpminfo_test> 55863 <rpminfo_test id="oval:org.opensuse.security:tst:2009037926" version="1" comment="xgl-hardware-list is <070326-0.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55864 <object object_ref="oval:org.opensuse.security:obj:2009032068"/> 55865 <state state_ref="oval:org.opensuse.security:ste:2009033016"/> 55866 </rpminfo_test> 55867 <rpminfo_test id="oval:org.opensuse.security:tst:2009037927" version="1" comment="xgl is <cvs_060522-0.32" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55868 <object object_ref="oval:org.opensuse.security:obj:2009031271"/> 55869 <state state_ref="oval:org.opensuse.security:ste:2009033017"/> 55870 </rpminfo_test> 55871 <rpminfo_test id="oval:org.opensuse.security:tst:2009038159" version="1" comment="perl-PerlMagick is <6.2.5-16.20" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55872 <object object_ref="oval:org.opensuse.security:obj:2009030834"/> 55873 <state state_ref="oval:org.opensuse.security:ste:2009033123"/> 55874 </rpminfo_test> 55875 <rpminfo_test id="oval:org.opensuse.security:tst:2009038841" version="1" comment="kdebase3-beagle is <3.5.1-69.52" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55876 <object object_ref="oval:org.opensuse.security:obj:2009032163"/> 55877 <state state_ref="oval:org.opensuse.security:ste:2009033391"/> 55878 </rpminfo_test> 55879 <rpminfo_test id="oval:org.opensuse.security:tst:2009039492" version="1" comment="madwifi-kmp-bigsmp is <0.9.3_2.6.16.46_0.12-6.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55880 <object object_ref="oval:org.opensuse.security:obj:2009032203"/> 55881 <state state_ref="oval:org.opensuse.security:ste:2009033747"/> 55882 </rpminfo_test> 55883 <rpminfo_test id="oval:org.opensuse.security:tst:2009039493" version="1" comment="madwifi-kmp-default is <0.9.3_2.6.16.46_0.12-6.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55884 <object object_ref="oval:org.opensuse.security:obj:2009032204"/> 55885 <state state_ref="oval:org.opensuse.security:ste:2009033747"/> 55886 </rpminfo_test> 55887 <rpminfo_test id="oval:org.opensuse.security:tst:2009039494" version="1" comment="madwifi-kmp-smp is <0.9.3_2.6.16.46_0.12-6.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55888 <object object_ref="oval:org.opensuse.security:obj:2009032205"/> 55889 <state state_ref="oval:org.opensuse.security:ste:2009033747"/> 55890 </rpminfo_test> 55891 <rpminfo_test id="oval:org.opensuse.security:tst:2009056858" version="1" comment="kernel-default is <2.6.16.60-0.58.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55892 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 55893 <state state_ref="oval:org.opensuse.security:ste:2009037527"/> 55894 </rpminfo_test> 55895 <rpminfo_test id="oval:org.opensuse.security:tst:2009056861" version="1" comment="kernel-smp is <2.6.16.60-0.58.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55896 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 55897 <state state_ref="oval:org.opensuse.security:ste:2009037527"/> 55898 </rpminfo_test> 55899 <rpminfo_test id="oval:org.opensuse.security:tst:2009056859" version="1" comment="kernel-source is <2.6.16.60-0.58.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55900 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 55901 <state state_ref="oval:org.opensuse.security:ste:2009037527"/> 55902 </rpminfo_test> 55903 <rpminfo_test id="oval:org.opensuse.security:tst:2009056860" version="1" comment="kernel-syms is <2.6.16.60-0.58.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55904 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 55905 <state state_ref="oval:org.opensuse.security:ste:2009037527"/> 55906 </rpminfo_test> 55907 <rpminfo_test id="oval:org.opensuse.security:tst:2009056862" version="1" comment="kernel-xen is <2.6.16.60-0.58.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55908 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 55909 <state state_ref="oval:org.opensuse.security:ste:2009037527"/> 55910 </rpminfo_test> 55911 <rpminfo_test id="oval:org.opensuse.security:tst:2009056864" version="1" comment="kernel-bigsmp is <2.6.16.60-0.58.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55912 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 55913 <state state_ref="oval:org.opensuse.security:ste:2009037527"/> 55914 </rpminfo_test> 55915 <rpminfo_test id="oval:org.opensuse.security:tst:2009056865" version="1" comment="kernel-xenpae is <2.6.16.60-0.58.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55916 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 55917 <state state_ref="oval:org.opensuse.security:ste:2009037527"/> 55918 </rpminfo_test> 55919 <rpminfo_test id="oval:org.opensuse.security:tst:2009040429" version="1" comment="novell-NLDAPbase-dyn-32bit is <3.4.1-0.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55920 <object object_ref="oval:org.opensuse.security:obj:2009032235"/> 55921 <state state_ref="oval:org.opensuse.security:ste:2009034060"/> 55922 </rpminfo_test> 55923 <rpminfo_test id="oval:org.opensuse.security:tst:2009040430" version="1" comment="novell-NLDAPbase-dyn is <3.4.1-0.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55924 <object object_ref="oval:org.opensuse.security:obj:2009032236"/> 55925 <state state_ref="oval:org.opensuse.security:ste:2009034060"/> 55926 </rpminfo_test> 55927 <rpminfo_test id="oval:org.opensuse.security:tst:2009040431" version="1" comment="novell-NLDAPsdk-dyn-32bit is <3.4.1-0.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55928 <object object_ref="oval:org.opensuse.security:obj:2009032237"/> 55929 <state state_ref="oval:org.opensuse.security:ste:2009034060"/> 55930 </rpminfo_test> 55931 <rpminfo_test id="oval:org.opensuse.security:tst:2009040432" version="1" comment="novell-NLDAPsdk-dyn is <3.4.1-0.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55932 <object object_ref="oval:org.opensuse.security:obj:2009032238"/> 55933 <state state_ref="oval:org.opensuse.security:ste:2009034060"/> 55934 </rpminfo_test> 55935 <rpminfo_test id="oval:org.opensuse.security:tst:2009040545" version="1" comment="arts-32bit is <1.5.1-15.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55936 <object object_ref="oval:org.opensuse.security:obj:2009030632"/> 55937 <state state_ref="oval:org.opensuse.security:ste:2009034109"/> 55938 </rpminfo_test> 55939 <rpminfo_test id="oval:org.opensuse.security:tst:2009040546" version="1" comment="arts-devel is <1.5.1-15.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55940 <object object_ref="oval:org.opensuse.security:obj:2009032243"/> 55941 <state state_ref="oval:org.opensuse.security:ste:2009034109"/> 55942 </rpminfo_test> 55943 <rpminfo_test id="oval:org.opensuse.security:tst:2009040547" version="1" comment="arts is <1.5.1-15.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55944 <object object_ref="oval:org.opensuse.security:obj:2009030633"/> 55945 <state state_ref="oval:org.opensuse.security:ste:2009034109"/> 55946 </rpminfo_test> 55947 <rpminfo_test id="oval:org.opensuse.security:tst:2009040548" version="1" comment="esound-32bit is <0.2.36-19.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55948 <object object_ref="oval:org.opensuse.security:obj:2009032244"/> 55949 <state state_ref="oval:org.opensuse.security:ste:2009034110"/> 55950 </rpminfo_test> 55951 <rpminfo_test id="oval:org.opensuse.security:tst:2009040549" version="1" comment="esound-devel is <0.2.36-19.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55952 <object object_ref="oval:org.opensuse.security:obj:2009032245"/> 55953 <state state_ref="oval:org.opensuse.security:ste:2009034110"/> 55954 </rpminfo_test> 55955 <rpminfo_test id="oval:org.opensuse.security:tst:2009040550" version="1" comment="esound is <0.2.36-19.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55956 <object object_ref="oval:org.opensuse.security:obj:2009032246"/> 55957 <state state_ref="oval:org.opensuse.security:ste:2009034110"/> 55958 </rpminfo_test> 55959 <rpminfo_test id="oval:org.opensuse.security:tst:2009040551" version="1" comment="fileshareset is <2.0-84.51" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55960 <object object_ref="oval:org.opensuse.security:obj:2009032247"/> 55961 <state state_ref="oval:org.opensuse.security:ste:2009034111"/> 55962 </rpminfo_test> 55963 <rpminfo_test id="oval:org.opensuse.security:tst:2009040552" version="1" comment="fontconfig-32bit is <2.3.94-18.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55964 <object object_ref="oval:org.opensuse.security:obj:2009032248"/> 55965 <state state_ref="oval:org.opensuse.security:ste:2009034112"/> 55966 </rpminfo_test> 55967 <rpminfo_test id="oval:org.opensuse.security:tst:2009040553" version="1" comment="fontconfig-devel-32bit is <2.3.94-18.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55968 <object object_ref="oval:org.opensuse.security:obj:2009032249"/> 55969 <state state_ref="oval:org.opensuse.security:ste:2009034112"/> 55970 </rpminfo_test> 55971 <rpminfo_test id="oval:org.opensuse.security:tst:2009040554" version="1" comment="fontconfig-devel is <2.3.94-18.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55972 <object object_ref="oval:org.opensuse.security:obj:2009032250"/> 55973 <state state_ref="oval:org.opensuse.security:ste:2009034112"/> 55974 </rpminfo_test> 55975 <rpminfo_test id="oval:org.opensuse.security:tst:2009040555" version="1" comment="fontconfig is <2.3.94-18.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55976 <object object_ref="oval:org.opensuse.security:obj:2009032251"/> 55977 <state state_ref="oval:org.opensuse.security:ste:2009034112"/> 55978 </rpminfo_test> 55979 <rpminfo_test id="oval:org.opensuse.security:tst:2009040556" version="1" comment="gnokii is <0.6.14-40.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55980 <object object_ref="oval:org.opensuse.security:obj:2009032252"/> 55981 <state state_ref="oval:org.opensuse.security:ste:2009034113"/> 55982 </rpminfo_test> 55983 <rpminfo_test id="oval:org.opensuse.security:tst:2009040557" version="1" comment="gtk-32bit is <1.2.10-907.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55984 <object object_ref="oval:org.opensuse.security:obj:2009032253"/> 55985 <state state_ref="oval:org.opensuse.security:ste:2009034114"/> 55986 </rpminfo_test> 55987 <rpminfo_test id="oval:org.opensuse.security:tst:2009040558" version="1" comment="gtk-devel is <1.2.10-907.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55988 <object object_ref="oval:org.opensuse.security:obj:2009032254"/> 55989 <state state_ref="oval:org.opensuse.security:ste:2009034114"/> 55990 </rpminfo_test> 55991 <rpminfo_test id="oval:org.opensuse.security:tst:2009040559" version="1" comment="gtk is <1.2.10-907.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55992 <object object_ref="oval:org.opensuse.security:obj:2009032255"/> 55993 <state state_ref="oval:org.opensuse.security:ste:2009034114"/> 55994 </rpminfo_test> 55995 <rpminfo_test id="oval:org.opensuse.security:tst:2009040560" version="1" comment="icecream-monitor is <1.0-45.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 55996 <object object_ref="oval:org.opensuse.security:obj:2009032256"/> 55997 <state state_ref="oval:org.opensuse.security:ste:2009034115"/> 55998 </rpminfo_test> 55999 <rpminfo_test id="oval:org.opensuse.security:tst:2009040561" version="1" comment="kdebase3-32bit is <3.5.1-69.52" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56000 <object object_ref="oval:org.opensuse.security:obj:2009030744"/> 56001 <state state_ref="oval:org.opensuse.security:ste:2009033391"/> 56002 </rpminfo_test> 56003 <rpminfo_test id="oval:org.opensuse.security:tst:2009040562" version="1" comment="kdebase3-devel is <3.5.1-69.52" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56004 <object object_ref="oval:org.opensuse.security:obj:2009031092"/> 56005 <state state_ref="oval:org.opensuse.security:ste:2009033391"/> 56006 </rpminfo_test> 56007 <rpminfo_test id="oval:org.opensuse.security:tst:2009040563" version="1" comment="kdebase3-kdm is <3.5.1-69.52" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56008 <object object_ref="oval:org.opensuse.security:obj:2009031195"/> 56009 <state state_ref="oval:org.opensuse.security:ste:2009033391"/> 56010 </rpminfo_test> 56011 <rpminfo_test id="oval:org.opensuse.security:tst:2009040564" version="1" comment="kdebase3-ksysguardd is <3.5.1-69.52" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56012 <object object_ref="oval:org.opensuse.security:obj:2009031948"/> 56013 <state state_ref="oval:org.opensuse.security:ste:2009033391"/> 56014 </rpminfo_test> 56015 <rpminfo_test id="oval:org.opensuse.security:tst:2009040565" version="1" comment="kdebase3-nsplugin is <3.5.1-69.52" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56016 <object object_ref="oval:org.opensuse.security:obj:2009031967"/> 56017 <state state_ref="oval:org.opensuse.security:ste:2009033391"/> 56018 </rpminfo_test> 56019 <rpminfo_test id="oval:org.opensuse.security:tst:2009040566" version="1" comment="kdebase3-samba is <3.5.1-69.52" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56020 <object object_ref="oval:org.opensuse.security:obj:2009032257"/> 56021 <state state_ref="oval:org.opensuse.security:ste:2009033391"/> 56022 </rpminfo_test> 56023 <rpminfo_test id="oval:org.opensuse.security:tst:2009040567" version="1" comment="kdebase3-session is <3.5.1-69.52" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56024 <object object_ref="oval:org.opensuse.security:obj:2009032258"/> 56025 <state state_ref="oval:org.opensuse.security:ste:2009033391"/> 56026 </rpminfo_test> 56027 <rpminfo_test id="oval:org.opensuse.security:tst:2009040568" version="1" comment="kdebase3 is <3.5.1-69.52" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56028 <object object_ref="oval:org.opensuse.security:obj:2009030449"/> 56029 <state state_ref="oval:org.opensuse.security:ste:2009033391"/> 56030 </rpminfo_test> 56031 <rpminfo_test id="oval:org.opensuse.security:tst:2009040569" version="1" comment="kdelibs3-32bit is <3.5.1-49.35" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56032 <object object_ref="oval:org.opensuse.security:obj:2009030600"/> 56033 <state state_ref="oval:org.opensuse.security:ste:2009034116"/> 56034 </rpminfo_test> 56035 <rpminfo_test id="oval:org.opensuse.security:tst:2009040570" version="1" comment="kdelibs3-arts-32bit is <3.5.1-49.35" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56036 <object object_ref="oval:org.opensuse.security:obj:2009031698"/> 56037 <state state_ref="oval:org.opensuse.security:ste:2009034116"/> 56038 </rpminfo_test> 56039 <rpminfo_test id="oval:org.opensuse.security:tst:2009040571" version="1" comment="kdelibs3-arts is <3.5.1-49.35" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56040 <object object_ref="oval:org.opensuse.security:obj:2009031700"/> 56041 <state state_ref="oval:org.opensuse.security:ste:2009034116"/> 56042 </rpminfo_test> 56043 <rpminfo_test id="oval:org.opensuse.security:tst:2009040572" version="1" comment="kdelibs3-devel-doc is <3.5.1-49.34" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56044 <object object_ref="oval:org.opensuse.security:obj:2009030763"/> 56045 <state state_ref="oval:org.opensuse.security:ste:2009034117"/> 56046 </rpminfo_test> 56047 <rpminfo_test id="oval:org.opensuse.security:tst:2009040573" version="1" comment="kdelibs3-devel is <3.5.1-49.35" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56048 <object object_ref="oval:org.opensuse.security:obj:2009030543"/> 56049 <state state_ref="oval:org.opensuse.security:ste:2009034116"/> 56050 </rpminfo_test> 56051 <rpminfo_test id="oval:org.opensuse.security:tst:2009040574" version="1" comment="kdelibs3-doc is <3.5.1-49.35" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56052 <object object_ref="oval:org.opensuse.security:obj:2009031704"/> 56053 <state state_ref="oval:org.opensuse.security:ste:2009034116"/> 56054 </rpminfo_test> 56055 <rpminfo_test id="oval:org.opensuse.security:tst:2009040575" version="1" comment="kdelibs3 is <3.5.1-49.35" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56056 <object object_ref="oval:org.opensuse.security:obj:2009030439"/> 56057 <state state_ref="oval:org.opensuse.security:ste:2009034116"/> 56058 </rpminfo_test> 56059 <rpminfo_test id="oval:org.opensuse.security:tst:2009040576" version="1" comment="kdeutils3-devel is <3.5.1-25.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56060 <object object_ref="oval:org.opensuse.security:obj:2009032259"/> 56061 <state state_ref="oval:org.opensuse.security:ste:2009034118"/> 56062 </rpminfo_test> 56063 <rpminfo_test id="oval:org.opensuse.security:tst:2009040577" version="1" comment="kdeutils3-laptop is <3.5.1-25.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56064 <object object_ref="oval:org.opensuse.security:obj:2009032260"/> 56065 <state state_ref="oval:org.opensuse.security:ste:2009034118"/> 56066 </rpminfo_test> 56067 <rpminfo_test id="oval:org.opensuse.security:tst:2009040578" version="1" comment="kdeutils3 is <3.5.1-25.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56068 <object object_ref="oval:org.opensuse.security:obj:2009031952"/> 56069 <state state_ref="oval:org.opensuse.security:ste:2009034118"/> 56070 </rpminfo_test> 56071 <rpminfo_test id="oval:org.opensuse.security:tst:2009040579" version="1" comment="libwnck-32bit is <2.12.3-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56072 <object object_ref="oval:org.opensuse.security:obj:2009032261"/> 56073 <state state_ref="oval:org.opensuse.security:ste:2009034119"/> 56074 </rpminfo_test> 56075 <rpminfo_test id="oval:org.opensuse.security:tst:2009040580" version="1" comment="libwnck-devel is <2.12.3-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56076 <object object_ref="oval:org.opensuse.security:obj:2009032262"/> 56077 <state state_ref="oval:org.opensuse.security:ste:2009034119"/> 56078 </rpminfo_test> 56079 <rpminfo_test id="oval:org.opensuse.security:tst:2009040581" version="1" comment="libwnck is <2.12.3-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56080 <object object_ref="oval:org.opensuse.security:obj:2009032263"/> 56081 <state state_ref="oval:org.opensuse.security:ste:2009034119"/> 56082 </rpminfo_test> 56083 <rpminfo_test id="oval:org.opensuse.security:tst:2009040582" version="1" comment="mysql-client is <5.0.26-12.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56084 <object object_ref="oval:org.opensuse.security:obj:2009030723"/> 56085 <state state_ref="oval:org.opensuse.security:ste:2009034120"/> 56086 </rpminfo_test> 56087 <rpminfo_test id="oval:org.opensuse.security:tst:2009040583" version="1" comment="mysql-devel is <5.0.26-12.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56088 <object object_ref="oval:org.opensuse.security:obj:2009030570"/> 56089 <state state_ref="oval:org.opensuse.security:ste:2009034120"/> 56090 </rpminfo_test> 56091 <rpminfo_test id="oval:org.opensuse.security:tst:2009040584" version="1" comment="mysql-shared-32bit is <5.0.26-12.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56092 <object object_ref="oval:org.opensuse.security:obj:2009032264"/> 56093 <state state_ref="oval:org.opensuse.security:ste:2009034120"/> 56094 </rpminfo_test> 56095 <rpminfo_test id="oval:org.opensuse.security:tst:2009040585" version="1" comment="mysql-shared is <5.0.26-12.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56096 <object object_ref="oval:org.opensuse.security:obj:2009030724"/> 56097 <state state_ref="oval:org.opensuse.security:ste:2009034120"/> 56098 </rpminfo_test> 56099 <rpminfo_test id="oval:org.opensuse.security:tst:2009040586" version="1" comment="mysql is <5.0.26-12.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56100 <object object_ref="oval:org.opensuse.security:obj:2009030424"/> 56101 <state state_ref="oval:org.opensuse.security:ste:2009034120"/> 56102 </rpminfo_test> 56103 <rpminfo_test id="oval:org.opensuse.security:tst:2009040587" version="1" comment="net-snmp-32bit is <5.3.0.1-25.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56104 <object object_ref="oval:org.opensuse.security:obj:2009031231"/> 56105 <state state_ref="oval:org.opensuse.security:ste:2009034121"/> 56106 </rpminfo_test> 56107 <rpminfo_test id="oval:org.opensuse.security:tst:2009040588" version="1" comment="net-snmp-devel is <5.3.0.1-25.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56108 <object object_ref="oval:org.opensuse.security:obj:2009030791"/> 56109 <state state_ref="oval:org.opensuse.security:ste:2009034121"/> 56110 </rpminfo_test> 56111 <rpminfo_test id="oval:org.opensuse.security:tst:2009040589" version="1" comment="net-snmp is <5.3.0.1-25.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56112 <object object_ref="oval:org.opensuse.security:obj:2009030550"/> 56113 <state state_ref="oval:org.opensuse.security:ste:2009034121"/> 56114 </rpminfo_test> 56115 <rpminfo_test id="oval:org.opensuse.security:tst:2009040590" version="1" comment="perl-SNMP is <5.3.0.1-25.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56116 <object object_ref="oval:org.opensuse.security:obj:2009030792"/> 56117 <state state_ref="oval:org.opensuse.security:ste:2009034121"/> 56118 </rpminfo_test> 56119 <rpminfo_test id="oval:org.opensuse.security:tst:2009040591" version="1" comment="qt3-32bit is <3.3.5-58.24" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56120 <object object_ref="oval:org.opensuse.security:obj:2009030657"/> 56121 <state state_ref="oval:org.opensuse.security:ste:2009034122"/> 56122 </rpminfo_test> 56123 <rpminfo_test id="oval:org.opensuse.security:tst:2009040592" version="1" comment="qt3-devel-32bit is <3.3.5-58.24" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56124 <object object_ref="oval:org.opensuse.security:obj:2009030658"/> 56125 <state state_ref="oval:org.opensuse.security:ste:2009034122"/> 56126 </rpminfo_test> 56127 <rpminfo_test id="oval:org.opensuse.security:tst:2009040593" version="1" comment="qt3-devel-doc is <3.3.5-58.22" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56128 <object object_ref="oval:org.opensuse.security:obj:2009030659"/> 56129 <state state_ref="oval:org.opensuse.security:ste:2009034123"/> 56130 </rpminfo_test> 56131 <rpminfo_test id="oval:org.opensuse.security:tst:2009040594" version="1" comment="qt3-devel-tools is <3.3.5-58.22" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56132 <object object_ref="oval:org.opensuse.security:obj:2009030762"/> 56133 <state state_ref="oval:org.opensuse.security:ste:2009034123"/> 56134 </rpminfo_test> 56135 <rpminfo_test id="oval:org.opensuse.security:tst:2009040595" version="1" comment="qt3-devel is <3.3.5-58.24" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56136 <object object_ref="oval:org.opensuse.security:obj:2009030660"/> 56137 <state state_ref="oval:org.opensuse.security:ste:2009034122"/> 56138 </rpminfo_test> 56139 <rpminfo_test id="oval:org.opensuse.security:tst:2009040596" version="1" comment="qt3-examples is <3.3.5-58.22" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56140 <object object_ref="oval:org.opensuse.security:obj:2009032265"/> 56141 <state state_ref="oval:org.opensuse.security:ste:2009034123"/> 56142 </rpminfo_test> 56143 <rpminfo_test id="oval:org.opensuse.security:tst:2009040597" version="1" comment="qt3-man is <3.3.5-58.22" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56144 <object object_ref="oval:org.opensuse.security:obj:2009032266"/> 56145 <state state_ref="oval:org.opensuse.security:ste:2009034123"/> 56146 </rpminfo_test> 56147 <rpminfo_test id="oval:org.opensuse.security:tst:2009040598" version="1" comment="qt3 is <3.3.5-58.24" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56148 <object object_ref="oval:org.opensuse.security:obj:2009030662"/> 56149 <state state_ref="oval:org.opensuse.security:ste:2009034122"/> 56150 </rpminfo_test> 56151 <rpminfo_test id="oval:org.opensuse.security:tst:2009040637" version="1" comment="device-mapper-32bit is <1.02.13-6.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56152 <object object_ref="oval:org.opensuse.security:obj:2009032292"/> 56153 <state state_ref="oval:org.opensuse.security:ste:2009034124"/> 56154 </rpminfo_test> 56155 <rpminfo_test id="oval:org.opensuse.security:tst:2009040638" version="1" comment="device-mapper is <1.02.13-6.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56156 <object object_ref="oval:org.opensuse.security:obj:2009032293"/> 56157 <state state_ref="oval:org.opensuse.security:ste:2009034124"/> 56158 </rpminfo_test> 56159 <rpminfo_test id="oval:org.opensuse.security:tst:2009040639" version="1" comment="gfxboot is <3.2.38-0.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56160 <object object_ref="oval:org.opensuse.security:obj:2009032294"/> 56161 <state state_ref="oval:org.opensuse.security:ste:2009034125"/> 56162 </rpminfo_test> 56163 <rpminfo_test id="oval:org.opensuse.security:tst:2009040640" version="1" comment="icecream is <0.7.14-20.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56164 <object object_ref="oval:org.opensuse.security:obj:2009032295"/> 56165 <state state_ref="oval:org.opensuse.security:ste:2009034126"/> 56166 </rpminfo_test> 56167 <rpminfo_test id="oval:org.opensuse.security:tst:2009040641" version="1" comment="kernel-bigsmp is <2.6.16.46-0.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56168 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 56169 <state state_ref="oval:org.opensuse.security:ste:2009034127"/> 56170 </rpminfo_test> 56171 <rpminfo_test id="oval:org.opensuse.security:tst:2009040642" version="1" comment="kernel-default is <2.6.16.46-0.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56172 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 56173 <state state_ref="oval:org.opensuse.security:ste:2009034127"/> 56174 </rpminfo_test> 56175 <rpminfo_test id="oval:org.opensuse.security:tst:2009040643" version="1" comment="kernel-smp is <2.6.16.46-0.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56176 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 56177 <state state_ref="oval:org.opensuse.security:ste:2009034127"/> 56178 </rpminfo_test> 56179 <rpminfo_test id="oval:org.opensuse.security:tst:2009040644" version="1" comment="kernel-source is <2.6.16.46-0.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56180 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 56181 <state state_ref="oval:org.opensuse.security:ste:2009034127"/> 56182 </rpminfo_test> 56183 <rpminfo_test id="oval:org.opensuse.security:tst:2009040645" version="1" comment="kernel-syms is <2.6.16.46-0.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56184 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 56185 <state state_ref="oval:org.opensuse.security:ste:2009034127"/> 56186 </rpminfo_test> 56187 <rpminfo_test id="oval:org.opensuse.security:tst:2009040646" version="1" comment="kernel-xen is <2.6.16.46-0.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56188 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 56189 <state state_ref="oval:org.opensuse.security:ste:2009034127"/> 56190 </rpminfo_test> 56191 <rpminfo_test id="oval:org.opensuse.security:tst:2009040647" version="1" comment="kernel-xenpae is <2.6.16.46-0.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56192 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 56193 <state state_ref="oval:org.opensuse.security:ste:2009034127"/> 56194 </rpminfo_test> 56195 <rpminfo_test id="oval:org.opensuse.security:tst:2009040648" version="1" comment="lkcdutils is <7.0.1-22.23" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56196 <object object_ref="oval:org.opensuse.security:obj:2009032296"/> 56197 <state state_ref="oval:org.opensuse.security:ste:2009034128"/> 56198 </rpminfo_test> 56199 <rpminfo_test id="oval:org.opensuse.security:tst:2009040649" version="1" comment="ltrace-32bit is <0.4-31.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56200 <object object_ref="oval:org.opensuse.security:obj:2009032297"/> 56201 <state state_ref="oval:org.opensuse.security:ste:2009034129"/> 56202 </rpminfo_test> 56203 <rpminfo_test id="oval:org.opensuse.security:tst:2009040650" version="1" comment="ltrace is <0.4-31.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56204 <object object_ref="oval:org.opensuse.security:obj:2009032298"/> 56205 <state state_ref="oval:org.opensuse.security:ste:2009034129"/> 56206 </rpminfo_test> 56207 <rpminfo_test id="oval:org.opensuse.security:tst:2009040651" version="1" comment="oprofile is <0.9.1-17.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56208 <object object_ref="oval:org.opensuse.security:obj:2009032299"/> 56209 <state state_ref="oval:org.opensuse.security:ste:2009034130"/> 56210 </rpminfo_test> 56211 <rpminfo_test id="oval:org.opensuse.security:tst:2009040652" version="1" comment="rsync is <2.6.8-36.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56212 <object object_ref="oval:org.opensuse.security:obj:2009030761"/> 56213 <state state_ref="oval:org.opensuse.security:ste:2009034131"/> 56214 </rpminfo_test> 56215 <rpminfo_test id="oval:org.opensuse.security:tst:2009040653" version="1" comment="sysstat is <6.0.2-16.19" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56216 <object object_ref="oval:org.opensuse.security:obj:2009031983"/> 56217 <state state_ref="oval:org.opensuse.security:ste:2009034132"/> 56218 </rpminfo_test> 56219 <rpminfo_test id="oval:org.opensuse.security:tst:2009040845" version="1" comment="libpng-devel-32bit is <1.2.8-19.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56220 <object object_ref="oval:org.opensuse.security:obj:2009031449"/> 56221 <state state_ref="oval:org.opensuse.security:ste:2009034211"/> 56222 </rpminfo_test> 56223 <rpminfo_test id="oval:org.opensuse.security:tst:2009040846" version="1" comment="libpng-devel is <1.2.8-19.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56224 <object object_ref="oval:org.opensuse.security:obj:2009030639"/> 56225 <state state_ref="oval:org.opensuse.security:ste:2009034211"/> 56226 </rpminfo_test> 56227 <rpminfo_test id="oval:org.opensuse.security:tst:2009040930" version="1" comment="cairo-32bit is <1.0.2-27.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56228 <object object_ref="oval:org.opensuse.security:obj:2009031466"/> 56229 <state state_ref="oval:org.opensuse.security:ste:2009034239"/> 56230 </rpminfo_test> 56231 <rpminfo_test id="oval:org.opensuse.security:tst:2009040931" version="1" comment="cairo-devel is <1.0.2-27.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56232 <object object_ref="oval:org.opensuse.security:obj:2009031469"/> 56233 <state state_ref="oval:org.opensuse.security:ste:2009034239"/> 56234 </rpminfo_test> 56235 <rpminfo_test id="oval:org.opensuse.security:tst:2009040932" version="1" comment="cairo-doc is <1.0.2-27.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56236 <object object_ref="oval:org.opensuse.security:obj:2009031470"/> 56237 <state state_ref="oval:org.opensuse.security:ste:2009034239"/> 56238 </rpminfo_test> 56239 <rpminfo_test id="oval:org.opensuse.security:tst:2009040933" version="1" comment="cairo is <1.0.2-27.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56240 <object object_ref="oval:org.opensuse.security:obj:2009031471"/> 56241 <state state_ref="oval:org.opensuse.security:ste:2009034239"/> 56242 </rpminfo_test> 56243 <rpminfo_test id="oval:org.opensuse.security:tst:2009040934" version="1" comment="control-center2-devel is <2.12.3-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56244 <object object_ref="oval:org.opensuse.security:obj:2009032313"/> 56245 <state state_ref="oval:org.opensuse.security:ste:2009034240"/> 56246 </rpminfo_test> 56247 <rpminfo_test id="oval:org.opensuse.security:tst:2009040935" version="1" comment="control-center2 is <2.12.3-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56248 <object object_ref="oval:org.opensuse.security:obj:2009032314"/> 56249 <state state_ref="oval:org.opensuse.security:ste:2009034240"/> 56250 </rpminfo_test> 56251 <rpminfo_test id="oval:org.opensuse.security:tst:2009040936" version="1" comment="eel-32bit is <2.12.2-18.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56252 <object object_ref="oval:org.opensuse.security:obj:2009032315"/> 56253 <state state_ref="oval:org.opensuse.security:ste:2009034241"/> 56254 </rpminfo_test> 56255 <rpminfo_test id="oval:org.opensuse.security:tst:2009040937" version="1" comment="eel-devel is <2.12.2-18.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56256 <object object_ref="oval:org.opensuse.security:obj:2009032316"/> 56257 <state state_ref="oval:org.opensuse.security:ste:2009034241"/> 56258 </rpminfo_test> 56259 <rpminfo_test id="oval:org.opensuse.security:tst:2009040938" version="1" comment="eel is <2.12.2-18.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56260 <object object_ref="oval:org.opensuse.security:obj:2009032317"/> 56261 <state state_ref="oval:org.opensuse.security:ste:2009034241"/> 56262 </rpminfo_test> 56263 <rpminfo_test id="oval:org.opensuse.security:tst:2009040939" version="1" comment="evolution-data-server-32bit is <1.6.0-43.53" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56264 <object object_ref="oval:org.opensuse.security:obj:2009030992"/> 56265 <state state_ref="oval:org.opensuse.security:ste:2009034242"/> 56266 </rpminfo_test> 56267 <rpminfo_test id="oval:org.opensuse.security:tst:2009040940" version="1" comment="evolution-data-server-devel is <1.6.0-43.53" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56268 <object object_ref="oval:org.opensuse.security:obj:2009031899"/> 56269 <state state_ref="oval:org.opensuse.security:ste:2009034242"/> 56270 </rpminfo_test> 56271 <rpminfo_test id="oval:org.opensuse.security:tst:2009040941" version="1" comment="evolution-data-server is <1.6.0-43.53" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56272 <object object_ref="oval:org.opensuse.security:obj:2009030995"/> 56273 <state state_ref="oval:org.opensuse.security:ste:2009034242"/> 56274 </rpminfo_test> 56275 <rpminfo_test id="oval:org.opensuse.security:tst:2009040942" version="1" comment="ghex is <2.8.1-27.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56276 <object object_ref="oval:org.opensuse.security:obj:2009032318"/> 56277 <state state_ref="oval:org.opensuse.security:ste:2009034243"/> 56278 </rpminfo_test> 56279 <rpminfo_test id="oval:org.opensuse.security:tst:2009040943" version="1" comment="gimp-devel is <2.2.10-22.20" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56280 <object object_ref="oval:org.opensuse.security:obj:2009030654"/> 56281 <state state_ref="oval:org.opensuse.security:ste:2009034244"/> 56282 </rpminfo_test> 56283 <rpminfo_test id="oval:org.opensuse.security:tst:2009040944" version="1" comment="gimp is <2.2.10-22.20" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56284 <object object_ref="oval:org.opensuse.security:obj:2009030642"/> 56285 <state state_ref="oval:org.opensuse.security:ste:2009034244"/> 56286 </rpminfo_test> 56287 <rpminfo_test id="oval:org.opensuse.security:tst:2009040945" version="1" comment="gnome-applets-devel is <2.12.2-51.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56288 <object object_ref="oval:org.opensuse.security:obj:2009032319"/> 56289 <state state_ref="oval:org.opensuse.security:ste:2009034245"/> 56290 </rpminfo_test> 56291 <rpminfo_test id="oval:org.opensuse.security:tst:2009040946" version="1" comment="gnome-applets is <2.12.2-51.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56292 <object object_ref="oval:org.opensuse.security:obj:2009032320"/> 56293 <state state_ref="oval:org.opensuse.security:ste:2009034245"/> 56294 </rpminfo_test> 56295 <rpminfo_test id="oval:org.opensuse.security:tst:2009040947" version="1" comment="gnome-cups-manager-devel is <0.32cvs20060120-33.23" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56296 <object object_ref="oval:org.opensuse.security:obj:2009032321"/> 56297 <state state_ref="oval:org.opensuse.security:ste:2009034246"/> 56298 </rpminfo_test> 56299 <rpminfo_test id="oval:org.opensuse.security:tst:2009040948" version="1" comment="gnome-cups-manager is <0.32cvs20060120-33.23" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56300 <object object_ref="oval:org.opensuse.security:obj:2009032322"/> 56301 <state state_ref="oval:org.opensuse.security:ste:2009034246"/> 56302 </rpminfo_test> 56303 <rpminfo_test id="oval:org.opensuse.security:tst:2009040949" version="1" comment="gnome-desktop-32bit is <2.12.2-25.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56304 <object object_ref="oval:org.opensuse.security:obj:2009032323"/> 56305 <state state_ref="oval:org.opensuse.security:ste:2009034247"/> 56306 </rpminfo_test> 56307 <rpminfo_test id="oval:org.opensuse.security:tst:2009040950" version="1" comment="gnome-desktop-devel is <2.12.2-25.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56308 <object object_ref="oval:org.opensuse.security:obj:2009032324"/> 56309 <state state_ref="oval:org.opensuse.security:ste:2009034247"/> 56310 </rpminfo_test> 56311 <rpminfo_test id="oval:org.opensuse.security:tst:2009040951" version="1" comment="gnome-desktop is <2.12.2-25.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56312 <object object_ref="oval:org.opensuse.security:obj:2009032325"/> 56313 <state state_ref="oval:org.opensuse.security:ste:2009034247"/> 56314 </rpminfo_test> 56315 <rpminfo_test id="oval:org.opensuse.security:tst:2009040952" version="1" comment="gnome-keyring-32bit is <0.4.6-18.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56316 <object object_ref="oval:org.opensuse.security:obj:2009032326"/> 56317 <state state_ref="oval:org.opensuse.security:ste:2009034248"/> 56318 </rpminfo_test> 56319 <rpminfo_test id="oval:org.opensuse.security:tst:2009040953" version="1" comment="gnome-keyring-devel is <0.4.6-18.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56320 <object object_ref="oval:org.opensuse.security:obj:2009032327"/> 56321 <state state_ref="oval:org.opensuse.security:ste:2009034248"/> 56322 </rpminfo_test> 56323 <rpminfo_test id="oval:org.opensuse.security:tst:2009040954" version="1" comment="gnome-keyring is <0.4.6-18.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56324 <object object_ref="oval:org.opensuse.security:obj:2009032328"/> 56325 <state state_ref="oval:org.opensuse.security:ste:2009034248"/> 56326 </rpminfo_test> 56327 <rpminfo_test id="oval:org.opensuse.security:tst:2009040955" version="1" comment="gnome-main-menu-devel is <0.9.8-0.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56328 <object object_ref="oval:org.opensuse.security:obj:2009032329"/> 56329 <state state_ref="oval:org.opensuse.security:ste:2009034249"/> 56330 </rpminfo_test> 56331 <rpminfo_test id="oval:org.opensuse.security:tst:2009040956" version="1" comment="gnome-main-menu is <0.9.8-0.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56332 <object object_ref="oval:org.opensuse.security:obj:2009032330"/> 56333 <state state_ref="oval:org.opensuse.security:ste:2009034249"/> 56334 </rpminfo_test> 56335 <rpminfo_test id="oval:org.opensuse.security:tst:2009040957" version="1" comment="gnome-menus-32bit is <2.16.1-38.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56336 <object object_ref="oval:org.opensuse.security:obj:2009032331"/> 56337 <state state_ref="oval:org.opensuse.security:ste:2009034250"/> 56338 </rpminfo_test> 56339 <rpminfo_test id="oval:org.opensuse.security:tst:2009040958" version="1" comment="gnome-menus-devel is <2.16.1-38.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56340 <object object_ref="oval:org.opensuse.security:obj:2009032332"/> 56341 <state state_ref="oval:org.opensuse.security:ste:2009034250"/> 56342 </rpminfo_test> 56343 <rpminfo_test id="oval:org.opensuse.security:tst:2009040959" version="1" comment="gnome-menus is <2.16.1-38.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56344 <object object_ref="oval:org.opensuse.security:obj:2009032333"/> 56345 <state state_ref="oval:org.opensuse.security:ste:2009034250"/> 56346 </rpminfo_test> 56347 <rpminfo_test id="oval:org.opensuse.security:tst:2009040960" version="1" comment="gnome-panel-nld-32bit is <2.12.3-0.35" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56348 <object object_ref="oval:org.opensuse.security:obj:2009032334"/> 56349 <state state_ref="oval:org.opensuse.security:ste:2009034251"/> 56350 </rpminfo_test> 56351 <rpminfo_test id="oval:org.opensuse.security:tst:2009040961" version="1" comment="gnome-panel-nld-devel is <2.12.3-0.35" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56352 <object object_ref="oval:org.opensuse.security:obj:2009032335"/> 56353 <state state_ref="oval:org.opensuse.security:ste:2009034251"/> 56354 </rpminfo_test> 56355 <rpminfo_test id="oval:org.opensuse.security:tst:2009040962" version="1" comment="gnome-panel-nld-doc is <2.12.3-0.35" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56356 <object object_ref="oval:org.opensuse.security:obj:2009032336"/> 56357 <state state_ref="oval:org.opensuse.security:ste:2009034251"/> 56358 </rpminfo_test> 56359 <rpminfo_test id="oval:org.opensuse.security:tst:2009040963" version="1" comment="gnome-panel-nld is <2.12.3-0.35" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56360 <object object_ref="oval:org.opensuse.security:obj:2009032337"/> 56361 <state state_ref="oval:org.opensuse.security:ste:2009034251"/> 56362 </rpminfo_test> 56363 <rpminfo_test id="oval:org.opensuse.security:tst:2009040964" version="1" comment="gnome-vfs2-32bit is <2.12.2-58.28" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56364 <object object_ref="oval:org.opensuse.security:obj:2009030411"/> 56365 <state state_ref="oval:org.opensuse.security:ste:2009034252"/> 56366 </rpminfo_test> 56367 <rpminfo_test id="oval:org.opensuse.security:tst:2009040965" version="1" comment="gnome-vfs2-devel is <2.12.2-58.28" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56368 <object object_ref="oval:org.opensuse.security:obj:2009032338"/> 56369 <state state_ref="oval:org.opensuse.security:ste:2009034252"/> 56370 </rpminfo_test> 56371 <rpminfo_test id="oval:org.opensuse.security:tst:2009040966" version="1" comment="gnome-vfs2-doc is <2.12.2-58.28" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56372 <object object_ref="oval:org.opensuse.security:obj:2009030412"/> 56373 <state state_ref="oval:org.opensuse.security:ste:2009034252"/> 56374 </rpminfo_test> 56375 <rpminfo_test id="oval:org.opensuse.security:tst:2009040967" version="1" comment="gnome-vfs2 is <2.12.2-58.28" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56376 <object object_ref="oval:org.opensuse.security:obj:2009030413"/> 56377 <state state_ref="oval:org.opensuse.security:ste:2009034252"/> 56378 </rpminfo_test> 56379 <rpminfo_test id="oval:org.opensuse.security:tst:2009040968" version="1" comment="gstreamer010-32bit is <0.10.4-11.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56380 <object object_ref="oval:org.opensuse.security:obj:2009032339"/> 56381 <state state_ref="oval:org.opensuse.security:ste:2009034253"/> 56382 </rpminfo_test> 56383 <rpminfo_test id="oval:org.opensuse.security:tst:2009040969" version="1" comment="gstreamer010-devel is <0.10.4-11.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56384 <object object_ref="oval:org.opensuse.security:obj:2009032340"/> 56385 <state state_ref="oval:org.opensuse.security:ste:2009034253"/> 56386 </rpminfo_test> 56387 <rpminfo_test id="oval:org.opensuse.security:tst:2009040970" version="1" comment="gstreamer010-doc is <0.10.4-11.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56388 <object object_ref="oval:org.opensuse.security:obj:2009032341"/> 56389 <state state_ref="oval:org.opensuse.security:ste:2009034253"/> 56390 </rpminfo_test> 56391 <rpminfo_test id="oval:org.opensuse.security:tst:2009040971" version="1" comment="gstreamer010 is <0.10.4-11.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56392 <object object_ref="oval:org.opensuse.security:obj:2009032342"/> 56393 <state state_ref="oval:org.opensuse.security:ste:2009034253"/> 56394 </rpminfo_test> 56395 <rpminfo_test id="oval:org.opensuse.security:tst:2009040972" version="1" comment="gtk2-32bit is <2.8.11-0.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56396 <object object_ref="oval:org.opensuse.security:obj:2009030532"/> 56397 <state state_ref="oval:org.opensuse.security:ste:2009032940"/> 56398 </rpminfo_test> 56399 <rpminfo_test id="oval:org.opensuse.security:tst:2009040973" version="1" comment="gtk2-doc is <2.8.11-0.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56400 <object object_ref="oval:org.opensuse.security:obj:2009030534"/> 56401 <state state_ref="oval:org.opensuse.security:ste:2009032940"/> 56402 </rpminfo_test> 56403 <rpminfo_test id="oval:org.opensuse.security:tst:2009040974" version="1" comment="gtk2 is <2.8.11-0.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56404 <object object_ref="oval:org.opensuse.security:obj:2009030535"/> 56405 <state state_ref="oval:org.opensuse.security:ste:2009032940"/> 56406 </rpminfo_test> 56407 <rpminfo_test id="oval:org.opensuse.security:tst:2009040975" version="1" comment="gtkhtml2-devel is <3.10.0-15.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56408 <object object_ref="oval:org.opensuse.security:obj:2009032343"/> 56409 <state state_ref="oval:org.opensuse.security:ste:2009034254"/> 56410 </rpminfo_test> 56411 <rpminfo_test id="oval:org.opensuse.security:tst:2009040976" version="1" comment="gtkhtml2 is <3.10.0-15.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56412 <object object_ref="oval:org.opensuse.security:obj:2009030997"/> 56413 <state state_ref="oval:org.opensuse.security:ste:2009034254"/> 56414 </rpminfo_test> 56415 <rpminfo_test id="oval:org.opensuse.security:tst:2009040977" version="1" comment="intltool is <0.35.2-4.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56416 <object object_ref="oval:org.opensuse.security:obj:2009032344"/> 56417 <state state_ref="oval:org.opensuse.security:ste:2009034255"/> 56418 </rpminfo_test> 56419 <rpminfo_test id="oval:org.opensuse.security:tst:2009040978" version="1" comment="libgnomedb-devel is <1.3.91-23.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56420 <object object_ref="oval:org.opensuse.security:obj:2009032345"/> 56421 <state state_ref="oval:org.opensuse.security:ste:2009034256"/> 56422 </rpminfo_test> 56423 <rpminfo_test id="oval:org.opensuse.security:tst:2009040979" version="1" comment="libgnomedb is <1.3.91-23.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56424 <object object_ref="oval:org.opensuse.security:obj:2009032346"/> 56425 <state state_ref="oval:org.opensuse.security:ste:2009034256"/> 56426 </rpminfo_test> 56427 <rpminfo_test id="oval:org.opensuse.security:tst:2009040980" version="1" comment="libgnomesu-devel is <1.0.0-32.24" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56428 <object object_ref="oval:org.opensuse.security:obj:2009032347"/> 56429 <state state_ref="oval:org.opensuse.security:ste:2009034257"/> 56430 </rpminfo_test> 56431 <rpminfo_test id="oval:org.opensuse.security:tst:2009040981" version="1" comment="libgnomesu is <1.0.0-32.24" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56432 <object object_ref="oval:org.opensuse.security:obj:2009032348"/> 56433 <state state_ref="oval:org.opensuse.security:ste:2009034257"/> 56434 </rpminfo_test> 56435 <rpminfo_test id="oval:org.opensuse.security:tst:2009040982" version="1" comment="libgnomeui-32bit is <2.12.1-0.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56436 <object object_ref="oval:org.opensuse.security:obj:2009032349"/> 56437 <state state_ref="oval:org.opensuse.security:ste:2009034258"/> 56438 </rpminfo_test> 56439 <rpminfo_test id="oval:org.opensuse.security:tst:2009040983" version="1" comment="libgnomeui-devel is <2.12.1-0.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56440 <object object_ref="oval:org.opensuse.security:obj:2009032350"/> 56441 <state state_ref="oval:org.opensuse.security:ste:2009034258"/> 56442 </rpminfo_test> 56443 <rpminfo_test id="oval:org.opensuse.security:tst:2009040984" version="1" comment="libgnomeui-doc is <2.12.1-0.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56444 <object object_ref="oval:org.opensuse.security:obj:2009032351"/> 56445 <state state_ref="oval:org.opensuse.security:ste:2009034258"/> 56446 </rpminfo_test> 56447 <rpminfo_test id="oval:org.opensuse.security:tst:2009040985" version="1" comment="libgnomeui is <2.12.1-0.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56448 <object object_ref="oval:org.opensuse.security:obj:2009032352"/> 56449 <state state_ref="oval:org.opensuse.security:ste:2009034258"/> 56450 </rpminfo_test> 56451 <rpminfo_test id="oval:org.opensuse.security:tst:2009040986" version="1" comment="libgsf-32bit is <1.13.99-13.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56452 <object object_ref="oval:org.opensuse.security:obj:2009030652"/> 56453 <state state_ref="oval:org.opensuse.security:ste:2009034259"/> 56454 </rpminfo_test> 56455 <rpminfo_test id="oval:org.opensuse.security:tst:2009040987" version="1" comment="libgsf-devel is <1.13.99-13.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56456 <object object_ref="oval:org.opensuse.security:obj:2009032353"/> 56457 <state state_ref="oval:org.opensuse.security:ste:2009034259"/> 56458 </rpminfo_test> 56459 <rpminfo_test id="oval:org.opensuse.security:tst:2009040988" version="1" comment="libgsf-doc is <1.13.99-13.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56460 <object object_ref="oval:org.opensuse.security:obj:2009032354"/> 56461 <state state_ref="oval:org.opensuse.security:ste:2009034259"/> 56462 </rpminfo_test> 56463 <rpminfo_test id="oval:org.opensuse.security:tst:2009040989" version="1" comment="libgsf-gnome is <1.13.99-13.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56464 <object object_ref="oval:org.opensuse.security:obj:2009032355"/> 56465 <state state_ref="oval:org.opensuse.security:ste:2009034259"/> 56466 </rpminfo_test> 56467 <rpminfo_test id="oval:org.opensuse.security:tst:2009040990" version="1" comment="libgsf is <1.13.99-13.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56468 <object object_ref="oval:org.opensuse.security:obj:2009030653"/> 56469 <state state_ref="oval:org.opensuse.security:ste:2009034259"/> 56470 </rpminfo_test> 56471 <rpminfo_test id="oval:org.opensuse.security:tst:2009040991" version="1" comment="libsoup-32bit is <2.2.90-18.19" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56472 <object object_ref="oval:org.opensuse.security:obj:2009030513"/> 56473 <state state_ref="oval:org.opensuse.security:ste:2009034260"/> 56474 </rpminfo_test> 56475 <rpminfo_test id="oval:org.opensuse.security:tst:2009040992" version="1" comment="libsoup-devel-32bit is <2.2.90-18.19" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56476 <object object_ref="oval:org.opensuse.security:obj:2009030514"/> 56477 <state state_ref="oval:org.opensuse.security:ste:2009034260"/> 56478 </rpminfo_test> 56479 <rpminfo_test id="oval:org.opensuse.security:tst:2009040993" version="1" comment="libsoup-devel is <2.2.90-18.19" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56480 <object object_ref="oval:org.opensuse.security:obj:2009030515"/> 56481 <state state_ref="oval:org.opensuse.security:ste:2009034260"/> 56482 </rpminfo_test> 56483 <rpminfo_test id="oval:org.opensuse.security:tst:2009040994" version="1" comment="libsoup is <2.2.90-18.19" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56484 <object object_ref="oval:org.opensuse.security:obj:2009030516"/> 56485 <state state_ref="oval:org.opensuse.security:ste:2009034260"/> 56486 </rpminfo_test> 56487 <rpminfo_test id="oval:org.opensuse.security:tst:2009040995" version="1" comment="mozilla-nspr-32bit is <4.6.4-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56488 <object object_ref="oval:org.opensuse.security:obj:2009032356"/> 56489 <state state_ref="oval:org.opensuse.security:ste:2009034261"/> 56490 </rpminfo_test> 56491 <rpminfo_test id="oval:org.opensuse.security:tst:2009040996" version="1" comment="mozilla-nspr-devel is <4.6.4-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56492 <object object_ref="oval:org.opensuse.security:obj:2009032357"/> 56493 <state state_ref="oval:org.opensuse.security:ste:2009034261"/> 56494 </rpminfo_test> 56495 <rpminfo_test id="oval:org.opensuse.security:tst:2009040997" version="1" comment="mozilla-nspr is <4.6.4-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56496 <object object_ref="oval:org.opensuse.security:obj:2009032358"/> 56497 <state state_ref="oval:org.opensuse.security:ste:2009034261"/> 56498 </rpminfo_test> 56499 <rpminfo_test id="oval:org.opensuse.security:tst:2009040998" version="1" comment="nautilus-32bit is <2.12.2-64.33" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56500 <object object_ref="oval:org.opensuse.security:obj:2009032359"/> 56501 <state state_ref="oval:org.opensuse.security:ste:2009034262"/> 56502 </rpminfo_test> 56503 <rpminfo_test id="oval:org.opensuse.security:tst:2009040999" version="1" comment="nautilus-devel is <2.12.2-64.33" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56504 <object object_ref="oval:org.opensuse.security:obj:2009032360"/> 56505 <state state_ref="oval:org.opensuse.security:ste:2009034262"/> 56506 </rpminfo_test> 56507 <rpminfo_test id="oval:org.opensuse.security:tst:2009041000" version="1" comment="nautilus is <2.12.2-64.33" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56508 <object object_ref="oval:org.opensuse.security:obj:2009032361"/> 56509 <state state_ref="oval:org.opensuse.security:ste:2009034262"/> 56510 </rpminfo_test> 56511 <rpminfo_test id="oval:org.opensuse.security:tst:2009041001" version="1" comment="vte-devel is <0.11.17-0.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56512 <object object_ref="oval:org.opensuse.security:obj:2009032362"/> 56513 <state state_ref="oval:org.opensuse.security:ste:2009034263"/> 56514 </rpminfo_test> 56515 <rpminfo_test id="oval:org.opensuse.security:tst:2009041002" version="1" comment="vte is <0.11.17-0.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56516 <object object_ref="oval:org.opensuse.security:obj:2009032363"/> 56517 <state state_ref="oval:org.opensuse.security:ste:2009034263"/> 56518 </rpminfo_test> 56519 <rpminfo_test id="oval:org.opensuse.security:tst:2009041167" version="1" comment="OpenIPMI is <2.0.7-35.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56520 <object object_ref="oval:org.opensuse.security:obj:2009032389"/> 56521 <state state_ref="oval:org.opensuse.security:ste:2009034313"/> 56522 </rpminfo_test> 56523 <rpminfo_test id="oval:org.opensuse.security:tst:2009041168" version="1" comment="bootsplash-theme-SuSE-NLD is <3.1-69.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56524 <object object_ref="oval:org.opensuse.security:obj:2009032390"/> 56525 <state state_ref="oval:org.opensuse.security:ste:2009034314"/> 56526 </rpminfo_test> 56527 <rpminfo_test id="oval:org.opensuse.security:tst:2009041169" version="1" comment="glibc-32bit is <2.4-31.30" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56528 <object object_ref="oval:org.opensuse.security:obj:2009031922"/> 56529 <state state_ref="oval:org.opensuse.security:ste:2009034315"/> 56530 </rpminfo_test> 56531 <rpminfo_test id="oval:org.opensuse.security:tst:2009041170" version="1" comment="glibc-devel-32bit is <2.4-31.30" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56532 <object object_ref="oval:org.opensuse.security:obj:2009031923"/> 56533 <state state_ref="oval:org.opensuse.security:ste:2009034315"/> 56534 </rpminfo_test> 56535 <rpminfo_test id="oval:org.opensuse.security:tst:2009041171" version="1" comment="glibc-devel is <2.4-31.30" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56536 <object object_ref="oval:org.opensuse.security:obj:2009031924"/> 56537 <state state_ref="oval:org.opensuse.security:ste:2009034315"/> 56538 </rpminfo_test> 56539 <rpminfo_test id="oval:org.opensuse.security:tst:2009041172" version="1" comment="glibc-html is <2.4-31.30" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56540 <object object_ref="oval:org.opensuse.security:obj:2009032391"/> 56541 <state state_ref="oval:org.opensuse.security:ste:2009034315"/> 56542 </rpminfo_test> 56543 <rpminfo_test id="oval:org.opensuse.security:tst:2009041173" version="1" comment="glibc-i18ndata is <2.4-31.30" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56544 <object object_ref="oval:org.opensuse.security:obj:2009032392"/> 56545 <state state_ref="oval:org.opensuse.security:ste:2009034315"/> 56546 </rpminfo_test> 56547 <rpminfo_test id="oval:org.opensuse.security:tst:2009041174" version="1" comment="glibc-info is <2.4-31.30" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56548 <object object_ref="oval:org.opensuse.security:obj:2009032393"/> 56549 <state state_ref="oval:org.opensuse.security:ste:2009034315"/> 56550 </rpminfo_test> 56551 <rpminfo_test id="oval:org.opensuse.security:tst:2009041175" version="1" comment="glibc-locale-32bit is <2.4-31.30" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56552 <object object_ref="oval:org.opensuse.security:obj:2009030531"/> 56553 <state state_ref="oval:org.opensuse.security:ste:2009034315"/> 56554 </rpminfo_test> 56555 <rpminfo_test id="oval:org.opensuse.security:tst:2009041176" version="1" comment="glibc-locale is <2.4-31.30" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56556 <object object_ref="oval:org.opensuse.security:obj:2009031925"/> 56557 <state state_ref="oval:org.opensuse.security:ste:2009034315"/> 56558 </rpminfo_test> 56559 <rpminfo_test id="oval:org.opensuse.security:tst:2009041177" version="1" comment="glibc is <2.4-31.30" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56560 <object object_ref="oval:org.opensuse.security:obj:2009031926"/> 56561 <state state_ref="oval:org.opensuse.security:ste:2009034315"/> 56562 </rpminfo_test> 56563 <rpminfo_test id="oval:org.opensuse.security:tst:2009041178" version="1" comment="grub is <0.97-16.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56564 <object object_ref="oval:org.opensuse.security:obj:2009032394"/> 56565 <state state_ref="oval:org.opensuse.security:ste:2009034316"/> 56566 </rpminfo_test> 56567 <rpminfo_test id="oval:org.opensuse.security:tst:2009041179" version="1" comment="ipmitool is <1.8.9-2.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56568 <object object_ref="oval:org.opensuse.security:obj:2009032395"/> 56569 <state state_ref="oval:org.opensuse.security:ste:2009034317"/> 56570 </rpminfo_test> 56571 <rpminfo_test id="oval:org.opensuse.security:tst:2009041180" version="1" comment="ivman is <0.6.9-16.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56572 <object object_ref="oval:org.opensuse.security:obj:2009032396"/> 56573 <state state_ref="oval:org.opensuse.security:ste:2009034318"/> 56574 </rpminfo_test> 56575 <rpminfo_test id="oval:org.opensuse.security:tst:2009041181" version="1" comment="ksh is <93r-12.28" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56576 <object object_ref="oval:org.opensuse.security:obj:2009032397"/> 56577 <state state_ref="oval:org.opensuse.security:ste:2009034319"/> 56578 </rpminfo_test> 56579 <rpminfo_test id="oval:org.opensuse.security:tst:2009041182" version="1" comment="lvm2 is <2.02.17-7.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56580 <object object_ref="oval:org.opensuse.security:obj:2009032398"/> 56581 <state state_ref="oval:org.opensuse.security:ste:2009034320"/> 56582 </rpminfo_test> 56583 <rpminfo_test id="oval:org.opensuse.security:tst:2009041183" version="1" comment="nscd is <2.4-31.30" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56584 <object object_ref="oval:org.opensuse.security:obj:2009032399"/> 56585 <state state_ref="oval:org.opensuse.security:ste:2009034315"/> 56586 </rpminfo_test> 56587 <rpminfo_test id="oval:org.opensuse.security:tst:2009041184" version="1" comment="timezone is <2.4-31.30" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56588 <object object_ref="oval:org.opensuse.security:obj:2009032400"/> 56589 <state state_ref="oval:org.opensuse.security:ste:2009034315"/> 56590 </rpminfo_test> 56591 <rpminfo_test id="oval:org.opensuse.security:tst:2009041185" version="1" comment="xorg-x11-Xnest is <6.9.0-50.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56592 <object object_ref="oval:org.opensuse.security:obj:2009032401"/> 56593 <state state_ref="oval:org.opensuse.security:ste:2009032914"/> 56594 </rpminfo_test> 56595 <rpminfo_test id="oval:org.opensuse.security:tst:2009041186" version="1" comment="xorg-x11-Xvfb is <6.9.0-50.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56596 <object object_ref="oval:org.opensuse.security:obj:2009032402"/> 56597 <state state_ref="oval:org.opensuse.security:ste:2009032914"/> 56598 </rpminfo_test> 56599 <rpminfo_test id="oval:org.opensuse.security:tst:2009041187" version="1" comment="xorg-x11-Xvnc is <6.9.0-50.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56600 <object object_ref="oval:org.opensuse.security:obj:2009031301"/> 56601 <state state_ref="oval:org.opensuse.security:ste:2009032914"/> 56602 </rpminfo_test> 56603 <rpminfo_test id="oval:org.opensuse.security:tst:2009041188" version="1" comment="xorg-x11-fonts-100dpi is <6.9.0-50.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56604 <object object_ref="oval:org.opensuse.security:obj:2009032403"/> 56605 <state state_ref="oval:org.opensuse.security:ste:2009032914"/> 56606 </rpminfo_test> 56607 <rpminfo_test id="oval:org.opensuse.security:tst:2009041189" version="1" comment="xorg-x11-fonts-75dpi is <6.9.0-50.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56608 <object object_ref="oval:org.opensuse.security:obj:2009032404"/> 56609 <state state_ref="oval:org.opensuse.security:ste:2009032914"/> 56610 </rpminfo_test> 56611 <rpminfo_test id="oval:org.opensuse.security:tst:2009041190" version="1" comment="xorg-x11-fonts-cyrillic is <6.9.0-50.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56612 <object object_ref="oval:org.opensuse.security:obj:2009032405"/> 56613 <state state_ref="oval:org.opensuse.security:ste:2009032914"/> 56614 </rpminfo_test> 56615 <rpminfo_test id="oval:org.opensuse.security:tst:2009041191" version="1" comment="xorg-x11-fonts-scalable is <6.9.0-50.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56616 <object object_ref="oval:org.opensuse.security:obj:2009032406"/> 56617 <state state_ref="oval:org.opensuse.security:ste:2009032914"/> 56618 </rpminfo_test> 56619 <rpminfo_test id="oval:org.opensuse.security:tst:2009041192" version="1" comment="xorg-x11-fonts-syriac is <6.9.0-50.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56620 <object object_ref="oval:org.opensuse.security:obj:2009032407"/> 56621 <state state_ref="oval:org.opensuse.security:ste:2009032914"/> 56622 </rpminfo_test> 56623 <rpminfo_test id="oval:org.opensuse.security:tst:2009041193" version="1" comment="xorg-x11-libs-32bit is <6.9.0-50.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56624 <object object_ref="oval:org.opensuse.security:obj:2009031332"/> 56625 <state state_ref="oval:org.opensuse.security:ste:2009032914"/> 56626 </rpminfo_test> 56627 <rpminfo_test id="oval:org.opensuse.security:tst:2009041194" version="1" comment="xorg-x11-libs is <6.9.0-50.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56628 <object object_ref="oval:org.opensuse.security:obj:2009031334"/> 56629 <state state_ref="oval:org.opensuse.security:ste:2009032914"/> 56630 </rpminfo_test> 56631 <rpminfo_test id="oval:org.opensuse.security:tst:2009041195" version="1" comment="xorg-x11-man is <6.9.0-50.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56632 <object object_ref="oval:org.opensuse.security:obj:2009032408"/> 56633 <state state_ref="oval:org.opensuse.security:ste:2009032914"/> 56634 </rpminfo_test> 56635 <rpminfo_test id="oval:org.opensuse.security:tst:2009041196" version="1" comment="xorg-x11-server-glx is <6.9.0-50.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56636 <object object_ref="oval:org.opensuse.security:obj:2009032409"/> 56637 <state state_ref="oval:org.opensuse.security:ste:2009032914"/> 56638 </rpminfo_test> 56639 <rpminfo_test id="oval:org.opensuse.security:tst:2009041197" version="1" comment="xorg-x11-server is <6.9.0-50.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56640 <object object_ref="oval:org.opensuse.security:obj:2009031304"/> 56641 <state state_ref="oval:org.opensuse.security:ste:2009032914"/> 56642 </rpminfo_test> 56643 <rpminfo_test id="oval:org.opensuse.security:tst:2009041198" version="1" comment="xorg-x11 is <6.9.0-50.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56644 <object object_ref="oval:org.opensuse.security:obj:2009031335"/> 56645 <state state_ref="oval:org.opensuse.security:ste:2009032914"/> 56646 </rpminfo_test> 56647 <rpminfo_test id="oval:org.opensuse.security:tst:2009041543" version="1" comment="MozillaFirefox-translations is <2.0.0.2-2.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56648 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 56649 <state state_ref="oval:org.opensuse.security:ste:2009034432"/> 56650 </rpminfo_test> 56651 <rpminfo_test id="oval:org.opensuse.security:tst:2009041544" version="1" comment="MozillaFirefox is <2.0.0.2-2.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56652 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 56653 <state state_ref="oval:org.opensuse.security:ste:2009034432"/> 56654 </rpminfo_test> 56655 <rpminfo_test id="oval:org.opensuse.security:tst:2009041545" version="1" comment="dejavu is <2.9-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56656 <object object_ref="oval:org.opensuse.security:obj:2009032442"/> 56657 <state state_ref="oval:org.opensuse.security:ste:2009034433"/> 56658 </rpminfo_test> 56659 <rpminfo_test id="oval:org.opensuse.security:tst:2009041546" version="1" comment="desktop-data-NLD is <10.1-31.24" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56660 <object object_ref="oval:org.opensuse.security:obj:2009032443"/> 56661 <state state_ref="oval:org.opensuse.security:ste:2009034434"/> 56662 </rpminfo_test> 56663 <rpminfo_test id="oval:org.opensuse.security:tst:2009041547" version="1" comment="mozilla-nss-32bit is <3.11.4-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56664 <object object_ref="oval:org.opensuse.security:obj:2009032437"/> 56665 <state state_ref="oval:org.opensuse.security:ste:2009034435"/> 56666 </rpminfo_test> 56667 <rpminfo_test id="oval:org.opensuse.security:tst:2009041548" version="1" comment="mozilla-nss-devel is <3.11.4-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56668 <object object_ref="oval:org.opensuse.security:obj:2009032439"/> 56669 <state state_ref="oval:org.opensuse.security:ste:2009034435"/> 56670 </rpminfo_test> 56671 <rpminfo_test id="oval:org.opensuse.security:tst:2009041549" version="1" comment="mozilla-nss-tools is <3.11.4-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56672 <object object_ref="oval:org.opensuse.security:obj:2009032444"/> 56673 <state state_ref="oval:org.opensuse.security:ste:2009034435"/> 56674 </rpminfo_test> 56675 <rpminfo_test id="oval:org.opensuse.security:tst:2009041550" version="1" comment="mozilla-nss is <3.11.4-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56676 <object object_ref="oval:org.opensuse.security:obj:2009032440"/> 56677 <state state_ref="oval:org.opensuse.security:ste:2009034435"/> 56678 </rpminfo_test> 56679 <rpminfo_test id="oval:org.opensuse.security:tst:2009041551" version="1" comment="openmotif-libs-32bit is <2.2.4-21.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56680 <object object_ref="oval:org.opensuse.security:obj:2009031085"/> 56681 <state state_ref="oval:org.opensuse.security:ste:2009034436"/> 56682 </rpminfo_test> 56683 <rpminfo_test id="oval:org.opensuse.security:tst:2009041552" version="1" comment="openmotif-libs is <2.2.4-21.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56684 <object object_ref="oval:org.opensuse.security:obj:2009031087"/> 56685 <state state_ref="oval:org.opensuse.security:ste:2009034436"/> 56686 </rpminfo_test> 56687 <rpminfo_test id="oval:org.opensuse.security:tst:2009041553" version="1" comment="sax2-gui is <1.7-125.37" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56688 <object object_ref="oval:org.opensuse.security:obj:2009032445"/> 56689 <state state_ref="oval:org.opensuse.security:ste:2009034437"/> 56690 </rpminfo_test> 56691 <rpminfo_test id="oval:org.opensuse.security:tst:2009041554" version="1" comment="sax2-ident is <1.7-125.38" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56692 <object object_ref="oval:org.opensuse.security:obj:2009032446"/> 56693 <state state_ref="oval:org.opensuse.security:ste:2009034438"/> 56694 </rpminfo_test> 56695 <rpminfo_test id="oval:org.opensuse.security:tst:2009041555" version="1" comment="sax2-libsax-csharp is <7.1-121.37" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56696 <object object_ref="oval:org.opensuse.security:obj:2009032447"/> 56697 <state state_ref="oval:org.opensuse.security:ste:2009034439"/> 56698 </rpminfo_test> 56699 <rpminfo_test id="oval:org.opensuse.security:tst:2009041556" version="1" comment="sax2-libsax-perl is <7.1-125.37" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56700 <object object_ref="oval:org.opensuse.security:obj:2009032448"/> 56701 <state state_ref="oval:org.opensuse.security:ste:2009034440"/> 56702 </rpminfo_test> 56703 <rpminfo_test id="oval:org.opensuse.security:tst:2009041557" version="1" comment="sax2-libsax is <7.1-125.37" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56704 <object object_ref="oval:org.opensuse.security:obj:2009032449"/> 56705 <state state_ref="oval:org.opensuse.security:ste:2009034440"/> 56706 </rpminfo_test> 56707 <rpminfo_test id="oval:org.opensuse.security:tst:2009041558" version="1" comment="sax2-tools is <2.7-125.37" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56708 <object object_ref="oval:org.opensuse.security:obj:2009032450"/> 56709 <state state_ref="oval:org.opensuse.security:ste:2009034441"/> 56710 </rpminfo_test> 56711 <rpminfo_test id="oval:org.opensuse.security:tst:2009041559" version="1" comment="sax2 is <7.1-125.37" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56712 <object object_ref="oval:org.opensuse.security:obj:2009032451"/> 56713 <state state_ref="oval:org.opensuse.security:ste:2009034440"/> 56714 </rpminfo_test> 56715 <rpminfo_test id="oval:org.opensuse.security:tst:2009041560" version="1" comment="tightvnc is <1.2.9-201.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56716 <object object_ref="oval:org.opensuse.security:obj:2009032452"/> 56717 <state state_ref="oval:org.opensuse.security:ste:2009034442"/> 56718 </rpminfo_test> 56719 <rpminfo_test id="oval:org.opensuse.security:tst:2009041561" version="1" comment="xdg-menu is <0.2-66.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56720 <object object_ref="oval:org.opensuse.security:obj:2009032453"/> 56721 <state state_ref="oval:org.opensuse.security:ste:2009034443"/> 56722 </rpminfo_test> 56723 <rpminfo_test id="oval:org.opensuse.security:tst:2009041562" version="1" comment="xorg-x11-driver-video-nvidia is <6.9.0-46.40" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56724 <object object_ref="oval:org.opensuse.security:obj:2009032454"/> 56725 <state state_ref="oval:org.opensuse.security:ste:2009034444"/> 56726 </rpminfo_test> 56727 <rpminfo_test id="oval:org.opensuse.security:tst:2009041563" version="1" comment="xorg-x11-driver-video is <6.9.0-46.40" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56728 <object object_ref="oval:org.opensuse.security:obj:2009032455"/> 56729 <state state_ref="oval:org.opensuse.security:ste:2009034444"/> 56730 </rpminfo_test> 56731 <rpminfo_test id="oval:org.opensuse.security:tst:2009041564" version="1" comment="yast2-control-center is <2.13.10-0.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56732 <object object_ref="oval:org.opensuse.security:obj:2009032456"/> 56733 <state state_ref="oval:org.opensuse.security:ste:2009034445"/> 56734 </rpminfo_test> 56735 <rpminfo_test id="oval:org.opensuse.security:tst:2009041565" version="1" comment="yast2-qt is <2.13.82-0.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56736 <object object_ref="oval:org.opensuse.security:obj:2009032457"/> 56737 <state state_ref="oval:org.opensuse.security:ste:2009034446"/> 56738 </rpminfo_test> 56739 <rpminfo_test id="oval:org.opensuse.security:tst:2009041566" version="1" comment="yast2-x11 is <2.13.13-0.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56740 <object object_ref="oval:org.opensuse.security:obj:2009032458"/> 56741 <state state_ref="oval:org.opensuse.security:ste:2009034447"/> 56742 </rpminfo_test> 56743 <rpminfo_test id="oval:org.opensuse.security:tst:2009041840" version="1" comment="CheckHardware is <0.1-988.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56744 <object object_ref="oval:org.opensuse.security:obj:2009032471"/> 56745 <state state_ref="oval:org.opensuse.security:ste:2009034540"/> 56746 </rpminfo_test> 56747 <rpminfo_test id="oval:org.opensuse.security:tst:2009041841" version="1" comment="aaa_base is <10-12.26" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56748 <object object_ref="oval:org.opensuse.security:obj:2009032472"/> 56749 <state state_ref="oval:org.opensuse.security:ste:2009034541"/> 56750 </rpminfo_test> 56751 <rpminfo_test id="oval:org.opensuse.security:tst:2009041842" version="1" comment="acl is <2.2.41-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56752 <object object_ref="oval:org.opensuse.security:obj:2009032473"/> 56753 <state state_ref="oval:org.opensuse.security:ste:2009034542"/> 56754 </rpminfo_test> 56755 <rpminfo_test id="oval:org.opensuse.security:tst:2009041843" version="1" comment="at is <3.1.8-921.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56756 <object object_ref="oval:org.opensuse.security:obj:2009032474"/> 56757 <state state_ref="oval:org.opensuse.security:ste:2009034543"/> 56758 </rpminfo_test> 56759 <rpminfo_test id="oval:org.opensuse.security:tst:2009041844" version="1" comment="attr is <2.4.34-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56760 <object object_ref="oval:org.opensuse.security:obj:2009032475"/> 56761 <state state_ref="oval:org.opensuse.security:ste:2009034544"/> 56762 </rpminfo_test> 56763 <rpminfo_test id="oval:org.opensuse.security:tst:2009041845" version="1" comment="autofs is <4.1.4-23.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56764 <object object_ref="oval:org.opensuse.security:obj:2009032476"/> 56765 <state state_ref="oval:org.opensuse.security:ste:2009034545"/> 56766 </rpminfo_test> 56767 <rpminfo_test id="oval:org.opensuse.security:tst:2009041846" version="1" comment="autoyast2-installation is <2.13.95-0.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56768 <object object_ref="oval:org.opensuse.security:obj:2009032477"/> 56769 <state state_ref="oval:org.opensuse.security:ste:2009034546"/> 56770 </rpminfo_test> 56771 <rpminfo_test id="oval:org.opensuse.security:tst:2009041847" version="1" comment="autoyast2 is <2.13.95-0.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56772 <object object_ref="oval:org.opensuse.security:obj:2009031958"/> 56773 <state state_ref="oval:org.opensuse.security:ste:2009034546"/> 56774 </rpminfo_test> 56775 <rpminfo_test id="oval:org.opensuse.security:tst:2009041848" version="1" comment="bash is <3.1-24.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56776 <object object_ref="oval:org.opensuse.security:obj:2009032478"/> 56777 <state state_ref="oval:org.opensuse.security:ste:2009034547"/> 56778 </rpminfo_test> 56779 <rpminfo_test id="oval:org.opensuse.security:tst:2009041849" version="1" comment="bind-libs-32bit is <9.3.4-1.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56780 <object object_ref="oval:org.opensuse.security:obj:2009031555"/> 56781 <state state_ref="oval:org.opensuse.security:ste:2009034548"/> 56782 </rpminfo_test> 56783 <rpminfo_test id="oval:org.opensuse.security:tst:2009041850" version="1" comment="bind-libs is <9.3.4-1.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56784 <object object_ref="oval:org.opensuse.security:obj:2009031557"/> 56785 <state state_ref="oval:org.opensuse.security:ste:2009034548"/> 56786 </rpminfo_test> 56787 <rpminfo_test id="oval:org.opensuse.security:tst:2009041851" version="1" comment="bind-utils is <9.3.4-1.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56788 <object object_ref="oval:org.opensuse.security:obj:2009030649"/> 56789 <state state_ref="oval:org.opensuse.security:ste:2009034548"/> 56790 </rpminfo_test> 56791 <rpminfo_test id="oval:org.opensuse.security:tst:2009041852" version="1" comment="binutils-32bit is <2.16.91.0.5-23.20" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56792 <object object_ref="oval:org.opensuse.security:obj:2009030608"/> 56793 <state state_ref="oval:org.opensuse.security:ste:2009034549"/> 56794 </rpminfo_test> 56795 <rpminfo_test id="oval:org.opensuse.security:tst:2009041853" version="1" comment="binutils is <2.16.91.0.5-23.20" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56796 <object object_ref="oval:org.opensuse.security:obj:2009030609"/> 56797 <state state_ref="oval:org.opensuse.security:ste:2009034549"/> 56798 </rpminfo_test> 56799 <rpminfo_test id="oval:org.opensuse.security:tst:2009041854" version="1" comment="coreutils is <5.93-22.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56800 <object object_ref="oval:org.opensuse.security:obj:2009032479"/> 56801 <state state_ref="oval:org.opensuse.security:ste:2009034550"/> 56802 </rpminfo_test> 56803 <rpminfo_test id="oval:org.opensuse.security:tst:2009041855" version="1" comment="cpio is <2.6-19.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56804 <object object_ref="oval:org.opensuse.security:obj:2009030506"/> 56805 <state state_ref="oval:org.opensuse.security:ste:2009034551"/> 56806 </rpminfo_test> 56807 <rpminfo_test id="oval:org.opensuse.security:tst:2009041856" version="1" comment="cron is <4.1-45.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56808 <object object_ref="oval:org.opensuse.security:obj:2009030630"/> 56809 <state state_ref="oval:org.opensuse.security:ste:2009034552"/> 56810 </rpminfo_test> 56811 <rpminfo_test id="oval:org.opensuse.security:tst:2009041857" version="1" comment="dbus-1-32bit is <0.60-33.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56812 <object object_ref="oval:org.opensuse.security:obj:2009030889"/> 56813 <state state_ref="oval:org.opensuse.security:ste:2009034553"/> 56814 </rpminfo_test> 56815 <rpminfo_test id="oval:org.opensuse.security:tst:2009041858" version="1" comment="dbus-1-devel is <0.60-33.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56816 <object object_ref="oval:org.opensuse.security:obj:2009031621"/> 56817 <state state_ref="oval:org.opensuse.security:ste:2009034553"/> 56818 </rpminfo_test> 56819 <rpminfo_test id="oval:org.opensuse.security:tst:2009041859" version="1" comment="dbus-1-glib-32bit is <0.60-33.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56820 <object object_ref="oval:org.opensuse.security:obj:2009031622"/> 56821 <state state_ref="oval:org.opensuse.security:ste:2009034553"/> 56822 </rpminfo_test> 56823 <rpminfo_test id="oval:org.opensuse.security:tst:2009041860" version="1" comment="dbus-1-glib is <0.60-33.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56824 <object object_ref="oval:org.opensuse.security:obj:2009031626"/> 56825 <state state_ref="oval:org.opensuse.security:ste:2009034553"/> 56826 </rpminfo_test> 56827 <rpminfo_test id="oval:org.opensuse.security:tst:2009041861" version="1" comment="dbus-1-gtk is <0.60-33.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56828 <object object_ref="oval:org.opensuse.security:obj:2009032480"/> 56829 <state state_ref="oval:org.opensuse.security:ste:2009034554"/> 56830 </rpminfo_test> 56831 <rpminfo_test id="oval:org.opensuse.security:tst:2009041862" version="1" comment="dbus-1-mono is <0.60-33.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56832 <object object_ref="oval:org.opensuse.security:obj:2009031627"/> 56833 <state state_ref="oval:org.opensuse.security:ste:2009034554"/> 56834 </rpminfo_test> 56835 <rpminfo_test id="oval:org.opensuse.security:tst:2009041863" version="1" comment="dbus-1-python is <0.60-33.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56836 <object object_ref="oval:org.opensuse.security:obj:2009031628"/> 56837 <state state_ref="oval:org.opensuse.security:ste:2009034554"/> 56838 </rpminfo_test> 56839 <rpminfo_test id="oval:org.opensuse.security:tst:2009041864" version="1" comment="dbus-1-qt3-32bit is <0.60-33.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56840 <object object_ref="oval:org.opensuse.security:obj:2009031629"/> 56841 <state state_ref="oval:org.opensuse.security:ste:2009034554"/> 56842 </rpminfo_test> 56843 <rpminfo_test id="oval:org.opensuse.security:tst:2009041865" version="1" comment="dbus-1-qt3-devel is <0.60-33.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56844 <object object_ref="oval:org.opensuse.security:obj:2009031631"/> 56845 <state state_ref="oval:org.opensuse.security:ste:2009034554"/> 56846 </rpminfo_test> 56847 <rpminfo_test id="oval:org.opensuse.security:tst:2009041866" version="1" comment="dbus-1-qt3 is <0.60-33.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56848 <object object_ref="oval:org.opensuse.security:obj:2009031632"/> 56849 <state state_ref="oval:org.opensuse.security:ste:2009034554"/> 56850 </rpminfo_test> 56851 <rpminfo_test id="oval:org.opensuse.security:tst:2009041867" version="1" comment="dbus-1-x11 is <0.60-33.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56852 <object object_ref="oval:org.opensuse.security:obj:2009031633"/> 56853 <state state_ref="oval:org.opensuse.security:ste:2009034554"/> 56854 </rpminfo_test> 56855 <rpminfo_test id="oval:org.opensuse.security:tst:2009041868" version="1" comment="dbus-1 is <0.60-33.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56856 <object object_ref="oval:org.opensuse.security:obj:2009030891"/> 56857 <state state_ref="oval:org.opensuse.security:ste:2009034553"/> 56858 </rpminfo_test> 56859 <rpminfo_test id="oval:org.opensuse.security:tst:2009041869" version="1" comment="desktop-translations is <10.1-40.28" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56860 <object object_ref="oval:org.opensuse.security:obj:2009032481"/> 56861 <state state_ref="oval:org.opensuse.security:ste:2009034555"/> 56862 </rpminfo_test> 56863 <rpminfo_test id="oval:org.opensuse.security:tst:2009041870" version="1" comment="diffutils is <2.8.7-17.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56864 <object object_ref="oval:org.opensuse.security:obj:2009032482"/> 56865 <state state_ref="oval:org.opensuse.security:ste:2009034556"/> 56866 </rpminfo_test> 56867 <rpminfo_test id="oval:org.opensuse.security:tst:2009041871" version="1" comment="dmraid is <0.99_1.0.0rc13-0.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56868 <object object_ref="oval:org.opensuse.security:obj:2009032483"/> 56869 <state state_ref="oval:org.opensuse.security:ste:2009034557"/> 56870 </rpminfo_test> 56871 <rpminfo_test id="oval:org.opensuse.security:tst:2009041872" version="1" comment="dosfstools is <2.11-15.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56872 <object object_ref="oval:org.opensuse.security:obj:2009032484"/> 56873 <state state_ref="oval:org.opensuse.security:ste:2009034558"/> 56874 </rpminfo_test> 56875 <rpminfo_test id="oval:org.opensuse.security:tst:2009041873" version="1" comment="e2fsprogs-32bit is <1.38-25.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56876 <object object_ref="oval:org.opensuse.security:obj:2009030785"/> 56877 <state state_ref="oval:org.opensuse.security:ste:2009034559"/> 56878 </rpminfo_test> 56879 <rpminfo_test id="oval:org.opensuse.security:tst:2009041874" version="1" comment="e2fsprogs-devel-32bit is <1.38-25.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56880 <object object_ref="oval:org.opensuse.security:obj:2009030786"/> 56881 <state state_ref="oval:org.opensuse.security:ste:2009034559"/> 56882 </rpminfo_test> 56883 <rpminfo_test id="oval:org.opensuse.security:tst:2009041875" version="1" comment="e2fsprogs-devel is <1.38-25.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56884 <object object_ref="oval:org.opensuse.security:obj:2009030787"/> 56885 <state state_ref="oval:org.opensuse.security:ste:2009034559"/> 56886 </rpminfo_test> 56887 <rpminfo_test id="oval:org.opensuse.security:tst:2009041876" version="1" comment="e2fsprogs is <1.38-25.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56888 <object object_ref="oval:org.opensuse.security:obj:2009030788"/> 56889 <state state_ref="oval:org.opensuse.security:ste:2009034559"/> 56890 </rpminfo_test> 56891 <rpminfo_test id="oval:org.opensuse.security:tst:2009041877" version="1" comment="filesystem is <10-1.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56892 <object object_ref="oval:org.opensuse.security:obj:2009032190"/> 56893 <state state_ref="oval:org.opensuse.security:ste:2009034560"/> 56894 </rpminfo_test> 56895 <rpminfo_test id="oval:org.opensuse.security:tst:2009041878" version="1" comment="findutils-locate is <4.2.27-14.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56896 <object object_ref="oval:org.opensuse.security:obj:2009030764"/> 56897 <state state_ref="oval:org.opensuse.security:ste:2009034561"/> 56898 </rpminfo_test> 56899 <rpminfo_test id="oval:org.opensuse.security:tst:2009041879" version="1" comment="findutils is <4.2.27-14.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56900 <object object_ref="oval:org.opensuse.security:obj:2009032485"/> 56901 <state state_ref="oval:org.opensuse.security:ste:2009034561"/> 56902 </rpminfo_test> 56903 <rpminfo_test id="oval:org.opensuse.security:tst:2009041880" version="1" comment="grep is <2.5.1a-20.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56904 <object object_ref="oval:org.opensuse.security:obj:2009032486"/> 56905 <state state_ref="oval:org.opensuse.security:ste:2009034562"/> 56906 </rpminfo_test> 56907 <rpminfo_test id="oval:org.opensuse.security:tst:2009041881" version="1" comment="hal-32bit is <0.5.6-33.26" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56908 <object object_ref="oval:org.opensuse.security:obj:2009031801"/> 56909 <state state_ref="oval:org.opensuse.security:ste:2009034563"/> 56910 </rpminfo_test> 56911 <rpminfo_test id="oval:org.opensuse.security:tst:2009041882" version="1" comment="hal-devel is <0.5.6-33.26" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56912 <object object_ref="oval:org.opensuse.security:obj:2009031803"/> 56913 <state state_ref="oval:org.opensuse.security:ste:2009034563"/> 56914 </rpminfo_test> 56915 <rpminfo_test id="oval:org.opensuse.security:tst:2009041883" version="1" comment="hal-gnome is <0.5.6-33.26" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56916 <object object_ref="oval:org.opensuse.security:obj:2009032487"/> 56917 <state state_ref="oval:org.opensuse.security:ste:2009034563"/> 56918 </rpminfo_test> 56919 <rpminfo_test id="oval:org.opensuse.security:tst:2009041884" version="1" comment="hal is <0.5.6-33.26" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56920 <object object_ref="oval:org.opensuse.security:obj:2009031804"/> 56921 <state state_ref="oval:org.opensuse.security:ste:2009034563"/> 56922 </rpminfo_test> 56923 <rpminfo_test id="oval:org.opensuse.security:tst:2009041885" version="1" comment="hwinfo-devel is <12.46-0.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56924 <object object_ref="oval:org.opensuse.security:obj:2009032488"/> 56925 <state state_ref="oval:org.opensuse.security:ste:2009034564"/> 56926 </rpminfo_test> 56927 <rpminfo_test id="oval:org.opensuse.security:tst:2009041886" version="1" comment="hwinfo is <12.46-0.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56928 <object object_ref="oval:org.opensuse.security:obj:2009032489"/> 56929 <state state_ref="oval:org.opensuse.security:ste:2009034564"/> 56930 </rpminfo_test> 56931 <rpminfo_test id="oval:org.opensuse.security:tst:2009041887" version="1" comment="insserv is <1.04.0-20.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56932 <object object_ref="oval:org.opensuse.security:obj:2009032490"/> 56933 <state state_ref="oval:org.opensuse.security:ste:2009034565"/> 56934 </rpminfo_test> 56935 <rpminfo_test id="oval:org.opensuse.security:tst:2009041888" version="1" comment="iputils is <ss021109-167.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56936 <object object_ref="oval:org.opensuse.security:obj:2009032491"/> 56937 <state state_ref="oval:org.opensuse.security:ste:2009034566"/> 56938 </rpminfo_test> 56939 <rpminfo_test id="oval:org.opensuse.security:tst:2009041889" version="1" comment="klogd is <1.4.1-559.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56940 <object object_ref="oval:org.opensuse.security:obj:2009032492"/> 56941 <state state_ref="oval:org.opensuse.security:ste:2009034567"/> 56942 </rpminfo_test> 56943 <rpminfo_test id="oval:org.opensuse.security:tst:2009041890" version="1" comment="krb5-32bit is <1.4.3-19.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56944 <object object_ref="oval:org.opensuse.security:obj:2009031038"/> 56945 <state state_ref="oval:org.opensuse.security:ste:2009034568"/> 56946 </rpminfo_test> 56947 <rpminfo_test id="oval:org.opensuse.security:tst:2009041891" version="1" comment="krb5-client is <1.4.3-19.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56948 <object object_ref="oval:org.opensuse.security:obj:2009031041"/> 56949 <state state_ref="oval:org.opensuse.security:ste:2009034568"/> 56950 </rpminfo_test> 56951 <rpminfo_test id="oval:org.opensuse.security:tst:2009041892" version="1" comment="krb5-devel-32bit is <1.4.3-19.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56952 <object object_ref="oval:org.opensuse.security:obj:2009031476"/> 56953 <state state_ref="oval:org.opensuse.security:ste:2009034568"/> 56954 </rpminfo_test> 56955 <rpminfo_test id="oval:org.opensuse.security:tst:2009041893" version="1" comment="krb5-devel is <1.4.3-19.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56956 <object object_ref="oval:org.opensuse.security:obj:2009031478"/> 56957 <state state_ref="oval:org.opensuse.security:ste:2009034568"/> 56958 </rpminfo_test> 56959 <rpminfo_test id="oval:org.opensuse.security:tst:2009041894" version="1" comment="krb5 is <1.4.3-19.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56960 <object object_ref="oval:org.opensuse.security:obj:2009031044"/> 56961 <state state_ref="oval:org.opensuse.security:ste:2009034568"/> 56962 </rpminfo_test> 56963 <rpminfo_test id="oval:org.opensuse.security:tst:2009041895" version="1" comment="ldapcpplib is <0.0.4-14.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56964 <object object_ref="oval:org.opensuse.security:obj:2009032493"/> 56965 <state state_ref="oval:org.opensuse.security:ste:2009034569"/> 56966 </rpminfo_test> 56967 <rpminfo_test id="oval:org.opensuse.security:tst:2009041896" version="1" comment="libacl-32bit is <2.2.41-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56968 <object object_ref="oval:org.opensuse.security:obj:2009032494"/> 56969 <state state_ref="oval:org.opensuse.security:ste:2009034542"/> 56970 </rpminfo_test> 56971 <rpminfo_test id="oval:org.opensuse.security:tst:2009041897" version="1" comment="libacl-devel is <2.2.41-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56972 <object object_ref="oval:org.opensuse.security:obj:2009032495"/> 56973 <state state_ref="oval:org.opensuse.security:ste:2009034542"/> 56974 </rpminfo_test> 56975 <rpminfo_test id="oval:org.opensuse.security:tst:2009041898" version="1" comment="libacl is <2.2.41-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56976 <object object_ref="oval:org.opensuse.security:obj:2009032496"/> 56977 <state state_ref="oval:org.opensuse.security:ste:2009034542"/> 56978 </rpminfo_test> 56979 <rpminfo_test id="oval:org.opensuse.security:tst:2009041899" version="1" comment="libattr-32bit is <2.4.34-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56980 <object object_ref="oval:org.opensuse.security:obj:2009032497"/> 56981 <state state_ref="oval:org.opensuse.security:ste:2009034544"/> 56982 </rpminfo_test> 56983 <rpminfo_test id="oval:org.opensuse.security:tst:2009041900" version="1" comment="libattr-devel is <2.4.34-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56984 <object object_ref="oval:org.opensuse.security:obj:2009032498"/> 56985 <state state_ref="oval:org.opensuse.security:ste:2009034544"/> 56986 </rpminfo_test> 56987 <rpminfo_test id="oval:org.opensuse.security:tst:2009041901" version="1" comment="libattr is <2.4.34-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56988 <object object_ref="oval:org.opensuse.security:obj:2009032499"/> 56989 <state state_ref="oval:org.opensuse.security:ste:2009034544"/> 56990 </rpminfo_test> 56991 <rpminfo_test id="oval:org.opensuse.security:tst:2009041902" version="1" comment="libcom_err-32bit is <1.38-25.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56992 <object object_ref="oval:org.opensuse.security:obj:2009032500"/> 56993 <state state_ref="oval:org.opensuse.security:ste:2009034559"/> 56994 </rpminfo_test> 56995 <rpminfo_test id="oval:org.opensuse.security:tst:2009041903" version="1" comment="libcom_err is <1.38-25.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 56996 <object object_ref="oval:org.opensuse.security:obj:2009032501"/> 56997 <state state_ref="oval:org.opensuse.security:ste:2009034559"/> 56998 </rpminfo_test> 56999 <rpminfo_test id="oval:org.opensuse.security:tst:2009041904" version="1" comment="liby2util is <2.13.8-0.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57000 <object object_ref="oval:org.opensuse.security:obj:2009030594"/> 57001 <state state_ref="oval:org.opensuse.security:ste:2009034570"/> 57002 </rpminfo_test> 57003 <rpminfo_test id="oval:org.opensuse.security:tst:2009041905" version="1" comment="libzypp-zmd-backend is <7.1.1.0_0.8-0.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57004 <object object_ref="oval:org.opensuse.security:obj:2009032502"/> 57005 <state state_ref="oval:org.opensuse.security:ste:2009034571"/> 57006 </rpminfo_test> 57007 <rpminfo_test id="oval:org.opensuse.security:tst:2009041906" version="1" comment="libzypp is <2.15.10-0.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57008 <object object_ref="oval:org.opensuse.security:obj:2009031757"/> 57009 <state state_ref="oval:org.opensuse.security:ste:2009034572"/> 57010 </rpminfo_test> 57011 <rpminfo_test id="oval:org.opensuse.security:tst:2009041907" version="1" comment="lilo is <22.7-19.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57012 <object object_ref="oval:org.opensuse.security:obj:2009032503"/> 57013 <state state_ref="oval:org.opensuse.security:ste:2009034573"/> 57014 </rpminfo_test> 57015 <rpminfo_test id="oval:org.opensuse.security:tst:2009041908" version="1" comment="limal-bootloader is <1.1.50-0.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57016 <object object_ref="oval:org.opensuse.security:obj:2009032504"/> 57017 <state state_ref="oval:org.opensuse.security:ste:2009034574"/> 57018 </rpminfo_test> 57019 <rpminfo_test id="oval:org.opensuse.security:tst:2009041909" version="1" comment="limal-perl is <1.1.56-0.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57020 <object object_ref="oval:org.opensuse.security:obj:2009032505"/> 57021 <state state_ref="oval:org.opensuse.security:ste:2009034575"/> 57022 </rpminfo_test> 57023 <rpminfo_test id="oval:org.opensuse.security:tst:2009041910" version="1" comment="limal is <1.1.56-0.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57024 <object object_ref="oval:org.opensuse.security:obj:2009032506"/> 57025 <state state_ref="oval:org.opensuse.security:ste:2009034575"/> 57026 </rpminfo_test> 57027 <rpminfo_test id="oval:org.opensuse.security:tst:2009041911" version="1" comment="mailx is <11.25-14.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57028 <object object_ref="oval:org.opensuse.security:obj:2009032507"/> 57029 <state state_ref="oval:org.opensuse.security:ste:2009034576"/> 57030 </rpminfo_test> 57031 <rpminfo_test id="oval:org.opensuse.security:tst:2009041912" version="1" comment="mcelog is <0.7-2.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57032 <object object_ref="oval:org.opensuse.security:obj:2009032508"/> 57033 <state state_ref="oval:org.opensuse.security:ste:2009034577"/> 57034 </rpminfo_test> 57035 <rpminfo_test id="oval:org.opensuse.security:tst:2009041913" version="1" comment="mdadm is <2.6-0.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57036 <object object_ref="oval:org.opensuse.security:obj:2009032509"/> 57037 <state state_ref="oval:org.opensuse.security:ste:2009034578"/> 57038 </rpminfo_test> 57039 <rpminfo_test id="oval:org.opensuse.security:tst:2009041914" version="1" comment="microcode_ctl is <1.15-12.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57040 <object object_ref="oval:org.opensuse.security:obj:2009032510"/> 57041 <state state_ref="oval:org.opensuse.security:ste:2009034579"/> 57042 </rpminfo_test> 57043 <rpminfo_test id="oval:org.opensuse.security:tst:2009041915" version="1" comment="mkinitrd is <1.2-106.52" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57044 <object object_ref="oval:org.opensuse.security:obj:2009032230"/> 57045 <state state_ref="oval:org.opensuse.security:ste:2009034580"/> 57046 </rpminfo_test> 57047 <rpminfo_test id="oval:org.opensuse.security:tst:2009041916" version="1" comment="module-init-tools is <3.2.2-32.27" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57048 <object object_ref="oval:org.opensuse.security:obj:2009032511"/> 57049 <state state_ref="oval:org.opensuse.security:ste:2009034581"/> 57050 </rpminfo_test> 57051 <rpminfo_test id="oval:org.opensuse.security:tst:2009041917" version="1" comment="multipath-tools is <0.4.7-34.18" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57052 <object object_ref="oval:org.opensuse.security:obj:2009030871"/> 57053 <state state_ref="oval:org.opensuse.security:ste:2009034582"/> 57054 </rpminfo_test> 57055 <rpminfo_test id="oval:org.opensuse.security:tst:2009041918" version="1" comment="ncurses-32bit is <5.5-18.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57056 <object object_ref="oval:org.opensuse.security:obj:2009032512"/> 57057 <state state_ref="oval:org.opensuse.security:ste:2009034583"/> 57058 </rpminfo_test> 57059 <rpminfo_test id="oval:org.opensuse.security:tst:2009041919" version="1" comment="ncurses-devel-32bit is <5.5-18.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57060 <object object_ref="oval:org.opensuse.security:obj:2009032513"/> 57061 <state state_ref="oval:org.opensuse.security:ste:2009034583"/> 57062 </rpminfo_test> 57063 <rpminfo_test id="oval:org.opensuse.security:tst:2009041920" version="1" comment="ncurses-devel is <5.5-18.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57064 <object object_ref="oval:org.opensuse.security:obj:2009032514"/> 57065 <state state_ref="oval:org.opensuse.security:ste:2009034583"/> 57066 </rpminfo_test> 57067 <rpminfo_test id="oval:org.opensuse.security:tst:2009041921" version="1" comment="ncurses is <5.5-18.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57068 <object object_ref="oval:org.opensuse.security:obj:2009032515"/> 57069 <state state_ref="oval:org.opensuse.security:ste:2009034583"/> 57070 </rpminfo_test> 57071 <rpminfo_test id="oval:org.opensuse.security:tst:2009041922" version="1" comment="nfs-utils is <1.0.7-36.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57072 <object object_ref="oval:org.opensuse.security:obj:2009030860"/> 57073 <state state_ref="oval:org.opensuse.security:ste:2009034584"/> 57074 </rpminfo_test> 57075 <rpminfo_test id="oval:org.opensuse.security:tst:2009041923" version="1" comment="nfsidmap is <0.12-16.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57076 <object object_ref="oval:org.opensuse.security:obj:2009032516"/> 57077 <state state_ref="oval:org.opensuse.security:ste:2009034585"/> 57078 </rpminfo_test> 57079 <rpminfo_test id="oval:org.opensuse.security:tst:2009041924" version="1" comment="openldap2-client-32bit is <2.3.32-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57080 <object object_ref="oval:org.opensuse.security:obj:2009030669"/> 57081 <state state_ref="oval:org.opensuse.security:ste:2009034586"/> 57082 </rpminfo_test> 57083 <rpminfo_test id="oval:org.opensuse.security:tst:2009041925" version="1" comment="openldap2-client is <2.3.32-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57084 <object object_ref="oval:org.opensuse.security:obj:2009030545"/> 57085 <state state_ref="oval:org.opensuse.security:ste:2009034586"/> 57086 </rpminfo_test> 57087 <rpminfo_test id="oval:org.opensuse.security:tst:2009041926" version="1" comment="openldap2-devel-32bit is <2.3.32-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57088 <object object_ref="oval:org.opensuse.security:obj:2009030814"/> 57089 <state state_ref="oval:org.opensuse.security:ste:2009034586"/> 57090 </rpminfo_test> 57091 <rpminfo_test id="oval:org.opensuse.security:tst:2009041927" version="1" comment="openldap2-devel is <2.3.32-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57092 <object object_ref="oval:org.opensuse.security:obj:2009030546"/> 57093 <state state_ref="oval:org.opensuse.security:ste:2009034586"/> 57094 </rpminfo_test> 57095 <rpminfo_test id="oval:org.opensuse.security:tst:2009041928" version="1" comment="openldap2 is <2.3.32-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57096 <object object_ref="oval:org.opensuse.security:obj:2009030656"/> 57097 <state state_ref="oval:org.opensuse.security:ste:2009034586"/> 57098 </rpminfo_test> 57099 <rpminfo_test id="oval:org.opensuse.security:tst:2009041929" version="1" comment="openssh-askpass is <4.2p1-18.25" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57100 <object object_ref="oval:org.opensuse.security:obj:2009030583"/> 57101 <state state_ref="oval:org.opensuse.security:ste:2009034587"/> 57102 </rpminfo_test> 57103 <rpminfo_test id="oval:org.opensuse.security:tst:2009041930" version="1" comment="openssh is <4.2p1-18.25" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57104 <object object_ref="oval:org.opensuse.security:obj:2009030403"/> 57105 <state state_ref="oval:org.opensuse.security:ste:2009034587"/> 57106 </rpminfo_test> 57107 <rpminfo_test id="oval:org.opensuse.security:tst:2009041931" version="1" comment="pam-32bit is <0.99.6.3-28.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57108 <object object_ref="oval:org.opensuse.security:obj:2009032517"/> 57109 <state state_ref="oval:org.opensuse.security:ste:2009034588"/> 57110 </rpminfo_test> 57111 <rpminfo_test id="oval:org.opensuse.security:tst:2009041932" version="1" comment="pam-devel is <0.99.6.3-28.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57112 <object object_ref="oval:org.opensuse.security:obj:2009032518"/> 57113 <state state_ref="oval:org.opensuse.security:ste:2009034588"/> 57114 </rpminfo_test> 57115 <rpminfo_test id="oval:org.opensuse.security:tst:2009041933" version="1" comment="pam-modules-32bit is <10-2.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57116 <object object_ref="oval:org.opensuse.security:obj:2009032519"/> 57117 <state state_ref="oval:org.opensuse.security:ste:2009034589"/> 57118 </rpminfo_test> 57119 <rpminfo_test id="oval:org.opensuse.security:tst:2009041934" version="1" comment="pam-modules is <10-2.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57120 <object object_ref="oval:org.opensuse.security:obj:2009032520"/> 57121 <state state_ref="oval:org.opensuse.security:ste:2009034589"/> 57122 </rpminfo_test> 57123 <rpminfo_test id="oval:org.opensuse.security:tst:2009041935" version="1" comment="pam is <0.99.6.3-28.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57124 <object object_ref="oval:org.opensuse.security:obj:2009032521"/> 57125 <state state_ref="oval:org.opensuse.security:ste:2009034588"/> 57126 </rpminfo_test> 57127 <rpminfo_test id="oval:org.opensuse.security:tst:2009041936" version="1" comment="parted-32bit is <1.6.25.1-15.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57128 <object object_ref="oval:org.opensuse.security:obj:2009032522"/> 57129 <state state_ref="oval:org.opensuse.security:ste:2009034590"/> 57130 </rpminfo_test> 57131 <rpminfo_test id="oval:org.opensuse.security:tst:2009041937" version="1" comment="parted is <1.6.25.1-15.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57132 <object object_ref="oval:org.opensuse.security:obj:2009032523"/> 57133 <state state_ref="oval:org.opensuse.security:ste:2009034590"/> 57134 </rpminfo_test> 57135 <rpminfo_test id="oval:org.opensuse.security:tst:2009041938" version="1" comment="pciutils is <2.2.4-16.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57136 <object object_ref="oval:org.opensuse.security:obj:2009032524"/> 57137 <state state_ref="oval:org.opensuse.security:ste:2009034591"/> 57138 </rpminfo_test> 57139 <rpminfo_test id="oval:org.opensuse.security:tst:2009041939" version="1" comment="pcsc-lite-devel is <1.2.9_beta9-17.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57140 <object object_ref="oval:org.opensuse.security:obj:2009032525"/> 57141 <state state_ref="oval:org.opensuse.security:ste:2009034592"/> 57142 </rpminfo_test> 57143 <rpminfo_test id="oval:org.opensuse.security:tst:2009041940" version="1" comment="pcsc-lite is <1.2.9_beta9-17.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57144 <object object_ref="oval:org.opensuse.security:obj:2009032526"/> 57145 <state state_ref="oval:org.opensuse.security:ste:2009034592"/> 57146 </rpminfo_test> 57147 <rpminfo_test id="oval:org.opensuse.security:tst:2009041941" version="1" comment="perl-Bootloader is <0.4.15-0.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57148 <object object_ref="oval:org.opensuse.security:obj:2009032527"/> 57149 <state state_ref="oval:org.opensuse.security:ste:2009034593"/> 57150 </rpminfo_test> 57151 <rpminfo_test id="oval:org.opensuse.security:tst:2009041942" version="1" comment="permissions is <2007.2.15-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57152 <object object_ref="oval:org.opensuse.security:obj:2009032191"/> 57153 <state state_ref="oval:org.opensuse.security:ste:2009034594"/> 57154 </rpminfo_test> 57155 <rpminfo_test id="oval:org.opensuse.security:tst:2009041943" version="1" comment="popt-32bit is <1.7-271.19" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57156 <object object_ref="oval:org.opensuse.security:obj:2009032528"/> 57157 <state state_ref="oval:org.opensuse.security:ste:2009034595"/> 57158 </rpminfo_test> 57159 <rpminfo_test id="oval:org.opensuse.security:tst:2009041944" version="1" comment="popt-devel-32bit is <1.7-271.19" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57160 <object object_ref="oval:org.opensuse.security:obj:2009032529"/> 57161 <state state_ref="oval:org.opensuse.security:ste:2009034595"/> 57162 </rpminfo_test> 57163 <rpminfo_test id="oval:org.opensuse.security:tst:2009041945" version="1" comment="popt-devel is <1.7-271.19" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57164 <object object_ref="oval:org.opensuse.security:obj:2009032530"/> 57165 <state state_ref="oval:org.opensuse.security:ste:2009034595"/> 57166 </rpminfo_test> 57167 <rpminfo_test id="oval:org.opensuse.security:tst:2009041946" version="1" comment="popt is <1.7-271.19" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57168 <object object_ref="oval:org.opensuse.security:obj:2009032531"/> 57169 <state state_ref="oval:org.opensuse.security:ste:2009034595"/> 57170 </rpminfo_test> 57171 <rpminfo_test id="oval:org.opensuse.security:tst:2009041947" version="1" comment="portmap is <5beta-749.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57172 <object object_ref="oval:org.opensuse.security:obj:2009032532"/> 57173 <state state_ref="oval:org.opensuse.security:ste:2009034596"/> 57174 </rpminfo_test> 57175 <rpminfo_test id="oval:org.opensuse.security:tst:2009041948" version="1" comment="postfix is <2.2.9-10.18" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57176 <object object_ref="oval:org.opensuse.security:obj:2009030854"/> 57177 <state state_ref="oval:org.opensuse.security:ste:2009034597"/> 57178 </rpminfo_test> 57179 <rpminfo_test id="oval:org.opensuse.security:tst:2009041949" version="1" comment="powersave-libs-32bit is <0.12.26-0.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57180 <object object_ref="oval:org.opensuse.security:obj:2009031806"/> 57181 <state state_ref="oval:org.opensuse.security:ste:2009034598"/> 57182 </rpminfo_test> 57183 <rpminfo_test id="oval:org.opensuse.security:tst:2009041950" version="1" comment="powersave-libs is <0.12.26-0.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57184 <object object_ref="oval:org.opensuse.security:obj:2009031808"/> 57185 <state state_ref="oval:org.opensuse.security:ste:2009034598"/> 57186 </rpminfo_test> 57187 <rpminfo_test id="oval:org.opensuse.security:tst:2009041951" version="1" comment="powersave is <0.12.26-0.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57188 <object object_ref="oval:org.opensuse.security:obj:2009031809"/> 57189 <state state_ref="oval:org.opensuse.security:ste:2009034598"/> 57190 </rpminfo_test> 57191 <rpminfo_test id="oval:org.opensuse.security:tst:2009041952" version="1" comment="procinfo is <18-55.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57192 <object object_ref="oval:org.opensuse.security:obj:2009032533"/> 57193 <state state_ref="oval:org.opensuse.security:ste:2009034599"/> 57194 </rpminfo_test> 57195 <rpminfo_test id="oval:org.opensuse.security:tst:2009041953" version="1" comment="pwdutils is <3.0.7.1-17.24" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57196 <object object_ref="oval:org.opensuse.security:obj:2009032192"/> 57197 <state state_ref="oval:org.opensuse.security:ste:2009034600"/> 57198 </rpminfo_test> 57199 <rpminfo_test id="oval:org.opensuse.security:tst:2009041954" version="1" comment="readline-32bit is <5.1-24.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57200 <object object_ref="oval:org.opensuse.security:obj:2009032534"/> 57201 <state state_ref="oval:org.opensuse.security:ste:2009034601"/> 57202 </rpminfo_test> 57203 <rpminfo_test id="oval:org.opensuse.security:tst:2009041955" version="1" comment="readline-devel-32bit is <5.1-24.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57204 <object object_ref="oval:org.opensuse.security:obj:2009032535"/> 57205 <state state_ref="oval:org.opensuse.security:ste:2009034601"/> 57206 </rpminfo_test> 57207 <rpminfo_test id="oval:org.opensuse.security:tst:2009041956" version="1" comment="readline-devel is <5.1-24.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57208 <object object_ref="oval:org.opensuse.security:obj:2009032536"/> 57209 <state state_ref="oval:org.opensuse.security:ste:2009034601"/> 57210 </rpminfo_test> 57211 <rpminfo_test id="oval:org.opensuse.security:tst:2009041957" version="1" comment="readline is <5.1-24.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57212 <object object_ref="oval:org.opensuse.security:obj:2009032537"/> 57213 <state state_ref="oval:org.opensuse.security:ste:2009034601"/> 57214 </rpminfo_test> 57215 <rpminfo_test id="oval:org.opensuse.security:tst:2009041958" version="1" comment="reiserfs is <3.6.19-19.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57216 <object object_ref="oval:org.opensuse.security:obj:2009032538"/> 57217 <state state_ref="oval:org.opensuse.security:ste:2009034602"/> 57218 </rpminfo_test> 57219 <rpminfo_test id="oval:org.opensuse.security:tst:2009041959" version="1" comment="rpm-devel is <4.4.2-43.19" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57220 <object object_ref="oval:org.opensuse.security:obj:2009032539"/> 57221 <state state_ref="oval:org.opensuse.security:ste:2009034603"/> 57222 </rpminfo_test> 57223 <rpminfo_test id="oval:org.opensuse.security:tst:2009041960" version="1" comment="rpm-python is <4.4.2-43.19" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57224 <object object_ref="oval:org.opensuse.security:obj:2009032540"/> 57225 <state state_ref="oval:org.opensuse.security:ste:2009034603"/> 57226 </rpminfo_test> 57227 <rpminfo_test id="oval:org.opensuse.security:tst:2009041961" version="1" comment="rpm is <4.4.2-43.19" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57228 <object object_ref="oval:org.opensuse.security:obj:2009032541"/> 57229 <state state_ref="oval:org.opensuse.security:ste:2009034603"/> 57230 </rpminfo_test> 57231 <rpminfo_test id="oval:org.opensuse.security:tst:2009041962" version="1" comment="rug is <7.2.0.0-0.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57232 <object object_ref="oval:org.opensuse.security:obj:2009030522"/> 57233 <state state_ref="oval:org.opensuse.security:ste:2009034604"/> 57234 </rpminfo_test> 57235 <rpminfo_test id="oval:org.opensuse.security:tst:2009041963" version="1" comment="scpm-devel is <1.1.3-18.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57236 <object object_ref="oval:org.opensuse.security:obj:2009032542"/> 57237 <state state_ref="oval:org.opensuse.security:ste:2009034605"/> 57238 </rpminfo_test> 57239 <rpminfo_test id="oval:org.opensuse.security:tst:2009041964" version="1" comment="scpm is <1.1.3-18.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57240 <object object_ref="oval:org.opensuse.security:obj:2009032543"/> 57241 <state state_ref="oval:org.opensuse.security:ste:2009034605"/> 57242 </rpminfo_test> 57243 <rpminfo_test id="oval:org.opensuse.security:tst:2009041965" version="1" comment="screen is <4.0.2-62.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57244 <object object_ref="oval:org.opensuse.security:obj:2009030655"/> 57245 <state state_ref="oval:org.opensuse.security:ste:2009034606"/> 57246 </rpminfo_test> 57247 <rpminfo_test id="oval:org.opensuse.security:tst:2009041966" version="1" comment="scsi is <1.7_2.36_1.19_0.17_0.97-12.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57248 <object object_ref="oval:org.opensuse.security:obj:2009032544"/> 57249 <state state_ref="oval:org.opensuse.security:ste:2009034607"/> 57250 </rpminfo_test> 57251 <rpminfo_test id="oval:org.opensuse.security:tst:2009041967" version="1" comment="sed is <4.1.4-17.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57252 <object object_ref="oval:org.opensuse.security:obj:2009032545"/> 57253 <state state_ref="oval:org.opensuse.security:ste:2009034608"/> 57254 </rpminfo_test> 57255 <rpminfo_test id="oval:org.opensuse.security:tst:2009041968" version="1" comment="sled-release is <10-9.22" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57256 <object object_ref="oval:org.opensuse.security:obj:2009031917"/> 57257 <state state_ref="oval:org.opensuse.security:ste:2009034609"/> 57258 </rpminfo_test> 57259 <rpminfo_test id="oval:org.opensuse.security:tst:2009041969" version="1" comment="sudo is <1.6.8p12-18.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57260 <object object_ref="oval:org.opensuse.security:obj:2009030544"/> 57261 <state state_ref="oval:org.opensuse.security:ste:2009034610"/> 57262 </rpminfo_test> 57263 <rpminfo_test id="oval:org.opensuse.security:tst:2009041970" version="1" comment="suseRegister is <1.2-9.26" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57264 <object object_ref="oval:org.opensuse.security:obj:2009032546"/> 57265 <state state_ref="oval:org.opensuse.security:ste:2009034611"/> 57266 </rpminfo_test> 57267 <rpminfo_test id="oval:org.opensuse.security:tst:2009041971" version="1" comment="sysconfig is <0.50.9-13.25" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57268 <object object_ref="oval:org.opensuse.security:obj:2009032547"/> 57269 <state state_ref="oval:org.opensuse.security:ste:2009034612"/> 57270 </rpminfo_test> 57271 <rpminfo_test id="oval:org.opensuse.security:tst:2009041972" version="1" comment="sysfsutils-32bit is <1.3.0-16.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57272 <object object_ref="oval:org.opensuse.security:obj:2009032548"/> 57273 <state state_ref="oval:org.opensuse.security:ste:2009034613"/> 57274 </rpminfo_test> 57275 <rpminfo_test id="oval:org.opensuse.security:tst:2009041973" version="1" comment="sysfsutils is <1.3.0-16.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57276 <object object_ref="oval:org.opensuse.security:obj:2009032549"/> 57277 <state state_ref="oval:org.opensuse.security:ste:2009034613"/> 57278 </rpminfo_test> 57279 <rpminfo_test id="oval:org.opensuse.security:tst:2009041974" version="1" comment="syslinux is <3.11-20.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57280 <object object_ref="oval:org.opensuse.security:obj:2009031963"/> 57281 <state state_ref="oval:org.opensuse.security:ste:2009034614"/> 57282 </rpminfo_test> 57283 <rpminfo_test id="oval:org.opensuse.security:tst:2009041975" version="1" comment="sysvinit is <2.86-21.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57284 <object object_ref="oval:org.opensuse.security:obj:2009032550"/> 57285 <state state_ref="oval:org.opensuse.security:ste:2009034615"/> 57286 </rpminfo_test> 57287 <rpminfo_test id="oval:org.opensuse.security:tst:2009041976" version="1" comment="terminfo is <5.5-18.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57288 <object object_ref="oval:org.opensuse.security:obj:2009032551"/> 57289 <state state_ref="oval:org.opensuse.security:ste:2009034583"/> 57290 </rpminfo_test> 57291 <rpminfo_test id="oval:org.opensuse.security:tst:2009041977" version="1" comment="udev is <085-30.37" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57292 <object object_ref="oval:org.opensuse.security:obj:2009031048"/> 57293 <state state_ref="oval:org.opensuse.security:ste:2009034616"/> 57294 </rpminfo_test> 57295 <rpminfo_test id="oval:org.opensuse.security:tst:2009041978" version="1" comment="ulimit is <1.1-146.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57296 <object object_ref="oval:org.opensuse.security:obj:2009032552"/> 57297 <state state_ref="oval:org.opensuse.security:ste:2009034617"/> 57298 </rpminfo_test> 57299 <rpminfo_test id="oval:org.opensuse.security:tst:2009041979" version="1" comment="update-desktop-files is <10.1-40.28" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57300 <object object_ref="oval:org.opensuse.security:obj:2009032553"/> 57301 <state state_ref="oval:org.opensuse.security:ste:2009034555"/> 57302 </rpminfo_test> 57303 <rpminfo_test id="oval:org.opensuse.security:tst:2009041980" version="1" comment="util-linux is <2.12r-35.22" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57304 <object object_ref="oval:org.opensuse.security:obj:2009030584"/> 57305 <state state_ref="oval:org.opensuse.security:ste:2009034618"/> 57306 </rpminfo_test> 57307 <rpminfo_test id="oval:org.opensuse.security:tst:2009041981" version="1" comment="wireless-tools is <28pre13-22.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57308 <object object_ref="oval:org.opensuse.security:obj:2009032554"/> 57309 <state state_ref="oval:org.opensuse.security:ste:2009034619"/> 57310 </rpminfo_test> 57311 <rpminfo_test id="oval:org.opensuse.security:tst:2009041982" version="1" comment="xfsprogs is <2.8.16-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57312 <object object_ref="oval:org.opensuse.security:obj:2009032555"/> 57313 <state state_ref="oval:org.opensuse.security:ste:2009034620"/> 57314 </rpminfo_test> 57315 <rpminfo_test id="oval:org.opensuse.security:tst:2009041983" version="1" comment="xntp is <4.2.0a-70.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57316 <object object_ref="oval:org.opensuse.security:obj:2009030870"/> 57317 <state state_ref="oval:org.opensuse.security:ste:2009034621"/> 57318 </rpminfo_test> 57319 <rpminfo_test id="oval:org.opensuse.security:tst:2009041984" version="1" comment="yast2-backup is <2.13.5-0.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57320 <object object_ref="oval:org.opensuse.security:obj:2009030865"/> 57321 <state state_ref="oval:org.opensuse.security:ste:2009034622"/> 57322 </rpminfo_test> 57323 <rpminfo_test id="oval:org.opensuse.security:tst:2009041985" version="1" comment="yast2-bootloader is <2.13.97-0.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57324 <object object_ref="oval:org.opensuse.security:obj:2009032556"/> 57325 <state state_ref="oval:org.opensuse.security:ste:2009034623"/> 57326 </rpminfo_test> 57327 <rpminfo_test id="oval:org.opensuse.security:tst:2009041986" version="1" comment="yast2-core is <2.13.39-0.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57328 <object object_ref="oval:org.opensuse.security:obj:2009030808"/> 57329 <state state_ref="oval:org.opensuse.security:ste:2009034624"/> 57330 </rpminfo_test> 57331 <rpminfo_test id="oval:org.opensuse.security:tst:2009041987" version="1" comment="yast2-country is <2.13.52-0.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57332 <object object_ref="oval:org.opensuse.security:obj:2009032557"/> 57333 <state state_ref="oval:org.opensuse.security:ste:2009034625"/> 57334 </rpminfo_test> 57335 <rpminfo_test id="oval:org.opensuse.security:tst:2009041988" version="1" comment="yast2-firewall is <2.13.15-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57336 <object object_ref="oval:org.opensuse.security:obj:2009032558"/> 57337 <state state_ref="oval:org.opensuse.security:ste:2009034626"/> 57338 </rpminfo_test> 57339 <rpminfo_test id="oval:org.opensuse.security:tst:2009041989" version="1" comment="yast2-hardware-detection is <2.13.7-0.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57340 <object object_ref="oval:org.opensuse.security:obj:2009032559"/> 57341 <state state_ref="oval:org.opensuse.security:ste:2009034627"/> 57342 </rpminfo_test> 57343 <rpminfo_test id="oval:org.opensuse.security:tst:2009041990" version="1" comment="yast2-inetd is <2.13.8-0.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57344 <object object_ref="oval:org.opensuse.security:obj:2009032560"/> 57345 <state state_ref="oval:org.opensuse.security:ste:2009034628"/> 57346 </rpminfo_test> 57347 <rpminfo_test id="oval:org.opensuse.security:tst:2009041991" version="1" comment="yast2-installation is <2.13.192-0.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57348 <object object_ref="oval:org.opensuse.security:obj:2009032561"/> 57349 <state state_ref="oval:org.opensuse.security:ste:2009034629"/> 57350 </rpminfo_test> 57351 <rpminfo_test id="oval:org.opensuse.security:tst:2009041992" version="1" comment="yast2-irda is <2.13.3-0.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57352 <object object_ref="oval:org.opensuse.security:obj:2009032562"/> 57353 <state state_ref="oval:org.opensuse.security:ste:2009034630"/> 57354 </rpminfo_test> 57355 <rpminfo_test id="oval:org.opensuse.security:tst:2009041993" version="1" comment="yast2-kerberos-client is <2.13.11-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57356 <object object_ref="oval:org.opensuse.security:obj:2009032563"/> 57357 <state state_ref="oval:org.opensuse.security:ste:2009034631"/> 57358 </rpminfo_test> 57359 <rpminfo_test id="oval:org.opensuse.security:tst:2009041994" version="1" comment="yast2-ldap-client is <2.13.27-0.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57360 <object object_ref="oval:org.opensuse.security:obj:2009032564"/> 57361 <state state_ref="oval:org.opensuse.security:ste:2009034632"/> 57362 </rpminfo_test> 57363 <rpminfo_test id="oval:org.opensuse.security:tst:2009041995" version="1" comment="yast2-ldap is <2.13.5-1.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57364 <object object_ref="oval:org.opensuse.security:obj:2009032565"/> 57365 <state state_ref="oval:org.opensuse.security:ste:2009034633"/> 57366 </rpminfo_test> 57367 <rpminfo_test id="oval:org.opensuse.security:tst:2009041996" version="1" comment="yast2-mail-aliases is <2.13.8-0.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57368 <object object_ref="oval:org.opensuse.security:obj:2009032566"/> 57369 <state state_ref="oval:org.opensuse.security:ste:2009034634"/> 57370 </rpminfo_test> 57371 <rpminfo_test id="oval:org.opensuse.security:tst:2009041997" version="1" comment="yast2-mail is <2.13.8-0.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57372 <object object_ref="oval:org.opensuse.security:obj:2009032567"/> 57373 <state state_ref="oval:org.opensuse.security:ste:2009034634"/> 57374 </rpminfo_test> 57375 <rpminfo_test id="oval:org.opensuse.security:tst:2009041998" version="1" comment="yast2-ncurses is <2.13.66-0.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57376 <object object_ref="oval:org.opensuse.security:obj:2009032568"/> 57377 <state state_ref="oval:org.opensuse.security:ste:2009034635"/> 57378 </rpminfo_test> 57379 <rpminfo_test id="oval:org.opensuse.security:tst:2009041999" version="1" comment="yast2-network is <2.13.98-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57380 <object object_ref="oval:org.opensuse.security:obj:2009032569"/> 57381 <state state_ref="oval:org.opensuse.security:ste:2009034636"/> 57382 </rpminfo_test> 57383 <rpminfo_test id="oval:org.opensuse.security:tst:2009042000" version="1" comment="yast2-nfs-client is <2.13.4-0.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57384 <object object_ref="oval:org.opensuse.security:obj:2009032570"/> 57385 <state state_ref="oval:org.opensuse.security:ste:2009034637"/> 57386 </rpminfo_test> 57387 <rpminfo_test id="oval:org.opensuse.security:tst:2009042001" version="1" comment="yast2-nis-client is <2.13.8-0.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57388 <object object_ref="oval:org.opensuse.security:obj:2009032571"/> 57389 <state state_ref="oval:org.opensuse.security:ste:2009034634"/> 57390 </rpminfo_test> 57391 <rpminfo_test id="oval:org.opensuse.security:tst:2009042002" version="1" comment="yast2-ntp-client is <2.13.17-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57392 <object object_ref="oval:org.opensuse.security:obj:2009032572"/> 57393 <state state_ref="oval:org.opensuse.security:ste:2009034638"/> 57394 </rpminfo_test> 57395 <rpminfo_test id="oval:org.opensuse.security:tst:2009042003" version="1" comment="yast2-online-update-frontend is <2.13.59-0.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57396 <object object_ref="oval:org.opensuse.security:obj:2009032573"/> 57397 <state state_ref="oval:org.opensuse.security:ste:2009034639"/> 57398 </rpminfo_test> 57399 <rpminfo_test id="oval:org.opensuse.security:tst:2009042004" version="1" comment="yast2-online-update is <2.13.59-0.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57400 <object object_ref="oval:org.opensuse.security:obj:2009032574"/> 57401 <state state_ref="oval:org.opensuse.security:ste:2009034639"/> 57402 </rpminfo_test> 57403 <rpminfo_test id="oval:org.opensuse.security:tst:2009042005" version="1" comment="yast2-packager is <2.13.175-0.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57404 <object object_ref="oval:org.opensuse.security:obj:2009032575"/> 57405 <state state_ref="oval:org.opensuse.security:ste:2009034640"/> 57406 </rpminfo_test> 57407 <rpminfo_test id="oval:org.opensuse.security:tst:2009042006" version="1" comment="yast2-pam is <2.13.5-0.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57408 <object object_ref="oval:org.opensuse.security:obj:2009032576"/> 57409 <state state_ref="oval:org.opensuse.security:ste:2009034641"/> 57410 </rpminfo_test> 57411 <rpminfo_test id="oval:org.opensuse.security:tst:2009042007" version="1" comment="yast2-perl-bindings is <2.13.11-0.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57412 <object object_ref="oval:org.opensuse.security:obj:2009032577"/> 57413 <state state_ref="oval:org.opensuse.security:ste:2009034642"/> 57414 </rpminfo_test> 57415 <rpminfo_test id="oval:org.opensuse.security:tst:2009042008" version="1" comment="yast2-pkg-bindings is <2.13.117-0.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57416 <object object_ref="oval:org.opensuse.security:obj:2009032578"/> 57417 <state state_ref="oval:org.opensuse.security:ste:2009034643"/> 57418 </rpminfo_test> 57419 <rpminfo_test id="oval:org.opensuse.security:tst:2009042009" version="1" comment="yast2-power-management is <2.13.9-0.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57420 <object object_ref="oval:org.opensuse.security:obj:2009032579"/> 57421 <state state_ref="oval:org.opensuse.security:ste:2009034644"/> 57422 </rpminfo_test> 57423 <rpminfo_test id="oval:org.opensuse.security:tst:2009042010" version="1" comment="yast2-powertweak is <2.13.8-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57424 <object object_ref="oval:org.opensuse.security:obj:2009032580"/> 57425 <state state_ref="oval:org.opensuse.security:ste:2009034645"/> 57426 </rpminfo_test> 57427 <rpminfo_test id="oval:org.opensuse.security:tst:2009042011" version="1" comment="yast2-printer is <2.13.32-1.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57428 <object object_ref="oval:org.opensuse.security:obj:2009032581"/> 57429 <state state_ref="oval:org.opensuse.security:ste:2009034646"/> 57430 </rpminfo_test> 57431 <rpminfo_test id="oval:org.opensuse.security:tst:2009042012" version="1" comment="yast2-profile-manager is <2.13.6-0.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57432 <object object_ref="oval:org.opensuse.security:obj:2009032582"/> 57433 <state state_ref="oval:org.opensuse.security:ste:2009034647"/> 57434 </rpminfo_test> 57435 <rpminfo_test id="oval:org.opensuse.security:tst:2009042013" version="1" comment="yast2-repair is <2.13.10-0.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57436 <object object_ref="oval:org.opensuse.security:obj:2009032583"/> 57437 <state state_ref="oval:org.opensuse.security:ste:2009034648"/> 57438 </rpminfo_test> 57439 <rpminfo_test id="oval:org.opensuse.security:tst:2009042014" version="1" comment="yast2-restore is <2.13.2-0.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57440 <object object_ref="oval:org.opensuse.security:obj:2009032584"/> 57441 <state state_ref="oval:org.opensuse.security:ste:2009034649"/> 57442 </rpminfo_test> 57443 <rpminfo_test id="oval:org.opensuse.security:tst:2009042015" version="1" comment="yast2-runlevel is <2.13.11-0.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57444 <object object_ref="oval:org.opensuse.security:obj:2009032585"/> 57445 <state state_ref="oval:org.opensuse.security:ste:2009034650"/> 57446 </rpminfo_test> 57447 <rpminfo_test id="oval:org.opensuse.security:tst:2009042016" version="1" comment="yast2-samba-client is <2.13.36-0.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57448 <object object_ref="oval:org.opensuse.security:obj:2009032586"/> 57449 <state state_ref="oval:org.opensuse.security:ste:2009034651"/> 57450 </rpminfo_test> 57451 <rpminfo_test id="oval:org.opensuse.security:tst:2009042017" version="1" comment="yast2-schema is <2.13.5-0.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57452 <object object_ref="oval:org.opensuse.security:obj:2009032587"/> 57453 <state state_ref="oval:org.opensuse.security:ste:2009034652"/> 57454 </rpminfo_test> 57455 <rpminfo_test id="oval:org.opensuse.security:tst:2009042018" version="1" comment="yast2-security is <2.13.7-0.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57456 <object object_ref="oval:org.opensuse.security:obj:2009032588"/> 57457 <state state_ref="oval:org.opensuse.security:ste:2009034653"/> 57458 </rpminfo_test> 57459 <rpminfo_test id="oval:org.opensuse.security:tst:2009042019" version="1" comment="yast2-slp is <2.13.4-0.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57460 <object object_ref="oval:org.opensuse.security:obj:2009032589"/> 57461 <state state_ref="oval:org.opensuse.security:ste:2009034654"/> 57462 </rpminfo_test> 57463 <rpminfo_test id="oval:org.opensuse.security:tst:2009042020" version="1" comment="yast2-storage-lib is <2.13.94-0.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57464 <object object_ref="oval:org.opensuse.security:obj:2009032590"/> 57465 <state state_ref="oval:org.opensuse.security:ste:2009034655"/> 57466 </rpminfo_test> 57467 <rpminfo_test id="oval:org.opensuse.security:tst:2009042021" version="1" comment="yast2-storage is <2.13.94-0.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57468 <object object_ref="oval:org.opensuse.security:obj:2009032591"/> 57469 <state state_ref="oval:org.opensuse.security:ste:2009034655"/> 57470 </rpminfo_test> 57471 <rpminfo_test id="oval:org.opensuse.security:tst:2009042022" version="1" comment="yast2-support is <2.13.6-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57472 <object object_ref="oval:org.opensuse.security:obj:2009032592"/> 57473 <state state_ref="oval:org.opensuse.security:ste:2009034656"/> 57474 </rpminfo_test> 57475 <rpminfo_test id="oval:org.opensuse.security:tst:2009042023" version="1" comment="yast2-sysconfig is <2.13.8-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57476 <object object_ref="oval:org.opensuse.security:obj:2009032593"/> 57477 <state state_ref="oval:org.opensuse.security:ste:2009034645"/> 57478 </rpminfo_test> 57479 <rpminfo_test id="oval:org.opensuse.security:tst:2009042024" version="1" comment="yast2-theme-NLD is <0.4.5-3.20" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57480 <object object_ref="oval:org.opensuse.security:obj:2009032594"/> 57481 <state state_ref="oval:org.opensuse.security:ste:2009034657"/> 57482 </rpminfo_test> 57483 <rpminfo_test id="oval:org.opensuse.security:tst:2009042025" version="1" comment="yast2-trans-stats is <2.11.0-21.18" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57484 <object object_ref="oval:org.opensuse.security:obj:2009032595"/> 57485 <state state_ref="oval:org.opensuse.security:ste:2009034658"/> 57486 </rpminfo_test> 57487 <rpminfo_test id="oval:org.opensuse.security:tst:2009042026" version="1" comment="yast2-transfer is <2.13.4-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57488 <object object_ref="oval:org.opensuse.security:obj:2009032596"/> 57489 <state state_ref="oval:org.opensuse.security:ste:2009034659"/> 57490 </rpminfo_test> 57491 <rpminfo_test id="oval:org.opensuse.security:tst:2009042027" version="1" comment="yast2-tune is <2.13.12-0.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57492 <object object_ref="oval:org.opensuse.security:obj:2009032597"/> 57493 <state state_ref="oval:org.opensuse.security:ste:2009034660"/> 57494 </rpminfo_test> 57495 <rpminfo_test id="oval:org.opensuse.security:tst:2009042028" version="1" comment="yast2-tv is <2.13.9-0.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57496 <object object_ref="oval:org.opensuse.security:obj:2009032598"/> 57497 <state state_ref="oval:org.opensuse.security:ste:2009034661"/> 57498 </rpminfo_test> 57499 <rpminfo_test id="oval:org.opensuse.security:tst:2009042029" version="1" comment="yast2-update is <2.13.52-0.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57500 <object object_ref="oval:org.opensuse.security:obj:2009032599"/> 57501 <state state_ref="oval:org.opensuse.security:ste:2009034662"/> 57502 </rpminfo_test> 57503 <rpminfo_test id="oval:org.opensuse.security:tst:2009042030" version="1" comment="yast2-users is <2.13.55-0.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57504 <object object_ref="oval:org.opensuse.security:obj:2009032600"/> 57505 <state state_ref="oval:org.opensuse.security:ste:2009034663"/> 57506 </rpminfo_test> 57507 <rpminfo_test id="oval:org.opensuse.security:tst:2009042031" version="1" comment="yast2-vm is <2.13.77-0.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57508 <object object_ref="oval:org.opensuse.security:obj:2009032601"/> 57509 <state state_ref="oval:org.opensuse.security:ste:2009034664"/> 57510 </rpminfo_test> 57511 <rpminfo_test id="oval:org.opensuse.security:tst:2009042032" version="1" comment="yast2-xml is <2.13.4-0.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57512 <object object_ref="oval:org.opensuse.security:obj:2009032602"/> 57513 <state state_ref="oval:org.opensuse.security:ste:2009034665"/> 57514 </rpminfo_test> 57515 <rpminfo_test id="oval:org.opensuse.security:tst:2009042033" version="1" comment="yast2 is <2.13.104-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57516 <object object_ref="oval:org.opensuse.security:obj:2009032603"/> 57517 <state state_ref="oval:org.opensuse.security:ste:2009034666"/> 57518 </rpminfo_test> 57519 <rpminfo_test id="oval:org.opensuse.security:tst:2009042034" version="1" comment="zmd-inventory is <7.2.0-0.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57520 <object object_ref="oval:org.opensuse.security:obj:2009032604"/> 57521 <state state_ref="oval:org.opensuse.security:ste:2009034667"/> 57522 </rpminfo_test> 57523 <rpminfo_test id="oval:org.opensuse.security:tst:2009042035" version="1" comment="zmd is <7.2.0.0-0.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57524 <object object_ref="oval:org.opensuse.security:obj:2009032605"/> 57525 <state state_ref="oval:org.opensuse.security:ste:2009034668"/> 57526 </rpminfo_test> 57527 <rpminfo_test id="oval:org.opensuse.security:tst:2009042036" version="1" comment="zypper is <0.6.17-0.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57528 <object object_ref="oval:org.opensuse.security:obj:2009031758"/> 57529 <state state_ref="oval:org.opensuse.security:ste:2009034669"/> 57530 </rpminfo_test> 57531 <rpminfo_test id="oval:org.opensuse.security:tst:2009042151" version="1" comment="nss_ldap-32bit is <246-14.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57532 <object object_ref="oval:org.opensuse.security:obj:2009030789"/> 57533 <state state_ref="oval:org.opensuse.security:ste:2009034678"/> 57534 </rpminfo_test> 57535 <rpminfo_test id="oval:org.opensuse.security:tst:2009042152" version="1" comment="nss_ldap is <246-14.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57536 <object object_ref="oval:org.opensuse.security:obj:2009030790"/> 57537 <state state_ref="oval:org.opensuse.security:ste:2009034678"/> 57538 </rpminfo_test> 57539 <rpminfo_test id="oval:org.opensuse.security:tst:2009042153" version="1" comment="pam_ldap-32bit is <180-13.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57540 <object object_ref="oval:org.opensuse.security:obj:2009030663"/> 57541 <state state_ref="oval:org.opensuse.security:ste:2009034679"/> 57542 </rpminfo_test> 57543 <rpminfo_test id="oval:org.opensuse.security:tst:2009042154" version="1" comment="pam_ldap is <180-13.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57544 <object object_ref="oval:org.opensuse.security:obj:2009030547"/> 57545 <state state_ref="oval:org.opensuse.security:ste:2009034679"/> 57546 </rpminfo_test> 57547 <rpminfo_test id="oval:org.opensuse.security:tst:2009042160" version="1" comment="NetworkManager-kde is <0.1r588481-1.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57548 <object object_ref="oval:org.opensuse.security:obj:2009031893"/> 57549 <state state_ref="oval:org.opensuse.security:ste:2009034681"/> 57550 </rpminfo_test> 57551 <rpminfo_test id="oval:org.opensuse.security:tst:2009042161" version="1" comment="amarok-libvisual is <1.3.8-34.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57552 <object object_ref="oval:org.opensuse.security:obj:2009031869"/> 57553 <state state_ref="oval:org.opensuse.security:ste:2009034682"/> 57554 </rpminfo_test> 57555 <rpminfo_test id="oval:org.opensuse.security:tst:2009042162" version="1" comment="amarok-xine is <1.3.8-34.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57556 <object object_ref="oval:org.opensuse.security:obj:2009031870"/> 57557 <state state_ref="oval:org.opensuse.security:ste:2009034682"/> 57558 </rpminfo_test> 57559 <rpminfo_test id="oval:org.opensuse.security:tst:2009042163" version="1" comment="amarok is <1.3.8-34.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57560 <object object_ref="oval:org.opensuse.security:obj:2009031872"/> 57561 <state state_ref="oval:org.opensuse.security:ste:2009034682"/> 57562 </rpminfo_test> 57563 <rpminfo_test id="oval:org.opensuse.security:tst:2009042164" version="1" comment="beagle-index is <10.1_20070202-0.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57564 <object object_ref="oval:org.opensuse.security:obj:2009032656"/> 57565 <state state_ref="oval:org.opensuse.security:ste:2009034683"/> 57566 </rpminfo_test> 57567 <rpminfo_test id="oval:org.opensuse.security:tst:2009042165" version="1" comment="digikam is <0.8.2-39.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57568 <object object_ref="oval:org.opensuse.security:obj:2009032657"/> 57569 <state state_ref="oval:org.opensuse.security:ste:2009034684"/> 57570 </rpminfo_test> 57571 <rpminfo_test id="oval:org.opensuse.security:tst:2009042166" version="1" comment="digikamimageplugins is <0.8.2-36.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57572 <object object_ref="oval:org.opensuse.security:obj:2009032658"/> 57573 <state state_ref="oval:org.opensuse.security:ste:2009034685"/> 57574 </rpminfo_test> 57575 <rpminfo_test id="oval:org.opensuse.security:tst:2009042167" version="1" comment="flash-player is <9.0.31.0-1.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57576 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 57577 <state state_ref="oval:org.opensuse.security:ste:2009034686"/> 57578 </rpminfo_test> 57579 <rpminfo_test id="oval:org.opensuse.security:tst:2009042168" version="1" comment="gtk-qt-engine-32bit is <0.7cvs20060209-22.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57580 <object object_ref="oval:org.opensuse.security:obj:2009032659"/> 57581 <state state_ref="oval:org.opensuse.security:ste:2009034687"/> 57582 </rpminfo_test> 57583 <rpminfo_test id="oval:org.opensuse.security:tst:2009042169" version="1" comment="gtk-qt-engine is <0.7cvs20060209-22.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57584 <object object_ref="oval:org.opensuse.security:obj:2009032660"/> 57585 <state state_ref="oval:org.opensuse.security:ste:2009034687"/> 57586 </rpminfo_test> 57587 <rpminfo_test id="oval:org.opensuse.security:tst:2009042170" version="1" comment="kdeaddons3-kate is <3.5.1-18.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57588 <object object_ref="oval:org.opensuse.security:obj:2009032661"/> 57589 <state state_ref="oval:org.opensuse.security:ste:2009034688"/> 57590 </rpminfo_test> 57591 <rpminfo_test id="oval:org.opensuse.security:tst:2009042171" version="1" comment="kdeaddons3-kicker is <3.5.1-18.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57592 <object object_ref="oval:org.opensuse.security:obj:2009032662"/> 57593 <state state_ref="oval:org.opensuse.security:ste:2009034688"/> 57594 </rpminfo_test> 57595 <rpminfo_test id="oval:org.opensuse.security:tst:2009042172" version="1" comment="kdeaddons3-konqueror is <3.5.1-18.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57596 <object object_ref="oval:org.opensuse.security:obj:2009032663"/> 57597 <state state_ref="oval:org.opensuse.security:ste:2009034688"/> 57598 </rpminfo_test> 57599 <rpminfo_test id="oval:org.opensuse.security:tst:2009042173" version="1" comment="kdemultimedia3-CD is <3.5.1-20.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57600 <object object_ref="oval:org.opensuse.security:obj:2009032664"/> 57601 <state state_ref="oval:org.opensuse.security:ste:2009034689"/> 57602 </rpminfo_test> 57603 <rpminfo_test id="oval:org.opensuse.security:tst:2009042174" version="1" comment="kdemultimedia3-devel is <3.5.1-20.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57604 <object object_ref="oval:org.opensuse.security:obj:2009032665"/> 57605 <state state_ref="oval:org.opensuse.security:ste:2009034689"/> 57606 </rpminfo_test> 57607 <rpminfo_test id="oval:org.opensuse.security:tst:2009042175" version="1" comment="kdemultimedia3-mixer is <3.5.1-20.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57608 <object object_ref="oval:org.opensuse.security:obj:2009032666"/> 57609 <state state_ref="oval:org.opensuse.security:ste:2009034689"/> 57610 </rpminfo_test> 57611 <rpminfo_test id="oval:org.opensuse.security:tst:2009042176" version="1" comment="kdemultimedia3-sound is <3.5.1-20.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57612 <object object_ref="oval:org.opensuse.security:obj:2009032667"/> 57613 <state state_ref="oval:org.opensuse.security:ste:2009034689"/> 57614 </rpminfo_test> 57615 <rpminfo_test id="oval:org.opensuse.security:tst:2009042177" version="1" comment="kdemultimedia3-video is <3.5.1-20.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57616 <object object_ref="oval:org.opensuse.security:obj:2009032668"/> 57617 <state state_ref="oval:org.opensuse.security:ste:2009034689"/> 57618 </rpminfo_test> 57619 <rpminfo_test id="oval:org.opensuse.security:tst:2009042178" version="1" comment="kdemultimedia3 is <3.5.1-20.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57620 <object object_ref="oval:org.opensuse.security:obj:2009032669"/> 57621 <state state_ref="oval:org.opensuse.security:ste:2009034689"/> 57622 </rpminfo_test> 57623 <rpminfo_test id="oval:org.opensuse.security:tst:2009042179" version="1" comment="kdenetwork3-InstantMessenger is <3.5.1-32.24" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57624 <object object_ref="oval:org.opensuse.security:obj:2009032155"/> 57625 <state state_ref="oval:org.opensuse.security:ste:2009034690"/> 57626 </rpminfo_test> 57627 <rpminfo_test id="oval:org.opensuse.security:tst:2009042180" version="1" comment="kdenetwork3-news is <3.5.1-32.24" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57628 <object object_ref="oval:org.opensuse.security:obj:2009032670"/> 57629 <state state_ref="oval:org.opensuse.security:ste:2009034690"/> 57630 </rpminfo_test> 57631 <rpminfo_test id="oval:org.opensuse.security:tst:2009042181" version="1" comment="kdenetwork3-vnc is <3.5.1-32.24" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57632 <object object_ref="oval:org.opensuse.security:obj:2009032671"/> 57633 <state state_ref="oval:org.opensuse.security:ste:2009034690"/> 57634 </rpminfo_test> 57635 <rpminfo_test id="oval:org.opensuse.security:tst:2009042182" version="1" comment="kdenetwork3 is <3.5.1-32.24" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57636 <object object_ref="oval:org.opensuse.security:obj:2009031951"/> 57637 <state state_ref="oval:org.opensuse.security:ste:2009034690"/> 57638 </rpminfo_test> 57639 <rpminfo_test id="oval:org.opensuse.security:tst:2009042183" version="1" comment="kdepim3-devel is <3.5.1-41.30" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57640 <object object_ref="oval:org.opensuse.security:obj:2009032672"/> 57641 <state state_ref="oval:org.opensuse.security:ste:2009034691"/> 57642 </rpminfo_test> 57643 <rpminfo_test id="oval:org.opensuse.security:tst:2009042184" version="1" comment="kdepim3-kpilot is <3.5.1-41.30" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57644 <object object_ref="oval:org.opensuse.security:obj:2009032673"/> 57645 <state state_ref="oval:org.opensuse.security:ste:2009034691"/> 57646 </rpminfo_test> 57647 <rpminfo_test id="oval:org.opensuse.security:tst:2009042185" version="1" comment="kdepim3-mobile is <3.5.1-41.30" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57648 <object object_ref="oval:org.opensuse.security:obj:2009032674"/> 57649 <state state_ref="oval:org.opensuse.security:ste:2009034691"/> 57650 </rpminfo_test> 57651 <rpminfo_test id="oval:org.opensuse.security:tst:2009042186" version="1" comment="kdepim3-networkstatus is <3.5.1-41.30" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57652 <object object_ref="oval:org.opensuse.security:obj:2009032675"/> 57653 <state state_ref="oval:org.opensuse.security:ste:2009034691"/> 57654 </rpminfo_test> 57655 <rpminfo_test id="oval:org.opensuse.security:tst:2009042187" version="1" comment="kdepim3-sync is <3.5.1-41.30" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57656 <object object_ref="oval:org.opensuse.security:obj:2009032676"/> 57657 <state state_ref="oval:org.opensuse.security:ste:2009034691"/> 57658 </rpminfo_test> 57659 <rpminfo_test id="oval:org.opensuse.security:tst:2009042188" version="1" comment="kdepim3 is <3.5.1-41.30" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57660 <object object_ref="oval:org.opensuse.security:obj:2009031975"/> 57661 <state state_ref="oval:org.opensuse.security:ste:2009034691"/> 57662 </rpminfo_test> 57663 <rpminfo_test id="oval:org.opensuse.security:tst:2009042189" version="1" comment="kerry is <0.2.2-0.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57664 <object object_ref="oval:org.opensuse.security:obj:2009032677"/> 57665 <state state_ref="oval:org.opensuse.security:ste:2009034692"/> 57666 </rpminfo_test> 57667 <rpminfo_test id="oval:org.opensuse.security:tst:2009042190" version="1" comment="kinternet is <0.75-19.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57668 <object object_ref="oval:org.opensuse.security:obj:2009032678"/> 57669 <state state_ref="oval:org.opensuse.security:ste:2009034693"/> 57670 </rpminfo_test> 57671 <rpminfo_test id="oval:org.opensuse.security:tst:2009042191" version="1" comment="krecord is <1.16-25.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57672 <object object_ref="oval:org.opensuse.security:obj:2009032679"/> 57673 <state state_ref="oval:org.opensuse.security:ste:2009034694"/> 57674 </rpminfo_test> 57675 <rpminfo_test id="oval:org.opensuse.security:tst:2009042192" version="1" comment="kscpm is <0.5.3-17.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57676 <object object_ref="oval:org.opensuse.security:obj:2009032680"/> 57677 <state state_ref="oval:org.opensuse.security:ste:2009034695"/> 57678 </rpminfo_test> 57679 <rpminfo_test id="oval:org.opensuse.security:tst:2009042193" version="1" comment="yast2-CASA is <1.7.1271-3.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57680 <object object_ref="oval:org.opensuse.security:obj:2009032681"/> 57681 <state state_ref="oval:org.opensuse.security:ste:2009034696"/> 57682 </rpminfo_test> 57683 <rpminfo_test id="oval:org.opensuse.security:tst:2009042506" version="1" comment="OpenOffice_org-af is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57684 <object object_ref="oval:org.opensuse.security:obj:2009031377"/> 57685 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57686 </rpminfo_test> 57687 <rpminfo_test id="oval:org.opensuse.security:tst:2009042507" version="1" comment="OpenOffice_org-ar is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57688 <object object_ref="oval:org.opensuse.security:obj:2009030617"/> 57689 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57690 </rpminfo_test> 57691 <rpminfo_test id="oval:org.opensuse.security:tst:2009042508" version="1" comment="OpenOffice_org-ca is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57692 <object object_ref="oval:org.opensuse.security:obj:2009030618"/> 57693 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57694 </rpminfo_test> 57695 <rpminfo_test id="oval:org.opensuse.security:tst:2009042509" version="1" comment="OpenOffice_org-cs is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57696 <object object_ref="oval:org.opensuse.security:obj:2009030485"/> 57697 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57698 </rpminfo_test> 57699 <rpminfo_test id="oval:org.opensuse.security:tst:2009042510" version="1" comment="OpenOffice_org-da is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57700 <object object_ref="oval:org.opensuse.security:obj:2009030486"/> 57701 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57702 </rpminfo_test> 57703 <rpminfo_test id="oval:org.opensuse.security:tst:2009042511" version="1" comment="OpenOffice_org-de-templates is <8.2-171.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57704 <object object_ref="oval:org.opensuse.security:obj:2009032118"/> 57705 <state state_ref="oval:org.opensuse.security:ste:2009034764"/> 57706 </rpminfo_test> 57707 <rpminfo_test id="oval:org.opensuse.security:tst:2009042512" version="1" comment="OpenOffice_org-de is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57708 <object object_ref="oval:org.opensuse.security:obj:2009030487"/> 57709 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57710 </rpminfo_test> 57711 <rpminfo_test id="oval:org.opensuse.security:tst:2009042513" version="1" comment="OpenOffice_org-es is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57712 <object object_ref="oval:org.opensuse.security:obj:2009030490"/> 57713 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57714 </rpminfo_test> 57715 <rpminfo_test id="oval:org.opensuse.security:tst:2009042514" version="1" comment="OpenOffice_org-fi is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57716 <object object_ref="oval:org.opensuse.security:obj:2009030491"/> 57717 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57718 </rpminfo_test> 57719 <rpminfo_test id="oval:org.opensuse.security:tst:2009042515" version="1" comment="OpenOffice_org-fr is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57720 <object object_ref="oval:org.opensuse.security:obj:2009030492"/> 57721 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57722 </rpminfo_test> 57723 <rpminfo_test id="oval:org.opensuse.security:tst:2009042516" version="1" comment="OpenOffice_org-galleries is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57724 <object object_ref="oval:org.opensuse.security:obj:2009032226"/> 57725 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57726 </rpminfo_test> 57727 <rpminfo_test id="oval:org.opensuse.security:tst:2009042517" version="1" comment="OpenOffice_org-gnome is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57728 <object object_ref="oval:org.opensuse.security:obj:2009030493"/> 57729 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57730 </rpminfo_test> 57731 <rpminfo_test id="oval:org.opensuse.security:tst:2009042518" version="1" comment="OpenOffice_org-gu-IN is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57732 <object object_ref="oval:org.opensuse.security:obj:2009031382"/> 57733 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57734 </rpminfo_test> 57735 <rpminfo_test id="oval:org.opensuse.security:tst:2009042519" version="1" comment="OpenOffice_org-hi-IN is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57736 <object object_ref="oval:org.opensuse.security:obj:2009031383"/> 57737 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57738 </rpminfo_test> 57739 <rpminfo_test id="oval:org.opensuse.security:tst:2009042520" version="1" comment="OpenOffice_org-hu is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57740 <object object_ref="oval:org.opensuse.security:obj:2009030494"/> 57741 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57742 </rpminfo_test> 57743 <rpminfo_test id="oval:org.opensuse.security:tst:2009042521" version="1" comment="OpenOffice_org-it is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57744 <object object_ref="oval:org.opensuse.security:obj:2009030495"/> 57745 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57746 </rpminfo_test> 57747 <rpminfo_test id="oval:org.opensuse.security:tst:2009042522" version="1" comment="OpenOffice_org-ja is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57748 <object object_ref="oval:org.opensuse.security:obj:2009030496"/> 57749 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57750 </rpminfo_test> 57751 <rpminfo_test id="oval:org.opensuse.security:tst:2009042523" version="1" comment="OpenOffice_org-kde is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57752 <object object_ref="oval:org.opensuse.security:obj:2009030497"/> 57753 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57754 </rpminfo_test> 57755 <rpminfo_test id="oval:org.opensuse.security:tst:2009042524" version="1" comment="OpenOffice_org-mono is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57756 <object object_ref="oval:org.opensuse.security:obj:2009031354"/> 57757 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57758 </rpminfo_test> 57759 <rpminfo_test id="oval:org.opensuse.security:tst:2009042525" version="1" comment="OpenOffice_org-nb is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57760 <object object_ref="oval:org.opensuse.security:obj:2009031388"/> 57761 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57762 </rpminfo_test> 57763 <rpminfo_test id="oval:org.opensuse.security:tst:2009042526" version="1" comment="OpenOffice_org-nl is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57764 <object object_ref="oval:org.opensuse.security:obj:2009030622"/> 57765 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57766 </rpminfo_test> 57767 <rpminfo_test id="oval:org.opensuse.security:tst:2009042527" version="1" comment="OpenOffice_org-nld is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57768 <object object_ref="oval:org.opensuse.security:obj:2009032702"/> 57769 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57770 </rpminfo_test> 57771 <rpminfo_test id="oval:org.opensuse.security:tst:2009042528" version="1" comment="OpenOffice_org-nn is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57772 <object object_ref="oval:org.opensuse.security:obj:2009031389"/> 57773 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57774 </rpminfo_test> 57775 <rpminfo_test id="oval:org.opensuse.security:tst:2009042529" version="1" comment="OpenOffice_org-pl is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57776 <object object_ref="oval:org.opensuse.security:obj:2009030498"/> 57777 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57778 </rpminfo_test> 57779 <rpminfo_test id="oval:org.opensuse.security:tst:2009042530" version="1" comment="OpenOffice_org-pt-BR is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57780 <object object_ref="oval:org.opensuse.security:obj:2009030623"/> 57781 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57782 </rpminfo_test> 57783 <rpminfo_test id="oval:org.opensuse.security:tst:2009042531" version="1" comment="OpenOffice_org-ru is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57784 <object object_ref="oval:org.opensuse.security:obj:2009030500"/> 57785 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57786 </rpminfo_test> 57787 <rpminfo_test id="oval:org.opensuse.security:tst:2009042532" version="1" comment="OpenOffice_org-sk is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57788 <object object_ref="oval:org.opensuse.security:obj:2009030501"/> 57789 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57790 </rpminfo_test> 57791 <rpminfo_test id="oval:org.opensuse.security:tst:2009042533" version="1" comment="OpenOffice_org-sv is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57792 <object object_ref="oval:org.opensuse.security:obj:2009030502"/> 57793 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57794 </rpminfo_test> 57795 <rpminfo_test id="oval:org.opensuse.security:tst:2009042534" version="1" comment="OpenOffice_org-xh is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57796 <object object_ref="oval:org.opensuse.security:obj:2009031396"/> 57797 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57798 </rpminfo_test> 57799 <rpminfo_test id="oval:org.opensuse.security:tst:2009042535" version="1" comment="OpenOffice_org-zh-CN is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57800 <object object_ref="oval:org.opensuse.security:obj:2009030503"/> 57801 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57802 </rpminfo_test> 57803 <rpminfo_test id="oval:org.opensuse.security:tst:2009042536" version="1" comment="OpenOffice_org-zh-TW is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57804 <object object_ref="oval:org.opensuse.security:obj:2009030504"/> 57805 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57806 </rpminfo_test> 57807 <rpminfo_test id="oval:org.opensuse.security:tst:2009042537" version="1" comment="OpenOffice_org-zu is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57808 <object object_ref="oval:org.opensuse.security:obj:2009031397"/> 57809 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57810 </rpminfo_test> 57811 <rpminfo_test id="oval:org.opensuse.security:tst:2009042538" version="1" comment="OpenOffice_org is <2.1-0.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57812 <object object_ref="oval:org.opensuse.security:obj:2009030505"/> 57813 <state state_ref="oval:org.opensuse.security:ste:2009034763"/> 57814 </rpminfo_test> 57815 <rpminfo_test id="oval:org.opensuse.security:tst:2009072989" version="1" comment="NetworkManager-devel is <0.6.6-0.21.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57816 <object object_ref="oval:org.opensuse.security:obj:2009031891"/> 57817 <state state_ref="oval:org.opensuse.security:ste:2009040340"/> 57818 </rpminfo_test> 57819 <rpminfo_test id="oval:org.opensuse.security:tst:2009072990" version="1" comment="NetworkManager-glib is <0.6.6-0.21.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57820 <object object_ref="oval:org.opensuse.security:obj:2009030980"/> 57821 <state state_ref="oval:org.opensuse.security:ste:2009040340"/> 57822 </rpminfo_test> 57823 <rpminfo_test id="oval:org.opensuse.security:tst:2009072991" version="1" comment="NetworkManager-gnome is <0.6.6-0.21.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57824 <object object_ref="oval:org.opensuse.security:obj:2009030982"/> 57825 <state state_ref="oval:org.opensuse.security:ste:2009040340"/> 57826 </rpminfo_test> 57827 <rpminfo_test id="oval:org.opensuse.security:tst:2009072992" version="1" comment="NetworkManager is <0.6.6-0.21.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57828 <object object_ref="oval:org.opensuse.security:obj:2009030981"/> 57829 <state state_ref="oval:org.opensuse.security:ste:2009040340"/> 57830 </rpminfo_test> 57831 <rpminfo_test id="oval:org.opensuse.security:tst:2009072993" version="1" comment="wpa_supplicant is <0.4.8-14.29.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57832 <object object_ref="oval:org.opensuse.security:obj:2009034744"/> 57833 <state state_ref="oval:org.opensuse.security:ste:2009040341"/> 57834 </rpminfo_test> 57835 <rpminfo_test id="oval:org.opensuse.security:tst:2009073451" version="1" comment="openssl-32bit is <0.9.8a-18.64.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57836 <object object_ref="oval:org.opensuse.security:obj:2009030634"/> 57837 <state state_ref="oval:org.opensuse.security:ste:2009040428"/> 57838 </rpminfo_test> 57839 <rpminfo_test id="oval:org.opensuse.security:tst:2009073452" version="1" comment="openssl-devel-32bit is <0.9.8a-18.64.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57840 <object object_ref="oval:org.opensuse.security:obj:2009030635"/> 57841 <state state_ref="oval:org.opensuse.security:ste:2009040428"/> 57842 </rpminfo_test> 57843 <rpminfo_test id="oval:org.opensuse.security:tst:2009073453" version="1" comment="openssl-devel is <0.9.8a-18.64.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57844 <object object_ref="oval:org.opensuse.security:obj:2009030587"/> 57845 <state state_ref="oval:org.opensuse.security:ste:2009040428"/> 57846 </rpminfo_test> 57847 <rpminfo_test id="oval:org.opensuse.security:tst:2009073454" version="1" comment="openssl is <0.9.8a-18.64.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57848 <object object_ref="oval:org.opensuse.security:obj:2009030588"/> 57849 <state state_ref="oval:org.opensuse.security:ste:2009040428"/> 57850 </rpminfo_test> 57851 <rpminfo_test id="oval:org.opensuse.security:tst:2009055729" version="1" comment="acroread is <8.1.7-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57852 <object object_ref="oval:org.opensuse.security:obj:2009030440"/> 57853 <state state_ref="oval:org.opensuse.security:ste:2009037263"/> 57854 </rpminfo_test> 57855 <rpminfo_test id="oval:org.opensuse.security:tst:2009055728" version="1" comment="acroread_ja is <8.1.7-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57856 <object object_ref="oval:org.opensuse.security:obj:2009032700"/> 57857 <state state_ref="oval:org.opensuse.security:ste:2009037263"/> 57858 </rpminfo_test> 57859 <rpminfo_test id="oval:org.opensuse.security:tst:2009044278" version="1" comment="ekiga is <2.0.5-0.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57860 <object object_ref="oval:org.opensuse.security:obj:2009032753"/> 57861 <state state_ref="oval:org.opensuse.security:ste:2009035078"/> 57862 </rpminfo_test> 57863 <rpminfo_test id="oval:org.opensuse.security:tst:2009044279" version="1" comment="opal is <2.2.5-0.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57864 <object object_ref="oval:org.opensuse.security:obj:2009031411"/> 57865 <state state_ref="oval:org.opensuse.security:ste:2009035079"/> 57866 </rpminfo_test> 57867 <rpminfo_test id="oval:org.opensuse.security:tst:2009044280" version="1" comment="pwlib-plugins-avc is <1.10.4-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57868 <object object_ref="oval:org.opensuse.security:obj:2009032754"/> 57869 <state state_ref="oval:org.opensuse.security:ste:2009033010"/> 57870 </rpminfo_test> 57871 <rpminfo_test id="oval:org.opensuse.security:tst:2009044281" version="1" comment="pwlib-plugins-dc is <1.10.4-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57872 <object object_ref="oval:org.opensuse.security:obj:2009032755"/> 57873 <state state_ref="oval:org.opensuse.security:ste:2009033010"/> 57874 </rpminfo_test> 57875 <rpminfo_test id="oval:org.opensuse.security:tst:2009044282" version="1" comment="pwlib-plugins-v4l2 is <1.10.4-0.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57876 <object object_ref="oval:org.opensuse.security:obj:2009032756"/> 57877 <state state_ref="oval:org.opensuse.security:ste:2009033010"/> 57878 </rpminfo_test> 57879 <rpminfo_test id="oval:org.opensuse.security:tst:2009060834" version="1" comment="kernel-default is <2.6.16.60-0.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57880 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 57881 <state state_ref="oval:org.opensuse.security:ste:2009038208"/> 57882 </rpminfo_test> 57883 <rpminfo_test id="oval:org.opensuse.security:tst:2009060841" version="1" comment="kernel-smp is <2.6.16.60-0.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57884 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 57885 <state state_ref="oval:org.opensuse.security:ste:2009038208"/> 57886 </rpminfo_test> 57887 <rpminfo_test id="oval:org.opensuse.security:tst:2009060838" version="1" comment="kernel-source is <2.6.16.60-0.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57888 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 57889 <state state_ref="oval:org.opensuse.security:ste:2009038208"/> 57890 </rpminfo_test> 57891 <rpminfo_test id="oval:org.opensuse.security:tst:2009060839" version="1" comment="kernel-syms is <2.6.16.60-0.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57892 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 57893 <state state_ref="oval:org.opensuse.security:ste:2009038208"/> 57894 </rpminfo_test> 57895 <rpminfo_test id="oval:org.opensuse.security:tst:2009060842" version="1" comment="kernel-xen is <2.6.16.60-0.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57896 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 57897 <state state_ref="oval:org.opensuse.security:ste:2009038208"/> 57898 </rpminfo_test> 57899 <rpminfo_test id="oval:org.opensuse.security:tst:2009060843" version="1" comment="kernel-bigsmp is <2.6.16.60-0.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57900 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 57901 <state state_ref="oval:org.opensuse.security:ste:2009038208"/> 57902 </rpminfo_test> 57903 <rpminfo_test id="oval:org.opensuse.security:tst:2009060844" version="1" comment="kernel-xenpae is <2.6.16.60-0.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57904 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 57905 <state state_ref="oval:org.opensuse.security:ste:2009038208"/> 57906 </rpminfo_test> 57907 <rpminfo_test id="oval:org.opensuse.security:tst:2009048154" version="1" comment="sletc-release is ==10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57908 <object object_ref="oval:org.opensuse.security:obj:2009032869"/> 57909 <state state_ref="oval:org.opensuse.security:ste:2009032190"/> 57910 </rpminfo_test> 57911 <rpminfo_test id="oval:org.opensuse.security:tst:2009048155" version="1" comment="qemu is <0.8.2-37.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57912 <object object_ref="oval:org.opensuse.security:obj:2009031639"/> 57913 <state state_ref="oval:org.opensuse.security:ste:2009035895"/> 57914 </rpminfo_test> 57915 <rpminfo_test id="oval:org.opensuse.security:tst:2009070508" version="1" comment="glibc-32bit is <2.4-31.77.76.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57916 <object object_ref="oval:org.opensuse.security:obj:2009031922"/> 57917 <state state_ref="oval:org.opensuse.security:ste:2009039937"/> 57918 </rpminfo_test> 57919 <rpminfo_test id="oval:org.opensuse.security:tst:2009070509" version="1" comment="glibc-devel-32bit is <2.4-31.77.76.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57920 <object object_ref="oval:org.opensuse.security:obj:2009031923"/> 57921 <state state_ref="oval:org.opensuse.security:ste:2009039937"/> 57922 </rpminfo_test> 57923 <rpminfo_test id="oval:org.opensuse.security:tst:2009070510" version="1" comment="glibc-devel is <2.4-31.77.76.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57924 <object object_ref="oval:org.opensuse.security:obj:2009031924"/> 57925 <state state_ref="oval:org.opensuse.security:ste:2009039937"/> 57926 </rpminfo_test> 57927 <rpminfo_test id="oval:org.opensuse.security:tst:2009070511" version="1" comment="glibc-html is <2.4-31.77.76.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57928 <object object_ref="oval:org.opensuse.security:obj:2009032391"/> 57929 <state state_ref="oval:org.opensuse.security:ste:2009039937"/> 57930 </rpminfo_test> 57931 <rpminfo_test id="oval:org.opensuse.security:tst:2009070512" version="1" comment="glibc-i18ndata is <2.4-31.77.76.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57932 <object object_ref="oval:org.opensuse.security:obj:2009032392"/> 57933 <state state_ref="oval:org.opensuse.security:ste:2009039937"/> 57934 </rpminfo_test> 57935 <rpminfo_test id="oval:org.opensuse.security:tst:2009070513" version="1" comment="glibc-info is <2.4-31.77.76.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57936 <object object_ref="oval:org.opensuse.security:obj:2009032393"/> 57937 <state state_ref="oval:org.opensuse.security:ste:2009039937"/> 57938 </rpminfo_test> 57939 <rpminfo_test id="oval:org.opensuse.security:tst:2009070514" version="1" comment="glibc-locale-32bit is <2.4-31.77.76.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57940 <object object_ref="oval:org.opensuse.security:obj:2009030531"/> 57941 <state state_ref="oval:org.opensuse.security:ste:2009039937"/> 57942 </rpminfo_test> 57943 <rpminfo_test id="oval:org.opensuse.security:tst:2009070515" version="1" comment="glibc-locale is <2.4-31.77.76.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57944 <object object_ref="oval:org.opensuse.security:obj:2009031925"/> 57945 <state state_ref="oval:org.opensuse.security:ste:2009039937"/> 57946 </rpminfo_test> 57947 <rpminfo_test id="oval:org.opensuse.security:tst:2009070516" version="1" comment="glibc is <2.4-31.77.76.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57948 <object object_ref="oval:org.opensuse.security:obj:2009031926"/> 57949 <state state_ref="oval:org.opensuse.security:ste:2009039937"/> 57950 </rpminfo_test> 57951 <rpminfo_test id="oval:org.opensuse.security:tst:2009070517" version="1" comment="nscd is <2.4-31.77.76.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57952 <object object_ref="oval:org.opensuse.security:obj:2009032399"/> 57953 <state state_ref="oval:org.opensuse.security:ste:2009039937"/> 57954 </rpminfo_test> 57955 <rpminfo_test id="oval:org.opensuse.security:tst:2009068047" version="1" comment="dbus-1-32bit is <0.60-33.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57956 <object object_ref="oval:org.opensuse.security:obj:2009030889"/> 57957 <state state_ref="oval:org.opensuse.security:ste:2009039479"/> 57958 </rpminfo_test> 57959 <rpminfo_test id="oval:org.opensuse.security:tst:2009068049" version="1" comment="dbus-1-devel is <0.60-33.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57960 <object object_ref="oval:org.opensuse.security:obj:2009031621"/> 57961 <state state_ref="oval:org.opensuse.security:ste:2009039479"/> 57962 </rpminfo_test> 57963 <rpminfo_test id="oval:org.opensuse.security:tst:2009068050" version="1" comment="dbus-1-glib-32bit is <0.60-33.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57964 <object object_ref="oval:org.opensuse.security:obj:2009031622"/> 57965 <state state_ref="oval:org.opensuse.security:ste:2009039479"/> 57966 </rpminfo_test> 57967 <rpminfo_test id="oval:org.opensuse.security:tst:2009068053" version="1" comment="dbus-1-glib is <0.60-33.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57968 <object object_ref="oval:org.opensuse.security:obj:2009031626"/> 57969 <state state_ref="oval:org.opensuse.security:ste:2009039479"/> 57970 </rpminfo_test> 57971 <rpminfo_test id="oval:org.opensuse.security:tst:2009068054" version="1" comment="dbus-1-gtk is <0.60-33.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57972 <object object_ref="oval:org.opensuse.security:obj:2009032480"/> 57973 <state state_ref="oval:org.opensuse.security:ste:2009039479"/> 57974 </rpminfo_test> 57975 <rpminfo_test id="oval:org.opensuse.security:tst:2009068056" version="1" comment="dbus-1-mono is <0.60-33.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57976 <object object_ref="oval:org.opensuse.security:obj:2009031627"/> 57977 <state state_ref="oval:org.opensuse.security:ste:2009039479"/> 57978 </rpminfo_test> 57979 <rpminfo_test id="oval:org.opensuse.security:tst:2009068057" version="1" comment="dbus-1-python is <0.60-33.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57980 <object object_ref="oval:org.opensuse.security:obj:2009031628"/> 57981 <state state_ref="oval:org.opensuse.security:ste:2009039479"/> 57982 </rpminfo_test> 57983 <rpminfo_test id="oval:org.opensuse.security:tst:2009068058" version="1" comment="dbus-1-qt3-32bit is <0.60-33.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57984 <object object_ref="oval:org.opensuse.security:obj:2009031629"/> 57985 <state state_ref="oval:org.opensuse.security:ste:2009039479"/> 57986 </rpminfo_test> 57987 <rpminfo_test id="oval:org.opensuse.security:tst:2009068060" version="1" comment="dbus-1-qt3-devel is <0.60-33.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57988 <object object_ref="oval:org.opensuse.security:obj:2009031631"/> 57989 <state state_ref="oval:org.opensuse.security:ste:2009039479"/> 57990 </rpminfo_test> 57991 <rpminfo_test id="oval:org.opensuse.security:tst:2009068062" version="1" comment="dbus-1-qt3 is <0.60-33.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57992 <object object_ref="oval:org.opensuse.security:obj:2009031632"/> 57993 <state state_ref="oval:org.opensuse.security:ste:2009039479"/> 57994 </rpminfo_test> 57995 <rpminfo_test id="oval:org.opensuse.security:tst:2009068063" version="1" comment="dbus-1-x11 is <0.60-33.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 57996 <object object_ref="oval:org.opensuse.security:obj:2009031633"/> 57997 <state state_ref="oval:org.opensuse.security:ste:2009039479"/> 57998 </rpminfo_test> 57999 <rpminfo_test id="oval:org.opensuse.security:tst:2009068065" version="1" comment="dbus-1 is <0.60-33.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58000 <object object_ref="oval:org.opensuse.security:obj:2009030891"/> 58001 <state state_ref="oval:org.opensuse.security:ste:2009039479"/> 58002 </rpminfo_test> 58003 <rpminfo_test id="oval:org.opensuse.security:tst:2009065536" version="1" comment="ed is <0.2-881.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58004 <object object_ref="oval:org.opensuse.security:obj:2009034030"/> 58005 <state state_ref="oval:org.opensuse.security:ste:2009038912"/> 58006 </rpminfo_test> 58007 <rpminfo_test id="oval:org.opensuse.security:tst:2009060849" version="1" comment="flash-player is <9.0.277.0-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58008 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 58009 <state state_ref="oval:org.opensuse.security:ste:2009038210"/> 58010 </rpminfo_test> 58011 <rpminfo_test id="oval:org.opensuse.security:tst:2009065300" version="1" comment="kdenetwork3-InstantMessenger is <3.5.1-32.34.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58012 <object object_ref="oval:org.opensuse.security:obj:2009032155"/> 58013 <state state_ref="oval:org.opensuse.security:ste:2009038868"/> 58014 </rpminfo_test> 58015 <rpminfo_test id="oval:org.opensuse.security:tst:2009065301" version="1" comment="kdenetwork3-news is <3.5.1-32.34.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58016 <object object_ref="oval:org.opensuse.security:obj:2009032670"/> 58017 <state state_ref="oval:org.opensuse.security:ste:2009038868"/> 58018 </rpminfo_test> 58019 <rpminfo_test id="oval:org.opensuse.security:tst:2009065302" version="1" comment="kdenetwork3-vnc is <3.5.1-32.34.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58020 <object object_ref="oval:org.opensuse.security:obj:2009032671"/> 58021 <state state_ref="oval:org.opensuse.security:ste:2009038868"/> 58022 </rpminfo_test> 58023 <rpminfo_test id="oval:org.opensuse.security:tst:2009065303" version="1" comment="kdenetwork3 is <3.5.1-32.34.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58024 <object object_ref="oval:org.opensuse.security:obj:2009031951"/> 58025 <state state_ref="oval:org.opensuse.security:ste:2009038868"/> 58026 </rpminfo_test> 58027 <rpminfo_test id="oval:org.opensuse.security:tst:2009069579" version="1" comment="compat-openssl097g-32bit is <0.9.7g-13.21.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58028 <object object_ref="oval:org.opensuse.security:obj:2009031424"/> 58029 <state state_ref="oval:org.opensuse.security:ste:2009039752"/> 58030 </rpminfo_test> 58031 <rpminfo_test id="oval:org.opensuse.security:tst:2009069580" version="1" comment="compat-openssl097g is <0.9.7g-13.21.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58032 <object object_ref="oval:org.opensuse.security:obj:2009031426"/> 58033 <state state_ref="oval:org.opensuse.security:ste:2009039752"/> 58034 </rpminfo_test> 58035 <rpminfo_test id="oval:org.opensuse.security:tst:2009067079" version="1" comment="audiofile-32bit is <0.2.6-17.10.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58036 <object object_ref="oval:org.opensuse.security:obj:2009030867"/> 58037 <state state_ref="oval:org.opensuse.security:ste:2009039224"/> 58038 </rpminfo_test> 58039 <rpminfo_test id="oval:org.opensuse.security:tst:2009067080" version="1" comment="audiofile-devel is <0.2.6-17.10.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58040 <object object_ref="oval:org.opensuse.security:obj:2009031860"/> 58041 <state state_ref="oval:org.opensuse.security:ste:2009039224"/> 58042 </rpminfo_test> 58043 <rpminfo_test id="oval:org.opensuse.security:tst:2009067081" version="1" comment="audiofile is <0.2.6-17.10.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58044 <object object_ref="oval:org.opensuse.security:obj:2009030868"/> 58045 <state state_ref="oval:org.opensuse.security:ste:2009039224"/> 58046 </rpminfo_test> 58047 <rpminfo_test id="oval:org.opensuse.security:tst:2009066628" version="1" comment="audiofile-32bit is <0.2.6-17.10.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58048 <object object_ref="oval:org.opensuse.security:obj:2009030867"/> 58049 <state state_ref="oval:org.opensuse.security:ste:2009039150"/> 58050 </rpminfo_test> 58051 <rpminfo_test id="oval:org.opensuse.security:tst:2009066629" version="1" comment="audiofile-devel is <0.2.6-17.10.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58052 <object object_ref="oval:org.opensuse.security:obj:2009031860"/> 58053 <state state_ref="oval:org.opensuse.security:ste:2009039151"/> 58054 </rpminfo_test> 58055 <rpminfo_test id="oval:org.opensuse.security:tst:2009066630" version="1" comment="audiofile-devel is <0.2.6-17.10.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58056 <object object_ref="oval:org.opensuse.security:obj:2009031860"/> 58057 <state state_ref="oval:org.opensuse.security:ste:2009039150"/> 58058 </rpminfo_test> 58059 <rpminfo_test id="oval:org.opensuse.security:tst:2009066631" version="1" comment="audiofile is <0.2.6-17.10.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58060 <object object_ref="oval:org.opensuse.security:obj:2009030868"/> 58061 <state state_ref="oval:org.opensuse.security:ste:2009039151"/> 58062 </rpminfo_test> 58063 <rpminfo_test id="oval:org.opensuse.security:tst:2009066632" version="1" comment="audiofile is <0.2.6-17.10.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58064 <object object_ref="oval:org.opensuse.security:obj:2009030868"/> 58065 <state state_ref="oval:org.opensuse.security:ste:2009039150"/> 58066 </rpminfo_test> 58067 <rpminfo_test id="oval:org.opensuse.security:tst:2009061260" version="1" comment="MozillaFirefox-translations is <3.5.10-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58068 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 58069 <state state_ref="oval:org.opensuse.security:ste:2009038284"/> 58070 </rpminfo_test> 58071 <rpminfo_test id="oval:org.opensuse.security:tst:2009061261" version="1" comment="MozillaFirefox is <3.5.10-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58072 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 58073 <state state_ref="oval:org.opensuse.security:ste:2009038284"/> 58074 </rpminfo_test> 58075 <rpminfo_test id="oval:org.opensuse.security:tst:2009061262" version="1" comment="mozilla-xulrunner191-32bit is <1.9.1.10-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58076 <object object_ref="oval:org.opensuse.security:obj:2009033425"/> 58077 <state state_ref="oval:org.opensuse.security:ste:2009038285"/> 58078 </rpminfo_test> 58079 <rpminfo_test id="oval:org.opensuse.security:tst:2009061263" version="1" comment="mozilla-xulrunner191-gnomevfs-32bit is <1.9.1.10-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58080 <object object_ref="oval:org.opensuse.security:obj:2009033431"/> 58081 <state state_ref="oval:org.opensuse.security:ste:2009038285"/> 58082 </rpminfo_test> 58083 <rpminfo_test id="oval:org.opensuse.security:tst:2009061264" version="1" comment="mozilla-xulrunner191-gnomevfs is <1.9.1.10-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58084 <object object_ref="oval:org.opensuse.security:obj:2009033426"/> 58085 <state state_ref="oval:org.opensuse.security:ste:2009038285"/> 58086 </rpminfo_test> 58087 <rpminfo_test id="oval:org.opensuse.security:tst:2009061265" version="1" comment="mozilla-xulrunner191-translations-32bit is <1.9.1.10-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58088 <object object_ref="oval:org.opensuse.security:obj:2009033433"/> 58089 <state state_ref="oval:org.opensuse.security:ste:2009038285"/> 58090 </rpminfo_test> 58091 <rpminfo_test id="oval:org.opensuse.security:tst:2009061266" version="1" comment="mozilla-xulrunner191-translations is <1.9.1.10-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58092 <object object_ref="oval:org.opensuse.security:obj:2009033427"/> 58093 <state state_ref="oval:org.opensuse.security:ste:2009038285"/> 58094 </rpminfo_test> 58095 <rpminfo_test id="oval:org.opensuse.security:tst:2009061267" version="1" comment="mozilla-xulrunner191 is <1.9.1.10-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58096 <object object_ref="oval:org.opensuse.security:obj:2009033429"/> 58097 <state state_ref="oval:org.opensuse.security:ste:2009038285"/> 58098 </rpminfo_test> 58099 <rpminfo_test id="oval:org.opensuse.security:tst:2009069827" version="1" comment="libpng-32bit is <1.2.8-19.31.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58100 <object object_ref="oval:org.opensuse.security:obj:2009030638"/> 58101 <state state_ref="oval:org.opensuse.security:ste:2009039806"/> 58102 </rpminfo_test> 58103 <rpminfo_test id="oval:org.opensuse.security:tst:2009069829" version="1" comment="libpng-devel-32bit is <1.2.8-19.31.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58104 <object object_ref="oval:org.opensuse.security:obj:2009031449"/> 58105 <state state_ref="oval:org.opensuse.security:ste:2009039806"/> 58106 </rpminfo_test> 58107 <rpminfo_test id="oval:org.opensuse.security:tst:2009069831" version="1" comment="libpng-devel is <1.2.8-19.31.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58108 <object object_ref="oval:org.opensuse.security:obj:2009030639"/> 58109 <state state_ref="oval:org.opensuse.security:ste:2009039806"/> 58110 </rpminfo_test> 58111 <rpminfo_test id="oval:org.opensuse.security:tst:2009069833" version="1" comment="libpng is <1.2.8-19.31.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58112 <object object_ref="oval:org.opensuse.security:obj:2009030640"/> 58113 <state state_ref="oval:org.opensuse.security:ste:2009039806"/> 58114 </rpminfo_test> 58115 <rpminfo_test id="oval:org.opensuse.security:tst:2009058919" version="1" comment="mysql-client is <5.0.26-12.28.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58116 <object object_ref="oval:org.opensuse.security:obj:2009030723"/> 58117 <state state_ref="oval:org.opensuse.security:ste:2009037898"/> 58118 </rpminfo_test> 58119 <rpminfo_test id="oval:org.opensuse.security:tst:2009058920" version="1" comment="mysql-devel is <5.0.26-12.28.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58120 <object object_ref="oval:org.opensuse.security:obj:2009030570"/> 58121 <state state_ref="oval:org.opensuse.security:ste:2009037898"/> 58122 </rpminfo_test> 58123 <rpminfo_test id="oval:org.opensuse.security:tst:2009058921" version="1" comment="mysql-shared-32bit is <5.0.26-12.28.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58124 <object object_ref="oval:org.opensuse.security:obj:2009032264"/> 58125 <state state_ref="oval:org.opensuse.security:ste:2009037898"/> 58126 </rpminfo_test> 58127 <rpminfo_test id="oval:org.opensuse.security:tst:2009058922" version="1" comment="mysql-shared is <5.0.26-12.28.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58128 <object object_ref="oval:org.opensuse.security:obj:2009030724"/> 58129 <state state_ref="oval:org.opensuse.security:ste:2009037898"/> 58130 </rpminfo_test> 58131 <rpminfo_test id="oval:org.opensuse.security:tst:2009058923" version="1" comment="mysql is <5.0.26-12.28.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58132 <object object_ref="oval:org.opensuse.security:obj:2009030424"/> 58133 <state state_ref="oval:org.opensuse.security:ste:2009037898"/> 58134 </rpminfo_test> 58135 <rpminfo_test id="oval:org.opensuse.security:tst:2009064327" version="1" comment="openssl-32bit is <0.9.8a-18.43.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58136 <object object_ref="oval:org.opensuse.security:obj:2009030634"/> 58137 <state state_ref="oval:org.opensuse.security:ste:2009038725"/> 58138 </rpminfo_test> 58139 <rpminfo_test id="oval:org.opensuse.security:tst:2009064328" version="1" comment="openssl-devel-32bit is <0.9.8a-18.43.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58140 <object object_ref="oval:org.opensuse.security:obj:2009030635"/> 58141 <state state_ref="oval:org.opensuse.security:ste:2009038725"/> 58142 </rpminfo_test> 58143 <rpminfo_test id="oval:org.opensuse.security:tst:2009064329" version="1" comment="openssl-devel is <0.9.8a-18.43.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58144 <object object_ref="oval:org.opensuse.security:obj:2009030587"/> 58145 <state state_ref="oval:org.opensuse.security:ste:2009038725"/> 58146 </rpminfo_test> 58147 <rpminfo_test id="oval:org.opensuse.security:tst:2009064330" version="1" comment="openssl is <0.9.8a-18.43.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58148 <object object_ref="oval:org.opensuse.security:obj:2009030588"/> 58149 <state state_ref="oval:org.opensuse.security:ste:2009038725"/> 58150 </rpminfo_test> 58151 <rpminfo_test id="oval:org.opensuse.security:tst:2009058672" version="1" comment="OpenOffice_org-af is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58152 <object object_ref="oval:org.opensuse.security:obj:2009031377"/> 58153 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58154 </rpminfo_test> 58155 <rpminfo_test id="oval:org.opensuse.security:tst:2009058673" version="1" comment="OpenOffice_org-ar is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58156 <object object_ref="oval:org.opensuse.security:obj:2009030617"/> 58157 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58158 </rpminfo_test> 58159 <rpminfo_test id="oval:org.opensuse.security:tst:2009058674" version="1" comment="OpenOffice_org-ca is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58160 <object object_ref="oval:org.opensuse.security:obj:2009030618"/> 58161 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58162 </rpminfo_test> 58163 <rpminfo_test id="oval:org.opensuse.security:tst:2009058675" version="1" comment="OpenOffice_org-cs is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58164 <object object_ref="oval:org.opensuse.security:obj:2009030485"/> 58165 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58166 </rpminfo_test> 58167 <rpminfo_test id="oval:org.opensuse.security:tst:2009058676" version="1" comment="OpenOffice_org-da is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58168 <object object_ref="oval:org.opensuse.security:obj:2009030486"/> 58169 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58170 </rpminfo_test> 58171 <rpminfo_test id="oval:org.opensuse.security:tst:2009058677" version="1" comment="OpenOffice_org-de is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58172 <object object_ref="oval:org.opensuse.security:obj:2009030487"/> 58173 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58174 </rpminfo_test> 58175 <rpminfo_test id="oval:org.opensuse.security:tst:2009058678" version="1" comment="OpenOffice_org-es is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58176 <object object_ref="oval:org.opensuse.security:obj:2009030490"/> 58177 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58178 </rpminfo_test> 58179 <rpminfo_test id="oval:org.opensuse.security:tst:2009058679" version="1" comment="OpenOffice_org-fi is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58180 <object object_ref="oval:org.opensuse.security:obj:2009030491"/> 58181 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58182 </rpminfo_test> 58183 <rpminfo_test id="oval:org.opensuse.security:tst:2009058680" version="1" comment="OpenOffice_org-fr is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58184 <object object_ref="oval:org.opensuse.security:obj:2009030492"/> 58185 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58186 </rpminfo_test> 58187 <rpminfo_test id="oval:org.opensuse.security:tst:2009058681" version="1" comment="OpenOffice_org-galleries is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58188 <object object_ref="oval:org.opensuse.security:obj:2009032226"/> 58189 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58190 </rpminfo_test> 58191 <rpminfo_test id="oval:org.opensuse.security:tst:2009058682" version="1" comment="OpenOffice_org-gnome is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58192 <object object_ref="oval:org.opensuse.security:obj:2009030493"/> 58193 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58194 </rpminfo_test> 58195 <rpminfo_test id="oval:org.opensuse.security:tst:2009058683" version="1" comment="OpenOffice_org-gu-IN is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58196 <object object_ref="oval:org.opensuse.security:obj:2009031382"/> 58197 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58198 </rpminfo_test> 58199 <rpminfo_test id="oval:org.opensuse.security:tst:2009058684" version="1" comment="OpenOffice_org-hi-IN is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58200 <object object_ref="oval:org.opensuse.security:obj:2009031383"/> 58201 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58202 </rpminfo_test> 58203 <rpminfo_test id="oval:org.opensuse.security:tst:2009058685" version="1" comment="OpenOffice_org-hu is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58204 <object object_ref="oval:org.opensuse.security:obj:2009030494"/> 58205 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58206 </rpminfo_test> 58207 <rpminfo_test id="oval:org.opensuse.security:tst:2009058686" version="1" comment="OpenOffice_org-it is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58208 <object object_ref="oval:org.opensuse.security:obj:2009030495"/> 58209 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58210 </rpminfo_test> 58211 <rpminfo_test id="oval:org.opensuse.security:tst:2009058687" version="1" comment="OpenOffice_org-ja is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58212 <object object_ref="oval:org.opensuse.security:obj:2009030496"/> 58213 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58214 </rpminfo_test> 58215 <rpminfo_test id="oval:org.opensuse.security:tst:2009058688" version="1" comment="OpenOffice_org-kde is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58216 <object object_ref="oval:org.opensuse.security:obj:2009030497"/> 58217 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58218 </rpminfo_test> 58219 <rpminfo_test id="oval:org.opensuse.security:tst:2009058689" version="1" comment="OpenOffice_org-mono is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58220 <object object_ref="oval:org.opensuse.security:obj:2009031354"/> 58221 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58222 </rpminfo_test> 58223 <rpminfo_test id="oval:org.opensuse.security:tst:2009058690" version="1" comment="OpenOffice_org-nb is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58224 <object object_ref="oval:org.opensuse.security:obj:2009031388"/> 58225 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58226 </rpminfo_test> 58227 <rpminfo_test id="oval:org.opensuse.security:tst:2009058691" version="1" comment="OpenOffice_org-nl is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58228 <object object_ref="oval:org.opensuse.security:obj:2009030622"/> 58229 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58230 </rpminfo_test> 58231 <rpminfo_test id="oval:org.opensuse.security:tst:2009058692" version="1" comment="OpenOffice_org-nld is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58232 <object object_ref="oval:org.opensuse.security:obj:2009032702"/> 58233 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58234 </rpminfo_test> 58235 <rpminfo_test id="oval:org.opensuse.security:tst:2009058693" version="1" comment="OpenOffice_org-nn is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58236 <object object_ref="oval:org.opensuse.security:obj:2009031389"/> 58237 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58238 </rpminfo_test> 58239 <rpminfo_test id="oval:org.opensuse.security:tst:2009058694" version="1" comment="OpenOffice_org-pl is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58240 <object object_ref="oval:org.opensuse.security:obj:2009030498"/> 58241 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58242 </rpminfo_test> 58243 <rpminfo_test id="oval:org.opensuse.security:tst:2009058695" version="1" comment="OpenOffice_org-pt-BR is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58244 <object object_ref="oval:org.opensuse.security:obj:2009030623"/> 58245 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58246 </rpminfo_test> 58247 <rpminfo_test id="oval:org.opensuse.security:tst:2009058696" version="1" comment="OpenOffice_org-ru is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58248 <object object_ref="oval:org.opensuse.security:obj:2009030500"/> 58249 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58250 </rpminfo_test> 58251 <rpminfo_test id="oval:org.opensuse.security:tst:2009058697" version="1" comment="OpenOffice_org-sk is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58252 <object object_ref="oval:org.opensuse.security:obj:2009030501"/> 58253 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58254 </rpminfo_test> 58255 <rpminfo_test id="oval:org.opensuse.security:tst:2009058698" version="1" comment="OpenOffice_org-sv is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58256 <object object_ref="oval:org.opensuse.security:obj:2009030502"/> 58257 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58258 </rpminfo_test> 58259 <rpminfo_test id="oval:org.opensuse.security:tst:2009058699" version="1" comment="OpenOffice_org-xh is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58260 <object object_ref="oval:org.opensuse.security:obj:2009031396"/> 58261 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58262 </rpminfo_test> 58263 <rpminfo_test id="oval:org.opensuse.security:tst:2009058700" version="1" comment="OpenOffice_org-zh-CN is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58264 <object object_ref="oval:org.opensuse.security:obj:2009030503"/> 58265 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58266 </rpminfo_test> 58267 <rpminfo_test id="oval:org.opensuse.security:tst:2009058701" version="1" comment="OpenOffice_org-zh-TW is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58268 <object object_ref="oval:org.opensuse.security:obj:2009030504"/> 58269 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58270 </rpminfo_test> 58271 <rpminfo_test id="oval:org.opensuse.security:tst:2009058702" version="1" comment="OpenOffice_org-zu is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58272 <object object_ref="oval:org.opensuse.security:obj:2009031397"/> 58273 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58274 </rpminfo_test> 58275 <rpminfo_test id="oval:org.opensuse.security:tst:2009058703" version="1" comment="OpenOffice_org is <3.2-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58276 <object object_ref="oval:org.opensuse.security:obj:2009030505"/> 58277 <state state_ref="oval:org.opensuse.security:ste:2009037876"/> 58278 </rpminfo_test> 58279 <rpminfo_test id="oval:org.opensuse.security:tst:2009060320" version="1" comment="evolution-data-server-32bit is <1.6.0-43.92.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58280 <object object_ref="oval:org.opensuse.security:obj:2009030992"/> 58281 <state state_ref="oval:org.opensuse.security:ste:2009038133"/> 58282 </rpminfo_test> 58283 <rpminfo_test id="oval:org.opensuse.security:tst:2009060321" version="1" comment="evolution-data-server-devel is <1.6.0-43.92.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58284 <object object_ref="oval:org.opensuse.security:obj:2009031899"/> 58285 <state state_ref="oval:org.opensuse.security:ste:2009038133"/> 58286 </rpminfo_test> 58287 <rpminfo_test id="oval:org.opensuse.security:tst:2009060322" version="1" comment="evolution-data-server is <1.6.0-43.92.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58288 <object object_ref="oval:org.opensuse.security:obj:2009030995"/> 58289 <state state_ref="oval:org.opensuse.security:ste:2009038133"/> 58290 </rpminfo_test> 58291 <rpminfo_test id="oval:org.opensuse.security:tst:2009056794" version="1" comment="kdelibs3-32bit is <3.5.1-49.53.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58292 <object object_ref="oval:org.opensuse.security:obj:2009030600"/> 58293 <state state_ref="oval:org.opensuse.security:ste:2009037511"/> 58294 </rpminfo_test> 58295 <rpminfo_test id="oval:org.opensuse.security:tst:2009056795" version="1" comment="kdelibs3-arts-32bit is <3.5.1-49.53.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58296 <object object_ref="oval:org.opensuse.security:obj:2009031698"/> 58297 <state state_ref="oval:org.opensuse.security:ste:2009037511"/> 58298 </rpminfo_test> 58299 <rpminfo_test id="oval:org.opensuse.security:tst:2009056796" version="1" comment="kdelibs3-arts is <3.5.1-49.53.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58300 <object object_ref="oval:org.opensuse.security:obj:2009031700"/> 58301 <state state_ref="oval:org.opensuse.security:ste:2009037511"/> 58302 </rpminfo_test> 58303 <rpminfo_test id="oval:org.opensuse.security:tst:2009056797" version="1" comment="kdelibs3-devel is <3.5.1-49.53.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58304 <object object_ref="oval:org.opensuse.security:obj:2009030543"/> 58305 <state state_ref="oval:org.opensuse.security:ste:2009037511"/> 58306 </rpminfo_test> 58307 <rpminfo_test id="oval:org.opensuse.security:tst:2009056798" version="1" comment="kdelibs3-doc is <3.5.1-49.53.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58308 <object object_ref="oval:org.opensuse.security:obj:2009031704"/> 58309 <state state_ref="oval:org.opensuse.security:ste:2009037511"/> 58310 </rpminfo_test> 58311 <rpminfo_test id="oval:org.opensuse.security:tst:2009056799" version="1" comment="kdelibs3 is <3.5.1-49.53.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58312 <object object_ref="oval:org.opensuse.security:obj:2009030439"/> 58313 <state state_ref="oval:org.opensuse.security:ste:2009037511"/> 58314 </rpminfo_test> 58315 <rpminfo_test id="oval:org.opensuse.security:tst:2009055908" version="1" comment="MozillaFirefox-translations is <3.5.4-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58316 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 58317 <state state_ref="oval:org.opensuse.security:ste:2009037296"/> 58318 </rpminfo_test> 58319 <rpminfo_test id="oval:org.opensuse.security:tst:2009055909" version="1" comment="MozillaFirefox is <3.5.4-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58320 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 58321 <state state_ref="oval:org.opensuse.security:ste:2009037296"/> 58322 </rpminfo_test> 58323 <rpminfo_test id="oval:org.opensuse.security:tst:2009055910" version="1" comment="mozilla-xulrunner191-32bit is <1.9.1.4-2.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58324 <object object_ref="oval:org.opensuse.security:obj:2009033425"/> 58325 <state state_ref="oval:org.opensuse.security:ste:2009037297"/> 58326 </rpminfo_test> 58327 <rpminfo_test id="oval:org.opensuse.security:tst:2009055911" version="1" comment="mozilla-xulrunner191-gnomevfs-32bit is <1.9.1.4-2.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58328 <object object_ref="oval:org.opensuse.security:obj:2009033431"/> 58329 <state state_ref="oval:org.opensuse.security:ste:2009037297"/> 58330 </rpminfo_test> 58331 <rpminfo_test id="oval:org.opensuse.security:tst:2009055912" version="1" comment="mozilla-xulrunner191-gnomevfs is <1.9.1.4-2.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58332 <object object_ref="oval:org.opensuse.security:obj:2009033426"/> 58333 <state state_ref="oval:org.opensuse.security:ste:2009037297"/> 58334 </rpminfo_test> 58335 <rpminfo_test id="oval:org.opensuse.security:tst:2009055913" version="1" comment="mozilla-xulrunner191-translations-32bit is <1.9.1.4-2.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58336 <object object_ref="oval:org.opensuse.security:obj:2009033433"/> 58337 <state state_ref="oval:org.opensuse.security:ste:2009037297"/> 58338 </rpminfo_test> 58339 <rpminfo_test id="oval:org.opensuse.security:tst:2009055914" version="1" comment="mozilla-xulrunner191-translations is <1.9.1.4-2.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58340 <object object_ref="oval:org.opensuse.security:obj:2009033427"/> 58341 <state state_ref="oval:org.opensuse.security:ste:2009037297"/> 58342 </rpminfo_test> 58343 <rpminfo_test id="oval:org.opensuse.security:tst:2009055915" version="1" comment="mozilla-xulrunner191 is <1.9.1.4-2.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58344 <object object_ref="oval:org.opensuse.security:obj:2009033429"/> 58345 <state state_ref="oval:org.opensuse.security:ste:2009037297"/> 58346 </rpminfo_test> 58347 <rpminfo_test id="oval:org.opensuse.security:tst:2009055919" version="1" comment="mozilla-xulrunner190-32bit is <1.9.0.15-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58348 <object object_ref="oval:org.opensuse.security:obj:2009030968"/> 58349 <state state_ref="oval:org.opensuse.security:ste:2009037298"/> 58350 </rpminfo_test> 58351 <rpminfo_test id="oval:org.opensuse.security:tst:2009055920" version="1" comment="mozilla-xulrunner190-gnomevfs-32bit is <1.9.0.15-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58352 <object object_ref="oval:org.opensuse.security:obj:2009032851"/> 58353 <state state_ref="oval:org.opensuse.security:ste:2009037298"/> 58354 </rpminfo_test> 58355 <rpminfo_test id="oval:org.opensuse.security:tst:2009055921" version="1" comment="mozilla-xulrunner190-gnomevfs is <1.9.0.15-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58356 <object object_ref="oval:org.opensuse.security:obj:2009030969"/> 58357 <state state_ref="oval:org.opensuse.security:ste:2009037298"/> 58358 </rpminfo_test> 58359 <rpminfo_test id="oval:org.opensuse.security:tst:2009055922" version="1" comment="mozilla-xulrunner190-translations-32bit is <1.9.0.15-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58360 <object object_ref="oval:org.opensuse.security:obj:2009032853"/> 58361 <state state_ref="oval:org.opensuse.security:ste:2009037298"/> 58362 </rpminfo_test> 58363 <rpminfo_test id="oval:org.opensuse.security:tst:2009055923" version="1" comment="mozilla-xulrunner190-translations is <1.9.0.15-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58364 <object object_ref="oval:org.opensuse.security:obj:2009030970"/> 58365 <state state_ref="oval:org.opensuse.security:ste:2009037298"/> 58366 </rpminfo_test> 58367 <rpminfo_test id="oval:org.opensuse.security:tst:2009055924" version="1" comment="mozilla-xulrunner190 is <1.9.0.15-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58368 <object object_ref="oval:org.opensuse.security:obj:2009030972"/> 58369 <state state_ref="oval:org.opensuse.security:ste:2009037298"/> 58370 </rpminfo_test> 58371 <rpminfo_test id="oval:org.opensuse.security:tst:2009056070" version="1" comment="mozilla-nspr-32bit is <4.8.2-1.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58372 <object object_ref="oval:org.opensuse.security:obj:2009032356"/> 58373 <state state_ref="oval:org.opensuse.security:ste:2009037322"/> 58374 </rpminfo_test> 58375 <rpminfo_test id="oval:org.opensuse.security:tst:2009056071" version="1" comment="mozilla-nspr-devel is <4.8.2-1.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58376 <object object_ref="oval:org.opensuse.security:obj:2009032357"/> 58377 <state state_ref="oval:org.opensuse.security:ste:2009037322"/> 58378 </rpminfo_test> 58379 <rpminfo_test id="oval:org.opensuse.security:tst:2009056072" version="1" comment="mozilla-nspr is <4.8.2-1.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58380 <object object_ref="oval:org.opensuse.security:obj:2009032358"/> 58381 <state state_ref="oval:org.opensuse.security:ste:2009037322"/> 58382 </rpminfo_test> 58383 <rpminfo_test id="oval:org.opensuse.security:tst:2009057614" version="1" comment="avahi-glib is <0.6.5-29.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58384 <object object_ref="oval:org.opensuse.security:obj:2009031843"/> 58385 <state state_ref="oval:org.opensuse.security:ste:2009037677"/> 58386 </rpminfo_test> 58387 <rpminfo_test id="oval:org.opensuse.security:tst:2009057615" version="1" comment="avahi is <0.6.5-29.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58388 <object object_ref="oval:org.opensuse.security:obj:2009031847"/> 58389 <state state_ref="oval:org.opensuse.security:ste:2009037677"/> 58390 </rpminfo_test> 58391 <rpminfo_test id="oval:org.opensuse.security:tst:2009056192" version="1" comment="dbus-1-qt-32bit is <4.3.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58392 <object object_ref="oval:org.opensuse.security:obj:2009032867"/> 58393 <state state_ref="oval:org.opensuse.security:ste:2009037340"/> 58394 </rpminfo_test> 58395 <rpminfo_test id="oval:org.opensuse.security:tst:2009056193" version="1" comment="dbus-1-qt is <4.3.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58396 <object object_ref="oval:org.opensuse.security:obj:2009032866"/> 58397 <state state_ref="oval:org.opensuse.security:ste:2009037340"/> 58398 </rpminfo_test> 58399 <rpminfo_test id="oval:org.opensuse.security:tst:2009056194" version="1" comment="qt-qt3support-32bit is <4.3.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58400 <object object_ref="oval:org.opensuse.security:obj:2009033478"/> 58401 <state state_ref="oval:org.opensuse.security:ste:2009037340"/> 58402 </rpminfo_test> 58403 <rpminfo_test id="oval:org.opensuse.security:tst:2009056195" version="1" comment="qt-qt3support is <4.3.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58404 <object object_ref="oval:org.opensuse.security:obj:2009033479"/> 58405 <state state_ref="oval:org.opensuse.security:ste:2009037340"/> 58406 </rpminfo_test> 58407 <rpminfo_test id="oval:org.opensuse.security:tst:2009056196" version="1" comment="qt-sql-32bit is <4.3.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58408 <object object_ref="oval:org.opensuse.security:obj:2009033480"/> 58409 <state state_ref="oval:org.opensuse.security:ste:2009037340"/> 58410 </rpminfo_test> 58411 <rpminfo_test id="oval:org.opensuse.security:tst:2009056197" version="1" comment="qt-sql is <4.3.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58412 <object object_ref="oval:org.opensuse.security:obj:2009033481"/> 58413 <state state_ref="oval:org.opensuse.security:ste:2009037340"/> 58414 </rpminfo_test> 58415 <rpminfo_test id="oval:org.opensuse.security:tst:2009056198" version="1" comment="qt-x11-32bit is <4.3.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58416 <object object_ref="oval:org.opensuse.security:obj:2009033482"/> 58417 <state state_ref="oval:org.opensuse.security:ste:2009037340"/> 58418 </rpminfo_test> 58419 <rpminfo_test id="oval:org.opensuse.security:tst:2009056199" version="1" comment="qt-x11 is <4.3.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58420 <object object_ref="oval:org.opensuse.security:obj:2009033483"/> 58421 <state state_ref="oval:org.opensuse.security:ste:2009037340"/> 58422 </rpminfo_test> 58423 <rpminfo_test id="oval:org.opensuse.security:tst:2009064972" version="1" comment="kdegraphics3-devel is <3.5.1-23.30.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58424 <object object_ref="oval:org.opensuse.security:obj:2009031874"/> 58425 <state state_ref="oval:org.opensuse.security:ste:2009038818"/> 58426 </rpminfo_test> 58427 <rpminfo_test id="oval:org.opensuse.security:tst:2009064973" version="1" comment="kdegraphics3-fax is <3.5.1-23.30.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58428 <object object_ref="oval:org.opensuse.security:obj:2009030415"/> 58429 <state state_ref="oval:org.opensuse.security:ste:2009038818"/> 58430 </rpminfo_test> 58431 <rpminfo_test id="oval:org.opensuse.security:tst:2009064974" version="1" comment="kdegraphics3-kamera is <3.5.1-23.30.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58432 <object object_ref="oval:org.opensuse.security:obj:2009031877"/> 58433 <state state_ref="oval:org.opensuse.security:ste:2009038818"/> 58434 </rpminfo_test> 58435 <rpminfo_test id="oval:org.opensuse.security:tst:2009064975" version="1" comment="kdegraphics3-pdf is <3.5.1-23.30.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58436 <object object_ref="oval:org.opensuse.security:obj:2009031453"/> 58437 <state state_ref="oval:org.opensuse.security:ste:2009038818"/> 58438 </rpminfo_test> 58439 <rpminfo_test id="oval:org.opensuse.security:tst:2009064976" version="1" comment="kdegraphics3-postscript is <3.5.1-23.30.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58440 <object object_ref="oval:org.opensuse.security:obj:2009031878"/> 58441 <state state_ref="oval:org.opensuse.security:ste:2009038818"/> 58442 </rpminfo_test> 58443 <rpminfo_test id="oval:org.opensuse.security:tst:2009064977" version="1" comment="kdegraphics3-scan is <3.5.1-23.30.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58444 <object object_ref="oval:org.opensuse.security:obj:2009031879"/> 58445 <state state_ref="oval:org.opensuse.security:ste:2009038818"/> 58446 </rpminfo_test> 58447 <rpminfo_test id="oval:org.opensuse.security:tst:2009064978" version="1" comment="kdegraphics3 is <3.5.1-23.30.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58448 <object object_ref="oval:org.opensuse.security:obj:2009030674"/> 58449 <state state_ref="oval:org.opensuse.security:ste:2009038818"/> 58450 </rpminfo_test> 58451 <rpminfo_test id="oval:org.opensuse.security:tst:2009056156" version="1" comment="kernel-bigsmp is <2.6.16.60-0.57.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58452 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 58453 <state state_ref="oval:org.opensuse.security:ste:2009037337"/> 58454 </rpminfo_test> 58455 <rpminfo_test id="oval:org.opensuse.security:tst:2009056150" version="1" comment="kernel-default is <2.6.16.60-0.57.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58456 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 58457 <state state_ref="oval:org.opensuse.security:ste:2009037337"/> 58458 </rpminfo_test> 58459 <rpminfo_test id="oval:org.opensuse.security:tst:2009056157" version="1" comment="kernel-smp is <2.6.16.60-0.57.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58460 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 58461 <state state_ref="oval:org.opensuse.security:ste:2009037337"/> 58462 </rpminfo_test> 58463 <rpminfo_test id="oval:org.opensuse.security:tst:2009056154" version="1" comment="kernel-source is <2.6.16.60-0.57.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58464 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 58465 <state state_ref="oval:org.opensuse.security:ste:2009037337"/> 58466 </rpminfo_test> 58467 <rpminfo_test id="oval:org.opensuse.security:tst:2009056155" version="1" comment="kernel-syms is <2.6.16.60-0.57.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58468 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 58469 <state state_ref="oval:org.opensuse.security:ste:2009037337"/> 58470 </rpminfo_test> 58471 <rpminfo_test id="oval:org.opensuse.security:tst:2009056158" version="1" comment="kernel-xen is <2.6.16.60-0.57.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58472 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 58473 <state state_ref="oval:org.opensuse.security:ste:2009037337"/> 58474 </rpminfo_test> 58475 <rpminfo_test id="oval:org.opensuse.security:tst:2009056159" version="1" comment="kernel-xenpae is <2.6.16.60-0.57.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58476 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 58477 <state state_ref="oval:org.opensuse.security:ste:2009037337"/> 58478 </rpminfo_test> 58479 <rpminfo_test id="oval:org.opensuse.security:tst:2009063814" version="1" comment="firefox3-pango-32bit is <1.14.5-0.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58480 <object object_ref="oval:org.opensuse.security:obj:2009033279"/> 58481 <state state_ref="oval:org.opensuse.security:ste:2009038640"/> 58482 </rpminfo_test> 58483 <rpminfo_test id="oval:org.opensuse.security:tst:2009063815" version="1" comment="firefox3-pango is <1.14.5-0.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58484 <object object_ref="oval:org.opensuse.security:obj:2009033280"/> 58485 <state state_ref="oval:org.opensuse.security:ste:2009038640"/> 58486 </rpminfo_test> 58487 <rpminfo_test id="oval:org.opensuse.security:tst:2009057924" version="1" comment="pango-32bit is <1.10.2-23.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58488 <object object_ref="oval:org.opensuse.security:obj:2009030536"/> 58489 <state state_ref="oval:org.opensuse.security:ste:2009037721"/> 58490 </rpminfo_test> 58491 <rpminfo_test id="oval:org.opensuse.security:tst:2009057925" version="1" comment="pango-devel is <1.10.2-23.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58492 <object object_ref="oval:org.opensuse.security:obj:2009033190"/> 58493 <state state_ref="oval:org.opensuse.security:ste:2009037721"/> 58494 </rpminfo_test> 58495 <rpminfo_test id="oval:org.opensuse.security:tst:2009057926" version="1" comment="pango-doc is <1.10.2-23.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58496 <object object_ref="oval:org.opensuse.security:obj:2009031053"/> 58497 <state state_ref="oval:org.opensuse.security:ste:2009037721"/> 58498 </rpminfo_test> 58499 <rpminfo_test id="oval:org.opensuse.security:tst:2009057927" version="1" comment="pango is <1.10.2-23.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58500 <object object_ref="oval:org.opensuse.security:obj:2009030537"/> 58501 <state state_ref="oval:org.opensuse.security:ste:2009037721"/> 58502 </rpminfo_test> 58503 <rpminfo_test id="oval:org.opensuse.security:tst:2009059677" version="1" comment="gimp is <2.2.10-22.33.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58504 <object object_ref="oval:org.opensuse.security:obj:2009030642"/> 58505 <state state_ref="oval:org.opensuse.security:ste:2009038034"/> 58506 </rpminfo_test> 58507 <rpminfo_test id="oval:org.opensuse.security:tst:2009058405" version="1" comment="mozilla-xulrunner190-32bit is <1.9.0.18-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58508 <object object_ref="oval:org.opensuse.security:obj:2009030968"/> 58509 <state state_ref="oval:org.opensuse.security:ste:2009037790"/> 58510 </rpminfo_test> 58511 <rpminfo_test id="oval:org.opensuse.security:tst:2009058406" version="1" comment="mozilla-xulrunner190-gnomevfs-32bit is <1.9.0.18-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58512 <object object_ref="oval:org.opensuse.security:obj:2009032851"/> 58513 <state state_ref="oval:org.opensuse.security:ste:2009037790"/> 58514 </rpminfo_test> 58515 <rpminfo_test id="oval:org.opensuse.security:tst:2009058407" version="1" comment="mozilla-xulrunner190-gnomevfs is <1.9.0.18-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58516 <object object_ref="oval:org.opensuse.security:obj:2009030969"/> 58517 <state state_ref="oval:org.opensuse.security:ste:2009037790"/> 58518 </rpminfo_test> 58519 <rpminfo_test id="oval:org.opensuse.security:tst:2009058408" version="1" comment="mozilla-xulrunner190-translations-32bit is <1.9.0.18-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58520 <object object_ref="oval:org.opensuse.security:obj:2009032853"/> 58521 <state state_ref="oval:org.opensuse.security:ste:2009037790"/> 58522 </rpminfo_test> 58523 <rpminfo_test id="oval:org.opensuse.security:tst:2009058409" version="1" comment="mozilla-xulrunner190-translations is <1.9.0.18-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58524 <object object_ref="oval:org.opensuse.security:obj:2009030970"/> 58525 <state state_ref="oval:org.opensuse.security:ste:2009037790"/> 58526 </rpminfo_test> 58527 <rpminfo_test id="oval:org.opensuse.security:tst:2009058410" version="1" comment="mozilla-xulrunner190 is <1.9.0.18-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58528 <object object_ref="oval:org.opensuse.security:obj:2009030972"/> 58529 <state state_ref="oval:org.opensuse.security:ste:2009037790"/> 58530 </rpminfo_test> 58531 <rpminfo_test id="oval:org.opensuse.security:tst:2009058451" version="1" comment="MozillaFirefox-translations is <3.5.8-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58532 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 58533 <state state_ref="oval:org.opensuse.security:ste:2009037797"/> 58534 </rpminfo_test> 58535 <rpminfo_test id="oval:org.opensuse.security:tst:2009058452" version="1" comment="MozillaFirefox is <3.5.8-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58536 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 58537 <state state_ref="oval:org.opensuse.security:ste:2009037797"/> 58538 </rpminfo_test> 58539 <rpminfo_test id="oval:org.opensuse.security:tst:2009058442" version="1" comment="mozilla-xulrunner191-32bit is <1.9.1.8-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58540 <object object_ref="oval:org.opensuse.security:obj:2009033425"/> 58541 <state state_ref="oval:org.opensuse.security:ste:2009037796"/> 58542 </rpminfo_test> 58543 <rpminfo_test id="oval:org.opensuse.security:tst:2009058443" version="1" comment="mozilla-xulrunner191-gnomevfs-32bit is <1.9.1.8-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58544 <object object_ref="oval:org.opensuse.security:obj:2009033431"/> 58545 <state state_ref="oval:org.opensuse.security:ste:2009037796"/> 58546 </rpminfo_test> 58547 <rpminfo_test id="oval:org.opensuse.security:tst:2009058444" version="1" comment="mozilla-xulrunner191-gnomevfs is <1.9.1.8-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58548 <object object_ref="oval:org.opensuse.security:obj:2009033426"/> 58549 <state state_ref="oval:org.opensuse.security:ste:2009037796"/> 58550 </rpminfo_test> 58551 <rpminfo_test id="oval:org.opensuse.security:tst:2009058445" version="1" comment="mozilla-xulrunner191-translations-32bit is <1.9.1.8-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58552 <object object_ref="oval:org.opensuse.security:obj:2009033433"/> 58553 <state state_ref="oval:org.opensuse.security:ste:2009037796"/> 58554 </rpminfo_test> 58555 <rpminfo_test id="oval:org.opensuse.security:tst:2009058446" version="1" comment="mozilla-xulrunner191-translations is <1.9.1.8-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58556 <object object_ref="oval:org.opensuse.security:obj:2009033427"/> 58557 <state state_ref="oval:org.opensuse.security:ste:2009037796"/> 58558 </rpminfo_test> 58559 <rpminfo_test id="oval:org.opensuse.security:tst:2009058447" version="1" comment="mozilla-xulrunner191 is <1.9.1.8-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58560 <object object_ref="oval:org.opensuse.security:obj:2009033429"/> 58561 <state state_ref="oval:org.opensuse.security:ste:2009037796"/> 58562 </rpminfo_test> 58563 <rpminfo_test id="oval:org.opensuse.security:tst:2009064930" version="1" comment="kdelibs3-32bit is <3.5.1-49.55.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58564 <object object_ref="oval:org.opensuse.security:obj:2009030600"/> 58565 <state state_ref="oval:org.opensuse.security:ste:2009038808"/> 58566 </rpminfo_test> 58567 <rpminfo_test id="oval:org.opensuse.security:tst:2009064931" version="1" comment="kdelibs3-arts-32bit is <3.5.1-49.55.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58568 <object object_ref="oval:org.opensuse.security:obj:2009031698"/> 58569 <state state_ref="oval:org.opensuse.security:ste:2009038808"/> 58570 </rpminfo_test> 58571 <rpminfo_test id="oval:org.opensuse.security:tst:2009064932" version="1" comment="kdelibs3-arts is <3.5.1-49.55.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58572 <object object_ref="oval:org.opensuse.security:obj:2009031700"/> 58573 <state state_ref="oval:org.opensuse.security:ste:2009038808"/> 58574 </rpminfo_test> 58575 <rpminfo_test id="oval:org.opensuse.security:tst:2009064933" version="1" comment="kdelibs3-devel is <3.5.1-49.55.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58576 <object object_ref="oval:org.opensuse.security:obj:2009030543"/> 58577 <state state_ref="oval:org.opensuse.security:ste:2009038808"/> 58578 </rpminfo_test> 58579 <rpminfo_test id="oval:org.opensuse.security:tst:2009064934" version="1" comment="kdelibs3-doc is <3.5.1-49.55.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58580 <object object_ref="oval:org.opensuse.security:obj:2009031704"/> 58581 <state state_ref="oval:org.opensuse.security:ste:2009038808"/> 58582 </rpminfo_test> 58583 <rpminfo_test id="oval:org.opensuse.security:tst:2009064935" version="1" comment="kdelibs3 is <3.5.1-49.55.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58584 <object object_ref="oval:org.opensuse.security:obj:2009030439"/> 58585 <state state_ref="oval:org.opensuse.security:ste:2009038808"/> 58586 </rpminfo_test> 58587 <rpminfo_test id="oval:org.opensuse.security:tst:2009055927" version="1" comment="openldap2-client-32bit is <2.3.32-0.36.91" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58588 <object object_ref="oval:org.opensuse.security:obj:2009030669"/> 58589 <state state_ref="oval:org.opensuse.security:ste:2009037299"/> 58590 </rpminfo_test> 58591 <rpminfo_test id="oval:org.opensuse.security:tst:2009055928" version="1" comment="openldap2-client is <2.3.32-0.36.91" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58592 <object object_ref="oval:org.opensuse.security:obj:2009030545"/> 58593 <state state_ref="oval:org.opensuse.security:ste:2009037299"/> 58594 </rpminfo_test> 58595 <rpminfo_test id="oval:org.opensuse.security:tst:2009055929" version="1" comment="openldap2-devel-32bit is <2.3.32-0.36.91" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58596 <object object_ref="oval:org.opensuse.security:obj:2009030814"/> 58597 <state state_ref="oval:org.opensuse.security:ste:2009037299"/> 58598 </rpminfo_test> 58599 <rpminfo_test id="oval:org.opensuse.security:tst:2009055930" version="1" comment="openldap2-devel is <2.3.32-0.36.91" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58600 <object object_ref="oval:org.opensuse.security:obj:2009030546"/> 58601 <state state_ref="oval:org.opensuse.security:ste:2009037299"/> 58602 </rpminfo_test> 58603 <rpminfo_test id="oval:org.opensuse.security:tst:2009055931" version="1" comment="openldap2 is <2.3.32-0.36.50" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58604 <object object_ref="oval:org.opensuse.security:obj:2009030656"/> 58605 <state state_ref="oval:org.opensuse.security:ste:2009037300"/> 58606 </rpminfo_test> 58607 <rpminfo_test id="oval:org.opensuse.security:tst:2009055800" version="1" comment="neon-32bit is <0.24.7-20.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58608 <object object_ref="oval:org.opensuse.security:obj:2009032726"/> 58609 <state state_ref="oval:org.opensuse.security:ste:2009037278"/> 58610 </rpminfo_test> 58611 <rpminfo_test id="oval:org.opensuse.security:tst:2009055801" version="1" comment="neon-devel is <0.24.7-20.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58612 <object object_ref="oval:org.opensuse.security:obj:2009033462"/> 58613 <state state_ref="oval:org.opensuse.security:ste:2009037278"/> 58614 </rpminfo_test> 58615 <rpminfo_test id="oval:org.opensuse.security:tst:2009055802" version="1" comment="neon is <0.24.7-20.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58616 <object object_ref="oval:org.opensuse.security:obj:2009032728"/> 58617 <state state_ref="oval:org.opensuse.security:ste:2009037278"/> 58618 </rpminfo_test> 58619 <rpminfo_test id="oval:org.opensuse.security:tst:2009055553" version="1" comment="libapr-util1-devel is <1.2.2-13.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58620 <object object_ref="oval:org.opensuse.security:obj:2009033235"/> 58621 <state state_ref="oval:org.opensuse.security:ste:2009037240"/> 58622 </rpminfo_test> 58623 <rpminfo_test id="oval:org.opensuse.security:tst:2009055554" version="1" comment="libapr-util1 is <1.2.2-13.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58624 <object object_ref="oval:org.opensuse.security:obj:2009033229"/> 58625 <state state_ref="oval:org.opensuse.security:ste:2009037240"/> 58626 </rpminfo_test> 58627 <rpminfo_test id="oval:org.opensuse.security:tst:2009055555" version="1" comment="libapr1-devel is <1.2.2-13.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58628 <object object_ref="oval:org.opensuse.security:obj:2009033458"/> 58629 <state state_ref="oval:org.opensuse.security:ste:2009037241"/> 58630 </rpminfo_test> 58631 <rpminfo_test id="oval:org.opensuse.security:tst:2009055556" version="1" comment="libapr1 is <1.2.2-13.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58632 <object object_ref="oval:org.opensuse.security:obj:2009033455"/> 58633 <state state_ref="oval:org.opensuse.security:ste:2009037241"/> 58634 </rpminfo_test> 58635 <rpminfo_test id="oval:org.opensuse.security:tst:2009057019" version="1" comment="java-1_5_0-ibm-32bit is <1.5.0_sr11-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58636 <object object_ref="oval:org.opensuse.security:obj:2009032707"/> 58637 <state state_ref="oval:org.opensuse.security:ste:2009037572"/> 58638 </rpminfo_test> 58639 <rpminfo_test id="oval:org.opensuse.security:tst:2009057020" version="1" comment="java-1_5_0-ibm-alsa-32bit is <1.5.0_sr11-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58640 <object object_ref="oval:org.opensuse.security:obj:2009032708"/> 58641 <state state_ref="oval:org.opensuse.security:ste:2009037572"/> 58642 </rpminfo_test> 58643 <rpminfo_test id="oval:org.opensuse.security:tst:2009057021" version="1" comment="java-1_5_0-ibm-demo is <1.5.0_sr11-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58644 <object object_ref="oval:org.opensuse.security:obj:2009032710"/> 58645 <state state_ref="oval:org.opensuse.security:ste:2009037572"/> 58646 </rpminfo_test> 58647 <rpminfo_test id="oval:org.opensuse.security:tst:2009057022" version="1" comment="java-1_5_0-ibm-devel-32bit is <1.5.0_sr11-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58648 <object object_ref="oval:org.opensuse.security:obj:2009032711"/> 58649 <state state_ref="oval:org.opensuse.security:ste:2009037572"/> 58650 </rpminfo_test> 58651 <rpminfo_test id="oval:org.opensuse.security:tst:2009057023" version="1" comment="java-1_5_0-ibm-devel is <1.5.0_sr11-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58652 <object object_ref="oval:org.opensuse.security:obj:2009032712"/> 58653 <state state_ref="oval:org.opensuse.security:ste:2009037572"/> 58654 </rpminfo_test> 58655 <rpminfo_test id="oval:org.opensuse.security:tst:2009057024" version="1" comment="java-1_5_0-ibm-fonts is <1.5.0_sr11-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58656 <object object_ref="oval:org.opensuse.security:obj:2009032773"/> 58657 <state state_ref="oval:org.opensuse.security:ste:2009037572"/> 58658 </rpminfo_test> 58659 <rpminfo_test id="oval:org.opensuse.security:tst:2009057025" version="1" comment="java-1_5_0-ibm-jdbc is <1.5.0_sr11-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58660 <object object_ref="oval:org.opensuse.security:obj:2009032713"/> 58661 <state state_ref="oval:org.opensuse.security:ste:2009037572"/> 58662 </rpminfo_test> 58663 <rpminfo_test id="oval:org.opensuse.security:tst:2009057026" version="1" comment="java-1_5_0-ibm-plugin is <1.5.0_sr11-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58664 <object object_ref="oval:org.opensuse.security:obj:2009032714"/> 58665 <state state_ref="oval:org.opensuse.security:ste:2009037572"/> 58666 </rpminfo_test> 58667 <rpminfo_test id="oval:org.opensuse.security:tst:2009057027" version="1" comment="java-1_5_0-ibm-src is <1.5.0_sr11-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58668 <object object_ref="oval:org.opensuse.security:obj:2009032715"/> 58669 <state state_ref="oval:org.opensuse.security:ste:2009037572"/> 58670 </rpminfo_test> 58671 <rpminfo_test id="oval:org.opensuse.security:tst:2009057028" version="1" comment="java-1_5_0-ibm is <1.5.0_sr11-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58672 <object object_ref="oval:org.opensuse.security:obj:2009032716"/> 58673 <state state_ref="oval:org.opensuse.security:ste:2009037572"/> 58674 </rpminfo_test> 58675 <rpminfo_test id="oval:org.opensuse.security:tst:2009056452" version="1" comment="ethereal is <0.10.14-16.39.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58676 <object object_ref="oval:org.opensuse.security:obj:2009030758"/> 58677 <state state_ref="oval:org.opensuse.security:ste:2009037400"/> 58678 </rpminfo_test> 58679 <rpminfo_test id="oval:org.opensuse.security:tst:2009058913" version="1" comment="ethereal is <0.10.14-16.41.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58680 <object object_ref="oval:org.opensuse.security:obj:2009030758"/> 58681 <state state_ref="oval:org.opensuse.security:ste:2009037894"/> 58682 </rpminfo_test> 58683 <rpminfo_test id="oval:org.opensuse.security:tst:2009059073" version="1" comment="squid is <2.5.STABLE12-18.13.982.2.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58684 <object object_ref="oval:org.opensuse.security:obj:2009031125"/> 58685 <state state_ref="oval:org.opensuse.security:ste:2009037927"/> 58686 </rpminfo_test> 58687 <rpminfo_test id="oval:org.opensuse.security:tst:2009060392" version="1" comment="python-32bit is <2.4.2-18.29.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58688 <object object_ref="oval:org.opensuse.security:obj:2009030554"/> 58689 <state state_ref="oval:org.opensuse.security:ste:2009038144"/> 58690 </rpminfo_test> 58691 <rpminfo_test id="oval:org.opensuse.security:tst:2009060393" version="1" comment="python-curses is <2.4.2-18.29.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58692 <object object_ref="oval:org.opensuse.security:obj:2009030555"/> 58693 <state state_ref="oval:org.opensuse.security:ste:2009038144"/> 58694 </rpminfo_test> 58695 <rpminfo_test id="oval:org.opensuse.security:tst:2009060394" version="1" comment="python-devel is <2.4.2-18.29.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58696 <object object_ref="oval:org.opensuse.security:obj:2009030557"/> 58697 <state state_ref="oval:org.opensuse.security:ste:2009038144"/> 58698 </rpminfo_test> 58699 <rpminfo_test id="oval:org.opensuse.security:tst:2009060395" version="1" comment="python-gdbm is <2.4.2-18.29.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58700 <object object_ref="oval:org.opensuse.security:obj:2009030560"/> 58701 <state state_ref="oval:org.opensuse.security:ste:2009038144"/> 58702 </rpminfo_test> 58703 <rpminfo_test id="oval:org.opensuse.security:tst:2009060396" version="1" comment="python-tk is <2.4.2-18.29.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58704 <object object_ref="oval:org.opensuse.security:obj:2009030563"/> 58705 <state state_ref="oval:org.opensuse.security:ste:2009038144"/> 58706 </rpminfo_test> 58707 <rpminfo_test id="oval:org.opensuse.security:tst:2009060397" version="1" comment="python-xml is <2.4.2-18.29.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58708 <object object_ref="oval:org.opensuse.security:obj:2009030564"/> 58709 <state state_ref="oval:org.opensuse.security:ste:2009038144"/> 58710 </rpminfo_test> 58711 <rpminfo_test id="oval:org.opensuse.security:tst:2009060398" version="1" comment="python is <2.4.2-18.29.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58712 <object object_ref="oval:org.opensuse.security:obj:2009030463"/> 58713 <state state_ref="oval:org.opensuse.security:ste:2009038144"/> 58714 </rpminfo_test> 58715 <rpminfo_test id="oval:org.opensuse.security:tst:2009060281" version="1" comment="libicecore is <1.0.8-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58716 <object object_ref="oval:org.opensuse.security:obj:2009033741"/> 58717 <state state_ref="oval:org.opensuse.security:ste:2009038126"/> 58718 </rpminfo_test> 58719 <rpminfo_test id="oval:org.opensuse.security:tst:2009060282" version="1" comment="libiiclib is <1.0.8-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58720 <object object_ref="oval:org.opensuse.security:obj:2009033742"/> 58721 <state state_ref="oval:org.opensuse.security:ste:2009038126"/> 58722 </rpminfo_test> 58723 <rpminfo_test id="oval:org.opensuse.security:tst:2009060283" version="1" comment="libiksemel is <1.0.8-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58724 <object object_ref="oval:org.opensuse.security:obj:2009033743"/> 58725 <state state_ref="oval:org.opensuse.security:ste:2009038126"/> 58726 </rpminfo_test> 58727 <rpminfo_test id="oval:org.opensuse.security:tst:2009060284" version="1" comment="libnetlib is <1.0.8-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58728 <object object_ref="oval:org.opensuse.security:obj:2009033744"/> 58729 <state state_ref="oval:org.opensuse.security:ste:2009038126"/> 58730 </rpminfo_test> 58731 <rpminfo_test id="oval:org.opensuse.security:tst:2009060285" version="1" comment="libxmlrpc is <1.0.8-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58732 <object object_ref="oval:org.opensuse.security:obj:2009033745"/> 58733 <state state_ref="oval:org.opensuse.security:ste:2009038126"/> 58734 </rpminfo_test> 58735 <rpminfo_test id="oval:org.opensuse.security:tst:2009061115" version="1" comment="libvorbis-32bit is <1.1.2-13.17.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58736 <object object_ref="oval:org.opensuse.security:obj:2009030754"/> 58737 <state state_ref="oval:org.opensuse.security:ste:2009038262"/> 58738 </rpminfo_test> 58739 <rpminfo_test id="oval:org.opensuse.security:tst:2009061116" version="1" comment="libvorbis is <1.1.2-13.17.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58740 <object object_ref="oval:org.opensuse.security:obj:2009030756"/> 58741 <state state_ref="oval:org.opensuse.security:ste:2009038262"/> 58742 </rpminfo_test> 58743 <rpminfo_test id="oval:org.opensuse.security:tst:2009055614" version="1" comment="cifs-mount is <3.0.36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58744 <object object_ref="oval:org.opensuse.security:obj:2009031336"/> 58745 <state state_ref="oval:org.opensuse.security:ste:2009037249"/> 58746 </rpminfo_test> 58747 <rpminfo_test id="oval:org.opensuse.security:tst:2009055615" version="1" comment="ldapsmb is <1.34b-25.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58748 <object object_ref="oval:org.opensuse.security:obj:2009030746"/> 58749 <state state_ref="oval:org.opensuse.security:ste:2009037250"/> 58750 </rpminfo_test> 58751 <rpminfo_test id="oval:org.opensuse.security:tst:2009055616" version="1" comment="libsmbclient-32bit is <3.0.36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58752 <object object_ref="oval:org.opensuse.security:obj:2009030745"/> 58753 <state state_ref="oval:org.opensuse.security:ste:2009037249"/> 58754 </rpminfo_test> 58755 <rpminfo_test id="oval:org.opensuse.security:tst:2009055617" version="1" comment="libsmbclient-devel is <3.0.36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58756 <object object_ref="oval:org.opensuse.security:obj:2009030441"/> 58757 <state state_ref="oval:org.opensuse.security:ste:2009037249"/> 58758 </rpminfo_test> 58759 <rpminfo_test id="oval:org.opensuse.security:tst:2009055618" version="1" comment="libsmbclient is <3.0.36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58760 <object object_ref="oval:org.opensuse.security:obj:2009030442"/> 58761 <state state_ref="oval:org.opensuse.security:ste:2009037249"/> 58762 </rpminfo_test> 58763 <rpminfo_test id="oval:org.opensuse.security:tst:2009055619" version="1" comment="samba-32bit is <3.0.36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58764 <object object_ref="oval:org.opensuse.security:obj:2009030769"/> 58765 <state state_ref="oval:org.opensuse.security:ste:2009037249"/> 58766 </rpminfo_test> 58767 <rpminfo_test id="oval:org.opensuse.security:tst:2009055620" version="1" comment="samba-client-32bit is <3.0.36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58768 <object object_ref="oval:org.opensuse.security:obj:2009030770"/> 58769 <state state_ref="oval:org.opensuse.security:ste:2009037249"/> 58770 </rpminfo_test> 58771 <rpminfo_test id="oval:org.opensuse.security:tst:2009055621" version="1" comment="samba-client is <3.0.36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58772 <object object_ref="oval:org.opensuse.security:obj:2009030443"/> 58773 <state state_ref="oval:org.opensuse.security:ste:2009037249"/> 58774 </rpminfo_test> 58775 <rpminfo_test id="oval:org.opensuse.security:tst:2009055622" version="1" comment="samba-krb-printing is <3.0.36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58776 <object object_ref="oval:org.opensuse.security:obj:2009031344"/> 58777 <state state_ref="oval:org.opensuse.security:ste:2009037249"/> 58778 </rpminfo_test> 58779 <rpminfo_test id="oval:org.opensuse.security:tst:2009055623" version="1" comment="samba-vscan is <0.3.6b-43.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58780 <object object_ref="oval:org.opensuse.security:obj:2009030447"/> 58781 <state state_ref="oval:org.opensuse.security:ste:2009037251"/> 58782 </rpminfo_test> 58783 <rpminfo_test id="oval:org.opensuse.security:tst:2009055624" version="1" comment="samba-winbind-32bit is <3.0.36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58784 <object object_ref="oval:org.opensuse.security:obj:2009030771"/> 58785 <state state_ref="oval:org.opensuse.security:ste:2009037249"/> 58786 </rpminfo_test> 58787 <rpminfo_test id="oval:org.opensuse.security:tst:2009055625" version="1" comment="samba-winbind is <3.0.36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58788 <object object_ref="oval:org.opensuse.security:obj:2009030448"/> 58789 <state state_ref="oval:org.opensuse.security:ste:2009037249"/> 58790 </rpminfo_test> 58791 <rpminfo_test id="oval:org.opensuse.security:tst:2009055626" version="1" comment="samba is <3.0.36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58792 <object object_ref="oval:org.opensuse.security:obj:2009030429"/> 58793 <state state_ref="oval:org.opensuse.security:ste:2009037249"/> 58794 </rpminfo_test> 58795 <rpminfo_test id="oval:org.opensuse.security:tst:2009056814" version="1" comment="finch is <2.6.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58796 <object object_ref="oval:org.opensuse.security:obj:2009031748"/> 58797 <state state_ref="oval:org.opensuse.security:ste:2009037516"/> 58798 </rpminfo_test> 58799 <rpminfo_test id="oval:org.opensuse.security:tst:2009056815" version="1" comment="libpurple is <2.6.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58800 <object object_ref="oval:org.opensuse.security:obj:2009031423"/> 58801 <state state_ref="oval:org.opensuse.security:ste:2009037516"/> 58802 </rpminfo_test> 58803 <rpminfo_test id="oval:org.opensuse.security:tst:2009056816" version="1" comment="pidgin is <2.6.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58804 <object object_ref="oval:org.opensuse.security:obj:2009031752"/> 58805 <state state_ref="oval:org.opensuse.security:ste:2009037516"/> 58806 </rpminfo_test> 58807 <rpminfo_test id="oval:org.opensuse.security:tst:2009055434" version="1" comment="MozillaFirefox-branding-SLED is <3.5-1.6.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58808 <object object_ref="oval:org.opensuse.security:obj:2009033270"/> 58809 <state state_ref="oval:org.opensuse.security:ste:2009037216"/> 58810 </rpminfo_test> 58811 <rpminfo_test id="oval:org.opensuse.security:tst:2009055435" version="1" comment="MozillaFirefox-translations is <3.5.3-1.5.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58812 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 58813 <state state_ref="oval:org.opensuse.security:ste:2009037217"/> 58814 </rpminfo_test> 58815 <rpminfo_test id="oval:org.opensuse.security:tst:2009055436" version="1" comment="MozillaFirefox is <3.5.3-1.5.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58816 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 58817 <state state_ref="oval:org.opensuse.security:ste:2009037217"/> 58818 </rpminfo_test> 58819 <rpminfo_test id="oval:org.opensuse.security:tst:2009055437" version="1" comment="mozilla-xulrunner190-32bit is <1.9.0.14-0.6.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58820 <object object_ref="oval:org.opensuse.security:obj:2009030968"/> 58821 <state state_ref="oval:org.opensuse.security:ste:2009037218"/> 58822 </rpminfo_test> 58823 <rpminfo_test id="oval:org.opensuse.security:tst:2009055438" version="1" comment="mozilla-xulrunner190-gnomevfs-32bit is <1.9.0.14-0.6.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58824 <object object_ref="oval:org.opensuse.security:obj:2009032851"/> 58825 <state state_ref="oval:org.opensuse.security:ste:2009037218"/> 58826 </rpminfo_test> 58827 <rpminfo_test id="oval:org.opensuse.security:tst:2009055439" version="1" comment="mozilla-xulrunner190-gnomevfs is <1.9.0.14-0.6.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58828 <object object_ref="oval:org.opensuse.security:obj:2009030969"/> 58829 <state state_ref="oval:org.opensuse.security:ste:2009037218"/> 58830 </rpminfo_test> 58831 <rpminfo_test id="oval:org.opensuse.security:tst:2009055440" version="1" comment="mozilla-xulrunner190-translations-32bit is <1.9.0.14-0.6.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58832 <object object_ref="oval:org.opensuse.security:obj:2009032853"/> 58833 <state state_ref="oval:org.opensuse.security:ste:2009037218"/> 58834 </rpminfo_test> 58835 <rpminfo_test id="oval:org.opensuse.security:tst:2009055441" version="1" comment="mozilla-xulrunner190-translations is <1.9.0.14-0.6.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58836 <object object_ref="oval:org.opensuse.security:obj:2009030970"/> 58837 <state state_ref="oval:org.opensuse.security:ste:2009037218"/> 58838 </rpminfo_test> 58839 <rpminfo_test id="oval:org.opensuse.security:tst:2009055442" version="1" comment="mozilla-xulrunner190 is <1.9.0.14-0.6.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58840 <object object_ref="oval:org.opensuse.security:obj:2009030972"/> 58841 <state state_ref="oval:org.opensuse.security:ste:2009037218"/> 58842 </rpminfo_test> 58843 <rpminfo_test id="oval:org.opensuse.security:tst:2009055443" version="1" comment="mozilla-xulrunner191-32bit is <1.9.1.3-1.5.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58844 <object object_ref="oval:org.opensuse.security:obj:2009033425"/> 58845 <state state_ref="oval:org.opensuse.security:ste:2009037219"/> 58846 </rpminfo_test> 58847 <rpminfo_test id="oval:org.opensuse.security:tst:2009055444" version="1" comment="mozilla-xulrunner191-gnomevfs-32bit is <1.9.1.3-1.5.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58848 <object object_ref="oval:org.opensuse.security:obj:2009033431"/> 58849 <state state_ref="oval:org.opensuse.security:ste:2009037219"/> 58850 </rpminfo_test> 58851 <rpminfo_test id="oval:org.opensuse.security:tst:2009055445" version="1" comment="mozilla-xulrunner191-gnomevfs is <1.9.1.3-1.5.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58852 <object object_ref="oval:org.opensuse.security:obj:2009033426"/> 58853 <state state_ref="oval:org.opensuse.security:ste:2009037219"/> 58854 </rpminfo_test> 58855 <rpminfo_test id="oval:org.opensuse.security:tst:2009055446" version="1" comment="mozilla-xulrunner191-translations-32bit is <1.9.1.3-1.5.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58856 <object object_ref="oval:org.opensuse.security:obj:2009033433"/> 58857 <state state_ref="oval:org.opensuse.security:ste:2009037219"/> 58858 </rpminfo_test> 58859 <rpminfo_test id="oval:org.opensuse.security:tst:2009055447" version="1" comment="mozilla-xulrunner191-translations is <1.9.1.3-1.5.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58860 <object object_ref="oval:org.opensuse.security:obj:2009033427"/> 58861 <state state_ref="oval:org.opensuse.security:ste:2009037219"/> 58862 </rpminfo_test> 58863 <rpminfo_test id="oval:org.opensuse.security:tst:2009055448" version="1" comment="mozilla-xulrunner191 is <1.9.1.3-1.5.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58864 <object object_ref="oval:org.opensuse.security:obj:2009033429"/> 58865 <state state_ref="oval:org.opensuse.security:ste:2009037219"/> 58866 </rpminfo_test> 58867 <rpminfo_test id="oval:org.opensuse.security:tst:2009055449" version="1" comment="postgresql-devel is <8.1.18-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58868 <object object_ref="oval:org.opensuse.security:obj:2009030469"/> 58869 <state state_ref="oval:org.opensuse.security:ste:2009037220"/> 58870 </rpminfo_test> 58871 <rpminfo_test id="oval:org.opensuse.security:tst:2009055450" version="1" comment="postgresql-libs-32bit is <8.1.18-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58872 <object object_ref="oval:org.opensuse.security:obj:2009030626"/> 58873 <state state_ref="oval:org.opensuse.security:ste:2009037220"/> 58874 </rpminfo_test> 58875 <rpminfo_test id="oval:org.opensuse.security:tst:2009055451" version="1" comment="postgresql-libs is <8.1.18-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58876 <object object_ref="oval:org.opensuse.security:obj:2009030471"/> 58877 <state state_ref="oval:org.opensuse.security:ste:2009037220"/> 58878 </rpminfo_test> 58879 <rpminfo_test id="oval:org.opensuse.security:tst:2009059228" version="1" comment="openssl-32bit is <0.9.8a-18.42.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58880 <object object_ref="oval:org.opensuse.security:obj:2009030634"/> 58881 <state state_ref="oval:org.opensuse.security:ste:2009037951"/> 58882 </rpminfo_test> 58883 <rpminfo_test id="oval:org.opensuse.security:tst:2009059229" version="1" comment="openssl-devel-32bit is <0.9.8a-18.42.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58884 <object object_ref="oval:org.opensuse.security:obj:2009030635"/> 58885 <state state_ref="oval:org.opensuse.security:ste:2009037951"/> 58886 </rpminfo_test> 58887 <rpminfo_test id="oval:org.opensuse.security:tst:2009059230" version="1" comment="openssl-devel is <0.9.8a-18.42.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58888 <object object_ref="oval:org.opensuse.security:obj:2009030587"/> 58889 <state state_ref="oval:org.opensuse.security:ste:2009037951"/> 58890 </rpminfo_test> 58891 <rpminfo_test id="oval:org.opensuse.security:tst:2009059231" version="1" comment="openssl is <0.9.8a-18.42.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58892 <object object_ref="oval:org.opensuse.security:obj:2009030588"/> 58893 <state state_ref="oval:org.opensuse.security:ste:2009037951"/> 58894 </rpminfo_test> 58895 <rpminfo_test id="oval:org.opensuse.security:tst:2009060033" version="1" comment="fuse-devel is <2.7.2-15.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58896 <object object_ref="oval:org.opensuse.security:obj:2009033601"/> 58897 <state state_ref="oval:org.opensuse.security:ste:2009038096"/> 58898 </rpminfo_test> 58899 <rpminfo_test id="oval:org.opensuse.security:tst:2009060034" version="1" comment="fuse is <2.7.2-15.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58900 <object object_ref="oval:org.opensuse.security:obj:2009033599"/> 58901 <state state_ref="oval:org.opensuse.security:ste:2009038096"/> 58902 </rpminfo_test> 58903 <rpminfo_test id="oval:org.opensuse.security:tst:2009060035" version="1" comment="libfuse2 is <2.7.2-15.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58904 <object object_ref="oval:org.opensuse.security:obj:2009033600"/> 58905 <state state_ref="oval:org.opensuse.security:ste:2009038096"/> 58906 </rpminfo_test> 58907 <rpminfo_test id="oval:org.opensuse.security:tst:2009057950" version="1" comment="fuse-devel is <2.7.2-15.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58908 <object object_ref="oval:org.opensuse.security:obj:2009033601"/> 58909 <state state_ref="oval:org.opensuse.security:ste:2009037726"/> 58910 </rpminfo_test> 58911 <rpminfo_test id="oval:org.opensuse.security:tst:2009057951" version="1" comment="fuse is <2.7.2-15.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58912 <object object_ref="oval:org.opensuse.security:obj:2009033599"/> 58913 <state state_ref="oval:org.opensuse.security:ste:2009037726"/> 58914 </rpminfo_test> 58915 <rpminfo_test id="oval:org.opensuse.security:tst:2009057952" version="1" comment="libfuse2 is <2.7.2-15.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58916 <object object_ref="oval:org.opensuse.security:obj:2009033600"/> 58917 <state state_ref="oval:org.opensuse.security:ste:2009037726"/> 58918 </rpminfo_test> 58919 <rpminfo_test id="oval:org.opensuse.security:tst:2009056915" version="1" comment="MozillaFirefox-translations is <3.5.6-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58920 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 58921 <state state_ref="oval:org.opensuse.security:ste:2009037550"/> 58922 </rpminfo_test> 58923 <rpminfo_test id="oval:org.opensuse.security:tst:2009056916" version="1" comment="MozillaFirefox is <3.5.6-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58924 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 58925 <state state_ref="oval:org.opensuse.security:ste:2009037550"/> 58926 </rpminfo_test> 58927 <rpminfo_test id="oval:org.opensuse.security:tst:2009056917" version="1" comment="mozilla-xulrunner191-32bit is <1.9.1.6-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58928 <object object_ref="oval:org.opensuse.security:obj:2009033425"/> 58929 <state state_ref="oval:org.opensuse.security:ste:2009037551"/> 58930 </rpminfo_test> 58931 <rpminfo_test id="oval:org.opensuse.security:tst:2009056918" version="1" comment="mozilla-xulrunner191-gnomevfs-32bit is <1.9.1.6-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58932 <object object_ref="oval:org.opensuse.security:obj:2009033431"/> 58933 <state state_ref="oval:org.opensuse.security:ste:2009037551"/> 58934 </rpminfo_test> 58935 <rpminfo_test id="oval:org.opensuse.security:tst:2009056919" version="1" comment="mozilla-xulrunner191-gnomevfs is <1.9.1.6-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58936 <object object_ref="oval:org.opensuse.security:obj:2009033426"/> 58937 <state state_ref="oval:org.opensuse.security:ste:2009037551"/> 58938 </rpminfo_test> 58939 <rpminfo_test id="oval:org.opensuse.security:tst:2009056920" version="1" comment="mozilla-xulrunner191-translations-32bit is <1.9.1.6-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58940 <object object_ref="oval:org.opensuse.security:obj:2009033433"/> 58941 <state state_ref="oval:org.opensuse.security:ste:2009037551"/> 58942 </rpminfo_test> 58943 <rpminfo_test id="oval:org.opensuse.security:tst:2009056921" version="1" comment="mozilla-xulrunner191-translations is <1.9.1.6-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58944 <object object_ref="oval:org.opensuse.security:obj:2009033427"/> 58945 <state state_ref="oval:org.opensuse.security:ste:2009037551"/> 58946 </rpminfo_test> 58947 <rpminfo_test id="oval:org.opensuse.security:tst:2009056922" version="1" comment="mozilla-xulrunner191 is <1.9.1.6-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58948 <object object_ref="oval:org.opensuse.security:obj:2009033429"/> 58949 <state state_ref="oval:org.opensuse.security:ste:2009037551"/> 58950 </rpminfo_test> 58951 <rpminfo_test id="oval:org.opensuse.security:tst:2009061143" version="1" comment="java-1_5_0-ibm-32bit is <1.5.0_sr11.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58952 <object object_ref="oval:org.opensuse.security:obj:2009032707"/> 58953 <state state_ref="oval:org.opensuse.security:ste:2009038270"/> 58954 </rpminfo_test> 58955 <rpminfo_test id="oval:org.opensuse.security:tst:2009061144" version="1" comment="java-1_5_0-ibm-alsa-32bit is <1.5.0_sr11.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58956 <object object_ref="oval:org.opensuse.security:obj:2009032708"/> 58957 <state state_ref="oval:org.opensuse.security:ste:2009038270"/> 58958 </rpminfo_test> 58959 <rpminfo_test id="oval:org.opensuse.security:tst:2009061145" version="1" comment="java-1_5_0-ibm-alsa is <1.5.0_sr11.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58960 <object object_ref="oval:org.opensuse.security:obj:2009032709"/> 58961 <state state_ref="oval:org.opensuse.security:ste:2009038270"/> 58962 </rpminfo_test> 58963 <rpminfo_test id="oval:org.opensuse.security:tst:2009061146" version="1" comment="java-1_5_0-ibm-demo is <1.5.0_sr11.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58964 <object object_ref="oval:org.opensuse.security:obj:2009032710"/> 58965 <state state_ref="oval:org.opensuse.security:ste:2009038270"/> 58966 </rpminfo_test> 58967 <rpminfo_test id="oval:org.opensuse.security:tst:2009061147" version="1" comment="java-1_5_0-ibm-devel-32bit is <1.5.0_sr11.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58968 <object object_ref="oval:org.opensuse.security:obj:2009032711"/> 58969 <state state_ref="oval:org.opensuse.security:ste:2009038270"/> 58970 </rpminfo_test> 58971 <rpminfo_test id="oval:org.opensuse.security:tst:2009061148" version="1" comment="java-1_5_0-ibm-devel is <1.5.0_sr11.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58972 <object object_ref="oval:org.opensuse.security:obj:2009032712"/> 58973 <state state_ref="oval:org.opensuse.security:ste:2009038270"/> 58974 </rpminfo_test> 58975 <rpminfo_test id="oval:org.opensuse.security:tst:2009061149" version="1" comment="java-1_5_0-ibm-fonts is <1.5.0_sr11.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58976 <object object_ref="oval:org.opensuse.security:obj:2009032773"/> 58977 <state state_ref="oval:org.opensuse.security:ste:2009038270"/> 58978 </rpminfo_test> 58979 <rpminfo_test id="oval:org.opensuse.security:tst:2009061150" version="1" comment="java-1_5_0-ibm-jdbc is <1.5.0_sr11.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58980 <object object_ref="oval:org.opensuse.security:obj:2009032713"/> 58981 <state state_ref="oval:org.opensuse.security:ste:2009038270"/> 58982 </rpminfo_test> 58983 <rpminfo_test id="oval:org.opensuse.security:tst:2009061151" version="1" comment="java-1_5_0-ibm-plugin is <1.5.0_sr11.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58984 <object object_ref="oval:org.opensuse.security:obj:2009032714"/> 58985 <state state_ref="oval:org.opensuse.security:ste:2009038270"/> 58986 </rpminfo_test> 58987 <rpminfo_test id="oval:org.opensuse.security:tst:2009061152" version="1" comment="java-1_5_0-ibm-src is <1.5.0_sr11.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58988 <object object_ref="oval:org.opensuse.security:obj:2009032715"/> 58989 <state state_ref="oval:org.opensuse.security:ste:2009038270"/> 58990 </rpminfo_test> 58991 <rpminfo_test id="oval:org.opensuse.security:tst:2009061153" version="1" comment="java-1_5_0-ibm is <1.5.0_sr11.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58992 <object object_ref="oval:org.opensuse.security:obj:2009032716"/> 58993 <state state_ref="oval:org.opensuse.security:ste:2009038270"/> 58994 </rpminfo_test> 58995 <rpminfo_test id="oval:org.opensuse.security:tst:2009070720" version="1" comment="java-1_5_0-ibm-32bit is <1.5.0_sr12.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 58996 <object object_ref="oval:org.opensuse.security:obj:2009032707"/> 58997 <state state_ref="oval:org.opensuse.security:ste:2009039974"/> 58998 </rpminfo_test> 58999 <rpminfo_test id="oval:org.opensuse.security:tst:2009070721" version="1" comment="java-1_5_0-ibm-alsa-32bit is <1.5.0_sr12.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59000 <object object_ref="oval:org.opensuse.security:obj:2009032708"/> 59001 <state state_ref="oval:org.opensuse.security:ste:2009039974"/> 59002 </rpminfo_test> 59003 <rpminfo_test id="oval:org.opensuse.security:tst:2009070722" version="1" comment="java-1_5_0-ibm-alsa is <1.5.0_sr12.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59004 <object object_ref="oval:org.opensuse.security:obj:2009032709"/> 59005 <state state_ref="oval:org.opensuse.security:ste:2009039974"/> 59006 </rpminfo_test> 59007 <rpminfo_test id="oval:org.opensuse.security:tst:2009070723" version="1" comment="java-1_5_0-ibm-demo is <1.5.0_sr12.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59008 <object object_ref="oval:org.opensuse.security:obj:2009032710"/> 59009 <state state_ref="oval:org.opensuse.security:ste:2009039974"/> 59010 </rpminfo_test> 59011 <rpminfo_test id="oval:org.opensuse.security:tst:2009070724" version="1" comment="java-1_5_0-ibm-devel-32bit is <1.5.0_sr12.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59012 <object object_ref="oval:org.opensuse.security:obj:2009032711"/> 59013 <state state_ref="oval:org.opensuse.security:ste:2009039974"/> 59014 </rpminfo_test> 59015 <rpminfo_test id="oval:org.opensuse.security:tst:2009070725" version="1" comment="java-1_5_0-ibm-devel is <1.5.0_sr12.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59016 <object object_ref="oval:org.opensuse.security:obj:2009032712"/> 59017 <state state_ref="oval:org.opensuse.security:ste:2009039974"/> 59018 </rpminfo_test> 59019 <rpminfo_test id="oval:org.opensuse.security:tst:2009070726" version="1" comment="java-1_5_0-ibm-fonts is <1.5.0_sr12.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59020 <object object_ref="oval:org.opensuse.security:obj:2009032773"/> 59021 <state state_ref="oval:org.opensuse.security:ste:2009039974"/> 59022 </rpminfo_test> 59023 <rpminfo_test id="oval:org.opensuse.security:tst:2009070727" version="1" comment="java-1_5_0-ibm-jdbc is <1.5.0_sr12.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59024 <object object_ref="oval:org.opensuse.security:obj:2009032713"/> 59025 <state state_ref="oval:org.opensuse.security:ste:2009039974"/> 59026 </rpminfo_test> 59027 <rpminfo_test id="oval:org.opensuse.security:tst:2009070728" version="1" comment="java-1_5_0-ibm-plugin is <1.5.0_sr12.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59028 <object object_ref="oval:org.opensuse.security:obj:2009032714"/> 59029 <state state_ref="oval:org.opensuse.security:ste:2009039974"/> 59030 </rpminfo_test> 59031 <rpminfo_test id="oval:org.opensuse.security:tst:2009070729" version="1" comment="java-1_5_0-ibm-src is <1.5.0_sr12.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59032 <object object_ref="oval:org.opensuse.security:obj:2009032715"/> 59033 <state state_ref="oval:org.opensuse.security:ste:2009039974"/> 59034 </rpminfo_test> 59035 <rpminfo_test id="oval:org.opensuse.security:tst:2009070730" version="1" comment="java-1_5_0-ibm is <1.5.0_sr12.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59036 <object object_ref="oval:org.opensuse.security:obj:2009032716"/> 59037 <state state_ref="oval:org.opensuse.security:ste:2009039974"/> 59038 </rpminfo_test> 59039 <rpminfo_test id="oval:org.opensuse.security:tst:2009059552" version="1" comment="mozilla-nss-32bit is <3.12.6-3.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59040 <object object_ref="oval:org.opensuse.security:obj:2009032437"/> 59041 <state state_ref="oval:org.opensuse.security:ste:2009038013"/> 59042 </rpminfo_test> 59043 <rpminfo_test id="oval:org.opensuse.security:tst:2009059553" version="1" comment="mozilla-nss-devel is <3.12.6-3.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59044 <object object_ref="oval:org.opensuse.security:obj:2009032439"/> 59045 <state state_ref="oval:org.opensuse.security:ste:2009038013"/> 59046 </rpminfo_test> 59047 <rpminfo_test id="oval:org.opensuse.security:tst:2009059554" version="1" comment="mozilla-nss-tools is <3.12.6-3.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59048 <object object_ref="oval:org.opensuse.security:obj:2009032444"/> 59049 <state state_ref="oval:org.opensuse.security:ste:2009038013"/> 59050 </rpminfo_test> 59051 <rpminfo_test id="oval:org.opensuse.security:tst:2009059555" version="1" comment="mozilla-nss is <3.12.6-3.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59052 <object object_ref="oval:org.opensuse.security:obj:2009032440"/> 59053 <state state_ref="oval:org.opensuse.security:ste:2009038013"/> 59054 </rpminfo_test> 59055 <rpminfo_test id="oval:org.opensuse.security:tst:2009059562" version="1" comment="mozilla-xulrunner190-32bit is <1.9.0.19-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59056 <object object_ref="oval:org.opensuse.security:obj:2009030968"/> 59057 <state state_ref="oval:org.opensuse.security:ste:2009038016"/> 59058 </rpminfo_test> 59059 <rpminfo_test id="oval:org.opensuse.security:tst:2009059563" version="1" comment="mozilla-xulrunner190-gnomevfs-32bit is <1.9.0.19-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59060 <object object_ref="oval:org.opensuse.security:obj:2009032851"/> 59061 <state state_ref="oval:org.opensuse.security:ste:2009038016"/> 59062 </rpminfo_test> 59063 <rpminfo_test id="oval:org.opensuse.security:tst:2009059564" version="1" comment="mozilla-xulrunner190-gnomevfs is <1.9.0.19-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59064 <object object_ref="oval:org.opensuse.security:obj:2009030969"/> 59065 <state state_ref="oval:org.opensuse.security:ste:2009038016"/> 59066 </rpminfo_test> 59067 <rpminfo_test id="oval:org.opensuse.security:tst:2009059565" version="1" comment="mozilla-xulrunner190-translations-32bit is <1.9.0.19-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59068 <object object_ref="oval:org.opensuse.security:obj:2009032853"/> 59069 <state state_ref="oval:org.opensuse.security:ste:2009038016"/> 59070 </rpminfo_test> 59071 <rpminfo_test id="oval:org.opensuse.security:tst:2009059566" version="1" comment="mozilla-xulrunner190-translations is <1.9.0.19-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59072 <object object_ref="oval:org.opensuse.security:obj:2009030970"/> 59073 <state state_ref="oval:org.opensuse.security:ste:2009038016"/> 59074 </rpminfo_test> 59075 <rpminfo_test id="oval:org.opensuse.security:tst:2009059567" version="1" comment="mozilla-xulrunner190 is <1.9.0.19-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59076 <object object_ref="oval:org.opensuse.security:obj:2009030972"/> 59077 <state state_ref="oval:org.opensuse.security:ste:2009038016"/> 59078 </rpminfo_test> 59079 <rpminfo_test id="oval:org.opensuse.security:tst:2009065651" version="1" comment="gnutls-32bit is <1.2.10-13.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59080 <object object_ref="oval:org.opensuse.security:obj:2009030605"/> 59081 <state state_ref="oval:org.opensuse.security:ste:2009038937"/> 59082 </rpminfo_test> 59083 <rpminfo_test id="oval:org.opensuse.security:tst:2009065652" version="1" comment="gnutls-devel-32bit is <1.2.10-13.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59084 <object object_ref="oval:org.opensuse.security:obj:2009030606"/> 59085 <state state_ref="oval:org.opensuse.security:ste:2009038937"/> 59086 </rpminfo_test> 59087 <rpminfo_test id="oval:org.opensuse.security:tst:2009065653" version="1" comment="gnutls-devel is <1.2.10-13.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59088 <object object_ref="oval:org.opensuse.security:obj:2009030523"/> 59089 <state state_ref="oval:org.opensuse.security:ste:2009038937"/> 59090 </rpminfo_test> 59091 <rpminfo_test id="oval:org.opensuse.security:tst:2009065654" version="1" comment="gnutls is <1.2.10-13.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59092 <object object_ref="oval:org.opensuse.security:obj:2009030524"/> 59093 <state state_ref="oval:org.opensuse.security:ste:2009038937"/> 59094 </rpminfo_test> 59095 <rpminfo_test id="oval:org.opensuse.security:tst:2009064403" version="1" comment="java-1_6_0-sun-32bit is <1.6.0.u22-1.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59096 <object object_ref="oval:org.opensuse.security:obj:2009033986"/> 59097 <state state_ref="oval:org.opensuse.security:ste:2009038730"/> 59098 </rpminfo_test> 59099 <rpminfo_test id="oval:org.opensuse.security:tst:2009064404" version="1" comment="java-1_6_0-sun-alsa is <1.6.0.u22-1.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59100 <object object_ref="oval:org.opensuse.security:obj:2009031443"/> 59101 <state state_ref="oval:org.opensuse.security:ste:2009038730"/> 59102 </rpminfo_test> 59103 <rpminfo_test id="oval:org.opensuse.security:tst:2009064405" version="1" comment="java-1_6_0-sun-demo is <1.6.0.u22-1.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59104 <object object_ref="oval:org.opensuse.security:obj:2009031444"/> 59105 <state state_ref="oval:org.opensuse.security:ste:2009038730"/> 59106 </rpminfo_test> 59107 <rpminfo_test id="oval:org.opensuse.security:tst:2009064406" version="1" comment="java-1_6_0-sun-jdbc is <1.6.0.u22-1.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59108 <object object_ref="oval:org.opensuse.security:obj:2009031446"/> 59109 <state state_ref="oval:org.opensuse.security:ste:2009038730"/> 59110 </rpminfo_test> 59111 <rpminfo_test id="oval:org.opensuse.security:tst:2009064407" version="1" comment="java-1_6_0-sun-plugin-32bit is <1.6.0.u22-1.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59112 <object object_ref="oval:org.opensuse.security:obj:2009033987"/> 59113 <state state_ref="oval:org.opensuse.security:ste:2009038730"/> 59114 </rpminfo_test> 59115 <rpminfo_test id="oval:org.opensuse.security:tst:2009064408" version="1" comment="java-1_6_0-sun-plugin is <1.6.0.u22-1.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59116 <object object_ref="oval:org.opensuse.security:obj:2009031447"/> 59117 <state state_ref="oval:org.opensuse.security:ste:2009038730"/> 59118 </rpminfo_test> 59119 <rpminfo_test id="oval:org.opensuse.security:tst:2009064409" version="1" comment="java-1_6_0-sun-src is <1.6.0.u22-1.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59120 <object object_ref="oval:org.opensuse.security:obj:2009031908"/> 59121 <state state_ref="oval:org.opensuse.security:ste:2009038730"/> 59122 </rpminfo_test> 59123 <rpminfo_test id="oval:org.opensuse.security:tst:2009064410" version="1" comment="java-1_6_0-sun is <1.6.0.u22-1.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59124 <object object_ref="oval:org.opensuse.security:obj:2009031448"/> 59125 <state state_ref="oval:org.opensuse.security:ste:2009038730"/> 59126 </rpminfo_test> 59127 <rpminfo_test id="oval:org.opensuse.security:tst:2009059570" version="1" comment="MozillaFirefox-translations is <3.5.9-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59128 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 59129 <state state_ref="oval:org.opensuse.security:ste:2009038017"/> 59130 </rpminfo_test> 59131 <rpminfo_test id="oval:org.opensuse.security:tst:2009059571" version="1" comment="MozillaFirefox is <3.5.9-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59132 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 59133 <state state_ref="oval:org.opensuse.security:ste:2009038017"/> 59134 </rpminfo_test> 59135 <rpminfo_test id="oval:org.opensuse.security:tst:2009059572" version="1" comment="mozilla-xulrunner191-32bit is <1.9.1.9-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59136 <object object_ref="oval:org.opensuse.security:obj:2009033425"/> 59137 <state state_ref="oval:org.opensuse.security:ste:2009038018"/> 59138 </rpminfo_test> 59139 <rpminfo_test id="oval:org.opensuse.security:tst:2009059573" version="1" comment="mozilla-xulrunner191-gnomevfs-32bit is <1.9.1.9-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59140 <object object_ref="oval:org.opensuse.security:obj:2009033431"/> 59141 <state state_ref="oval:org.opensuse.security:ste:2009038018"/> 59142 </rpminfo_test> 59143 <rpminfo_test id="oval:org.opensuse.security:tst:2009059574" version="1" comment="mozilla-xulrunner191-gnomevfs is <1.9.1.9-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59144 <object object_ref="oval:org.opensuse.security:obj:2009033426"/> 59145 <state state_ref="oval:org.opensuse.security:ste:2009038018"/> 59146 </rpminfo_test> 59147 <rpminfo_test id="oval:org.opensuse.security:tst:2009059575" version="1" comment="mozilla-xulrunner191-translations-32bit is <1.9.1.9-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59148 <object object_ref="oval:org.opensuse.security:obj:2009033433"/> 59149 <state state_ref="oval:org.opensuse.security:ste:2009038018"/> 59150 </rpminfo_test> 59151 <rpminfo_test id="oval:org.opensuse.security:tst:2009059576" version="1" comment="mozilla-xulrunner191-translations is <1.9.1.9-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59152 <object object_ref="oval:org.opensuse.security:obj:2009033427"/> 59153 <state state_ref="oval:org.opensuse.security:ste:2009038018"/> 59154 </rpminfo_test> 59155 <rpminfo_test id="oval:org.opensuse.security:tst:2009059577" version="1" comment="mozilla-xulrunner191 is <1.9.1.9-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59156 <object object_ref="oval:org.opensuse.security:obj:2009033429"/> 59157 <state state_ref="oval:org.opensuse.security:ste:2009038018"/> 59158 </rpminfo_test> 59159 <rpminfo_test id="oval:org.opensuse.security:tst:2009056263" version="1" comment="compat-openssl097g-32bit is <0.9.7g-13.19.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59160 <object object_ref="oval:org.opensuse.security:obj:2009031424"/> 59161 <state state_ref="oval:org.opensuse.security:ste:2009037354"/> 59162 </rpminfo_test> 59163 <rpminfo_test id="oval:org.opensuse.security:tst:2009056264" version="1" comment="compat-openssl097g is <0.9.7g-13.19.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59164 <object object_ref="oval:org.opensuse.security:obj:2009031426"/> 59165 <state state_ref="oval:org.opensuse.security:ste:2009037354"/> 59166 </rpminfo_test> 59167 <rpminfo_test id="oval:org.opensuse.security:tst:2009056267" version="1" comment="openssl-32bit is <0.9.8a-18.39.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59168 <object object_ref="oval:org.opensuse.security:obj:2009030634"/> 59169 <state state_ref="oval:org.opensuse.security:ste:2009037355"/> 59170 </rpminfo_test> 59171 <rpminfo_test id="oval:org.opensuse.security:tst:2009056268" version="1" comment="openssl-devel-32bit is <0.9.8a-18.39.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59172 <object object_ref="oval:org.opensuse.security:obj:2009030635"/> 59173 <state state_ref="oval:org.opensuse.security:ste:2009037355"/> 59174 </rpminfo_test> 59175 <rpminfo_test id="oval:org.opensuse.security:tst:2009056269" version="1" comment="openssl-devel is <0.9.8a-18.39.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59176 <object object_ref="oval:org.opensuse.security:obj:2009030587"/> 59177 <state state_ref="oval:org.opensuse.security:ste:2009037355"/> 59178 </rpminfo_test> 59179 <rpminfo_test id="oval:org.opensuse.security:tst:2009056270" version="1" comment="openssl is <0.9.8a-18.39.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59180 <object object_ref="oval:org.opensuse.security:obj:2009030588"/> 59181 <state state_ref="oval:org.opensuse.security:ste:2009037355"/> 59182 </rpminfo_test> 59183 <rpminfo_test id="oval:org.opensuse.security:tst:2009059203" version="1" comment="kernel-default is <2.6.16.60-0.60.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59184 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 59185 <state state_ref="oval:org.opensuse.security:ste:2009037944"/> 59186 </rpminfo_test> 59187 <rpminfo_test id="oval:org.opensuse.security:tst:2009059217" version="1" comment="kernel-smp is <2.6.16.60-0.60.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59188 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 59189 <state state_ref="oval:org.opensuse.security:ste:2009037944"/> 59190 </rpminfo_test> 59191 <rpminfo_test id="oval:org.opensuse.security:tst:2009059207" version="1" comment="kernel-source is <2.6.16.60-0.60.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59192 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 59193 <state state_ref="oval:org.opensuse.security:ste:2009037944"/> 59194 </rpminfo_test> 59195 <rpminfo_test id="oval:org.opensuse.security:tst:2009059208" version="1" comment="kernel-syms is <2.6.16.60-0.60.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59196 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 59197 <state state_ref="oval:org.opensuse.security:ste:2009037944"/> 59198 </rpminfo_test> 59199 <rpminfo_test id="oval:org.opensuse.security:tst:2009059218" version="1" comment="kernel-xen is <2.6.16.60-0.60.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59200 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 59201 <state state_ref="oval:org.opensuse.security:ste:2009037944"/> 59202 </rpminfo_test> 59203 <rpminfo_test id="oval:org.opensuse.security:tst:2009059220" version="1" comment="kernel-bigsmp is <2.6.16.60-0.60.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59204 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 59205 <state state_ref="oval:org.opensuse.security:ste:2009037944"/> 59206 </rpminfo_test> 59207 <rpminfo_test id="oval:org.opensuse.security:tst:2009059221" version="1" comment="kernel-xenpae is <2.6.16.60-0.60.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59208 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 59209 <state state_ref="oval:org.opensuse.security:ste:2009037944"/> 59210 </rpminfo_test> 59211 <rpminfo_test id="oval:org.opensuse.security:tst:2009056875" version="1" comment="pyxml is <0.8.4-17.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59212 <object object_ref="oval:org.opensuse.security:obj:2009033546"/> 59213 <state state_ref="oval:org.opensuse.security:ste:2009037532"/> 59214 </rpminfo_test> 59215 <rpminfo_test id="oval:org.opensuse.security:tst:2009057249" version="1" comment="expat-32bit is <2.0.0-13.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59216 <object object_ref="oval:org.opensuse.security:obj:2009033494"/> 59217 <state state_ref="oval:org.opensuse.security:ste:2009037614"/> 59218 </rpminfo_test> 59219 <rpminfo_test id="oval:org.opensuse.security:tst:2009057250" version="1" comment="expat is <2.0.0-13.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59220 <object object_ref="oval:org.opensuse.security:obj:2009033464"/> 59221 <state state_ref="oval:org.opensuse.security:ste:2009037614"/> 59222 </rpminfo_test> 59223 <rpminfo_test id="oval:org.opensuse.security:tst:2009056853" version="1" comment="expat-32bit is <2.0.0-13.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59224 <object object_ref="oval:org.opensuse.security:obj:2009033494"/> 59225 <state state_ref="oval:org.opensuse.security:ste:2009037526"/> 59226 </rpminfo_test> 59227 <rpminfo_test id="oval:org.opensuse.security:tst:2009056854" version="1" comment="expat is <2.0.0-13.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59228 <object object_ref="oval:org.opensuse.security:obj:2009033464"/> 59229 <state state_ref="oval:org.opensuse.security:ste:2009037526"/> 59230 </rpminfo_test> 59231 <rpminfo_test id="oval:org.opensuse.security:tst:2009056880" version="1" comment="xntp is <4.2.4p3-48.15.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59232 <object object_ref="oval:org.opensuse.security:obj:2009030870"/> 59233 <state state_ref="oval:org.opensuse.security:ste:2009037536"/> 59234 </rpminfo_test> 59235 <rpminfo_test id="oval:org.opensuse.security:tst:2009056063" version="1" comment="xpdf-tools is <3.01-21.23.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59236 <object object_ref="oval:org.opensuse.security:obj:2009031326"/> 59237 <state state_ref="oval:org.opensuse.security:ste:2009037319"/> 59238 </rpminfo_test> 59239 <rpminfo_test id="oval:org.opensuse.security:tst:2009056247" version="1" comment="kdegraphics3-pdf is <3.5.1-23.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59240 <object object_ref="oval:org.opensuse.security:obj:2009031453"/> 59241 <state state_ref="oval:org.opensuse.security:ste:2009037348"/> 59242 </rpminfo_test> 59243 <rpminfo_test id="oval:org.opensuse.security:tst:2009057081" version="1" comment="poppler-devel is <0.4.4-19.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59244 <object object_ref="oval:org.opensuse.security:obj:2009031306"/> 59245 <state state_ref="oval:org.opensuse.security:ste:2009037579"/> 59246 </rpminfo_test> 59247 <rpminfo_test id="oval:org.opensuse.security:tst:2009057082" version="1" comment="poppler-glib is <0.4.4-19.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59248 <object object_ref="oval:org.opensuse.security:obj:2009031308"/> 59249 <state state_ref="oval:org.opensuse.security:ste:2009037579"/> 59250 </rpminfo_test> 59251 <rpminfo_test id="oval:org.opensuse.security:tst:2009057083" version="1" comment="poppler-qt is <0.4.4-19.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59252 <object object_ref="oval:org.opensuse.security:obj:2009031310"/> 59253 <state state_ref="oval:org.opensuse.security:ste:2009037579"/> 59254 </rpminfo_test> 59255 <rpminfo_test id="oval:org.opensuse.security:tst:2009057084" version="1" comment="poppler is <0.4.4-19.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59256 <object object_ref="oval:org.opensuse.security:obj:2009031312"/> 59257 <state state_ref="oval:org.opensuse.security:ste:2009037579"/> 59258 </rpminfo_test> 59259 <rpminfo_test id="oval:org.opensuse.security:tst:2009056936" version="1" comment="cups-client is <1.1.23-40.59.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59260 <object object_ref="oval:org.opensuse.security:obj:2009030425"/> 59261 <state state_ref="oval:org.opensuse.security:ste:2009037553"/> 59262 </rpminfo_test> 59263 <rpminfo_test id="oval:org.opensuse.security:tst:2009056937" version="1" comment="cups-devel is <1.1.23-40.59.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59264 <object object_ref="oval:org.opensuse.security:obj:2009030426"/> 59265 <state state_ref="oval:org.opensuse.security:ste:2009037553"/> 59266 </rpminfo_test> 59267 <rpminfo_test id="oval:org.opensuse.security:tst:2009056938" version="1" comment="cups-libs-32bit is <1.1.23-40.59.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59268 <object object_ref="oval:org.opensuse.security:obj:2009030730"/> 59269 <state state_ref="oval:org.opensuse.security:ste:2009037553"/> 59270 </rpminfo_test> 59271 <rpminfo_test id="oval:org.opensuse.security:tst:2009056939" version="1" comment="cups-libs is <1.1.23-40.59.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59272 <object object_ref="oval:org.opensuse.security:obj:2009030427"/> 59273 <state state_ref="oval:org.opensuse.security:ste:2009037553"/> 59274 </rpminfo_test> 59275 <rpminfo_test id="oval:org.opensuse.security:tst:2009056940" version="1" comment="cups is <1.1.23-40.59.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59276 <object object_ref="oval:org.opensuse.security:obj:2009030428"/> 59277 <state state_ref="oval:org.opensuse.security:ste:2009037553"/> 59278 </rpminfo_test> 59279 <rpminfo_test id="oval:org.opensuse.security:tst:2009056805" version="1" comment="perl-HTML-Parser is <3.48-12.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59280 <object object_ref="oval:org.opensuse.security:obj:2009033545"/> 59281 <state state_ref="oval:org.opensuse.security:ste:2009037512"/> 59282 </rpminfo_test> 59283 <rpminfo_test id="oval:org.opensuse.security:tst:2009056341" version="1" comment="expat-32bit is <2.0.0-13.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59284 <object object_ref="oval:org.opensuse.security:obj:2009033494"/> 59285 <state state_ref="oval:org.opensuse.security:ste:2009037379"/> 59286 </rpminfo_test> 59287 <rpminfo_test id="oval:org.opensuse.security:tst:2009056342" version="1" comment="expat is <2.0.0-13.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59288 <object object_ref="oval:org.opensuse.security:obj:2009033464"/> 59289 <state state_ref="oval:org.opensuse.security:ste:2009037379"/> 59290 </rpminfo_test> 59291 <rpminfo_test id="oval:org.opensuse.security:tst:2009057125" version="1" comment="libtool-32bit is <1.5.22-13.16.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59292 <object object_ref="oval:org.opensuse.security:obj:2009032053"/> 59293 <state state_ref="oval:org.opensuse.security:ste:2009037585"/> 59294 </rpminfo_test> 59295 <rpminfo_test id="oval:org.opensuse.security:tst:2009057126" version="1" comment="libtool is <1.5.22-13.16.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59296 <object object_ref="oval:org.opensuse.security:obj:2009032054"/> 59297 <state state_ref="oval:org.opensuse.security:ste:2009037585"/> 59298 </rpminfo_test> 59299 <rpminfo_test id="oval:org.opensuse.security:tst:2009073813" version="1" comment="ghostscript-fonts-other is <8.15.4-16.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59300 <object object_ref="oval:org.opensuse.security:obj:2009030817"/> 59301 <state state_ref="oval:org.opensuse.security:ste:2009040450"/> 59302 </rpminfo_test> 59303 <rpminfo_test id="oval:org.opensuse.security:tst:2009073814" version="1" comment="ghostscript-fonts-std is <8.15.4-16.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59304 <object object_ref="oval:org.opensuse.security:obj:2009030819"/> 59305 <state state_ref="oval:org.opensuse.security:ste:2009040450"/> 59306 </rpminfo_test> 59307 <rpminfo_test id="oval:org.opensuse.security:tst:2009073815" version="1" comment="ghostscript-library is <8.15.4-16.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59308 <object object_ref="oval:org.opensuse.security:obj:2009030820"/> 59309 <state state_ref="oval:org.opensuse.security:ste:2009040450"/> 59310 </rpminfo_test> 59311 <rpminfo_test id="oval:org.opensuse.security:tst:2009073816" version="1" comment="ghostscript-x11 is <8.15.4-16.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59312 <object object_ref="oval:org.opensuse.security:obj:2009030822"/> 59313 <state state_ref="oval:org.opensuse.security:ste:2009040450"/> 59314 </rpminfo_test> 59315 <rpminfo_test id="oval:org.opensuse.security:tst:2009073817" version="1" comment="libgimpprint is <4.2.7-62.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59316 <object object_ref="oval:org.opensuse.security:obj:2009030824"/> 59317 <state state_ref="oval:org.opensuse.security:ste:2009040451"/> 59318 </rpminfo_test> 59319 <rpminfo_test id="oval:org.opensuse.security:tst:2009057177" version="1" comment="flash-player is <9.0.260.0-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59320 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 59321 <state state_ref="oval:org.opensuse.security:ste:2009037595"/> 59322 </rpminfo_test> 59323 <rpminfo_test id="oval:org.opensuse.security:tst:2009057624" version="1" comment="acroread_ja is <9.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59324 <object object_ref="oval:org.opensuse.security:obj:2009032700"/> 59325 <state state_ref="oval:org.opensuse.security:ste:2009037679"/> 59326 </rpminfo_test> 59327 <rpminfo_test id="oval:org.opensuse.security:tst:2009057625" version="1" comment="acroread is <9.3-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59328 <object object_ref="oval:org.opensuse.security:obj:2009030440"/> 59329 <state state_ref="oval:org.opensuse.security:ste:2009037680"/> 59330 </rpminfo_test> 59331 <rpminfo_test id="oval:org.opensuse.security:tst:2009056353" version="1" comment="MozillaFirefox-translations is <3.5.5-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59332 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 59333 <state state_ref="oval:org.opensuse.security:ste:2009037382"/> 59334 </rpminfo_test> 59335 <rpminfo_test id="oval:org.opensuse.security:tst:2009056354" version="1" comment="MozillaFirefox is <3.5.5-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59336 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 59337 <state state_ref="oval:org.opensuse.security:ste:2009037382"/> 59338 </rpminfo_test> 59339 <rpminfo_test id="oval:org.opensuse.security:tst:2009056355" version="1" comment="mozilla-xulrunner191-32bit is <1.9.1.5-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59340 <object object_ref="oval:org.opensuse.security:obj:2009033425"/> 59341 <state state_ref="oval:org.opensuse.security:ste:2009037383"/> 59342 </rpminfo_test> 59343 <rpminfo_test id="oval:org.opensuse.security:tst:2009056356" version="1" comment="mozilla-xulrunner191-gnomevfs-32bit is <1.9.1.5-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59344 <object object_ref="oval:org.opensuse.security:obj:2009033431"/> 59345 <state state_ref="oval:org.opensuse.security:ste:2009037383"/> 59346 </rpminfo_test> 59347 <rpminfo_test id="oval:org.opensuse.security:tst:2009056357" version="1" comment="mozilla-xulrunner191-gnomevfs is <1.9.1.5-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59348 <object object_ref="oval:org.opensuse.security:obj:2009033426"/> 59349 <state state_ref="oval:org.opensuse.security:ste:2009037383"/> 59350 </rpminfo_test> 59351 <rpminfo_test id="oval:org.opensuse.security:tst:2009056358" version="1" comment="mozilla-xulrunner191-translations-32bit is <1.9.1.5-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59352 <object object_ref="oval:org.opensuse.security:obj:2009033433"/> 59353 <state state_ref="oval:org.opensuse.security:ste:2009037383"/> 59354 </rpminfo_test> 59355 <rpminfo_test id="oval:org.opensuse.security:tst:2009056359" version="1" comment="mozilla-xulrunner191-translations is <1.9.1.5-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59356 <object object_ref="oval:org.opensuse.security:obj:2009033427"/> 59357 <state state_ref="oval:org.opensuse.security:ste:2009037383"/> 59358 </rpminfo_test> 59359 <rpminfo_test id="oval:org.opensuse.security:tst:2009056360" version="1" comment="mozilla-xulrunner191 is <1.9.1.5-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59360 <object object_ref="oval:org.opensuse.security:obj:2009033429"/> 59361 <state state_ref="oval:org.opensuse.security:ste:2009037383"/> 59362 </rpminfo_test> 59363 <rpminfo_test id="oval:org.opensuse.security:tst:2009056945" version="1" comment="mozilla-xulrunner190-32bit is <1.9.0.16-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59364 <object object_ref="oval:org.opensuse.security:obj:2009030968"/> 59365 <state state_ref="oval:org.opensuse.security:ste:2009037556"/> 59366 </rpminfo_test> 59367 <rpminfo_test id="oval:org.opensuse.security:tst:2009056946" version="1" comment="mozilla-xulrunner190-gnomevfs-32bit is <1.9.0.16-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59368 <object object_ref="oval:org.opensuse.security:obj:2009032851"/> 59369 <state state_ref="oval:org.opensuse.security:ste:2009037556"/> 59370 </rpminfo_test> 59371 <rpminfo_test id="oval:org.opensuse.security:tst:2009056947" version="1" comment="mozilla-xulrunner190-gnomevfs is <1.9.0.16-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59372 <object object_ref="oval:org.opensuse.security:obj:2009030969"/> 59373 <state state_ref="oval:org.opensuse.security:ste:2009037556"/> 59374 </rpminfo_test> 59375 <rpminfo_test id="oval:org.opensuse.security:tst:2009056948" version="1" comment="mozilla-xulrunner190-translations-32bit is <1.9.0.16-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59376 <object object_ref="oval:org.opensuse.security:obj:2009032853"/> 59377 <state state_ref="oval:org.opensuse.security:ste:2009037556"/> 59378 </rpminfo_test> 59379 <rpminfo_test id="oval:org.opensuse.security:tst:2009056949" version="1" comment="mozilla-xulrunner190-translations is <1.9.0.16-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59380 <object object_ref="oval:org.opensuse.security:obj:2009030970"/> 59381 <state state_ref="oval:org.opensuse.security:ste:2009037556"/> 59382 </rpminfo_test> 59383 <rpminfo_test id="oval:org.opensuse.security:tst:2009056950" version="1" comment="mozilla-xulrunner190 is <1.9.0.16-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59384 <object object_ref="oval:org.opensuse.security:obj:2009030972"/> 59385 <state state_ref="oval:org.opensuse.security:ste:2009037556"/> 59386 </rpminfo_test> 59387 <rpminfo_test id="oval:org.opensuse.security:tst:2009060140" version="1" comment="libmikmod-32bit is <3.1.11-14.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59388 <object object_ref="oval:org.opensuse.security:obj:2009030815"/> 59389 <state state_ref="oval:org.opensuse.security:ste:2009038112"/> 59390 </rpminfo_test> 59391 <rpminfo_test id="oval:org.opensuse.security:tst:2009060141" version="1" comment="libmikmod is <3.1.11-14.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59392 <object object_ref="oval:org.opensuse.security:obj:2009030816"/> 59393 <state state_ref="oval:org.opensuse.security:ste:2009038112"/> 59394 </rpminfo_test> 59395 <rpminfo_test id="oval:org.opensuse.security:tst:2009057312" version="1" comment="postgresql-devel is <8.1.19-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59396 <object object_ref="oval:org.opensuse.security:obj:2009030469"/> 59397 <state state_ref="oval:org.opensuse.security:ste:2009037628"/> 59398 </rpminfo_test> 59399 <rpminfo_test id="oval:org.opensuse.security:tst:2009057313" version="1" comment="postgresql-libs-32bit is <8.1.19-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59400 <object object_ref="oval:org.opensuse.security:obj:2009030626"/> 59401 <state state_ref="oval:org.opensuse.security:ste:2009037628"/> 59402 </rpminfo_test> 59403 <rpminfo_test id="oval:org.opensuse.security:tst:2009057314" version="1" comment="postgresql-libs is <8.1.19-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59404 <object object_ref="oval:org.opensuse.security:obj:2009030471"/> 59405 <state state_ref="oval:org.opensuse.security:ste:2009037628"/> 59406 </rpminfo_test> 59407 <rpminfo_test id="oval:org.opensuse.security:tst:2009071616" version="1" comment="kernel-bigsmp is <2.6.16.60-0.91.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59408 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 59409 <state state_ref="oval:org.opensuse.security:ste:2009040086"/> 59410 </rpminfo_test> 59411 <rpminfo_test id="oval:org.opensuse.security:tst:2009071613" version="1" comment="kernel-default is <2.6.16.60-0.91.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59412 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 59413 <state state_ref="oval:org.opensuse.security:ste:2009040086"/> 59414 </rpminfo_test> 59415 <rpminfo_test id="oval:org.opensuse.security:tst:2009071617" version="1" comment="kernel-smp is <2.6.16.60-0.91.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59416 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 59417 <state state_ref="oval:org.opensuse.security:ste:2009040086"/> 59418 </rpminfo_test> 59419 <rpminfo_test id="oval:org.opensuse.security:tst:2009071614" version="1" comment="kernel-source is <2.6.16.60-0.91.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59420 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 59421 <state state_ref="oval:org.opensuse.security:ste:2009040086"/> 59422 </rpminfo_test> 59423 <rpminfo_test id="oval:org.opensuse.security:tst:2009071615" version="1" comment="kernel-syms is <2.6.16.60-0.91.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59424 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 59425 <state state_ref="oval:org.opensuse.security:ste:2009040086"/> 59426 </rpminfo_test> 59427 <rpminfo_test id="oval:org.opensuse.security:tst:2009071618" version="1" comment="kernel-xen is <2.6.16.60-0.91.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59428 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 59429 <state state_ref="oval:org.opensuse.security:ste:2009040086"/> 59430 </rpminfo_test> 59431 <rpminfo_test id="oval:org.opensuse.security:tst:2009071619" version="1" comment="kernel-xenpae is <2.6.16.60-0.91.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59432 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 59433 <state state_ref="oval:org.opensuse.security:ste:2009040086"/> 59434 </rpminfo_test> 59435 <rpminfo_test id="oval:org.opensuse.security:tst:2009065575" version="1" comment="python-32bit is <2.4.2-18.32.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59436 <object object_ref="oval:org.opensuse.security:obj:2009030554"/> 59437 <state state_ref="oval:org.opensuse.security:ste:2009038921"/> 59438 </rpminfo_test> 59439 <rpminfo_test id="oval:org.opensuse.security:tst:2009065576" version="1" comment="python-curses is <2.4.2-18.32.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59440 <object object_ref="oval:org.opensuse.security:obj:2009030555"/> 59441 <state state_ref="oval:org.opensuse.security:ste:2009038921"/> 59442 </rpminfo_test> 59443 <rpminfo_test id="oval:org.opensuse.security:tst:2009065577" version="1" comment="python-devel is <2.4.2-18.32.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59444 <object object_ref="oval:org.opensuse.security:obj:2009030557"/> 59445 <state state_ref="oval:org.opensuse.security:ste:2009038921"/> 59446 </rpminfo_test> 59447 <rpminfo_test id="oval:org.opensuse.security:tst:2009065578" version="1" comment="python-gdbm is <2.4.2-18.32.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59448 <object object_ref="oval:org.opensuse.security:obj:2009030560"/> 59449 <state state_ref="oval:org.opensuse.security:ste:2009038921"/> 59450 </rpminfo_test> 59451 <rpminfo_test id="oval:org.opensuse.security:tst:2009065579" version="1" comment="python-tk is <2.4.2-18.32.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59452 <object object_ref="oval:org.opensuse.security:obj:2009030563"/> 59453 <state state_ref="oval:org.opensuse.security:ste:2009038921"/> 59454 </rpminfo_test> 59455 <rpminfo_test id="oval:org.opensuse.security:tst:2009065580" version="1" comment="python-xml is <2.4.2-18.32.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59456 <object object_ref="oval:org.opensuse.security:obj:2009030564"/> 59457 <state state_ref="oval:org.opensuse.security:ste:2009038921"/> 59458 </rpminfo_test> 59459 <rpminfo_test id="oval:org.opensuse.security:tst:2009065581" version="1" comment="python is <2.4.2-18.32.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59460 <object object_ref="oval:org.opensuse.security:obj:2009030463"/> 59461 <state state_ref="oval:org.opensuse.security:ste:2009038921"/> 59462 </rpminfo_test> 59463 <rpminfo_test id="oval:org.opensuse.security:tst:2009057391" version="1" comment="krb5-32bit is <1.4.3-19.44.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59464 <object object_ref="oval:org.opensuse.security:obj:2009031038"/> 59465 <state state_ref="oval:org.opensuse.security:ste:2009037638"/> 59466 </rpminfo_test> 59467 <rpminfo_test id="oval:org.opensuse.security:tst:2009057392" version="1" comment="krb5-client is <1.4.3-19.44.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59468 <object object_ref="oval:org.opensuse.security:obj:2009031041"/> 59469 <state state_ref="oval:org.opensuse.security:ste:2009037638"/> 59470 </rpminfo_test> 59471 <rpminfo_test id="oval:org.opensuse.security:tst:2009057393" version="1" comment="krb5-devel-32bit is <1.4.3-19.44.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59472 <object object_ref="oval:org.opensuse.security:obj:2009031476"/> 59473 <state state_ref="oval:org.opensuse.security:ste:2009037638"/> 59474 </rpminfo_test> 59475 <rpminfo_test id="oval:org.opensuse.security:tst:2009057394" version="1" comment="krb5-devel is <1.4.3-19.44.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59476 <object object_ref="oval:org.opensuse.security:obj:2009031478"/> 59477 <state state_ref="oval:org.opensuse.security:ste:2009037638"/> 59478 </rpminfo_test> 59479 <rpminfo_test id="oval:org.opensuse.security:tst:2009057395" version="1" comment="krb5 is <1.4.3-19.44.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59480 <object object_ref="oval:org.opensuse.security:obj:2009031044"/> 59481 <state state_ref="oval:org.opensuse.security:ste:2009037638"/> 59482 </rpminfo_test> 59483 <rpminfo_test id="oval:org.opensuse.security:tst:2009062183" version="1" comment="gst-fluendo-mp3 is <2-108.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59484 <object object_ref="oval:org.opensuse.security:obj:2009033881"/> 59485 <state state_ref="oval:org.opensuse.security:ste:2009038426"/> 59486 </rpminfo_test> 59487 <rpminfo_test id="oval:org.opensuse.security:tst:2009062184" version="1" comment="helix-banshee-devel is <0.13.2-1.16.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59488 <object object_ref="oval:org.opensuse.security:obj:2009033882"/> 59489 <state state_ref="oval:org.opensuse.security:ste:2009038427"/> 59490 </rpminfo_test> 59491 <rpminfo_test id="oval:org.opensuse.security:tst:2009062185" version="1" comment="helix-banshee-engine-gst is <0.13.2-1.16.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59492 <object object_ref="oval:org.opensuse.security:obj:2009033883"/> 59493 <state state_ref="oval:org.opensuse.security:ste:2009038427"/> 59494 </rpminfo_test> 59495 <rpminfo_test id="oval:org.opensuse.security:tst:2009062186" version="1" comment="helix-banshee-plugins-default is <0.13.2-1.16.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59496 <object object_ref="oval:org.opensuse.security:obj:2009033884"/> 59497 <state state_ref="oval:org.opensuse.security:ste:2009038427"/> 59498 </rpminfo_test> 59499 <rpminfo_test id="oval:org.opensuse.security:tst:2009062187" version="1" comment="helix-banshee-plugins-extra is <0.13.2-1.16.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59500 <object object_ref="oval:org.opensuse.security:obj:2009033885"/> 59501 <state state_ref="oval:org.opensuse.security:ste:2009038427"/> 59502 </rpminfo_test> 59503 <rpminfo_test id="oval:org.opensuse.security:tst:2009062188" version="1" comment="helix-banshee is <0.13.2-1.16.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59504 <object object_ref="oval:org.opensuse.security:obj:2009033886"/> 59505 <state state_ref="oval:org.opensuse.security:ste:2009038427"/> 59506 </rpminfo_test> 59507 <rpminfo_test id="oval:org.opensuse.security:tst:2009058595" version="1" comment="libnetpbm-32bit is <1.0.0-657.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59508 <object object_ref="oval:org.opensuse.security:obj:2009032770"/> 59509 <state state_ref="oval:org.opensuse.security:ste:2009037836"/> 59510 </rpminfo_test> 59511 <rpminfo_test id="oval:org.opensuse.security:tst:2009058596" version="1" comment="libnetpbm is <1.0.0-657.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59512 <object object_ref="oval:org.opensuse.security:obj:2009030552"/> 59513 <state state_ref="oval:org.opensuse.security:ste:2009037836"/> 59514 </rpminfo_test> 59515 <rpminfo_test id="oval:org.opensuse.security:tst:2009058597" version="1" comment="netpbm is <10.26.22-14.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59516 <object object_ref="oval:org.opensuse.security:obj:2009030553"/> 59517 <state state_ref="oval:org.opensuse.security:ste:2009037837"/> 59518 </rpminfo_test> 59519 <rpminfo_test id="oval:org.opensuse.security:tst:2009057482" version="1" comment="openssl-32bit is <0.9.8a-18.40.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59520 <object object_ref="oval:org.opensuse.security:obj:2009030634"/> 59521 <state state_ref="oval:org.opensuse.security:ste:2009037656"/> 59522 </rpminfo_test> 59523 <rpminfo_test id="oval:org.opensuse.security:tst:2009057483" version="1" comment="openssl-devel-32bit is <0.9.8a-18.40.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59524 <object object_ref="oval:org.opensuse.security:obj:2009030635"/> 59525 <state state_ref="oval:org.opensuse.security:ste:2009037656"/> 59526 </rpminfo_test> 59527 <rpminfo_test id="oval:org.opensuse.security:tst:2009057484" version="1" comment="openssl-devel is <0.9.8a-18.40.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59528 <object object_ref="oval:org.opensuse.security:obj:2009030587"/> 59529 <state state_ref="oval:org.opensuse.security:ste:2009037656"/> 59530 </rpminfo_test> 59531 <rpminfo_test id="oval:org.opensuse.security:tst:2009057485" version="1" comment="openssl is <0.9.8a-18.40.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59532 <object object_ref="oval:org.opensuse.security:obj:2009030588"/> 59533 <state state_ref="oval:org.opensuse.security:ste:2009037656"/> 59534 </rpminfo_test> 59535 <rpminfo_test id="oval:org.opensuse.security:tst:2009057413" version="1" comment="kernel-bigsmp is <2.6.16.60-0.59.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59536 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 59537 <state state_ref="oval:org.opensuse.security:ste:2009037642"/> 59538 </rpminfo_test> 59539 <rpminfo_test id="oval:org.opensuse.security:tst:2009057414" version="1" comment="kernel-default is <2.6.16.60-0.59.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59540 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 59541 <state state_ref="oval:org.opensuse.security:ste:2009037642"/> 59542 </rpminfo_test> 59543 <rpminfo_test id="oval:org.opensuse.security:tst:2009057415" version="1" comment="kernel-smp is <2.6.16.60-0.59.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59544 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 59545 <state state_ref="oval:org.opensuse.security:ste:2009037642"/> 59546 </rpminfo_test> 59547 <rpminfo_test id="oval:org.opensuse.security:tst:2009057416" version="1" comment="kernel-source is <2.6.16.60-0.59.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59548 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 59549 <state state_ref="oval:org.opensuse.security:ste:2009037642"/> 59550 </rpminfo_test> 59551 <rpminfo_test id="oval:org.opensuse.security:tst:2009057417" version="1" comment="kernel-syms is <2.6.16.60-0.59.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59552 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 59553 <state state_ref="oval:org.opensuse.security:ste:2009037642"/> 59554 </rpminfo_test> 59555 <rpminfo_test id="oval:org.opensuse.security:tst:2009057418" version="1" comment="kernel-xen is <2.6.16.60-0.59.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59556 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 59557 <state state_ref="oval:org.opensuse.security:ste:2009037642"/> 59558 </rpminfo_test> 59559 <rpminfo_test id="oval:org.opensuse.security:tst:2009057419" version="1" comment="kernel-xenpae is <2.6.16.60-0.59.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59560 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 59561 <state state_ref="oval:org.opensuse.security:ste:2009037642"/> 59562 </rpminfo_test> 59563 <rpminfo_test id="oval:org.opensuse.security:tst:2009059929" version="1" comment="kernel-default is <2.6.16.60-0.62.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59564 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 59565 <state state_ref="oval:org.opensuse.security:ste:2009038069"/> 59566 </rpminfo_test> 59567 <rpminfo_test id="oval:org.opensuse.security:tst:2009059930" version="1" comment="kernel-smp is <2.6.16.60-0.62.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59568 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 59569 <state state_ref="oval:org.opensuse.security:ste:2009038069"/> 59570 </rpminfo_test> 59571 <rpminfo_test id="oval:org.opensuse.security:tst:2009059931" version="1" comment="kernel-source is <2.6.16.60-0.62.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59572 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 59573 <state state_ref="oval:org.opensuse.security:ste:2009038069"/> 59574 </rpminfo_test> 59575 <rpminfo_test id="oval:org.opensuse.security:tst:2009059932" version="1" comment="kernel-syms is <2.6.16.60-0.62.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59576 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 59577 <state state_ref="oval:org.opensuse.security:ste:2009038069"/> 59578 </rpminfo_test> 59579 <rpminfo_test id="oval:org.opensuse.security:tst:2009059933" version="1" comment="kernel-xen is <2.6.16.60-0.62.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59580 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 59581 <state state_ref="oval:org.opensuse.security:ste:2009038069"/> 59582 </rpminfo_test> 59583 <rpminfo_test id="oval:org.opensuse.security:tst:2009058483" version="1" comment="sendmail is <8.13.6-9.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59584 <object object_ref="oval:org.opensuse.security:obj:2009031187"/> 59585 <state state_ref="oval:org.opensuse.security:ste:2009037808"/> 59586 </rpminfo_test> 59587 <rpminfo_test id="oval:org.opensuse.security:tst:2009069638" version="1" comment="libsndfile-32bit is <1.0.12-13.13.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59588 <object object_ref="oval:org.opensuse.security:obj:2009030977"/> 59589 <state state_ref="oval:org.opensuse.security:ste:2009039768"/> 59590 </rpminfo_test> 59591 <rpminfo_test id="oval:org.opensuse.security:tst:2009069639" version="1" comment="libsndfile-devel is <1.0.12-13.13.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59592 <object object_ref="oval:org.opensuse.security:obj:2009031882"/> 59593 <state state_ref="oval:org.opensuse.security:ste:2009039768"/> 59594 </rpminfo_test> 59595 <rpminfo_test id="oval:org.opensuse.security:tst:2009069640" version="1" comment="libsndfile is <1.0.12-13.13.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59596 <object object_ref="oval:org.opensuse.security:obj:2009030979"/> 59597 <state state_ref="oval:org.opensuse.security:ste:2009039768"/> 59598 </rpminfo_test> 59599 <rpminfo_test id="oval:org.opensuse.security:tst:2009072376" version="1" comment="glibc-32bit is <2.4-31.97.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59600 <object object_ref="oval:org.opensuse.security:obj:2009031922"/> 59601 <state state_ref="oval:org.opensuse.security:ste:2009040231"/> 59602 </rpminfo_test> 59603 <rpminfo_test id="oval:org.opensuse.security:tst:2009072377" version="1" comment="glibc-devel-32bit is <2.4-31.97.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59604 <object object_ref="oval:org.opensuse.security:obj:2009031923"/> 59605 <state state_ref="oval:org.opensuse.security:ste:2009040231"/> 59606 </rpminfo_test> 59607 <rpminfo_test id="oval:org.opensuse.security:tst:2009072378" version="1" comment="glibc-devel is <2.4-31.97.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59608 <object object_ref="oval:org.opensuse.security:obj:2009031924"/> 59609 <state state_ref="oval:org.opensuse.security:ste:2009040231"/> 59610 </rpminfo_test> 59611 <rpminfo_test id="oval:org.opensuse.security:tst:2009072379" version="1" comment="glibc-html is <2.4-31.97.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59612 <object object_ref="oval:org.opensuse.security:obj:2009032391"/> 59613 <state state_ref="oval:org.opensuse.security:ste:2009040231"/> 59614 </rpminfo_test> 59615 <rpminfo_test id="oval:org.opensuse.security:tst:2009072380" version="1" comment="glibc-i18ndata is <2.4-31.97.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59616 <object object_ref="oval:org.opensuse.security:obj:2009032392"/> 59617 <state state_ref="oval:org.opensuse.security:ste:2009040231"/> 59618 </rpminfo_test> 59619 <rpminfo_test id="oval:org.opensuse.security:tst:2009072381" version="1" comment="glibc-info is <2.4-31.97.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59620 <object object_ref="oval:org.opensuse.security:obj:2009032393"/> 59621 <state state_ref="oval:org.opensuse.security:ste:2009040231"/> 59622 </rpminfo_test> 59623 <rpminfo_test id="oval:org.opensuse.security:tst:2009072382" version="1" comment="glibc-locale-32bit is <2.4-31.97.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59624 <object object_ref="oval:org.opensuse.security:obj:2009030531"/> 59625 <state state_ref="oval:org.opensuse.security:ste:2009040231"/> 59626 </rpminfo_test> 59627 <rpminfo_test id="oval:org.opensuse.security:tst:2009072383" version="1" comment="glibc-locale is <2.4-31.97.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59628 <object object_ref="oval:org.opensuse.security:obj:2009031925"/> 59629 <state state_ref="oval:org.opensuse.security:ste:2009040231"/> 59630 </rpminfo_test> 59631 <rpminfo_test id="oval:org.opensuse.security:tst:2009072384" version="1" comment="glibc is <2.4-31.97.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59632 <object object_ref="oval:org.opensuse.security:obj:2009031926"/> 59633 <state state_ref="oval:org.opensuse.security:ste:2009040231"/> 59634 </rpminfo_test> 59635 <rpminfo_test id="oval:org.opensuse.security:tst:2009072385" version="1" comment="nscd is <2.4-31.97.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59636 <object object_ref="oval:org.opensuse.security:obj:2009032399"/> 59637 <state state_ref="oval:org.opensuse.security:ste:2009040231"/> 59638 </rpminfo_test> 59639 <rpminfo_test id="oval:org.opensuse.security:tst:2009057497" version="1" comment="gzip is <1.3.5-159.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59640 <object object_ref="oval:org.opensuse.security:obj:2009030647"/> 59641 <state state_ref="oval:org.opensuse.security:ste:2009037658"/> 59642 </rpminfo_test> 59643 <rpminfo_test id="oval:org.opensuse.security:tst:2009068511" version="1" comment="kernel-default is <2.6.16.60-0.87.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59644 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 59645 <state state_ref="oval:org.opensuse.security:ste:2009039567"/> 59646 </rpminfo_test> 59647 <rpminfo_test id="oval:org.opensuse.security:tst:2009070732" version="1" comment="kernel-smp is <2.6.16.60-0.87.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59648 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 59649 <state state_ref="oval:org.opensuse.security:ste:2009039567"/> 59650 </rpminfo_test> 59651 <rpminfo_test id="oval:org.opensuse.security:tst:2009068512" version="1" comment="kernel-source is <2.6.16.60-0.87.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59652 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 59653 <state state_ref="oval:org.opensuse.security:ste:2009039567"/> 59654 </rpminfo_test> 59655 <rpminfo_test id="oval:org.opensuse.security:tst:2009068513" version="1" comment="kernel-syms is <2.6.16.60-0.87.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59656 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 59657 <state state_ref="oval:org.opensuse.security:ste:2009039567"/> 59658 </rpminfo_test> 59659 <rpminfo_test id="oval:org.opensuse.security:tst:2009070733" version="1" comment="kernel-xen is <2.6.16.60-0.87.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59660 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 59661 <state state_ref="oval:org.opensuse.security:ste:2009039567"/> 59662 </rpminfo_test> 59663 <rpminfo_test id="oval:org.opensuse.security:tst:2009070734" version="1" comment="kernel-bigsmp is <2.6.16.60-0.87.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59664 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 59665 <state state_ref="oval:org.opensuse.security:ste:2009039567"/> 59666 </rpminfo_test> 59667 <rpminfo_test id="oval:org.opensuse.security:tst:2009070735" version="1" comment="kernel-xenpae is <2.6.16.60-0.87.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59668 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 59669 <state state_ref="oval:org.opensuse.security:ste:2009039567"/> 59670 </rpminfo_test> 59671 <rpminfo_test id="oval:org.opensuse.security:tst:2009058526" version="1" comment="finch is <2.6.6-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59672 <object object_ref="oval:org.opensuse.security:obj:2009031748"/> 59673 <state state_ref="oval:org.opensuse.security:ste:2009037818"/> 59674 </rpminfo_test> 59675 <rpminfo_test id="oval:org.opensuse.security:tst:2009058527" version="1" comment="libpurple is <2.6.6-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59676 <object object_ref="oval:org.opensuse.security:obj:2009031423"/> 59677 <state state_ref="oval:org.opensuse.security:ste:2009037818"/> 59678 </rpminfo_test> 59679 <rpminfo_test id="oval:org.opensuse.security:tst:2009058528" version="1" comment="pidgin is <2.6.6-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59680 <object object_ref="oval:org.opensuse.security:obj:2009031752"/> 59681 <state state_ref="oval:org.opensuse.security:ste:2009037818"/> 59682 </rpminfo_test> 59683 <rpminfo_test id="oval:org.opensuse.security:tst:2009059973" version="1" comment="clamav is <0.96-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59684 <object object_ref="oval:org.opensuse.security:obj:2009030961"/> 59685 <state state_ref="oval:org.opensuse.security:ste:2009038079"/> 59686 </rpminfo_test> 59687 <rpminfo_test id="oval:org.opensuse.security:tst:2009065407" version="1" comment="MozillaFirefox-translations is <3.5.16-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59688 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 59689 <state state_ref="oval:org.opensuse.security:ste:2009038883"/> 59690 </rpminfo_test> 59691 <rpminfo_test id="oval:org.opensuse.security:tst:2009065408" version="1" comment="MozillaFirefox is <3.5.16-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59692 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 59693 <state state_ref="oval:org.opensuse.security:ste:2009038883"/> 59694 </rpminfo_test> 59695 <rpminfo_test id="oval:org.opensuse.security:tst:2009065409" version="1" comment="mozilla-xulrunner191-32bit is <1.9.1.16-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59696 <object object_ref="oval:org.opensuse.security:obj:2009033425"/> 59697 <state state_ref="oval:org.opensuse.security:ste:2009038884"/> 59698 </rpminfo_test> 59699 <rpminfo_test id="oval:org.opensuse.security:tst:2009065410" version="1" comment="mozilla-xulrunner191-gnomevfs-32bit is <1.9.1.16-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59700 <object object_ref="oval:org.opensuse.security:obj:2009033431"/> 59701 <state state_ref="oval:org.opensuse.security:ste:2009038884"/> 59702 </rpminfo_test> 59703 <rpminfo_test id="oval:org.opensuse.security:tst:2009065411" version="1" comment="mozilla-xulrunner191-gnomevfs is <1.9.1.16-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59704 <object object_ref="oval:org.opensuse.security:obj:2009033426"/> 59705 <state state_ref="oval:org.opensuse.security:ste:2009038884"/> 59706 </rpminfo_test> 59707 <rpminfo_test id="oval:org.opensuse.security:tst:2009065412" version="1" comment="mozilla-xulrunner191-translations-32bit is <1.9.1.16-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59708 <object object_ref="oval:org.opensuse.security:obj:2009033433"/> 59709 <state state_ref="oval:org.opensuse.security:ste:2009038884"/> 59710 </rpminfo_test> 59711 <rpminfo_test id="oval:org.opensuse.security:tst:2009065413" version="1" comment="mozilla-xulrunner191-translations is <1.9.1.16-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59712 <object object_ref="oval:org.opensuse.security:obj:2009033427"/> 59713 <state state_ref="oval:org.opensuse.security:ste:2009038884"/> 59714 </rpminfo_test> 59715 <rpminfo_test id="oval:org.opensuse.security:tst:2009065414" version="1" comment="mozilla-xulrunner191 is <1.9.1.16-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59716 <object object_ref="oval:org.opensuse.security:obj:2009033429"/> 59717 <state state_ref="oval:org.opensuse.security:ste:2009038884"/> 59718 </rpminfo_test> 59719 <rpminfo_test id="oval:org.opensuse.security:tst:2009058571" version="1" comment="acroread-cmaps is <9.3.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59720 <object object_ref="oval:org.opensuse.security:obj:2009033636"/> 59721 <state state_ref="oval:org.opensuse.security:ste:2009037828"/> 59722 </rpminfo_test> 59723 <rpminfo_test id="oval:org.opensuse.security:tst:2009058572" version="1" comment="acroread-fonts-ja is <9.3.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59724 <object object_ref="oval:org.opensuse.security:obj:2009033637"/> 59725 <state state_ref="oval:org.opensuse.security:ste:2009037828"/> 59726 </rpminfo_test> 59727 <rpminfo_test id="oval:org.opensuse.security:tst:2009058573" version="1" comment="acroread-fonts-ko is <9.3.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59728 <object object_ref="oval:org.opensuse.security:obj:2009033638"/> 59729 <state state_ref="oval:org.opensuse.security:ste:2009037828"/> 59730 </rpminfo_test> 59731 <rpminfo_test id="oval:org.opensuse.security:tst:2009058574" version="1" comment="acroread-fonts-zh_CN is <9.3.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59732 <object object_ref="oval:org.opensuse.security:obj:2009033639"/> 59733 <state state_ref="oval:org.opensuse.security:ste:2009037828"/> 59734 </rpminfo_test> 59735 <rpminfo_test id="oval:org.opensuse.security:tst:2009058575" version="1" comment="acroread-fonts-zh_TW is <9.3.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59736 <object object_ref="oval:org.opensuse.security:obj:2009033640"/> 59737 <state state_ref="oval:org.opensuse.security:ste:2009037828"/> 59738 </rpminfo_test> 59739 <rpminfo_test id="oval:org.opensuse.security:tst:2009058577" version="1" comment="acroread is <9.3.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59740 <object object_ref="oval:org.opensuse.security:obj:2009030440"/> 59741 <state state_ref="oval:org.opensuse.security:ste:2009037828"/> 59742 </rpminfo_test> 59743 <rpminfo_test id="oval:org.opensuse.security:tst:2009057996" version="1" comment="flash-player is <9.0.262.0-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59744 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 59745 <state state_ref="oval:org.opensuse.security:ste:2009037754"/> 59746 </rpminfo_test> 59747 <rpminfo_test id="oval:org.opensuse.security:tst:2009059789" version="1" comment="acroread_ja is <9.3.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59748 <object object_ref="oval:org.opensuse.security:obj:2009032700"/> 59749 <state state_ref="oval:org.opensuse.security:ste:2009038053"/> 59750 </rpminfo_test> 59751 <rpminfo_test id="oval:org.opensuse.security:tst:2009059802" version="1" comment="acroread-cmaps is <9.3.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59752 <object object_ref="oval:org.opensuse.security:obj:2009033636"/> 59753 <state state_ref="oval:org.opensuse.security:ste:2009038053"/> 59754 </rpminfo_test> 59755 <rpminfo_test id="oval:org.opensuse.security:tst:2009059803" version="1" comment="acroread-fonts-ja is <9.3.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59756 <object object_ref="oval:org.opensuse.security:obj:2009033637"/> 59757 <state state_ref="oval:org.opensuse.security:ste:2009038053"/> 59758 </rpminfo_test> 59759 <rpminfo_test id="oval:org.opensuse.security:tst:2009059804" version="1" comment="acroread-fonts-ko is <9.3.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59760 <object object_ref="oval:org.opensuse.security:obj:2009033638"/> 59761 <state state_ref="oval:org.opensuse.security:ste:2009038053"/> 59762 </rpminfo_test> 59763 <rpminfo_test id="oval:org.opensuse.security:tst:2009059805" version="1" comment="acroread-fonts-zh_CN is <9.3.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59764 <object object_ref="oval:org.opensuse.security:obj:2009033639"/> 59765 <state state_ref="oval:org.opensuse.security:ste:2009038053"/> 59766 </rpminfo_test> 59767 <rpminfo_test id="oval:org.opensuse.security:tst:2009059806" version="1" comment="acroread-fonts-zh_TW is <9.3.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59768 <object object_ref="oval:org.opensuse.security:obj:2009033640"/> 59769 <state state_ref="oval:org.opensuse.security:ste:2009038053"/> 59770 </rpminfo_test> 59771 <rpminfo_test id="oval:org.opensuse.security:tst:2009059807" version="1" comment="acroread is <9.3.2-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59772 <object object_ref="oval:org.opensuse.security:obj:2009030440"/> 59773 <state state_ref="oval:org.opensuse.security:ste:2009038053"/> 59774 </rpminfo_test> 59775 <rpminfo_test id="oval:org.opensuse.security:tst:2009060304" version="1" comment="libpng-32bit is <1.2.8-19.28.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59776 <object object_ref="oval:org.opensuse.security:obj:2009030638"/> 59777 <state state_ref="oval:org.opensuse.security:ste:2009038128"/> 59778 </rpminfo_test> 59779 <rpminfo_test id="oval:org.opensuse.security:tst:2009060305" version="1" comment="libpng-devel-32bit is <1.2.8-19.28.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59780 <object object_ref="oval:org.opensuse.security:obj:2009031449"/> 59781 <state state_ref="oval:org.opensuse.security:ste:2009038128"/> 59782 </rpminfo_test> 59783 <rpminfo_test id="oval:org.opensuse.security:tst:2009060306" version="1" comment="libpng-devel is <1.2.8-19.28.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59784 <object object_ref="oval:org.opensuse.security:obj:2009030639"/> 59785 <state state_ref="oval:org.opensuse.security:ste:2009038128"/> 59786 </rpminfo_test> 59787 <rpminfo_test id="oval:org.opensuse.security:tst:2009060307" version="1" comment="libpng is <1.2.8-19.28.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59788 <object object_ref="oval:org.opensuse.security:obj:2009030640"/> 59789 <state state_ref="oval:org.opensuse.security:ste:2009038128"/> 59790 </rpminfo_test> 59791 <rpminfo_test id="oval:org.opensuse.security:tst:2009062195" version="1" comment="acroread-cmaps is <9.3.4-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59792 <object object_ref="oval:org.opensuse.security:obj:2009033636"/> 59793 <state state_ref="oval:org.opensuse.security:ste:2009038430"/> 59794 </rpminfo_test> 59795 <rpminfo_test id="oval:org.opensuse.security:tst:2009062196" version="1" comment="acroread-fonts-ja is <9.3.4-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59796 <object object_ref="oval:org.opensuse.security:obj:2009033637"/> 59797 <state state_ref="oval:org.opensuse.security:ste:2009038430"/> 59798 </rpminfo_test> 59799 <rpminfo_test id="oval:org.opensuse.security:tst:2009062197" version="1" comment="acroread-fonts-ko is <9.3.4-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59800 <object object_ref="oval:org.opensuse.security:obj:2009033638"/> 59801 <state state_ref="oval:org.opensuse.security:ste:2009038430"/> 59802 </rpminfo_test> 59803 <rpminfo_test id="oval:org.opensuse.security:tst:2009062198" version="1" comment="acroread-fonts-zh_CN is <9.3.4-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59804 <object object_ref="oval:org.opensuse.security:obj:2009033639"/> 59805 <state state_ref="oval:org.opensuse.security:ste:2009038430"/> 59806 </rpminfo_test> 59807 <rpminfo_test id="oval:org.opensuse.security:tst:2009062199" version="1" comment="acroread-fonts-zh_TW is <9.3.4-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59808 <object object_ref="oval:org.opensuse.security:obj:2009033640"/> 59809 <state state_ref="oval:org.opensuse.security:ste:2009038430"/> 59810 </rpminfo_test> 59811 <rpminfo_test id="oval:org.opensuse.security:tst:2009062200" version="1" comment="acroread is <9.3.4-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59812 <object object_ref="oval:org.opensuse.security:obj:2009030440"/> 59813 <state state_ref="oval:org.opensuse.security:ste:2009038430"/> 59814 </rpminfo_test> 59815 <rpminfo_test id="oval:org.opensuse.security:tst:2009061983" version="1" comment="flash-player is <9.0.280.0-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59816 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 59817 <state state_ref="oval:org.opensuse.security:ste:2009038382"/> 59818 </rpminfo_test> 59819 <rpminfo_test id="oval:org.opensuse.security:tst:2009062201" version="1" comment="acroread_ja is <9.3.4-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59820 <object object_ref="oval:org.opensuse.security:obj:2009032700"/> 59821 <state state_ref="oval:org.opensuse.security:ste:2009038431"/> 59822 </rpminfo_test> 59823 <rpminfo_test id="oval:org.opensuse.security:tst:2009062053" version="1" comment="openldap2-client-32bit is <2.3.32-0.37.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59824 <object object_ref="oval:org.opensuse.security:obj:2009030669"/> 59825 <state state_ref="oval:org.opensuse.security:ste:2009038399"/> 59826 </rpminfo_test> 59827 <rpminfo_test id="oval:org.opensuse.security:tst:2009062054" version="1" comment="openldap2-client is <2.3.32-0.37.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59828 <object object_ref="oval:org.opensuse.security:obj:2009030545"/> 59829 <state state_ref="oval:org.opensuse.security:ste:2009038399"/> 59830 </rpminfo_test> 59831 <rpminfo_test id="oval:org.opensuse.security:tst:2009062055" version="1" comment="openldap2-devel-32bit is <2.3.32-0.37.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59832 <object object_ref="oval:org.opensuse.security:obj:2009030814"/> 59833 <state state_ref="oval:org.opensuse.security:ste:2009038399"/> 59834 </rpminfo_test> 59835 <rpminfo_test id="oval:org.opensuse.security:tst:2009062056" version="1" comment="openldap2-devel is <2.3.32-0.37.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59836 <object object_ref="oval:org.opensuse.security:obj:2009030546"/> 59837 <state state_ref="oval:org.opensuse.security:ste:2009038399"/> 59838 </rpminfo_test> 59839 <rpminfo_test id="oval:org.opensuse.security:tst:2009062057" version="1" comment="openldap2 is <2.3.32-0.37.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59840 <object object_ref="oval:org.opensuse.security:obj:2009030656"/> 59841 <state state_ref="oval:org.opensuse.security:ste:2009038399"/> 59842 </rpminfo_test> 59843 <rpminfo_test id="oval:org.opensuse.security:tst:2009057647" version="1" comment="mozilla-xulrunner190-32bit is <1.9.0.17-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59844 <object object_ref="oval:org.opensuse.security:obj:2009030968"/> 59845 <state state_ref="oval:org.opensuse.security:ste:2009037688"/> 59846 </rpminfo_test> 59847 <rpminfo_test id="oval:org.opensuse.security:tst:2009057648" version="1" comment="mozilla-xulrunner190-gnomevfs-32bit is <1.9.0.17-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59848 <object object_ref="oval:org.opensuse.security:obj:2009032851"/> 59849 <state state_ref="oval:org.opensuse.security:ste:2009037688"/> 59850 </rpminfo_test> 59851 <rpminfo_test id="oval:org.opensuse.security:tst:2009057649" version="1" comment="mozilla-xulrunner190-gnomevfs is <1.9.0.17-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59852 <object object_ref="oval:org.opensuse.security:obj:2009030969"/> 59853 <state state_ref="oval:org.opensuse.security:ste:2009037688"/> 59854 </rpminfo_test> 59855 <rpminfo_test id="oval:org.opensuse.security:tst:2009057650" version="1" comment="mozilla-xulrunner190-translations-32bit is <1.9.0.17-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59856 <object object_ref="oval:org.opensuse.security:obj:2009032853"/> 59857 <state state_ref="oval:org.opensuse.security:ste:2009037688"/> 59858 </rpminfo_test> 59859 <rpminfo_test id="oval:org.opensuse.security:tst:2009057651" version="1" comment="mozilla-xulrunner190-translations is <1.9.0.17-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59860 <object object_ref="oval:org.opensuse.security:obj:2009030970"/> 59861 <state state_ref="oval:org.opensuse.security:ste:2009037688"/> 59862 </rpminfo_test> 59863 <rpminfo_test id="oval:org.opensuse.security:tst:2009057652" version="1" comment="mozilla-xulrunner190 is <1.9.0.17-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59864 <object object_ref="oval:org.opensuse.security:obj:2009030972"/> 59865 <state state_ref="oval:org.opensuse.security:ste:2009037688"/> 59866 </rpminfo_test> 59867 <rpminfo_test id="oval:org.opensuse.security:tst:2009057660" version="1" comment="MozillaFirefox-translations is <3.5.7-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59868 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 59869 <state state_ref="oval:org.opensuse.security:ste:2009037689"/> 59870 </rpminfo_test> 59871 <rpminfo_test id="oval:org.opensuse.security:tst:2009057661" version="1" comment="MozillaFirefox is <3.5.7-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59872 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 59873 <state state_ref="oval:org.opensuse.security:ste:2009037689"/> 59874 </rpminfo_test> 59875 <rpminfo_test id="oval:org.opensuse.security:tst:2009057662" version="1" comment="mozilla-xulrunner191-32bit is <1.9.1.7-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59876 <object object_ref="oval:org.opensuse.security:obj:2009033425"/> 59877 <state state_ref="oval:org.opensuse.security:ste:2009037690"/> 59878 </rpminfo_test> 59879 <rpminfo_test id="oval:org.opensuse.security:tst:2009057663" version="1" comment="mozilla-xulrunner191-gnomevfs-32bit is <1.9.1.7-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59880 <object object_ref="oval:org.opensuse.security:obj:2009033431"/> 59881 <state state_ref="oval:org.opensuse.security:ste:2009037690"/> 59882 </rpminfo_test> 59883 <rpminfo_test id="oval:org.opensuse.security:tst:2009057664" version="1" comment="mozilla-xulrunner191-gnomevfs is <1.9.1.7-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59884 <object object_ref="oval:org.opensuse.security:obj:2009033426"/> 59885 <state state_ref="oval:org.opensuse.security:ste:2009037690"/> 59886 </rpminfo_test> 59887 <rpminfo_test id="oval:org.opensuse.security:tst:2009057665" version="1" comment="mozilla-xulrunner191-translations-32bit is <1.9.1.7-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59888 <object object_ref="oval:org.opensuse.security:obj:2009033433"/> 59889 <state state_ref="oval:org.opensuse.security:ste:2009037690"/> 59890 </rpminfo_test> 59891 <rpminfo_test id="oval:org.opensuse.security:tst:2009057666" version="1" comment="mozilla-xulrunner191-translations is <1.9.1.7-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59892 <object object_ref="oval:org.opensuse.security:obj:2009033427"/> 59893 <state state_ref="oval:org.opensuse.security:ste:2009037690"/> 59894 </rpminfo_test> 59895 <rpminfo_test id="oval:org.opensuse.security:tst:2009057667" version="1" comment="mozilla-xulrunner191 is <1.9.1.7-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59896 <object object_ref="oval:org.opensuse.security:obj:2009033429"/> 59897 <state state_ref="oval:org.opensuse.security:ste:2009037690"/> 59898 </rpminfo_test> 59899 <rpminfo_test id="oval:org.opensuse.security:tst:2009057254" version="1" comment="postfix is <2.5.6-4.8.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59900 <object object_ref="oval:org.opensuse.security:obj:2009030854"/> 59901 <state state_ref="oval:org.opensuse.security:ste:2009037615"/> 59902 </rpminfo_test> 59903 <rpminfo_test id="oval:org.opensuse.security:tst:2009061719" version="1" comment="OpenOffice_org-af is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59904 <object object_ref="oval:org.opensuse.security:obj:2009031377"/> 59905 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59906 </rpminfo_test> 59907 <rpminfo_test id="oval:org.opensuse.security:tst:2009061720" version="1" comment="OpenOffice_org-ar is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59908 <object object_ref="oval:org.opensuse.security:obj:2009030617"/> 59909 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59910 </rpminfo_test> 59911 <rpminfo_test id="oval:org.opensuse.security:tst:2009061721" version="1" comment="OpenOffice_org-ca is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59912 <object object_ref="oval:org.opensuse.security:obj:2009030618"/> 59913 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59914 </rpminfo_test> 59915 <rpminfo_test id="oval:org.opensuse.security:tst:2009061722" version="1" comment="OpenOffice_org-cs is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59916 <object object_ref="oval:org.opensuse.security:obj:2009030485"/> 59917 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59918 </rpminfo_test> 59919 <rpminfo_test id="oval:org.opensuse.security:tst:2009061723" version="1" comment="OpenOffice_org-da is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59920 <object object_ref="oval:org.opensuse.security:obj:2009030486"/> 59921 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59922 </rpminfo_test> 59923 <rpminfo_test id="oval:org.opensuse.security:tst:2009061724" version="1" comment="OpenOffice_org-de is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59924 <object object_ref="oval:org.opensuse.security:obj:2009030487"/> 59925 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59926 </rpminfo_test> 59927 <rpminfo_test id="oval:org.opensuse.security:tst:2009061725" version="1" comment="OpenOffice_org-el is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59928 <object object_ref="oval:org.opensuse.security:obj:2009030619"/> 59929 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59930 </rpminfo_test> 59931 <rpminfo_test id="oval:org.opensuse.security:tst:2009061726" version="1" comment="OpenOffice_org-en-GB is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59932 <object object_ref="oval:org.opensuse.security:obj:2009031381"/> 59933 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59934 </rpminfo_test> 59935 <rpminfo_test id="oval:org.opensuse.security:tst:2009061727" version="1" comment="OpenOffice_org-es is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59936 <object object_ref="oval:org.opensuse.security:obj:2009030490"/> 59937 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59938 </rpminfo_test> 59939 <rpminfo_test id="oval:org.opensuse.security:tst:2009061728" version="1" comment="OpenOffice_org-fi is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59940 <object object_ref="oval:org.opensuse.security:obj:2009030491"/> 59941 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59942 </rpminfo_test> 59943 <rpminfo_test id="oval:org.opensuse.security:tst:2009061729" version="1" comment="OpenOffice_org-fr is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59944 <object object_ref="oval:org.opensuse.security:obj:2009030492"/> 59945 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59946 </rpminfo_test> 59947 <rpminfo_test id="oval:org.opensuse.security:tst:2009061730" version="1" comment="OpenOffice_org-galleries is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59948 <object object_ref="oval:org.opensuse.security:obj:2009032226"/> 59949 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59950 </rpminfo_test> 59951 <rpminfo_test id="oval:org.opensuse.security:tst:2009061731" version="1" comment="OpenOffice_org-gnome is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59952 <object object_ref="oval:org.opensuse.security:obj:2009030493"/> 59953 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59954 </rpminfo_test> 59955 <rpminfo_test id="oval:org.opensuse.security:tst:2009061732" version="1" comment="OpenOffice_org-gu-IN is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59956 <object object_ref="oval:org.opensuse.security:obj:2009031382"/> 59957 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59958 </rpminfo_test> 59959 <rpminfo_test id="oval:org.opensuse.security:tst:2009061733" version="1" comment="OpenOffice_org-hi-IN is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59960 <object object_ref="oval:org.opensuse.security:obj:2009031383"/> 59961 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59962 </rpminfo_test> 59963 <rpminfo_test id="oval:org.opensuse.security:tst:2009061734" version="1" comment="OpenOffice_org-hu is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59964 <object object_ref="oval:org.opensuse.security:obj:2009030494"/> 59965 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59966 </rpminfo_test> 59967 <rpminfo_test id="oval:org.opensuse.security:tst:2009061735" version="1" comment="OpenOffice_org-it is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59968 <object object_ref="oval:org.opensuse.security:obj:2009030495"/> 59969 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59970 </rpminfo_test> 59971 <rpminfo_test id="oval:org.opensuse.security:tst:2009061736" version="1" comment="OpenOffice_org-ja is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59972 <object object_ref="oval:org.opensuse.security:obj:2009030496"/> 59973 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59974 </rpminfo_test> 59975 <rpminfo_test id="oval:org.opensuse.security:tst:2009061737" version="1" comment="OpenOffice_org-kde is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59976 <object object_ref="oval:org.opensuse.security:obj:2009030497"/> 59977 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59978 </rpminfo_test> 59979 <rpminfo_test id="oval:org.opensuse.security:tst:2009061738" version="1" comment="OpenOffice_org-ko is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59980 <object object_ref="oval:org.opensuse.security:obj:2009030621"/> 59981 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59982 </rpminfo_test> 59983 <rpminfo_test id="oval:org.opensuse.security:tst:2009061739" version="1" comment="OpenOffice_org-mono is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59984 <object object_ref="oval:org.opensuse.security:obj:2009031354"/> 59985 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59986 </rpminfo_test> 59987 <rpminfo_test id="oval:org.opensuse.security:tst:2009061740" version="1" comment="OpenOffice_org-nb is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59988 <object object_ref="oval:org.opensuse.security:obj:2009031388"/> 59989 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59990 </rpminfo_test> 59991 <rpminfo_test id="oval:org.opensuse.security:tst:2009061741" version="1" comment="OpenOffice_org-nl is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59992 <object object_ref="oval:org.opensuse.security:obj:2009030622"/> 59993 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59994 </rpminfo_test> 59995 <rpminfo_test id="oval:org.opensuse.security:tst:2009061742" version="1" comment="OpenOffice_org-nld is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 59996 <object object_ref="oval:org.opensuse.security:obj:2009032702"/> 59997 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 59998 </rpminfo_test> 59999 <rpminfo_test id="oval:org.opensuse.security:tst:2009061743" version="1" comment="OpenOffice_org-nn is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60000 <object object_ref="oval:org.opensuse.security:obj:2009031389"/> 60001 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 60002 </rpminfo_test> 60003 <rpminfo_test id="oval:org.opensuse.security:tst:2009061744" version="1" comment="OpenOffice_org-pl is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60004 <object object_ref="oval:org.opensuse.security:obj:2009030498"/> 60005 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 60006 </rpminfo_test> 60007 <rpminfo_test id="oval:org.opensuse.security:tst:2009061745" version="1" comment="OpenOffice_org-pt-BR is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60008 <object object_ref="oval:org.opensuse.security:obj:2009030623"/> 60009 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 60010 </rpminfo_test> 60011 <rpminfo_test id="oval:org.opensuse.security:tst:2009061746" version="1" comment="OpenOffice_org-ru is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60012 <object object_ref="oval:org.opensuse.security:obj:2009030500"/> 60013 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 60014 </rpminfo_test> 60015 <rpminfo_test id="oval:org.opensuse.security:tst:2009061747" version="1" comment="OpenOffice_org-sk is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60016 <object object_ref="oval:org.opensuse.security:obj:2009030501"/> 60017 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 60018 </rpminfo_test> 60019 <rpminfo_test id="oval:org.opensuse.security:tst:2009061748" version="1" comment="OpenOffice_org-sv is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60020 <object object_ref="oval:org.opensuse.security:obj:2009030502"/> 60021 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 60022 </rpminfo_test> 60023 <rpminfo_test id="oval:org.opensuse.security:tst:2009061749" version="1" comment="OpenOffice_org-xh is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60024 <object object_ref="oval:org.opensuse.security:obj:2009031396"/> 60025 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 60026 </rpminfo_test> 60027 <rpminfo_test id="oval:org.opensuse.security:tst:2009061750" version="1" comment="OpenOffice_org-zh-CN is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60028 <object object_ref="oval:org.opensuse.security:obj:2009030503"/> 60029 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 60030 </rpminfo_test> 60031 <rpminfo_test id="oval:org.opensuse.security:tst:2009061751" version="1" comment="OpenOffice_org-zh-TW is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60032 <object object_ref="oval:org.opensuse.security:obj:2009030504"/> 60033 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 60034 </rpminfo_test> 60035 <rpminfo_test id="oval:org.opensuse.security:tst:2009061752" version="1" comment="OpenOffice_org-zu is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60036 <object object_ref="oval:org.opensuse.security:obj:2009031397"/> 60037 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 60038 </rpminfo_test> 60039 <rpminfo_test id="oval:org.opensuse.security:tst:2009061753" version="1" comment="OpenOffice_org is <3.2.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60040 <object object_ref="oval:org.opensuse.security:obj:2009030505"/> 60041 <state state_ref="oval:org.opensuse.security:ste:2009038323"/> 60042 </rpminfo_test> 60043 <rpminfo_test id="oval:org.opensuse.security:tst:2009063225" version="1" comment="bzip2-32bit is <1.0.3-17.15.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60044 <object object_ref="oval:org.opensuse.security:obj:2009030835"/> 60045 <state state_ref="oval:org.opensuse.security:ste:2009038571"/> 60046 </rpminfo_test> 60047 <rpminfo_test id="oval:org.opensuse.security:tst:2009063226" version="1" comment="bzip2 is <1.0.3-17.15.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60048 <object object_ref="oval:org.opensuse.security:obj:2009030508"/> 60049 <state state_ref="oval:org.opensuse.security:ste:2009038571"/> 60050 </rpminfo_test> 60051 <rpminfo_test id="oval:org.opensuse.security:tst:2009062688" version="1" comment="pcsc-lite-devel is <1.2.9_beta9-17.17.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60052 <object object_ref="oval:org.opensuse.security:obj:2009032525"/> 60053 <state state_ref="oval:org.opensuse.security:ste:2009038492"/> 60054 </rpminfo_test> 60055 <rpminfo_test id="oval:org.opensuse.security:tst:2009062689" version="1" comment="pcsc-lite is <1.2.9_beta9-17.17.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60056 <object object_ref="oval:org.opensuse.security:obj:2009032526"/> 60057 <state state_ref="oval:org.opensuse.security:ste:2009038492"/> 60058 </rpminfo_test> 60059 <rpminfo_test id="oval:org.opensuse.security:tst:2009059703" version="1" comment="pango-32bit is <1.10.2-23.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60060 <object object_ref="oval:org.opensuse.security:obj:2009030536"/> 60061 <state state_ref="oval:org.opensuse.security:ste:2009038040"/> 60062 </rpminfo_test> 60063 <rpminfo_test id="oval:org.opensuse.security:tst:2009059704" version="1" comment="pango-devel is <1.10.2-23.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60064 <object object_ref="oval:org.opensuse.security:obj:2009033190"/> 60065 <state state_ref="oval:org.opensuse.security:ste:2009038040"/> 60066 </rpminfo_test> 60067 <rpminfo_test id="oval:org.opensuse.security:tst:2009059705" version="1" comment="pango-doc is <1.10.2-23.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60068 <object object_ref="oval:org.opensuse.security:obj:2009031053"/> 60069 <state state_ref="oval:org.opensuse.security:ste:2009038040"/> 60070 </rpminfo_test> 60071 <rpminfo_test id="oval:org.opensuse.security:tst:2009059706" version="1" comment="pango is <1.10.2-23.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60072 <object object_ref="oval:org.opensuse.security:obj:2009030537"/> 60073 <state state_ref="oval:org.opensuse.security:ste:2009038040"/> 60074 </rpminfo_test> 60075 <rpminfo_test id="oval:org.opensuse.security:tst:2009058938" version="1" comment="cron is <4.1-45.31.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60076 <object object_ref="oval:org.opensuse.security:obj:2009030630"/> 60077 <state state_ref="oval:org.opensuse.security:ste:2009037901"/> 60078 </rpminfo_test> 60079 <rpminfo_test id="oval:org.opensuse.security:tst:2009058662" version="1" comment="sudo is <1.6.8p12-18.17.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60080 <object object_ref="oval:org.opensuse.security:obj:2009030544"/> 60081 <state state_ref="oval:org.opensuse.security:ste:2009037872"/> 60082 </rpminfo_test> 60083 <rpminfo_test id="oval:org.opensuse.security:tst:2009059752" version="1" comment="fileshareset is <2.0-84.77.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60084 <object object_ref="oval:org.opensuse.security:obj:2009032247"/> 60085 <state state_ref="oval:org.opensuse.security:ste:2009038047"/> 60086 </rpminfo_test> 60087 <rpminfo_test id="oval:org.opensuse.security:tst:2009059753" version="1" comment="kdebase3-32bit is <3.5.1-69.77.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60088 <object object_ref="oval:org.opensuse.security:obj:2009030744"/> 60089 <state state_ref="oval:org.opensuse.security:ste:2009038048"/> 60090 </rpminfo_test> 60091 <rpminfo_test id="oval:org.opensuse.security:tst:2009059754" version="1" comment="kdebase3-beagle is <3.5.1-69.77.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60092 <object object_ref="oval:org.opensuse.security:obj:2009032163"/> 60093 <state state_ref="oval:org.opensuse.security:ste:2009038048"/> 60094 </rpminfo_test> 60095 <rpminfo_test id="oval:org.opensuse.security:tst:2009059755" version="1" comment="kdebase3-devel is <3.5.1-69.77.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60096 <object object_ref="oval:org.opensuse.security:obj:2009031092"/> 60097 <state state_ref="oval:org.opensuse.security:ste:2009038048"/> 60098 </rpminfo_test> 60099 <rpminfo_test id="oval:org.opensuse.security:tst:2009059756" version="1" comment="kdebase3-kdm is <3.5.1-69.77.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60100 <object object_ref="oval:org.opensuse.security:obj:2009031195"/> 60101 <state state_ref="oval:org.opensuse.security:ste:2009038048"/> 60102 </rpminfo_test> 60103 <rpminfo_test id="oval:org.opensuse.security:tst:2009059757" version="1" comment="kdebase3-ksysguardd is <3.5.1-69.77.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60104 <object object_ref="oval:org.opensuse.security:obj:2009031948"/> 60105 <state state_ref="oval:org.opensuse.security:ste:2009038048"/> 60106 </rpminfo_test> 60107 <rpminfo_test id="oval:org.opensuse.security:tst:2009059758" version="1" comment="kdebase3-nsplugin is <3.5.1-69.77.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60108 <object object_ref="oval:org.opensuse.security:obj:2009031967"/> 60109 <state state_ref="oval:org.opensuse.security:ste:2009038048"/> 60110 </rpminfo_test> 60111 <rpminfo_test id="oval:org.opensuse.security:tst:2009059759" version="1" comment="kdebase3-samba is <3.5.1-69.77.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60112 <object object_ref="oval:org.opensuse.security:obj:2009032257"/> 60113 <state state_ref="oval:org.opensuse.security:ste:2009038048"/> 60114 </rpminfo_test> 60115 <rpminfo_test id="oval:org.opensuse.security:tst:2009059760" version="1" comment="kdebase3-session is <3.5.1-69.77.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60116 <object object_ref="oval:org.opensuse.security:obj:2009032258"/> 60117 <state state_ref="oval:org.opensuse.security:ste:2009038048"/> 60118 </rpminfo_test> 60119 <rpminfo_test id="oval:org.opensuse.security:tst:2009059761" version="1" comment="kdebase3 is <3.5.1-69.77.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60120 <object object_ref="oval:org.opensuse.security:obj:2009030449"/> 60121 <state state_ref="oval:org.opensuse.security:ste:2009038048"/> 60122 </rpminfo_test> 60123 <rpminfo_test id="oval:org.opensuse.security:tst:2009071180" version="1" comment="cups-client is <1.1.23-40.62.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60124 <object object_ref="oval:org.opensuse.security:obj:2009030425"/> 60125 <state state_ref="oval:org.opensuse.security:ste:2009040033"/> 60126 </rpminfo_test> 60127 <rpminfo_test id="oval:org.opensuse.security:tst:2009071181" version="1" comment="cups-devel is <1.1.23-40.62.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60128 <object object_ref="oval:org.opensuse.security:obj:2009030426"/> 60129 <state state_ref="oval:org.opensuse.security:ste:2009040033"/> 60130 </rpminfo_test> 60131 <rpminfo_test id="oval:org.opensuse.security:tst:2009071182" version="1" comment="cups-libs-32bit is <1.1.23-40.62.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60132 <object object_ref="oval:org.opensuse.security:obj:2009030730"/> 60133 <state state_ref="oval:org.opensuse.security:ste:2009040033"/> 60134 </rpminfo_test> 60135 <rpminfo_test id="oval:org.opensuse.security:tst:2009071183" version="1" comment="cups-libs is <1.1.23-40.62.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60136 <object object_ref="oval:org.opensuse.security:obj:2009030427"/> 60137 <state state_ref="oval:org.opensuse.security:ste:2009040033"/> 60138 </rpminfo_test> 60139 <rpminfo_test id="oval:org.opensuse.security:tst:2009071184" version="1" comment="cups is <1.1.23-40.62.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60140 <object object_ref="oval:org.opensuse.security:obj:2009030428"/> 60141 <state state_ref="oval:org.opensuse.security:ste:2009040033"/> 60142 </rpminfo_test> 60143 <rpminfo_test id="oval:org.opensuse.security:tst:2009064812" version="1" comment="cups-client is <1.1.23-40.60.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60144 <object object_ref="oval:org.opensuse.security:obj:2009030425"/> 60145 <state state_ref="oval:org.opensuse.security:ste:2009038788"/> 60146 </rpminfo_test> 60147 <rpminfo_test id="oval:org.opensuse.security:tst:2009064813" version="1" comment="cups-devel is <1.1.23-40.60.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60148 <object object_ref="oval:org.opensuse.security:obj:2009030426"/> 60149 <state state_ref="oval:org.opensuse.security:ste:2009038788"/> 60150 </rpminfo_test> 60151 <rpminfo_test id="oval:org.opensuse.security:tst:2009064814" version="1" comment="cups-libs-32bit is <1.1.23-40.60.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60152 <object object_ref="oval:org.opensuse.security:obj:2009030730"/> 60153 <state state_ref="oval:org.opensuse.security:ste:2009038788"/> 60154 </rpminfo_test> 60155 <rpminfo_test id="oval:org.opensuse.security:tst:2009064815" version="1" comment="cups-libs is <1.1.23-40.60.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60156 <object object_ref="oval:org.opensuse.security:obj:2009030427"/> 60157 <state state_ref="oval:org.opensuse.security:ste:2009038788"/> 60158 </rpminfo_test> 60159 <rpminfo_test id="oval:org.opensuse.security:tst:2009064816" version="1" comment="cups is <1.1.23-40.60.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60160 <object object_ref="oval:org.opensuse.security:obj:2009030428"/> 60161 <state state_ref="oval:org.opensuse.security:ste:2009038788"/> 60162 </rpminfo_test> 60163 <rpminfo_test id="oval:org.opensuse.security:tst:2009059386" version="1" comment="cifs-mount is <3.0.36-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60164 <object object_ref="oval:org.opensuse.security:obj:2009031336"/> 60165 <state state_ref="oval:org.opensuse.security:ste:2009037982"/> 60166 </rpminfo_test> 60167 <rpminfo_test id="oval:org.opensuse.security:tst:2009059387" version="1" comment="ldapsmb is <1.34b-25.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60168 <object object_ref="oval:org.opensuse.security:obj:2009030746"/> 60169 <state state_ref="oval:org.opensuse.security:ste:2009037983"/> 60170 </rpminfo_test> 60171 <rpminfo_test id="oval:org.opensuse.security:tst:2009059388" version="1" comment="libsmbclient-32bit is <3.0.36-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60172 <object object_ref="oval:org.opensuse.security:obj:2009030745"/> 60173 <state state_ref="oval:org.opensuse.security:ste:2009037982"/> 60174 </rpminfo_test> 60175 <rpminfo_test id="oval:org.opensuse.security:tst:2009059389" version="1" comment="libsmbclient-devel is <3.0.36-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60176 <object object_ref="oval:org.opensuse.security:obj:2009030441"/> 60177 <state state_ref="oval:org.opensuse.security:ste:2009037982"/> 60178 </rpminfo_test> 60179 <rpminfo_test id="oval:org.opensuse.security:tst:2009059390" version="1" comment="libsmbclient is <3.0.36-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60180 <object object_ref="oval:org.opensuse.security:obj:2009030442"/> 60181 <state state_ref="oval:org.opensuse.security:ste:2009037982"/> 60182 </rpminfo_test> 60183 <rpminfo_test id="oval:org.opensuse.security:tst:2009059391" version="1" comment="samba-32bit is <3.0.36-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60184 <object object_ref="oval:org.opensuse.security:obj:2009030769"/> 60185 <state state_ref="oval:org.opensuse.security:ste:2009037982"/> 60186 </rpminfo_test> 60187 <rpminfo_test id="oval:org.opensuse.security:tst:2009059392" version="1" comment="samba-client-32bit is <3.0.36-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60188 <object object_ref="oval:org.opensuse.security:obj:2009030770"/> 60189 <state state_ref="oval:org.opensuse.security:ste:2009037982"/> 60190 </rpminfo_test> 60191 <rpminfo_test id="oval:org.opensuse.security:tst:2009059393" version="1" comment="samba-client is <3.0.36-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60192 <object object_ref="oval:org.opensuse.security:obj:2009030443"/> 60193 <state state_ref="oval:org.opensuse.security:ste:2009037982"/> 60194 </rpminfo_test> 60195 <rpminfo_test id="oval:org.opensuse.security:tst:2009059394" version="1" comment="samba-krb-printing is <3.0.36-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60196 <object object_ref="oval:org.opensuse.security:obj:2009031344"/> 60197 <state state_ref="oval:org.opensuse.security:ste:2009037982"/> 60198 </rpminfo_test> 60199 <rpminfo_test id="oval:org.opensuse.security:tst:2009059395" version="1" comment="samba-vscan is <0.3.6b-43.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60200 <object object_ref="oval:org.opensuse.security:obj:2009030447"/> 60201 <state state_ref="oval:org.opensuse.security:ste:2009037984"/> 60202 </rpminfo_test> 60203 <rpminfo_test id="oval:org.opensuse.security:tst:2009059396" version="1" comment="samba-winbind-32bit is <3.0.36-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60204 <object object_ref="oval:org.opensuse.security:obj:2009030771"/> 60205 <state state_ref="oval:org.opensuse.security:ste:2009037982"/> 60206 </rpminfo_test> 60207 <rpminfo_test id="oval:org.opensuse.security:tst:2009059397" version="1" comment="samba-winbind is <3.0.36-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60208 <object object_ref="oval:org.opensuse.security:obj:2009030448"/> 60209 <state state_ref="oval:org.opensuse.security:ste:2009037982"/> 60210 </rpminfo_test> 60211 <rpminfo_test id="oval:org.opensuse.security:tst:2009059398" version="1" comment="samba is <3.0.36-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60212 <object object_ref="oval:org.opensuse.security:obj:2009030429"/> 60213 <state state_ref="oval:org.opensuse.security:ste:2009037982"/> 60214 </rpminfo_test> 60215 <rpminfo_test id="oval:org.opensuse.security:tst:2009060136" version="1" comment="cpio is <2.6-19.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60216 <object object_ref="oval:org.opensuse.security:obj:2009030506"/> 60217 <state state_ref="oval:org.opensuse.security:ste:2009038110"/> 60218 </rpminfo_test> 60219 <rpminfo_test id="oval:org.opensuse.security:tst:2009060037" version="1" comment="tar is <1.15.1-23.16.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60220 <object object_ref="oval:org.opensuse.security:obj:2009030401"/> 60221 <state state_ref="oval:org.opensuse.security:ste:2009038097"/> 60222 </rpminfo_test> 60223 <rpminfo_test id="oval:org.opensuse.security:tst:2009061842" version="1" comment="MozillaFirefox-translations is <3.5.11-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60224 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 60225 <state state_ref="oval:org.opensuse.security:ste:2009038346"/> 60226 </rpminfo_test> 60227 <rpminfo_test id="oval:org.opensuse.security:tst:2009061843" version="1" comment="MozillaFirefox is <3.5.11-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60228 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 60229 <state state_ref="oval:org.opensuse.security:ste:2009038346"/> 60230 </rpminfo_test> 60231 <rpminfo_test id="oval:org.opensuse.security:tst:2009061844" version="1" comment="mozilla-xulrunner191-32bit is <1.9.1.11-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60232 <object object_ref="oval:org.opensuse.security:obj:2009033425"/> 60233 <state state_ref="oval:org.opensuse.security:ste:2009038347"/> 60234 </rpminfo_test> 60235 <rpminfo_test id="oval:org.opensuse.security:tst:2009061845" version="1" comment="mozilla-xulrunner191-gnomevfs-32bit is <1.9.1.11-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60236 <object object_ref="oval:org.opensuse.security:obj:2009033431"/> 60237 <state state_ref="oval:org.opensuse.security:ste:2009038347"/> 60238 </rpminfo_test> 60239 <rpminfo_test id="oval:org.opensuse.security:tst:2009061846" version="1" comment="mozilla-xulrunner191-gnomevfs is <1.9.1.11-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60240 <object object_ref="oval:org.opensuse.security:obj:2009033426"/> 60241 <state state_ref="oval:org.opensuse.security:ste:2009038347"/> 60242 </rpminfo_test> 60243 <rpminfo_test id="oval:org.opensuse.security:tst:2009061847" version="1" comment="mozilla-xulrunner191-translations-32bit is <1.9.1.11-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60244 <object object_ref="oval:org.opensuse.security:obj:2009033433"/> 60245 <state state_ref="oval:org.opensuse.security:ste:2009038347"/> 60246 </rpminfo_test> 60247 <rpminfo_test id="oval:org.opensuse.security:tst:2009061848" version="1" comment="mozilla-xulrunner191-translations is <1.9.1.11-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60248 <object object_ref="oval:org.opensuse.security:obj:2009033427"/> 60249 <state state_ref="oval:org.opensuse.security:ste:2009038347"/> 60250 </rpminfo_test> 60251 <rpminfo_test id="oval:org.opensuse.security:tst:2009061849" version="1" comment="mozilla-xulrunner191 is <1.9.1.11-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60252 <object object_ref="oval:org.opensuse.security:obj:2009033429"/> 60253 <state state_ref="oval:org.opensuse.security:ste:2009038347"/> 60254 </rpminfo_test> 60255 <rpminfo_test id="oval:org.opensuse.security:tst:2009061294" version="1" comment="postgresql-devel is <8.1.21-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60256 <object object_ref="oval:org.opensuse.security:obj:2009030469"/> 60257 <state state_ref="oval:org.opensuse.security:ste:2009038293"/> 60258 </rpminfo_test> 60259 <rpminfo_test id="oval:org.opensuse.security:tst:2009061295" version="1" comment="postgresql-libs-32bit is <8.1.21-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60260 <object object_ref="oval:org.opensuse.security:obj:2009030626"/> 60261 <state state_ref="oval:org.opensuse.security:ste:2009038293"/> 60262 </rpminfo_test> 60263 <rpminfo_test id="oval:org.opensuse.security:tst:2009061296" version="1" comment="postgresql-libs is <8.1.21-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60264 <object object_ref="oval:org.opensuse.security:obj:2009030471"/> 60265 <state state_ref="oval:org.opensuse.security:ste:2009038293"/> 60266 </rpminfo_test> 60267 <rpminfo_test id="oval:org.opensuse.security:tst:2009060488" version="1" comment="te_ams is <3.0-37.13.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60268 <object object_ref="oval:org.opensuse.security:obj:2009030793"/> 60269 <state state_ref="oval:org.opensuse.security:ste:2009038152"/> 60270 </rpminfo_test> 60271 <rpminfo_test id="oval:org.opensuse.security:tst:2009060489" version="1" comment="te_cont is <3.0-37.13.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60272 <object object_ref="oval:org.opensuse.security:obj:2009030794"/> 60273 <state state_ref="oval:org.opensuse.security:ste:2009038152"/> 60274 </rpminfo_test> 60275 <rpminfo_test id="oval:org.opensuse.security:tst:2009060490" version="1" comment="te_dvilj is <3.0-37.13.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60276 <object object_ref="oval:org.opensuse.security:obj:2009030795"/> 60277 <state state_ref="oval:org.opensuse.security:ste:2009038152"/> 60278 </rpminfo_test> 60279 <rpminfo_test id="oval:org.opensuse.security:tst:2009060491" version="1" comment="te_eplai is <3.0-37.13.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60280 <object object_ref="oval:org.opensuse.security:obj:2009030796"/> 60281 <state state_ref="oval:org.opensuse.security:ste:2009038152"/> 60282 </rpminfo_test> 60283 <rpminfo_test id="oval:org.opensuse.security:tst:2009060492" version="1" comment="te_kpath is <3.0-37.13.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60284 <object object_ref="oval:org.opensuse.security:obj:2009030798"/> 60285 <state state_ref="oval:org.opensuse.security:ste:2009038152"/> 60286 </rpminfo_test> 60287 <rpminfo_test id="oval:org.opensuse.security:tst:2009060493" version="1" comment="te_latex is <3.0-37.13.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60288 <object object_ref="oval:org.opensuse.security:obj:2009030799"/> 60289 <state state_ref="oval:org.opensuse.security:ste:2009038152"/> 60290 </rpminfo_test> 60291 <rpminfo_test id="oval:org.opensuse.security:tst:2009060494" version="1" comment="te_mpost is <3.0-37.13.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60292 <object object_ref="oval:org.opensuse.security:obj:2009030800"/> 60293 <state state_ref="oval:org.opensuse.security:ste:2009038152"/> 60294 </rpminfo_test> 60295 <rpminfo_test id="oval:org.opensuse.security:tst:2009060495" version="1" comment="te_omega is <3.0-37.13.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60296 <object object_ref="oval:org.opensuse.security:obj:2009030801"/> 60297 <state state_ref="oval:org.opensuse.security:ste:2009038152"/> 60298 </rpminfo_test> 60299 <rpminfo_test id="oval:org.opensuse.security:tst:2009060496" version="1" comment="te_ptex is <3.0-37.13.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60300 <object object_ref="oval:org.opensuse.security:obj:2009030803"/> 60301 <state state_ref="oval:org.opensuse.security:ste:2009038152"/> 60302 </rpminfo_test> 60303 <rpminfo_test id="oval:org.opensuse.security:tst:2009060497" version="1" comment="te_web is <3.0-37.13.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60304 <object object_ref="oval:org.opensuse.security:obj:2009030804"/> 60305 <state state_ref="oval:org.opensuse.security:ste:2009038152"/> 60306 </rpminfo_test> 60307 <rpminfo_test id="oval:org.opensuse.security:tst:2009060498" version="1" comment="tetex is <3.0-37.13.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60308 <object object_ref="oval:org.opensuse.security:obj:2009030805"/> 60309 <state state_ref="oval:org.opensuse.security:ste:2009038152"/> 60310 </rpminfo_test> 60311 <rpminfo_test id="oval:org.opensuse.security:tst:2009060962" version="1" comment="cifs-mount is <3.0.36-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60312 <object object_ref="oval:org.opensuse.security:obj:2009031336"/> 60313 <state state_ref="oval:org.opensuse.security:ste:2009038240"/> 60314 </rpminfo_test> 60315 <rpminfo_test id="oval:org.opensuse.security:tst:2009060963" version="1" comment="ldapsmb is <1.34b-25.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60316 <object object_ref="oval:org.opensuse.security:obj:2009030746"/> 60317 <state state_ref="oval:org.opensuse.security:ste:2009038241"/> 60318 </rpminfo_test> 60319 <rpminfo_test id="oval:org.opensuse.security:tst:2009060964" version="1" comment="libsmbclient-32bit is <3.0.36-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60320 <object object_ref="oval:org.opensuse.security:obj:2009030745"/> 60321 <state state_ref="oval:org.opensuse.security:ste:2009038240"/> 60322 </rpminfo_test> 60323 <rpminfo_test id="oval:org.opensuse.security:tst:2009060965" version="1" comment="libsmbclient-devel is <3.0.36-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60324 <object object_ref="oval:org.opensuse.security:obj:2009030441"/> 60325 <state state_ref="oval:org.opensuse.security:ste:2009038240"/> 60326 </rpminfo_test> 60327 <rpminfo_test id="oval:org.opensuse.security:tst:2009060966" version="1" comment="libsmbclient is <3.0.36-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60328 <object object_ref="oval:org.opensuse.security:obj:2009030442"/> 60329 <state state_ref="oval:org.opensuse.security:ste:2009038240"/> 60330 </rpminfo_test> 60331 <rpminfo_test id="oval:org.opensuse.security:tst:2009060967" version="1" comment="samba-32bit is <3.0.36-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60332 <object object_ref="oval:org.opensuse.security:obj:2009030769"/> 60333 <state state_ref="oval:org.opensuse.security:ste:2009038240"/> 60334 </rpminfo_test> 60335 <rpminfo_test id="oval:org.opensuse.security:tst:2009060968" version="1" comment="samba-client-32bit is <3.0.36-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60336 <object object_ref="oval:org.opensuse.security:obj:2009030770"/> 60337 <state state_ref="oval:org.opensuse.security:ste:2009038240"/> 60338 </rpminfo_test> 60339 <rpminfo_test id="oval:org.opensuse.security:tst:2009060969" version="1" comment="samba-client is <3.0.36-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60340 <object object_ref="oval:org.opensuse.security:obj:2009030443"/> 60341 <state state_ref="oval:org.opensuse.security:ste:2009038240"/> 60342 </rpminfo_test> 60343 <rpminfo_test id="oval:org.opensuse.security:tst:2009060970" version="1" comment="samba-krb-printing is <3.0.36-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60344 <object object_ref="oval:org.opensuse.security:obj:2009031344"/> 60345 <state state_ref="oval:org.opensuse.security:ste:2009038240"/> 60346 </rpminfo_test> 60347 <rpminfo_test id="oval:org.opensuse.security:tst:2009060971" version="1" comment="samba-vscan is <0.3.6b-43.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60348 <object object_ref="oval:org.opensuse.security:obj:2009030447"/> 60349 <state state_ref="oval:org.opensuse.security:ste:2009038242"/> 60350 </rpminfo_test> 60351 <rpminfo_test id="oval:org.opensuse.security:tst:2009060972" version="1" comment="samba-winbind-32bit is <3.0.36-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60352 <object object_ref="oval:org.opensuse.security:obj:2009030771"/> 60353 <state state_ref="oval:org.opensuse.security:ste:2009038240"/> 60354 </rpminfo_test> 60355 <rpminfo_test id="oval:org.opensuse.security:tst:2009060973" version="1" comment="samba-winbind is <3.0.36-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60356 <object object_ref="oval:org.opensuse.security:obj:2009030448"/> 60357 <state state_ref="oval:org.opensuse.security:ste:2009038240"/> 60358 </rpminfo_test> 60359 <rpminfo_test id="oval:org.opensuse.security:tst:2009060974" version="1" comment="samba is <3.0.36-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60360 <object object_ref="oval:org.opensuse.security:obj:2009030429"/> 60361 <state state_ref="oval:org.opensuse.security:ste:2009038240"/> 60362 </rpminfo_test> 60363 <rpminfo_test id="oval:org.opensuse.security:tst:2009060663" version="1" comment="ncpfs is <2.2.6-24.17.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60364 <object object_ref="oval:org.opensuse.security:obj:2009030460"/> 60365 <state state_ref="oval:org.opensuse.security:ste:2009038168"/> 60366 </rpminfo_test> 60367 <rpminfo_test id="oval:org.opensuse.security:tst:2009061984" version="1" comment="kernel-default is <2.6.16.60-0.67.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60368 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 60369 <state state_ref="oval:org.opensuse.security:ste:2009038383"/> 60370 </rpminfo_test> 60371 <rpminfo_test id="oval:org.opensuse.security:tst:2009061985" version="1" comment="kernel-smp is <2.6.16.60-0.67.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60372 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 60373 <state state_ref="oval:org.opensuse.security:ste:2009038383"/> 60374 </rpminfo_test> 60375 <rpminfo_test id="oval:org.opensuse.security:tst:2009061986" version="1" comment="kernel-source is <2.6.16.60-0.67.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60376 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 60377 <state state_ref="oval:org.opensuse.security:ste:2009038383"/> 60378 </rpminfo_test> 60379 <rpminfo_test id="oval:org.opensuse.security:tst:2009061987" version="1" comment="kernel-syms is <2.6.16.60-0.67.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60380 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 60381 <state state_ref="oval:org.opensuse.security:ste:2009038383"/> 60382 </rpminfo_test> 60383 <rpminfo_test id="oval:org.opensuse.security:tst:2009061988" version="1" comment="kernel-xen is <2.6.16.60-0.67.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60384 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 60385 <state state_ref="oval:org.opensuse.security:ste:2009038383"/> 60386 </rpminfo_test> 60387 <rpminfo_test id="oval:org.opensuse.security:tst:2009061993" version="1" comment="kernel-bigsmp is <2.6.16.60-0.67.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60388 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 60389 <state state_ref="oval:org.opensuse.security:ste:2009038383"/> 60390 </rpminfo_test> 60391 <rpminfo_test id="oval:org.opensuse.security:tst:2009061994" version="1" comment="kernel-xenpae is <2.6.16.60-0.67.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60392 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 60393 <state state_ref="oval:org.opensuse.security:ste:2009038383"/> 60394 </rpminfo_test> 60395 <rpminfo_test id="oval:org.opensuse.security:tst:2009061233" version="1" comment="xorg-x11-Xnest is <6.9.0-50.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60396 <object object_ref="oval:org.opensuse.security:obj:2009032401"/> 60397 <state state_ref="oval:org.opensuse.security:ste:2009038282"/> 60398 </rpminfo_test> 60399 <rpminfo_test id="oval:org.opensuse.security:tst:2009061234" version="1" comment="xorg-x11-Xvfb is <6.9.0-50.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60400 <object object_ref="oval:org.opensuse.security:obj:2009032402"/> 60401 <state state_ref="oval:org.opensuse.security:ste:2009038282"/> 60402 </rpminfo_test> 60403 <rpminfo_test id="oval:org.opensuse.security:tst:2009061235" version="1" comment="xorg-x11-Xvnc is <6.9.0-50.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60404 <object object_ref="oval:org.opensuse.security:obj:2009031301"/> 60405 <state state_ref="oval:org.opensuse.security:ste:2009038282"/> 60406 </rpminfo_test> 60407 <rpminfo_test id="oval:org.opensuse.security:tst:2009061236" version="1" comment="xorg-x11-devel-32bit is <6.9.0-50.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60408 <object object_ref="oval:org.opensuse.security:obj:2009031328"/> 60409 <state state_ref="oval:org.opensuse.security:ste:2009038282"/> 60410 </rpminfo_test> 60411 <rpminfo_test id="oval:org.opensuse.security:tst:2009061237" version="1" comment="xorg-x11-devel is <6.9.0-50.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60412 <object object_ref="oval:org.opensuse.security:obj:2009031330"/> 60413 <state state_ref="oval:org.opensuse.security:ste:2009038282"/> 60414 </rpminfo_test> 60415 <rpminfo_test id="oval:org.opensuse.security:tst:2009061238" version="1" comment="xorg-x11-fonts-100dpi is <6.9.0-50.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60416 <object object_ref="oval:org.opensuse.security:obj:2009032403"/> 60417 <state state_ref="oval:org.opensuse.security:ste:2009038282"/> 60418 </rpminfo_test> 60419 <rpminfo_test id="oval:org.opensuse.security:tst:2009061239" version="1" comment="xorg-x11-fonts-75dpi is <6.9.0-50.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60420 <object object_ref="oval:org.opensuse.security:obj:2009032404"/> 60421 <state state_ref="oval:org.opensuse.security:ste:2009038282"/> 60422 </rpminfo_test> 60423 <rpminfo_test id="oval:org.opensuse.security:tst:2009061240" version="1" comment="xorg-x11-fonts-cyrillic is <6.9.0-50.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60424 <object object_ref="oval:org.opensuse.security:obj:2009032405"/> 60425 <state state_ref="oval:org.opensuse.security:ste:2009038282"/> 60426 </rpminfo_test> 60427 <rpminfo_test id="oval:org.opensuse.security:tst:2009061241" version="1" comment="xorg-x11-fonts-scalable is <6.9.0-50.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60428 <object object_ref="oval:org.opensuse.security:obj:2009032406"/> 60429 <state state_ref="oval:org.opensuse.security:ste:2009038282"/> 60430 </rpminfo_test> 60431 <rpminfo_test id="oval:org.opensuse.security:tst:2009061242" version="1" comment="xorg-x11-fonts-syriac is <6.9.0-50.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60432 <object object_ref="oval:org.opensuse.security:obj:2009032407"/> 60433 <state state_ref="oval:org.opensuse.security:ste:2009038282"/> 60434 </rpminfo_test> 60435 <rpminfo_test id="oval:org.opensuse.security:tst:2009061243" version="1" comment="xorg-x11-libs-32bit is <6.9.0-50.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60436 <object object_ref="oval:org.opensuse.security:obj:2009031332"/> 60437 <state state_ref="oval:org.opensuse.security:ste:2009038282"/> 60438 </rpminfo_test> 60439 <rpminfo_test id="oval:org.opensuse.security:tst:2009061244" version="1" comment="xorg-x11-libs is <6.9.0-50.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60440 <object object_ref="oval:org.opensuse.security:obj:2009031334"/> 60441 <state state_ref="oval:org.opensuse.security:ste:2009038282"/> 60442 </rpminfo_test> 60443 <rpminfo_test id="oval:org.opensuse.security:tst:2009061245" version="1" comment="xorg-x11-man is <6.9.0-50.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60444 <object object_ref="oval:org.opensuse.security:obj:2009032408"/> 60445 <state state_ref="oval:org.opensuse.security:ste:2009038282"/> 60446 </rpminfo_test> 60447 <rpminfo_test id="oval:org.opensuse.security:tst:2009061246" version="1" comment="xorg-x11-server-glx is <6.9.0-50.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60448 <object object_ref="oval:org.opensuse.security:obj:2009032409"/> 60449 <state state_ref="oval:org.opensuse.security:ste:2009038282"/> 60450 </rpminfo_test> 60451 <rpminfo_test id="oval:org.opensuse.security:tst:2009061247" version="1" comment="xorg-x11-server is <6.9.0-50.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60452 <object object_ref="oval:org.opensuse.security:obj:2009031304"/> 60453 <state state_ref="oval:org.opensuse.security:ste:2009038282"/> 60454 </rpminfo_test> 60455 <rpminfo_test id="oval:org.opensuse.security:tst:2009061248" version="1" comment="xorg-x11 is <6.9.0-50.66.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60456 <object object_ref="oval:org.opensuse.security:obj:2009031335"/> 60457 <state state_ref="oval:org.opensuse.security:ste:2009038282"/> 60458 </rpminfo_test> 60459 <rpminfo_test id="oval:org.opensuse.security:tst:2009063288" version="1" comment="xorg-x11-Xvnc is <6.9.0-50.67.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60460 <object object_ref="oval:org.opensuse.security:obj:2009031301"/> 60461 <state state_ref="oval:org.opensuse.security:ste:2009038577"/> 60462 </rpminfo_test> 60463 <rpminfo_test id="oval:org.opensuse.security:tst:2009063289" version="1" comment="xorg-x11-server is <6.9.0-50.67.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60464 <object object_ref="oval:org.opensuse.security:obj:2009031304"/> 60465 <state state_ref="oval:org.opensuse.security:ste:2009038577"/> 60466 </rpminfo_test> 60467 <rpminfo_test id="oval:org.opensuse.security:tst:2009062015" version="1" comment="perl-32bit is <5.8.8-14.15.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60468 <object object_ref="oval:org.opensuse.security:obj:2009030599"/> 60469 <state state_ref="oval:org.opensuse.security:ste:2009038387"/> 60470 </rpminfo_test> 60471 <rpminfo_test id="oval:org.opensuse.security:tst:2009062016" version="1" comment="perl is <5.8.8-14.15.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60472 <object object_ref="oval:org.opensuse.security:obj:2009030410"/> 60473 <state state_ref="oval:org.opensuse.security:ste:2009038387"/> 60474 </rpminfo_test> 60475 <rpminfo_test id="oval:org.opensuse.security:tst:2009066484" version="1" comment="kernel-default is <2.6.16.60-0.77.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60476 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 60477 <state state_ref="oval:org.opensuse.security:ste:2009039123"/> 60478 </rpminfo_test> 60479 <rpminfo_test id="oval:org.opensuse.security:tst:2009066485" version="1" comment="kernel-smp is <2.6.16.60-0.77.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60480 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 60481 <state state_ref="oval:org.opensuse.security:ste:2009039123"/> 60482 </rpminfo_test> 60483 <rpminfo_test id="oval:org.opensuse.security:tst:2009066486" version="1" comment="kernel-source is <2.6.16.60-0.77.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60484 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 60485 <state state_ref="oval:org.opensuse.security:ste:2009039123"/> 60486 </rpminfo_test> 60487 <rpminfo_test id="oval:org.opensuse.security:tst:2009066487" version="1" comment="kernel-syms is <2.6.16.60-0.77.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60488 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 60489 <state state_ref="oval:org.opensuse.security:ste:2009039123"/> 60490 </rpminfo_test> 60491 <rpminfo_test id="oval:org.opensuse.security:tst:2009066488" version="1" comment="kernel-xen is <2.6.16.60-0.77.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60492 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 60493 <state state_ref="oval:org.opensuse.security:ste:2009039123"/> 60494 </rpminfo_test> 60495 <rpminfo_test id="oval:org.opensuse.security:tst:2009066491" version="1" comment="kernel-bigsmp is <2.6.16.60-0.77.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60496 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 60497 <state state_ref="oval:org.opensuse.security:ste:2009039123"/> 60498 </rpminfo_test> 60499 <rpminfo_test id="oval:org.opensuse.security:tst:2009066492" version="1" comment="kernel-xenpae is <2.6.16.60-0.77.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60500 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 60501 <state state_ref="oval:org.opensuse.security:ste:2009039123"/> 60502 </rpminfo_test> 60503 <rpminfo_test id="oval:org.opensuse.security:tst:2009062300" version="1" comment="libpng-32bit is <1.2.8-19.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60504 <object object_ref="oval:org.opensuse.security:obj:2009030638"/> 60505 <state state_ref="oval:org.opensuse.security:ste:2009038447"/> 60506 </rpminfo_test> 60507 <rpminfo_test id="oval:org.opensuse.security:tst:2009062301" version="1" comment="libpng-devel-32bit is <1.2.8-19.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60508 <object object_ref="oval:org.opensuse.security:obj:2009031449"/> 60509 <state state_ref="oval:org.opensuse.security:ste:2009038447"/> 60510 </rpminfo_test> 60511 <rpminfo_test id="oval:org.opensuse.security:tst:2009062302" version="1" comment="libpng-devel is <1.2.8-19.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60512 <object object_ref="oval:org.opensuse.security:obj:2009030639"/> 60513 <state state_ref="oval:org.opensuse.security:ste:2009038447"/> 60514 </rpminfo_test> 60515 <rpminfo_test id="oval:org.opensuse.security:tst:2009062303" version="1" comment="libpng is <1.2.8-19.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60516 <object object_ref="oval:org.opensuse.security:obj:2009030640"/> 60517 <state state_ref="oval:org.opensuse.security:ste:2009038447"/> 60518 </rpminfo_test> 60519 <rpminfo_test id="oval:org.opensuse.security:tst:2009061121" version="1" comment="acroread-cmaps is <9.3.3-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60520 <object object_ref="oval:org.opensuse.security:obj:2009033636"/> 60521 <state state_ref="oval:org.opensuse.security:ste:2009038264"/> 60522 </rpminfo_test> 60523 <rpminfo_test id="oval:org.opensuse.security:tst:2009061122" version="1" comment="acroread-fonts-ja is <9.3.3-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60524 <object object_ref="oval:org.opensuse.security:obj:2009033637"/> 60525 <state state_ref="oval:org.opensuse.security:ste:2009038264"/> 60526 </rpminfo_test> 60527 <rpminfo_test id="oval:org.opensuse.security:tst:2009061123" version="1" comment="acroread-fonts-ko is <9.3.3-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60528 <object object_ref="oval:org.opensuse.security:obj:2009033638"/> 60529 <state state_ref="oval:org.opensuse.security:ste:2009038264"/> 60530 </rpminfo_test> 60531 <rpminfo_test id="oval:org.opensuse.security:tst:2009061124" version="1" comment="acroread-fonts-zh_CN is <9.3.3-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60532 <object object_ref="oval:org.opensuse.security:obj:2009033639"/> 60533 <state state_ref="oval:org.opensuse.security:ste:2009038264"/> 60534 </rpminfo_test> 60535 <rpminfo_test id="oval:org.opensuse.security:tst:2009061125" version="1" comment="acroread-fonts-zh_TW is <9.3.3-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60536 <object object_ref="oval:org.opensuse.security:obj:2009033640"/> 60537 <state state_ref="oval:org.opensuse.security:ste:2009038264"/> 60538 </rpminfo_test> 60539 <rpminfo_test id="oval:org.opensuse.security:tst:2009061126" version="1" comment="acroread is <9.3.3-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60540 <object object_ref="oval:org.opensuse.security:obj:2009030440"/> 60541 <state state_ref="oval:org.opensuse.security:ste:2009038264"/> 60542 </rpminfo_test> 60543 <rpminfo_test id="oval:org.opensuse.security:tst:2009061134" version="1" comment="acroread_ja is <9.3.3-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60544 <object object_ref="oval:org.opensuse.security:obj:2009032700"/> 60545 <state state_ref="oval:org.opensuse.security:ste:2009038264"/> 60546 </rpminfo_test> 60547 <rpminfo_test id="oval:org.opensuse.security:tst:2009060762" version="1" comment="krb5-32bit is <1.4.3-19.45.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60548 <object object_ref="oval:org.opensuse.security:obj:2009031038"/> 60549 <state state_ref="oval:org.opensuse.security:ste:2009038193"/> 60550 </rpminfo_test> 60551 <rpminfo_test id="oval:org.opensuse.security:tst:2009060763" version="1" comment="krb5-client is <1.4.3-19.45.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60552 <object object_ref="oval:org.opensuse.security:obj:2009031041"/> 60553 <state state_ref="oval:org.opensuse.security:ste:2009038193"/> 60554 </rpminfo_test> 60555 <rpminfo_test id="oval:org.opensuse.security:tst:2009060764" version="1" comment="krb5-devel-32bit is <1.4.3-19.45.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60556 <object object_ref="oval:org.opensuse.security:obj:2009031476"/> 60557 <state state_ref="oval:org.opensuse.security:ste:2009038193"/> 60558 </rpminfo_test> 60559 <rpminfo_test id="oval:org.opensuse.security:tst:2009060765" version="1" comment="krb5-devel is <1.4.3-19.45.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60560 <object object_ref="oval:org.opensuse.security:obj:2009031478"/> 60561 <state state_ref="oval:org.opensuse.security:ste:2009038193"/> 60562 </rpminfo_test> 60563 <rpminfo_test id="oval:org.opensuse.security:tst:2009060766" version="1" comment="krb5 is <1.4.3-19.45.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60564 <object object_ref="oval:org.opensuse.security:obj:2009031044"/> 60565 <state state_ref="oval:org.opensuse.security:ste:2009038193"/> 60566 </rpminfo_test> 60567 <rpminfo_test id="oval:org.opensuse.security:tst:2009065137" version="1" comment="krb5-32bit is <1.4.3-19.47.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60568 <object object_ref="oval:org.opensuse.security:obj:2009031038"/> 60569 <state state_ref="oval:org.opensuse.security:ste:2009038841"/> 60570 </rpminfo_test> 60571 <rpminfo_test id="oval:org.opensuse.security:tst:2009065138" version="1" comment="krb5-client is <1.4.3-19.47.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60572 <object object_ref="oval:org.opensuse.security:obj:2009031041"/> 60573 <state state_ref="oval:org.opensuse.security:ste:2009038841"/> 60574 </rpminfo_test> 60575 <rpminfo_test id="oval:org.opensuse.security:tst:2009065139" version="1" comment="krb5-devel-32bit is <1.4.3-19.47.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60576 <object object_ref="oval:org.opensuse.security:obj:2009031476"/> 60577 <state state_ref="oval:org.opensuse.security:ste:2009038841"/> 60578 </rpminfo_test> 60579 <rpminfo_test id="oval:org.opensuse.security:tst:2009065140" version="1" comment="krb5-devel is <1.4.3-19.47.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60580 <object object_ref="oval:org.opensuse.security:obj:2009031478"/> 60581 <state state_ref="oval:org.opensuse.security:ste:2009038841"/> 60582 </rpminfo_test> 60583 <rpminfo_test id="oval:org.opensuse.security:tst:2009065141" version="1" comment="krb5 is <1.4.3-19.47.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60584 <object object_ref="oval:org.opensuse.security:obj:2009031044"/> 60585 <state state_ref="oval:org.opensuse.security:ste:2009038841"/> 60586 </rpminfo_test> 60587 <rpminfo_test id="oval:org.opensuse.security:tst:2009060874" version="1" comment="libtiff-32bit is <3.8.2-5.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60588 <object object_ref="oval:org.opensuse.security:obj:2009030616"/> 60589 <state state_ref="oval:org.opensuse.security:ste:2009038218"/> 60590 </rpminfo_test> 60591 <rpminfo_test id="oval:org.opensuse.security:tst:2009060875" version="1" comment="libtiff-devel is <3.8.2-5.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60592 <object object_ref="oval:org.opensuse.security:obj:2009031676"/> 60593 <state state_ref="oval:org.opensuse.security:ste:2009038218"/> 60594 </rpminfo_test> 60595 <rpminfo_test id="oval:org.opensuse.security:tst:2009060876" version="1" comment="libtiff is <3.8.2-5.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60596 <object object_ref="oval:org.opensuse.security:obj:2009030452"/> 60597 <state state_ref="oval:org.opensuse.security:ste:2009038218"/> 60598 </rpminfo_test> 60599 <rpminfo_test id="oval:org.opensuse.security:tst:2009066972" version="1" comment="wireshark is <1.4.4-0.37.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60600 <object object_ref="oval:org.opensuse.security:obj:2009031055"/> 60601 <state state_ref="oval:org.opensuse.security:ste:2009039192"/> 60602 </rpminfo_test> 60603 <rpminfo_test id="oval:org.opensuse.security:tst:2009063152" version="1" comment="libgdiplus is <1.2.2-13.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60604 <object object_ref="oval:org.opensuse.security:obj:2009032050"/> 60605 <state state_ref="oval:org.opensuse.security:ste:2009038552"/> 60606 </rpminfo_test> 60607 <rpminfo_test id="oval:org.opensuse.security:tst:2009067084" version="1" comment="MozillaFirefox is <3.6.16-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60608 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 60609 <state state_ref="oval:org.opensuse.security:ste:2009039225"/> 60610 </rpminfo_test> 60611 <rpminfo_test id="oval:org.opensuse.security:tst:2009067085" version="1" comment="mozilla-xulrunner192-32bit is <1.9.2.16-1.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60612 <object object_ref="oval:org.opensuse.security:obj:2009033842"/> 60613 <state state_ref="oval:org.opensuse.security:ste:2009039226"/> 60614 </rpminfo_test> 60615 <rpminfo_test id="oval:org.opensuse.security:tst:2009067086" version="1" comment="mozilla-xulrunner192 is <1.9.2.16-1.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60616 <object object_ref="oval:org.opensuse.security:obj:2009033851"/> 60617 <state state_ref="oval:org.opensuse.security:ste:2009039226"/> 60618 </rpminfo_test> 60619 <rpminfo_test id="oval:org.opensuse.security:tst:2009066217" version="1" comment="MozillaFirefox-translations is <3.6.15-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60620 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 60621 <state state_ref="oval:org.opensuse.security:ste:2009039041"/> 60622 </rpminfo_test> 60623 <rpminfo_test id="oval:org.opensuse.security:tst:2009066218" version="1" comment="MozillaFirefox is <3.6.15-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60624 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 60625 <state state_ref="oval:org.opensuse.security:ste:2009039041"/> 60626 </rpminfo_test> 60627 <rpminfo_test id="oval:org.opensuse.security:tst:2009066219" version="1" comment="mozilla-xulrunner192-32bit is <1.9.2.15-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60628 <object object_ref="oval:org.opensuse.security:obj:2009033842"/> 60629 <state state_ref="oval:org.opensuse.security:ste:2009039042"/> 60630 </rpminfo_test> 60631 <rpminfo_test id="oval:org.opensuse.security:tst:2009066220" version="1" comment="mozilla-xulrunner192-gnome-32bit is <1.9.2.15-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60632 <object object_ref="oval:org.opensuse.security:obj:2009033845"/> 60633 <state state_ref="oval:org.opensuse.security:ste:2009039042"/> 60634 </rpminfo_test> 60635 <rpminfo_test id="oval:org.opensuse.security:tst:2009066221" version="1" comment="mozilla-xulrunner192-gnome is <1.9.2.15-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60636 <object object_ref="oval:org.opensuse.security:obj:2009033846"/> 60637 <state state_ref="oval:org.opensuse.security:ste:2009039042"/> 60638 </rpminfo_test> 60639 <rpminfo_test id="oval:org.opensuse.security:tst:2009066222" version="1" comment="mozilla-xulrunner192-translations-32bit is <1.9.2.15-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60640 <object object_ref="oval:org.opensuse.security:obj:2009033962"/> 60641 <state state_ref="oval:org.opensuse.security:ste:2009039042"/> 60642 </rpminfo_test> 60643 <rpminfo_test id="oval:org.opensuse.security:tst:2009066223" version="1" comment="mozilla-xulrunner192-translations is <1.9.2.15-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60644 <object object_ref="oval:org.opensuse.security:obj:2009033959"/> 60645 <state state_ref="oval:org.opensuse.security:ste:2009039042"/> 60646 </rpminfo_test> 60647 <rpminfo_test id="oval:org.opensuse.security:tst:2009066224" version="1" comment="mozilla-xulrunner192 is <1.9.2.15-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60648 <object object_ref="oval:org.opensuse.security:obj:2009033851"/> 60649 <state state_ref="oval:org.opensuse.security:ste:2009039042"/> 60650 </rpminfo_test> 60651 <rpminfo_test id="oval:org.opensuse.security:tst:2009066124" version="1" comment="mozilla-xulrunner191-32bit is <1.9.1.17-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60652 <object object_ref="oval:org.opensuse.security:obj:2009033425"/> 60653 <state state_ref="oval:org.opensuse.security:ste:2009039017"/> 60654 </rpminfo_test> 60655 <rpminfo_test id="oval:org.opensuse.security:tst:2009066125" version="1" comment="mozilla-xulrunner191-gnomevfs-32bit is <1.9.1.17-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60656 <object object_ref="oval:org.opensuse.security:obj:2009033431"/> 60657 <state state_ref="oval:org.opensuse.security:ste:2009039017"/> 60658 </rpminfo_test> 60659 <rpminfo_test id="oval:org.opensuse.security:tst:2009066126" version="1" comment="mozilla-xulrunner191-gnomevfs is <1.9.1.17-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60660 <object object_ref="oval:org.opensuse.security:obj:2009033426"/> 60661 <state state_ref="oval:org.opensuse.security:ste:2009039017"/> 60662 </rpminfo_test> 60663 <rpminfo_test id="oval:org.opensuse.security:tst:2009066127" version="1" comment="mozilla-xulrunner191-translations-32bit is <1.9.1.17-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60664 <object object_ref="oval:org.opensuse.security:obj:2009033433"/> 60665 <state state_ref="oval:org.opensuse.security:ste:2009039017"/> 60666 </rpminfo_test> 60667 <rpminfo_test id="oval:org.opensuse.security:tst:2009066128" version="1" comment="mozilla-xulrunner191-translations is <1.9.1.17-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60668 <object object_ref="oval:org.opensuse.security:obj:2009033427"/> 60669 <state state_ref="oval:org.opensuse.security:ste:2009039017"/> 60670 </rpminfo_test> 60671 <rpminfo_test id="oval:org.opensuse.security:tst:2009066129" version="1" comment="mozilla-xulrunner191 is <1.9.1.17-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60672 <object object_ref="oval:org.opensuse.security:obj:2009033429"/> 60673 <state state_ref="oval:org.opensuse.security:ste:2009039017"/> 60674 </rpminfo_test> 60675 <rpminfo_test id="oval:org.opensuse.security:tst:2009071813" version="1" comment="finch is <2.6.6-0.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60676 <object object_ref="oval:org.opensuse.security:obj:2009031748"/> 60677 <state state_ref="oval:org.opensuse.security:ste:2009040113"/> 60678 </rpminfo_test> 60679 <rpminfo_test id="oval:org.opensuse.security:tst:2009071814" version="1" comment="libpurple is <2.6.6-0.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60680 <object object_ref="oval:org.opensuse.security:obj:2009031423"/> 60681 <state state_ref="oval:org.opensuse.security:ste:2009040113"/> 60682 </rpminfo_test> 60683 <rpminfo_test id="oval:org.opensuse.security:tst:2009071815" version="1" comment="pidgin is <2.6.6-0.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60684 <object object_ref="oval:org.opensuse.security:obj:2009031752"/> 60685 <state state_ref="oval:org.opensuse.security:ste:2009040113"/> 60686 </rpminfo_test> 60687 <rpminfo_test id="oval:org.opensuse.security:tst:2009063559" version="1" comment="mysql-client is <5.0.26-12.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60688 <object object_ref="oval:org.opensuse.security:obj:2009030723"/> 60689 <state state_ref="oval:org.opensuse.security:ste:2009038624"/> 60690 </rpminfo_test> 60691 <rpminfo_test id="oval:org.opensuse.security:tst:2009063560" version="1" comment="mysql-devel is <5.0.26-12.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60692 <object object_ref="oval:org.opensuse.security:obj:2009030570"/> 60693 <state state_ref="oval:org.opensuse.security:ste:2009038624"/> 60694 </rpminfo_test> 60695 <rpminfo_test id="oval:org.opensuse.security:tst:2009063561" version="1" comment="mysql-shared-32bit is <5.0.26-12.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60696 <object object_ref="oval:org.opensuse.security:obj:2009032264"/> 60697 <state state_ref="oval:org.opensuse.security:ste:2009038624"/> 60698 </rpminfo_test> 60699 <rpminfo_test id="oval:org.opensuse.security:tst:2009063562" version="1" comment="mysql-shared is <5.0.26-12.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60700 <object object_ref="oval:org.opensuse.security:obj:2009030724"/> 60701 <state state_ref="oval:org.opensuse.security:ste:2009038624"/> 60702 </rpminfo_test> 60703 <rpminfo_test id="oval:org.opensuse.security:tst:2009063563" version="1" comment="mysql is <5.0.26-12.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60704 <object object_ref="oval:org.opensuse.security:obj:2009030424"/> 60705 <state state_ref="oval:org.opensuse.security:ste:2009038624"/> 60706 </rpminfo_test> 60707 <rpminfo_test id="oval:org.opensuse.security:tst:2009061757" version="1" comment="clamav is <0.96.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60708 <object object_ref="oval:org.opensuse.security:obj:2009030961"/> 60709 <state state_ref="oval:org.opensuse.security:ste:2009038326"/> 60710 </rpminfo_test> 60711 <rpminfo_test id="oval:org.opensuse.security:tst:2009062154" version="1" comment="freetype2-32bit is <2.1.10-18.22.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60712 <object object_ref="oval:org.opensuse.security:obj:2009030610"/> 60713 <state state_ref="oval:org.opensuse.security:ste:2009038419"/> 60714 </rpminfo_test> 60715 <rpminfo_test id="oval:org.opensuse.security:tst:2009062155" version="1" comment="freetype2-devel-32bit is <2.1.10-18.22.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60716 <object object_ref="oval:org.opensuse.security:obj:2009030611"/> 60717 <state state_ref="oval:org.opensuse.security:ste:2009038419"/> 60718 </rpminfo_test> 60719 <rpminfo_test id="oval:org.opensuse.security:tst:2009062156" version="1" comment="freetype2-devel is <2.1.10-18.22.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60720 <object object_ref="oval:org.opensuse.security:obj:2009030612"/> 60721 <state state_ref="oval:org.opensuse.security:ste:2009038419"/> 60722 </rpminfo_test> 60723 <rpminfo_test id="oval:org.opensuse.security:tst:2009062157" version="1" comment="freetype2 is <2.1.10-18.22.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60724 <object object_ref="oval:org.opensuse.security:obj:2009030613"/> 60725 <state state_ref="oval:org.opensuse.security:ste:2009038419"/> 60726 </rpminfo_test> 60727 <rpminfo_test id="oval:org.opensuse.security:tst:2009062713" version="1" comment="popt-32bit is <1.7-271.36.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60728 <object object_ref="oval:org.opensuse.security:obj:2009032528"/> 60729 <state state_ref="oval:org.opensuse.security:ste:2009038496"/> 60730 </rpminfo_test> 60731 <rpminfo_test id="oval:org.opensuse.security:tst:2009062714" version="1" comment="popt-devel-32bit is <1.7-271.36.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60732 <object object_ref="oval:org.opensuse.security:obj:2009032529"/> 60733 <state state_ref="oval:org.opensuse.security:ste:2009038496"/> 60734 </rpminfo_test> 60735 <rpminfo_test id="oval:org.opensuse.security:tst:2009062715" version="1" comment="popt-devel is <1.7-271.36.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60736 <object object_ref="oval:org.opensuse.security:obj:2009032530"/> 60737 <state state_ref="oval:org.opensuse.security:ste:2009038496"/> 60738 </rpminfo_test> 60739 <rpminfo_test id="oval:org.opensuse.security:tst:2009062716" version="1" comment="popt is <1.7-271.36.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60740 <object object_ref="oval:org.opensuse.security:obj:2009032531"/> 60741 <state state_ref="oval:org.opensuse.security:ste:2009038496"/> 60742 </rpminfo_test> 60743 <rpminfo_test id="oval:org.opensuse.security:tst:2009062717" version="1" comment="rpm-devel is <4.4.2-43.36.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60744 <object object_ref="oval:org.opensuse.security:obj:2009032539"/> 60745 <state state_ref="oval:org.opensuse.security:ste:2009038497"/> 60746 </rpminfo_test> 60747 <rpminfo_test id="oval:org.opensuse.security:tst:2009062718" version="1" comment="rpm-python is <4.4.2-43.36.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60748 <object object_ref="oval:org.opensuse.security:obj:2009032540"/> 60749 <state state_ref="oval:org.opensuse.security:ste:2009038497"/> 60750 </rpminfo_test> 60751 <rpminfo_test id="oval:org.opensuse.security:tst:2009062719" version="1" comment="rpm is <4.4.2-43.36.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60752 <object object_ref="oval:org.opensuse.security:obj:2009032541"/> 60753 <state state_ref="oval:org.opensuse.security:ste:2009038497"/> 60754 </rpminfo_test> 60755 <rpminfo_test id="oval:org.opensuse.security:tst:2009061695" version="1" comment="w3m is <0.5.1-19.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60756 <object object_ref="oval:org.opensuse.security:obj:2009030675"/> 60757 <state state_ref="oval:org.opensuse.security:ste:2009038316"/> 60758 </rpminfo_test> 60759 <rpminfo_test id="oval:org.opensuse.security:tst:2009065148" version="1" comment="kernel-bigsmp is <2.6.16.60-0.74.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60760 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 60761 <state state_ref="oval:org.opensuse.security:ste:2009038842"/> 60762 </rpminfo_test> 60763 <rpminfo_test id="oval:org.opensuse.security:tst:2009065149" version="1" comment="kernel-default is <2.6.16.60-0.74.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60764 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 60765 <state state_ref="oval:org.opensuse.security:ste:2009038842"/> 60766 </rpminfo_test> 60767 <rpminfo_test id="oval:org.opensuse.security:tst:2009065150" version="1" comment="kernel-smp is <2.6.16.60-0.74.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60768 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 60769 <state state_ref="oval:org.opensuse.security:ste:2009038842"/> 60770 </rpminfo_test> 60771 <rpminfo_test id="oval:org.opensuse.security:tst:2009065151" version="1" comment="kernel-source is <2.6.16.60-0.74.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60772 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 60773 <state state_ref="oval:org.opensuse.security:ste:2009038842"/> 60774 </rpminfo_test> 60775 <rpminfo_test id="oval:org.opensuse.security:tst:2009065152" version="1" comment="kernel-syms is <2.6.16.60-0.74.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60776 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 60777 <state state_ref="oval:org.opensuse.security:ste:2009038842"/> 60778 </rpminfo_test> 60779 <rpminfo_test id="oval:org.opensuse.security:tst:2009065153" version="1" comment="kernel-xen is <2.6.16.60-0.74.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60780 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 60781 <state state_ref="oval:org.opensuse.security:ste:2009038842"/> 60782 </rpminfo_test> 60783 <rpminfo_test id="oval:org.opensuse.security:tst:2009065154" version="1" comment="kernel-xenpae is <2.6.16.60-0.74.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60784 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 60785 <state state_ref="oval:org.opensuse.security:ste:2009038842"/> 60786 </rpminfo_test> 60787 <rpminfo_test id="oval:org.opensuse.security:tst:2009062208" version="1" comment="kernel-bigsmp is <2.6.16.60-0.68.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60788 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 60789 <state state_ref="oval:org.opensuse.security:ste:2009038433"/> 60790 </rpminfo_test> 60791 <rpminfo_test id="oval:org.opensuse.security:tst:2009062209" version="1" comment="kernel-default is <2.6.16.60-0.68.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60792 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 60793 <state state_ref="oval:org.opensuse.security:ste:2009038433"/> 60794 </rpminfo_test> 60795 <rpminfo_test id="oval:org.opensuse.security:tst:2009062210" version="1" comment="kernel-smp is <2.6.16.60-0.68.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60796 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 60797 <state state_ref="oval:org.opensuse.security:ste:2009038433"/> 60798 </rpminfo_test> 60799 <rpminfo_test id="oval:org.opensuse.security:tst:2009062211" version="1" comment="kernel-source is <2.6.16.60-0.68.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60800 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 60801 <state state_ref="oval:org.opensuse.security:ste:2009038433"/> 60802 </rpminfo_test> 60803 <rpminfo_test id="oval:org.opensuse.security:tst:2009062212" version="1" comment="kernel-syms is <2.6.16.60-0.68.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60804 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 60805 <state state_ref="oval:org.opensuse.security:ste:2009038433"/> 60806 </rpminfo_test> 60807 <rpminfo_test id="oval:org.opensuse.security:tst:2009062213" version="1" comment="kernel-xen is <2.6.16.60-0.68.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60808 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 60809 <state state_ref="oval:org.opensuse.security:ste:2009038433"/> 60810 </rpminfo_test> 60811 <rpminfo_test id="oval:org.opensuse.security:tst:2009062214" version="1" comment="kernel-xenpae is <2.6.16.60-0.68.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60812 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 60813 <state state_ref="oval:org.opensuse.security:ste:2009038433"/> 60814 </rpminfo_test> 60815 <rpminfo_test id="oval:org.opensuse.security:tst:2009062737" version="1" comment="libvirt-python is <0.3.3-18.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60816 <object object_ref="oval:org.opensuse.security:obj:2009031850"/> 60817 <state state_ref="oval:org.opensuse.security:ste:2009038501"/> 60818 </rpminfo_test> 60819 <rpminfo_test id="oval:org.opensuse.security:tst:2009062738" version="1" comment="libvirt is <0.3.3-18.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60820 <object object_ref="oval:org.opensuse.security:obj:2009031851"/> 60821 <state state_ref="oval:org.opensuse.security:ste:2009038501"/> 60822 </rpminfo_test> 60823 <rpminfo_test id="oval:org.opensuse.security:tst:2009061960" version="1" comment="gpg2 is <1.9.18-17.21.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60824 <object object_ref="oval:org.opensuse.security:obj:2009030602"/> 60825 <state state_ref="oval:org.opensuse.security:ste:2009038374"/> 60826 </rpminfo_test> 60827 <rpminfo_test id="oval:org.opensuse.security:tst:2009070745" version="1" comment="evince is <0.4.0-25.13.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60828 <object object_ref="oval:org.opensuse.security:obj:2009032701"/> 60829 <state state_ref="oval:org.opensuse.security:ste:2009039975"/> 60830 </rpminfo_test> 60831 <rpminfo_test id="oval:org.opensuse.security:tst:2009064188" version="1" comment="MozillaFirefox-translations is <3.5.15-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60832 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 60833 <state state_ref="oval:org.opensuse.security:ste:2009038696"/> 60834 </rpminfo_test> 60835 <rpminfo_test id="oval:org.opensuse.security:tst:2009064189" version="1" comment="MozillaFirefox is <3.5.15-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60836 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 60837 <state state_ref="oval:org.opensuse.security:ste:2009038696"/> 60838 </rpminfo_test> 60839 <rpminfo_test id="oval:org.opensuse.security:tst:2009064190" version="1" comment="mozilla-xulrunner191-32bit is <1.9.1.15-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60840 <object object_ref="oval:org.opensuse.security:obj:2009033425"/> 60841 <state state_ref="oval:org.opensuse.security:ste:2009038697"/> 60842 </rpminfo_test> 60843 <rpminfo_test id="oval:org.opensuse.security:tst:2009064191" version="1" comment="mozilla-xulrunner191-gnomevfs-32bit is <1.9.1.15-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60844 <object object_ref="oval:org.opensuse.security:obj:2009033431"/> 60845 <state state_ref="oval:org.opensuse.security:ste:2009038697"/> 60846 </rpminfo_test> 60847 <rpminfo_test id="oval:org.opensuse.security:tst:2009064192" version="1" comment="mozilla-xulrunner191-gnomevfs is <1.9.1.15-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60848 <object object_ref="oval:org.opensuse.security:obj:2009033426"/> 60849 <state state_ref="oval:org.opensuse.security:ste:2009038697"/> 60850 </rpminfo_test> 60851 <rpminfo_test id="oval:org.opensuse.security:tst:2009064193" version="1" comment="mozilla-xulrunner191-translations-32bit is <1.9.1.15-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60852 <object object_ref="oval:org.opensuse.security:obj:2009033433"/> 60853 <state state_ref="oval:org.opensuse.security:ste:2009038697"/> 60854 </rpminfo_test> 60855 <rpminfo_test id="oval:org.opensuse.security:tst:2009064194" version="1" comment="mozilla-xulrunner191-translations is <1.9.1.15-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60856 <object object_ref="oval:org.opensuse.security:obj:2009033427"/> 60857 <state state_ref="oval:org.opensuse.security:ste:2009038697"/> 60858 </rpminfo_test> 60859 <rpminfo_test id="oval:org.opensuse.security:tst:2009064195" version="1" comment="mozilla-xulrunner191 is <1.9.1.15-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60860 <object object_ref="oval:org.opensuse.security:obj:2009033429"/> 60861 <state state_ref="oval:org.opensuse.security:ste:2009038697"/> 60862 </rpminfo_test> 60863 <rpminfo_test id="oval:org.opensuse.security:tst:2009065606" version="1" comment="perl-32bit is <5.8.8-14.17.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60864 <object object_ref="oval:org.opensuse.security:obj:2009030599"/> 60865 <state state_ref="oval:org.opensuse.security:ste:2009038927"/> 60866 </rpminfo_test> 60867 <rpminfo_test id="oval:org.opensuse.security:tst:2009065607" version="1" comment="perl is <5.8.8-14.17.15" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60868 <object object_ref="oval:org.opensuse.security:obj:2009030410"/> 60869 <state state_ref="oval:org.opensuse.security:ste:2009038927"/> 60870 </rpminfo_test> 60871 <rpminfo_test id="oval:org.opensuse.security:tst:2009074797" version="1" comment="socat is <1.7.0.0-1.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60872 <object object_ref="oval:org.opensuse.security:obj:2009034914"/> 60873 <state state_ref="oval:org.opensuse.security:ste:2009040582"/> 60874 </rpminfo_test> 60875 <rpminfo_test id="oval:org.opensuse.security:tst:2009063370" version="1" comment="acroread-cmaps is <9.4-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60876 <object object_ref="oval:org.opensuse.security:obj:2009033636"/> 60877 <state state_ref="oval:org.opensuse.security:ste:2009038594"/> 60878 </rpminfo_test> 60879 <rpminfo_test id="oval:org.opensuse.security:tst:2009063371" version="1" comment="acroread-fonts-ja is <9.4-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60880 <object object_ref="oval:org.opensuse.security:obj:2009033637"/> 60881 <state state_ref="oval:org.opensuse.security:ste:2009038594"/> 60882 </rpminfo_test> 60883 <rpminfo_test id="oval:org.opensuse.security:tst:2009063372" version="1" comment="acroread-fonts-ko is <9.4-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60884 <object object_ref="oval:org.opensuse.security:obj:2009033638"/> 60885 <state state_ref="oval:org.opensuse.security:ste:2009038594"/> 60886 </rpminfo_test> 60887 <rpminfo_test id="oval:org.opensuse.security:tst:2009063373" version="1" comment="acroread-fonts-zh_CN is <9.4-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60888 <object object_ref="oval:org.opensuse.security:obj:2009033639"/> 60889 <state state_ref="oval:org.opensuse.security:ste:2009038594"/> 60890 </rpminfo_test> 60891 <rpminfo_test id="oval:org.opensuse.security:tst:2009063374" version="1" comment="acroread-fonts-zh_TW is <9.4-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60892 <object object_ref="oval:org.opensuse.security:obj:2009033640"/> 60893 <state state_ref="oval:org.opensuse.security:ste:2009038594"/> 60894 </rpminfo_test> 60895 <rpminfo_test id="oval:org.opensuse.security:tst:2009063375" version="1" comment="acroread is <9.4-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60896 <object object_ref="oval:org.opensuse.security:obj:2009030440"/> 60897 <state state_ref="oval:org.opensuse.security:ste:2009038594"/> 60898 </rpminfo_test> 60899 <rpminfo_test id="oval:org.opensuse.security:tst:2009063376" version="1" comment="acroread_ja is <9.4-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60900 <object object_ref="oval:org.opensuse.security:obj:2009032700"/> 60901 <state state_ref="oval:org.opensuse.security:ste:2009038594"/> 60902 </rpminfo_test> 60903 <rpminfo_test id="oval:org.opensuse.security:tst:2009063019" version="1" comment="flash-player is <9.0.283.0-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60904 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 60905 <state state_ref="oval:org.opensuse.security:ste:2009038533"/> 60906 </rpminfo_test> 60907 <rpminfo_test id="oval:org.opensuse.security:tst:2009063582" version="1" comment="OpenOffice_org-af is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60908 <object object_ref="oval:org.opensuse.security:obj:2009031377"/> 60909 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60910 </rpminfo_test> 60911 <rpminfo_test id="oval:org.opensuse.security:tst:2009063583" version="1" comment="OpenOffice_org-ar is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60912 <object object_ref="oval:org.opensuse.security:obj:2009030617"/> 60913 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60914 </rpminfo_test> 60915 <rpminfo_test id="oval:org.opensuse.security:tst:2009063584" version="1" comment="OpenOffice_org-ca is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60916 <object object_ref="oval:org.opensuse.security:obj:2009030618"/> 60917 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60918 </rpminfo_test> 60919 <rpminfo_test id="oval:org.opensuse.security:tst:2009063585" version="1" comment="OpenOffice_org-cs is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60920 <object object_ref="oval:org.opensuse.security:obj:2009030485"/> 60921 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60922 </rpminfo_test> 60923 <rpminfo_test id="oval:org.opensuse.security:tst:2009063586" version="1" comment="OpenOffice_org-da is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60924 <object object_ref="oval:org.opensuse.security:obj:2009030486"/> 60925 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60926 </rpminfo_test> 60927 <rpminfo_test id="oval:org.opensuse.security:tst:2009063587" version="1" comment="OpenOffice_org-de is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60928 <object object_ref="oval:org.opensuse.security:obj:2009030487"/> 60929 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60930 </rpminfo_test> 60931 <rpminfo_test id="oval:org.opensuse.security:tst:2009063588" version="1" comment="OpenOffice_org-el is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60932 <object object_ref="oval:org.opensuse.security:obj:2009030619"/> 60933 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60934 </rpminfo_test> 60935 <rpminfo_test id="oval:org.opensuse.security:tst:2009063589" version="1" comment="OpenOffice_org-en-GB is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60936 <object object_ref="oval:org.opensuse.security:obj:2009031381"/> 60937 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60938 </rpminfo_test> 60939 <rpminfo_test id="oval:org.opensuse.security:tst:2009063590" version="1" comment="OpenOffice_org-es is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60940 <object object_ref="oval:org.opensuse.security:obj:2009030490"/> 60941 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60942 </rpminfo_test> 60943 <rpminfo_test id="oval:org.opensuse.security:tst:2009063591" version="1" comment="OpenOffice_org-fi is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60944 <object object_ref="oval:org.opensuse.security:obj:2009030491"/> 60945 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60946 </rpminfo_test> 60947 <rpminfo_test id="oval:org.opensuse.security:tst:2009063592" version="1" comment="OpenOffice_org-fr is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60948 <object object_ref="oval:org.opensuse.security:obj:2009030492"/> 60949 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60950 </rpminfo_test> 60951 <rpminfo_test id="oval:org.opensuse.security:tst:2009063593" version="1" comment="OpenOffice_org-galleries is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60952 <object object_ref="oval:org.opensuse.security:obj:2009032226"/> 60953 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60954 </rpminfo_test> 60955 <rpminfo_test id="oval:org.opensuse.security:tst:2009063594" version="1" comment="OpenOffice_org-gnome is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60956 <object object_ref="oval:org.opensuse.security:obj:2009030493"/> 60957 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60958 </rpminfo_test> 60959 <rpminfo_test id="oval:org.opensuse.security:tst:2009063595" version="1" comment="OpenOffice_org-gu-IN is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60960 <object object_ref="oval:org.opensuse.security:obj:2009031382"/> 60961 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60962 </rpminfo_test> 60963 <rpminfo_test id="oval:org.opensuse.security:tst:2009063596" version="1" comment="OpenOffice_org-hi-IN is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60964 <object object_ref="oval:org.opensuse.security:obj:2009031383"/> 60965 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60966 </rpminfo_test> 60967 <rpminfo_test id="oval:org.opensuse.security:tst:2009063597" version="1" comment="OpenOffice_org-hu is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60968 <object object_ref="oval:org.opensuse.security:obj:2009030494"/> 60969 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60970 </rpminfo_test> 60971 <rpminfo_test id="oval:org.opensuse.security:tst:2009063598" version="1" comment="OpenOffice_org-it is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60972 <object object_ref="oval:org.opensuse.security:obj:2009030495"/> 60973 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60974 </rpminfo_test> 60975 <rpminfo_test id="oval:org.opensuse.security:tst:2009063599" version="1" comment="OpenOffice_org-ja is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60976 <object object_ref="oval:org.opensuse.security:obj:2009030496"/> 60977 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60978 </rpminfo_test> 60979 <rpminfo_test id="oval:org.opensuse.security:tst:2009063600" version="1" comment="OpenOffice_org-kde is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60980 <object object_ref="oval:org.opensuse.security:obj:2009030497"/> 60981 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60982 </rpminfo_test> 60983 <rpminfo_test id="oval:org.opensuse.security:tst:2009063601" version="1" comment="OpenOffice_org-ko is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60984 <object object_ref="oval:org.opensuse.security:obj:2009030621"/> 60985 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60986 </rpminfo_test> 60987 <rpminfo_test id="oval:org.opensuse.security:tst:2009063602" version="1" comment="OpenOffice_org-mono is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60988 <object object_ref="oval:org.opensuse.security:obj:2009031354"/> 60989 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60990 </rpminfo_test> 60991 <rpminfo_test id="oval:org.opensuse.security:tst:2009063603" version="1" comment="OpenOffice_org-nb is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60992 <object object_ref="oval:org.opensuse.security:obj:2009031388"/> 60993 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60994 </rpminfo_test> 60995 <rpminfo_test id="oval:org.opensuse.security:tst:2009063604" version="1" comment="OpenOffice_org-nl is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 60996 <object object_ref="oval:org.opensuse.security:obj:2009030622"/> 60997 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 60998 </rpminfo_test> 60999 <rpminfo_test id="oval:org.opensuse.security:tst:2009063605" version="1" comment="OpenOffice_org-nld is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61000 <object object_ref="oval:org.opensuse.security:obj:2009032702"/> 61001 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 61002 </rpminfo_test> 61003 <rpminfo_test id="oval:org.opensuse.security:tst:2009063606" version="1" comment="OpenOffice_org-nn is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61004 <object object_ref="oval:org.opensuse.security:obj:2009031389"/> 61005 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 61006 </rpminfo_test> 61007 <rpminfo_test id="oval:org.opensuse.security:tst:2009063607" version="1" comment="OpenOffice_org-pl is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61008 <object object_ref="oval:org.opensuse.security:obj:2009030498"/> 61009 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 61010 </rpminfo_test> 61011 <rpminfo_test id="oval:org.opensuse.security:tst:2009063608" version="1" comment="OpenOffice_org-pt-BR is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61012 <object object_ref="oval:org.opensuse.security:obj:2009030623"/> 61013 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 61014 </rpminfo_test> 61015 <rpminfo_test id="oval:org.opensuse.security:tst:2009063609" version="1" comment="OpenOffice_org-ru is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61016 <object object_ref="oval:org.opensuse.security:obj:2009030500"/> 61017 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 61018 </rpminfo_test> 61019 <rpminfo_test id="oval:org.opensuse.security:tst:2009063610" version="1" comment="OpenOffice_org-sk is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61020 <object object_ref="oval:org.opensuse.security:obj:2009030501"/> 61021 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 61022 </rpminfo_test> 61023 <rpminfo_test id="oval:org.opensuse.security:tst:2009063611" version="1" comment="OpenOffice_org-sv is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61024 <object object_ref="oval:org.opensuse.security:obj:2009030502"/> 61025 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 61026 </rpminfo_test> 61027 <rpminfo_test id="oval:org.opensuse.security:tst:2009063612" version="1" comment="OpenOffice_org-xh is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61028 <object object_ref="oval:org.opensuse.security:obj:2009031396"/> 61029 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 61030 </rpminfo_test> 61031 <rpminfo_test id="oval:org.opensuse.security:tst:2009063613" version="1" comment="OpenOffice_org-zh-CN is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61032 <object object_ref="oval:org.opensuse.security:obj:2009030503"/> 61033 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 61034 </rpminfo_test> 61035 <rpminfo_test id="oval:org.opensuse.security:tst:2009063614" version="1" comment="OpenOffice_org-zh-TW is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61036 <object object_ref="oval:org.opensuse.security:obj:2009030504"/> 61037 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 61038 </rpminfo_test> 61039 <rpminfo_test id="oval:org.opensuse.security:tst:2009063615" version="1" comment="OpenOffice_org-zu is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61040 <object object_ref="oval:org.opensuse.security:obj:2009031397"/> 61041 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 61042 </rpminfo_test> 61043 <rpminfo_test id="oval:org.opensuse.security:tst:2009063616" version="1" comment="OpenOffice_org is <3.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61044 <object object_ref="oval:org.opensuse.security:obj:2009030505"/> 61045 <state state_ref="oval:org.opensuse.security:ste:2009038626"/> 61046 </rpminfo_test> 61047 <rpminfo_test id="oval:org.opensuse.security:tst:2009070746" version="1" comment="boost-32bit is <1.33.1-17.13.2.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61048 <object object_ref="oval:org.opensuse.security:obj:2009034665"/> 61049 <state state_ref="oval:org.opensuse.security:ste:2009039976"/> 61050 </rpminfo_test> 61051 <rpminfo_test id="oval:org.opensuse.security:tst:2009070747" version="1" comment="boost is <1.33.1-17.13.2.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61052 <object object_ref="oval:org.opensuse.security:obj:2009031617"/> 61053 <state state_ref="oval:org.opensuse.security:ste:2009039976"/> 61054 </rpminfo_test> 61055 <rpminfo_test id="oval:org.opensuse.security:tst:2009070748" version="1" comment="libreoffice-af is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61056 <object object_ref="oval:org.opensuse.security:obj:2009034666"/> 61057 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61058 </rpminfo_test> 61059 <rpminfo_test id="oval:org.opensuse.security:tst:2009070749" version="1" comment="libreoffice-ar is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61060 <object object_ref="oval:org.opensuse.security:obj:2009034667"/> 61061 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61062 </rpminfo_test> 61063 <rpminfo_test id="oval:org.opensuse.security:tst:2009070750" version="1" comment="libreoffice-ca is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61064 <object object_ref="oval:org.opensuse.security:obj:2009034668"/> 61065 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61066 </rpminfo_test> 61067 <rpminfo_test id="oval:org.opensuse.security:tst:2009070751" version="1" comment="libreoffice-cs is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61068 <object object_ref="oval:org.opensuse.security:obj:2009034669"/> 61069 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61070 </rpminfo_test> 61071 <rpminfo_test id="oval:org.opensuse.security:tst:2009070752" version="1" comment="libreoffice-da is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61072 <object object_ref="oval:org.opensuse.security:obj:2009034670"/> 61073 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61074 </rpminfo_test> 61075 <rpminfo_test id="oval:org.opensuse.security:tst:2009070753" version="1" comment="libreoffice-de-templates is <8.2.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61076 <object object_ref="oval:org.opensuse.security:obj:2009034671"/> 61077 <state state_ref="oval:org.opensuse.security:ste:2009039978"/> 61078 </rpminfo_test> 61079 <rpminfo_test id="oval:org.opensuse.security:tst:2009070754" version="1" comment="libreoffice-de is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61080 <object object_ref="oval:org.opensuse.security:obj:2009034672"/> 61081 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61082 </rpminfo_test> 61083 <rpminfo_test id="oval:org.opensuse.security:tst:2009070755" version="1" comment="libreoffice-el is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61084 <object object_ref="oval:org.opensuse.security:obj:2009034673"/> 61085 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61086 </rpminfo_test> 61087 <rpminfo_test id="oval:org.opensuse.security:tst:2009070756" version="1" comment="libreoffice-en-GB is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61088 <object object_ref="oval:org.opensuse.security:obj:2009034674"/> 61089 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61090 </rpminfo_test> 61091 <rpminfo_test id="oval:org.opensuse.security:tst:2009070757" version="1" comment="libreoffice-es is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61092 <object object_ref="oval:org.opensuse.security:obj:2009034675"/> 61093 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61094 </rpminfo_test> 61095 <rpminfo_test id="oval:org.opensuse.security:tst:2009070758" version="1" comment="libreoffice-fi is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61096 <object object_ref="oval:org.opensuse.security:obj:2009034676"/> 61097 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61098 </rpminfo_test> 61099 <rpminfo_test id="oval:org.opensuse.security:tst:2009070759" version="1" comment="libreoffice-fr is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61100 <object object_ref="oval:org.opensuse.security:obj:2009034677"/> 61101 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61102 </rpminfo_test> 61103 <rpminfo_test id="oval:org.opensuse.security:tst:2009070760" version="1" comment="libreoffice-galleries is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61104 <object object_ref="oval:org.opensuse.security:obj:2009034678"/> 61105 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61106 </rpminfo_test> 61107 <rpminfo_test id="oval:org.opensuse.security:tst:2009070761" version="1" comment="libreoffice-gnome is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61108 <object object_ref="oval:org.opensuse.security:obj:2009034098"/> 61109 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61110 </rpminfo_test> 61111 <rpminfo_test id="oval:org.opensuse.security:tst:2009070762" version="1" comment="libreoffice-gu-IN is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61112 <object object_ref="oval:org.opensuse.security:obj:2009034679"/> 61113 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61114 </rpminfo_test> 61115 <rpminfo_test id="oval:org.opensuse.security:tst:2009070763" version="1" comment="libreoffice-hi-IN is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61116 <object object_ref="oval:org.opensuse.security:obj:2009034680"/> 61117 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61118 </rpminfo_test> 61119 <rpminfo_test id="oval:org.opensuse.security:tst:2009070764" version="1" comment="libreoffice-hu is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61120 <object object_ref="oval:org.opensuse.security:obj:2009034681"/> 61121 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61122 </rpminfo_test> 61123 <rpminfo_test id="oval:org.opensuse.security:tst:2009070765" version="1" comment="libreoffice-it is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61124 <object object_ref="oval:org.opensuse.security:obj:2009034682"/> 61125 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61126 </rpminfo_test> 61127 <rpminfo_test id="oval:org.opensuse.security:tst:2009070766" version="1" comment="libreoffice-ja is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61128 <object object_ref="oval:org.opensuse.security:obj:2009034683"/> 61129 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61130 </rpminfo_test> 61131 <rpminfo_test id="oval:org.opensuse.security:tst:2009070767" version="1" comment="libreoffice-kde is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61132 <object object_ref="oval:org.opensuse.security:obj:2009034124"/> 61133 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61134 </rpminfo_test> 61135 <rpminfo_test id="oval:org.opensuse.security:tst:2009070768" version="1" comment="libreoffice-ko is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61136 <object object_ref="oval:org.opensuse.security:obj:2009034684"/> 61137 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61138 </rpminfo_test> 61139 <rpminfo_test id="oval:org.opensuse.security:tst:2009070769" version="1" comment="libreoffice-mono is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61140 <object object_ref="oval:org.opensuse.security:obj:2009034162"/> 61141 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61142 </rpminfo_test> 61143 <rpminfo_test id="oval:org.opensuse.security:tst:2009070770" version="1" comment="libreoffice-nb is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61144 <object object_ref="oval:org.opensuse.security:obj:2009034685"/> 61145 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61146 </rpminfo_test> 61147 <rpminfo_test id="oval:org.opensuse.security:tst:2009070771" version="1" comment="libreoffice-nl is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61148 <object object_ref="oval:org.opensuse.security:obj:2009034686"/> 61149 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61150 </rpminfo_test> 61151 <rpminfo_test id="oval:org.opensuse.security:tst:2009070772" version="1" comment="libreoffice-nn is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61152 <object object_ref="oval:org.opensuse.security:obj:2009034687"/> 61153 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61154 </rpminfo_test> 61155 <rpminfo_test id="oval:org.opensuse.security:tst:2009070773" version="1" comment="libreoffice-pl is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61156 <object object_ref="oval:org.opensuse.security:obj:2009034688"/> 61157 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61158 </rpminfo_test> 61159 <rpminfo_test id="oval:org.opensuse.security:tst:2009070774" version="1" comment="libreoffice-pt-BR is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61160 <object object_ref="oval:org.opensuse.security:obj:2009034689"/> 61161 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61162 </rpminfo_test> 61163 <rpminfo_test id="oval:org.opensuse.security:tst:2009070775" version="1" comment="libreoffice-ru is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61164 <object object_ref="oval:org.opensuse.security:obj:2009034690"/> 61165 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61166 </rpminfo_test> 61167 <rpminfo_test id="oval:org.opensuse.security:tst:2009070776" version="1" comment="libreoffice-sk is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61168 <object object_ref="oval:org.opensuse.security:obj:2009034691"/> 61169 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61170 </rpminfo_test> 61171 <rpminfo_test id="oval:org.opensuse.security:tst:2009070777" version="1" comment="libreoffice-sv is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61172 <object object_ref="oval:org.opensuse.security:obj:2009034692"/> 61173 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61174 </rpminfo_test> 61175 <rpminfo_test id="oval:org.opensuse.security:tst:2009070778" version="1" comment="libreoffice-xh is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61176 <object object_ref="oval:org.opensuse.security:obj:2009034693"/> 61177 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61178 </rpminfo_test> 61179 <rpminfo_test id="oval:org.opensuse.security:tst:2009070779" version="1" comment="libreoffice-zh-CN is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61180 <object object_ref="oval:org.opensuse.security:obj:2009034694"/> 61181 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61182 </rpminfo_test> 61183 <rpminfo_test id="oval:org.opensuse.security:tst:2009070780" version="1" comment="libreoffice-zh-TW is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61184 <object object_ref="oval:org.opensuse.security:obj:2009034695"/> 61185 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61186 </rpminfo_test> 61187 <rpminfo_test id="oval:org.opensuse.security:tst:2009070781" version="1" comment="libreoffice-zu is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61188 <object object_ref="oval:org.opensuse.security:obj:2009034696"/> 61189 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61190 </rpminfo_test> 61191 <rpminfo_test id="oval:org.opensuse.security:tst:2009070782" version="1" comment="libreoffice is <3.3.1.2-1.6.2.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61192 <object object_ref="oval:org.opensuse.security:obj:2009034188"/> 61193 <state state_ref="oval:org.opensuse.security:ste:2009039977"/> 61194 </rpminfo_test> 61195 <rpminfo_test id="oval:org.opensuse.security:tst:2009070783" version="1" comment="myspell-african is <20040727-33.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61196 <object object_ref="oval:org.opensuse.security:obj:2009034189"/> 61197 <state state_ref="oval:org.opensuse.security:ste:2009039979"/> 61198 </rpminfo_test> 61199 <rpminfo_test id="oval:org.opensuse.security:tst:2009070784" version="1" comment="myspell-american is <20040623-33.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61200 <object object_ref="oval:org.opensuse.security:obj:2009034190"/> 61201 <state state_ref="oval:org.opensuse.security:ste:2009039980"/> 61202 </rpminfo_test> 61203 <rpminfo_test id="oval:org.opensuse.security:tst:2009070785" version="1" comment="myspell-brazilian is <20020806-33.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61204 <object object_ref="oval:org.opensuse.security:obj:2009034191"/> 61205 <state state_ref="oval:org.opensuse.security:ste:2009039981"/> 61206 </rpminfo_test> 61207 <rpminfo_test id="oval:org.opensuse.security:tst:2009070786" version="1" comment="myspell-british is <20050526-27.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61208 <object object_ref="oval:org.opensuse.security:obj:2009034192"/> 61209 <state state_ref="oval:org.opensuse.security:ste:2009039982"/> 61210 </rpminfo_test> 61211 <rpminfo_test id="oval:org.opensuse.security:tst:2009070787" version="1" comment="myspell-catalan is <0.1-248.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61212 <object object_ref="oval:org.opensuse.security:obj:2009034193"/> 61213 <state state_ref="oval:org.opensuse.security:ste:2009039983"/> 61214 </rpminfo_test> 61215 <rpminfo_test id="oval:org.opensuse.security:tst:2009070788" version="1" comment="myspell-czech is <20030907-59.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61216 <object object_ref="oval:org.opensuse.security:obj:2009034194"/> 61217 <state state_ref="oval:org.opensuse.security:ste:2009039984"/> 61218 </rpminfo_test> 61219 <rpminfo_test id="oval:org.opensuse.security:tst:2009070789" version="1" comment="myspell-danish is <20050421-27.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61220 <object object_ref="oval:org.opensuse.security:obj:2009034195"/> 61221 <state state_ref="oval:org.opensuse.security:ste:2009039985"/> 61222 </rpminfo_test> 61223 <rpminfo_test id="oval:org.opensuse.security:tst:2009070790" version="1" comment="myspell-dutch is <20050719-22.14.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61224 <object object_ref="oval:org.opensuse.security:obj:2009034196"/> 61225 <state state_ref="oval:org.opensuse.security:ste:2009039986"/> 61226 </rpminfo_test> 61227 <rpminfo_test id="oval:org.opensuse.security:tst:2009070791" version="1" comment="myspell-french is <1.0.1.1-26.14.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61228 <object object_ref="oval:org.opensuse.security:obj:2009034197"/> 61229 <state state_ref="oval:org.opensuse.security:ste:2009039987"/> 61230 </rpminfo_test> 61231 <rpminfo_test id="oval:org.opensuse.security:tst:2009070792" version="1" comment="myspell-german is <20051213-19.14.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61232 <object object_ref="oval:org.opensuse.security:obj:2009034198"/> 61233 <state state_ref="oval:org.opensuse.security:ste:2009039988"/> 61234 </rpminfo_test> 61235 <rpminfo_test id="oval:org.opensuse.security:tst:2009070793" version="1" comment="myspell-greek is <20041220-26.14.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61236 <object object_ref="oval:org.opensuse.security:obj:2009034439"/> 61237 <state state_ref="oval:org.opensuse.security:ste:2009039989"/> 61238 </rpminfo_test> 61239 <rpminfo_test id="oval:org.opensuse.security:tst:2009070794" version="1" comment="myspell-gujarati is <20060929-20.12.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61240 <object object_ref="oval:org.opensuse.security:obj:2009034199"/> 61241 <state state_ref="oval:org.opensuse.security:ste:2009039990"/> 61242 </rpminfo_test> 61243 <rpminfo_test id="oval:org.opensuse.security:tst:2009070795" version="1" comment="myspell-hindi is <0.1-20.12.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61244 <object object_ref="oval:org.opensuse.security:obj:2009034200"/> 61245 <state state_ref="oval:org.opensuse.security:ste:2009039991"/> 61246 </rpminfo_test> 61247 <rpminfo_test id="oval:org.opensuse.security:tst:2009070796" version="1" comment="myspell-italian is <20050711-22.14.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61248 <object object_ref="oval:org.opensuse.security:obj:2009034202"/> 61249 <state state_ref="oval:org.opensuse.security:ste:2009039992"/> 61250 </rpminfo_test> 61251 <rpminfo_test id="oval:org.opensuse.security:tst:2009070797" version="1" comment="myspell-lithuanian is <20031231-26.14.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61252 <object object_ref="oval:org.opensuse.security:obj:2009034449"/> 61253 <state state_ref="oval:org.opensuse.security:ste:2009039993"/> 61254 </rpminfo_test> 61255 <rpminfo_test id="oval:org.opensuse.security:tst:2009070798" version="1" comment="myspell-marathi is <0.1-20.12.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61256 <object object_ref="oval:org.opensuse.security:obj:2009034455"/> 61257 <state state_ref="oval:org.opensuse.security:ste:2009039991"/> 61258 </rpminfo_test> 61259 <rpminfo_test id="oval:org.opensuse.security:tst:2009070799" version="1" comment="myspell-norsk-bokmaal is <20050308-22.14.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61260 <object object_ref="oval:org.opensuse.security:obj:2009034203"/> 61261 <state state_ref="oval:org.opensuse.security:ste:2009039994"/> 61262 </rpminfo_test> 61263 <rpminfo_test id="oval:org.opensuse.security:tst:2009070800" version="1" comment="myspell-norsk-nynorsk is <20041208-26.14.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61264 <object object_ref="oval:org.opensuse.security:obj:2009034204"/> 61265 <state state_ref="oval:org.opensuse.security:ste:2009039995"/> 61266 </rpminfo_test> 61267 <rpminfo_test id="oval:org.opensuse.security:tst:2009070801" version="1" comment="myspell-polish is <20051016-20.14.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61268 <object object_ref="oval:org.opensuse.security:obj:2009034205"/> 61269 <state state_ref="oval:org.opensuse.security:ste:2009039996"/> 61270 </rpminfo_test> 61271 <rpminfo_test id="oval:org.opensuse.security:tst:2009070802" version="1" comment="myspell-portuguese is <20020629-243.14.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61272 <object object_ref="oval:org.opensuse.security:obj:2009034206"/> 61273 <state state_ref="oval:org.opensuse.security:ste:2009039997"/> 61274 </rpminfo_test> 61275 <rpminfo_test id="oval:org.opensuse.security:tst:2009070803" version="1" comment="myspell-russian is <20040406-28.14.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61276 <object object_ref="oval:org.opensuse.security:obj:2009034207"/> 61277 <state state_ref="oval:org.opensuse.security:ste:2009039998"/> 61278 </rpminfo_test> 61279 <rpminfo_test id="oval:org.opensuse.security:tst:2009070804" version="1" comment="myspell-slovak is <20050901-20.14.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61280 <object object_ref="oval:org.opensuse.security:obj:2009034208"/> 61281 <state state_ref="oval:org.opensuse.security:ste:2009039999"/> 61282 </rpminfo_test> 61283 <rpminfo_test id="oval:org.opensuse.security:tst:2009070805" version="1" comment="myspell-slovene is <20030907-54.14.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61284 <object object_ref="oval:org.opensuse.security:obj:2009034464"/> 61285 <state state_ref="oval:org.opensuse.security:ste:2009040000"/> 61286 </rpminfo_test> 61287 <rpminfo_test id="oval:org.opensuse.security:tst:2009070806" version="1" comment="myspell-spanish is <20051029-20.14.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61288 <object object_ref="oval:org.opensuse.security:obj:2009034209"/> 61289 <state state_ref="oval:org.opensuse.security:ste:2009040001"/> 61290 </rpminfo_test> 61291 <rpminfo_test id="oval:org.opensuse.security:tst:2009070807" version="1" comment="myspell-swedish is <20061207-1.12.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61292 <object object_ref="oval:org.opensuse.security:obj:2009034210"/> 61293 <state state_ref="oval:org.opensuse.security:ste:2009040002"/> 61294 </rpminfo_test> 61295 <rpminfo_test id="oval:org.opensuse.security:tst:2009070808" version="1" comment="myspell-xhosa is <20060123-20.12.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61296 <object object_ref="oval:org.opensuse.security:obj:2009034211"/> 61297 <state state_ref="oval:org.opensuse.security:ste:2009040003"/> 61298 </rpminfo_test> 61299 <rpminfo_test id="oval:org.opensuse.security:tst:2009070809" version="1" comment="myspell-zulu is <0.2-26.14.3.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61300 <object object_ref="oval:org.opensuse.security:obj:2009034212"/> 61301 <state state_ref="oval:org.opensuse.security:ste:2009040004"/> 61302 </rpminfo_test> 61303 <rpminfo_test id="oval:org.opensuse.security:tst:2009063020" version="1" comment="kernel-default is <2.6.16.60-0.69.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61304 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 61305 <state state_ref="oval:org.opensuse.security:ste:2009038534"/> 61306 </rpminfo_test> 61307 <rpminfo_test id="oval:org.opensuse.security:tst:2009063035" version="1" comment="kernel-smp is <2.6.16.60-0.69.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61308 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 61309 <state state_ref="oval:org.opensuse.security:ste:2009038534"/> 61310 </rpminfo_test> 61311 <rpminfo_test id="oval:org.opensuse.security:tst:2009063024" version="1" comment="kernel-source is <2.6.16.60-0.69.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61312 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 61313 <state state_ref="oval:org.opensuse.security:ste:2009038534"/> 61314 </rpminfo_test> 61315 <rpminfo_test id="oval:org.opensuse.security:tst:2009063025" version="1" comment="kernel-syms is <2.6.16.60-0.69.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61316 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 61317 <state state_ref="oval:org.opensuse.security:ste:2009038534"/> 61318 </rpminfo_test> 61319 <rpminfo_test id="oval:org.opensuse.security:tst:2009063036" version="1" comment="kernel-xen is <2.6.16.60-0.69.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61320 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 61321 <state state_ref="oval:org.opensuse.security:ste:2009038534"/> 61322 </rpminfo_test> 61323 <rpminfo_test id="oval:org.opensuse.security:tst:2009063037" version="1" comment="kernel-bigsmp is <2.6.16.60-0.69.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61324 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 61325 <state state_ref="oval:org.opensuse.security:ste:2009038534"/> 61326 </rpminfo_test> 61327 <rpminfo_test id="oval:org.opensuse.security:tst:2009063038" version="1" comment="kernel-xenpae is <2.6.16.60-0.69.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61328 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 61329 <state state_ref="oval:org.opensuse.security:ste:2009038534"/> 61330 </rpminfo_test> 61331 <rpminfo_test id="oval:org.opensuse.security:tst:2009063379" version="1" comment="freetype2-32bit is <2.1.10-18.23.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61332 <object object_ref="oval:org.opensuse.security:obj:2009030610"/> 61333 <state state_ref="oval:org.opensuse.security:ste:2009038595"/> 61334 </rpminfo_test> 61335 <rpminfo_test id="oval:org.opensuse.security:tst:2009063380" version="1" comment="freetype2-devel-32bit is <2.1.10-18.23.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61336 <object object_ref="oval:org.opensuse.security:obj:2009030611"/> 61337 <state state_ref="oval:org.opensuse.security:ste:2009038595"/> 61338 </rpminfo_test> 61339 <rpminfo_test id="oval:org.opensuse.security:tst:2009063381" version="1" comment="freetype2-devel is <2.1.10-18.23.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61340 <object object_ref="oval:org.opensuse.security:obj:2009030612"/> 61341 <state state_ref="oval:org.opensuse.security:ste:2009038595"/> 61342 </rpminfo_test> 61343 <rpminfo_test id="oval:org.opensuse.security:tst:2009063382" version="1" comment="freetype2 is <2.1.10-18.23.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61344 <object object_ref="oval:org.opensuse.security:obj:2009030613"/> 61345 <state state_ref="oval:org.opensuse.security:ste:2009038595"/> 61346 </rpminfo_test> 61347 <rpminfo_test id="oval:org.opensuse.security:tst:2009063158" version="1" comment="cifs-mount is <3.0.36-0.13.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61348 <object object_ref="oval:org.opensuse.security:obj:2009031336"/> 61349 <state state_ref="oval:org.opensuse.security:ste:2009038554"/> 61350 </rpminfo_test> 61351 <rpminfo_test id="oval:org.opensuse.security:tst:2009063159" version="1" comment="ldapsmb is <1.34b-25.13.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61352 <object object_ref="oval:org.opensuse.security:obj:2009030746"/> 61353 <state state_ref="oval:org.opensuse.security:ste:2009038555"/> 61354 </rpminfo_test> 61355 <rpminfo_test id="oval:org.opensuse.security:tst:2009063160" version="1" comment="libsmbclient-32bit is <3.0.36-0.13.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61356 <object object_ref="oval:org.opensuse.security:obj:2009030745"/> 61357 <state state_ref="oval:org.opensuse.security:ste:2009038554"/> 61358 </rpminfo_test> 61359 <rpminfo_test id="oval:org.opensuse.security:tst:2009063161" version="1" comment="libsmbclient-devel is <3.0.36-0.13.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61360 <object object_ref="oval:org.opensuse.security:obj:2009030441"/> 61361 <state state_ref="oval:org.opensuse.security:ste:2009038554"/> 61362 </rpminfo_test> 61363 <rpminfo_test id="oval:org.opensuse.security:tst:2009063162" version="1" comment="libsmbclient is <3.0.36-0.13.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61364 <object object_ref="oval:org.opensuse.security:obj:2009030442"/> 61365 <state state_ref="oval:org.opensuse.security:ste:2009038554"/> 61366 </rpminfo_test> 61367 <rpminfo_test id="oval:org.opensuse.security:tst:2009063163" version="1" comment="samba-32bit is <3.0.36-0.13.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61368 <object object_ref="oval:org.opensuse.security:obj:2009030769"/> 61369 <state state_ref="oval:org.opensuse.security:ste:2009038554"/> 61370 </rpminfo_test> 61371 <rpminfo_test id="oval:org.opensuse.security:tst:2009063164" version="1" comment="samba-client-32bit is <3.0.36-0.13.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61372 <object object_ref="oval:org.opensuse.security:obj:2009030770"/> 61373 <state state_ref="oval:org.opensuse.security:ste:2009038554"/> 61374 </rpminfo_test> 61375 <rpminfo_test id="oval:org.opensuse.security:tst:2009063165" version="1" comment="samba-client is <3.0.36-0.13.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61376 <object object_ref="oval:org.opensuse.security:obj:2009030443"/> 61377 <state state_ref="oval:org.opensuse.security:ste:2009038554"/> 61378 </rpminfo_test> 61379 <rpminfo_test id="oval:org.opensuse.security:tst:2009063166" version="1" comment="samba-krb-printing is <3.0.36-0.13.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61380 <object object_ref="oval:org.opensuse.security:obj:2009031344"/> 61381 <state state_ref="oval:org.opensuse.security:ste:2009038554"/> 61382 </rpminfo_test> 61383 <rpminfo_test id="oval:org.opensuse.security:tst:2009063167" version="1" comment="samba-vscan is <0.3.6b-43.13.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61384 <object object_ref="oval:org.opensuse.security:obj:2009030447"/> 61385 <state state_ref="oval:org.opensuse.security:ste:2009038556"/> 61386 </rpminfo_test> 61387 <rpminfo_test id="oval:org.opensuse.security:tst:2009063168" version="1" comment="samba-winbind-32bit is <3.0.36-0.13.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61388 <object object_ref="oval:org.opensuse.security:obj:2009030771"/> 61389 <state state_ref="oval:org.opensuse.security:ste:2009038554"/> 61390 </rpminfo_test> 61391 <rpminfo_test id="oval:org.opensuse.security:tst:2009063169" version="1" comment="samba-winbind is <3.0.36-0.13.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61392 <object object_ref="oval:org.opensuse.security:obj:2009030448"/> 61393 <state state_ref="oval:org.opensuse.security:ste:2009038554"/> 61394 </rpminfo_test> 61395 <rpminfo_test id="oval:org.opensuse.security:tst:2009063170" version="1" comment="samba is <3.0.36-0.13.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61396 <object object_ref="oval:org.opensuse.security:obj:2009030429"/> 61397 <state state_ref="oval:org.opensuse.security:ste:2009038554"/> 61398 </rpminfo_test> 61399 <rpminfo_test id="oval:org.opensuse.security:tst:2009064199" version="1" comment="mozilla-nspr-32bit is <4.8.6-1.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61400 <object object_ref="oval:org.opensuse.security:obj:2009032356"/> 61401 <state state_ref="oval:org.opensuse.security:ste:2009038698"/> 61402 </rpminfo_test> 61403 <rpminfo_test id="oval:org.opensuse.security:tst:2009064200" version="1" comment="mozilla-nspr-devel is <4.8.6-1.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61404 <object object_ref="oval:org.opensuse.security:obj:2009032357"/> 61405 <state state_ref="oval:org.opensuse.security:ste:2009038698"/> 61406 </rpminfo_test> 61407 <rpminfo_test id="oval:org.opensuse.security:tst:2009064201" version="1" comment="mozilla-nspr is <4.8.6-1.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61408 <object object_ref="oval:org.opensuse.security:obj:2009032358"/> 61409 <state state_ref="oval:org.opensuse.security:ste:2009038698"/> 61410 </rpminfo_test> 61411 <rpminfo_test id="oval:org.opensuse.security:tst:2009064202" version="1" comment="mozilla-nss-32bit is <3.12.8-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61412 <object object_ref="oval:org.opensuse.security:obj:2009032437"/> 61413 <state state_ref="oval:org.opensuse.security:ste:2009038699"/> 61414 </rpminfo_test> 61415 <rpminfo_test id="oval:org.opensuse.security:tst:2009064203" version="1" comment="mozilla-nss-devel is <3.12.8-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61416 <object object_ref="oval:org.opensuse.security:obj:2009032439"/> 61417 <state state_ref="oval:org.opensuse.security:ste:2009038699"/> 61418 </rpminfo_test> 61419 <rpminfo_test id="oval:org.opensuse.security:tst:2009064204" version="1" comment="mozilla-nss-tools is <3.12.8-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61420 <object object_ref="oval:org.opensuse.security:obj:2009032444"/> 61421 <state state_ref="oval:org.opensuse.security:ste:2009038699"/> 61422 </rpminfo_test> 61423 <rpminfo_test id="oval:org.opensuse.security:tst:2009064205" version="1" comment="mozilla-nss is <3.12.8-1.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61424 <object object_ref="oval:org.opensuse.security:obj:2009032440"/> 61425 <state state_ref="oval:org.opensuse.security:ste:2009038699"/> 61426 </rpminfo_test> 61427 <rpminfo_test id="oval:org.opensuse.security:tst:2009071652" version="1" comment="pam-32bit is <0.99.6.3-28.25.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61428 <object object_ref="oval:org.opensuse.security:obj:2009032517"/> 61429 <state state_ref="oval:org.opensuse.security:ste:2009040093"/> 61430 </rpminfo_test> 61431 <rpminfo_test id="oval:org.opensuse.security:tst:2009071653" version="1" comment="pam-devel is <0.99.6.3-28.25.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61432 <object object_ref="oval:org.opensuse.security:obj:2009032518"/> 61433 <state state_ref="oval:org.opensuse.security:ste:2009040093"/> 61434 </rpminfo_test> 61435 <rpminfo_test id="oval:org.opensuse.security:tst:2009071654" version="1" comment="pam is <0.99.6.3-28.25.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61436 <object object_ref="oval:org.opensuse.security:obj:2009032521"/> 61437 <state state_ref="oval:org.opensuse.security:ste:2009040093"/> 61438 </rpminfo_test> 61439 <rpminfo_test id="oval:org.opensuse.security:tst:2009073283" version="1" comment="bytefx-data-mysql is <1.2.2-12.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61440 <object object_ref="oval:org.opensuse.security:obj:2009031765"/> 61441 <state state_ref="oval:org.opensuse.security:ste:2009040408"/> 61442 </rpminfo_test> 61443 <rpminfo_test id="oval:org.opensuse.security:tst:2009073284" version="1" comment="ibm-data-db2 is <1.2.2-12.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61444 <object object_ref="oval:org.opensuse.security:obj:2009031766"/> 61445 <state state_ref="oval:org.opensuse.security:ste:2009040408"/> 61446 </rpminfo_test> 61447 <rpminfo_test id="oval:org.opensuse.security:tst:2009073285" version="1" comment="mono-core-32bit is <1.2.2-12.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61448 <object object_ref="oval:org.opensuse.security:obj:2009031768"/> 61449 <state state_ref="oval:org.opensuse.security:ste:2009040408"/> 61450 </rpminfo_test> 61451 <rpminfo_test id="oval:org.opensuse.security:tst:2009073286" version="1" comment="mono-core is <1.2.2-12.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61452 <object object_ref="oval:org.opensuse.security:obj:2009031769"/> 61453 <state state_ref="oval:org.opensuse.security:ste:2009040408"/> 61454 </rpminfo_test> 61455 <rpminfo_test id="oval:org.opensuse.security:tst:2009073287" version="1" comment="mono-data-firebird is <1.2.2-12.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61456 <object object_ref="oval:org.opensuse.security:obj:2009031770"/> 61457 <state state_ref="oval:org.opensuse.security:ste:2009040408"/> 61458 </rpminfo_test> 61459 <rpminfo_test id="oval:org.opensuse.security:tst:2009073288" version="1" comment="mono-data-oracle is <1.2.2-12.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61460 <object object_ref="oval:org.opensuse.security:obj:2009031771"/> 61461 <state state_ref="oval:org.opensuse.security:ste:2009040408"/> 61462 </rpminfo_test> 61463 <rpminfo_test id="oval:org.opensuse.security:tst:2009073289" version="1" comment="mono-data-postgresql is <1.2.2-12.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61464 <object object_ref="oval:org.opensuse.security:obj:2009031772"/> 61465 <state state_ref="oval:org.opensuse.security:ste:2009040408"/> 61466 </rpminfo_test> 61467 <rpminfo_test id="oval:org.opensuse.security:tst:2009073290" version="1" comment="mono-data-sqlite is <1.2.2-12.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61468 <object object_ref="oval:org.opensuse.security:obj:2009031773"/> 61469 <state state_ref="oval:org.opensuse.security:ste:2009040408"/> 61470 </rpminfo_test> 61471 <rpminfo_test id="oval:org.opensuse.security:tst:2009073291" version="1" comment="mono-data-sybase is <1.2.2-12.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61472 <object object_ref="oval:org.opensuse.security:obj:2009031774"/> 61473 <state state_ref="oval:org.opensuse.security:ste:2009040408"/> 61474 </rpminfo_test> 61475 <rpminfo_test id="oval:org.opensuse.security:tst:2009073292" version="1" comment="mono-data is <1.2.2-12.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61476 <object object_ref="oval:org.opensuse.security:obj:2009031775"/> 61477 <state state_ref="oval:org.opensuse.security:ste:2009040408"/> 61478 </rpminfo_test> 61479 <rpminfo_test id="oval:org.opensuse.security:tst:2009073293" version="1" comment="mono-devel is <1.2.2-12.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61480 <object object_ref="oval:org.opensuse.security:obj:2009030855"/> 61481 <state state_ref="oval:org.opensuse.security:ste:2009040408"/> 61482 </rpminfo_test> 61483 <rpminfo_test id="oval:org.opensuse.security:tst:2009073294" version="1" comment="mono-extras is <1.2.2-12.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61484 <object object_ref="oval:org.opensuse.security:obj:2009031776"/> 61485 <state state_ref="oval:org.opensuse.security:ste:2009040408"/> 61486 </rpminfo_test> 61487 <rpminfo_test id="oval:org.opensuse.security:tst:2009073295" version="1" comment="mono-locale-extras is <1.2.2-12.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61488 <object object_ref="oval:org.opensuse.security:obj:2009031778"/> 61489 <state state_ref="oval:org.opensuse.security:ste:2009040408"/> 61490 </rpminfo_test> 61491 <rpminfo_test id="oval:org.opensuse.security:tst:2009073296" version="1" comment="mono-nunit is <1.2.2-12.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61492 <object object_ref="oval:org.opensuse.security:obj:2009031779"/> 61493 <state state_ref="oval:org.opensuse.security:ste:2009040408"/> 61494 </rpminfo_test> 61495 <rpminfo_test id="oval:org.opensuse.security:tst:2009073297" version="1" comment="mono-web is <1.2.2-12.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61496 <object object_ref="oval:org.opensuse.security:obj:2009031780"/> 61497 <state state_ref="oval:org.opensuse.security:ste:2009040408"/> 61498 </rpminfo_test> 61499 <rpminfo_test id="oval:org.opensuse.security:tst:2009073298" version="1" comment="mono-winforms is <1.2.2-12.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61500 <object object_ref="oval:org.opensuse.security:obj:2009031781"/> 61501 <state state_ref="oval:org.opensuse.security:ste:2009040408"/> 61502 </rpminfo_test> 61503 <rpminfo_test id="oval:org.opensuse.security:tst:2009063804" version="1" comment="postgresql-devel is <8.1.22-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61504 <object object_ref="oval:org.opensuse.security:obj:2009030469"/> 61505 <state state_ref="oval:org.opensuse.security:ste:2009038639"/> 61506 </rpminfo_test> 61507 <rpminfo_test id="oval:org.opensuse.security:tst:2009063805" version="1" comment="postgresql-libs-32bit is <8.1.22-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61508 <object object_ref="oval:org.opensuse.security:obj:2009030626"/> 61509 <state state_ref="oval:org.opensuse.security:ste:2009038639"/> 61510 </rpminfo_test> 61511 <rpminfo_test id="oval:org.opensuse.security:tst:2009063806" version="1" comment="postgresql-libs is <8.1.22-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61512 <object object_ref="oval:org.opensuse.security:obj:2009030471"/> 61513 <state state_ref="oval:org.opensuse.security:ste:2009038639"/> 61514 </rpminfo_test> 61515 <rpminfo_test id="oval:org.opensuse.security:tst:2009064568" version="1" comment="clamav is <0.96.4-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61516 <object object_ref="oval:org.opensuse.security:obj:2009030961"/> 61517 <state state_ref="oval:org.opensuse.security:ste:2009038768"/> 61518 </rpminfo_test> 61519 <rpminfo_test id="oval:org.opensuse.security:tst:2009066377" version="1" comment="java-1_5_0-ibm-32bit is <1.5.0_sr12.3-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61520 <object object_ref="oval:org.opensuse.security:obj:2009032707"/> 61521 <state state_ref="oval:org.opensuse.security:ste:2009039086"/> 61522 </rpminfo_test> 61523 <rpminfo_test id="oval:org.opensuse.security:tst:2009066378" version="1" comment="java-1_5_0-ibm-alsa-32bit is <1.5.0_sr12.3-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61524 <object object_ref="oval:org.opensuse.security:obj:2009032708"/> 61525 <state state_ref="oval:org.opensuse.security:ste:2009039086"/> 61526 </rpminfo_test> 61527 <rpminfo_test id="oval:org.opensuse.security:tst:2009066379" version="1" comment="java-1_5_0-ibm-alsa is <1.5.0_sr12.3-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61528 <object object_ref="oval:org.opensuse.security:obj:2009032709"/> 61529 <state state_ref="oval:org.opensuse.security:ste:2009039086"/> 61530 </rpminfo_test> 61531 <rpminfo_test id="oval:org.opensuse.security:tst:2009066380" version="1" comment="java-1_5_0-ibm-demo is <1.5.0_sr12.3-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61532 <object object_ref="oval:org.opensuse.security:obj:2009032710"/> 61533 <state state_ref="oval:org.opensuse.security:ste:2009039086"/> 61534 </rpminfo_test> 61535 <rpminfo_test id="oval:org.opensuse.security:tst:2009066381" version="1" comment="java-1_5_0-ibm-devel-32bit is <1.5.0_sr12.3-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61536 <object object_ref="oval:org.opensuse.security:obj:2009032711"/> 61537 <state state_ref="oval:org.opensuse.security:ste:2009039086"/> 61538 </rpminfo_test> 61539 <rpminfo_test id="oval:org.opensuse.security:tst:2009066382" version="1" comment="java-1_5_0-ibm-devel is <1.5.0_sr12.3-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61540 <object object_ref="oval:org.opensuse.security:obj:2009032712"/> 61541 <state state_ref="oval:org.opensuse.security:ste:2009039086"/> 61542 </rpminfo_test> 61543 <rpminfo_test id="oval:org.opensuse.security:tst:2009066383" version="1" comment="java-1_5_0-ibm-fonts is <1.5.0_sr12.3-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61544 <object object_ref="oval:org.opensuse.security:obj:2009032773"/> 61545 <state state_ref="oval:org.opensuse.security:ste:2009039086"/> 61546 </rpminfo_test> 61547 <rpminfo_test id="oval:org.opensuse.security:tst:2009066384" version="1" comment="java-1_5_0-ibm-jdbc is <1.5.0_sr12.3-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61548 <object object_ref="oval:org.opensuse.security:obj:2009032713"/> 61549 <state state_ref="oval:org.opensuse.security:ste:2009039086"/> 61550 </rpminfo_test> 61551 <rpminfo_test id="oval:org.opensuse.security:tst:2009066385" version="1" comment="java-1_5_0-ibm-plugin is <1.5.0_sr12.3-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61552 <object object_ref="oval:org.opensuse.security:obj:2009032714"/> 61553 <state state_ref="oval:org.opensuse.security:ste:2009039086"/> 61554 </rpminfo_test> 61555 <rpminfo_test id="oval:org.opensuse.security:tst:2009066386" version="1" comment="java-1_5_0-ibm-src is <1.5.0_sr12.3-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61556 <object object_ref="oval:org.opensuse.security:obj:2009032715"/> 61557 <state state_ref="oval:org.opensuse.security:ste:2009039086"/> 61558 </rpminfo_test> 61559 <rpminfo_test id="oval:org.opensuse.security:tst:2009066387" version="1" comment="java-1_5_0-ibm is <1.5.0_sr12.3-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61560 <object object_ref="oval:org.opensuse.security:obj:2009032716"/> 61561 <state state_ref="oval:org.opensuse.security:ste:2009039086"/> 61562 </rpminfo_test> 61563 <rpminfo_test id="oval:org.opensuse.security:tst:2009064548" version="1" comment="openslp-32bit is <1.2.0-22.31.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61564 <object object_ref="oval:org.opensuse.security:obj:2009033991"/> 61565 <state state_ref="oval:org.opensuse.security:ste:2009038762"/> 61566 </rpminfo_test> 61567 <rpminfo_test id="oval:org.opensuse.security:tst:2009064549" version="1" comment="openslp-devel is <1.2.0-22.31.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61568 <object object_ref="oval:org.opensuse.security:obj:2009033995"/> 61569 <state state_ref="oval:org.opensuse.security:ste:2009038762"/> 61570 </rpminfo_test> 61571 <rpminfo_test id="oval:org.opensuse.security:tst:2009064550" version="1" comment="openslp is <1.2.0-22.31.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61572 <object object_ref="oval:org.opensuse.security:obj:2009033994"/> 61573 <state state_ref="oval:org.opensuse.security:ste:2009038762"/> 61574 </rpminfo_test> 61575 <rpminfo_test id="oval:org.opensuse.security:tst:2009064942" version="1" comment="acroread is <9.4.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61576 <object object_ref="oval:org.opensuse.security:obj:2009030440"/> 61577 <state state_ref="oval:org.opensuse.security:ste:2009038810"/> 61578 </rpminfo_test> 61579 <rpminfo_test id="oval:org.opensuse.security:tst:2009064943" version="1" comment="acroread_ja is <9.4.1-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61580 <object object_ref="oval:org.opensuse.security:obj:2009032700"/> 61581 <state state_ref="oval:org.opensuse.security:ste:2009038810"/> 61582 </rpminfo_test> 61583 <rpminfo_test id="oval:org.opensuse.security:tst:2009064337" version="1" comment="flash-player is <9.0.289.0-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61584 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 61585 <state state_ref="oval:org.opensuse.security:ste:2009038726"/> 61586 </rpminfo_test> 61587 <rpminfo_test id="oval:org.opensuse.security:tst:2009065639" version="1" comment="kernel-bigsmp is <2.6.16.60-0.76.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61588 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 61589 <state state_ref="oval:org.opensuse.security:ste:2009038936"/> 61590 </rpminfo_test> 61591 <rpminfo_test id="oval:org.opensuse.security:tst:2009065640" version="1" comment="kernel-default is <2.6.16.60-0.76.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61592 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 61593 <state state_ref="oval:org.opensuse.security:ste:2009038936"/> 61594 </rpminfo_test> 61595 <rpminfo_test id="oval:org.opensuse.security:tst:2009065641" version="1" comment="kernel-smp is <2.6.16.60-0.76.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61596 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 61597 <state state_ref="oval:org.opensuse.security:ste:2009038936"/> 61598 </rpminfo_test> 61599 <rpminfo_test id="oval:org.opensuse.security:tst:2009065642" version="1" comment="kernel-source is <2.6.16.60-0.76.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61600 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 61601 <state state_ref="oval:org.opensuse.security:ste:2009038936"/> 61602 </rpminfo_test> 61603 <rpminfo_test id="oval:org.opensuse.security:tst:2009065643" version="1" comment="kernel-syms is <2.6.16.60-0.76.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61604 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 61605 <state state_ref="oval:org.opensuse.security:ste:2009038936"/> 61606 </rpminfo_test> 61607 <rpminfo_test id="oval:org.opensuse.security:tst:2009065644" version="1" comment="kernel-xen is <2.6.16.60-0.76.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61608 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 61609 <state state_ref="oval:org.opensuse.security:ste:2009038936"/> 61610 </rpminfo_test> 61611 <rpminfo_test id="oval:org.opensuse.security:tst:2009065645" version="1" comment="kernel-xenpae is <2.6.16.60-0.76.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61612 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 61613 <state state_ref="oval:org.opensuse.security:ste:2009038936"/> 61614 </rpminfo_test> 61615 <rpminfo_test id="oval:org.opensuse.security:tst:2009065317" version="1" comment="xpdf-tools is <3.01-21.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61616 <object object_ref="oval:org.opensuse.security:obj:2009031326"/> 61617 <state state_ref="oval:org.opensuse.security:ste:2009038870"/> 61618 </rpminfo_test> 61619 <rpminfo_test id="oval:org.opensuse.security:tst:2009064503" version="1" comment="poppler-devel is <0.4.4-19.27.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61620 <object object_ref="oval:org.opensuse.security:obj:2009031306"/> 61621 <state state_ref="oval:org.opensuse.security:ste:2009038747"/> 61622 </rpminfo_test> 61623 <rpminfo_test id="oval:org.opensuse.security:tst:2009064504" version="1" comment="poppler-glib is <0.4.4-19.27.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61624 <object object_ref="oval:org.opensuse.security:obj:2009031308"/> 61625 <state state_ref="oval:org.opensuse.security:ste:2009038747"/> 61626 </rpminfo_test> 61627 <rpminfo_test id="oval:org.opensuse.security:tst:2009064505" version="1" comment="poppler-qt is <0.4.4-19.27.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61628 <object object_ref="oval:org.opensuse.security:obj:2009031310"/> 61629 <state state_ref="oval:org.opensuse.security:ste:2009038747"/> 61630 </rpminfo_test> 61631 <rpminfo_test id="oval:org.opensuse.security:tst:2009064506" version="1" comment="poppler is <0.4.4-19.27.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61632 <object object_ref="oval:org.opensuse.security:obj:2009031312"/> 61633 <state state_ref="oval:org.opensuse.security:ste:2009038747"/> 61634 </rpminfo_test> 61635 <rpminfo_test id="oval:org.opensuse.security:tst:2009067752" version="1" comment="freetype2-32bit is <2.1.10-18.25.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61636 <object object_ref="oval:org.opensuse.security:obj:2009030610"/> 61637 <state state_ref="oval:org.opensuse.security:ste:2009039433"/> 61638 </rpminfo_test> 61639 <rpminfo_test id="oval:org.opensuse.security:tst:2009067753" version="1" comment="freetype2-devel-32bit is <2.1.10-18.25.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61640 <object object_ref="oval:org.opensuse.security:obj:2009030611"/> 61641 <state state_ref="oval:org.opensuse.security:ste:2009039433"/> 61642 </rpminfo_test> 61643 <rpminfo_test id="oval:org.opensuse.security:tst:2009067754" version="1" comment="freetype2-devel is <2.1.10-18.25.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61644 <object object_ref="oval:org.opensuse.security:obj:2009030612"/> 61645 <state state_ref="oval:org.opensuse.security:ste:2009039433"/> 61646 </rpminfo_test> 61647 <rpminfo_test id="oval:org.opensuse.security:tst:2009067755" version="1" comment="freetype2 is <2.1.10-18.25.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61648 <object object_ref="oval:org.opensuse.security:obj:2009030613"/> 61649 <state state_ref="oval:org.opensuse.security:ste:2009039433"/> 61650 </rpminfo_test> 61651 <rpminfo_test id="oval:org.opensuse.security:tst:2009072709" version="1" comment="kernel-bigsmp is <2.6.16.60-0.93.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61652 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 61653 <state state_ref="oval:org.opensuse.security:ste:2009040280"/> 61654 </rpminfo_test> 61655 <rpminfo_test id="oval:org.opensuse.security:tst:2009072710" version="1" comment="kernel-default is <2.6.16.60-0.93.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61656 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 61657 <state state_ref="oval:org.opensuse.security:ste:2009040280"/> 61658 </rpminfo_test> 61659 <rpminfo_test id="oval:org.opensuse.security:tst:2009072711" version="1" comment="kernel-smp is <2.6.16.60-0.93.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61660 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 61661 <state state_ref="oval:org.opensuse.security:ste:2009040280"/> 61662 </rpminfo_test> 61663 <rpminfo_test id="oval:org.opensuse.security:tst:2009072712" version="1" comment="kernel-source is <2.6.16.60-0.93.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61664 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 61665 <state state_ref="oval:org.opensuse.security:ste:2009040280"/> 61666 </rpminfo_test> 61667 <rpminfo_test id="oval:org.opensuse.security:tst:2009072713" version="1" comment="kernel-syms is <2.6.16.60-0.93.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61668 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 61669 <state state_ref="oval:org.opensuse.security:ste:2009040280"/> 61670 </rpminfo_test> 61671 <rpminfo_test id="oval:org.opensuse.security:tst:2009072714" version="1" comment="kernel-xen is <2.6.16.60-0.93.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61672 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 61673 <state state_ref="oval:org.opensuse.security:ste:2009040280"/> 61674 </rpminfo_test> 61675 <rpminfo_test id="oval:org.opensuse.security:tst:2009072715" version="1" comment="kernel-xenpae is <2.6.16.60-0.93.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61676 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 61677 <state state_ref="oval:org.opensuse.security:ste:2009040280"/> 61678 </rpminfo_test> 61679 <rpminfo_test id="oval:org.opensuse.security:tst:2009066711" version="1" comment="fuse-devel is <2.7.2-15.10.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61680 <object object_ref="oval:org.opensuse.security:obj:2009033601"/> 61681 <state state_ref="oval:org.opensuse.security:ste:2009039165"/> 61682 </rpminfo_test> 61683 <rpminfo_test id="oval:org.opensuse.security:tst:2009066712" version="1" comment="fuse is <2.7.2-15.10.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61684 <object object_ref="oval:org.opensuse.security:obj:2009033599"/> 61685 <state state_ref="oval:org.opensuse.security:ste:2009039165"/> 61686 </rpminfo_test> 61687 <rpminfo_test id="oval:org.opensuse.security:tst:2009066713" version="1" comment="libfuse2 is <2.7.2-15.10.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61688 <object object_ref="oval:org.opensuse.security:obj:2009033600"/> 61689 <state state_ref="oval:org.opensuse.security:ste:2009039165"/> 61690 </rpminfo_test> 61691 <rpminfo_test id="oval:org.opensuse.security:tst:2009066714" version="1" comment="util-linux is <2.12r-35.41.43.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61692 <object object_ref="oval:org.opensuse.security:obj:2009030584"/> 61693 <state state_ref="oval:org.opensuse.security:ste:2009039166"/> 61694 </rpminfo_test> 61695 <rpminfo_test id="oval:org.opensuse.security:tst:2009067089" version="1" comment="fuse-devel is <2.7.2-15.10.11.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61696 <object object_ref="oval:org.opensuse.security:obj:2009033601"/> 61697 <state state_ref="oval:org.opensuse.security:ste:2009039228"/> 61698 </rpminfo_test> 61699 <rpminfo_test id="oval:org.opensuse.security:tst:2009067090" version="1" comment="fuse is <2.7.2-15.10.11.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61700 <object object_ref="oval:org.opensuse.security:obj:2009033599"/> 61701 <state state_ref="oval:org.opensuse.security:ste:2009039228"/> 61702 </rpminfo_test> 61703 <rpminfo_test id="oval:org.opensuse.security:tst:2009067091" version="1" comment="libfuse2 is <2.7.2-15.10.11.10" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61704 <object object_ref="oval:org.opensuse.security:obj:2009033600"/> 61705 <state state_ref="oval:org.opensuse.security:ste:2009039228"/> 61706 </rpminfo_test> 61707 <rpminfo_test id="oval:org.opensuse.security:tst:2009065453" version="1" comment="supportutils is <1.20-0.7.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61708 <object object_ref="oval:org.opensuse.security:obj:2009034036"/> 61709 <state state_ref="oval:org.opensuse.security:ste:2009038894"/> 61710 </rpminfo_test> 61711 <rpminfo_test id="oval:org.opensuse.security:tst:2009064589" version="1" comment="libxml2-32bit is <2.6.23-15.23.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61712 <object object_ref="oval:org.opensuse.security:obj:2009030809"/> 61713 <state state_ref="oval:org.opensuse.security:ste:2009038774"/> 61714 </rpminfo_test> 61715 <rpminfo_test id="oval:org.opensuse.security:tst:2009064590" version="1" comment="libxml2-devel-32bit is <2.6.23-15.23.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61716 <object object_ref="oval:org.opensuse.security:obj:2009031522"/> 61717 <state state_ref="oval:org.opensuse.security:ste:2009038774"/> 61718 </rpminfo_test> 61719 <rpminfo_test id="oval:org.opensuse.security:tst:2009064591" version="1" comment="libxml2-devel is <2.6.23-15.23.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61720 <object object_ref="oval:org.opensuse.security:obj:2009030405"/> 61721 <state state_ref="oval:org.opensuse.security:ste:2009038774"/> 61722 </rpminfo_test> 61723 <rpminfo_test id="oval:org.opensuse.security:tst:2009064592" version="1" comment="libxml2 is <2.6.23-15.23.13" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61724 <object object_ref="oval:org.opensuse.security:obj:2009030406"/> 61725 <state state_ref="oval:org.opensuse.security:ste:2009038774"/> 61726 </rpminfo_test> 61727 <rpminfo_test id="oval:org.opensuse.security:tst:2009066643" version="1" comment="postgresql-devel is <8.1.22-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61728 <object object_ref="oval:org.opensuse.security:obj:2009030469"/> 61729 <state state_ref="oval:org.opensuse.security:ste:2009039152"/> 61730 </rpminfo_test> 61731 <rpminfo_test id="oval:org.opensuse.security:tst:2009066644" version="1" comment="postgresql-libs-32bit is <8.1.22-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61732 <object object_ref="oval:org.opensuse.security:obj:2009030626"/> 61733 <state state_ref="oval:org.opensuse.security:ste:2009039152"/> 61734 </rpminfo_test> 61735 <rpminfo_test id="oval:org.opensuse.security:tst:2009066645" version="1" comment="postgresql-libs is <8.1.22-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61736 <object object_ref="oval:org.opensuse.security:obj:2009030471"/> 61737 <state state_ref="oval:org.opensuse.security:ste:2009039152"/> 61738 </rpminfo_test> 61739 <rpminfo_test id="oval:org.opensuse.security:tst:2009067092" version="1" comment="postgresql-devel is <8.1.22-0.6.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61740 <object object_ref="oval:org.opensuse.security:obj:2009030469"/> 61741 <state state_ref="oval:org.opensuse.security:ste:2009039229"/> 61742 </rpminfo_test> 61743 <rpminfo_test id="oval:org.opensuse.security:tst:2009067093" version="1" comment="postgresql-libs-32bit is <8.1.22-0.6.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61744 <object object_ref="oval:org.opensuse.security:obj:2009030626"/> 61745 <state state_ref="oval:org.opensuse.security:ste:2009039229"/> 61746 </rpminfo_test> 61747 <rpminfo_test id="oval:org.opensuse.security:tst:2009067094" version="1" comment="postgresql-libs is <8.1.22-0.6.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61748 <object object_ref="oval:org.opensuse.security:obj:2009030471"/> 61749 <state state_ref="oval:org.opensuse.security:ste:2009039229"/> 61750 </rpminfo_test> 61751 <rpminfo_test id="oval:org.opensuse.security:tst:2009065978" version="1" comment="acroread_ja is <9.4.2-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61752 <object object_ref="oval:org.opensuse.security:obj:2009032700"/> 61753 <state state_ref="oval:org.opensuse.security:ste:2009038996"/> 61754 </rpminfo_test> 61755 <rpminfo_test id="oval:org.opensuse.security:tst:2009065980" version="1" comment="acroread-cmaps is <9.4.2-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61756 <object object_ref="oval:org.opensuse.security:obj:2009033636"/> 61757 <state state_ref="oval:org.opensuse.security:ste:2009038996"/> 61758 </rpminfo_test> 61759 <rpminfo_test id="oval:org.opensuse.security:tst:2009065981" version="1" comment="acroread-fonts-ja is <9.4.2-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61760 <object object_ref="oval:org.opensuse.security:obj:2009033637"/> 61761 <state state_ref="oval:org.opensuse.security:ste:2009038996"/> 61762 </rpminfo_test> 61763 <rpminfo_test id="oval:org.opensuse.security:tst:2009065982" version="1" comment="acroread-fonts-ko is <9.4.2-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61764 <object object_ref="oval:org.opensuse.security:obj:2009033638"/> 61765 <state state_ref="oval:org.opensuse.security:ste:2009038996"/> 61766 </rpminfo_test> 61767 <rpminfo_test id="oval:org.opensuse.security:tst:2009065983" version="1" comment="acroread-fonts-zh_CN is <9.4.2-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61768 <object object_ref="oval:org.opensuse.security:obj:2009033639"/> 61769 <state state_ref="oval:org.opensuse.security:ste:2009038996"/> 61770 </rpminfo_test> 61771 <rpminfo_test id="oval:org.opensuse.security:tst:2009065984" version="1" comment="acroread-fonts-zh_TW is <9.4.2-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61772 <object object_ref="oval:org.opensuse.security:obj:2009033640"/> 61773 <state state_ref="oval:org.opensuse.security:ste:2009038996"/> 61774 </rpminfo_test> 61775 <rpminfo_test id="oval:org.opensuse.security:tst:2009065985" version="1" comment="acroread is <9.4.2-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61776 <object object_ref="oval:org.opensuse.security:obj:2009030440"/> 61777 <state state_ref="oval:org.opensuse.security:ste:2009038996"/> 61778 </rpminfo_test> 61779 <rpminfo_test id="oval:org.opensuse.security:tst:2009067824" version="1" comment="bytefx-data-mysql is <1.2.2-12.30.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61780 <object object_ref="oval:org.opensuse.security:obj:2009031765"/> 61781 <state state_ref="oval:org.opensuse.security:ste:2009039446"/> 61782 </rpminfo_test> 61783 <rpminfo_test id="oval:org.opensuse.security:tst:2009067825" version="1" comment="ibm-data-db2 is <1.2.2-12.30.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61784 <object object_ref="oval:org.opensuse.security:obj:2009031766"/> 61785 <state state_ref="oval:org.opensuse.security:ste:2009039446"/> 61786 </rpminfo_test> 61787 <rpminfo_test id="oval:org.opensuse.security:tst:2009067826" version="1" comment="mono-core-32bit is <1.2.2-12.30.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61788 <object object_ref="oval:org.opensuse.security:obj:2009031768"/> 61789 <state state_ref="oval:org.opensuse.security:ste:2009039446"/> 61790 </rpminfo_test> 61791 <rpminfo_test id="oval:org.opensuse.security:tst:2009067827" version="1" comment="mono-core is <1.2.2-12.30.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61792 <object object_ref="oval:org.opensuse.security:obj:2009031769"/> 61793 <state state_ref="oval:org.opensuse.security:ste:2009039446"/> 61794 </rpminfo_test> 61795 <rpminfo_test id="oval:org.opensuse.security:tst:2009067828" version="1" comment="mono-data-firebird is <1.2.2-12.30.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61796 <object object_ref="oval:org.opensuse.security:obj:2009031770"/> 61797 <state state_ref="oval:org.opensuse.security:ste:2009039446"/> 61798 </rpminfo_test> 61799 <rpminfo_test id="oval:org.opensuse.security:tst:2009067829" version="1" comment="mono-data-oracle is <1.2.2-12.30.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61800 <object object_ref="oval:org.opensuse.security:obj:2009031771"/> 61801 <state state_ref="oval:org.opensuse.security:ste:2009039446"/> 61802 </rpminfo_test> 61803 <rpminfo_test id="oval:org.opensuse.security:tst:2009067830" version="1" comment="mono-data-postgresql is <1.2.2-12.30.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61804 <object object_ref="oval:org.opensuse.security:obj:2009031772"/> 61805 <state state_ref="oval:org.opensuse.security:ste:2009039446"/> 61806 </rpminfo_test> 61807 <rpminfo_test id="oval:org.opensuse.security:tst:2009067831" version="1" comment="mono-data-sqlite is <1.2.2-12.30.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61808 <object object_ref="oval:org.opensuse.security:obj:2009031773"/> 61809 <state state_ref="oval:org.opensuse.security:ste:2009039446"/> 61810 </rpminfo_test> 61811 <rpminfo_test id="oval:org.opensuse.security:tst:2009067832" version="1" comment="mono-data-sybase is <1.2.2-12.30.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61812 <object object_ref="oval:org.opensuse.security:obj:2009031774"/> 61813 <state state_ref="oval:org.opensuse.security:ste:2009039446"/> 61814 </rpminfo_test> 61815 <rpminfo_test id="oval:org.opensuse.security:tst:2009067833" version="1" comment="mono-data is <1.2.2-12.30.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61816 <object object_ref="oval:org.opensuse.security:obj:2009031775"/> 61817 <state state_ref="oval:org.opensuse.security:ste:2009039446"/> 61818 </rpminfo_test> 61819 <rpminfo_test id="oval:org.opensuse.security:tst:2009067834" version="1" comment="mono-devel is <1.2.2-12.30.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61820 <object object_ref="oval:org.opensuse.security:obj:2009030855"/> 61821 <state state_ref="oval:org.opensuse.security:ste:2009039446"/> 61822 </rpminfo_test> 61823 <rpminfo_test id="oval:org.opensuse.security:tst:2009067835" version="1" comment="mono-extras is <1.2.2-12.30.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61824 <object object_ref="oval:org.opensuse.security:obj:2009031776"/> 61825 <state state_ref="oval:org.opensuse.security:ste:2009039446"/> 61826 </rpminfo_test> 61827 <rpminfo_test id="oval:org.opensuse.security:tst:2009067836" version="1" comment="mono-locale-extras is <1.2.2-12.30.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61828 <object object_ref="oval:org.opensuse.security:obj:2009031778"/> 61829 <state state_ref="oval:org.opensuse.security:ste:2009039446"/> 61830 </rpminfo_test> 61831 <rpminfo_test id="oval:org.opensuse.security:tst:2009067837" version="1" comment="mono-nunit is <1.2.2-12.30.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61832 <object object_ref="oval:org.opensuse.security:obj:2009031779"/> 61833 <state state_ref="oval:org.opensuse.security:ste:2009039446"/> 61834 </rpminfo_test> 61835 <rpminfo_test id="oval:org.opensuse.security:tst:2009067838" version="1" comment="mono-web is <1.2.2-12.30.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61836 <object object_ref="oval:org.opensuse.security:obj:2009031780"/> 61837 <state state_ref="oval:org.opensuse.security:ste:2009039446"/> 61838 </rpminfo_test> 61839 <rpminfo_test id="oval:org.opensuse.security:tst:2009067839" version="1" comment="mono-winforms is <1.2.2-12.30.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61840 <object object_ref="oval:org.opensuse.security:obj:2009031781"/> 61841 <state state_ref="oval:org.opensuse.security:ste:2009039446"/> 61842 </rpminfo_test> 61843 <rpminfo_test id="oval:org.opensuse.security:tst:2009068077" version="1" comment="bytefx-data-mysql is <1.2.2-12.30.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61844 <object object_ref="oval:org.opensuse.security:obj:2009031765"/> 61845 <state state_ref="oval:org.opensuse.security:ste:2009039482"/> 61846 </rpminfo_test> 61847 <rpminfo_test id="oval:org.opensuse.security:tst:2009068078" version="1" comment="ibm-data-db2 is <1.2.2-12.30.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61848 <object object_ref="oval:org.opensuse.security:obj:2009031766"/> 61849 <state state_ref="oval:org.opensuse.security:ste:2009039482"/> 61850 </rpminfo_test> 61851 <rpminfo_test id="oval:org.opensuse.security:tst:2009068079" version="1" comment="mono-core-32bit is <1.2.2-12.30.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61852 <object object_ref="oval:org.opensuse.security:obj:2009031768"/> 61853 <state state_ref="oval:org.opensuse.security:ste:2009039482"/> 61854 </rpminfo_test> 61855 <rpminfo_test id="oval:org.opensuse.security:tst:2009068080" version="1" comment="mono-core is <1.2.2-12.30.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61856 <object object_ref="oval:org.opensuse.security:obj:2009031769"/> 61857 <state state_ref="oval:org.opensuse.security:ste:2009039482"/> 61858 </rpminfo_test> 61859 <rpminfo_test id="oval:org.opensuse.security:tst:2009068081" version="1" comment="mono-data-firebird is <1.2.2-12.30.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61860 <object object_ref="oval:org.opensuse.security:obj:2009031770"/> 61861 <state state_ref="oval:org.opensuse.security:ste:2009039482"/> 61862 </rpminfo_test> 61863 <rpminfo_test id="oval:org.opensuse.security:tst:2009068082" version="1" comment="mono-data-oracle is <1.2.2-12.30.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61864 <object object_ref="oval:org.opensuse.security:obj:2009031771"/> 61865 <state state_ref="oval:org.opensuse.security:ste:2009039482"/> 61866 </rpminfo_test> 61867 <rpminfo_test id="oval:org.opensuse.security:tst:2009068083" version="1" comment="mono-data-postgresql is <1.2.2-12.30.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61868 <object object_ref="oval:org.opensuse.security:obj:2009031772"/> 61869 <state state_ref="oval:org.opensuse.security:ste:2009039482"/> 61870 </rpminfo_test> 61871 <rpminfo_test id="oval:org.opensuse.security:tst:2009068084" version="1" comment="mono-data-sqlite is <1.2.2-12.30.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61872 <object object_ref="oval:org.opensuse.security:obj:2009031773"/> 61873 <state state_ref="oval:org.opensuse.security:ste:2009039482"/> 61874 </rpminfo_test> 61875 <rpminfo_test id="oval:org.opensuse.security:tst:2009068085" version="1" comment="mono-data-sybase is <1.2.2-12.30.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61876 <object object_ref="oval:org.opensuse.security:obj:2009031774"/> 61877 <state state_ref="oval:org.opensuse.security:ste:2009039482"/> 61878 </rpminfo_test> 61879 <rpminfo_test id="oval:org.opensuse.security:tst:2009068086" version="1" comment="mono-data is <1.2.2-12.30.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61880 <object object_ref="oval:org.opensuse.security:obj:2009031775"/> 61881 <state state_ref="oval:org.opensuse.security:ste:2009039482"/> 61882 </rpminfo_test> 61883 <rpminfo_test id="oval:org.opensuse.security:tst:2009068087" version="1" comment="mono-devel is <1.2.2-12.30.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61884 <object object_ref="oval:org.opensuse.security:obj:2009030855"/> 61885 <state state_ref="oval:org.opensuse.security:ste:2009039482"/> 61886 </rpminfo_test> 61887 <rpminfo_test id="oval:org.opensuse.security:tst:2009068088" version="1" comment="mono-extras is <1.2.2-12.30.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61888 <object object_ref="oval:org.opensuse.security:obj:2009031776"/> 61889 <state state_ref="oval:org.opensuse.security:ste:2009039482"/> 61890 </rpminfo_test> 61891 <rpminfo_test id="oval:org.opensuse.security:tst:2009068089" version="1" comment="mono-locale-extras is <1.2.2-12.30.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61892 <object object_ref="oval:org.opensuse.security:obj:2009031778"/> 61893 <state state_ref="oval:org.opensuse.security:ste:2009039482"/> 61894 </rpminfo_test> 61895 <rpminfo_test id="oval:org.opensuse.security:tst:2009068090" version="1" comment="mono-nunit is <1.2.2-12.30.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61896 <object object_ref="oval:org.opensuse.security:obj:2009031779"/> 61897 <state state_ref="oval:org.opensuse.security:ste:2009039482"/> 61898 </rpminfo_test> 61899 <rpminfo_test id="oval:org.opensuse.security:tst:2009068091" version="1" comment="mono-web is <1.2.2-12.30.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61900 <object object_ref="oval:org.opensuse.security:obj:2009031780"/> 61901 <state state_ref="oval:org.opensuse.security:ste:2009039482"/> 61902 </rpminfo_test> 61903 <rpminfo_test id="oval:org.opensuse.security:tst:2009068092" version="1" comment="mono-winforms is <1.2.2-12.30.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61904 <object object_ref="oval:org.opensuse.security:obj:2009031781"/> 61905 <state state_ref="oval:org.opensuse.security:ste:2009039482"/> 61906 </rpminfo_test> 61907 <rpminfo_test id="oval:org.opensuse.security:tst:2009068103" version="1" comment="openssl-32bit is <0.9.8a-18.50.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61908 <object object_ref="oval:org.opensuse.security:obj:2009030634"/> 61909 <state state_ref="oval:org.opensuse.security:ste:2009039484"/> 61910 </rpminfo_test> 61911 <rpminfo_test id="oval:org.opensuse.security:tst:2009068104" version="1" comment="openssl-devel-32bit is <0.9.8a-18.50.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61912 <object object_ref="oval:org.opensuse.security:obj:2009030635"/> 61913 <state state_ref="oval:org.opensuse.security:ste:2009039484"/> 61914 </rpminfo_test> 61915 <rpminfo_test id="oval:org.opensuse.security:tst:2009068105" version="1" comment="openssl-devel is <0.9.8a-18.50.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61916 <object object_ref="oval:org.opensuse.security:obj:2009030587"/> 61917 <state state_ref="oval:org.opensuse.security:ste:2009039484"/> 61918 </rpminfo_test> 61919 <rpminfo_test id="oval:org.opensuse.security:tst:2009068106" version="1" comment="openssl is <0.9.8a-18.50.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61920 <object object_ref="oval:org.opensuse.security:obj:2009030588"/> 61921 <state state_ref="oval:org.opensuse.security:ste:2009039484"/> 61922 </rpminfo_test> 61923 <rpminfo_test id="oval:org.opensuse.security:tst:2009077556" version="1" comment="libcurl4-32bit is <7.19.0-11.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61924 <object object_ref="oval:org.opensuse.security:obj:2009030962"/> 61925 <state state_ref="oval:org.opensuse.security:ste:2009041051"/> 61926 </rpminfo_test> 61927 <rpminfo_test id="oval:org.opensuse.security:tst:2009077557" version="1" comment="libcurl4 is <7.19.0-11.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61928 <object object_ref="oval:org.opensuse.security:obj:2009030964"/> 61929 <state state_ref="oval:org.opensuse.security:ste:2009041051"/> 61930 </rpminfo_test> 61931 <rpminfo_test id="oval:org.opensuse.security:tst:2009066654" version="1" comment="build is <2007.05.10-0.16.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61932 <object object_ref="oval:org.opensuse.security:obj:2009034080"/> 61933 <state state_ref="oval:org.opensuse.security:ste:2009039153"/> 61934 </rpminfo_test> 61935 <rpminfo_test id="oval:org.opensuse.security:tst:2009069159" version="1" comment="virt-manager is <0.5.3-0.33.32.14" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61936 <object object_ref="oval:org.opensuse.security:obj:2009033785"/> 61937 <state state_ref="oval:org.opensuse.security:ste:2009039673"/> 61938 </rpminfo_test> 61939 <rpminfo_test id="oval:org.opensuse.security:tst:2009069160" version="1" comment="xen-devel is <3.2.3_17040_24-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61940 <object object_ref="oval:org.opensuse.security:obj:2009031479"/> 61941 <state state_ref="oval:org.opensuse.security:ste:2009039674"/> 61942 </rpminfo_test> 61943 <rpminfo_test id="oval:org.opensuse.security:tst:2009069161" version="1" comment="xen-doc-html is <3.2.3_17040_24-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61944 <object object_ref="oval:org.opensuse.security:obj:2009031480"/> 61945 <state state_ref="oval:org.opensuse.security:ste:2009039674"/> 61946 </rpminfo_test> 61947 <rpminfo_test id="oval:org.opensuse.security:tst:2009069162" version="1" comment="xen-doc-pdf is <3.2.3_17040_24-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61948 <object object_ref="oval:org.opensuse.security:obj:2009031481"/> 61949 <state state_ref="oval:org.opensuse.security:ste:2009039674"/> 61950 </rpminfo_test> 61951 <rpminfo_test id="oval:org.opensuse.security:tst:2009069163" version="1" comment="xen-doc-ps is <3.2.3_17040_24-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61952 <object object_ref="oval:org.opensuse.security:obj:2009032233"/> 61953 <state state_ref="oval:org.opensuse.security:ste:2009039674"/> 61954 </rpminfo_test> 61955 <rpminfo_test id="oval:org.opensuse.security:tst:2009069164" version="1" comment="xen-kmp-bigsmp is <3.2.3_17040_24_2.6.16.60_0.74.7-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61956 <object object_ref="oval:org.opensuse.security:obj:2009034576"/> 61957 <state state_ref="oval:org.opensuse.security:ste:2009039675"/> 61958 </rpminfo_test> 61959 <rpminfo_test id="oval:org.opensuse.security:tst:2009069165" version="1" comment="xen-kmp-default is <3.2.3_17040_24_2.6.16.60_0.74.7-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61960 <object object_ref="oval:org.opensuse.security:obj:2009033788"/> 61961 <state state_ref="oval:org.opensuse.security:ste:2009039675"/> 61962 </rpminfo_test> 61963 <rpminfo_test id="oval:org.opensuse.security:tst:2009069166" version="1" comment="xen-kmp-smp is <3.2.3_17040_24_2.6.16.60_0.74.7-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61964 <object object_ref="oval:org.opensuse.security:obj:2009034577"/> 61965 <state state_ref="oval:org.opensuse.security:ste:2009039675"/> 61966 </rpminfo_test> 61967 <rpminfo_test id="oval:org.opensuse.security:tst:2009069167" version="1" comment="xen-libs-32bit is <3.2.3_17040_24-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61968 <object object_ref="oval:org.opensuse.security:obj:2009032234"/> 61969 <state state_ref="oval:org.opensuse.security:ste:2009039674"/> 61970 </rpminfo_test> 61971 <rpminfo_test id="oval:org.opensuse.security:tst:2009069168" version="1" comment="xen-libs is <3.2.3_17040_24-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61972 <object object_ref="oval:org.opensuse.security:obj:2009031482"/> 61973 <state state_ref="oval:org.opensuse.security:ste:2009039674"/> 61974 </rpminfo_test> 61975 <rpminfo_test id="oval:org.opensuse.security:tst:2009069169" version="1" comment="xen-tools-domU is <3.2.3_17040_24-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61976 <object object_ref="oval:org.opensuse.security:obj:2009031483"/> 61977 <state state_ref="oval:org.opensuse.security:ste:2009039674"/> 61978 </rpminfo_test> 61979 <rpminfo_test id="oval:org.opensuse.security:tst:2009069170" version="1" comment="xen-tools-ioemu is <3.2.3_17040_24-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61980 <object object_ref="oval:org.opensuse.security:obj:2009031484"/> 61981 <state state_ref="oval:org.opensuse.security:ste:2009039674"/> 61982 </rpminfo_test> 61983 <rpminfo_test id="oval:org.opensuse.security:tst:2009069171" version="1" comment="xen-tools is <3.2.3_17040_24-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61984 <object object_ref="oval:org.opensuse.security:obj:2009031485"/> 61985 <state state_ref="oval:org.opensuse.security:ste:2009039674"/> 61986 </rpminfo_test> 61987 <rpminfo_test id="oval:org.opensuse.security:tst:2009069172" version="1" comment="xen is <3.2.3_17040_24-0.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61988 <object object_ref="oval:org.opensuse.security:obj:2009031486"/> 61989 <state state_ref="oval:org.opensuse.security:ste:2009039674"/> 61990 </rpminfo_test> 61991 <rpminfo_test id="oval:org.opensuse.security:tst:2009065079" version="1" comment="clamav is <0.96.5-0.4.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61992 <object object_ref="oval:org.opensuse.security:obj:2009030961"/> 61993 <state state_ref="oval:org.opensuse.security:ste:2009038828"/> 61994 </rpminfo_test> 61995 <rpminfo_test id="oval:org.opensuse.security:tst:2009107272" version="1" comment="icu is <3.4-16.13.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 61996 <object object_ref="oval:org.opensuse.security:obj:2009030777"/> 61997 <state state_ref="oval:org.opensuse.security:ste:2009044633"/> 61998 </rpminfo_test> 61999 <rpminfo_test id="oval:org.opensuse.security:tst:2009107273" version="1" comment="libicu-32bit is <3.4-16.13.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62000 <object object_ref="oval:org.opensuse.security:obj:2009031398"/> 62001 <state state_ref="oval:org.opensuse.security:ste:2009044633"/> 62002 </rpminfo_test> 62003 <rpminfo_test id="oval:org.opensuse.security:tst:2009107274" version="1" comment="libicu is <3.4-16.13.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62004 <object object_ref="oval:org.opensuse.security:obj:2009031403"/> 62005 <state state_ref="oval:org.opensuse.security:ste:2009044633"/> 62006 </rpminfo_test> 62007 <rpminfo_test id="oval:org.opensuse.security:tst:2009065840" version="1" comment="java-1_6_0-sun-32bit is <1.6.0.u24-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62008 <object object_ref="oval:org.opensuse.security:obj:2009033986"/> 62009 <state state_ref="oval:org.opensuse.security:ste:2009038971"/> 62010 </rpminfo_test> 62011 <rpminfo_test id="oval:org.opensuse.security:tst:2009065841" version="1" comment="java-1_6_0-sun-alsa is <1.6.0.u24-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62012 <object object_ref="oval:org.opensuse.security:obj:2009031443"/> 62013 <state state_ref="oval:org.opensuse.security:ste:2009038971"/> 62014 </rpminfo_test> 62015 <rpminfo_test id="oval:org.opensuse.security:tst:2009065842" version="1" comment="java-1_6_0-sun-demo is <1.6.0.u24-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62016 <object object_ref="oval:org.opensuse.security:obj:2009031444"/> 62017 <state state_ref="oval:org.opensuse.security:ste:2009038971"/> 62018 </rpminfo_test> 62019 <rpminfo_test id="oval:org.opensuse.security:tst:2009065843" version="1" comment="java-1_6_0-sun-devel is <1.6.0.u24-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62020 <object object_ref="oval:org.opensuse.security:obj:2009031445"/> 62021 <state state_ref="oval:org.opensuse.security:ste:2009038971"/> 62022 </rpminfo_test> 62023 <rpminfo_test id="oval:org.opensuse.security:tst:2009065844" version="1" comment="java-1_6_0-sun-jdbc is <1.6.0.u24-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62024 <object object_ref="oval:org.opensuse.security:obj:2009031446"/> 62025 <state state_ref="oval:org.opensuse.security:ste:2009038971"/> 62026 </rpminfo_test> 62027 <rpminfo_test id="oval:org.opensuse.security:tst:2009065845" version="1" comment="java-1_6_0-sun-plugin-32bit is <1.6.0.u24-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62028 <object object_ref="oval:org.opensuse.security:obj:2009033987"/> 62029 <state state_ref="oval:org.opensuse.security:ste:2009038971"/> 62030 </rpminfo_test> 62031 <rpminfo_test id="oval:org.opensuse.security:tst:2009065846" version="1" comment="java-1_6_0-sun-plugin is <1.6.0.u24-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62032 <object object_ref="oval:org.opensuse.security:obj:2009031447"/> 62033 <state state_ref="oval:org.opensuse.security:ste:2009038971"/> 62034 </rpminfo_test> 62035 <rpminfo_test id="oval:org.opensuse.security:tst:2009065847" version="1" comment="java-1_6_0-sun-src is <1.6.0.u24-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62036 <object object_ref="oval:org.opensuse.security:obj:2009031908"/> 62037 <state state_ref="oval:org.opensuse.security:ste:2009038971"/> 62038 </rpminfo_test> 62039 <rpminfo_test id="oval:org.opensuse.security:tst:2009065848" version="1" comment="java-1_6_0-sun is <1.6.0.u24-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62040 <object object_ref="oval:org.opensuse.security:obj:2009031448"/> 62041 <state state_ref="oval:org.opensuse.security:ste:2009038971"/> 62042 </rpminfo_test> 62043 <rpminfo_test id="oval:org.opensuse.security:tst:2009067770" version="1" comment="java-1_5_0-ibm-32bit is <1.5.0_sr12.4-0.7.18" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62044 <object object_ref="oval:org.opensuse.security:obj:2009032707"/> 62045 <state state_ref="oval:org.opensuse.security:ste:2009039438"/> 62046 </rpminfo_test> 62047 <rpminfo_test id="oval:org.opensuse.security:tst:2009067771" version="1" comment="java-1_5_0-ibm-alsa-32bit is <1.5.0_sr12.4-0.7.18" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62048 <object object_ref="oval:org.opensuse.security:obj:2009032708"/> 62049 <state state_ref="oval:org.opensuse.security:ste:2009039438"/> 62050 </rpminfo_test> 62051 <rpminfo_test id="oval:org.opensuse.security:tst:2009067772" version="1" comment="java-1_5_0-ibm-alsa is <1.5.0_sr12.4-0.7.18" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62052 <object object_ref="oval:org.opensuse.security:obj:2009032709"/> 62053 <state state_ref="oval:org.opensuse.security:ste:2009039438"/> 62054 </rpminfo_test> 62055 <rpminfo_test id="oval:org.opensuse.security:tst:2009067773" version="1" comment="java-1_5_0-ibm-demo is <1.5.0_sr12.4-0.7.18" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62056 <object object_ref="oval:org.opensuse.security:obj:2009032710"/> 62057 <state state_ref="oval:org.opensuse.security:ste:2009039438"/> 62058 </rpminfo_test> 62059 <rpminfo_test id="oval:org.opensuse.security:tst:2009067774" version="1" comment="java-1_5_0-ibm-devel-32bit is <1.5.0_sr12.4-0.7.18" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62060 <object object_ref="oval:org.opensuse.security:obj:2009032711"/> 62061 <state state_ref="oval:org.opensuse.security:ste:2009039438"/> 62062 </rpminfo_test> 62063 <rpminfo_test id="oval:org.opensuse.security:tst:2009067775" version="1" comment="java-1_5_0-ibm-devel is <1.5.0_sr12.4-0.7.18" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62064 <object object_ref="oval:org.opensuse.security:obj:2009032712"/> 62065 <state state_ref="oval:org.opensuse.security:ste:2009039438"/> 62066 </rpminfo_test> 62067 <rpminfo_test id="oval:org.opensuse.security:tst:2009067776" version="1" comment="java-1_5_0-ibm-fonts is <1.5.0_sr12.4-0.7.18" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62068 <object object_ref="oval:org.opensuse.security:obj:2009032773"/> 62069 <state state_ref="oval:org.opensuse.security:ste:2009039438"/> 62070 </rpminfo_test> 62071 <rpminfo_test id="oval:org.opensuse.security:tst:2009067777" version="1" comment="java-1_5_0-ibm-jdbc is <1.5.0_sr12.4-0.7.18" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62072 <object object_ref="oval:org.opensuse.security:obj:2009032713"/> 62073 <state state_ref="oval:org.opensuse.security:ste:2009039438"/> 62074 </rpminfo_test> 62075 <rpminfo_test id="oval:org.opensuse.security:tst:2009067778" version="1" comment="java-1_5_0-ibm-plugin is <1.5.0_sr12.4-0.7.18" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62076 <object object_ref="oval:org.opensuse.security:obj:2009032714"/> 62077 <state state_ref="oval:org.opensuse.security:ste:2009039438"/> 62078 </rpminfo_test> 62079 <rpminfo_test id="oval:org.opensuse.security:tst:2009067779" version="1" comment="java-1_5_0-ibm-src is <1.5.0_sr12.4-0.7.18" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62080 <object object_ref="oval:org.opensuse.security:obj:2009032715"/> 62081 <state state_ref="oval:org.opensuse.security:ste:2009039438"/> 62082 </rpminfo_test> 62083 <rpminfo_test id="oval:org.opensuse.security:tst:2009067780" version="1" comment="java-1_5_0-ibm is <1.5.0_sr12.4-0.7.18" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62084 <object object_ref="oval:org.opensuse.security:obj:2009032716"/> 62085 <state state_ref="oval:org.opensuse.security:ste:2009039438"/> 62086 </rpminfo_test> 62087 <rpminfo_test id="oval:org.opensuse.security:tst:2009066655" version="1" comment="java-1_5_0-ibm-32bit is <1.5.0_sr12.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62088 <object object_ref="oval:org.opensuse.security:obj:2009032707"/> 62089 <state state_ref="oval:org.opensuse.security:ste:2009039154"/> 62090 </rpminfo_test> 62091 <rpminfo_test id="oval:org.opensuse.security:tst:2009066656" version="1" comment="java-1_5_0-ibm-alsa-32bit is <1.5.0_sr12.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62092 <object object_ref="oval:org.opensuse.security:obj:2009032708"/> 62093 <state state_ref="oval:org.opensuse.security:ste:2009039154"/> 62094 </rpminfo_test> 62095 <rpminfo_test id="oval:org.opensuse.security:tst:2009066657" version="1" comment="java-1_5_0-ibm-alsa is <1.5.0_sr12.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62096 <object object_ref="oval:org.opensuse.security:obj:2009032709"/> 62097 <state state_ref="oval:org.opensuse.security:ste:2009039154"/> 62098 </rpminfo_test> 62099 <rpminfo_test id="oval:org.opensuse.security:tst:2009066658" version="1" comment="java-1_5_0-ibm-demo is <1.5.0_sr12.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62100 <object object_ref="oval:org.opensuse.security:obj:2009032710"/> 62101 <state state_ref="oval:org.opensuse.security:ste:2009039154"/> 62102 </rpminfo_test> 62103 <rpminfo_test id="oval:org.opensuse.security:tst:2009066659" version="1" comment="java-1_5_0-ibm-devel-32bit is <1.5.0_sr12.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62104 <object object_ref="oval:org.opensuse.security:obj:2009032711"/> 62105 <state state_ref="oval:org.opensuse.security:ste:2009039154"/> 62106 </rpminfo_test> 62107 <rpminfo_test id="oval:org.opensuse.security:tst:2009066660" version="1" comment="java-1_5_0-ibm-devel is <1.5.0_sr12.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62108 <object object_ref="oval:org.opensuse.security:obj:2009032712"/> 62109 <state state_ref="oval:org.opensuse.security:ste:2009039154"/> 62110 </rpminfo_test> 62111 <rpminfo_test id="oval:org.opensuse.security:tst:2009066661" version="1" comment="java-1_5_0-ibm-fonts is <1.5.0_sr12.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62112 <object object_ref="oval:org.opensuse.security:obj:2009032773"/> 62113 <state state_ref="oval:org.opensuse.security:ste:2009039154"/> 62114 </rpminfo_test> 62115 <rpminfo_test id="oval:org.opensuse.security:tst:2009066662" version="1" comment="java-1_5_0-ibm-jdbc is <1.5.0_sr12.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62116 <object object_ref="oval:org.opensuse.security:obj:2009032713"/> 62117 <state state_ref="oval:org.opensuse.security:ste:2009039154"/> 62118 </rpminfo_test> 62119 <rpminfo_test id="oval:org.opensuse.security:tst:2009066663" version="1" comment="java-1_5_0-ibm-plugin is <1.5.0_sr12.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62120 <object object_ref="oval:org.opensuse.security:obj:2009032714"/> 62121 <state state_ref="oval:org.opensuse.security:ste:2009039154"/> 62122 </rpminfo_test> 62123 <rpminfo_test id="oval:org.opensuse.security:tst:2009066664" version="1" comment="java-1_5_0-ibm-src is <1.5.0_sr12.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62124 <object object_ref="oval:org.opensuse.security:obj:2009032715"/> 62125 <state state_ref="oval:org.opensuse.security:ste:2009039154"/> 62126 </rpminfo_test> 62127 <rpminfo_test id="oval:org.opensuse.security:tst:2009066665" version="1" comment="java-1_5_0-ibm is <1.5.0_sr12.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62128 <object object_ref="oval:org.opensuse.security:obj:2009032716"/> 62129 <state state_ref="oval:org.opensuse.security:ste:2009039154"/> 62130 </rpminfo_test> 62131 <rpminfo_test id="oval:org.opensuse.security:tst:2009065699" version="1" comment="pcsc-lite-devel is <1.2.9_beta9-17.19.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62132 <object object_ref="oval:org.opensuse.security:obj:2009032525"/> 62133 <state state_ref="oval:org.opensuse.security:ste:2009038948"/> 62134 </rpminfo_test> 62135 <rpminfo_test id="oval:org.opensuse.security:tst:2009065700" version="1" comment="pcsc-lite is <1.2.9_beta9-17.19.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62136 <object object_ref="oval:org.opensuse.security:obj:2009032526"/> 62137 <state state_ref="oval:org.opensuse.security:ste:2009038948"/> 62138 </rpminfo_test> 62139 <rpminfo_test id="oval:org.opensuse.security:tst:2009065889" version="1" comment="subversion-devel is <1.3.1-1.16.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62140 <object object_ref="oval:org.opensuse.security:obj:2009031998"/> 62141 <state state_ref="oval:org.opensuse.security:ste:2009038983"/> 62142 </rpminfo_test> 62143 <rpminfo_test id="oval:org.opensuse.security:tst:2009065890" version="1" comment="subversion is <1.3.1-1.16.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62144 <object object_ref="oval:org.opensuse.security:obj:2009032000"/> 62145 <state state_ref="oval:org.opensuse.security:ste:2009038983"/> 62146 </rpminfo_test> 62147 <rpminfo_test id="oval:org.opensuse.security:tst:2009066550" version="1" comment="gimp-devel is <2.2.10-22.35.34.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62148 <object object_ref="oval:org.opensuse.security:obj:2009030654"/> 62149 <state state_ref="oval:org.opensuse.security:ste:2009039131"/> 62150 </rpminfo_test> 62151 <rpminfo_test id="oval:org.opensuse.security:tst:2009066551" version="1" comment="gimp is <2.2.10-22.35.34.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62152 <object object_ref="oval:org.opensuse.security:obj:2009030642"/> 62153 <state state_ref="oval:org.opensuse.security:ste:2009039131"/> 62154 </rpminfo_test> 62155 <rpminfo_test id="oval:org.opensuse.security:tst:2009075850" version="1" comment="kernel-bigsmp is <2.6.16.60-0.99.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62156 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 62157 <state state_ref="oval:org.opensuse.security:ste:2009040734"/> 62158 </rpminfo_test> 62159 <rpminfo_test id="oval:org.opensuse.security:tst:2009075851" version="1" comment="kernel-default is <2.6.16.60-0.99.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62160 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 62161 <state state_ref="oval:org.opensuse.security:ste:2009040734"/> 62162 </rpminfo_test> 62163 <rpminfo_test id="oval:org.opensuse.security:tst:2009075852" version="1" comment="kernel-smp is <2.6.16.60-0.99.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62164 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 62165 <state state_ref="oval:org.opensuse.security:ste:2009040734"/> 62166 </rpminfo_test> 62167 <rpminfo_test id="oval:org.opensuse.security:tst:2009075853" version="1" comment="kernel-source is <2.6.16.60-0.99.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62168 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 62169 <state state_ref="oval:org.opensuse.security:ste:2009040734"/> 62170 </rpminfo_test> 62171 <rpminfo_test id="oval:org.opensuse.security:tst:2009075854" version="1" comment="kernel-syms is <2.6.16.60-0.99.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62172 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 62173 <state state_ref="oval:org.opensuse.security:ste:2009040734"/> 62174 </rpminfo_test> 62175 <rpminfo_test id="oval:org.opensuse.security:tst:2009075855" version="1" comment="kernel-xen is <2.6.16.60-0.99.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62176 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 62177 <state state_ref="oval:org.opensuse.security:ste:2009040734"/> 62178 </rpminfo_test> 62179 <rpminfo_test id="oval:org.opensuse.security:tst:2009075856" version="1" comment="kernel-xenpae is <2.6.16.60-0.99.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62180 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 62181 <state state_ref="oval:org.opensuse.security:ste:2009040734"/> 62182 </rpminfo_test> 62183 <rpminfo_test id="oval:org.opensuse.security:tst:2009068148" version="1" comment="libtiff-32bit is <3.8.2-5.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62184 <object object_ref="oval:org.opensuse.security:obj:2009030616"/> 62185 <state state_ref="oval:org.opensuse.security:ste:2009039488"/> 62186 </rpminfo_test> 62187 <rpminfo_test id="oval:org.opensuse.security:tst:2009068152" version="1" comment="libtiff-devel is <3.8.2-5.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62188 <object object_ref="oval:org.opensuse.security:obj:2009031676"/> 62189 <state state_ref="oval:org.opensuse.security:ste:2009039488"/> 62190 </rpminfo_test> 62191 <rpminfo_test id="oval:org.opensuse.security:tst:2009068154" version="1" comment="libtiff is <3.8.2-5.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62192 <object object_ref="oval:org.opensuse.security:obj:2009030452"/> 62193 <state state_ref="oval:org.opensuse.security:ste:2009039488"/> 62194 </rpminfo_test> 62195 <rpminfo_test id="oval:org.opensuse.security:tst:2009073080" version="1" comment="xorg-x11-Xnest is <6.9.0-50.78.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62196 <object object_ref="oval:org.opensuse.security:obj:2009032401"/> 62197 <state state_ref="oval:org.opensuse.security:ste:2009040365"/> 62198 </rpminfo_test> 62199 <rpminfo_test id="oval:org.opensuse.security:tst:2009073081" version="1" comment="xorg-x11-Xvfb is <6.9.0-50.78.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62200 <object object_ref="oval:org.opensuse.security:obj:2009032402"/> 62201 <state state_ref="oval:org.opensuse.security:ste:2009040365"/> 62202 </rpminfo_test> 62203 <rpminfo_test id="oval:org.opensuse.security:tst:2009073082" version="1" comment="xorg-x11-Xvnc is <6.9.0-50.78.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62204 <object object_ref="oval:org.opensuse.security:obj:2009031301"/> 62205 <state state_ref="oval:org.opensuse.security:ste:2009040365"/> 62206 </rpminfo_test> 62207 <rpminfo_test id="oval:org.opensuse.security:tst:2009073083" version="1" comment="xorg-x11-devel-32bit is <6.9.0-50.78.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62208 <object object_ref="oval:org.opensuse.security:obj:2009031328"/> 62209 <state state_ref="oval:org.opensuse.security:ste:2009040365"/> 62210 </rpminfo_test> 62211 <rpminfo_test id="oval:org.opensuse.security:tst:2009073084" version="1" comment="xorg-x11-devel is <6.9.0-50.78.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62212 <object object_ref="oval:org.opensuse.security:obj:2009031330"/> 62213 <state state_ref="oval:org.opensuse.security:ste:2009040365"/> 62214 </rpminfo_test> 62215 <rpminfo_test id="oval:org.opensuse.security:tst:2009073085" version="1" comment="xorg-x11-fonts-100dpi is <6.9.0-50.78.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62216 <object object_ref="oval:org.opensuse.security:obj:2009032403"/> 62217 <state state_ref="oval:org.opensuse.security:ste:2009040365"/> 62218 </rpminfo_test> 62219 <rpminfo_test id="oval:org.opensuse.security:tst:2009073086" version="1" comment="xorg-x11-fonts-75dpi is <6.9.0-50.78.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62220 <object object_ref="oval:org.opensuse.security:obj:2009032404"/> 62221 <state state_ref="oval:org.opensuse.security:ste:2009040365"/> 62222 </rpminfo_test> 62223 <rpminfo_test id="oval:org.opensuse.security:tst:2009073087" version="1" comment="xorg-x11-fonts-cyrillic is <6.9.0-50.78.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62224 <object object_ref="oval:org.opensuse.security:obj:2009032405"/> 62225 <state state_ref="oval:org.opensuse.security:ste:2009040365"/> 62226 </rpminfo_test> 62227 <rpminfo_test id="oval:org.opensuse.security:tst:2009073088" version="1" comment="xorg-x11-fonts-scalable is <6.9.0-50.78.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62228 <object object_ref="oval:org.opensuse.security:obj:2009032406"/> 62229 <state state_ref="oval:org.opensuse.security:ste:2009040365"/> 62230 </rpminfo_test> 62231 <rpminfo_test id="oval:org.opensuse.security:tst:2009073089" version="1" comment="xorg-x11-fonts-syriac is <6.9.0-50.78.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62232 <object object_ref="oval:org.opensuse.security:obj:2009032407"/> 62233 <state state_ref="oval:org.opensuse.security:ste:2009040365"/> 62234 </rpminfo_test> 62235 <rpminfo_test id="oval:org.opensuse.security:tst:2009073090" version="1" comment="xorg-x11-libs-32bit is <6.9.0-50.78.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62236 <object object_ref="oval:org.opensuse.security:obj:2009031332"/> 62237 <state state_ref="oval:org.opensuse.security:ste:2009040365"/> 62238 </rpminfo_test> 62239 <rpminfo_test id="oval:org.opensuse.security:tst:2009073091" version="1" comment="xorg-x11-libs is <6.9.0-50.78.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62240 <object object_ref="oval:org.opensuse.security:obj:2009031334"/> 62241 <state state_ref="oval:org.opensuse.security:ste:2009040365"/> 62242 </rpminfo_test> 62243 <rpminfo_test id="oval:org.opensuse.security:tst:2009073092" version="1" comment="xorg-x11-man is <6.9.0-50.78.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62244 <object object_ref="oval:org.opensuse.security:obj:2009032408"/> 62245 <state state_ref="oval:org.opensuse.security:ste:2009040365"/> 62246 </rpminfo_test> 62247 <rpminfo_test id="oval:org.opensuse.security:tst:2009073093" version="1" comment="xorg-x11-server-glx is <6.9.0-50.78.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62248 <object object_ref="oval:org.opensuse.security:obj:2009032409"/> 62249 <state state_ref="oval:org.opensuse.security:ste:2009040365"/> 62250 </rpminfo_test> 62251 <rpminfo_test id="oval:org.opensuse.security:tst:2009073094" version="1" comment="xorg-x11-server is <6.9.0-50.78.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62252 <object object_ref="oval:org.opensuse.security:obj:2009031304"/> 62253 <state state_ref="oval:org.opensuse.security:ste:2009040365"/> 62254 </rpminfo_test> 62255 <rpminfo_test id="oval:org.opensuse.security:tst:2009073095" version="1" comment="xorg-x11 is <6.9.0-50.78.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62256 <object object_ref="oval:org.opensuse.security:obj:2009031335"/> 62257 <state state_ref="oval:org.opensuse.security:ste:2009040365"/> 62258 </rpminfo_test> 62259 <rpminfo_test id="oval:org.opensuse.security:tst:2009068519" version="1" comment="firefox3-pango-32bit is <1.14.5-0.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62260 <object object_ref="oval:org.opensuse.security:obj:2009033279"/> 62261 <state state_ref="oval:org.opensuse.security:ste:2009039569"/> 62262 </rpminfo_test> 62263 <rpminfo_test id="oval:org.opensuse.security:tst:2009068520" version="1" comment="firefox3-pango is <1.14.5-0.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62264 <object object_ref="oval:org.opensuse.security:obj:2009033280"/> 62265 <state state_ref="oval:org.opensuse.security:ste:2009039569"/> 62266 </rpminfo_test> 62267 <rpminfo_test id="oval:org.opensuse.security:tst:2009068275" version="1" comment="MozillaFirefox-translations is <3.6.17-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62268 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 62269 <state state_ref="oval:org.opensuse.security:ste:2009039505"/> 62270 </rpminfo_test> 62271 <rpminfo_test id="oval:org.opensuse.security:tst:2009068276" version="1" comment="MozillaFirefox is <3.6.17-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62272 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 62273 <state state_ref="oval:org.opensuse.security:ste:2009039505"/> 62274 </rpminfo_test> 62275 <rpminfo_test id="oval:org.opensuse.security:tst:2009068277" version="1" comment="mozilla-xulrunner192-32bit is <1.9.2.17-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62276 <object object_ref="oval:org.opensuse.security:obj:2009033842"/> 62277 <state state_ref="oval:org.opensuse.security:ste:2009039506"/> 62278 </rpminfo_test> 62279 <rpminfo_test id="oval:org.opensuse.security:tst:2009068278" version="1" comment="mozilla-xulrunner192-gnome-32bit is <1.9.2.17-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62280 <object object_ref="oval:org.opensuse.security:obj:2009033845"/> 62281 <state state_ref="oval:org.opensuse.security:ste:2009039506"/> 62282 </rpminfo_test> 62283 <rpminfo_test id="oval:org.opensuse.security:tst:2009068279" version="1" comment="mozilla-xulrunner192-gnome is <1.9.2.17-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62284 <object object_ref="oval:org.opensuse.security:obj:2009033846"/> 62285 <state state_ref="oval:org.opensuse.security:ste:2009039506"/> 62286 </rpminfo_test> 62287 <rpminfo_test id="oval:org.opensuse.security:tst:2009068280" version="1" comment="mozilla-xulrunner192-translations-32bit is <1.9.2.17-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62288 <object object_ref="oval:org.opensuse.security:obj:2009033962"/> 62289 <state state_ref="oval:org.opensuse.security:ste:2009039506"/> 62290 </rpminfo_test> 62291 <rpminfo_test id="oval:org.opensuse.security:tst:2009068281" version="1" comment="mozilla-xulrunner192-translations is <1.9.2.17-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62292 <object object_ref="oval:org.opensuse.security:obj:2009033959"/> 62293 <state state_ref="oval:org.opensuse.security:ste:2009039506"/> 62294 </rpminfo_test> 62295 <rpminfo_test id="oval:org.opensuse.security:tst:2009068282" version="1" comment="mozilla-xulrunner192 is <1.9.2.17-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62296 <object object_ref="oval:org.opensuse.security:obj:2009033851"/> 62297 <state state_ref="oval:org.opensuse.security:ste:2009039506"/> 62298 </rpminfo_test> 62299 <rpminfo_test id="oval:org.opensuse.security:tst:2009068267" version="1" comment="mozilla-xulrunner191-32bit is <1.9.1.19-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62300 <object object_ref="oval:org.opensuse.security:obj:2009033425"/> 62301 <state state_ref="oval:org.opensuse.security:ste:2009039504"/> 62302 </rpminfo_test> 62303 <rpminfo_test id="oval:org.opensuse.security:tst:2009068268" version="1" comment="mozilla-xulrunner191-gnomevfs-32bit is <1.9.1.19-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62304 <object object_ref="oval:org.opensuse.security:obj:2009033431"/> 62305 <state state_ref="oval:org.opensuse.security:ste:2009039504"/> 62306 </rpminfo_test> 62307 <rpminfo_test id="oval:org.opensuse.security:tst:2009068269" version="1" comment="mozilla-xulrunner191-gnomevfs is <1.9.1.19-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62308 <object object_ref="oval:org.opensuse.security:obj:2009033426"/> 62309 <state state_ref="oval:org.opensuse.security:ste:2009039504"/> 62310 </rpminfo_test> 62311 <rpminfo_test id="oval:org.opensuse.security:tst:2009068270" version="1" comment="mozilla-xulrunner191-translations-32bit is <1.9.1.19-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62312 <object object_ref="oval:org.opensuse.security:obj:2009033433"/> 62313 <state state_ref="oval:org.opensuse.security:ste:2009039504"/> 62314 </rpminfo_test> 62315 <rpminfo_test id="oval:org.opensuse.security:tst:2009068271" version="1" comment="mozilla-xulrunner191-translations is <1.9.1.19-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62316 <object object_ref="oval:org.opensuse.security:obj:2009033427"/> 62317 <state state_ref="oval:org.opensuse.security:ste:2009039504"/> 62318 </rpminfo_test> 62319 <rpminfo_test id="oval:org.opensuse.security:tst:2009068272" version="1" comment="mozilla-xulrunner191 is <1.9.1.19-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62320 <object object_ref="oval:org.opensuse.security:obj:2009033429"/> 62321 <state state_ref="oval:org.opensuse.security:ste:2009039504"/> 62322 </rpminfo_test> 62323 <rpminfo_test id="oval:org.opensuse.security:tst:2009069301" version="1" comment="MozillaFirefox-translations is <3.6.18-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62324 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 62325 <state state_ref="oval:org.opensuse.security:ste:2009039693"/> 62326 </rpminfo_test> 62327 <rpminfo_test id="oval:org.opensuse.security:tst:2009069302" version="1" comment="MozillaFirefox is <3.6.18-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62328 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 62329 <state state_ref="oval:org.opensuse.security:ste:2009039693"/> 62330 </rpminfo_test> 62331 <rpminfo_test id="oval:org.opensuse.security:tst:2009069303" version="1" comment="mozilla-xulrunner192-32bit is <1.9.2.18-1.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62332 <object object_ref="oval:org.opensuse.security:obj:2009033842"/> 62333 <state state_ref="oval:org.opensuse.security:ste:2009039694"/> 62334 </rpminfo_test> 62335 <rpminfo_test id="oval:org.opensuse.security:tst:2009069304" version="1" comment="mozilla-xulrunner192-gnome-32bit is <1.9.2.18-1.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62336 <object object_ref="oval:org.opensuse.security:obj:2009033845"/> 62337 <state state_ref="oval:org.opensuse.security:ste:2009039694"/> 62338 </rpminfo_test> 62339 <rpminfo_test id="oval:org.opensuse.security:tst:2009069305" version="1" comment="mozilla-xulrunner192-gnome is <1.9.2.18-1.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62340 <object object_ref="oval:org.opensuse.security:obj:2009033846"/> 62341 <state state_ref="oval:org.opensuse.security:ste:2009039694"/> 62342 </rpminfo_test> 62343 <rpminfo_test id="oval:org.opensuse.security:tst:2009069306" version="1" comment="mozilla-xulrunner192-translations-32bit is <1.9.2.18-1.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62344 <object object_ref="oval:org.opensuse.security:obj:2009033962"/> 62345 <state state_ref="oval:org.opensuse.security:ste:2009039694"/> 62346 </rpminfo_test> 62347 <rpminfo_test id="oval:org.opensuse.security:tst:2009069307" version="1" comment="mozilla-xulrunner192-translations is <1.9.2.18-1.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62348 <object object_ref="oval:org.opensuse.security:obj:2009033959"/> 62349 <state state_ref="oval:org.opensuse.security:ste:2009039694"/> 62350 </rpminfo_test> 62351 <rpminfo_test id="oval:org.opensuse.security:tst:2009069308" version="1" comment="mozilla-xulrunner192 is <1.9.2.18-1.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62352 <object object_ref="oval:org.opensuse.security:obj:2009033851"/> 62353 <state state_ref="oval:org.opensuse.security:ste:2009039694"/> 62354 </rpminfo_test> 62355 <rpminfo_test id="oval:org.opensuse.security:tst:2009070101" version="1" comment="MozillaFirefox-translations is <3.6.20-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62356 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 62357 <state state_ref="oval:org.opensuse.security:ste:2009039866"/> 62358 </rpminfo_test> 62359 <rpminfo_test id="oval:org.opensuse.security:tst:2009070102" version="1" comment="MozillaFirefox is <3.6.20-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62360 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 62361 <state state_ref="oval:org.opensuse.security:ste:2009039866"/> 62362 </rpminfo_test> 62363 <rpminfo_test id="oval:org.opensuse.security:tst:2009070103" version="1" comment="mozilla-xulrunner192-32bit is <1.9.2.20-1.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62364 <object object_ref="oval:org.opensuse.security:obj:2009033842"/> 62365 <state state_ref="oval:org.opensuse.security:ste:2009039867"/> 62366 </rpminfo_test> 62367 <rpminfo_test id="oval:org.opensuse.security:tst:2009070104" version="1" comment="mozilla-xulrunner192-gnome-32bit is <1.9.2.20-1.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62368 <object object_ref="oval:org.opensuse.security:obj:2009033845"/> 62369 <state state_ref="oval:org.opensuse.security:ste:2009039867"/> 62370 </rpminfo_test> 62371 <rpminfo_test id="oval:org.opensuse.security:tst:2009070105" version="1" comment="mozilla-xulrunner192-gnome is <1.9.2.20-1.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62372 <object object_ref="oval:org.opensuse.security:obj:2009033846"/> 62373 <state state_ref="oval:org.opensuse.security:ste:2009039867"/> 62374 </rpminfo_test> 62375 <rpminfo_test id="oval:org.opensuse.security:tst:2009070106" version="1" comment="mozilla-xulrunner192-translations-32bit is <1.9.2.20-1.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62376 <object object_ref="oval:org.opensuse.security:obj:2009033962"/> 62377 <state state_ref="oval:org.opensuse.security:ste:2009039867"/> 62378 </rpminfo_test> 62379 <rpminfo_test id="oval:org.opensuse.security:tst:2009070107" version="1" comment="mozilla-xulrunner192-translations is <1.9.2.20-1.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62380 <object object_ref="oval:org.opensuse.security:obj:2009033959"/> 62381 <state state_ref="oval:org.opensuse.security:ste:2009039867"/> 62382 </rpminfo_test> 62383 <rpminfo_test id="oval:org.opensuse.security:tst:2009070108" version="1" comment="mozilla-xulrunner192 is <1.9.2.20-1.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62384 <object object_ref="oval:org.opensuse.security:obj:2009033851"/> 62385 <state state_ref="oval:org.opensuse.security:ste:2009039867"/> 62386 </rpminfo_test> 62387 <rpminfo_test id="oval:org.opensuse.security:tst:2009068635" version="1" comment="ruby is <1.8.6.p369-0.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62388 <object object_ref="oval:org.opensuse.security:obj:2009030431"/> 62389 <state state_ref="oval:org.opensuse.security:ste:2009039597"/> 62390 </rpminfo_test> 62391 <rpminfo_test id="oval:org.opensuse.security:tst:2009066571" version="1" comment="libtiff-32bit is <3.8.2-5.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62392 <object object_ref="oval:org.opensuse.security:obj:2009030616"/> 62393 <state state_ref="oval:org.opensuse.security:ste:2009039137"/> 62394 </rpminfo_test> 62395 <rpminfo_test id="oval:org.opensuse.security:tst:2009066572" version="1" comment="libtiff-devel is <3.8.2-5.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62396 <object object_ref="oval:org.opensuse.security:obj:2009031676"/> 62397 <state state_ref="oval:org.opensuse.security:ste:2009039137"/> 62398 </rpminfo_test> 62399 <rpminfo_test id="oval:org.opensuse.security:tst:2009066573" version="1" comment="libtiff is <3.8.2-5.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62400 <object object_ref="oval:org.opensuse.security:obj:2009030452"/> 62401 <state state_ref="oval:org.opensuse.security:ste:2009039137"/> 62402 </rpminfo_test> 62403 <rpminfo_test id="oval:org.opensuse.security:tst:2009067842" version="1" comment="postfix is <2.5.6-4.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62404 <object object_ref="oval:org.opensuse.security:obj:2009030854"/> 62405 <state state_ref="oval:org.opensuse.security:ste:2009039447"/> 62406 </rpminfo_test> 62407 <rpminfo_test id="oval:org.opensuse.security:tst:2009068586" version="1" comment="pure-ftpd is <1.0.22-0.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62408 <object object_ref="oval:org.opensuse.security:obj:2009031078"/> 62409 <state state_ref="oval:org.opensuse.security:ste:2009039585"/> 62410 </rpminfo_test> 62411 <rpminfo_test id="oval:org.opensuse.security:tst:2009069417" version="1" comment="libapr1-devel is <1.2.2-13.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62412 <object object_ref="oval:org.opensuse.security:obj:2009033458"/> 62413 <state state_ref="oval:org.opensuse.security:ste:2009037238"/> 62414 </rpminfo_test> 62415 <rpminfo_test id="oval:org.opensuse.security:tst:2009069418" version="1" comment="libapr1 is <1.2.2-13.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62416 <object object_ref="oval:org.opensuse.security:obj:2009033455"/> 62417 <state state_ref="oval:org.opensuse.security:ste:2009037238"/> 62418 </rpminfo_test> 62419 <rpminfo_test id="oval:org.opensuse.security:tst:2009066923" version="1" comment="evince is <0.4.0-25.15.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62420 <object object_ref="oval:org.opensuse.security:obj:2009032701"/> 62421 <state state_ref="oval:org.opensuse.security:ste:2009039177"/> 62422 </rpminfo_test> 62423 <rpminfo_test id="oval:org.opensuse.security:tst:2009067152" version="1" comment="evince is <0.4.0-25.19.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62424 <object object_ref="oval:org.opensuse.security:obj:2009032701"/> 62425 <state state_ref="oval:org.opensuse.security:ste:2009039232"/> 62426 </rpminfo_test> 62427 <rpminfo_test id="oval:org.opensuse.security:tst:2009067153" version="1" comment="xorg-x11-Xnest is <6.9.0-50.74.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62428 <object object_ref="oval:org.opensuse.security:obj:2009032401"/> 62429 <state state_ref="oval:org.opensuse.security:ste:2009039233"/> 62430 </rpminfo_test> 62431 <rpminfo_test id="oval:org.opensuse.security:tst:2009067154" version="1" comment="xorg-x11-Xvfb is <6.9.0-50.74.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62432 <object object_ref="oval:org.opensuse.security:obj:2009032402"/> 62433 <state state_ref="oval:org.opensuse.security:ste:2009039233"/> 62434 </rpminfo_test> 62435 <rpminfo_test id="oval:org.opensuse.security:tst:2009067155" version="1" comment="xorg-x11-Xvnc is <6.9.0-50.74.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62436 <object object_ref="oval:org.opensuse.security:obj:2009031301"/> 62437 <state state_ref="oval:org.opensuse.security:ste:2009039233"/> 62438 </rpminfo_test> 62439 <rpminfo_test id="oval:org.opensuse.security:tst:2009067156" version="1" comment="xorg-x11-devel-32bit is <6.9.0-50.74.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62440 <object object_ref="oval:org.opensuse.security:obj:2009031328"/> 62441 <state state_ref="oval:org.opensuse.security:ste:2009039233"/> 62442 </rpminfo_test> 62443 <rpminfo_test id="oval:org.opensuse.security:tst:2009067157" version="1" comment="xorg-x11-devel is <6.9.0-50.74.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62444 <object object_ref="oval:org.opensuse.security:obj:2009031330"/> 62445 <state state_ref="oval:org.opensuse.security:ste:2009039233"/> 62446 </rpminfo_test> 62447 <rpminfo_test id="oval:org.opensuse.security:tst:2009067158" version="1" comment="xorg-x11-fonts-100dpi is <6.9.0-50.74.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62448 <object object_ref="oval:org.opensuse.security:obj:2009032403"/> 62449 <state state_ref="oval:org.opensuse.security:ste:2009039233"/> 62450 </rpminfo_test> 62451 <rpminfo_test id="oval:org.opensuse.security:tst:2009067159" version="1" comment="xorg-x11-fonts-75dpi is <6.9.0-50.74.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62452 <object object_ref="oval:org.opensuse.security:obj:2009032404"/> 62453 <state state_ref="oval:org.opensuse.security:ste:2009039233"/> 62454 </rpminfo_test> 62455 <rpminfo_test id="oval:org.opensuse.security:tst:2009067160" version="1" comment="xorg-x11-fonts-cyrillic is <6.9.0-50.74.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62456 <object object_ref="oval:org.opensuse.security:obj:2009032405"/> 62457 <state state_ref="oval:org.opensuse.security:ste:2009039233"/> 62458 </rpminfo_test> 62459 <rpminfo_test id="oval:org.opensuse.security:tst:2009067161" version="1" comment="xorg-x11-fonts-scalable is <6.9.0-50.74.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62460 <object object_ref="oval:org.opensuse.security:obj:2009032406"/> 62461 <state state_ref="oval:org.opensuse.security:ste:2009039233"/> 62462 </rpminfo_test> 62463 <rpminfo_test id="oval:org.opensuse.security:tst:2009067162" version="1" comment="xorg-x11-fonts-syriac is <6.9.0-50.74.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62464 <object object_ref="oval:org.opensuse.security:obj:2009032407"/> 62465 <state state_ref="oval:org.opensuse.security:ste:2009039233"/> 62466 </rpminfo_test> 62467 <rpminfo_test id="oval:org.opensuse.security:tst:2009067163" version="1" comment="xorg-x11-libs-32bit is <6.9.0-50.74.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62468 <object object_ref="oval:org.opensuse.security:obj:2009031332"/> 62469 <state state_ref="oval:org.opensuse.security:ste:2009039233"/> 62470 </rpminfo_test> 62471 <rpminfo_test id="oval:org.opensuse.security:tst:2009067164" version="1" comment="xorg-x11-libs is <6.9.0-50.74.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62472 <object object_ref="oval:org.opensuse.security:obj:2009031334"/> 62473 <state state_ref="oval:org.opensuse.security:ste:2009039233"/> 62474 </rpminfo_test> 62475 <rpminfo_test id="oval:org.opensuse.security:tst:2009067165" version="1" comment="xorg-x11-man is <6.9.0-50.74.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62476 <object object_ref="oval:org.opensuse.security:obj:2009032408"/> 62477 <state state_ref="oval:org.opensuse.security:ste:2009039233"/> 62478 </rpminfo_test> 62479 <rpminfo_test id="oval:org.opensuse.security:tst:2009067166" version="1" comment="xorg-x11-server-glx is <6.9.0-50.74.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62480 <object object_ref="oval:org.opensuse.security:obj:2009032409"/> 62481 <state state_ref="oval:org.opensuse.security:ste:2009039233"/> 62482 </rpminfo_test> 62483 <rpminfo_test id="oval:org.opensuse.security:tst:2009067167" version="1" comment="xorg-x11-server is <6.9.0-50.74.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62484 <object object_ref="oval:org.opensuse.security:obj:2009031304"/> 62485 <state state_ref="oval:org.opensuse.security:ste:2009039233"/> 62486 </rpminfo_test> 62487 <rpminfo_test id="oval:org.opensuse.security:tst:2009067168" version="1" comment="xorg-x11 is <6.9.0-50.74.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62488 <object object_ref="oval:org.opensuse.security:obj:2009031335"/> 62489 <state state_ref="oval:org.opensuse.security:ste:2009039233"/> 62490 </rpminfo_test> 62491 <rpminfo_test id="oval:org.opensuse.security:tst:2009067174" version="1" comment="xorg-x11-Xnest is <6.9.0-50.69.69.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62492 <object object_ref="oval:org.opensuse.security:obj:2009032401"/> 62493 <state state_ref="oval:org.opensuse.security:ste:2009039234"/> 62494 </rpminfo_test> 62495 <rpminfo_test id="oval:org.opensuse.security:tst:2009067175" version="1" comment="xorg-x11-Xvfb is <6.9.0-50.69.69.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62496 <object object_ref="oval:org.opensuse.security:obj:2009032402"/> 62497 <state state_ref="oval:org.opensuse.security:ste:2009039234"/> 62498 </rpminfo_test> 62499 <rpminfo_test id="oval:org.opensuse.security:tst:2009067176" version="1" comment="xorg-x11-Xvnc is <6.9.0-50.69.69.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62500 <object object_ref="oval:org.opensuse.security:obj:2009031301"/> 62501 <state state_ref="oval:org.opensuse.security:ste:2009039234"/> 62502 </rpminfo_test> 62503 <rpminfo_test id="oval:org.opensuse.security:tst:2009067177" version="1" comment="xorg-x11-devel-32bit is <6.9.0-50.69.69.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62504 <object object_ref="oval:org.opensuse.security:obj:2009031328"/> 62505 <state state_ref="oval:org.opensuse.security:ste:2009039234"/> 62506 </rpminfo_test> 62507 <rpminfo_test id="oval:org.opensuse.security:tst:2009067178" version="1" comment="xorg-x11-devel is <6.9.0-50.69.69.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62508 <object object_ref="oval:org.opensuse.security:obj:2009031330"/> 62509 <state state_ref="oval:org.opensuse.security:ste:2009039234"/> 62510 </rpminfo_test> 62511 <rpminfo_test id="oval:org.opensuse.security:tst:2009067179" version="1" comment="xorg-x11-fonts-100dpi is <6.9.0-50.69.69.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62512 <object object_ref="oval:org.opensuse.security:obj:2009032403"/> 62513 <state state_ref="oval:org.opensuse.security:ste:2009039234"/> 62514 </rpminfo_test> 62515 <rpminfo_test id="oval:org.opensuse.security:tst:2009067180" version="1" comment="xorg-x11-fonts-75dpi is <6.9.0-50.69.69.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62516 <object object_ref="oval:org.opensuse.security:obj:2009032404"/> 62517 <state state_ref="oval:org.opensuse.security:ste:2009039234"/> 62518 </rpminfo_test> 62519 <rpminfo_test id="oval:org.opensuse.security:tst:2009067181" version="1" comment="xorg-x11-fonts-cyrillic is <6.9.0-50.69.69.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62520 <object object_ref="oval:org.opensuse.security:obj:2009032405"/> 62521 <state state_ref="oval:org.opensuse.security:ste:2009039234"/> 62522 </rpminfo_test> 62523 <rpminfo_test id="oval:org.opensuse.security:tst:2009067182" version="1" comment="xorg-x11-fonts-scalable is <6.9.0-50.69.69.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62524 <object object_ref="oval:org.opensuse.security:obj:2009032406"/> 62525 <state state_ref="oval:org.opensuse.security:ste:2009039234"/> 62526 </rpminfo_test> 62527 <rpminfo_test id="oval:org.opensuse.security:tst:2009067183" version="1" comment="xorg-x11-fonts-syriac is <6.9.0-50.69.69.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62528 <object object_ref="oval:org.opensuse.security:obj:2009032407"/> 62529 <state state_ref="oval:org.opensuse.security:ste:2009039234"/> 62530 </rpminfo_test> 62531 <rpminfo_test id="oval:org.opensuse.security:tst:2009067184" version="1" comment="xorg-x11-libs-32bit is <6.9.0-50.69.69.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62532 <object object_ref="oval:org.opensuse.security:obj:2009031332"/> 62533 <state state_ref="oval:org.opensuse.security:ste:2009039234"/> 62534 </rpminfo_test> 62535 <rpminfo_test id="oval:org.opensuse.security:tst:2009067185" version="1" comment="xorg-x11-libs is <6.9.0-50.69.69.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62536 <object object_ref="oval:org.opensuse.security:obj:2009031334"/> 62537 <state state_ref="oval:org.opensuse.security:ste:2009039234"/> 62538 </rpminfo_test> 62539 <rpminfo_test id="oval:org.opensuse.security:tst:2009067186" version="1" comment="xorg-x11-man is <6.9.0-50.69.69.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62540 <object object_ref="oval:org.opensuse.security:obj:2009032408"/> 62541 <state state_ref="oval:org.opensuse.security:ste:2009039234"/> 62542 </rpminfo_test> 62543 <rpminfo_test id="oval:org.opensuse.security:tst:2009067187" version="1" comment="xorg-x11-server-glx is <6.9.0-50.69.69.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62544 <object object_ref="oval:org.opensuse.security:obj:2009032409"/> 62545 <state state_ref="oval:org.opensuse.security:ste:2009039234"/> 62546 </rpminfo_test> 62547 <rpminfo_test id="oval:org.opensuse.security:tst:2009067188" version="1" comment="xorg-x11-server is <6.9.0-50.69.69.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62548 <object object_ref="oval:org.opensuse.security:obj:2009031304"/> 62549 <state state_ref="oval:org.opensuse.security:ste:2009039234"/> 62550 </rpminfo_test> 62551 <rpminfo_test id="oval:org.opensuse.security:tst:2009067189" version="1" comment="xorg-x11 is <6.9.0-50.69.69.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62552 <object object_ref="oval:org.opensuse.security:obj:2009031335"/> 62553 <state state_ref="oval:org.opensuse.security:ste:2009039234"/> 62554 </rpminfo_test> 62555 <rpminfo_test id="oval:org.opensuse.security:tst:2009069178" version="1" comment="glibc-32bit is <2.4-31.91.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62556 <object object_ref="oval:org.opensuse.security:obj:2009031922"/> 62557 <state state_ref="oval:org.opensuse.security:ste:2009039676"/> 62558 </rpminfo_test> 62559 <rpminfo_test id="oval:org.opensuse.security:tst:2009069179" version="1" comment="glibc-devel-32bit is <2.4-31.91.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62560 <object object_ref="oval:org.opensuse.security:obj:2009031923"/> 62561 <state state_ref="oval:org.opensuse.security:ste:2009039676"/> 62562 </rpminfo_test> 62563 <rpminfo_test id="oval:org.opensuse.security:tst:2009069180" version="1" comment="glibc-devel is <2.4-31.91.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62564 <object object_ref="oval:org.opensuse.security:obj:2009031924"/> 62565 <state state_ref="oval:org.opensuse.security:ste:2009039676"/> 62566 </rpminfo_test> 62567 <rpminfo_test id="oval:org.opensuse.security:tst:2009069181" version="1" comment="glibc-html is <2.4-31.91.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62568 <object object_ref="oval:org.opensuse.security:obj:2009032391"/> 62569 <state state_ref="oval:org.opensuse.security:ste:2009039676"/> 62570 </rpminfo_test> 62571 <rpminfo_test id="oval:org.opensuse.security:tst:2009069182" version="1" comment="glibc-i18ndata is <2.4-31.91.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62572 <object object_ref="oval:org.opensuse.security:obj:2009032392"/> 62573 <state state_ref="oval:org.opensuse.security:ste:2009039676"/> 62574 </rpminfo_test> 62575 <rpminfo_test id="oval:org.opensuse.security:tst:2009069183" version="1" comment="glibc-info is <2.4-31.91.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62576 <object object_ref="oval:org.opensuse.security:obj:2009032393"/> 62577 <state state_ref="oval:org.opensuse.security:ste:2009039676"/> 62578 </rpminfo_test> 62579 <rpminfo_test id="oval:org.opensuse.security:tst:2009069184" version="1" comment="glibc-locale-32bit is <2.4-31.91.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62580 <object object_ref="oval:org.opensuse.security:obj:2009030531"/> 62581 <state state_ref="oval:org.opensuse.security:ste:2009039676"/> 62582 </rpminfo_test> 62583 <rpminfo_test id="oval:org.opensuse.security:tst:2009069185" version="1" comment="glibc-locale is <2.4-31.91.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62584 <object object_ref="oval:org.opensuse.security:obj:2009031925"/> 62585 <state state_ref="oval:org.opensuse.security:ste:2009039676"/> 62586 </rpminfo_test> 62587 <rpminfo_test id="oval:org.opensuse.security:tst:2009069186" version="1" comment="glibc is <2.4-31.91.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62588 <object object_ref="oval:org.opensuse.security:obj:2009031926"/> 62589 <state state_ref="oval:org.opensuse.security:ste:2009039676"/> 62590 </rpminfo_test> 62591 <rpminfo_test id="oval:org.opensuse.security:tst:2009069187" version="1" comment="nscd is <2.4-31.91.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62592 <object object_ref="oval:org.opensuse.security:obj:2009032399"/> 62593 <state state_ref="oval:org.opensuse.security:ste:2009039676"/> 62594 </rpminfo_test> 62595 <rpminfo_test id="oval:org.opensuse.security:tst:2009065786" version="1" comment="flash-player is <10.2.152.26-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62596 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 62597 <state state_ref="oval:org.opensuse.security:ste:2009038964"/> 62598 </rpminfo_test> 62599 <rpminfo_test id="oval:org.opensuse.security:tst:2009068509" version="1" comment="flash-player is <10.3.181.14-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62600 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 62601 <state state_ref="oval:org.opensuse.security:ste:2009039565"/> 62602 </rpminfo_test> 62603 <rpminfo_test id="oval:org.opensuse.security:tst:2009066552" version="1" comment="flash-player is <10.2.153.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62604 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 62605 <state state_ref="oval:org.opensuse.security:ste:2009039132"/> 62606 </rpminfo_test> 62607 <rpminfo_test id="oval:org.opensuse.security:tst:2009067759" version="1" comment="flash-player is <10.2.159.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62608 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 62609 <state state_ref="oval:org.opensuse.security:ste:2009039434"/> 62610 </rpminfo_test> 62611 <rpminfo_test id="oval:org.opensuse.security:tst:2009069076" version="1" comment="subversion-devel is <1.3.1-1.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62612 <object object_ref="oval:org.opensuse.security:obj:2009031998"/> 62613 <state state_ref="oval:org.opensuse.security:ste:2009039655"/> 62614 </rpminfo_test> 62615 <rpminfo_test id="oval:org.opensuse.security:tst:2009069080" version="1" comment="subversion is <1.3.1-1.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62616 <object object_ref="oval:org.opensuse.security:obj:2009032000"/> 62617 <state state_ref="oval:org.opensuse.security:ste:2009039655"/> 62618 </rpminfo_test> 62619 <rpminfo_test id="oval:org.opensuse.security:tst:2009068166" version="1" comment="cifs-mount is <3.0.36-0.13.14.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62620 <object object_ref="oval:org.opensuse.security:obj:2009031336"/> 62621 <state state_ref="oval:org.opensuse.security:ste:2009039489"/> 62622 </rpminfo_test> 62623 <rpminfo_test id="oval:org.opensuse.security:tst:2009068167" version="1" comment="ldapsmb is <1.34b-25.13.14.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62624 <object object_ref="oval:org.opensuse.security:obj:2009030746"/> 62625 <state state_ref="oval:org.opensuse.security:ste:2009039490"/> 62626 </rpminfo_test> 62627 <rpminfo_test id="oval:org.opensuse.security:tst:2009068168" version="1" comment="libsmbclient-32bit is <3.0.36-0.13.14.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62628 <object object_ref="oval:org.opensuse.security:obj:2009030745"/> 62629 <state state_ref="oval:org.opensuse.security:ste:2009039489"/> 62630 </rpminfo_test> 62631 <rpminfo_test id="oval:org.opensuse.security:tst:2009068169" version="1" comment="libsmbclient-devel is <3.0.36-0.13.14.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62632 <object object_ref="oval:org.opensuse.security:obj:2009030441"/> 62633 <state state_ref="oval:org.opensuse.security:ste:2009039489"/> 62634 </rpminfo_test> 62635 <rpminfo_test id="oval:org.opensuse.security:tst:2009068170" version="1" comment="libsmbclient is <3.0.36-0.13.14.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62636 <object object_ref="oval:org.opensuse.security:obj:2009030442"/> 62637 <state state_ref="oval:org.opensuse.security:ste:2009039489"/> 62638 </rpminfo_test> 62639 <rpminfo_test id="oval:org.opensuse.security:tst:2009068171" version="1" comment="samba-32bit is <3.0.36-0.13.14.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62640 <object object_ref="oval:org.opensuse.security:obj:2009030769"/> 62641 <state state_ref="oval:org.opensuse.security:ste:2009039489"/> 62642 </rpminfo_test> 62643 <rpminfo_test id="oval:org.opensuse.security:tst:2009068172" version="1" comment="samba-client-32bit is <3.0.36-0.13.14.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62644 <object object_ref="oval:org.opensuse.security:obj:2009030770"/> 62645 <state state_ref="oval:org.opensuse.security:ste:2009039489"/> 62646 </rpminfo_test> 62647 <rpminfo_test id="oval:org.opensuse.security:tst:2009068173" version="1" comment="samba-client is <3.0.36-0.13.14.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62648 <object object_ref="oval:org.opensuse.security:obj:2009030443"/> 62649 <state state_ref="oval:org.opensuse.security:ste:2009039489"/> 62650 </rpminfo_test> 62651 <rpminfo_test id="oval:org.opensuse.security:tst:2009068174" version="1" comment="samba-krb-printing is <3.0.36-0.13.14.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62652 <object object_ref="oval:org.opensuse.security:obj:2009031344"/> 62653 <state state_ref="oval:org.opensuse.security:ste:2009039489"/> 62654 </rpminfo_test> 62655 <rpminfo_test id="oval:org.opensuse.security:tst:2009068175" version="1" comment="samba-vscan is <0.3.6b-43.13.14.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62656 <object object_ref="oval:org.opensuse.security:obj:2009030447"/> 62657 <state state_ref="oval:org.opensuse.security:ste:2009039491"/> 62658 </rpminfo_test> 62659 <rpminfo_test id="oval:org.opensuse.security:tst:2009068176" version="1" comment="samba-winbind-32bit is <3.0.36-0.13.14.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62660 <object object_ref="oval:org.opensuse.security:obj:2009030771"/> 62661 <state state_ref="oval:org.opensuse.security:ste:2009039489"/> 62662 </rpminfo_test> 62663 <rpminfo_test id="oval:org.opensuse.security:tst:2009068177" version="1" comment="samba-winbind is <3.0.36-0.13.14.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62664 <object object_ref="oval:org.opensuse.security:obj:2009030448"/> 62665 <state state_ref="oval:org.opensuse.security:ste:2009039489"/> 62666 </rpminfo_test> 62667 <rpminfo_test id="oval:org.opensuse.security:tst:2009068178" version="1" comment="samba is <3.0.36-0.13.14.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62668 <object object_ref="oval:org.opensuse.security:obj:2009030429"/> 62669 <state state_ref="oval:org.opensuse.security:ste:2009039489"/> 62670 </rpminfo_test> 62671 <rpminfo_test id="oval:org.opensuse.security:tst:2009068192" version="1" comment="cifs-mount is <3.0.36-0.13.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62672 <object object_ref="oval:org.opensuse.security:obj:2009031336"/> 62673 <state state_ref="oval:org.opensuse.security:ste:2009039492"/> 62674 </rpminfo_test> 62675 <rpminfo_test id="oval:org.opensuse.security:tst:2009068193" version="1" comment="ldapsmb is <1.34b-25.13.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62676 <object object_ref="oval:org.opensuse.security:obj:2009030746"/> 62677 <state state_ref="oval:org.opensuse.security:ste:2009039493"/> 62678 </rpminfo_test> 62679 <rpminfo_test id="oval:org.opensuse.security:tst:2009068194" version="1" comment="libsmbclient-32bit is <3.0.36-0.13.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62680 <object object_ref="oval:org.opensuse.security:obj:2009030745"/> 62681 <state state_ref="oval:org.opensuse.security:ste:2009039492"/> 62682 </rpminfo_test> 62683 <rpminfo_test id="oval:org.opensuse.security:tst:2009068195" version="1" comment="libsmbclient-devel is <3.0.36-0.13.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62684 <object object_ref="oval:org.opensuse.security:obj:2009030441"/> 62685 <state state_ref="oval:org.opensuse.security:ste:2009039492"/> 62686 </rpminfo_test> 62687 <rpminfo_test id="oval:org.opensuse.security:tst:2009068196" version="1" comment="libsmbclient is <3.0.36-0.13.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62688 <object object_ref="oval:org.opensuse.security:obj:2009030442"/> 62689 <state state_ref="oval:org.opensuse.security:ste:2009039492"/> 62690 </rpminfo_test> 62691 <rpminfo_test id="oval:org.opensuse.security:tst:2009068197" version="1" comment="samba-32bit is <3.0.36-0.13.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62692 <object object_ref="oval:org.opensuse.security:obj:2009030769"/> 62693 <state state_ref="oval:org.opensuse.security:ste:2009039492"/> 62694 </rpminfo_test> 62695 <rpminfo_test id="oval:org.opensuse.security:tst:2009068198" version="1" comment="samba-client-32bit is <3.0.36-0.13.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62696 <object object_ref="oval:org.opensuse.security:obj:2009030770"/> 62697 <state state_ref="oval:org.opensuse.security:ste:2009039492"/> 62698 </rpminfo_test> 62699 <rpminfo_test id="oval:org.opensuse.security:tst:2009068199" version="1" comment="samba-client is <3.0.36-0.13.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62700 <object object_ref="oval:org.opensuse.security:obj:2009030443"/> 62701 <state state_ref="oval:org.opensuse.security:ste:2009039492"/> 62702 </rpminfo_test> 62703 <rpminfo_test id="oval:org.opensuse.security:tst:2009068200" version="1" comment="samba-krb-printing is <3.0.36-0.13.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62704 <object object_ref="oval:org.opensuse.security:obj:2009031344"/> 62705 <state state_ref="oval:org.opensuse.security:ste:2009039492"/> 62706 </rpminfo_test> 62707 <rpminfo_test id="oval:org.opensuse.security:tst:2009068201" version="1" comment="samba-vscan is <0.3.6b-43.13.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62708 <object object_ref="oval:org.opensuse.security:obj:2009030447"/> 62709 <state state_ref="oval:org.opensuse.security:ste:2009039494"/> 62710 </rpminfo_test> 62711 <rpminfo_test id="oval:org.opensuse.security:tst:2009068202" version="1" comment="samba-winbind-32bit is <3.0.36-0.13.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62712 <object object_ref="oval:org.opensuse.security:obj:2009030771"/> 62713 <state state_ref="oval:org.opensuse.security:ste:2009039492"/> 62714 </rpminfo_test> 62715 <rpminfo_test id="oval:org.opensuse.security:tst:2009068203" version="1" comment="samba-winbind is <3.0.36-0.13.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62716 <object object_ref="oval:org.opensuse.security:obj:2009030448"/> 62717 <state state_ref="oval:org.opensuse.security:ste:2009039492"/> 62718 </rpminfo_test> 62719 <rpminfo_test id="oval:org.opensuse.security:tst:2009068204" version="1" comment="samba is <3.0.36-0.13.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62720 <object object_ref="oval:org.opensuse.security:obj:2009030429"/> 62721 <state state_ref="oval:org.opensuse.security:ste:2009039492"/> 62722 </rpminfo_test> 62723 <rpminfo_test id="oval:org.opensuse.security:tst:2009069778" version="1" comment="kernel-default is <2.6.16.60-0.89.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62724 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 62725 <state state_ref="oval:org.opensuse.security:ste:2009039794"/> 62726 </rpminfo_test> 62727 <rpminfo_test id="oval:org.opensuse.security:tst:2009069784" version="1" comment="kernel-smp is <2.6.16.60-0.89.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62728 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 62729 <state state_ref="oval:org.opensuse.security:ste:2009039794"/> 62730 </rpminfo_test> 62731 <rpminfo_test id="oval:org.opensuse.security:tst:2009069782" version="1" comment="kernel-source is <2.6.16.60-0.89.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62732 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 62733 <state state_ref="oval:org.opensuse.security:ste:2009039794"/> 62734 </rpminfo_test> 62735 <rpminfo_test id="oval:org.opensuse.security:tst:2009069783" version="1" comment="kernel-syms is <2.6.16.60-0.89.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62736 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 62737 <state state_ref="oval:org.opensuse.security:ste:2009039794"/> 62738 </rpminfo_test> 62739 <rpminfo_test id="oval:org.opensuse.security:tst:2009069785" version="1" comment="kernel-xen is <2.6.16.60-0.89.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62740 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 62741 <state state_ref="oval:org.opensuse.security:ste:2009039794"/> 62742 </rpminfo_test> 62743 <rpminfo_test id="oval:org.opensuse.security:tst:2009069787" version="1" comment="kernel-bigsmp is <2.6.16.60-0.89.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62744 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 62745 <state state_ref="oval:org.opensuse.security:ste:2009039794"/> 62746 </rpminfo_test> 62747 <rpminfo_test id="oval:org.opensuse.security:tst:2009069788" version="1" comment="kernel-xenpae is <2.6.16.60-0.89.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62748 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 62749 <state state_ref="oval:org.opensuse.security:ste:2009039794"/> 62750 </rpminfo_test> 62751 <rpminfo_test id="oval:org.opensuse.security:tst:2009074608" version="1" comment="t1lib is <1.3.1-585.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62752 <object object_ref="oval:org.opensuse.security:obj:2009030760"/> 62753 <state state_ref="oval:org.opensuse.security:ste:2009040550"/> 62754 </rpminfo_test> 62755 <rpminfo_test id="oval:org.opensuse.security:tst:2009068776" version="1" comment="java-1_6_0-sun-32bit is <1.6.0.u26-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62756 <object object_ref="oval:org.opensuse.security:obj:2009033986"/> 62757 <state state_ref="oval:org.opensuse.security:ste:2009039633"/> 62758 </rpminfo_test> 62759 <rpminfo_test id="oval:org.opensuse.security:tst:2009068777" version="1" comment="java-1_6_0-sun-alsa is <1.6.0.u26-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62760 <object object_ref="oval:org.opensuse.security:obj:2009031443"/> 62761 <state state_ref="oval:org.opensuse.security:ste:2009039633"/> 62762 </rpminfo_test> 62763 <rpminfo_test id="oval:org.opensuse.security:tst:2009068778" version="1" comment="java-1_6_0-sun-demo is <1.6.0.u26-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62764 <object object_ref="oval:org.opensuse.security:obj:2009031444"/> 62765 <state state_ref="oval:org.opensuse.security:ste:2009039633"/> 62766 </rpminfo_test> 62767 <rpminfo_test id="oval:org.opensuse.security:tst:2009068779" version="1" comment="java-1_6_0-sun-devel is <1.6.0.u26-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62768 <object object_ref="oval:org.opensuse.security:obj:2009031445"/> 62769 <state state_ref="oval:org.opensuse.security:ste:2009039633"/> 62770 </rpminfo_test> 62771 <rpminfo_test id="oval:org.opensuse.security:tst:2009068780" version="1" comment="java-1_6_0-sun-jdbc is <1.6.0.u26-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62772 <object object_ref="oval:org.opensuse.security:obj:2009031446"/> 62773 <state state_ref="oval:org.opensuse.security:ste:2009039633"/> 62774 </rpminfo_test> 62775 <rpminfo_test id="oval:org.opensuse.security:tst:2009068781" version="1" comment="java-1_6_0-sun-plugin-32bit is <1.6.0.u26-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62776 <object object_ref="oval:org.opensuse.security:obj:2009033987"/> 62777 <state state_ref="oval:org.opensuse.security:ste:2009039633"/> 62778 </rpminfo_test> 62779 <rpminfo_test id="oval:org.opensuse.security:tst:2009068782" version="1" comment="java-1_6_0-sun-plugin is <1.6.0.u26-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62780 <object object_ref="oval:org.opensuse.security:obj:2009031447"/> 62781 <state state_ref="oval:org.opensuse.security:ste:2009039633"/> 62782 </rpminfo_test> 62783 <rpminfo_test id="oval:org.opensuse.security:tst:2009068783" version="1" comment="java-1_6_0-sun-src is <1.6.0.u26-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62784 <object object_ref="oval:org.opensuse.security:obj:2009031908"/> 62785 <state state_ref="oval:org.opensuse.security:ste:2009039633"/> 62786 </rpminfo_test> 62787 <rpminfo_test id="oval:org.opensuse.security:tst:2009068784" version="1" comment="java-1_6_0-sun is <1.6.0.u26-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62788 <object object_ref="oval:org.opensuse.security:obj:2009031448"/> 62789 <state state_ref="oval:org.opensuse.security:ste:2009039633"/> 62790 </rpminfo_test> 62791 <rpminfo_test id="oval:org.opensuse.security:tst:2009069680" version="1" comment="java-1_5_0-ibm-32bit is <1.5.0_sr12.5-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62792 <object object_ref="oval:org.opensuse.security:obj:2009032707"/> 62793 <state state_ref="oval:org.opensuse.security:ste:2009039772"/> 62794 </rpminfo_test> 62795 <rpminfo_test id="oval:org.opensuse.security:tst:2009069682" version="1" comment="java-1_5_0-ibm-alsa-32bit is <1.5.0_sr12.5-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62796 <object object_ref="oval:org.opensuse.security:obj:2009032708"/> 62797 <state state_ref="oval:org.opensuse.security:ste:2009039772"/> 62798 </rpminfo_test> 62799 <rpminfo_test id="oval:org.opensuse.security:tst:2009069683" version="1" comment="java-1_5_0-ibm-alsa is <1.5.0_sr12.5-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62800 <object object_ref="oval:org.opensuse.security:obj:2009032709"/> 62801 <state state_ref="oval:org.opensuse.security:ste:2009039772"/> 62802 </rpminfo_test> 62803 <rpminfo_test id="oval:org.opensuse.security:tst:2009069690" version="1" comment="java-1_5_0-ibm-demo is <1.5.0_sr12.5-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62804 <object object_ref="oval:org.opensuse.security:obj:2009032710"/> 62805 <state state_ref="oval:org.opensuse.security:ste:2009039772"/> 62806 </rpminfo_test> 62807 <rpminfo_test id="oval:org.opensuse.security:tst:2009069684" version="1" comment="java-1_5_0-ibm-devel-32bit is <1.5.0_sr12.5-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62808 <object object_ref="oval:org.opensuse.security:obj:2009032711"/> 62809 <state state_ref="oval:org.opensuse.security:ste:2009039772"/> 62810 </rpminfo_test> 62811 <rpminfo_test id="oval:org.opensuse.security:tst:2009069685" version="1" comment="java-1_5_0-ibm-devel is <1.5.0_sr12.5-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62812 <object object_ref="oval:org.opensuse.security:obj:2009032712"/> 62813 <state state_ref="oval:org.opensuse.security:ste:2009039772"/> 62814 </rpminfo_test> 62815 <rpminfo_test id="oval:org.opensuse.security:tst:2009069686" version="1" comment="java-1_5_0-ibm-fonts is <1.5.0_sr12.5-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62816 <object object_ref="oval:org.opensuse.security:obj:2009032773"/> 62817 <state state_ref="oval:org.opensuse.security:ste:2009039772"/> 62818 </rpminfo_test> 62819 <rpminfo_test id="oval:org.opensuse.security:tst:2009069687" version="1" comment="java-1_5_0-ibm-jdbc is <1.5.0_sr12.5-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62820 <object object_ref="oval:org.opensuse.security:obj:2009032713"/> 62821 <state state_ref="oval:org.opensuse.security:ste:2009039772"/> 62822 </rpminfo_test> 62823 <rpminfo_test id="oval:org.opensuse.security:tst:2009069688" version="1" comment="java-1_5_0-ibm-plugin is <1.5.0_sr12.5-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62824 <object object_ref="oval:org.opensuse.security:obj:2009032714"/> 62825 <state state_ref="oval:org.opensuse.security:ste:2009039772"/> 62826 </rpminfo_test> 62827 <rpminfo_test id="oval:org.opensuse.security:tst:2009069691" version="1" comment="java-1_5_0-ibm-src is <1.5.0_sr12.5-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62828 <object object_ref="oval:org.opensuse.security:obj:2009032715"/> 62829 <state state_ref="oval:org.opensuse.security:ste:2009039772"/> 62830 </rpminfo_test> 62831 <rpminfo_test id="oval:org.opensuse.security:tst:2009069689" version="1" comment="java-1_5_0-ibm is <1.5.0_sr12.5-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62832 <object object_ref="oval:org.opensuse.security:obj:2009032716"/> 62833 <state state_ref="oval:org.opensuse.security:ste:2009039772"/> 62834 </rpminfo_test> 62835 <rpminfo_test id="oval:org.opensuse.security:tst:2009068743" version="1" comment="vino is <2.12.0-25.25.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62836 <object object_ref="oval:org.opensuse.security:obj:2009034537"/> 62837 <state state_ref="oval:org.opensuse.security:ste:2009039624"/> 62838 </rpminfo_test> 62839 <rpminfo_test id="oval:org.opensuse.security:tst:2009066978" version="1" comment="pure-ftpd is <1.0.22-0.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62840 <object object_ref="oval:org.opensuse.security:obj:2009031078"/> 62841 <state state_ref="oval:org.opensuse.security:ste:2009039194"/> 62842 </rpminfo_test> 62843 <rpminfo_test id="oval:org.opensuse.security:tst:2009066982" version="1" comment="dhcpcd is <1.3.22pl4-223.16.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62844 <object object_ref="oval:org.opensuse.security:obj:2009030539"/> 62845 <state state_ref="oval:org.opensuse.security:ste:2009039196"/> 62846 </rpminfo_test> 62847 <rpminfo_test id="oval:org.opensuse.security:tst:2009067061" version="1" comment="dhcpcd is <1.3.22pl4-223.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62848 <object object_ref="oval:org.opensuse.security:obj:2009030539"/> 62849 <state state_ref="oval:org.opensuse.security:ste:2009039219"/> 62850 </rpminfo_test> 62851 <rpminfo_test id="oval:org.opensuse.security:tst:2009067195" version="1" comment="dhcp-client is <3.0.7-7.13.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62852 <object object_ref="oval:org.opensuse.security:obj:2009030726"/> 62853 <state state_ref="oval:org.opensuse.security:ste:2009039235"/> 62854 </rpminfo_test> 62855 <rpminfo_test id="oval:org.opensuse.security:tst:2009067196" version="1" comment="dhcp is <3.0.7-7.13.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62856 <object object_ref="oval:org.opensuse.security:obj:2009030729"/> 62857 <state state_ref="oval:org.opensuse.security:ste:2009039235"/> 62858 </rpminfo_test> 62859 <rpminfo_test id="oval:org.opensuse.security:tst:2009067200" version="1" comment="dhcp-client is <3.0.7-7.7.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62860 <object object_ref="oval:org.opensuse.security:obj:2009030726"/> 62861 <state state_ref="oval:org.opensuse.security:ste:2009039236"/> 62862 </rpminfo_test> 62863 <rpminfo_test id="oval:org.opensuse.security:tst:2009067201" version="1" comment="dhcp is <3.0.7-7.7.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62864 <object object_ref="oval:org.opensuse.security:obj:2009030729"/> 62865 <state state_ref="oval:org.opensuse.security:ste:2009039236"/> 62866 </rpminfo_test> 62867 <rpminfo_test id="oval:org.opensuse.security:tst:2009067205" version="1" comment="dhcp-client is <3.0.7-7.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62868 <object object_ref="oval:org.opensuse.security:obj:2009030726"/> 62869 <state state_ref="oval:org.opensuse.security:ste:2009039237"/> 62870 </rpminfo_test> 62871 <rpminfo_test id="oval:org.opensuse.security:tst:2009067206" version="1" comment="dhcp is <3.0.7-7.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62872 <object object_ref="oval:org.opensuse.security:obj:2009030729"/> 62873 <state state_ref="oval:org.opensuse.security:ste:2009039237"/> 62874 </rpminfo_test> 62875 <rpminfo_test id="oval:org.opensuse.security:tst:2009066578" version="1" comment="clamav is <0.97-5.5.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62876 <object object_ref="oval:org.opensuse.security:obj:2009030961"/> 62877 <state state_ref="oval:org.opensuse.security:ste:2009039138"/> 62878 </rpminfo_test> 62879 <rpminfo_test id="oval:org.opensuse.security:tst:2009073858" version="1" comment="python-32bit is <2.4.2-18.41.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62880 <object object_ref="oval:org.opensuse.security:obj:2009030554"/> 62881 <state state_ref="oval:org.opensuse.security:ste:2009040457"/> 62882 </rpminfo_test> 62883 <rpminfo_test id="oval:org.opensuse.security:tst:2009073859" version="1" comment="python-curses is <2.4.2-18.41.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62884 <object object_ref="oval:org.opensuse.security:obj:2009030555"/> 62885 <state state_ref="oval:org.opensuse.security:ste:2009040457"/> 62886 </rpminfo_test> 62887 <rpminfo_test id="oval:org.opensuse.security:tst:2009073860" version="1" comment="python-devel is <2.4.2-18.41.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62888 <object object_ref="oval:org.opensuse.security:obj:2009030557"/> 62889 <state state_ref="oval:org.opensuse.security:ste:2009040457"/> 62890 </rpminfo_test> 62891 <rpminfo_test id="oval:org.opensuse.security:tst:2009073861" version="1" comment="python-gdbm is <2.4.2-18.41.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62892 <object object_ref="oval:org.opensuse.security:obj:2009030560"/> 62893 <state state_ref="oval:org.opensuse.security:ste:2009040457"/> 62894 </rpminfo_test> 62895 <rpminfo_test id="oval:org.opensuse.security:tst:2009073862" version="1" comment="python-tk is <2.4.2-18.41.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62896 <object object_ref="oval:org.opensuse.security:obj:2009030563"/> 62897 <state state_ref="oval:org.opensuse.security:ste:2009040457"/> 62898 </rpminfo_test> 62899 <rpminfo_test id="oval:org.opensuse.security:tst:2009073863" version="1" comment="python-xml is <2.4.2-18.41.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62900 <object object_ref="oval:org.opensuse.security:obj:2009030564"/> 62901 <state state_ref="oval:org.opensuse.security:ste:2009040457"/> 62902 </rpminfo_test> 62903 <rpminfo_test id="oval:org.opensuse.security:tst:2009073864" version="1" comment="python is <2.4.2-18.41.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62904 <object object_ref="oval:org.opensuse.security:obj:2009030463"/> 62905 <state state_ref="oval:org.opensuse.security:ste:2009040457"/> 62906 </rpminfo_test> 62907 <rpminfo_test id="oval:org.opensuse.security:tst:2009076031" version="1" comment="glibc-32bit is <2.4-31.103.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62908 <object object_ref="oval:org.opensuse.security:obj:2009031922"/> 62909 <state state_ref="oval:org.opensuse.security:ste:2009040750"/> 62910 </rpminfo_test> 62911 <rpminfo_test id="oval:org.opensuse.security:tst:2009076032" version="1" comment="glibc-devel-32bit is <2.4-31.103.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62912 <object object_ref="oval:org.opensuse.security:obj:2009031923"/> 62913 <state state_ref="oval:org.opensuse.security:ste:2009040750"/> 62914 </rpminfo_test> 62915 <rpminfo_test id="oval:org.opensuse.security:tst:2009076033" version="1" comment="glibc-devel is <2.4-31.103.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62916 <object object_ref="oval:org.opensuse.security:obj:2009031924"/> 62917 <state state_ref="oval:org.opensuse.security:ste:2009040750"/> 62918 </rpminfo_test> 62919 <rpminfo_test id="oval:org.opensuse.security:tst:2009076034" version="1" comment="glibc-html is <2.4-31.103.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62920 <object object_ref="oval:org.opensuse.security:obj:2009032391"/> 62921 <state state_ref="oval:org.opensuse.security:ste:2009040750"/> 62922 </rpminfo_test> 62923 <rpminfo_test id="oval:org.opensuse.security:tst:2009076035" version="1" comment="glibc-i18ndata is <2.4-31.103.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62924 <object object_ref="oval:org.opensuse.security:obj:2009032392"/> 62925 <state state_ref="oval:org.opensuse.security:ste:2009040750"/> 62926 </rpminfo_test> 62927 <rpminfo_test id="oval:org.opensuse.security:tst:2009076036" version="1" comment="glibc-info is <2.4-31.103.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62928 <object object_ref="oval:org.opensuse.security:obj:2009032393"/> 62929 <state state_ref="oval:org.opensuse.security:ste:2009040750"/> 62930 </rpminfo_test> 62931 <rpminfo_test id="oval:org.opensuse.security:tst:2009076037" version="1" comment="glibc-locale-32bit is <2.4-31.103.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62932 <object object_ref="oval:org.opensuse.security:obj:2009030531"/> 62933 <state state_ref="oval:org.opensuse.security:ste:2009040750"/> 62934 </rpminfo_test> 62935 <rpminfo_test id="oval:org.opensuse.security:tst:2009076038" version="1" comment="glibc-locale is <2.4-31.103.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62936 <object object_ref="oval:org.opensuse.security:obj:2009031925"/> 62937 <state state_ref="oval:org.opensuse.security:ste:2009040750"/> 62938 </rpminfo_test> 62939 <rpminfo_test id="oval:org.opensuse.security:tst:2009076039" version="1" comment="glibc is <2.4-31.103.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62940 <object object_ref="oval:org.opensuse.security:obj:2009031926"/> 62941 <state state_ref="oval:org.opensuse.security:ste:2009040750"/> 62942 </rpminfo_test> 62943 <rpminfo_test id="oval:org.opensuse.security:tst:2009076040" version="1" comment="nscd is <2.4-31.103.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62944 <object object_ref="oval:org.opensuse.security:obj:2009032399"/> 62945 <state state_ref="oval:org.opensuse.security:ste:2009040750"/> 62946 </rpminfo_test> 62947 <rpminfo_test id="oval:org.opensuse.security:tst:2009070265" version="1" comment="ncpfs is <2.2.6-24.19.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62948 <object object_ref="oval:org.opensuse.security:obj:2009030460"/> 62949 <state state_ref="oval:org.opensuse.security:ste:2009039900"/> 62950 </rpminfo_test> 62951 <rpminfo_test id="oval:org.opensuse.security:tst:2009072458" version="1" comment="finch is <2.6.6-0.12.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62952 <object object_ref="oval:org.opensuse.security:obj:2009031748"/> 62953 <state state_ref="oval:org.opensuse.security:ste:2009040239"/> 62954 </rpminfo_test> 62955 <rpminfo_test id="oval:org.opensuse.security:tst:2009072459" version="1" comment="libpurple is <2.6.6-0.12.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62956 <object object_ref="oval:org.opensuse.security:obj:2009031423"/> 62957 <state state_ref="oval:org.opensuse.security:ste:2009040239"/> 62958 </rpminfo_test> 62959 <rpminfo_test id="oval:org.opensuse.security:tst:2009072460" version="1" comment="pidgin is <2.6.6-0.12.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62960 <object object_ref="oval:org.opensuse.security:obj:2009031752"/> 62961 <state state_ref="oval:org.opensuse.security:ste:2009040239"/> 62962 </rpminfo_test> 62963 <rpminfo_test id="oval:org.opensuse.security:tst:2009068589" version="1" comment="logrotate is <3.7.3-13.15.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62964 <object object_ref="oval:org.opensuse.security:obj:2009034546"/> 62965 <state state_ref="oval:org.opensuse.security:ste:2009039588"/> 62966 </rpminfo_test> 62967 <rpminfo_test id="oval:org.opensuse.security:tst:2009069241" version="1" comment="xen-devel is <3.2.3_17040_36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62968 <object object_ref="oval:org.opensuse.security:obj:2009031479"/> 62969 <state state_ref="oval:org.opensuse.security:ste:2009039684"/> 62970 </rpminfo_test> 62971 <rpminfo_test id="oval:org.opensuse.security:tst:2009069242" version="1" comment="xen-doc-html is <3.2.3_17040_36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62972 <object object_ref="oval:org.opensuse.security:obj:2009031480"/> 62973 <state state_ref="oval:org.opensuse.security:ste:2009039684"/> 62974 </rpminfo_test> 62975 <rpminfo_test id="oval:org.opensuse.security:tst:2009069243" version="1" comment="xen-doc-pdf is <3.2.3_17040_36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62976 <object object_ref="oval:org.opensuse.security:obj:2009031481"/> 62977 <state state_ref="oval:org.opensuse.security:ste:2009039684"/> 62978 </rpminfo_test> 62979 <rpminfo_test id="oval:org.opensuse.security:tst:2009069244" version="1" comment="xen-doc-ps is <3.2.3_17040_36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62980 <object object_ref="oval:org.opensuse.security:obj:2009032233"/> 62981 <state state_ref="oval:org.opensuse.security:ste:2009039684"/> 62982 </rpminfo_test> 62983 <rpminfo_test id="oval:org.opensuse.security:tst:2009069245" version="1" comment="xen-kmp-bigsmp is <3.2.3_17040_36_2.6.16.60_0.87.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62984 <object object_ref="oval:org.opensuse.security:obj:2009034576"/> 62985 <state state_ref="oval:org.opensuse.security:ste:2009039685"/> 62986 </rpminfo_test> 62987 <rpminfo_test id="oval:org.opensuse.security:tst:2009069246" version="1" comment="xen-kmp-default is <3.2.3_17040_36_2.6.16.60_0.87.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62988 <object object_ref="oval:org.opensuse.security:obj:2009033788"/> 62989 <state state_ref="oval:org.opensuse.security:ste:2009039685"/> 62990 </rpminfo_test> 62991 <rpminfo_test id="oval:org.opensuse.security:tst:2009069247" version="1" comment="xen-kmp-smp is <3.2.3_17040_36_2.6.16.60_0.87.4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62992 <object object_ref="oval:org.opensuse.security:obj:2009034577"/> 62993 <state state_ref="oval:org.opensuse.security:ste:2009039685"/> 62994 </rpminfo_test> 62995 <rpminfo_test id="oval:org.opensuse.security:tst:2009069248" version="1" comment="xen-libs-32bit is <3.2.3_17040_36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 62996 <object object_ref="oval:org.opensuse.security:obj:2009032234"/> 62997 <state state_ref="oval:org.opensuse.security:ste:2009039684"/> 62998 </rpminfo_test> 62999 <rpminfo_test id="oval:org.opensuse.security:tst:2009069249" version="1" comment="xen-libs is <3.2.3_17040_36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63000 <object object_ref="oval:org.opensuse.security:obj:2009031482"/> 63001 <state state_ref="oval:org.opensuse.security:ste:2009039684"/> 63002 </rpminfo_test> 63003 <rpminfo_test id="oval:org.opensuse.security:tst:2009069250" version="1" comment="xen-tools-domU is <3.2.3_17040_36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63004 <object object_ref="oval:org.opensuse.security:obj:2009031483"/> 63005 <state state_ref="oval:org.opensuse.security:ste:2009039684"/> 63006 </rpminfo_test> 63007 <rpminfo_test id="oval:org.opensuse.security:tst:2009069251" version="1" comment="xen-tools-ioemu is <3.2.3_17040_36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63008 <object object_ref="oval:org.opensuse.security:obj:2009031484"/> 63009 <state state_ref="oval:org.opensuse.security:ste:2009039684"/> 63010 </rpminfo_test> 63011 <rpminfo_test id="oval:org.opensuse.security:tst:2009069252" version="1" comment="xen-tools is <3.2.3_17040_36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63012 <object object_ref="oval:org.opensuse.security:obj:2009031485"/> 63013 <state state_ref="oval:org.opensuse.security:ste:2009039684"/> 63014 </rpminfo_test> 63015 <rpminfo_test id="oval:org.opensuse.security:tst:2009069253" version="1" comment="xen is <3.2.3_17040_36-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63016 <object object_ref="oval:org.opensuse.security:obj:2009031486"/> 63017 <state state_ref="oval:org.opensuse.security:ste:2009039684"/> 63018 </rpminfo_test> 63019 <rpminfo_test id="oval:org.opensuse.security:tst:2009068701" version="1" comment="gimp-devel is <2.2.10-22.38.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63020 <object object_ref="oval:org.opensuse.security:obj:2009030654"/> 63021 <state state_ref="oval:org.opensuse.security:ste:2009039614"/> 63022 </rpminfo_test> 63023 <rpminfo_test id="oval:org.opensuse.security:tst:2009068702" version="1" comment="gimp is <2.2.10-22.38.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63024 <object object_ref="oval:org.opensuse.security:obj:2009030642"/> 63025 <state state_ref="oval:org.opensuse.security:ste:2009039614"/> 63026 </rpminfo_test> 63027 <rpminfo_test id="oval:org.opensuse.security:tst:2009074355" version="1" comment="MozillaFirefox-branding-SLED is <7-0.8.12" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63028 <object object_ref="oval:org.opensuse.security:obj:2009033270"/> 63029 <state state_ref="oval:org.opensuse.security:ste:2009040508"/> 63030 </rpminfo_test> 63031 <rpminfo_test id="oval:org.opensuse.security:tst:2009074356" version="1" comment="MozillaFirefox-translations is <10.0.4-0.7.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63032 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 63033 <state state_ref="oval:org.opensuse.security:ste:2009040509"/> 63034 </rpminfo_test> 63035 <rpminfo_test id="oval:org.opensuse.security:tst:2009074357" version="1" comment="MozillaFirefox is <10.0.4-0.7.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63036 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 63037 <state state_ref="oval:org.opensuse.security:ste:2009040509"/> 63038 </rpminfo_test> 63039 <rpminfo_test id="oval:org.opensuse.security:tst:2009074358" version="1" comment="beagle-evolution is <0.2.18-78.13.1.102" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63040 <object object_ref="oval:org.opensuse.security:obj:2009032007"/> 63041 <state state_ref="oval:org.opensuse.security:ste:2009040510"/> 63042 </rpminfo_test> 63043 <rpminfo_test id="oval:org.opensuse.security:tst:2009074359" version="1" comment="beagle-firefox is <0.2.18-78.13.1.102" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63044 <object object_ref="oval:org.opensuse.security:obj:2009032008"/> 63045 <state state_ref="oval:org.opensuse.security:ste:2009040510"/> 63046 </rpminfo_test> 63047 <rpminfo_test id="oval:org.opensuse.security:tst:2009074360" version="1" comment="beagle-gui is <0.2.18-78.13.1.102" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63048 <object object_ref="oval:org.opensuse.security:obj:2009032009"/> 63049 <state state_ref="oval:org.opensuse.security:ste:2009040510"/> 63050 </rpminfo_test> 63051 <rpminfo_test id="oval:org.opensuse.security:tst:2009074361" version="1" comment="beagle is <0.2.18-78.13.1.102" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63052 <object object_ref="oval:org.opensuse.security:obj:2009032010"/> 63053 <state state_ref="oval:org.opensuse.security:ste:2009040510"/> 63054 </rpminfo_test> 63055 <rpminfo_test id="oval:org.opensuse.security:tst:2009074362" version="1" comment="firefox3-gtk2-32bit is <2.10.6-0.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63056 <object object_ref="oval:org.opensuse.security:obj:2009033277"/> 63057 <state state_ref="oval:org.opensuse.security:ste:2009040511"/> 63058 </rpminfo_test> 63059 <rpminfo_test id="oval:org.opensuse.security:tst:2009074363" version="1" comment="firefox3-gtk2 is <2.10.6-0.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63060 <object object_ref="oval:org.opensuse.security:obj:2009033278"/> 63061 <state state_ref="oval:org.opensuse.security:ste:2009040511"/> 63062 </rpminfo_test> 63063 <rpminfo_test id="oval:org.opensuse.security:tst:2009074364" version="1" comment="mhtml-firefox is <0.5-1.11.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63064 <object object_ref="oval:org.opensuse.security:obj:2009033688"/> 63065 <state state_ref="oval:org.opensuse.security:ste:2009040512"/> 63066 </rpminfo_test> 63067 <rpminfo_test id="oval:org.opensuse.security:tst:2009074365" version="1" comment="mozilla-nss-32bit is <3.13.4-0.5.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63068 <object object_ref="oval:org.opensuse.security:obj:2009032437"/> 63069 <state state_ref="oval:org.opensuse.security:ste:2009040513"/> 63070 </rpminfo_test> 63071 <rpminfo_test id="oval:org.opensuse.security:tst:2009074366" version="1" comment="mozilla-nss-devel is <3.13.4-0.5.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63072 <object object_ref="oval:org.opensuse.security:obj:2009032439"/> 63073 <state state_ref="oval:org.opensuse.security:ste:2009040513"/> 63074 </rpminfo_test> 63075 <rpminfo_test id="oval:org.opensuse.security:tst:2009074367" version="1" comment="mozilla-nss-tools is <3.13.4-0.5.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63076 <object object_ref="oval:org.opensuse.security:obj:2009032444"/> 63077 <state state_ref="oval:org.opensuse.security:ste:2009040513"/> 63078 </rpminfo_test> 63079 <rpminfo_test id="oval:org.opensuse.security:tst:2009074368" version="1" comment="mozilla-nss is <3.13.4-0.5.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63080 <object object_ref="oval:org.opensuse.security:obj:2009032440"/> 63081 <state state_ref="oval:org.opensuse.security:ste:2009040513"/> 63082 </rpminfo_test> 63083 <rpminfo_test id="oval:org.opensuse.security:tst:2009071826" version="1" comment="acroread-cmaps is <9.4.6-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63084 <object object_ref="oval:org.opensuse.security:obj:2009033636"/> 63085 <state state_ref="oval:org.opensuse.security:ste:2009040115"/> 63086 </rpminfo_test> 63087 <rpminfo_test id="oval:org.opensuse.security:tst:2009071827" version="1" comment="acroread-fonts-ja is <9.4.6-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63088 <object object_ref="oval:org.opensuse.security:obj:2009033637"/> 63089 <state state_ref="oval:org.opensuse.security:ste:2009040115"/> 63090 </rpminfo_test> 63091 <rpminfo_test id="oval:org.opensuse.security:tst:2009071828" version="1" comment="acroread-fonts-ko is <9.4.6-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63092 <object object_ref="oval:org.opensuse.security:obj:2009033638"/> 63093 <state state_ref="oval:org.opensuse.security:ste:2009040115"/> 63094 </rpminfo_test> 63095 <rpminfo_test id="oval:org.opensuse.security:tst:2009071829" version="1" comment="acroread-fonts-zh_CN is <9.4.6-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63096 <object object_ref="oval:org.opensuse.security:obj:2009033639"/> 63097 <state state_ref="oval:org.opensuse.security:ste:2009040115"/> 63098 </rpminfo_test> 63099 <rpminfo_test id="oval:org.opensuse.security:tst:2009071830" version="1" comment="acroread-fonts-zh_TW is <9.4.6-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63100 <object object_ref="oval:org.opensuse.security:obj:2009033640"/> 63101 <state state_ref="oval:org.opensuse.security:ste:2009040115"/> 63102 </rpminfo_test> 63103 <rpminfo_test id="oval:org.opensuse.security:tst:2009071825" version="1" comment="acroread is <9.4.6-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63104 <object object_ref="oval:org.opensuse.security:obj:2009030440"/> 63105 <state state_ref="oval:org.opensuse.security:ste:2009040115"/> 63106 </rpminfo_test> 63107 <rpminfo_test id="oval:org.opensuse.security:tst:2009070816" version="1" comment="perl-32bit is <5.8.8-14.19.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63108 <object object_ref="oval:org.opensuse.security:obj:2009030599"/> 63109 <state state_ref="oval:org.opensuse.security:ste:2009040005"/> 63110 </rpminfo_test> 63111 <rpminfo_test id="oval:org.opensuse.security:tst:2009070819" version="1" comment="perl is <5.8.8-14.19.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63112 <object object_ref="oval:org.opensuse.security:obj:2009030410"/> 63113 <state state_ref="oval:org.opensuse.security:ste:2009040005"/> 63114 </rpminfo_test> 63115 <rpminfo_test id="oval:org.opensuse.security:tst:2009068548" version="1" comment="python-32bit is <2.4.2-18.37.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63116 <object object_ref="oval:org.opensuse.security:obj:2009030554"/> 63117 <state state_ref="oval:org.opensuse.security:ste:2009039575"/> 63118 </rpminfo_test> 63119 <rpminfo_test id="oval:org.opensuse.security:tst:2009068549" version="1" comment="python-curses is <2.4.2-18.37.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63120 <object object_ref="oval:org.opensuse.security:obj:2009030555"/> 63121 <state state_ref="oval:org.opensuse.security:ste:2009039575"/> 63122 </rpminfo_test> 63123 <rpminfo_test id="oval:org.opensuse.security:tst:2009068550" version="1" comment="python-devel is <2.4.2-18.37.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63124 <object object_ref="oval:org.opensuse.security:obj:2009030557"/> 63125 <state state_ref="oval:org.opensuse.security:ste:2009039575"/> 63126 </rpminfo_test> 63127 <rpminfo_test id="oval:org.opensuse.security:tst:2009068551" version="1" comment="python-gdbm is <2.4.2-18.37.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63128 <object object_ref="oval:org.opensuse.security:obj:2009030560"/> 63129 <state state_ref="oval:org.opensuse.security:ste:2009039575"/> 63130 </rpminfo_test> 63131 <rpminfo_test id="oval:org.opensuse.security:tst:2009068552" version="1" comment="python-tk is <2.4.2-18.37.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63132 <object object_ref="oval:org.opensuse.security:obj:2009030563"/> 63133 <state state_ref="oval:org.opensuse.security:ste:2009039575"/> 63134 </rpminfo_test> 63135 <rpminfo_test id="oval:org.opensuse.security:tst:2009068553" version="1" comment="python-xml is <2.4.2-18.37.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63136 <object object_ref="oval:org.opensuse.security:obj:2009030564"/> 63137 <state state_ref="oval:org.opensuse.security:ste:2009039575"/> 63138 </rpminfo_test> 63139 <rpminfo_test id="oval:org.opensuse.security:tst:2009068554" version="1" comment="python is <2.4.2-18.37.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63140 <object object_ref="oval:org.opensuse.security:obj:2009030463"/> 63141 <state state_ref="oval:org.opensuse.security:ste:2009039575"/> 63142 </rpminfo_test> 63143 <rpminfo_test id="oval:org.opensuse.security:tst:2009072356" version="1" comment="krb5-32bit is <1.4.3-19.49.49.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63144 <object object_ref="oval:org.opensuse.security:obj:2009031038"/> 63145 <state state_ref="oval:org.opensuse.security:ste:2009040226"/> 63146 </rpminfo_test> 63147 <rpminfo_test id="oval:org.opensuse.security:tst:2009072357" version="1" comment="krb5-client is <1.4.3-19.49.49.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63148 <object object_ref="oval:org.opensuse.security:obj:2009031041"/> 63149 <state state_ref="oval:org.opensuse.security:ste:2009040226"/> 63150 </rpminfo_test> 63151 <rpminfo_test id="oval:org.opensuse.security:tst:2009072358" version="1" comment="krb5-devel-32bit is <1.4.3-19.49.49.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63152 <object object_ref="oval:org.opensuse.security:obj:2009031476"/> 63153 <state state_ref="oval:org.opensuse.security:ste:2009040226"/> 63154 </rpminfo_test> 63155 <rpminfo_test id="oval:org.opensuse.security:tst:2009072359" version="1" comment="krb5-devel is <1.4.3-19.49.49.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63156 <object object_ref="oval:org.opensuse.security:obj:2009031478"/> 63157 <state state_ref="oval:org.opensuse.security:ste:2009040226"/> 63158 </rpminfo_test> 63159 <rpminfo_test id="oval:org.opensuse.security:tst:2009072360" version="1" comment="krb5 is <1.4.3-19.49.49.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63160 <object object_ref="oval:org.opensuse.security:obj:2009031044"/> 63161 <state state_ref="oval:org.opensuse.security:ste:2009040226"/> 63162 </rpminfo_test> 63163 <rpminfo_test id="oval:org.opensuse.security:tst:2009073171" version="1" comment="logrotate is <3.7.3-13.17.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63164 <object object_ref="oval:org.opensuse.security:obj:2009034546"/> 63165 <state state_ref="oval:org.opensuse.security:ste:2009040382"/> 63166 </rpminfo_test> 63167 <rpminfo_test id="oval:org.opensuse.security:tst:2009068728" version="1" comment="wireshark is <1.4.4-0.39.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63168 <object object_ref="oval:org.opensuse.security:obj:2009031055"/> 63169 <state state_ref="oval:org.opensuse.security:ste:2009039620"/> 63170 </rpminfo_test> 63171 <rpminfo_test id="oval:org.opensuse.security:tst:2009068571" version="1" comment="rdesktop is <1.6.0-39.6.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63172 <object object_ref="oval:org.opensuse.security:obj:2009030844"/> 63173 <state state_ref="oval:org.opensuse.security:ste:2009039578"/> 63174 </rpminfo_test> 63175 <rpminfo_test id="oval:org.opensuse.security:tst:2009068353" version="1" comment="postfix is <2.5.6-4.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63176 <object object_ref="oval:org.opensuse.security:obj:2009030854"/> 63177 <state state_ref="oval:org.opensuse.security:ste:2009039528"/> 63178 </rpminfo_test> 63179 <rpminfo_test id="oval:org.opensuse.security:tst:2009068732" version="1" comment="bind-libs-32bit is <9.6ESVR4P1-0.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63180 <object object_ref="oval:org.opensuse.security:obj:2009031555"/> 63181 <state state_ref="oval:org.opensuse.security:ste:2009039622"/> 63182 </rpminfo_test> 63183 <rpminfo_test id="oval:org.opensuse.security:tst:2009068733" version="1" comment="bind-libs is <9.6ESVR4P1-0.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63184 <object object_ref="oval:org.opensuse.security:obj:2009031557"/> 63185 <state state_ref="oval:org.opensuse.security:ste:2009039622"/> 63186 </rpminfo_test> 63187 <rpminfo_test id="oval:org.opensuse.security:tst:2009068734" version="1" comment="bind-utils is <9.6ESVR4P1-0.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63188 <object object_ref="oval:org.opensuse.security:obj:2009030649"/> 63189 <state state_ref="oval:org.opensuse.security:ste:2009039622"/> 63190 </rpminfo_test> 63191 <rpminfo_test id="oval:org.opensuse.security:tst:2009070000" version="1" comment="xen-devel is <3.2.3_17040_37-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63192 <object object_ref="oval:org.opensuse.security:obj:2009031479"/> 63193 <state state_ref="oval:org.opensuse.security:ste:2009039840"/> 63194 </rpminfo_test> 63195 <rpminfo_test id="oval:org.opensuse.security:tst:2009070001" version="1" comment="xen-doc-html is <3.2.3_17040_37-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63196 <object object_ref="oval:org.opensuse.security:obj:2009031480"/> 63197 <state state_ref="oval:org.opensuse.security:ste:2009039840"/> 63198 </rpminfo_test> 63199 <rpminfo_test id="oval:org.opensuse.security:tst:2009070002" version="1" comment="xen-doc-pdf is <3.2.3_17040_37-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63200 <object object_ref="oval:org.opensuse.security:obj:2009031481"/> 63201 <state state_ref="oval:org.opensuse.security:ste:2009039840"/> 63202 </rpminfo_test> 63203 <rpminfo_test id="oval:org.opensuse.security:tst:2009070003" version="1" comment="xen-doc-ps is <3.2.3_17040_37-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63204 <object object_ref="oval:org.opensuse.security:obj:2009032233"/> 63205 <state state_ref="oval:org.opensuse.security:ste:2009039840"/> 63206 </rpminfo_test> 63207 <rpminfo_test id="oval:org.opensuse.security:tst:2009070004" version="1" comment="xen-kmp-bigsmp is <3.2.3_17040_37_2.6.16.60_0.87.9-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63208 <object object_ref="oval:org.opensuse.security:obj:2009034576"/> 63209 <state state_ref="oval:org.opensuse.security:ste:2009039841"/> 63210 </rpminfo_test> 63211 <rpminfo_test id="oval:org.opensuse.security:tst:2009070005" version="1" comment="xen-kmp-default is <3.2.3_17040_37_2.6.16.60_0.87.9-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63212 <object object_ref="oval:org.opensuse.security:obj:2009033788"/> 63213 <state state_ref="oval:org.opensuse.security:ste:2009039841"/> 63214 </rpminfo_test> 63215 <rpminfo_test id="oval:org.opensuse.security:tst:2009070006" version="1" comment="xen-kmp-smp is <3.2.3_17040_37_2.6.16.60_0.87.9-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63216 <object object_ref="oval:org.opensuse.security:obj:2009034577"/> 63217 <state state_ref="oval:org.opensuse.security:ste:2009039841"/> 63218 </rpminfo_test> 63219 <rpminfo_test id="oval:org.opensuse.security:tst:2009070007" version="1" comment="xen-libs-32bit is <3.2.3_17040_37-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63220 <object object_ref="oval:org.opensuse.security:obj:2009032234"/> 63221 <state state_ref="oval:org.opensuse.security:ste:2009039840"/> 63222 </rpminfo_test> 63223 <rpminfo_test id="oval:org.opensuse.security:tst:2009070008" version="1" comment="xen-libs is <3.2.3_17040_37-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63224 <object object_ref="oval:org.opensuse.security:obj:2009031482"/> 63225 <state state_ref="oval:org.opensuse.security:ste:2009039840"/> 63226 </rpminfo_test> 63227 <rpminfo_test id="oval:org.opensuse.security:tst:2009070009" version="1" comment="xen-tools-domU is <3.2.3_17040_37-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63228 <object object_ref="oval:org.opensuse.security:obj:2009031483"/> 63229 <state state_ref="oval:org.opensuse.security:ste:2009039840"/> 63230 </rpminfo_test> 63231 <rpminfo_test id="oval:org.opensuse.security:tst:2009070010" version="1" comment="xen-tools-ioemu is <3.2.3_17040_37-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63232 <object object_ref="oval:org.opensuse.security:obj:2009031484"/> 63233 <state state_ref="oval:org.opensuse.security:ste:2009039840"/> 63234 </rpminfo_test> 63235 <rpminfo_test id="oval:org.opensuse.security:tst:2009070011" version="1" comment="xen-tools is <3.2.3_17040_37-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63236 <object object_ref="oval:org.opensuse.security:obj:2009031485"/> 63237 <state state_ref="oval:org.opensuse.security:ste:2009039840"/> 63238 </rpminfo_test> 63239 <rpminfo_test id="oval:org.opensuse.security:tst:2009070012" version="1" comment="xen is <3.2.3_17040_37-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63240 <object object_ref="oval:org.opensuse.security:obj:2009031486"/> 63241 <state state_ref="oval:org.opensuse.security:ste:2009039840"/> 63242 </rpminfo_test> 63243 <rpminfo_test id="oval:org.opensuse.security:tst:2009069546" version="1" comment="libxml2-32bit is <2.6.23-15.25.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63244 <object object_ref="oval:org.opensuse.security:obj:2009030809"/> 63245 <state state_ref="oval:org.opensuse.security:ste:2009039742"/> 63246 </rpminfo_test> 63247 <rpminfo_test id="oval:org.opensuse.security:tst:2009069547" version="1" comment="libxml2-devel-32bit is <2.6.23-15.25.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63248 <object object_ref="oval:org.opensuse.security:obj:2009031522"/> 63249 <state state_ref="oval:org.opensuse.security:ste:2009039742"/> 63250 </rpminfo_test> 63251 <rpminfo_test id="oval:org.opensuse.security:tst:2009069548" version="1" comment="libxml2-devel is <2.6.23-15.25.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63252 <object object_ref="oval:org.opensuse.security:obj:2009030405"/> 63253 <state state_ref="oval:org.opensuse.security:ste:2009039742"/> 63254 </rpminfo_test> 63255 <rpminfo_test id="oval:org.opensuse.security:tst:2009069549" version="1" comment="libxml2 is <2.6.23-15.25.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63256 <object object_ref="oval:org.opensuse.security:obj:2009030406"/> 63257 <state state_ref="oval:org.opensuse.security:ste:2009039742"/> 63258 </rpminfo_test> 63259 <rpminfo_test id="oval:org.opensuse.security:tst:2009068799" version="1" comment="openssl-32bit is <0.9.8a-18.52.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63260 <object object_ref="oval:org.opensuse.security:obj:2009030634"/> 63261 <state state_ref="oval:org.opensuse.security:ste:2009039636"/> 63262 </rpminfo_test> 63263 <rpminfo_test id="oval:org.opensuse.security:tst:2009068800" version="1" comment="openssl-devel-32bit is <0.9.8a-18.52.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63264 <object object_ref="oval:org.opensuse.security:obj:2009030635"/> 63265 <state state_ref="oval:org.opensuse.security:ste:2009039636"/> 63266 </rpminfo_test> 63267 <rpminfo_test id="oval:org.opensuse.security:tst:2009068801" version="1" comment="openssl-devel is <0.9.8a-18.52.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63268 <object object_ref="oval:org.opensuse.security:obj:2009030587"/> 63269 <state state_ref="oval:org.opensuse.security:ste:2009039636"/> 63270 </rpminfo_test> 63271 <rpminfo_test id="oval:org.opensuse.security:tst:2009068802" version="1" comment="openssl is <0.9.8a-18.52.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63272 <object object_ref="oval:org.opensuse.security:obj:2009030588"/> 63273 <state state_ref="oval:org.opensuse.security:ste:2009039636"/> 63274 </rpminfo_test> 63275 <rpminfo_test id="oval:org.opensuse.security:tst:2009069096" version="1" comment="libgnomesu-devel is <1.0.0-32.39.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63276 <object object_ref="oval:org.opensuse.security:obj:2009032347"/> 63277 <state state_ref="oval:org.opensuse.security:ste:2009039659"/> 63278 </rpminfo_test> 63279 <rpminfo_test id="oval:org.opensuse.security:tst:2009069097" version="1" comment="libgnomesu is <1.0.0-32.39.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63280 <object object_ref="oval:org.opensuse.security:obj:2009032348"/> 63281 <state state_ref="oval:org.opensuse.security:ste:2009039659"/> 63282 </rpminfo_test> 63283 <rpminfo_test id="oval:org.opensuse.security:tst:2009071189" version="1" comment="wireshark is <1.4.4-0.41.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63284 <object object_ref="oval:org.opensuse.security:obj:2009031055"/> 63285 <state state_ref="oval:org.opensuse.security:ste:2009040034"/> 63286 </rpminfo_test> 63287 <rpminfo_test id="oval:org.opensuse.security:tst:2009068744" version="1" comment="flash-player is <10.3.181.22-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63288 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 63289 <state state_ref="oval:org.opensuse.security:ste:2009039625"/> 63290 </rpminfo_test> 63291 <rpminfo_test id="oval:org.opensuse.security:tst:2009068817" version="1" comment="flash-player is <10.3.181.26-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63292 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 63293 <state state_ref="oval:org.opensuse.security:ste:2009039640"/> 63294 </rpminfo_test> 63295 <rpminfo_test id="oval:org.opensuse.security:tst:2009069767" version="1" comment="flash-player is <10.3.183.5-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63296 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 63297 <state state_ref="oval:org.opensuse.security:ste:2009039788"/> 63298 </rpminfo_test> 63299 <rpminfo_test id="oval:org.opensuse.security:tst:2009069331" version="1" comment="tftp is <0.48-1.13.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63300 <object object_ref="oval:org.opensuse.security:obj:2009034593"/> 63301 <state state_ref="oval:org.opensuse.security:ste:2009039702"/> 63302 </rpminfo_test> 63303 <rpminfo_test id="oval:org.opensuse.security:tst:2009069423" version="1" comment="dbus-1-32bit is <0.60-33.31.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63304 <object object_ref="oval:org.opensuse.security:obj:2009030889"/> 63305 <state state_ref="oval:org.opensuse.security:ste:2009039718"/> 63306 </rpminfo_test> 63307 <rpminfo_test id="oval:org.opensuse.security:tst:2009069424" version="1" comment="dbus-1-devel is <0.60-33.31.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63308 <object object_ref="oval:org.opensuse.security:obj:2009031621"/> 63309 <state state_ref="oval:org.opensuse.security:ste:2009039718"/> 63310 </rpminfo_test> 63311 <rpminfo_test id="oval:org.opensuse.security:tst:2009069425" version="1" comment="dbus-1-glib-32bit is <0.60-33.31.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63312 <object object_ref="oval:org.opensuse.security:obj:2009031622"/> 63313 <state state_ref="oval:org.opensuse.security:ste:2009039718"/> 63314 </rpminfo_test> 63315 <rpminfo_test id="oval:org.opensuse.security:tst:2009069426" version="1" comment="dbus-1-glib is <0.60-33.31.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63316 <object object_ref="oval:org.opensuse.security:obj:2009031626"/> 63317 <state state_ref="oval:org.opensuse.security:ste:2009039718"/> 63318 </rpminfo_test> 63319 <rpminfo_test id="oval:org.opensuse.security:tst:2009069427" version="1" comment="dbus-1 is <0.60-33.31.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63320 <object object_ref="oval:org.opensuse.security:obj:2009030891"/> 63321 <state state_ref="oval:org.opensuse.security:ste:2009039718"/> 63322 </rpminfo_test> 63323 <rpminfo_test id="oval:org.opensuse.security:tst:2009070820" version="1" comment="MozillaFirefox-translations is <3.6.23-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63324 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 63325 <state state_ref="oval:org.opensuse.security:ste:2009040006"/> 63326 </rpminfo_test> 63327 <rpminfo_test id="oval:org.opensuse.security:tst:2009070821" version="1" comment="MozillaFirefox is <3.6.23-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63328 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 63329 <state state_ref="oval:org.opensuse.security:ste:2009040006"/> 63330 </rpminfo_test> 63331 <rpminfo_test id="oval:org.opensuse.security:tst:2009070822" version="1" comment="mozilla-xulrunner192-32bit is <1.9.2.23-1.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63332 <object object_ref="oval:org.opensuse.security:obj:2009033842"/> 63333 <state state_ref="oval:org.opensuse.security:ste:2009040007"/> 63334 </rpminfo_test> 63335 <rpminfo_test id="oval:org.opensuse.security:tst:2009070823" version="1" comment="mozilla-xulrunner192-gnome-32bit is <1.9.2.23-1.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63336 <object object_ref="oval:org.opensuse.security:obj:2009033845"/> 63337 <state state_ref="oval:org.opensuse.security:ste:2009040007"/> 63338 </rpminfo_test> 63339 <rpminfo_test id="oval:org.opensuse.security:tst:2009070824" version="1" comment="mozilla-xulrunner192-gnome is <1.9.2.23-1.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63340 <object object_ref="oval:org.opensuse.security:obj:2009033846"/> 63341 <state state_ref="oval:org.opensuse.security:ste:2009040007"/> 63342 </rpminfo_test> 63343 <rpminfo_test id="oval:org.opensuse.security:tst:2009070825" version="1" comment="mozilla-xulrunner192-translations-32bit is <1.9.2.23-1.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63344 <object object_ref="oval:org.opensuse.security:obj:2009033962"/> 63345 <state state_ref="oval:org.opensuse.security:ste:2009040007"/> 63346 </rpminfo_test> 63347 <rpminfo_test id="oval:org.opensuse.security:tst:2009070826" version="1" comment="mozilla-xulrunner192-translations is <1.9.2.23-1.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63348 <object object_ref="oval:org.opensuse.security:obj:2009033959"/> 63349 <state state_ref="oval:org.opensuse.security:ste:2009040007"/> 63350 </rpminfo_test> 63351 <rpminfo_test id="oval:org.opensuse.security:tst:2009070827" version="1" comment="mozilla-xulrunner192 is <1.9.2.23-1.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63352 <object object_ref="oval:org.opensuse.security:obj:2009033851"/> 63353 <state state_ref="oval:org.opensuse.security:ste:2009040007"/> 63354 </rpminfo_test> 63355 <rpminfo_test id="oval:org.opensuse.security:tst:2009071938" version="1" comment="mozilla-nss-32bit is <3.13.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63356 <object object_ref="oval:org.opensuse.security:obj:2009032437"/> 63357 <state state_ref="oval:org.opensuse.security:ste:2009040144"/> 63358 </rpminfo_test> 63359 <rpminfo_test id="oval:org.opensuse.security:tst:2009071939" version="1" comment="mozilla-nss-devel is <3.13.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63360 <object object_ref="oval:org.opensuse.security:obj:2009032439"/> 63361 <state state_ref="oval:org.opensuse.security:ste:2009040144"/> 63362 </rpminfo_test> 63363 <rpminfo_test id="oval:org.opensuse.security:tst:2009071940" version="1" comment="mozilla-nss-tools is <3.13.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63364 <object object_ref="oval:org.opensuse.security:obj:2009032444"/> 63365 <state state_ref="oval:org.opensuse.security:ste:2009040144"/> 63366 </rpminfo_test> 63367 <rpminfo_test id="oval:org.opensuse.security:tst:2009071941" version="1" comment="mozilla-nss is <3.13.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63368 <object object_ref="oval:org.opensuse.security:obj:2009032440"/> 63369 <state state_ref="oval:org.opensuse.security:ste:2009040144"/> 63370 </rpminfo_test> 63371 <rpminfo_test id="oval:org.opensuse.security:tst:2009070594" version="1" comment="flash-player is <10.3.183.10-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63372 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 63373 <state state_ref="oval:org.opensuse.security:ste:2009039949"/> 63374 </rpminfo_test> 63375 <rpminfo_test id="oval:org.opensuse.security:tst:2009071869" version="1" comment="flash-player is <10.3.183.11-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63376 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 63377 <state state_ref="oval:org.opensuse.security:ste:2009040126"/> 63378 </rpminfo_test> 63379 <rpminfo_test id="oval:org.opensuse.security:tst:2009072584" version="1" comment="acroread-cmaps is <9.4.6-0.5.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63380 <object object_ref="oval:org.opensuse.security:obj:2009033636"/> 63381 <state state_ref="oval:org.opensuse.security:ste:2009040255"/> 63382 </rpminfo_test> 63383 <rpminfo_test id="oval:org.opensuse.security:tst:2009072585" version="1" comment="acroread-fonts-ja is <9.4.6-0.5.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63384 <object object_ref="oval:org.opensuse.security:obj:2009033637"/> 63385 <state state_ref="oval:org.opensuse.security:ste:2009040255"/> 63386 </rpminfo_test> 63387 <rpminfo_test id="oval:org.opensuse.security:tst:2009072586" version="1" comment="acroread-fonts-ko is <9.4.6-0.5.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63388 <object object_ref="oval:org.opensuse.security:obj:2009033638"/> 63389 <state state_ref="oval:org.opensuse.security:ste:2009040255"/> 63390 </rpminfo_test> 63391 <rpminfo_test id="oval:org.opensuse.security:tst:2009072587" version="1" comment="acroread-fonts-zh_CN is <9.4.6-0.5.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63392 <object object_ref="oval:org.opensuse.security:obj:2009033639"/> 63393 <state state_ref="oval:org.opensuse.security:ste:2009040255"/> 63394 </rpminfo_test> 63395 <rpminfo_test id="oval:org.opensuse.security:tst:2009072588" version="1" comment="acroread-fonts-zh_TW is <9.4.6-0.5.9" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63396 <object object_ref="oval:org.opensuse.security:obj:2009033640"/> 63397 <state state_ref="oval:org.opensuse.security:ste:2009040255"/> 63398 </rpminfo_test> 63399 <rpminfo_test id="oval:org.opensuse.security:tst:2009072589" version="1" comment="acroread is <9.4.7-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63400 <object object_ref="oval:org.opensuse.security:obj:2009030440"/> 63401 <state state_ref="oval:org.opensuse.security:ste:2009040256"/> 63402 </rpminfo_test> 63403 <rpminfo_test id="oval:org.opensuse.security:tst:2009069387" version="1" comment="bind-libs-32bit is <9.6ESVR4P3-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63404 <object object_ref="oval:org.opensuse.security:obj:2009031555"/> 63405 <state state_ref="oval:org.opensuse.security:ste:2009039711"/> 63406 </rpminfo_test> 63407 <rpminfo_test id="oval:org.opensuse.security:tst:2009069388" version="1" comment="bind-libs is <9.6ESVR4P3-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63408 <object object_ref="oval:org.opensuse.security:obj:2009031557"/> 63409 <state state_ref="oval:org.opensuse.security:ste:2009039711"/> 63410 </rpminfo_test> 63411 <rpminfo_test id="oval:org.opensuse.security:tst:2009069389" version="1" comment="bind-utils is <9.6ESVR4P3-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63412 <object object_ref="oval:org.opensuse.security:obj:2009030649"/> 63413 <state state_ref="oval:org.opensuse.security:ste:2009039711"/> 63414 </rpminfo_test> 63415 <rpminfo_test id="oval:org.opensuse.security:tst:2009070628" version="1" comment="yast2-core is <2.13.48-0.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63416 <object object_ref="oval:org.opensuse.security:obj:2009030808"/> 63417 <state state_ref="oval:org.opensuse.security:ste:2009039956"/> 63418 </rpminfo_test> 63419 <rpminfo_test id="oval:org.opensuse.security:tst:2009069941" version="1" comment="glibc-32bit is <2.4-31.93.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63420 <object object_ref="oval:org.opensuse.security:obj:2009031922"/> 63421 <state state_ref="oval:org.opensuse.security:ste:2009039834"/> 63422 </rpminfo_test> 63423 <rpminfo_test id="oval:org.opensuse.security:tst:2009069942" version="1" comment="glibc-devel-32bit is <2.4-31.93.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63424 <object object_ref="oval:org.opensuse.security:obj:2009031923"/> 63425 <state state_ref="oval:org.opensuse.security:ste:2009039834"/> 63426 </rpminfo_test> 63427 <rpminfo_test id="oval:org.opensuse.security:tst:2009069943" version="1" comment="glibc-devel is <2.4-31.93.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63428 <object object_ref="oval:org.opensuse.security:obj:2009031924"/> 63429 <state state_ref="oval:org.opensuse.security:ste:2009039834"/> 63430 </rpminfo_test> 63431 <rpminfo_test id="oval:org.opensuse.security:tst:2009069944" version="1" comment="glibc-html is <2.4-31.93.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63432 <object object_ref="oval:org.opensuse.security:obj:2009032391"/> 63433 <state state_ref="oval:org.opensuse.security:ste:2009039834"/> 63434 </rpminfo_test> 63435 <rpminfo_test id="oval:org.opensuse.security:tst:2009069945" version="1" comment="glibc-i18ndata is <2.4-31.93.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63436 <object object_ref="oval:org.opensuse.security:obj:2009032392"/> 63437 <state state_ref="oval:org.opensuse.security:ste:2009039834"/> 63438 </rpminfo_test> 63439 <rpminfo_test id="oval:org.opensuse.security:tst:2009069946" version="1" comment="glibc-info is <2.4-31.93.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63440 <object object_ref="oval:org.opensuse.security:obj:2009032393"/> 63441 <state state_ref="oval:org.opensuse.security:ste:2009039834"/> 63442 </rpminfo_test> 63443 <rpminfo_test id="oval:org.opensuse.security:tst:2009069947" version="1" comment="glibc-locale-32bit is <2.4-31.93.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63444 <object object_ref="oval:org.opensuse.security:obj:2009030531"/> 63445 <state state_ref="oval:org.opensuse.security:ste:2009039834"/> 63446 </rpminfo_test> 63447 <rpminfo_test id="oval:org.opensuse.security:tst:2009069948" version="1" comment="glibc-locale is <2.4-31.93.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63448 <object object_ref="oval:org.opensuse.security:obj:2009031925"/> 63449 <state state_ref="oval:org.opensuse.security:ste:2009039834"/> 63450 </rpminfo_test> 63451 <rpminfo_test id="oval:org.opensuse.security:tst:2009069949" version="1" comment="glibc is <2.4-31.93.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63452 <object object_ref="oval:org.opensuse.security:obj:2009031926"/> 63453 <state state_ref="oval:org.opensuse.security:ste:2009039834"/> 63454 </rpminfo_test> 63455 <rpminfo_test id="oval:org.opensuse.security:tst:2009069950" version="1" comment="libxcrypt-32bit is <2.4-12.9.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63456 <object object_ref="oval:org.opensuse.security:obj:2009032911"/> 63457 <state state_ref="oval:org.opensuse.security:ste:2009039835"/> 63458 </rpminfo_test> 63459 <rpminfo_test id="oval:org.opensuse.security:tst:2009069951" version="1" comment="libxcrypt is <2.4-12.9.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63460 <object object_ref="oval:org.opensuse.security:obj:2009032914"/> 63461 <state state_ref="oval:org.opensuse.security:ste:2009039835"/> 63462 </rpminfo_test> 63463 <rpminfo_test id="oval:org.opensuse.security:tst:2009069952" version="1" comment="nscd is <2.4-31.93.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63464 <object object_ref="oval:org.opensuse.security:obj:2009032399"/> 63465 <state state_ref="oval:org.opensuse.security:ste:2009039834"/> 63466 </rpminfo_test> 63467 <rpminfo_test id="oval:org.opensuse.security:tst:2009069953" version="1" comment="pam-modules-32bit is <10-2.17.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63468 <object object_ref="oval:org.opensuse.security:obj:2009032519"/> 63469 <state state_ref="oval:org.opensuse.security:ste:2009039836"/> 63470 </rpminfo_test> 63471 <rpminfo_test id="oval:org.opensuse.security:tst:2009069954" version="1" comment="pam-modules is <10-2.17.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63472 <object object_ref="oval:org.opensuse.security:obj:2009032520"/> 63473 <state state_ref="oval:org.opensuse.security:ste:2009039836"/> 63474 </rpminfo_test> 63475 <rpminfo_test id="oval:org.opensuse.security:tst:2009069955" version="1" comment="pwdutils is <3.0.7.1-17.36.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63476 <object object_ref="oval:org.opensuse.security:obj:2009032192"/> 63477 <state state_ref="oval:org.opensuse.security:ste:2009039837"/> 63478 </rpminfo_test> 63479 <rpminfo_test id="oval:org.opensuse.security:tst:2009075806" version="1" comment="postgresql-devel is <8.1.23-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63480 <object object_ref="oval:org.opensuse.security:obj:2009030469"/> 63481 <state state_ref="oval:org.opensuse.security:ste:2009040726"/> 63482 </rpminfo_test> 63483 <rpminfo_test id="oval:org.opensuse.security:tst:2009075807" version="1" comment="postgresql-libs-32bit is <8.1.23-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63484 <object object_ref="oval:org.opensuse.security:obj:2009030626"/> 63485 <state state_ref="oval:org.opensuse.security:ste:2009040726"/> 63486 </rpminfo_test> 63487 <rpminfo_test id="oval:org.opensuse.security:tst:2009075808" version="1" comment="postgresql-libs is <8.1.23-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63488 <object object_ref="oval:org.opensuse.security:obj:2009030471"/> 63489 <state state_ref="oval:org.opensuse.security:ste:2009040726"/> 63490 </rpminfo_test> 63491 <rpminfo_test id="oval:org.opensuse.security:tst:2009074864" version="1" comment="gdk-pixbuf-32bit is <0.22.0-93.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63492 <object object_ref="oval:org.opensuse.security:obj:2009032177"/> 63493 <state state_ref="oval:org.opensuse.security:ste:2009040587"/> 63494 </rpminfo_test> 63495 <rpminfo_test id="oval:org.opensuse.security:tst:2009074865" version="1" comment="gdk-pixbuf is <0.22.0-93.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63496 <object object_ref="oval:org.opensuse.security:obj:2009030591"/> 63497 <state state_ref="oval:org.opensuse.security:ste:2009040587"/> 63498 </rpminfo_test> 63499 <rpminfo_test id="oval:org.opensuse.security:tst:2009074866" version="1" comment="gtk2-32bit is <2.8.11-0.29.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63500 <object object_ref="oval:org.opensuse.security:obj:2009030532"/> 63501 <state state_ref="oval:org.opensuse.security:ste:2009040588"/> 63502 </rpminfo_test> 63503 <rpminfo_test id="oval:org.opensuse.security:tst:2009074867" version="1" comment="gtk2-devel is <2.8.11-0.29.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63504 <object object_ref="oval:org.opensuse.security:obj:2009030533"/> 63505 <state state_ref="oval:org.opensuse.security:ste:2009040588"/> 63506 </rpminfo_test> 63507 <rpminfo_test id="oval:org.opensuse.security:tst:2009074868" version="1" comment="gtk2-doc is <2.8.11-0.29.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63508 <object object_ref="oval:org.opensuse.security:obj:2009030534"/> 63509 <state state_ref="oval:org.opensuse.security:ste:2009040588"/> 63510 </rpminfo_test> 63511 <rpminfo_test id="oval:org.opensuse.security:tst:2009074869" version="1" comment="gtk2 is <2.8.11-0.29.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63512 <object object_ref="oval:org.opensuse.security:obj:2009030535"/> 63513 <state state_ref="oval:org.opensuse.security:ste:2009040588"/> 63514 </rpminfo_test> 63515 <rpminfo_test id="oval:org.opensuse.security:tst:2009069591" version="1" comment="opie is <2.4-567.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63516 <object object_ref="oval:org.opensuse.security:obj:2009034616"/> 63517 <state state_ref="oval:org.opensuse.security:ste:2009039755"/> 63518 </rpminfo_test> 63519 <rpminfo_test id="oval:org.opensuse.security:tst:2009069592" version="1" comment="permissions is <2011.6.28-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63520 <object object_ref="oval:org.opensuse.security:obj:2009032191"/> 63521 <state state_ref="oval:org.opensuse.security:ste:2009039756"/> 63522 </rpminfo_test> 63523 <rpminfo_test id="oval:org.opensuse.security:tst:2009069802" version="1" comment="libvirt-python is <0.3.3-18.22.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63524 <object object_ref="oval:org.opensuse.security:obj:2009031850"/> 63525 <state state_ref="oval:org.opensuse.security:ste:2009039798"/> 63526 </rpminfo_test> 63527 <rpminfo_test id="oval:org.opensuse.security:tst:2009069803" version="1" comment="libvirt is <0.3.3-18.22.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63528 <object object_ref="oval:org.opensuse.security:obj:2009031851"/> 63529 <state state_ref="oval:org.opensuse.security:ste:2009039798"/> 63530 </rpminfo_test> 63531 <rpminfo_test id="oval:org.opensuse.security:tst:2009070347" version="1" comment="cifs-mount is <3.0.36-0.13.16.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63532 <object object_ref="oval:org.opensuse.security:obj:2009031336"/> 63533 <state state_ref="oval:org.opensuse.security:ste:2009039909"/> 63534 </rpminfo_test> 63535 <rpminfo_test id="oval:org.opensuse.security:tst:2009070348" version="1" comment="ldapsmb is <1.34b-25.13.16.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63536 <object object_ref="oval:org.opensuse.security:obj:2009030746"/> 63537 <state state_ref="oval:org.opensuse.security:ste:2009039910"/> 63538 </rpminfo_test> 63539 <rpminfo_test id="oval:org.opensuse.security:tst:2009070349" version="1" comment="libsmbclient-32bit is <3.0.36-0.13.16.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63540 <object object_ref="oval:org.opensuse.security:obj:2009030745"/> 63541 <state state_ref="oval:org.opensuse.security:ste:2009039909"/> 63542 </rpminfo_test> 63543 <rpminfo_test id="oval:org.opensuse.security:tst:2009070350" version="1" comment="libsmbclient-devel is <3.0.36-0.13.16.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63544 <object object_ref="oval:org.opensuse.security:obj:2009030441"/> 63545 <state state_ref="oval:org.opensuse.security:ste:2009039909"/> 63546 </rpminfo_test> 63547 <rpminfo_test id="oval:org.opensuse.security:tst:2009070351" version="1" comment="libsmbclient is <3.0.36-0.13.16.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63548 <object object_ref="oval:org.opensuse.security:obj:2009030442"/> 63549 <state state_ref="oval:org.opensuse.security:ste:2009039909"/> 63550 </rpminfo_test> 63551 <rpminfo_test id="oval:org.opensuse.security:tst:2009070352" version="1" comment="samba-32bit is <3.0.36-0.13.16.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63552 <object object_ref="oval:org.opensuse.security:obj:2009030769"/> 63553 <state state_ref="oval:org.opensuse.security:ste:2009039909"/> 63554 </rpminfo_test> 63555 <rpminfo_test id="oval:org.opensuse.security:tst:2009070353" version="1" comment="samba-client-32bit is <3.0.36-0.13.16.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63556 <object object_ref="oval:org.opensuse.security:obj:2009030770"/> 63557 <state state_ref="oval:org.opensuse.security:ste:2009039909"/> 63558 </rpminfo_test> 63559 <rpminfo_test id="oval:org.opensuse.security:tst:2009070354" version="1" comment="samba-client is <3.0.36-0.13.16.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63560 <object object_ref="oval:org.opensuse.security:obj:2009030443"/> 63561 <state state_ref="oval:org.opensuse.security:ste:2009039909"/> 63562 </rpminfo_test> 63563 <rpminfo_test id="oval:org.opensuse.security:tst:2009070355" version="1" comment="samba-krb-printing is <3.0.36-0.13.16.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63564 <object object_ref="oval:org.opensuse.security:obj:2009031344"/> 63565 <state state_ref="oval:org.opensuse.security:ste:2009039909"/> 63566 </rpminfo_test> 63567 <rpminfo_test id="oval:org.opensuse.security:tst:2009070356" version="1" comment="samba-vscan is <0.3.6b-43.13.16.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63568 <object object_ref="oval:org.opensuse.security:obj:2009030447"/> 63569 <state state_ref="oval:org.opensuse.security:ste:2009039911"/> 63570 </rpminfo_test> 63571 <rpminfo_test id="oval:org.opensuse.security:tst:2009070357" version="1" comment="samba-winbind-32bit is <3.0.36-0.13.16.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63572 <object object_ref="oval:org.opensuse.security:obj:2009030771"/> 63573 <state state_ref="oval:org.opensuse.security:ste:2009039909"/> 63574 </rpminfo_test> 63575 <rpminfo_test id="oval:org.opensuse.security:tst:2009070358" version="1" comment="samba-winbind is <3.0.36-0.13.16.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63576 <object object_ref="oval:org.opensuse.security:obj:2009030448"/> 63577 <state state_ref="oval:org.opensuse.security:ste:2009039909"/> 63578 </rpminfo_test> 63579 <rpminfo_test id="oval:org.opensuse.security:tst:2009070359" version="1" comment="samba is <3.0.36-0.13.16.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63580 <object object_ref="oval:org.opensuse.security:obj:2009030429"/> 63581 <state state_ref="oval:org.opensuse.security:ste:2009039909"/> 63582 </rpminfo_test> 63583 <rpminfo_test id="oval:org.opensuse.security:tst:2009071945" version="1" comment="wireshark is <1.4.10-0.40.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63584 <object object_ref="oval:org.opensuse.security:obj:2009031055"/> 63585 <state state_ref="oval:org.opensuse.security:ste:2009040145"/> 63586 </rpminfo_test> 63587 <rpminfo_test id="oval:org.opensuse.security:tst:2009070145" version="1" comment="vpnc is <0.5.1-1.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63588 <object object_ref="oval:org.opensuse.security:obj:2009034651"/> 63589 <state state_ref="oval:org.opensuse.security:ste:2009039880"/> 63590 </rpminfo_test> 63591 <rpminfo_test id="oval:org.opensuse.security:tst:2009107306" version="1" comment="libreoffice-af is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63592 <object object_ref="oval:org.opensuse.security:obj:2009034666"/> 63593 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63594 </rpminfo_test> 63595 <rpminfo_test id="oval:org.opensuse.security:tst:2009107307" version="1" comment="libreoffice-ar is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63596 <object object_ref="oval:org.opensuse.security:obj:2009034667"/> 63597 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63598 </rpminfo_test> 63599 <rpminfo_test id="oval:org.opensuse.security:tst:2009107308" version="1" comment="libreoffice-ca is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63600 <object object_ref="oval:org.opensuse.security:obj:2009034668"/> 63601 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63602 </rpminfo_test> 63603 <rpminfo_test id="oval:org.opensuse.security:tst:2009107309" version="1" comment="libreoffice-cs is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63604 <object object_ref="oval:org.opensuse.security:obj:2009034669"/> 63605 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63606 </rpminfo_test> 63607 <rpminfo_test id="oval:org.opensuse.security:tst:2009107310" version="1" comment="libreoffice-da is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63608 <object object_ref="oval:org.opensuse.security:obj:2009034670"/> 63609 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63610 </rpminfo_test> 63611 <rpminfo_test id="oval:org.opensuse.security:tst:2009107311" version="1" comment="libreoffice-de is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63612 <object object_ref="oval:org.opensuse.security:obj:2009034672"/> 63613 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63614 </rpminfo_test> 63615 <rpminfo_test id="oval:org.opensuse.security:tst:2009107312" version="1" comment="libreoffice-el is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63616 <object object_ref="oval:org.opensuse.security:obj:2009034673"/> 63617 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63618 </rpminfo_test> 63619 <rpminfo_test id="oval:org.opensuse.security:tst:2009107313" version="1" comment="libreoffice-en-GB is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63620 <object object_ref="oval:org.opensuse.security:obj:2009034674"/> 63621 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63622 </rpminfo_test> 63623 <rpminfo_test id="oval:org.opensuse.security:tst:2009107314" version="1" comment="libreoffice-es is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63624 <object object_ref="oval:org.opensuse.security:obj:2009034675"/> 63625 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63626 </rpminfo_test> 63627 <rpminfo_test id="oval:org.opensuse.security:tst:2009107315" version="1" comment="libreoffice-fi is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63628 <object object_ref="oval:org.opensuse.security:obj:2009034676"/> 63629 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63630 </rpminfo_test> 63631 <rpminfo_test id="oval:org.opensuse.security:tst:2009107316" version="1" comment="libreoffice-fr is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63632 <object object_ref="oval:org.opensuse.security:obj:2009034677"/> 63633 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63634 </rpminfo_test> 63635 <rpminfo_test id="oval:org.opensuse.security:tst:2009107317" version="1" comment="libreoffice-galleries is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63636 <object object_ref="oval:org.opensuse.security:obj:2009034678"/> 63637 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63638 </rpminfo_test> 63639 <rpminfo_test id="oval:org.opensuse.security:tst:2009107318" version="1" comment="libreoffice-gnome is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63640 <object object_ref="oval:org.opensuse.security:obj:2009034098"/> 63641 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63642 </rpminfo_test> 63643 <rpminfo_test id="oval:org.opensuse.security:tst:2009107319" version="1" comment="libreoffice-gu-IN is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63644 <object object_ref="oval:org.opensuse.security:obj:2009034679"/> 63645 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63646 </rpminfo_test> 63647 <rpminfo_test id="oval:org.opensuse.security:tst:2009107320" version="1" comment="libreoffice-hi-IN is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63648 <object object_ref="oval:org.opensuse.security:obj:2009034680"/> 63649 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63650 </rpminfo_test> 63651 <rpminfo_test id="oval:org.opensuse.security:tst:2009107321" version="1" comment="libreoffice-hu is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63652 <object object_ref="oval:org.opensuse.security:obj:2009034681"/> 63653 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63654 </rpminfo_test> 63655 <rpminfo_test id="oval:org.opensuse.security:tst:2009107322" version="1" comment="libreoffice-it is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63656 <object object_ref="oval:org.opensuse.security:obj:2009034682"/> 63657 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63658 </rpminfo_test> 63659 <rpminfo_test id="oval:org.opensuse.security:tst:2009107323" version="1" comment="libreoffice-ja is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63660 <object object_ref="oval:org.opensuse.security:obj:2009034683"/> 63661 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63662 </rpminfo_test> 63663 <rpminfo_test id="oval:org.opensuse.security:tst:2009107324" version="1" comment="libreoffice-kde is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63664 <object object_ref="oval:org.opensuse.security:obj:2009034124"/> 63665 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63666 </rpminfo_test> 63667 <rpminfo_test id="oval:org.opensuse.security:tst:2009107325" version="1" comment="libreoffice-ko is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63668 <object object_ref="oval:org.opensuse.security:obj:2009034684"/> 63669 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63670 </rpminfo_test> 63671 <rpminfo_test id="oval:org.opensuse.security:tst:2009107326" version="1" comment="libreoffice-mono is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63672 <object object_ref="oval:org.opensuse.security:obj:2009034162"/> 63673 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63674 </rpminfo_test> 63675 <rpminfo_test id="oval:org.opensuse.security:tst:2009107327" version="1" comment="libreoffice-nb is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63676 <object object_ref="oval:org.opensuse.security:obj:2009034685"/> 63677 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63678 </rpminfo_test> 63679 <rpminfo_test id="oval:org.opensuse.security:tst:2009107328" version="1" comment="libreoffice-nl is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63680 <object object_ref="oval:org.opensuse.security:obj:2009034686"/> 63681 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63682 </rpminfo_test> 63683 <rpminfo_test id="oval:org.opensuse.security:tst:2009107329" version="1" comment="libreoffice-nn is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63684 <object object_ref="oval:org.opensuse.security:obj:2009034687"/> 63685 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63686 </rpminfo_test> 63687 <rpminfo_test id="oval:org.opensuse.security:tst:2009107330" version="1" comment="libreoffice-pl is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63688 <object object_ref="oval:org.opensuse.security:obj:2009034688"/> 63689 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63690 </rpminfo_test> 63691 <rpminfo_test id="oval:org.opensuse.security:tst:2009107331" version="1" comment="libreoffice-pt-BR is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63692 <object object_ref="oval:org.opensuse.security:obj:2009034689"/> 63693 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63694 </rpminfo_test> 63695 <rpminfo_test id="oval:org.opensuse.security:tst:2009107332" version="1" comment="libreoffice-ru is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63696 <object object_ref="oval:org.opensuse.security:obj:2009034690"/> 63697 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63698 </rpminfo_test> 63699 <rpminfo_test id="oval:org.opensuse.security:tst:2009107333" version="1" comment="libreoffice-sk is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63700 <object object_ref="oval:org.opensuse.security:obj:2009034691"/> 63701 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63702 </rpminfo_test> 63703 <rpminfo_test id="oval:org.opensuse.security:tst:2009107334" version="1" comment="libreoffice-sv is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63704 <object object_ref="oval:org.opensuse.security:obj:2009034692"/> 63705 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63706 </rpminfo_test> 63707 <rpminfo_test id="oval:org.opensuse.security:tst:2009107335" version="1" comment="libreoffice-xh is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63708 <object object_ref="oval:org.opensuse.security:obj:2009034693"/> 63709 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63710 </rpminfo_test> 63711 <rpminfo_test id="oval:org.opensuse.security:tst:2009107336" version="1" comment="libreoffice-zh-CN is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63712 <object object_ref="oval:org.opensuse.security:obj:2009034694"/> 63713 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63714 </rpminfo_test> 63715 <rpminfo_test id="oval:org.opensuse.security:tst:2009107337" version="1" comment="libreoffice-zh-TW is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63716 <object object_ref="oval:org.opensuse.security:obj:2009034695"/> 63717 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63718 </rpminfo_test> 63719 <rpminfo_test id="oval:org.opensuse.security:tst:2009107338" version="1" comment="libreoffice-zu is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63720 <object object_ref="oval:org.opensuse.security:obj:2009034696"/> 63721 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63722 </rpminfo_test> 63723 <rpminfo_test id="oval:org.opensuse.security:tst:2009107339" version="1" comment="libreoffice is <3.4.2.6-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63724 <object object_ref="oval:org.opensuse.security:obj:2009034188"/> 63725 <state state_ref="oval:org.opensuse.security:ste:2009044638"/> 63726 </rpminfo_test> 63727 <rpminfo_test id="oval:org.opensuse.security:tst:2009076967" version="1" comment="ruby is <1.8.6.p369-0.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63728 <object object_ref="oval:org.opensuse.security:obj:2009030431"/> 63729 <state state_ref="oval:org.opensuse.security:ste:2009040937"/> 63730 </rpminfo_test> 63731 <rpminfo_test id="oval:org.opensuse.security:tst:2009069769" version="1" comment="foomatic-filters is <3.0.2-20.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63732 <object object_ref="oval:org.opensuse.security:obj:2009031074"/> 63733 <state state_ref="oval:org.opensuse.security:ste:2009039790"/> 63734 </rpminfo_test> 63735 <rpminfo_test id="oval:org.opensuse.security:tst:2009074791" version="1" comment="libgssapi-32bit is <0.6-13.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63736 <object object_ref="oval:org.opensuse.security:obj:2009032821"/> 63737 <state state_ref="oval:org.opensuse.security:ste:2009040580"/> 63738 </rpminfo_test> 63739 <rpminfo_test id="oval:org.opensuse.security:tst:2009074792" version="1" comment="libgssapi is <0.6-13.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63740 <object object_ref="oval:org.opensuse.security:obj:2009032822"/> 63741 <state state_ref="oval:org.opensuse.security:ste:2009040580"/> 63742 </rpminfo_test> 63743 <rpminfo_test id="oval:org.opensuse.security:tst:2009070055" version="1" comment="clamav is <0.97.2-1.5.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63744 <object object_ref="oval:org.opensuse.security:obj:2009030961"/> 63745 <state state_ref="oval:org.opensuse.security:ste:2009039853"/> 63746 </rpminfo_test> 63747 <rpminfo_test id="oval:org.opensuse.security:tst:2009076769" version="1" comment="perl-32bit is <5.8.8-14.21.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63748 <object object_ref="oval:org.opensuse.security:obj:2009030599"/> 63749 <state state_ref="oval:org.opensuse.security:ste:2009040903"/> 63750 </rpminfo_test> 63751 <rpminfo_test id="oval:org.opensuse.security:tst:2009076770" version="1" comment="perl is <5.8.8-14.21.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63752 <object object_ref="oval:org.opensuse.security:obj:2009030410"/> 63753 <state state_ref="oval:org.opensuse.security:ste:2009040903"/> 63754 </rpminfo_test> 63755 <rpminfo_test id="oval:org.opensuse.security:tst:2009070487" version="1" comment="dhcp-client is <3.0.7-7.15.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63756 <object object_ref="oval:org.opensuse.security:obj:2009030726"/> 63757 <state state_ref="oval:org.opensuse.security:ste:2009039932"/> 63758 </rpminfo_test> 63759 <rpminfo_test id="oval:org.opensuse.security:tst:2009070488" version="1" comment="dhcp is <3.0.7-7.15.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63760 <object object_ref="oval:org.opensuse.security:obj:2009030729"/> 63761 <state state_ref="oval:org.opensuse.security:ste:2009039932"/> 63762 </rpminfo_test> 63763 <rpminfo_test id="oval:org.opensuse.security:tst:2009072070" version="1" comment="xorg-x11-Xnest is <6.9.0-50.76.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63764 <object object_ref="oval:org.opensuse.security:obj:2009032401"/> 63765 <state state_ref="oval:org.opensuse.security:ste:2009040175"/> 63766 </rpminfo_test> 63767 <rpminfo_test id="oval:org.opensuse.security:tst:2009072071" version="1" comment="xorg-x11-Xvfb is <6.9.0-50.76.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63768 <object object_ref="oval:org.opensuse.security:obj:2009032402"/> 63769 <state state_ref="oval:org.opensuse.security:ste:2009040175"/> 63770 </rpminfo_test> 63771 <rpminfo_test id="oval:org.opensuse.security:tst:2009072072" version="1" comment="xorg-x11-Xvnc is <6.9.0-50.76.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63772 <object object_ref="oval:org.opensuse.security:obj:2009031301"/> 63773 <state state_ref="oval:org.opensuse.security:ste:2009040175"/> 63774 </rpminfo_test> 63775 <rpminfo_test id="oval:org.opensuse.security:tst:2009072073" version="1" comment="xorg-x11-devel-32bit is <6.9.0-50.76.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63776 <object object_ref="oval:org.opensuse.security:obj:2009031328"/> 63777 <state state_ref="oval:org.opensuse.security:ste:2009040175"/> 63778 </rpminfo_test> 63779 <rpminfo_test id="oval:org.opensuse.security:tst:2009072074" version="1" comment="xorg-x11-devel is <6.9.0-50.76.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63780 <object object_ref="oval:org.opensuse.security:obj:2009031330"/> 63781 <state state_ref="oval:org.opensuse.security:ste:2009040175"/> 63782 </rpminfo_test> 63783 <rpminfo_test id="oval:org.opensuse.security:tst:2009072075" version="1" comment="xorg-x11-fonts-100dpi is <6.9.0-50.76.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63784 <object object_ref="oval:org.opensuse.security:obj:2009032403"/> 63785 <state state_ref="oval:org.opensuse.security:ste:2009040175"/> 63786 </rpminfo_test> 63787 <rpminfo_test id="oval:org.opensuse.security:tst:2009072076" version="1" comment="xorg-x11-fonts-75dpi is <6.9.0-50.76.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63788 <object object_ref="oval:org.opensuse.security:obj:2009032404"/> 63789 <state state_ref="oval:org.opensuse.security:ste:2009040175"/> 63790 </rpminfo_test> 63791 <rpminfo_test id="oval:org.opensuse.security:tst:2009072077" version="1" comment="xorg-x11-fonts-cyrillic is <6.9.0-50.76.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63792 <object object_ref="oval:org.opensuse.security:obj:2009032405"/> 63793 <state state_ref="oval:org.opensuse.security:ste:2009040175"/> 63794 </rpminfo_test> 63795 <rpminfo_test id="oval:org.opensuse.security:tst:2009072078" version="1" comment="xorg-x11-fonts-scalable is <6.9.0-50.76.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63796 <object object_ref="oval:org.opensuse.security:obj:2009032406"/> 63797 <state state_ref="oval:org.opensuse.security:ste:2009040175"/> 63798 </rpminfo_test> 63799 <rpminfo_test id="oval:org.opensuse.security:tst:2009072079" version="1" comment="xorg-x11-fonts-syriac is <6.9.0-50.76.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63800 <object object_ref="oval:org.opensuse.security:obj:2009032407"/> 63801 <state state_ref="oval:org.opensuse.security:ste:2009040175"/> 63802 </rpminfo_test> 63803 <rpminfo_test id="oval:org.opensuse.security:tst:2009072080" version="1" comment="xorg-x11-libs-32bit is <6.9.0-50.76.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63804 <object object_ref="oval:org.opensuse.security:obj:2009031332"/> 63805 <state state_ref="oval:org.opensuse.security:ste:2009040175"/> 63806 </rpminfo_test> 63807 <rpminfo_test id="oval:org.opensuse.security:tst:2009072081" version="1" comment="xorg-x11-libs is <6.9.0-50.76.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63808 <object object_ref="oval:org.opensuse.security:obj:2009031334"/> 63809 <state state_ref="oval:org.opensuse.security:ste:2009040175"/> 63810 </rpminfo_test> 63811 <rpminfo_test id="oval:org.opensuse.security:tst:2009072082" version="1" comment="xorg-x11-man is <6.9.0-50.76.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63812 <object object_ref="oval:org.opensuse.security:obj:2009032408"/> 63813 <state state_ref="oval:org.opensuse.security:ste:2009040175"/> 63814 </rpminfo_test> 63815 <rpminfo_test id="oval:org.opensuse.security:tst:2009072083" version="1" comment="xorg-x11-server-glx is <6.9.0-50.76.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63816 <object object_ref="oval:org.opensuse.security:obj:2009032409"/> 63817 <state state_ref="oval:org.opensuse.security:ste:2009040175"/> 63818 </rpminfo_test> 63819 <rpminfo_test id="oval:org.opensuse.security:tst:2009072084" version="1" comment="xorg-x11-server is <6.9.0-50.76.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63820 <object object_ref="oval:org.opensuse.security:obj:2009031304"/> 63821 <state state_ref="oval:org.opensuse.security:ste:2009040175"/> 63822 </rpminfo_test> 63823 <rpminfo_test id="oval:org.opensuse.security:tst:2009072085" version="1" comment="xorg-x11 is <6.9.0-50.76.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63824 <object object_ref="oval:org.opensuse.security:obj:2009031335"/> 63825 <state state_ref="oval:org.opensuse.security:ste:2009040175"/> 63826 </rpminfo_test> 63827 <rpminfo_test id="oval:org.opensuse.security:tst:2009072149" version="1" comment="freetype2-32bit is <2.1.10-18.27.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63828 <object object_ref="oval:org.opensuse.security:obj:2009030610"/> 63829 <state state_ref="oval:org.opensuse.security:ste:2009040184"/> 63830 </rpminfo_test> 63831 <rpminfo_test id="oval:org.opensuse.security:tst:2009072150" version="1" comment="freetype2-devel-32bit is <2.1.10-18.27.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63832 <object object_ref="oval:org.opensuse.security:obj:2009030611"/> 63833 <state state_ref="oval:org.opensuse.security:ste:2009040184"/> 63834 </rpminfo_test> 63835 <rpminfo_test id="oval:org.opensuse.security:tst:2009072151" version="1" comment="freetype2-devel is <2.1.10-18.27.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63836 <object object_ref="oval:org.opensuse.security:obj:2009030612"/> 63837 <state state_ref="oval:org.opensuse.security:ste:2009040184"/> 63838 </rpminfo_test> 63839 <rpminfo_test id="oval:org.opensuse.security:tst:2009072152" version="1" comment="freetype2 is <2.1.10-18.27.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63840 <object object_ref="oval:org.opensuse.security:obj:2009030613"/> 63841 <state state_ref="oval:org.opensuse.security:ste:2009040184"/> 63842 </rpminfo_test> 63843 <rpminfo_test id="oval:org.opensuse.security:tst:2009071518" version="1" comment="gimp-devel is <2.2.10-22.40.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63844 <object object_ref="oval:org.opensuse.security:obj:2009030654"/> 63845 <state state_ref="oval:org.opensuse.security:ste:2009040058"/> 63846 </rpminfo_test> 63847 <rpminfo_test id="oval:org.opensuse.security:tst:2009071519" version="1" comment="gimp is <2.2.10-22.40.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63848 <object object_ref="oval:org.opensuse.security:obj:2009030642"/> 63849 <state state_ref="oval:org.opensuse.security:ste:2009040058"/> 63850 </rpminfo_test> 63851 <rpminfo_test id="oval:org.opensuse.security:tst:2009070195" version="1" comment="xen-devel is <3.2.3_17040_37-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63852 <object object_ref="oval:org.opensuse.security:obj:2009031479"/> 63853 <state state_ref="oval:org.opensuse.security:ste:2009039891"/> 63854 </rpminfo_test> 63855 <rpminfo_test id="oval:org.opensuse.security:tst:2009070196" version="1" comment="xen-doc-html is <3.2.3_17040_37-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63856 <object object_ref="oval:org.opensuse.security:obj:2009031480"/> 63857 <state state_ref="oval:org.opensuse.security:ste:2009039891"/> 63858 </rpminfo_test> 63859 <rpminfo_test id="oval:org.opensuse.security:tst:2009070197" version="1" comment="xen-doc-pdf is <3.2.3_17040_37-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63860 <object object_ref="oval:org.opensuse.security:obj:2009031481"/> 63861 <state state_ref="oval:org.opensuse.security:ste:2009039891"/> 63862 </rpminfo_test> 63863 <rpminfo_test id="oval:org.opensuse.security:tst:2009070198" version="1" comment="xen-doc-ps is <3.2.3_17040_37-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63864 <object object_ref="oval:org.opensuse.security:obj:2009032233"/> 63865 <state state_ref="oval:org.opensuse.security:ste:2009039891"/> 63866 </rpminfo_test> 63867 <rpminfo_test id="oval:org.opensuse.security:tst:2009070199" version="1" comment="xen-kmp-bigsmp is <3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63868 <object object_ref="oval:org.opensuse.security:obj:2009034576"/> 63869 <state state_ref="oval:org.opensuse.security:ste:2009039892"/> 63870 </rpminfo_test> 63871 <rpminfo_test id="oval:org.opensuse.security:tst:2009070200" version="1" comment="xen-kmp-default is <3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63872 <object object_ref="oval:org.opensuse.security:obj:2009033788"/> 63873 <state state_ref="oval:org.opensuse.security:ste:2009039892"/> 63874 </rpminfo_test> 63875 <rpminfo_test id="oval:org.opensuse.security:tst:2009070201" version="1" comment="xen-kmp-smp is <3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63876 <object object_ref="oval:org.opensuse.security:obj:2009034577"/> 63877 <state state_ref="oval:org.opensuse.security:ste:2009039892"/> 63878 </rpminfo_test> 63879 <rpminfo_test id="oval:org.opensuse.security:tst:2009070202" version="1" comment="xen-libs-32bit is <3.2.3_17040_37-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63880 <object object_ref="oval:org.opensuse.security:obj:2009032234"/> 63881 <state state_ref="oval:org.opensuse.security:ste:2009039891"/> 63882 </rpminfo_test> 63883 <rpminfo_test id="oval:org.opensuse.security:tst:2009070203" version="1" comment="xen-libs is <3.2.3_17040_37-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63884 <object object_ref="oval:org.opensuse.security:obj:2009031482"/> 63885 <state state_ref="oval:org.opensuse.security:ste:2009039891"/> 63886 </rpminfo_test> 63887 <rpminfo_test id="oval:org.opensuse.security:tst:2009070204" version="1" comment="xen-tools-domU is <3.2.3_17040_37-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63888 <object object_ref="oval:org.opensuse.security:obj:2009031483"/> 63889 <state state_ref="oval:org.opensuse.security:ste:2009039891"/> 63890 </rpminfo_test> 63891 <rpminfo_test id="oval:org.opensuse.security:tst:2009070205" version="1" comment="xen-tools-ioemu is <3.2.3_17040_37-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63892 <object object_ref="oval:org.opensuse.security:obj:2009031484"/> 63893 <state state_ref="oval:org.opensuse.security:ste:2009039891"/> 63894 </rpminfo_test> 63895 <rpminfo_test id="oval:org.opensuse.security:tst:2009070206" version="1" comment="xen-tools is <3.2.3_17040_37-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63896 <object object_ref="oval:org.opensuse.security:obj:2009031485"/> 63897 <state state_ref="oval:org.opensuse.security:ste:2009039891"/> 63898 </rpminfo_test> 63899 <rpminfo_test id="oval:org.opensuse.security:tst:2009070207" version="1" comment="xen is <3.2.3_17040_37-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63900 <object object_ref="oval:org.opensuse.security:obj:2009031486"/> 63901 <state state_ref="oval:org.opensuse.security:ste:2009039891"/> 63902 </rpminfo_test> 63903 <rpminfo_test id="oval:org.opensuse.security:tst:2009107340" version="1" comment="kernel-bigsmp is <2.6.16.60-0.97.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63904 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 63905 <state state_ref="oval:org.opensuse.security:ste:2009040551"/> 63906 </rpminfo_test> 63907 <rpminfo_test id="oval:org.opensuse.security:tst:2009074611" version="1" comment="kernel-default is <2.6.16.60-0.97.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63908 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 63909 <state state_ref="oval:org.opensuse.security:ste:2009040551"/> 63910 </rpminfo_test> 63911 <rpminfo_test id="oval:org.opensuse.security:tst:2009074614" version="1" comment="kernel-smp is <2.6.16.60-0.97.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63912 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 63913 <state state_ref="oval:org.opensuse.security:ste:2009040551"/> 63914 </rpminfo_test> 63915 <rpminfo_test id="oval:org.opensuse.security:tst:2009074612" version="1" comment="kernel-source is <2.6.16.60-0.97.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63916 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 63917 <state state_ref="oval:org.opensuse.security:ste:2009040551"/> 63918 </rpminfo_test> 63919 <rpminfo_test id="oval:org.opensuse.security:tst:2009074613" version="1" comment="kernel-syms is <2.6.16.60-0.97.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63920 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 63921 <state state_ref="oval:org.opensuse.security:ste:2009040551"/> 63922 </rpminfo_test> 63923 <rpminfo_test id="oval:org.opensuse.security:tst:2009074615" version="1" comment="kernel-xen is <2.6.16.60-0.97.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63924 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 63925 <state state_ref="oval:org.opensuse.security:ste:2009040551"/> 63926 </rpminfo_test> 63927 <rpminfo_test id="oval:org.opensuse.security:tst:2009107341" version="1" comment="kernel-xenpae is <2.6.16.60-0.97.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63928 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 63929 <state state_ref="oval:org.opensuse.security:ste:2009040551"/> 63930 </rpminfo_test> 63931 <rpminfo_test id="oval:org.opensuse.security:tst:2009073133" version="1" comment="libpng-32bit is <1.2.8-19.33.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63932 <object object_ref="oval:org.opensuse.security:obj:2009030638"/> 63933 <state state_ref="oval:org.opensuse.security:ste:2009040374"/> 63934 </rpminfo_test> 63935 <rpminfo_test id="oval:org.opensuse.security:tst:2009073134" version="1" comment="libpng-devel-32bit is <1.2.8-19.33.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63936 <object object_ref="oval:org.opensuse.security:obj:2009031449"/> 63937 <state state_ref="oval:org.opensuse.security:ste:2009040374"/> 63938 </rpminfo_test> 63939 <rpminfo_test id="oval:org.opensuse.security:tst:2009073135" version="1" comment="libpng-devel is <1.2.8-19.33.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63940 <object object_ref="oval:org.opensuse.security:obj:2009030639"/> 63941 <state state_ref="oval:org.opensuse.security:ste:2009040374"/> 63942 </rpminfo_test> 63943 <rpminfo_test id="oval:org.opensuse.security:tst:2009073136" version="1" comment="libpng is <1.2.8-19.33.7" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63944 <object object_ref="oval:org.opensuse.security:obj:2009030640"/> 63945 <state state_ref="oval:org.opensuse.security:ste:2009040374"/> 63946 </rpminfo_test> 63947 <rpminfo_test id="oval:org.opensuse.security:tst:2009073034" version="1" comment="MozillaFirefox-translations is <3.6.27-0.5.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63948 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 63949 <state state_ref="oval:org.opensuse.security:ste:2009040356"/> 63950 </rpminfo_test> 63951 <rpminfo_test id="oval:org.opensuse.security:tst:2009073035" version="1" comment="MozillaFirefox is <3.6.27-0.5.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63952 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 63953 <state state_ref="oval:org.opensuse.security:ste:2009040356"/> 63954 </rpminfo_test> 63955 <rpminfo_test id="oval:org.opensuse.security:tst:2009073036" version="1" comment="mozilla-xulrunner192-32bit is <1.9.2.27-0.5.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63956 <object object_ref="oval:org.opensuse.security:obj:2009033842"/> 63957 <state state_ref="oval:org.opensuse.security:ste:2009040357"/> 63958 </rpminfo_test> 63959 <rpminfo_test id="oval:org.opensuse.security:tst:2009073037" version="1" comment="mozilla-xulrunner192-gnome-32bit is <1.9.2.27-0.5.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63960 <object object_ref="oval:org.opensuse.security:obj:2009033845"/> 63961 <state state_ref="oval:org.opensuse.security:ste:2009040357"/> 63962 </rpminfo_test> 63963 <rpminfo_test id="oval:org.opensuse.security:tst:2009073038" version="1" comment="mozilla-xulrunner192-gnome is <1.9.2.27-0.5.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63964 <object object_ref="oval:org.opensuse.security:obj:2009033846"/> 63965 <state state_ref="oval:org.opensuse.security:ste:2009040357"/> 63966 </rpminfo_test> 63967 <rpminfo_test id="oval:org.opensuse.security:tst:2009073039" version="1" comment="mozilla-xulrunner192-translations-32bit is <1.9.2.27-0.5.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63968 <object object_ref="oval:org.opensuse.security:obj:2009033962"/> 63969 <state state_ref="oval:org.opensuse.security:ste:2009040357"/> 63970 </rpminfo_test> 63971 <rpminfo_test id="oval:org.opensuse.security:tst:2009073040" version="1" comment="mozilla-xulrunner192-translations is <1.9.2.27-0.5.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63972 <object object_ref="oval:org.opensuse.security:obj:2009033959"/> 63973 <state state_ref="oval:org.opensuse.security:ste:2009040357"/> 63974 </rpminfo_test> 63975 <rpminfo_test id="oval:org.opensuse.security:tst:2009073041" version="1" comment="mozilla-xulrunner192 is <1.9.2.27-0.5.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63976 <object object_ref="oval:org.opensuse.security:obj:2009033851"/> 63977 <state state_ref="oval:org.opensuse.security:ste:2009040357"/> 63978 </rpminfo_test> 63979 <rpminfo_test id="oval:org.opensuse.security:tst:2009074568" version="1" comment="libpng-32bit is <1.2.8-19.35.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63980 <object object_ref="oval:org.opensuse.security:obj:2009030638"/> 63981 <state state_ref="oval:org.opensuse.security:ste:2009040542"/> 63982 </rpminfo_test> 63983 <rpminfo_test id="oval:org.opensuse.security:tst:2009074569" version="1" comment="libpng-devel-32bit is <1.2.8-19.35.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63984 <object object_ref="oval:org.opensuse.security:obj:2009031449"/> 63985 <state state_ref="oval:org.opensuse.security:ste:2009040542"/> 63986 </rpminfo_test> 63987 <rpminfo_test id="oval:org.opensuse.security:tst:2009074570" version="1" comment="libpng-devel is <1.2.8-19.35.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63988 <object object_ref="oval:org.opensuse.security:obj:2009030639"/> 63989 <state state_ref="oval:org.opensuse.security:ste:2009040542"/> 63990 </rpminfo_test> 63991 <rpminfo_test id="oval:org.opensuse.security:tst:2009074571" version="1" comment="libpng is <1.2.8-19.35.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63992 <object object_ref="oval:org.opensuse.security:obj:2009030640"/> 63993 <state state_ref="oval:org.opensuse.security:ste:2009040542"/> 63994 </rpminfo_test> 63995 <rpminfo_test id="oval:org.opensuse.security:tst:2009074645" version="1" comment="MozillaFirefox-translations is <10.0.5-0.8.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 63996 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 63997 <state state_ref="oval:org.opensuse.security:ste:2009040556"/> 63998 </rpminfo_test> 63999 <rpminfo_test id="oval:org.opensuse.security:tst:2009074646" version="1" comment="MozillaFirefox is <10.0.5-0.8.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64000 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 64001 <state state_ref="oval:org.opensuse.security:ste:2009040556"/> 64002 </rpminfo_test> 64003 <rpminfo_test id="oval:org.opensuse.security:tst:2009074647" version="1" comment="mozilla-nspr-32bit is <4.9.1-0.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64004 <object object_ref="oval:org.opensuse.security:obj:2009032356"/> 64005 <state state_ref="oval:org.opensuse.security:ste:2009040557"/> 64006 </rpminfo_test> 64007 <rpminfo_test id="oval:org.opensuse.security:tst:2009074648" version="1" comment="mozilla-nspr-devel is <4.9.1-0.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64008 <object object_ref="oval:org.opensuse.security:obj:2009032357"/> 64009 <state state_ref="oval:org.opensuse.security:ste:2009040557"/> 64010 </rpminfo_test> 64011 <rpminfo_test id="oval:org.opensuse.security:tst:2009074649" version="1" comment="mozilla-nspr is <4.9.1-0.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64012 <object object_ref="oval:org.opensuse.security:obj:2009032358"/> 64013 <state state_ref="oval:org.opensuse.security:ste:2009040557"/> 64014 </rpminfo_test> 64015 <rpminfo_test id="oval:org.opensuse.security:tst:2009074650" version="1" comment="mozilla-nss-32bit is <3.13.5-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64016 <object object_ref="oval:org.opensuse.security:obj:2009032437"/> 64017 <state state_ref="oval:org.opensuse.security:ste:2009040558"/> 64018 </rpminfo_test> 64019 <rpminfo_test id="oval:org.opensuse.security:tst:2009074651" version="1" comment="mozilla-nss-devel is <3.13.5-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64020 <object object_ref="oval:org.opensuse.security:obj:2009032439"/> 64021 <state state_ref="oval:org.opensuse.security:ste:2009040558"/> 64022 </rpminfo_test> 64023 <rpminfo_test id="oval:org.opensuse.security:tst:2009074652" version="1" comment="mozilla-nss-tools is <3.13.5-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64024 <object object_ref="oval:org.opensuse.security:obj:2009032444"/> 64025 <state state_ref="oval:org.opensuse.security:ste:2009040558"/> 64026 </rpminfo_test> 64027 <rpminfo_test id="oval:org.opensuse.security:tst:2009074653" version="1" comment="mozilla-nss is <3.13.5-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64028 <object object_ref="oval:org.opensuse.security:obj:2009032440"/> 64029 <state state_ref="oval:org.opensuse.security:ste:2009040558"/> 64030 </rpminfo_test> 64031 <rpminfo_test id="oval:org.opensuse.security:tst:2009074776" version="1" comment="libxml2-32bit is <2.6.23-15.31.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64032 <object object_ref="oval:org.opensuse.security:obj:2009030809"/> 64033 <state state_ref="oval:org.opensuse.security:ste:2009040575"/> 64034 </rpminfo_test> 64035 <rpminfo_test id="oval:org.opensuse.security:tst:2009074777" version="1" comment="libxml2-devel-32bit is <2.6.23-15.31.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64036 <object object_ref="oval:org.opensuse.security:obj:2009031522"/> 64037 <state state_ref="oval:org.opensuse.security:ste:2009040575"/> 64038 </rpminfo_test> 64039 <rpminfo_test id="oval:org.opensuse.security:tst:2009074778" version="1" comment="libxml2-devel is <2.6.23-15.31.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64040 <object object_ref="oval:org.opensuse.security:obj:2009030405"/> 64041 <state state_ref="oval:org.opensuse.security:ste:2009040575"/> 64042 </rpminfo_test> 64043 <rpminfo_test id="oval:org.opensuse.security:tst:2009074779" version="1" comment="libxml2 is <2.6.23-15.31.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64044 <object object_ref="oval:org.opensuse.security:obj:2009030406"/> 64045 <state state_ref="oval:org.opensuse.security:ste:2009040575"/> 64046 </rpminfo_test> 64047 <rpminfo_test id="oval:org.opensuse.security:tst:2009070531" version="1" comment="pure-ftpd is <1.0.22-0.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64048 <object object_ref="oval:org.opensuse.security:obj:2009031078"/> 64049 <state state_ref="oval:org.opensuse.security:ste:2009039938"/> 64050 </rpminfo_test> 64051 <rpminfo_test id="oval:org.opensuse.security:tst:2009071484" version="1" comment="openssl-32bit is <0.9.8a-18.54.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64052 <object object_ref="oval:org.opensuse.security:obj:2009030634"/> 64053 <state state_ref="oval:org.opensuse.security:ste:2009040054"/> 64054 </rpminfo_test> 64055 <rpminfo_test id="oval:org.opensuse.security:tst:2009071485" version="1" comment="openssl-devel-32bit is <0.9.8a-18.54.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64056 <object object_ref="oval:org.opensuse.security:obj:2009030635"/> 64057 <state state_ref="oval:org.opensuse.security:ste:2009040054"/> 64058 </rpminfo_test> 64059 <rpminfo_test id="oval:org.opensuse.security:tst:2009071486" version="1" comment="openssl-devel is <0.9.8a-18.54.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64060 <object object_ref="oval:org.opensuse.security:obj:2009030587"/> 64061 <state state_ref="oval:org.opensuse.security:ste:2009040054"/> 64062 </rpminfo_test> 64063 <rpminfo_test id="oval:org.opensuse.security:tst:2009071487" version="1" comment="openssl is <0.9.8a-18.54.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64064 <object object_ref="oval:org.opensuse.security:obj:2009030588"/> 64065 <state state_ref="oval:org.opensuse.security:ste:2009040054"/> 64066 </rpminfo_test> 64067 <rpminfo_test id="oval:org.opensuse.security:tst:2009071683" version="1" comment="popt-32bit is <1.7-271.42.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64068 <object object_ref="oval:org.opensuse.security:obj:2009032528"/> 64069 <state state_ref="oval:org.opensuse.security:ste:2009040098"/> 64070 </rpminfo_test> 64071 <rpminfo_test id="oval:org.opensuse.security:tst:2009071684" version="1" comment="popt-devel-32bit is <1.7-271.42.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64072 <object object_ref="oval:org.opensuse.security:obj:2009032529"/> 64073 <state state_ref="oval:org.opensuse.security:ste:2009040098"/> 64074 </rpminfo_test> 64075 <rpminfo_test id="oval:org.opensuse.security:tst:2009071685" version="1" comment="popt-devel is <1.7-271.42.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64076 <object object_ref="oval:org.opensuse.security:obj:2009032530"/> 64077 <state state_ref="oval:org.opensuse.security:ste:2009040098"/> 64078 </rpminfo_test> 64079 <rpminfo_test id="oval:org.opensuse.security:tst:2009071686" version="1" comment="popt is <1.7-271.42.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64080 <object object_ref="oval:org.opensuse.security:obj:2009032531"/> 64081 <state state_ref="oval:org.opensuse.security:ste:2009040098"/> 64082 </rpminfo_test> 64083 <rpminfo_test id="oval:org.opensuse.security:tst:2009071687" version="1" comment="rpm-devel is <4.4.2-43.42.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64084 <object object_ref="oval:org.opensuse.security:obj:2009032539"/> 64085 <state state_ref="oval:org.opensuse.security:ste:2009040099"/> 64086 </rpminfo_test> 64087 <rpminfo_test id="oval:org.opensuse.security:tst:2009071688" version="1" comment="rpm-python is <4.4.2-43.42.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64088 <object object_ref="oval:org.opensuse.security:obj:2009032540"/> 64089 <state state_ref="oval:org.opensuse.security:ste:2009040099"/> 64090 </rpminfo_test> 64091 <rpminfo_test id="oval:org.opensuse.security:tst:2009071689" version="1" comment="rpm is <4.4.2-43.42.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64092 <object object_ref="oval:org.opensuse.security:obj:2009032541"/> 64093 <state state_ref="oval:org.opensuse.security:ste:2009040099"/> 64094 </rpminfo_test> 64095 <rpminfo_test id="oval:org.opensuse.security:tst:2009074166" version="1" comment="java-1_5_0-ibm-32bit is <1.5.0_sr13.1-0.8.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64096 <object object_ref="oval:org.opensuse.security:obj:2009032707"/> 64097 <state state_ref="oval:org.opensuse.security:ste:2009040478"/> 64098 </rpminfo_test> 64099 <rpminfo_test id="oval:org.opensuse.security:tst:2009074167" version="1" comment="java-1_5_0-ibm-alsa-32bit is <1.5.0_sr13.1-0.8.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64100 <object object_ref="oval:org.opensuse.security:obj:2009032708"/> 64101 <state state_ref="oval:org.opensuse.security:ste:2009040478"/> 64102 </rpminfo_test> 64103 <rpminfo_test id="oval:org.opensuse.security:tst:2009074168" version="1" comment="java-1_5_0-ibm-alsa is <1.5.0_sr13.1-0.8.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64104 <object object_ref="oval:org.opensuse.security:obj:2009032709"/> 64105 <state state_ref="oval:org.opensuse.security:ste:2009040478"/> 64106 </rpminfo_test> 64107 <rpminfo_test id="oval:org.opensuse.security:tst:2009074169" version="1" comment="java-1_5_0-ibm-demo is <1.5.0_sr13.1-0.8.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64108 <object object_ref="oval:org.opensuse.security:obj:2009032710"/> 64109 <state state_ref="oval:org.opensuse.security:ste:2009040478"/> 64110 </rpminfo_test> 64111 <rpminfo_test id="oval:org.opensuse.security:tst:2009074170" version="1" comment="java-1_5_0-ibm-devel-32bit is <1.5.0_sr13.1-0.8.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64112 <object object_ref="oval:org.opensuse.security:obj:2009032711"/> 64113 <state state_ref="oval:org.opensuse.security:ste:2009040478"/> 64114 </rpminfo_test> 64115 <rpminfo_test id="oval:org.opensuse.security:tst:2009074171" version="1" comment="java-1_5_0-ibm-devel is <1.5.0_sr13.1-0.8.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64116 <object object_ref="oval:org.opensuse.security:obj:2009032712"/> 64117 <state state_ref="oval:org.opensuse.security:ste:2009040478"/> 64118 </rpminfo_test> 64119 <rpminfo_test id="oval:org.opensuse.security:tst:2009074172" version="1" comment="java-1_5_0-ibm-fonts is <1.5.0_sr13.1-0.8.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64120 <object object_ref="oval:org.opensuse.security:obj:2009032773"/> 64121 <state state_ref="oval:org.opensuse.security:ste:2009040478"/> 64122 </rpminfo_test> 64123 <rpminfo_test id="oval:org.opensuse.security:tst:2009074173" version="1" comment="java-1_5_0-ibm-jdbc is <1.5.0_sr13.1-0.8.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64124 <object object_ref="oval:org.opensuse.security:obj:2009032713"/> 64125 <state state_ref="oval:org.opensuse.security:ste:2009040478"/> 64126 </rpminfo_test> 64127 <rpminfo_test id="oval:org.opensuse.security:tst:2009074174" version="1" comment="java-1_5_0-ibm-plugin is <1.5.0_sr13.1-0.8.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64128 <object object_ref="oval:org.opensuse.security:obj:2009032714"/> 64129 <state state_ref="oval:org.opensuse.security:ste:2009040478"/> 64130 </rpminfo_test> 64131 <rpminfo_test id="oval:org.opensuse.security:tst:2009074175" version="1" comment="java-1_5_0-ibm-src is <1.5.0_sr13.1-0.8.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64132 <object object_ref="oval:org.opensuse.security:obj:2009032715"/> 64133 <state state_ref="oval:org.opensuse.security:ste:2009040478"/> 64134 </rpminfo_test> 64135 <rpminfo_test id="oval:org.opensuse.security:tst:2009074176" version="1" comment="java-1_5_0-ibm is <1.5.0_sr13.1-0.8.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64136 <object object_ref="oval:org.opensuse.security:obj:2009032716"/> 64137 <state state_ref="oval:org.opensuse.security:ste:2009040478"/> 64138 </rpminfo_test> 64139 <rpminfo_test id="oval:org.opensuse.security:tst:2009072886" version="1" comment="curl-32bit is <7.15.1-19.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64140 <object object_ref="oval:org.opensuse.security:obj:2009030528"/> 64141 <state state_ref="oval:org.opensuse.security:ste:2009040315"/> 64142 </rpminfo_test> 64143 <rpminfo_test id="oval:org.opensuse.security:tst:2009072887" version="1" comment="curl-devel is <7.15.1-19.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64144 <object object_ref="oval:org.opensuse.security:obj:2009030595"/> 64145 <state state_ref="oval:org.opensuse.security:ste:2009040315"/> 64146 </rpminfo_test> 64147 <rpminfo_test id="oval:org.opensuse.security:tst:2009072888" version="1" comment="curl is <7.15.1-19.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64148 <object object_ref="oval:org.opensuse.security:obj:2009030596"/> 64149 <state state_ref="oval:org.opensuse.security:ste:2009040315"/> 64150 </rpminfo_test> 64151 <rpminfo_test id="oval:org.opensuse.security:tst:2009072098" version="1" comment="java-1_5_0-ibm-32bit is <1.5.0_sr13.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64152 <object object_ref="oval:org.opensuse.security:obj:2009032707"/> 64153 <state state_ref="oval:org.opensuse.security:ste:2009040177"/> 64154 </rpminfo_test> 64155 <rpminfo_test id="oval:org.opensuse.security:tst:2009072099" version="1" comment="java-1_5_0-ibm-alsa-32bit is <1.5.0_sr13.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64156 <object object_ref="oval:org.opensuse.security:obj:2009032708"/> 64157 <state state_ref="oval:org.opensuse.security:ste:2009040177"/> 64158 </rpminfo_test> 64159 <rpminfo_test id="oval:org.opensuse.security:tst:2009072100" version="1" comment="java-1_5_0-ibm-alsa is <1.5.0_sr13.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64160 <object object_ref="oval:org.opensuse.security:obj:2009032709"/> 64161 <state state_ref="oval:org.opensuse.security:ste:2009040177"/> 64162 </rpminfo_test> 64163 <rpminfo_test id="oval:org.opensuse.security:tst:2009072101" version="1" comment="java-1_5_0-ibm-demo is <1.5.0_sr13.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64164 <object object_ref="oval:org.opensuse.security:obj:2009032710"/> 64165 <state state_ref="oval:org.opensuse.security:ste:2009040177"/> 64166 </rpminfo_test> 64167 <rpminfo_test id="oval:org.opensuse.security:tst:2009072102" version="1" comment="java-1_5_0-ibm-devel-32bit is <1.5.0_sr13.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64168 <object object_ref="oval:org.opensuse.security:obj:2009032711"/> 64169 <state state_ref="oval:org.opensuse.security:ste:2009040177"/> 64170 </rpminfo_test> 64171 <rpminfo_test id="oval:org.opensuse.security:tst:2009072103" version="1" comment="java-1_5_0-ibm-devel is <1.5.0_sr13.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64172 <object object_ref="oval:org.opensuse.security:obj:2009032712"/> 64173 <state state_ref="oval:org.opensuse.security:ste:2009040177"/> 64174 </rpminfo_test> 64175 <rpminfo_test id="oval:org.opensuse.security:tst:2009072104" version="1" comment="java-1_5_0-ibm-fonts is <1.5.0_sr13.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64176 <object object_ref="oval:org.opensuse.security:obj:2009032773"/> 64177 <state state_ref="oval:org.opensuse.security:ste:2009040177"/> 64178 </rpminfo_test> 64179 <rpminfo_test id="oval:org.opensuse.security:tst:2009072105" version="1" comment="java-1_5_0-ibm-jdbc is <1.5.0_sr13.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64180 <object object_ref="oval:org.opensuse.security:obj:2009032713"/> 64181 <state state_ref="oval:org.opensuse.security:ste:2009040177"/> 64182 </rpminfo_test> 64183 <rpminfo_test id="oval:org.opensuse.security:tst:2009072106" version="1" comment="java-1_5_0-ibm-plugin is <1.5.0_sr13.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64184 <object object_ref="oval:org.opensuse.security:obj:2009032714"/> 64185 <state state_ref="oval:org.opensuse.security:ste:2009040177"/> 64186 </rpminfo_test> 64187 <rpminfo_test id="oval:org.opensuse.security:tst:2009072107" version="1" comment="java-1_5_0-ibm-src is <1.5.0_sr13.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64188 <object object_ref="oval:org.opensuse.security:obj:2009032715"/> 64189 <state state_ref="oval:org.opensuse.security:ste:2009040177"/> 64190 </rpminfo_test> 64191 <rpminfo_test id="oval:org.opensuse.security:tst:2009072108" version="1" comment="java-1_5_0-ibm is <1.5.0_sr13.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64192 <object object_ref="oval:org.opensuse.security:obj:2009032716"/> 64193 <state state_ref="oval:org.opensuse.security:ste:2009040177"/> 64194 </rpminfo_test> 64195 <rpminfo_test id="oval:org.opensuse.security:tst:2009071603" version="1" comment="clamav is <0.97.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64196 <object object_ref="oval:org.opensuse.security:obj:2009030961"/> 64197 <state state_ref="oval:org.opensuse.security:ste:2009040082"/> 64198 </rpminfo_test> 64199 <rpminfo_test id="oval:org.opensuse.security:tst:2009071955" version="1" comment="MozillaFirefox-translations is <3.6.24-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64200 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 64201 <state state_ref="oval:org.opensuse.security:ste:2009040148"/> 64202 </rpminfo_test> 64203 <rpminfo_test id="oval:org.opensuse.security:tst:2009071956" version="1" comment="MozillaFirefox is <3.6.24-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64204 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 64205 <state state_ref="oval:org.opensuse.security:ste:2009040148"/> 64206 </rpminfo_test> 64207 <rpminfo_test id="oval:org.opensuse.security:tst:2009071957" version="1" comment="mozilla-xulrunner192-32bit is <1.9.2.24-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64208 <object object_ref="oval:org.opensuse.security:obj:2009033842"/> 64209 <state state_ref="oval:org.opensuse.security:ste:2009040149"/> 64210 </rpminfo_test> 64211 <rpminfo_test id="oval:org.opensuse.security:tst:2009071958" version="1" comment="mozilla-xulrunner192-gnome-32bit is <1.9.2.24-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64212 <object object_ref="oval:org.opensuse.security:obj:2009033845"/> 64213 <state state_ref="oval:org.opensuse.security:ste:2009040149"/> 64214 </rpminfo_test> 64215 <rpminfo_test id="oval:org.opensuse.security:tst:2009071959" version="1" comment="mozilla-xulrunner192-gnome is <1.9.2.24-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64216 <object object_ref="oval:org.opensuse.security:obj:2009033846"/> 64217 <state state_ref="oval:org.opensuse.security:ste:2009040149"/> 64218 </rpminfo_test> 64219 <rpminfo_test id="oval:org.opensuse.security:tst:2009071960" version="1" comment="mozilla-xulrunner192-translations-32bit is <1.9.2.24-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64220 <object object_ref="oval:org.opensuse.security:obj:2009033962"/> 64221 <state state_ref="oval:org.opensuse.security:ste:2009040149"/> 64222 </rpminfo_test> 64223 <rpminfo_test id="oval:org.opensuse.security:tst:2009071961" version="1" comment="mozilla-xulrunner192-translations is <1.9.2.24-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64224 <object object_ref="oval:org.opensuse.security:obj:2009033959"/> 64225 <state state_ref="oval:org.opensuse.security:ste:2009040149"/> 64226 </rpminfo_test> 64227 <rpminfo_test id="oval:org.opensuse.security:tst:2009071962" version="1" comment="mozilla-xulrunner192 is <1.9.2.24-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64228 <object object_ref="oval:org.opensuse.security:obj:2009033851"/> 64229 <state state_ref="oval:org.opensuse.security:ste:2009040149"/> 64230 </rpminfo_test> 64231 <rpminfo_test id="oval:org.opensuse.security:tst:2009072905" version="1" comment="MozillaFirefox-translations is <3.6.26-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64232 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 64233 <state state_ref="oval:org.opensuse.security:ste:2009040321"/> 64234 </rpminfo_test> 64235 <rpminfo_test id="oval:org.opensuse.security:tst:2009072906" version="1" comment="MozillaFirefox is <3.6.26-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64236 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 64237 <state state_ref="oval:org.opensuse.security:ste:2009040321"/> 64238 </rpminfo_test> 64239 <rpminfo_test id="oval:org.opensuse.security:tst:2009072907" version="1" comment="mozilla-xulrunner192-32bit is <1.9.2.26-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64240 <object object_ref="oval:org.opensuse.security:obj:2009033842"/> 64241 <state state_ref="oval:org.opensuse.security:ste:2009040322"/> 64242 </rpminfo_test> 64243 <rpminfo_test id="oval:org.opensuse.security:tst:2009072908" version="1" comment="mozilla-xulrunner192-gnome-32bit is <1.9.2.26-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64244 <object object_ref="oval:org.opensuse.security:obj:2009033845"/> 64245 <state state_ref="oval:org.opensuse.security:ste:2009040322"/> 64246 </rpminfo_test> 64247 <rpminfo_test id="oval:org.opensuse.security:tst:2009072909" version="1" comment="mozilla-xulrunner192-gnome is <1.9.2.26-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64248 <object object_ref="oval:org.opensuse.security:obj:2009033846"/> 64249 <state state_ref="oval:org.opensuse.security:ste:2009040322"/> 64250 </rpminfo_test> 64251 <rpminfo_test id="oval:org.opensuse.security:tst:2009072910" version="1" comment="mozilla-xulrunner192-translations-32bit is <1.9.2.26-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64252 <object object_ref="oval:org.opensuse.security:obj:2009033962"/> 64253 <state state_ref="oval:org.opensuse.security:ste:2009040322"/> 64254 </rpminfo_test> 64255 <rpminfo_test id="oval:org.opensuse.security:tst:2009072911" version="1" comment="mozilla-xulrunner192-translations is <1.9.2.26-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64256 <object object_ref="oval:org.opensuse.security:obj:2009033959"/> 64257 <state state_ref="oval:org.opensuse.security:ste:2009040322"/> 64258 </rpminfo_test> 64259 <rpminfo_test id="oval:org.opensuse.security:tst:2009072912" version="1" comment="mozilla-xulrunner192 is <1.9.2.26-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64260 <object object_ref="oval:org.opensuse.security:obj:2009033851"/> 64261 <state state_ref="oval:org.opensuse.security:ste:2009040322"/> 64262 </rpminfo_test> 64263 <rpminfo_test id="oval:org.opensuse.security:tst:2009072741" version="1" comment="libxml2-32bit is <2.6.23-15.27.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64264 <object object_ref="oval:org.opensuse.security:obj:2009030809"/> 64265 <state state_ref="oval:org.opensuse.security:ste:2009040284"/> 64266 </rpminfo_test> 64267 <rpminfo_test id="oval:org.opensuse.security:tst:2009072742" version="1" comment="libxml2-devel-32bit is <2.6.23-15.27.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64268 <object object_ref="oval:org.opensuse.security:obj:2009031522"/> 64269 <state state_ref="oval:org.opensuse.security:ste:2009040284"/> 64270 </rpminfo_test> 64271 <rpminfo_test id="oval:org.opensuse.security:tst:2009072743" version="1" comment="libxml2-devel is <2.6.23-15.27.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64272 <object object_ref="oval:org.opensuse.security:obj:2009030405"/> 64273 <state state_ref="oval:org.opensuse.security:ste:2009040284"/> 64274 </rpminfo_test> 64275 <rpminfo_test id="oval:org.opensuse.security:tst:2009072744" version="1" comment="libxml2 is <2.6.23-15.27.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64276 <object object_ref="oval:org.opensuse.security:obj:2009030406"/> 64277 <state state_ref="oval:org.opensuse.security:ste:2009040284"/> 64278 </rpminfo_test> 64279 <rpminfo_test id="oval:org.opensuse.security:tst:2009073438" version="1" comment="libxslt-32bit is <1.1.15-15.16.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64280 <object object_ref="oval:org.opensuse.security:obj:2009030841"/> 64281 <state state_ref="oval:org.opensuse.security:ste:2009040426"/> 64282 </rpminfo_test> 64283 <rpminfo_test id="oval:org.opensuse.security:tst:2009073439" version="1" comment="libxslt-devel-32bit is <1.1.15-15.16.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64284 <object object_ref="oval:org.opensuse.security:obj:2009031708"/> 64285 <state state_ref="oval:org.opensuse.security:ste:2009040426"/> 64286 </rpminfo_test> 64287 <rpminfo_test id="oval:org.opensuse.security:tst:2009073440" version="1" comment="libxslt-devel is <1.1.15-15.16.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64288 <object object_ref="oval:org.opensuse.security:obj:2009030842"/> 64289 <state state_ref="oval:org.opensuse.security:ste:2009040426"/> 64290 </rpminfo_test> 64291 <rpminfo_test id="oval:org.opensuse.security:tst:2009073441" version="1" comment="libxslt is <1.1.15-15.16.21" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64292 <object object_ref="oval:org.opensuse.security:obj:2009030843"/> 64293 <state state_ref="oval:org.opensuse.security:ste:2009040426"/> 64294 </rpminfo_test> 64295 <rpminfo_test id="oval:org.opensuse.security:tst:2009072185" version="1" comment="openswan is <2.4.4-18.19.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64296 <object object_ref="oval:org.opensuse.security:obj:2009031035"/> 64297 <state state_ref="oval:org.opensuse.security:ste:2009040189"/> 64298 </rpminfo_test> 64299 <rpminfo_test id="oval:org.opensuse.security:tst:2009072501" version="1" comment="openssl-32bit is <0.9.8a-18.56.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64300 <object object_ref="oval:org.opensuse.security:obj:2009030634"/> 64301 <state state_ref="oval:org.opensuse.security:ste:2009040248"/> 64302 </rpminfo_test> 64303 <rpminfo_test id="oval:org.opensuse.security:tst:2009072502" version="1" comment="openssl-devel-32bit is <0.9.8a-18.56.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64304 <object object_ref="oval:org.opensuse.security:obj:2009030635"/> 64305 <state state_ref="oval:org.opensuse.security:ste:2009040248"/> 64306 </rpminfo_test> 64307 <rpminfo_test id="oval:org.opensuse.security:tst:2009072503" version="1" comment="openssl-devel is <0.9.8a-18.56.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64308 <object object_ref="oval:org.opensuse.security:obj:2009030587"/> 64309 <state state_ref="oval:org.opensuse.security:ste:2009040248"/> 64310 </rpminfo_test> 64311 <rpminfo_test id="oval:org.opensuse.security:tst:2009072504" version="1" comment="openssl is <0.9.8a-18.56.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64312 <object object_ref="oval:org.opensuse.security:obj:2009030588"/> 64313 <state state_ref="oval:org.opensuse.security:ste:2009040248"/> 64314 </rpminfo_test> 64315 <rpminfo_test id="oval:org.opensuse.security:tst:2009072925" version="1" comment="sysconfig is <0.50.9-13.68.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64316 <object object_ref="oval:org.opensuse.security:obj:2009032547"/> 64317 <state state_ref="oval:org.opensuse.security:ste:2009040324"/> 64318 </rpminfo_test> 64319 <rpminfo_test id="oval:org.opensuse.security:tst:2009071978" version="1" comment="bind-libs-32bit is <9.6ESVR5P1-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64320 <object object_ref="oval:org.opensuse.security:obj:2009031555"/> 64321 <state state_ref="oval:org.opensuse.security:ste:2009040152"/> 64322 </rpminfo_test> 64323 <rpminfo_test id="oval:org.opensuse.security:tst:2009071979" version="1" comment="bind-libs is <9.6ESVR5P1-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64324 <object object_ref="oval:org.opensuse.security:obj:2009031557"/> 64325 <state state_ref="oval:org.opensuse.security:ste:2009040152"/> 64326 </rpminfo_test> 64327 <rpminfo_test id="oval:org.opensuse.security:tst:2009071980" version="1" comment="bind-utils is <9.6ESVR5P1-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64328 <object object_ref="oval:org.opensuse.security:obj:2009030649"/> 64329 <state state_ref="oval:org.opensuse.security:ste:2009040152"/> 64330 </rpminfo_test> 64331 <rpminfo_test id="oval:org.opensuse.security:tst:2009072254" version="1" comment="libjasper-32bit is <1.701.0-16.15.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64332 <object object_ref="oval:org.opensuse.security:obj:2009030857"/> 64333 <state state_ref="oval:org.opensuse.security:ste:2009040205"/> 64334 </rpminfo_test> 64335 <rpminfo_test id="oval:org.opensuse.security:tst:2009072255" version="1" comment="libjasper is <1.701.0-16.15.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64336 <object object_ref="oval:org.opensuse.security:obj:2009030858"/> 64337 <state state_ref="oval:org.opensuse.security:ste:2009040205"/> 64338 </rpminfo_test> 64339 <rpminfo_test id="oval:org.opensuse.security:tst:2009073398" version="1" comment="libreoffice-af is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64340 <object object_ref="oval:org.opensuse.security:obj:2009034666"/> 64341 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64342 </rpminfo_test> 64343 <rpminfo_test id="oval:org.opensuse.security:tst:2009073399" version="1" comment="libreoffice-ar is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64344 <object object_ref="oval:org.opensuse.security:obj:2009034667"/> 64345 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64346 </rpminfo_test> 64347 <rpminfo_test id="oval:org.opensuse.security:tst:2009073400" version="1" comment="libreoffice-ca is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64348 <object object_ref="oval:org.opensuse.security:obj:2009034668"/> 64349 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64350 </rpminfo_test> 64351 <rpminfo_test id="oval:org.opensuse.security:tst:2009073401" version="1" comment="libreoffice-cs is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64352 <object object_ref="oval:org.opensuse.security:obj:2009034669"/> 64353 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64354 </rpminfo_test> 64355 <rpminfo_test id="oval:org.opensuse.security:tst:2009073402" version="1" comment="libreoffice-da is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64356 <object object_ref="oval:org.opensuse.security:obj:2009034670"/> 64357 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64358 </rpminfo_test> 64359 <rpminfo_test id="oval:org.opensuse.security:tst:2009073403" version="1" comment="libreoffice-de is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64360 <object object_ref="oval:org.opensuse.security:obj:2009034672"/> 64361 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64362 </rpminfo_test> 64363 <rpminfo_test id="oval:org.opensuse.security:tst:2009073404" version="1" comment="libreoffice-el is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64364 <object object_ref="oval:org.opensuse.security:obj:2009034673"/> 64365 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64366 </rpminfo_test> 64367 <rpminfo_test id="oval:org.opensuse.security:tst:2009073405" version="1" comment="libreoffice-en-GB is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64368 <object object_ref="oval:org.opensuse.security:obj:2009034674"/> 64369 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64370 </rpminfo_test> 64371 <rpminfo_test id="oval:org.opensuse.security:tst:2009073406" version="1" comment="libreoffice-es is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64372 <object object_ref="oval:org.opensuse.security:obj:2009034675"/> 64373 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64374 </rpminfo_test> 64375 <rpminfo_test id="oval:org.opensuse.security:tst:2009073407" version="1" comment="libreoffice-fi is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64376 <object object_ref="oval:org.opensuse.security:obj:2009034676"/> 64377 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64378 </rpminfo_test> 64379 <rpminfo_test id="oval:org.opensuse.security:tst:2009073408" version="1" comment="libreoffice-fr is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64380 <object object_ref="oval:org.opensuse.security:obj:2009034677"/> 64381 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64382 </rpminfo_test> 64383 <rpminfo_test id="oval:org.opensuse.security:tst:2009073409" version="1" comment="libreoffice-galleries is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64384 <object object_ref="oval:org.opensuse.security:obj:2009034678"/> 64385 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64386 </rpminfo_test> 64387 <rpminfo_test id="oval:org.opensuse.security:tst:2009073410" version="1" comment="libreoffice-gnome is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64388 <object object_ref="oval:org.opensuse.security:obj:2009034098"/> 64389 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64390 </rpminfo_test> 64391 <rpminfo_test id="oval:org.opensuse.security:tst:2009073411" version="1" comment="libreoffice-gu-IN is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64392 <object object_ref="oval:org.opensuse.security:obj:2009034679"/> 64393 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64394 </rpminfo_test> 64395 <rpminfo_test id="oval:org.opensuse.security:tst:2009073412" version="1" comment="libreoffice-hi-IN is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64396 <object object_ref="oval:org.opensuse.security:obj:2009034680"/> 64397 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64398 </rpminfo_test> 64399 <rpminfo_test id="oval:org.opensuse.security:tst:2009073413" version="1" comment="libreoffice-hu is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64400 <object object_ref="oval:org.opensuse.security:obj:2009034681"/> 64401 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64402 </rpminfo_test> 64403 <rpminfo_test id="oval:org.opensuse.security:tst:2009073414" version="1" comment="libreoffice-it is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64404 <object object_ref="oval:org.opensuse.security:obj:2009034682"/> 64405 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64406 </rpminfo_test> 64407 <rpminfo_test id="oval:org.opensuse.security:tst:2009073415" version="1" comment="libreoffice-ja is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64408 <object object_ref="oval:org.opensuse.security:obj:2009034683"/> 64409 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64410 </rpminfo_test> 64411 <rpminfo_test id="oval:org.opensuse.security:tst:2009073416" version="1" comment="libreoffice-kde is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64412 <object object_ref="oval:org.opensuse.security:obj:2009034124"/> 64413 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64414 </rpminfo_test> 64415 <rpminfo_test id="oval:org.opensuse.security:tst:2009073417" version="1" comment="libreoffice-ko is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64416 <object object_ref="oval:org.opensuse.security:obj:2009034684"/> 64417 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64418 </rpminfo_test> 64419 <rpminfo_test id="oval:org.opensuse.security:tst:2009073418" version="1" comment="libreoffice-mono is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64420 <object object_ref="oval:org.opensuse.security:obj:2009034162"/> 64421 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64422 </rpminfo_test> 64423 <rpminfo_test id="oval:org.opensuse.security:tst:2009073419" version="1" comment="libreoffice-nb is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64424 <object object_ref="oval:org.opensuse.security:obj:2009034685"/> 64425 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64426 </rpminfo_test> 64427 <rpminfo_test id="oval:org.opensuse.security:tst:2009073420" version="1" comment="libreoffice-nl is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64428 <object object_ref="oval:org.opensuse.security:obj:2009034686"/> 64429 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64430 </rpminfo_test> 64431 <rpminfo_test id="oval:org.opensuse.security:tst:2009073421" version="1" comment="libreoffice-nn is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64432 <object object_ref="oval:org.opensuse.security:obj:2009034687"/> 64433 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64434 </rpminfo_test> 64435 <rpminfo_test id="oval:org.opensuse.security:tst:2009073422" version="1" comment="libreoffice-pl is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64436 <object object_ref="oval:org.opensuse.security:obj:2009034688"/> 64437 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64438 </rpminfo_test> 64439 <rpminfo_test id="oval:org.opensuse.security:tst:2009073423" version="1" comment="libreoffice-pt-BR is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64440 <object object_ref="oval:org.opensuse.security:obj:2009034689"/> 64441 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64442 </rpminfo_test> 64443 <rpminfo_test id="oval:org.opensuse.security:tst:2009073424" version="1" comment="libreoffice-ru is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64444 <object object_ref="oval:org.opensuse.security:obj:2009034690"/> 64445 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64446 </rpminfo_test> 64447 <rpminfo_test id="oval:org.opensuse.security:tst:2009073425" version="1" comment="libreoffice-sk is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64448 <object object_ref="oval:org.opensuse.security:obj:2009034691"/> 64449 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64450 </rpminfo_test> 64451 <rpminfo_test id="oval:org.opensuse.security:tst:2009073426" version="1" comment="libreoffice-sv is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64452 <object object_ref="oval:org.opensuse.security:obj:2009034692"/> 64453 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64454 </rpminfo_test> 64455 <rpminfo_test id="oval:org.opensuse.security:tst:2009073427" version="1" comment="libreoffice-xh is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64456 <object object_ref="oval:org.opensuse.security:obj:2009034693"/> 64457 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64458 </rpminfo_test> 64459 <rpminfo_test id="oval:org.opensuse.security:tst:2009073428" version="1" comment="libreoffice-zh-CN is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64460 <object object_ref="oval:org.opensuse.security:obj:2009034694"/> 64461 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64462 </rpminfo_test> 64463 <rpminfo_test id="oval:org.opensuse.security:tst:2009073429" version="1" comment="libreoffice-zh-TW is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64464 <object object_ref="oval:org.opensuse.security:obj:2009034695"/> 64465 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64466 </rpminfo_test> 64467 <rpminfo_test id="oval:org.opensuse.security:tst:2009073430" version="1" comment="libreoffice-zu is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64468 <object object_ref="oval:org.opensuse.security:obj:2009034696"/> 64469 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64470 </rpminfo_test> 64471 <rpminfo_test id="oval:org.opensuse.security:tst:2009073431" version="1" comment="libreoffice is <3.4.5.5-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64472 <object object_ref="oval:org.opensuse.security:obj:2009034188"/> 64473 <state state_ref="oval:org.opensuse.security:ste:2009040423"/> 64474 </rpminfo_test> 64475 <rpminfo_test id="oval:org.opensuse.security:tst:2009075431" version="1" comment="openssh-askpass is <5.1p1-41.12.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64476 <object object_ref="oval:org.opensuse.security:obj:2009030583"/> 64477 <state state_ref="oval:org.opensuse.security:ste:2009040668"/> 64478 </rpminfo_test> 64479 <rpminfo_test id="oval:org.opensuse.security:tst:2009075432" version="1" comment="openssh is <5.1p1-41.12.8" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64480 <object object_ref="oval:org.opensuse.security:obj:2009030403"/> 64481 <state state_ref="oval:org.opensuse.security:ste:2009040668"/> 64482 </rpminfo_test> 64483 <rpminfo_test id="oval:org.opensuse.security:tst:2009073022" version="1" comment="wireshark is <1.4.11-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64484 <object object_ref="oval:org.opensuse.security:obj:2009031055"/> 64485 <state state_ref="oval:org.opensuse.security:ste:2009040352"/> 64486 </rpminfo_test> 64487 <rpminfo_test id="oval:org.opensuse.security:tst:2009073005" version="1" comment="openssl-32bit is <0.9.8a-18.60.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64488 <object object_ref="oval:org.opensuse.security:obj:2009030634"/> 64489 <state state_ref="oval:org.opensuse.security:ste:2009040345"/> 64490 </rpminfo_test> 64491 <rpminfo_test id="oval:org.opensuse.security:tst:2009073006" version="1" comment="openssl-devel-32bit is <0.9.8a-18.60.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64492 <object object_ref="oval:org.opensuse.security:obj:2009030635"/> 64493 <state state_ref="oval:org.opensuse.security:ste:2009040345"/> 64494 </rpminfo_test> 64495 <rpminfo_test id="oval:org.opensuse.security:tst:2009073007" version="1" comment="openssl-devel is <0.9.8a-18.60.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64496 <object object_ref="oval:org.opensuse.security:obj:2009030587"/> 64497 <state state_ref="oval:org.opensuse.security:ste:2009040345"/> 64498 </rpminfo_test> 64499 <rpminfo_test id="oval:org.opensuse.security:tst:2009073008" version="1" comment="openssl is <0.9.8a-18.60.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64500 <object object_ref="oval:org.opensuse.security:obj:2009030588"/> 64501 <state state_ref="oval:org.opensuse.security:ste:2009040345"/> 64502 </rpminfo_test> 64503 <rpminfo_test id="oval:org.opensuse.security:tst:2009074260" version="1" comment="popt-devel is <1.7-271.46.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64504 <object object_ref="oval:org.opensuse.security:obj:2009032530"/> 64505 <state state_ref="oval:org.opensuse.security:ste:2009040490"/> 64506 </rpminfo_test> 64507 <rpminfo_test id="oval:org.opensuse.security:tst:2009074261" version="1" comment="popt is <1.7-271.46.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64508 <object object_ref="oval:org.opensuse.security:obj:2009032531"/> 64509 <state state_ref="oval:org.opensuse.security:ste:2009040490"/> 64510 </rpminfo_test> 64511 <rpminfo_test id="oval:org.opensuse.security:tst:2009074262" version="1" comment="rpm-devel is <4.4.2-43.46.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64512 <object object_ref="oval:org.opensuse.security:obj:2009032539"/> 64513 <state state_ref="oval:org.opensuse.security:ste:2009040491"/> 64514 </rpminfo_test> 64515 <rpminfo_test id="oval:org.opensuse.security:tst:2009074263" version="1" comment="rpm-python is <4.4.2-43.46.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64516 <object object_ref="oval:org.opensuse.security:obj:2009032540"/> 64517 <state state_ref="oval:org.opensuse.security:ste:2009040491"/> 64518 </rpminfo_test> 64519 <rpminfo_test id="oval:org.opensuse.security:tst:2009074264" version="1" comment="rpm is <4.4.2-43.46.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64520 <object object_ref="oval:org.opensuse.security:obj:2009032541"/> 64521 <state state_ref="oval:org.opensuse.security:ste:2009040491"/> 64522 </rpminfo_test> 64523 <rpminfo_test id="oval:org.opensuse.security:tst:2009074258" version="1" comment="popt-32bit is <1.7-271.46.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64524 <object object_ref="oval:org.opensuse.security:obj:2009032528"/> 64525 <state state_ref="oval:org.opensuse.security:ste:2009040490"/> 64526 </rpminfo_test> 64527 <rpminfo_test id="oval:org.opensuse.security:tst:2009074259" version="1" comment="popt-devel-32bit is <1.7-271.46.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64528 <object object_ref="oval:org.opensuse.security:obj:2009032529"/> 64529 <state state_ref="oval:org.opensuse.security:ste:2009040490"/> 64530 </rpminfo_test> 64531 <rpminfo_test id="oval:org.opensuse.security:tst:2009074544" version="1" comment="xen-devel is <3.2.3_17040_38-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64532 <object object_ref="oval:org.opensuse.security:obj:2009031479"/> 64533 <state state_ref="oval:org.opensuse.security:ste:2009040538"/> 64534 </rpminfo_test> 64535 <rpminfo_test id="oval:org.opensuse.security:tst:2009074545" version="1" comment="xen-doc-html is <3.2.3_17040_38-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64536 <object object_ref="oval:org.opensuse.security:obj:2009031480"/> 64537 <state state_ref="oval:org.opensuse.security:ste:2009040538"/> 64538 </rpminfo_test> 64539 <rpminfo_test id="oval:org.opensuse.security:tst:2009074546" version="1" comment="xen-doc-pdf is <3.2.3_17040_38-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64540 <object object_ref="oval:org.opensuse.security:obj:2009031481"/> 64541 <state state_ref="oval:org.opensuse.security:ste:2009040538"/> 64542 </rpminfo_test> 64543 <rpminfo_test id="oval:org.opensuse.security:tst:2009074547" version="1" comment="xen-doc-ps is <3.2.3_17040_38-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64544 <object object_ref="oval:org.opensuse.security:obj:2009032233"/> 64545 <state state_ref="oval:org.opensuse.security:ste:2009040538"/> 64546 </rpminfo_test> 64547 <rpminfo_test id="oval:org.opensuse.security:tst:2009074548" version="1" comment="xen-kmp-bigsmp is <3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64548 <object object_ref="oval:org.opensuse.security:obj:2009034576"/> 64549 <state state_ref="oval:org.opensuse.security:ste:2009040539"/> 64550 </rpminfo_test> 64551 <rpminfo_test id="oval:org.opensuse.security:tst:2009074549" version="1" comment="xen-kmp-default is <3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64552 <object object_ref="oval:org.opensuse.security:obj:2009033788"/> 64553 <state state_ref="oval:org.opensuse.security:ste:2009040539"/> 64554 </rpminfo_test> 64555 <rpminfo_test id="oval:org.opensuse.security:tst:2009074550" version="1" comment="xen-kmp-smp is <3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64556 <object object_ref="oval:org.opensuse.security:obj:2009034577"/> 64557 <state state_ref="oval:org.opensuse.security:ste:2009040539"/> 64558 </rpminfo_test> 64559 <rpminfo_test id="oval:org.opensuse.security:tst:2009074551" version="1" comment="xen-libs-32bit is <3.2.3_17040_38-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64560 <object object_ref="oval:org.opensuse.security:obj:2009032234"/> 64561 <state state_ref="oval:org.opensuse.security:ste:2009040538"/> 64562 </rpminfo_test> 64563 <rpminfo_test id="oval:org.opensuse.security:tst:2009074552" version="1" comment="xen-libs is <3.2.3_17040_38-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64564 <object object_ref="oval:org.opensuse.security:obj:2009031482"/> 64565 <state state_ref="oval:org.opensuse.security:ste:2009040538"/> 64566 </rpminfo_test> 64567 <rpminfo_test id="oval:org.opensuse.security:tst:2009074553" version="1" comment="xen-tools-domU is <3.2.3_17040_38-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64568 <object object_ref="oval:org.opensuse.security:obj:2009031483"/> 64569 <state state_ref="oval:org.opensuse.security:ste:2009040538"/> 64570 </rpminfo_test> 64571 <rpminfo_test id="oval:org.opensuse.security:tst:2009074554" version="1" comment="xen-tools-ioemu is <3.2.3_17040_38-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64572 <object object_ref="oval:org.opensuse.security:obj:2009031484"/> 64573 <state state_ref="oval:org.opensuse.security:ste:2009040538"/> 64574 </rpminfo_test> 64575 <rpminfo_test id="oval:org.opensuse.security:tst:2009074555" version="1" comment="xen-tools is <3.2.3_17040_38-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64576 <object object_ref="oval:org.opensuse.security:obj:2009031485"/> 64577 <state state_ref="oval:org.opensuse.security:ste:2009040538"/> 64578 </rpminfo_test> 64579 <rpminfo_test id="oval:org.opensuse.security:tst:2009074556" version="1" comment="xen is <3.2.3_17040_38-0.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64580 <object object_ref="oval:org.opensuse.security:obj:2009031486"/> 64581 <state state_ref="oval:org.opensuse.security:ste:2009040538"/> 64582 </rpminfo_test> 64583 <rpminfo_test id="oval:org.opensuse.security:tst:2009074678" version="1" comment="ImageMagick-Magick++ is <6.2.5-16.34.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64584 <object object_ref="oval:org.opensuse.security:obj:2009030833"/> 64585 <state state_ref="oval:org.opensuse.security:ste:2009040561"/> 64586 </rpminfo_test> 64587 <rpminfo_test id="oval:org.opensuse.security:tst:2009074679" version="1" comment="ImageMagick-devel is <6.2.5-16.34.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64588 <object object_ref="oval:org.opensuse.security:obj:2009030421"/> 64589 <state state_ref="oval:org.opensuse.security:ste:2009040561"/> 64590 </rpminfo_test> 64591 <rpminfo_test id="oval:org.opensuse.security:tst:2009074680" version="1" comment="ImageMagick is <6.2.5-16.34.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64592 <object object_ref="oval:org.opensuse.security:obj:2009030422"/> 64593 <state state_ref="oval:org.opensuse.security:ste:2009040561"/> 64594 </rpminfo_test> 64595 <rpminfo_test id="oval:org.opensuse.security:tst:2009074681" version="1" comment="perl-PerlMagick is <6.2.5-16.34.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64596 <object object_ref="oval:org.opensuse.security:obj:2009030834"/> 64597 <state state_ref="oval:org.opensuse.security:ste:2009040561"/> 64598 </rpminfo_test> 64599 <rpminfo_test id="oval:org.opensuse.security:tst:2009074798" version="1" comment="gnutls-32bit is <1.2.10-13.30.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64600 <object object_ref="oval:org.opensuse.security:obj:2009030605"/> 64601 <state state_ref="oval:org.opensuse.security:ste:2009040583"/> 64602 </rpminfo_test> 64603 <rpminfo_test id="oval:org.opensuse.security:tst:2009074799" version="1" comment="gnutls-devel-32bit is <1.2.10-13.30.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64604 <object object_ref="oval:org.opensuse.security:obj:2009030606"/> 64605 <state state_ref="oval:org.opensuse.security:ste:2009040583"/> 64606 </rpminfo_test> 64607 <rpminfo_test id="oval:org.opensuse.security:tst:2009074800" version="1" comment="gnutls-devel is <1.2.10-13.30.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64608 <object object_ref="oval:org.opensuse.security:obj:2009030523"/> 64609 <state state_ref="oval:org.opensuse.security:ste:2009040583"/> 64610 </rpminfo_test> 64611 <rpminfo_test id="oval:org.opensuse.security:tst:2009074801" version="1" comment="gnutls is <1.2.10-13.30.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64612 <object object_ref="oval:org.opensuse.security:obj:2009030524"/> 64613 <state state_ref="oval:org.opensuse.security:ste:2009040583"/> 64614 </rpminfo_test> 64615 <rpminfo_test id="oval:org.opensuse.security:tst:2009076088" version="1" comment="inst-source-utils is <2008.11.26-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64616 <object object_ref="oval:org.opensuse.security:obj:2009034991"/> 64617 <state state_ref="oval:org.opensuse.security:ste:2009040758"/> 64618 </rpminfo_test> 64619 <rpminfo_test id="oval:org.opensuse.security:tst:2009073154" version="1" comment="libvorbis-32bit is <1.1.2-13.19.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64620 <object object_ref="oval:org.opensuse.security:obj:2009030754"/> 64621 <state state_ref="oval:org.opensuse.security:ste:2009040378"/> 64622 </rpminfo_test> 64623 <rpminfo_test id="oval:org.opensuse.security:tst:2009073155" version="1" comment="libvorbis-devel is <1.1.2-13.19.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64624 <object object_ref="oval:org.opensuse.security:obj:2009030755"/> 64625 <state state_ref="oval:org.opensuse.security:ste:2009040378"/> 64626 </rpminfo_test> 64627 <rpminfo_test id="oval:org.opensuse.security:tst:2009073156" version="1" comment="libvorbis is <1.1.2-13.19.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64628 <object object_ref="oval:org.opensuse.security:obj:2009030756"/> 64629 <state state_ref="oval:org.opensuse.security:ste:2009040378"/> 64630 </rpminfo_test> 64631 <rpminfo_test id="oval:org.opensuse.security:tst:2009073368" version="1" comment="MozillaFirefox-translations is <3.6.28-0.5.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64632 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 64633 <state state_ref="oval:org.opensuse.security:ste:2009040414"/> 64634 </rpminfo_test> 64635 <rpminfo_test id="oval:org.opensuse.security:tst:2009073369" version="1" comment="MozillaFirefox is <3.6.28-0.5.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64636 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 64637 <state state_ref="oval:org.opensuse.security:ste:2009040414"/> 64638 </rpminfo_test> 64639 <rpminfo_test id="oval:org.opensuse.security:tst:2009073370" version="1" comment="mozilla-nspr-32bit is <4.9.0-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64640 <object object_ref="oval:org.opensuse.security:obj:2009032356"/> 64641 <state state_ref="oval:org.opensuse.security:ste:2009040415"/> 64642 </rpminfo_test> 64643 <rpminfo_test id="oval:org.opensuse.security:tst:2009073371" version="1" comment="mozilla-nspr-devel is <4.9.0-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64644 <object object_ref="oval:org.opensuse.security:obj:2009032357"/> 64645 <state state_ref="oval:org.opensuse.security:ste:2009040415"/> 64646 </rpminfo_test> 64647 <rpminfo_test id="oval:org.opensuse.security:tst:2009073372" version="1" comment="mozilla-nspr is <4.9.0-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64648 <object object_ref="oval:org.opensuse.security:obj:2009032358"/> 64649 <state state_ref="oval:org.opensuse.security:ste:2009040415"/> 64650 </rpminfo_test> 64651 <rpminfo_test id="oval:org.opensuse.security:tst:2009073373" version="1" comment="mozilla-nss-32bit is <3.13.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64652 <object object_ref="oval:org.opensuse.security:obj:2009032437"/> 64653 <state state_ref="oval:org.opensuse.security:ste:2009040416"/> 64654 </rpminfo_test> 64655 <rpminfo_test id="oval:org.opensuse.security:tst:2009073374" version="1" comment="mozilla-nss-devel is <3.13.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64656 <object object_ref="oval:org.opensuse.security:obj:2009032439"/> 64657 <state state_ref="oval:org.opensuse.security:ste:2009040416"/> 64658 </rpminfo_test> 64659 <rpminfo_test id="oval:org.opensuse.security:tst:2009073375" version="1" comment="mozilla-nss-tools is <3.13.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64660 <object object_ref="oval:org.opensuse.security:obj:2009032444"/> 64661 <state state_ref="oval:org.opensuse.security:ste:2009040416"/> 64662 </rpminfo_test> 64663 <rpminfo_test id="oval:org.opensuse.security:tst:2009073376" version="1" comment="mozilla-nss is <3.13.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64664 <object object_ref="oval:org.opensuse.security:obj:2009032440"/> 64665 <state state_ref="oval:org.opensuse.security:ste:2009040416"/> 64666 </rpminfo_test> 64667 <rpminfo_test id="oval:org.opensuse.security:tst:2009073377" version="1" comment="mozilla-xulrunner192-32bit is <1.9.2.28-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64668 <object object_ref="oval:org.opensuse.security:obj:2009033842"/> 64669 <state state_ref="oval:org.opensuse.security:ste:2009040417"/> 64670 </rpminfo_test> 64671 <rpminfo_test id="oval:org.opensuse.security:tst:2009073378" version="1" comment="mozilla-xulrunner192-gnome-32bit is <1.9.2.28-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64672 <object object_ref="oval:org.opensuse.security:obj:2009033845"/> 64673 <state state_ref="oval:org.opensuse.security:ste:2009040417"/> 64674 </rpminfo_test> 64675 <rpminfo_test id="oval:org.opensuse.security:tst:2009073379" version="1" comment="mozilla-xulrunner192-gnome is <1.9.2.28-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64676 <object object_ref="oval:org.opensuse.security:obj:2009033846"/> 64677 <state state_ref="oval:org.opensuse.security:ste:2009040417"/> 64678 </rpminfo_test> 64679 <rpminfo_test id="oval:org.opensuse.security:tst:2009073380" version="1" comment="mozilla-xulrunner192-translations-32bit is <1.9.2.28-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64680 <object object_ref="oval:org.opensuse.security:obj:2009033962"/> 64681 <state state_ref="oval:org.opensuse.security:ste:2009040417"/> 64682 </rpminfo_test> 64683 <rpminfo_test id="oval:org.opensuse.security:tst:2009073381" version="1" comment="mozilla-xulrunner192-translations is <1.9.2.28-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64684 <object object_ref="oval:org.opensuse.security:obj:2009033959"/> 64685 <state state_ref="oval:org.opensuse.security:ste:2009040417"/> 64686 </rpminfo_test> 64687 <rpminfo_test id="oval:org.opensuse.security:tst:2009073382" version="1" comment="mozilla-xulrunner192 is <1.9.2.28-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64688 <object object_ref="oval:org.opensuse.security:obj:2009033851"/> 64689 <state state_ref="oval:org.opensuse.security:ste:2009040417"/> 64690 </rpminfo_test> 64691 <rpminfo_test id="oval:org.opensuse.security:tst:2009073073" version="1" comment="flash-player is <10.3.183.15-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64692 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 64693 <state state_ref="oval:org.opensuse.security:ste:2009040362"/> 64694 </rpminfo_test> 64695 <rpminfo_test id="oval:org.opensuse.security:tst:2009073204" version="1" comment="flash-player is <10.3.183.16-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64696 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 64697 <state state_ref="oval:org.opensuse.security:ste:2009040390"/> 64698 </rpminfo_test> 64699 <rpminfo_test id="oval:org.opensuse.security:tst:2009073396" version="1" comment="flash-player is <10.3.183.18-0.5.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64700 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 64701 <state state_ref="oval:org.opensuse.security:ste:2009040421"/> 64702 </rpminfo_test> 64703 <rpminfo_test id="oval:org.opensuse.security:tst:2009073827" version="1" comment="acroread-cmaps is <9.4.6-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64704 <object object_ref="oval:org.opensuse.security:obj:2009033636"/> 64705 <state state_ref="oval:org.opensuse.security:ste:2009040454"/> 64706 </rpminfo_test> 64707 <rpminfo_test id="oval:org.opensuse.security:tst:2009073828" version="1" comment="acroread-fonts-ja is <9.4.6-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64708 <object object_ref="oval:org.opensuse.security:obj:2009033637"/> 64709 <state state_ref="oval:org.opensuse.security:ste:2009040454"/> 64710 </rpminfo_test> 64711 <rpminfo_test id="oval:org.opensuse.security:tst:2009073829" version="1" comment="acroread-fonts-ko is <9.4.6-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64712 <object object_ref="oval:org.opensuse.security:obj:2009033638"/> 64713 <state state_ref="oval:org.opensuse.security:ste:2009040454"/> 64714 </rpminfo_test> 64715 <rpminfo_test id="oval:org.opensuse.security:tst:2009073830" version="1" comment="acroread-fonts-zh_CN is <9.4.6-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64716 <object object_ref="oval:org.opensuse.security:obj:2009033639"/> 64717 <state state_ref="oval:org.opensuse.security:ste:2009040454"/> 64718 </rpminfo_test> 64719 <rpminfo_test id="oval:org.opensuse.security:tst:2009073831" version="1" comment="acroread-fonts-zh_TW is <9.4.6-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64720 <object object_ref="oval:org.opensuse.security:obj:2009033640"/> 64721 <state state_ref="oval:org.opensuse.security:ste:2009040454"/> 64722 </rpminfo_test> 64723 <rpminfo_test id="oval:org.opensuse.security:tst:2009073832" version="1" comment="acroread is <9.5.1-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64724 <object object_ref="oval:org.opensuse.security:obj:2009030440"/> 64725 <state state_ref="oval:org.opensuse.security:ste:2009040455"/> 64726 </rpminfo_test> 64727 <rpminfo_test id="oval:org.opensuse.security:tst:2009074035" version="1" comment="flash-player is <11.2.202.235-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64728 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 64729 <state state_ref="oval:org.opensuse.security:ste:2009040473"/> 64730 </rpminfo_test> 64731 <rpminfo_test id="oval:org.opensuse.security:tst:2009073109" version="1" comment="cvs is <1.12.12-19.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64732 <object object_ref="oval:org.opensuse.security:obj:2009031943"/> 64733 <state state_ref="oval:org.opensuse.security:ste:2009040368"/> 64734 </rpminfo_test> 64735 <rpminfo_test id="oval:org.opensuse.security:tst:2009074274" version="1" comment="libxml2-32bit is <2.6.23-15.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64736 <object object_ref="oval:org.opensuse.security:obj:2009030809"/> 64737 <state state_ref="oval:org.opensuse.security:ste:2009040492"/> 64738 </rpminfo_test> 64739 <rpminfo_test id="oval:org.opensuse.security:tst:2009074275" version="1" comment="libxml2-devel-32bit is <2.6.23-15.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64740 <object object_ref="oval:org.opensuse.security:obj:2009031522"/> 64741 <state state_ref="oval:org.opensuse.security:ste:2009040492"/> 64742 </rpminfo_test> 64743 <rpminfo_test id="oval:org.opensuse.security:tst:2009074276" version="1" comment="libxml2-devel is <2.6.23-15.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64744 <object object_ref="oval:org.opensuse.security:obj:2009030405"/> 64745 <state state_ref="oval:org.opensuse.security:ste:2009040492"/> 64746 </rpminfo_test> 64747 <rpminfo_test id="oval:org.opensuse.security:tst:2009074277" version="1" comment="libxml2 is <2.6.23-15.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64748 <object object_ref="oval:org.opensuse.security:obj:2009030406"/> 64749 <state state_ref="oval:org.opensuse.security:ste:2009040492"/> 64750 </rpminfo_test> 64751 <rpminfo_test id="oval:org.opensuse.security:tst:2009074036" version="1" comment="glibc-32bit is <2.4-31.101.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64752 <object object_ref="oval:org.opensuse.security:obj:2009031922"/> 64753 <state state_ref="oval:org.opensuse.security:ste:2009040474"/> 64754 </rpminfo_test> 64755 <rpminfo_test id="oval:org.opensuse.security:tst:2009074037" version="1" comment="glibc-devel-32bit is <2.4-31.101.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64756 <object object_ref="oval:org.opensuse.security:obj:2009031923"/> 64757 <state state_ref="oval:org.opensuse.security:ste:2009040474"/> 64758 </rpminfo_test> 64759 <rpminfo_test id="oval:org.opensuse.security:tst:2009074038" version="1" comment="glibc-devel is <2.4-31.101.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64760 <object object_ref="oval:org.opensuse.security:obj:2009031924"/> 64761 <state state_ref="oval:org.opensuse.security:ste:2009040474"/> 64762 </rpminfo_test> 64763 <rpminfo_test id="oval:org.opensuse.security:tst:2009074039" version="1" comment="glibc-html is <2.4-31.101.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64764 <object object_ref="oval:org.opensuse.security:obj:2009032391"/> 64765 <state state_ref="oval:org.opensuse.security:ste:2009040474"/> 64766 </rpminfo_test> 64767 <rpminfo_test id="oval:org.opensuse.security:tst:2009074040" version="1" comment="glibc-i18ndata is <2.4-31.101.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64768 <object object_ref="oval:org.opensuse.security:obj:2009032392"/> 64769 <state state_ref="oval:org.opensuse.security:ste:2009040474"/> 64770 </rpminfo_test> 64771 <rpminfo_test id="oval:org.opensuse.security:tst:2009074041" version="1" comment="glibc-info is <2.4-31.101.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64772 <object object_ref="oval:org.opensuse.security:obj:2009032393"/> 64773 <state state_ref="oval:org.opensuse.security:ste:2009040474"/> 64774 </rpminfo_test> 64775 <rpminfo_test id="oval:org.opensuse.security:tst:2009074042" version="1" comment="glibc-locale-32bit is <2.4-31.101.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64776 <object object_ref="oval:org.opensuse.security:obj:2009030531"/> 64777 <state state_ref="oval:org.opensuse.security:ste:2009040474"/> 64778 </rpminfo_test> 64779 <rpminfo_test id="oval:org.opensuse.security:tst:2009074043" version="1" comment="glibc-locale is <2.4-31.101.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64780 <object object_ref="oval:org.opensuse.security:obj:2009031925"/> 64781 <state state_ref="oval:org.opensuse.security:ste:2009040474"/> 64782 </rpminfo_test> 64783 <rpminfo_test id="oval:org.opensuse.security:tst:2009074044" version="1" comment="glibc is <2.4-31.101.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64784 <object object_ref="oval:org.opensuse.security:obj:2009031926"/> 64785 <state state_ref="oval:org.opensuse.security:ste:2009040474"/> 64786 </rpminfo_test> 64787 <rpminfo_test id="oval:org.opensuse.security:tst:2009074045" version="1" comment="nscd is <2.4-31.101.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64788 <object object_ref="oval:org.opensuse.security:obj:2009032399"/> 64789 <state state_ref="oval:org.opensuse.security:ste:2009040474"/> 64790 </rpminfo_test> 64791 <rpminfo_test id="oval:org.opensuse.security:tst:2009074394" version="1" comment="postgresql-devel is <8.1.22-0.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64792 <object object_ref="oval:org.opensuse.security:obj:2009030469"/> 64793 <state state_ref="oval:org.opensuse.security:ste:2009040521"/> 64794 </rpminfo_test> 64795 <rpminfo_test id="oval:org.opensuse.security:tst:2009074395" version="1" comment="postgresql-libs-32bit is <8.1.22-0.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64796 <object object_ref="oval:org.opensuse.security:obj:2009030626"/> 64797 <state state_ref="oval:org.opensuse.security:ste:2009040521"/> 64798 </rpminfo_test> 64799 <rpminfo_test id="oval:org.opensuse.security:tst:2009074396" version="1" comment="postgresql-libs is <8.1.22-0.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64800 <object object_ref="oval:org.opensuse.security:obj:2009030471"/> 64801 <state state_ref="oval:org.opensuse.security:ste:2009040521"/> 64802 </rpminfo_test> 64803 <rpminfo_test id="oval:org.opensuse.security:tst:2009073205" version="1" comment="cifs-mount is <3.0.36-0.13.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64804 <object object_ref="oval:org.opensuse.security:obj:2009031336"/> 64805 <state state_ref="oval:org.opensuse.security:ste:2009040391"/> 64806 </rpminfo_test> 64807 <rpminfo_test id="oval:org.opensuse.security:tst:2009073206" version="1" comment="ldapsmb is <1.34b-25.13.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64808 <object object_ref="oval:org.opensuse.security:obj:2009030746"/> 64809 <state state_ref="oval:org.opensuse.security:ste:2009040392"/> 64810 </rpminfo_test> 64811 <rpminfo_test id="oval:org.opensuse.security:tst:2009073207" version="1" comment="libsmbclient-32bit is <3.0.36-0.13.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64812 <object object_ref="oval:org.opensuse.security:obj:2009030745"/> 64813 <state state_ref="oval:org.opensuse.security:ste:2009040391"/> 64814 </rpminfo_test> 64815 <rpminfo_test id="oval:org.opensuse.security:tst:2009073208" version="1" comment="libsmbclient-devel is <3.0.36-0.13.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64816 <object object_ref="oval:org.opensuse.security:obj:2009030441"/> 64817 <state state_ref="oval:org.opensuse.security:ste:2009040391"/> 64818 </rpminfo_test> 64819 <rpminfo_test id="oval:org.opensuse.security:tst:2009073209" version="1" comment="libsmbclient is <3.0.36-0.13.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64820 <object object_ref="oval:org.opensuse.security:obj:2009030442"/> 64821 <state state_ref="oval:org.opensuse.security:ste:2009040391"/> 64822 </rpminfo_test> 64823 <rpminfo_test id="oval:org.opensuse.security:tst:2009073210" version="1" comment="samba-32bit is <3.0.36-0.13.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64824 <object object_ref="oval:org.opensuse.security:obj:2009030769"/> 64825 <state state_ref="oval:org.opensuse.security:ste:2009040391"/> 64826 </rpminfo_test> 64827 <rpminfo_test id="oval:org.opensuse.security:tst:2009073211" version="1" comment="samba-client-32bit is <3.0.36-0.13.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64828 <object object_ref="oval:org.opensuse.security:obj:2009030770"/> 64829 <state state_ref="oval:org.opensuse.security:ste:2009040391"/> 64830 </rpminfo_test> 64831 <rpminfo_test id="oval:org.opensuse.security:tst:2009073212" version="1" comment="samba-client is <3.0.36-0.13.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64832 <object object_ref="oval:org.opensuse.security:obj:2009030443"/> 64833 <state state_ref="oval:org.opensuse.security:ste:2009040391"/> 64834 </rpminfo_test> 64835 <rpminfo_test id="oval:org.opensuse.security:tst:2009073213" version="1" comment="samba-krb-printing is <3.0.36-0.13.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64836 <object object_ref="oval:org.opensuse.security:obj:2009031344"/> 64837 <state state_ref="oval:org.opensuse.security:ste:2009040391"/> 64838 </rpminfo_test> 64839 <rpminfo_test id="oval:org.opensuse.security:tst:2009073214" version="1" comment="samba-vscan is <0.3.6b-43.13.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64840 <object object_ref="oval:org.opensuse.security:obj:2009030447"/> 64841 <state state_ref="oval:org.opensuse.security:ste:2009040393"/> 64842 </rpminfo_test> 64843 <rpminfo_test id="oval:org.opensuse.security:tst:2009073215" version="1" comment="samba-winbind-32bit is <3.0.36-0.13.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64844 <object object_ref="oval:org.opensuse.security:obj:2009030771"/> 64845 <state state_ref="oval:org.opensuse.security:ste:2009040391"/> 64846 </rpminfo_test> 64847 <rpminfo_test id="oval:org.opensuse.security:tst:2009073216" version="1" comment="samba-winbind is <3.0.36-0.13.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64848 <object object_ref="oval:org.opensuse.security:obj:2009030448"/> 64849 <state state_ref="oval:org.opensuse.security:ste:2009040391"/> 64850 </rpminfo_test> 64851 <rpminfo_test id="oval:org.opensuse.security:tst:2009073217" version="1" comment="samba is <3.0.36-0.13.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64852 <object object_ref="oval:org.opensuse.security:obj:2009030429"/> 64853 <state state_ref="oval:org.opensuse.security:ste:2009040391"/> 64854 </rpminfo_test> 64855 <rpminfo_test id="oval:org.opensuse.security:tst:2009074693" version="1" comment="expat-32bit is <2.0.0-13.15.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64856 <object object_ref="oval:org.opensuse.security:obj:2009033494"/> 64857 <state state_ref="oval:org.opensuse.security:ste:2009040566"/> 64858 </rpminfo_test> 64859 <rpminfo_test id="oval:org.opensuse.security:tst:2009074694" version="1" comment="expat is <2.0.0-13.15.16" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64860 <object object_ref="oval:org.opensuse.security:obj:2009033464"/> 64861 <state state_ref="oval:org.opensuse.security:ste:2009040566"/> 64862 </rpminfo_test> 64863 <rpminfo_test id="oval:org.opensuse.security:tst:2009074620" version="1" comment="taglib-32bit is <1.4-20.8.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64864 <object object_ref="oval:org.opensuse.security:obj:2009034907"/> 64865 <state state_ref="oval:org.opensuse.security:ste:2009040552"/> 64866 </rpminfo_test> 64867 <rpminfo_test id="oval:org.opensuse.security:tst:2009074621" version="1" comment="taglib-devel is <1.4-20.8.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64868 <object object_ref="oval:org.opensuse.security:obj:2009034910"/> 64869 <state state_ref="oval:org.opensuse.security:ste:2009040552"/> 64870 </rpminfo_test> 64871 <rpminfo_test id="oval:org.opensuse.security:tst:2009074622" version="1" comment="taglib is <1.4-20.8.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64872 <object object_ref="oval:org.opensuse.security:obj:2009034909"/> 64873 <state state_ref="oval:org.opensuse.security:ste:2009040552"/> 64874 </rpminfo_test> 64875 <rpminfo_test id="oval:org.opensuse.security:tst:2009073550" version="1" comment="freetype2-32bit is <2.1.10-18.29.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64876 <object object_ref="oval:org.opensuse.security:obj:2009030610"/> 64877 <state state_ref="oval:org.opensuse.security:ste:2009040433"/> 64878 </rpminfo_test> 64879 <rpminfo_test id="oval:org.opensuse.security:tst:2009073551" version="1" comment="freetype2-devel-32bit is <2.1.10-18.29.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64880 <object object_ref="oval:org.opensuse.security:obj:2009030611"/> 64881 <state state_ref="oval:org.opensuse.security:ste:2009040433"/> 64882 </rpminfo_test> 64883 <rpminfo_test id="oval:org.opensuse.security:tst:2009073552" version="1" comment="freetype2-devel is <2.1.10-18.29.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64884 <object object_ref="oval:org.opensuse.security:obj:2009030612"/> 64885 <state state_ref="oval:org.opensuse.security:ste:2009040433"/> 64886 </rpminfo_test> 64887 <rpminfo_test id="oval:org.opensuse.security:tst:2009073553" version="1" comment="freetype2 is <2.1.10-18.29.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64888 <object object_ref="oval:org.opensuse.security:obj:2009030613"/> 64889 <state state_ref="oval:org.opensuse.security:ste:2009040433"/> 64890 </rpminfo_test> 64891 <rpminfo_test id="oval:org.opensuse.security:tst:2009073554" version="1" comment="ft2demos is <2.1.10-19.29.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64892 <object object_ref="oval:org.opensuse.security:obj:2009034838"/> 64893 <state state_ref="oval:org.opensuse.security:ste:2009040434"/> 64894 </rpminfo_test> 64895 <rpminfo_test id="oval:org.opensuse.security:tst:2009073804" version="1" comment="libtiff-32bit is <3.8.2-5.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64896 <object object_ref="oval:org.opensuse.security:obj:2009030616"/> 64897 <state state_ref="oval:org.opensuse.security:ste:2009040449"/> 64898 </rpminfo_test> 64899 <rpminfo_test id="oval:org.opensuse.security:tst:2009073805" version="1" comment="libtiff-devel is <3.8.2-5.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64900 <object object_ref="oval:org.opensuse.security:obj:2009031676"/> 64901 <state state_ref="oval:org.opensuse.security:ste:2009040449"/> 64902 </rpminfo_test> 64903 <rpminfo_test id="oval:org.opensuse.security:tst:2009073806" version="1" comment="libtiff is <3.8.2-5.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64904 <object object_ref="oval:org.opensuse.security:obj:2009030452"/> 64905 <state state_ref="oval:org.opensuse.security:ste:2009040449"/> 64906 </rpminfo_test> 64907 <rpminfo_test id="oval:org.opensuse.security:tst:2009074698" version="1" comment="finch is <2.6.6-0.16.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64908 <object object_ref="oval:org.opensuse.security:obj:2009031748"/> 64909 <state state_ref="oval:org.opensuse.security:ste:2009040567"/> 64910 </rpminfo_test> 64911 <rpminfo_test id="oval:org.opensuse.security:tst:2009074699" version="1" comment="libpurple is <2.6.6-0.16.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64912 <object object_ref="oval:org.opensuse.security:obj:2009031423"/> 64913 <state state_ref="oval:org.opensuse.security:ste:2009040567"/> 64914 </rpminfo_test> 64915 <rpminfo_test id="oval:org.opensuse.security:tst:2009074700" version="1" comment="pidgin is <2.6.6-0.16.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64916 <object object_ref="oval:org.opensuse.security:obj:2009031752"/> 64917 <state state_ref="oval:org.opensuse.security:ste:2009040567"/> 64918 </rpminfo_test> 64919 <rpminfo_test id="oval:org.opensuse.security:tst:2009073646" version="1" comment="cifs-mount is <3.0.36-0.13.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64920 <object object_ref="oval:org.opensuse.security:obj:2009031336"/> 64921 <state state_ref="oval:org.opensuse.security:ste:2009040438"/> 64922 </rpminfo_test> 64923 <rpminfo_test id="oval:org.opensuse.security:tst:2009073647" version="1" comment="ldapsmb is <1.34b-25.13.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64924 <object object_ref="oval:org.opensuse.security:obj:2009030746"/> 64925 <state state_ref="oval:org.opensuse.security:ste:2009040439"/> 64926 </rpminfo_test> 64927 <rpminfo_test id="oval:org.opensuse.security:tst:2009073648" version="1" comment="libsmbclient-32bit is <3.0.36-0.13.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64928 <object object_ref="oval:org.opensuse.security:obj:2009030745"/> 64929 <state state_ref="oval:org.opensuse.security:ste:2009040438"/> 64930 </rpminfo_test> 64931 <rpminfo_test id="oval:org.opensuse.security:tst:2009073649" version="1" comment="libsmbclient-devel is <3.0.36-0.13.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64932 <object object_ref="oval:org.opensuse.security:obj:2009030441"/> 64933 <state state_ref="oval:org.opensuse.security:ste:2009040438"/> 64934 </rpminfo_test> 64935 <rpminfo_test id="oval:org.opensuse.security:tst:2009073650" version="1" comment="libsmbclient is <3.0.36-0.13.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64936 <object object_ref="oval:org.opensuse.security:obj:2009030442"/> 64937 <state state_ref="oval:org.opensuse.security:ste:2009040438"/> 64938 </rpminfo_test> 64939 <rpminfo_test id="oval:org.opensuse.security:tst:2009073651" version="1" comment="samba-32bit is <3.0.36-0.13.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64940 <object object_ref="oval:org.opensuse.security:obj:2009030769"/> 64941 <state state_ref="oval:org.opensuse.security:ste:2009040438"/> 64942 </rpminfo_test> 64943 <rpminfo_test id="oval:org.opensuse.security:tst:2009073652" version="1" comment="samba-client-32bit is <3.0.36-0.13.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64944 <object object_ref="oval:org.opensuse.security:obj:2009030770"/> 64945 <state state_ref="oval:org.opensuse.security:ste:2009040438"/> 64946 </rpminfo_test> 64947 <rpminfo_test id="oval:org.opensuse.security:tst:2009073653" version="1" comment="samba-client is <3.0.36-0.13.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64948 <object object_ref="oval:org.opensuse.security:obj:2009030443"/> 64949 <state state_ref="oval:org.opensuse.security:ste:2009040438"/> 64950 </rpminfo_test> 64951 <rpminfo_test id="oval:org.opensuse.security:tst:2009073654" version="1" comment="samba-doc is <3.0.36-0.12.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64952 <object object_ref="oval:org.opensuse.security:obj:2009030444"/> 64953 <state state_ref="oval:org.opensuse.security:ste:2009040440"/> 64954 </rpminfo_test> 64955 <rpminfo_test id="oval:org.opensuse.security:tst:2009073655" version="1" comment="samba-krb-printing is <3.0.36-0.13.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64956 <object object_ref="oval:org.opensuse.security:obj:2009031344"/> 64957 <state state_ref="oval:org.opensuse.security:ste:2009040438"/> 64958 </rpminfo_test> 64959 <rpminfo_test id="oval:org.opensuse.security:tst:2009073656" version="1" comment="samba-vscan is <0.3.6b-43.13.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64960 <object object_ref="oval:org.opensuse.security:obj:2009030447"/> 64961 <state state_ref="oval:org.opensuse.security:ste:2009040441"/> 64962 </rpminfo_test> 64963 <rpminfo_test id="oval:org.opensuse.security:tst:2009073657" version="1" comment="samba-winbind-32bit is <3.0.36-0.13.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64964 <object object_ref="oval:org.opensuse.security:obj:2009030771"/> 64965 <state state_ref="oval:org.opensuse.security:ste:2009040438"/> 64966 </rpminfo_test> 64967 <rpminfo_test id="oval:org.opensuse.security:tst:2009073658" version="1" comment="samba-winbind is <3.0.36-0.13.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64968 <object object_ref="oval:org.opensuse.security:obj:2009030448"/> 64969 <state state_ref="oval:org.opensuse.security:ste:2009040438"/> 64970 </rpminfo_test> 64971 <rpminfo_test id="oval:org.opensuse.security:tst:2009073659" version="1" comment="samba is <3.0.36-0.13.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64972 <object object_ref="oval:org.opensuse.security:obj:2009030429"/> 64973 <state state_ref="oval:org.opensuse.security:ste:2009040438"/> 64974 </rpminfo_test> 64975 <rpminfo_test id="oval:org.opensuse.security:tst:2009074895" version="1" comment="clamav is <0.97.5-0.5.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64976 <object object_ref="oval:org.opensuse.security:obj:2009030961"/> 64977 <state state_ref="oval:org.opensuse.security:ste:2009040594"/> 64978 </rpminfo_test> 64979 <rpminfo_test id="oval:org.opensuse.security:tst:2009074314" version="1" comment="python-pam is <0.5.0-2.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64980 <object object_ref="oval:org.opensuse.security:obj:2009034898"/> 64981 <state state_ref="oval:org.opensuse.security:ste:2009040502"/> 64982 </rpminfo_test> 64983 <rpminfo_test id="oval:org.opensuse.security:tst:2009076306" version="1" comment="acroread-cmaps is <9.4.6-0.6.59" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64984 <object object_ref="oval:org.opensuse.security:obj:2009033636"/> 64985 <state state_ref="oval:org.opensuse.security:ste:2009040793"/> 64986 </rpminfo_test> 64987 <rpminfo_test id="oval:org.opensuse.security:tst:2009076307" version="1" comment="acroread-fonts-ja is <9.4.6-0.6.59" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64988 <object object_ref="oval:org.opensuse.security:obj:2009033637"/> 64989 <state state_ref="oval:org.opensuse.security:ste:2009040793"/> 64990 </rpminfo_test> 64991 <rpminfo_test id="oval:org.opensuse.security:tst:2009076308" version="1" comment="acroread-fonts-ko is <9.4.6-0.6.59" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64992 <object object_ref="oval:org.opensuse.security:obj:2009033638"/> 64993 <state state_ref="oval:org.opensuse.security:ste:2009040793"/> 64994 </rpminfo_test> 64995 <rpminfo_test id="oval:org.opensuse.security:tst:2009076309" version="1" comment="acroread-fonts-zh_CN is <9.4.6-0.6.59" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 64996 <object object_ref="oval:org.opensuse.security:obj:2009033639"/> 64997 <state state_ref="oval:org.opensuse.security:ste:2009040793"/> 64998 </rpminfo_test> 64999 <rpminfo_test id="oval:org.opensuse.security:tst:2009076310" version="1" comment="acroread-fonts-zh_TW is <9.4.6-0.6.59" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65000 <object object_ref="oval:org.opensuse.security:obj:2009033640"/> 65001 <state state_ref="oval:org.opensuse.security:ste:2009040793"/> 65002 </rpminfo_test> 65003 <rpminfo_test id="oval:org.opensuse.security:tst:2009076311" version="1" comment="acroread is <9.5.3-0.6.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65004 <object object_ref="oval:org.opensuse.security:obj:2009030440"/> 65005 <state state_ref="oval:org.opensuse.security:ste:2009040794"/> 65006 </rpminfo_test> 65007 <rpminfo_test id="oval:org.opensuse.security:tst:2009076041" version="1" comment="java-1_5_0-ibm-32bit is <1.5.0_sr15.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65008 <object object_ref="oval:org.opensuse.security:obj:2009032707"/> 65009 <state state_ref="oval:org.opensuse.security:ste:2009040751"/> 65010 </rpminfo_test> 65011 <rpminfo_test id="oval:org.opensuse.security:tst:2009076042" version="1" comment="java-1_5_0-ibm-alsa-32bit is <1.5.0_sr15.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65012 <object object_ref="oval:org.opensuse.security:obj:2009032708"/> 65013 <state state_ref="oval:org.opensuse.security:ste:2009040751"/> 65014 </rpminfo_test> 65015 <rpminfo_test id="oval:org.opensuse.security:tst:2009076043" version="1" comment="java-1_5_0-ibm-alsa is <1.5.0_sr15.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65016 <object object_ref="oval:org.opensuse.security:obj:2009032709"/> 65017 <state state_ref="oval:org.opensuse.security:ste:2009040751"/> 65018 </rpminfo_test> 65019 <rpminfo_test id="oval:org.opensuse.security:tst:2009076044" version="1" comment="java-1_5_0-ibm-demo is <1.5.0_sr15.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65020 <object object_ref="oval:org.opensuse.security:obj:2009032710"/> 65021 <state state_ref="oval:org.opensuse.security:ste:2009040751"/> 65022 </rpminfo_test> 65023 <rpminfo_test id="oval:org.opensuse.security:tst:2009076045" version="1" comment="java-1_5_0-ibm-devel-32bit is <1.5.0_sr15.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65024 <object object_ref="oval:org.opensuse.security:obj:2009032711"/> 65025 <state state_ref="oval:org.opensuse.security:ste:2009040751"/> 65026 </rpminfo_test> 65027 <rpminfo_test id="oval:org.opensuse.security:tst:2009076046" version="1" comment="java-1_5_0-ibm-devel is <1.5.0_sr15.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65028 <object object_ref="oval:org.opensuse.security:obj:2009032712"/> 65029 <state state_ref="oval:org.opensuse.security:ste:2009040751"/> 65030 </rpminfo_test> 65031 <rpminfo_test id="oval:org.opensuse.security:tst:2009076047" version="1" comment="java-1_5_0-ibm-fonts is <1.5.0_sr15.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65032 <object object_ref="oval:org.opensuse.security:obj:2009032773"/> 65033 <state state_ref="oval:org.opensuse.security:ste:2009040751"/> 65034 </rpminfo_test> 65035 <rpminfo_test id="oval:org.opensuse.security:tst:2009076048" version="1" comment="java-1_5_0-ibm-jdbc is <1.5.0_sr15.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65036 <object object_ref="oval:org.opensuse.security:obj:2009032713"/> 65037 <state state_ref="oval:org.opensuse.security:ste:2009040751"/> 65038 </rpminfo_test> 65039 <rpminfo_test id="oval:org.opensuse.security:tst:2009076049" version="1" comment="java-1_5_0-ibm-plugin is <1.5.0_sr15.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65040 <object object_ref="oval:org.opensuse.security:obj:2009032714"/> 65041 <state state_ref="oval:org.opensuse.security:ste:2009040751"/> 65042 </rpminfo_test> 65043 <rpminfo_test id="oval:org.opensuse.security:tst:2009076050" version="1" comment="java-1_5_0-ibm-src is <1.5.0_sr15.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65044 <object object_ref="oval:org.opensuse.security:obj:2009032715"/> 65045 <state state_ref="oval:org.opensuse.security:ste:2009040751"/> 65046 </rpminfo_test> 65047 <rpminfo_test id="oval:org.opensuse.security:tst:2009076051" version="1" comment="java-1_5_0-ibm is <1.5.0_sr15.0-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65048 <object object_ref="oval:org.opensuse.security:obj:2009032716"/> 65049 <state state_ref="oval:org.opensuse.security:ste:2009040751"/> 65050 </rpminfo_test> 65051 <rpminfo_test id="oval:org.opensuse.security:tst:2009075215" version="1" comment="flash-player is <11.2.202.238-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65052 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 65053 <state state_ref="oval:org.opensuse.security:ste:2009040651"/> 65054 </rpminfo_test> 65055 <rpminfo_test id="oval:org.opensuse.security:tst:2009076550" version="1" comment="cifs-mount is <3.0.36-0.13.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65056 <object object_ref="oval:org.opensuse.security:obj:2009031336"/> 65057 <state state_ref="oval:org.opensuse.security:ste:2009040864"/> 65058 </rpminfo_test> 65059 <rpminfo_test id="oval:org.opensuse.security:tst:2009076551" version="1" comment="ldapsmb is <1.34b-25.13.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65060 <object object_ref="oval:org.opensuse.security:obj:2009030746"/> 65061 <state state_ref="oval:org.opensuse.security:ste:2009040865"/> 65062 </rpminfo_test> 65063 <rpminfo_test id="oval:org.opensuse.security:tst:2009076552" version="1" comment="libsmbclient-32bit is <3.0.36-0.13.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65064 <object object_ref="oval:org.opensuse.security:obj:2009030745"/> 65065 <state state_ref="oval:org.opensuse.security:ste:2009040864"/> 65066 </rpminfo_test> 65067 <rpminfo_test id="oval:org.opensuse.security:tst:2009076553" version="1" comment="libsmbclient-devel is <3.0.36-0.13.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65068 <object object_ref="oval:org.opensuse.security:obj:2009030441"/> 65069 <state state_ref="oval:org.opensuse.security:ste:2009040864"/> 65070 </rpminfo_test> 65071 <rpminfo_test id="oval:org.opensuse.security:tst:2009076554" version="1" comment="libsmbclient is <3.0.36-0.13.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65072 <object object_ref="oval:org.opensuse.security:obj:2009030442"/> 65073 <state state_ref="oval:org.opensuse.security:ste:2009040864"/> 65074 </rpminfo_test> 65075 <rpminfo_test id="oval:org.opensuse.security:tst:2009076555" version="1" comment="samba-32bit is <3.0.36-0.13.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65076 <object object_ref="oval:org.opensuse.security:obj:2009030769"/> 65077 <state state_ref="oval:org.opensuse.security:ste:2009040864"/> 65078 </rpminfo_test> 65079 <rpminfo_test id="oval:org.opensuse.security:tst:2009076556" version="1" comment="samba-client-32bit is <3.0.36-0.13.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65080 <object object_ref="oval:org.opensuse.security:obj:2009030770"/> 65081 <state state_ref="oval:org.opensuse.security:ste:2009040864"/> 65082 </rpminfo_test> 65083 <rpminfo_test id="oval:org.opensuse.security:tst:2009076557" version="1" comment="samba-client is <3.0.36-0.13.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65084 <object object_ref="oval:org.opensuse.security:obj:2009030443"/> 65085 <state state_ref="oval:org.opensuse.security:ste:2009040864"/> 65086 </rpminfo_test> 65087 <rpminfo_test id="oval:org.opensuse.security:tst:2009076558" version="1" comment="samba-doc is <3.0.36-0.12.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65088 <object object_ref="oval:org.opensuse.security:obj:2009030444"/> 65089 <state state_ref="oval:org.opensuse.security:ste:2009040866"/> 65090 </rpminfo_test> 65091 <rpminfo_test id="oval:org.opensuse.security:tst:2009076559" version="1" comment="samba-krb-printing is <3.0.36-0.13.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65092 <object object_ref="oval:org.opensuse.security:obj:2009031344"/> 65093 <state state_ref="oval:org.opensuse.security:ste:2009040864"/> 65094 </rpminfo_test> 65095 <rpminfo_test id="oval:org.opensuse.security:tst:2009076560" version="1" comment="samba-vscan is <0.3.6b-43.13.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65096 <object object_ref="oval:org.opensuse.security:obj:2009030447"/> 65097 <state state_ref="oval:org.opensuse.security:ste:2009040867"/> 65098 </rpminfo_test> 65099 <rpminfo_test id="oval:org.opensuse.security:tst:2009076561" version="1" comment="samba-winbind-32bit is <3.0.36-0.13.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65100 <object object_ref="oval:org.opensuse.security:obj:2009030771"/> 65101 <state state_ref="oval:org.opensuse.security:ste:2009040864"/> 65102 </rpminfo_test> 65103 <rpminfo_test id="oval:org.opensuse.security:tst:2009076562" version="1" comment="samba-winbind is <3.0.36-0.13.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65104 <object object_ref="oval:org.opensuse.security:obj:2009030448"/> 65105 <state state_ref="oval:org.opensuse.security:ste:2009040864"/> 65106 </rpminfo_test> 65107 <rpminfo_test id="oval:org.opensuse.security:tst:2009076563" version="1" comment="samba is <3.0.36-0.13.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65108 <object object_ref="oval:org.opensuse.security:obj:2009030429"/> 65109 <state state_ref="oval:org.opensuse.security:ste:2009040864"/> 65110 </rpminfo_test> 65111 <rpminfo_test id="oval:org.opensuse.security:tst:2009073963" version="1" comment="wireshark is <1.4.12-0.5.6" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65112 <object object_ref="oval:org.opensuse.security:obj:2009031055"/> 65113 <state state_ref="oval:org.opensuse.security:ste:2009040467"/> 65114 </rpminfo_test> 65115 <rpminfo_test id="oval:org.opensuse.security:tst:2009074659" version="1" comment="bind-libs-32bit is <9.6ESVR7P1-0.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65116 <object object_ref="oval:org.opensuse.security:obj:2009031555"/> 65117 <state state_ref="oval:org.opensuse.security:ste:2009040559"/> 65118 </rpminfo_test> 65119 <rpminfo_test id="oval:org.opensuse.security:tst:2009074660" version="1" comment="bind-libs is <9.6ESVR7P1-0.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65120 <object object_ref="oval:org.opensuse.security:obj:2009031557"/> 65121 <state state_ref="oval:org.opensuse.security:ste:2009040559"/> 65122 </rpminfo_test> 65123 <rpminfo_test id="oval:org.opensuse.security:tst:2009074661" version="1" comment="bind-utils is <9.6ESVR7P1-0.10.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65124 <object object_ref="oval:org.opensuse.security:obj:2009030649"/> 65125 <state state_ref="oval:org.opensuse.security:ste:2009040559"/> 65126 </rpminfo_test> 65127 <rpminfo_test id="oval:org.opensuse.security:tst:2009075695" version="1" comment="java-1_5_0-ibm-32bit is <1.5.0_sr14.0-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65128 <object object_ref="oval:org.opensuse.security:obj:2009032707"/> 65129 <state state_ref="oval:org.opensuse.security:ste:2009040712"/> 65130 </rpminfo_test> 65131 <rpminfo_test id="oval:org.opensuse.security:tst:2009075696" version="1" comment="java-1_5_0-ibm-alsa-32bit is <1.5.0_sr14.0-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65132 <object object_ref="oval:org.opensuse.security:obj:2009032708"/> 65133 <state state_ref="oval:org.opensuse.security:ste:2009040712"/> 65134 </rpminfo_test> 65135 <rpminfo_test id="oval:org.opensuse.security:tst:2009075697" version="1" comment="java-1_5_0-ibm-alsa is <1.5.0_sr14.0-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65136 <object object_ref="oval:org.opensuse.security:obj:2009032709"/> 65137 <state state_ref="oval:org.opensuse.security:ste:2009040712"/> 65138 </rpminfo_test> 65139 <rpminfo_test id="oval:org.opensuse.security:tst:2009075698" version="1" comment="java-1_5_0-ibm-demo is <1.5.0_sr14.0-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65140 <object object_ref="oval:org.opensuse.security:obj:2009032710"/> 65141 <state state_ref="oval:org.opensuse.security:ste:2009040712"/> 65142 </rpminfo_test> 65143 <rpminfo_test id="oval:org.opensuse.security:tst:2009075699" version="1" comment="java-1_5_0-ibm-devel-32bit is <1.5.0_sr14.0-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65144 <object object_ref="oval:org.opensuse.security:obj:2009032711"/> 65145 <state state_ref="oval:org.opensuse.security:ste:2009040712"/> 65146 </rpminfo_test> 65147 <rpminfo_test id="oval:org.opensuse.security:tst:2009075700" version="1" comment="java-1_5_0-ibm-devel is <1.5.0_sr14.0-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65148 <object object_ref="oval:org.opensuse.security:obj:2009032712"/> 65149 <state state_ref="oval:org.opensuse.security:ste:2009040712"/> 65150 </rpminfo_test> 65151 <rpminfo_test id="oval:org.opensuse.security:tst:2009075701" version="1" comment="java-1_5_0-ibm-fonts is <1.5.0_sr14.0-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65152 <object object_ref="oval:org.opensuse.security:obj:2009032773"/> 65153 <state state_ref="oval:org.opensuse.security:ste:2009040712"/> 65154 </rpminfo_test> 65155 <rpminfo_test id="oval:org.opensuse.security:tst:2009075702" version="1" comment="java-1_5_0-ibm-jdbc is <1.5.0_sr14.0-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65156 <object object_ref="oval:org.opensuse.security:obj:2009032713"/> 65157 <state state_ref="oval:org.opensuse.security:ste:2009040712"/> 65158 </rpminfo_test> 65159 <rpminfo_test id="oval:org.opensuse.security:tst:2009075703" version="1" comment="java-1_5_0-ibm-plugin is <1.5.0_sr14.0-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65160 <object object_ref="oval:org.opensuse.security:obj:2009032714"/> 65161 <state state_ref="oval:org.opensuse.security:ste:2009040712"/> 65162 </rpminfo_test> 65163 <rpminfo_test id="oval:org.opensuse.security:tst:2009075704" version="1" comment="java-1_5_0-ibm-src is <1.5.0_sr14.0-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65164 <object object_ref="oval:org.opensuse.security:obj:2009032715"/> 65165 <state state_ref="oval:org.opensuse.security:ste:2009040712"/> 65166 </rpminfo_test> 65167 <rpminfo_test id="oval:org.opensuse.security:tst:2009075705" version="1" comment="java-1_5_0-ibm is <1.5.0_sr14.0-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65168 <object object_ref="oval:org.opensuse.security:obj:2009032716"/> 65169 <state state_ref="oval:org.opensuse.security:ste:2009040712"/> 65170 </rpminfo_test> 65171 <rpminfo_test id="oval:org.opensuse.security:tst:2009075001" version="1" comment="MozillaFirefox-branding-SLED is <7-0.8.25" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65172 <object object_ref="oval:org.opensuse.security:obj:2009033270"/> 65173 <state state_ref="oval:org.opensuse.security:ste:2009040610"/> 65174 </rpminfo_test> 65175 <rpminfo_test id="oval:org.opensuse.security:tst:2009075002" version="1" comment="MozillaFirefox-translations is <10.0.6-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65176 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 65177 <state state_ref="oval:org.opensuse.security:ste:2009040611"/> 65178 </rpminfo_test> 65179 <rpminfo_test id="oval:org.opensuse.security:tst:2009075003" version="1" comment="MozillaFirefox is <10.0.6-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65180 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 65181 <state state_ref="oval:org.opensuse.security:ste:2009040611"/> 65182 </rpminfo_test> 65183 <rpminfo_test id="oval:org.opensuse.security:tst:2009075004" version="1" comment="firefox3-gtk2-32bit is <2.10.6-0.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65184 <object object_ref="oval:org.opensuse.security:obj:2009033277"/> 65185 <state state_ref="oval:org.opensuse.security:ste:2009040612"/> 65186 </rpminfo_test> 65187 <rpminfo_test id="oval:org.opensuse.security:tst:2009075005" version="1" comment="firefox3-gtk2 is <2.10.6-0.12.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65188 <object object_ref="oval:org.opensuse.security:obj:2009033278"/> 65189 <state state_ref="oval:org.opensuse.security:ste:2009040612"/> 65190 </rpminfo_test> 65191 <rpminfo_test id="oval:org.opensuse.security:tst:2009075519" version="1" comment="MozillaFirefox-branding-SLED is <7-0.8.31" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65192 <object object_ref="oval:org.opensuse.security:obj:2009033270"/> 65193 <state state_ref="oval:org.opensuse.security:ste:2009040689"/> 65194 </rpminfo_test> 65195 <rpminfo_test id="oval:org.opensuse.security:tst:2009075520" version="1" comment="MozillaFirefox-translations is <10.0.7-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65196 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 65197 <state state_ref="oval:org.opensuse.security:ste:2009040690"/> 65198 </rpminfo_test> 65199 <rpminfo_test id="oval:org.opensuse.security:tst:2009075521" version="1" comment="MozillaFirefox is <10.0.7-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65200 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 65201 <state state_ref="oval:org.opensuse.security:ste:2009040690"/> 65202 </rpminfo_test> 65203 <rpminfo_test id="oval:org.opensuse.security:tst:2009075522" version="1" comment="firefox3-cairo-32bit is <1.2.4-0.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65204 <object object_ref="oval:org.opensuse.security:obj:2009033273"/> 65205 <state state_ref="oval:org.opensuse.security:ste:2009040691"/> 65206 </rpminfo_test> 65207 <rpminfo_test id="oval:org.opensuse.security:tst:2009075523" version="1" comment="firefox3-cairo is <1.2.4-0.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65208 <object object_ref="oval:org.opensuse.security:obj:2009033274"/> 65209 <state state_ref="oval:org.opensuse.security:ste:2009040691"/> 65210 </rpminfo_test> 65211 <rpminfo_test id="oval:org.opensuse.security:tst:2009075524" version="1" comment="mozilla-nspr-32bit is <4.9.2-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65212 <object object_ref="oval:org.opensuse.security:obj:2009032356"/> 65213 <state state_ref="oval:org.opensuse.security:ste:2009040692"/> 65214 </rpminfo_test> 65215 <rpminfo_test id="oval:org.opensuse.security:tst:2009075525" version="1" comment="mozilla-nspr-devel is <4.9.2-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65216 <object object_ref="oval:org.opensuse.security:obj:2009032357"/> 65217 <state state_ref="oval:org.opensuse.security:ste:2009040692"/> 65218 </rpminfo_test> 65219 <rpminfo_test id="oval:org.opensuse.security:tst:2009075526" version="1" comment="mozilla-nspr is <4.9.2-0.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65220 <object object_ref="oval:org.opensuse.security:obj:2009032358"/> 65221 <state state_ref="oval:org.opensuse.security:ste:2009040692"/> 65222 </rpminfo_test> 65223 <rpminfo_test id="oval:org.opensuse.security:tst:2009075527" version="1" comment="mozilla-nss-32bit is <3.13.6-0.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65224 <object object_ref="oval:org.opensuse.security:obj:2009032437"/> 65225 <state state_ref="oval:org.opensuse.security:ste:2009040693"/> 65226 </rpminfo_test> 65227 <rpminfo_test id="oval:org.opensuse.security:tst:2009075528" version="1" comment="mozilla-nss-devel is <3.13.6-0.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65228 <object object_ref="oval:org.opensuse.security:obj:2009032439"/> 65229 <state state_ref="oval:org.opensuse.security:ste:2009040693"/> 65230 </rpminfo_test> 65231 <rpminfo_test id="oval:org.opensuse.security:tst:2009075529" version="1" comment="mozilla-nss-tools is <3.13.6-0.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65232 <object object_ref="oval:org.opensuse.security:obj:2009032444"/> 65233 <state state_ref="oval:org.opensuse.security:ste:2009040693"/> 65234 </rpminfo_test> 65235 <rpminfo_test id="oval:org.opensuse.security:tst:2009075530" version="1" comment="mozilla-nss is <3.13.6-0.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65236 <object object_ref="oval:org.opensuse.security:obj:2009032440"/> 65237 <state state_ref="oval:org.opensuse.security:ste:2009040693"/> 65238 </rpminfo_test> 65239 <rpminfo_test id="oval:org.opensuse.security:tst:2009074510" version="1" comment="flash-player is <11.2.202.236-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65240 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 65241 <state state_ref="oval:org.opensuse.security:ste:2009040527"/> 65242 </rpminfo_test> 65243 <rpminfo_test id="oval:org.opensuse.security:tst:2009074988" version="1" comment="libtiff-32bit is <3.8.2-5.28.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65244 <object object_ref="oval:org.opensuse.security:obj:2009030616"/> 65245 <state state_ref="oval:org.opensuse.security:ste:2009040608"/> 65246 </rpminfo_test> 65247 <rpminfo_test id="oval:org.opensuse.security:tst:2009074989" version="1" comment="libtiff-devel is <3.8.2-5.28.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65248 <object object_ref="oval:org.opensuse.security:obj:2009031676"/> 65249 <state state_ref="oval:org.opensuse.security:ste:2009040608"/> 65250 </rpminfo_test> 65251 <rpminfo_test id="oval:org.opensuse.security:tst:2009074990" version="1" comment="libtiff is <3.8.2-5.28.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65252 <object object_ref="oval:org.opensuse.security:obj:2009030452"/> 65253 <state state_ref="oval:org.opensuse.security:ste:2009040608"/> 65254 </rpminfo_test> 65255 <rpminfo_test id="oval:org.opensuse.security:tst:2009075531" version="1" comment="compat-openssl097g-32bit is <0.9.7g-13.23.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65256 <object object_ref="oval:org.opensuse.security:obj:2009031424"/> 65257 <state state_ref="oval:org.opensuse.security:ste:2009040694"/> 65258 </rpminfo_test> 65259 <rpminfo_test id="oval:org.opensuse.security:tst:2009075532" version="1" comment="compat-openssl097g is <0.9.7g-13.23.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65260 <object object_ref="oval:org.opensuse.security:obj:2009031426"/> 65261 <state state_ref="oval:org.opensuse.security:ste:2009040694"/> 65262 </rpminfo_test> 65263 <rpminfo_test id="oval:org.opensuse.security:tst:2009074282" version="1" comment="openssl-32bit is <0.9.8a-18.68.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65264 <object object_ref="oval:org.opensuse.security:obj:2009030634"/> 65265 <state state_ref="oval:org.opensuse.security:ste:2009040493"/> 65266 </rpminfo_test> 65267 <rpminfo_test id="oval:org.opensuse.security:tst:2009074283" version="1" comment="openssl-devel-32bit is <0.9.8a-18.68.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65268 <object object_ref="oval:org.opensuse.security:obj:2009030635"/> 65269 <state state_ref="oval:org.opensuse.security:ste:2009040493"/> 65270 </rpminfo_test> 65271 <rpminfo_test id="oval:org.opensuse.security:tst:2009074284" version="1" comment="openssl-devel is <0.9.8a-18.68.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65272 <object object_ref="oval:org.opensuse.security:obj:2009030587"/> 65273 <state state_ref="oval:org.opensuse.security:ste:2009040493"/> 65274 </rpminfo_test> 65275 <rpminfo_test id="oval:org.opensuse.security:tst:2009074285" version="1" comment="openssl is <0.9.8a-18.68.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65276 <object object_ref="oval:org.opensuse.security:obj:2009030588"/> 65277 <state state_ref="oval:org.opensuse.security:ste:2009040493"/> 65278 </rpminfo_test> 65279 <rpminfo_test id="oval:org.opensuse.security:tst:2009074955" version="1" comment="net-snmp-32bit is <5.3.0.1-25.43.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65280 <object object_ref="oval:org.opensuse.security:obj:2009031231"/> 65281 <state state_ref="oval:org.opensuse.security:ste:2009040602"/> 65282 </rpminfo_test> 65283 <rpminfo_test id="oval:org.opensuse.security:tst:2009074956" version="1" comment="net-snmp-devel is <5.3.0.1-25.43.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65284 <object object_ref="oval:org.opensuse.security:obj:2009030791"/> 65285 <state state_ref="oval:org.opensuse.security:ste:2009040602"/> 65286 </rpminfo_test> 65287 <rpminfo_test id="oval:org.opensuse.security:tst:2009074957" version="1" comment="net-snmp is <5.3.0.1-25.43.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65288 <object object_ref="oval:org.opensuse.security:obj:2009030550"/> 65289 <state state_ref="oval:org.opensuse.security:ste:2009040602"/> 65290 </rpminfo_test> 65291 <rpminfo_test id="oval:org.opensuse.security:tst:2009074958" version="1" comment="perl-SNMP is <5.3.0.1-25.43.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65292 <object object_ref="oval:org.opensuse.security:obj:2009030792"/> 65293 <state state_ref="oval:org.opensuse.security:ste:2009040602"/> 65294 </rpminfo_test> 65295 <rpminfo_test id="oval:org.opensuse.security:tst:2009074321" version="1" comment="openssl-32bit is <0.9.8a-18.70.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65296 <object object_ref="oval:org.opensuse.security:obj:2009030634"/> 65297 <state state_ref="oval:org.opensuse.security:ste:2009040504"/> 65298 </rpminfo_test> 65299 <rpminfo_test id="oval:org.opensuse.security:tst:2009074322" version="1" comment="openssl-devel-32bit is <0.9.8a-18.70.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65300 <object object_ref="oval:org.opensuse.security:obj:2009030635"/> 65301 <state state_ref="oval:org.opensuse.security:ste:2009040504"/> 65302 </rpminfo_test> 65303 <rpminfo_test id="oval:org.opensuse.security:tst:2009074323" version="1" comment="openssl-devel is <0.9.8a-18.70.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65304 <object object_ref="oval:org.opensuse.security:obj:2009030587"/> 65305 <state state_ref="oval:org.opensuse.security:ste:2009040504"/> 65306 </rpminfo_test> 65307 <rpminfo_test id="oval:org.opensuse.security:tst:2009074324" version="1" comment="openssl is <0.9.8a-18.70.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65308 <object object_ref="oval:org.opensuse.security:obj:2009030588"/> 65309 <state state_ref="oval:org.opensuse.security:ste:2009040504"/> 65310 </rpminfo_test> 65311 <rpminfo_test id="oval:org.opensuse.security:tst:2009074313" version="1" comment="sudo is <1.6.9p23-0.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65312 <object object_ref="oval:org.opensuse.security:obj:2009030544"/> 65313 <state state_ref="oval:org.opensuse.security:ste:2009040501"/> 65314 </rpminfo_test> 65315 <rpminfo_test id="oval:org.opensuse.security:tst:2009074787" version="1" comment="wireshark is <1.4.13-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65316 <object object_ref="oval:org.opensuse.security:obj:2009031055"/> 65317 <state state_ref="oval:org.opensuse.security:ste:2009040578"/> 65318 </rpminfo_test> 65319 <rpminfo_test id="oval:org.opensuse.security:tst:2009107378" version="1" comment="xen-devel is <3.2.3_17040_40-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65320 <object object_ref="oval:org.opensuse.security:obj:2009031479"/> 65321 <state state_ref="oval:org.opensuse.security:ste:2009044645"/> 65322 </rpminfo_test> 65323 <rpminfo_test id="oval:org.opensuse.security:tst:2009107379" version="1" comment="xen-doc-html is <3.2.3_17040_40-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65324 <object object_ref="oval:org.opensuse.security:obj:2009031480"/> 65325 <state state_ref="oval:org.opensuse.security:ste:2009044645"/> 65326 </rpminfo_test> 65327 <rpminfo_test id="oval:org.opensuse.security:tst:2009107380" version="1" comment="xen-doc-pdf is <3.2.3_17040_40-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65328 <object object_ref="oval:org.opensuse.security:obj:2009031481"/> 65329 <state state_ref="oval:org.opensuse.security:ste:2009044645"/> 65330 </rpminfo_test> 65331 <rpminfo_test id="oval:org.opensuse.security:tst:2009107381" version="1" comment="xen-doc-ps is <3.2.3_17040_40-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65332 <object object_ref="oval:org.opensuse.security:obj:2009032233"/> 65333 <state state_ref="oval:org.opensuse.security:ste:2009044645"/> 65334 </rpminfo_test> 65335 <rpminfo_test id="oval:org.opensuse.security:tst:2009107382" version="1" comment="xen-kmp-bigsmp is <3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65336 <object object_ref="oval:org.opensuse.security:obj:2009034576"/> 65337 <state state_ref="oval:org.opensuse.security:ste:2009044646"/> 65338 </rpminfo_test> 65339 <rpminfo_test id="oval:org.opensuse.security:tst:2009107383" version="1" comment="xen-kmp-default is <3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65340 <object object_ref="oval:org.opensuse.security:obj:2009033788"/> 65341 <state state_ref="oval:org.opensuse.security:ste:2009044646"/> 65342 </rpminfo_test> 65343 <rpminfo_test id="oval:org.opensuse.security:tst:2009107384" version="1" comment="xen-kmp-smp is <3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65344 <object object_ref="oval:org.opensuse.security:obj:2009034577"/> 65345 <state state_ref="oval:org.opensuse.security:ste:2009044646"/> 65346 </rpminfo_test> 65347 <rpminfo_test id="oval:org.opensuse.security:tst:2009107385" version="1" comment="xen-libs-32bit is <3.2.3_17040_40-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65348 <object object_ref="oval:org.opensuse.security:obj:2009032234"/> 65349 <state state_ref="oval:org.opensuse.security:ste:2009044645"/> 65350 </rpminfo_test> 65351 <rpminfo_test id="oval:org.opensuse.security:tst:2009107386" version="1" comment="xen-libs is <3.2.3_17040_40-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65352 <object object_ref="oval:org.opensuse.security:obj:2009031482"/> 65353 <state state_ref="oval:org.opensuse.security:ste:2009044645"/> 65354 </rpminfo_test> 65355 <rpminfo_test id="oval:org.opensuse.security:tst:2009107387" version="1" comment="xen-tools-domU is <3.2.3_17040_40-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65356 <object object_ref="oval:org.opensuse.security:obj:2009031483"/> 65357 <state state_ref="oval:org.opensuse.security:ste:2009044645"/> 65358 </rpminfo_test> 65359 <rpminfo_test id="oval:org.opensuse.security:tst:2009107388" version="1" comment="xen-tools-ioemu is <3.2.3_17040_40-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65360 <object object_ref="oval:org.opensuse.security:obj:2009031484"/> 65361 <state state_ref="oval:org.opensuse.security:ste:2009044645"/> 65362 </rpminfo_test> 65363 <rpminfo_test id="oval:org.opensuse.security:tst:2009107389" version="1" comment="xen-tools is <3.2.3_17040_40-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65364 <object object_ref="oval:org.opensuse.security:obj:2009031485"/> 65365 <state state_ref="oval:org.opensuse.security:ste:2009044645"/> 65366 </rpminfo_test> 65367 <rpminfo_test id="oval:org.opensuse.security:tst:2009107390" version="1" comment="xen is <3.2.3_17040_40-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65368 <object object_ref="oval:org.opensuse.security:obj:2009031486"/> 65369 <state state_ref="oval:org.opensuse.security:ste:2009044645"/> 65370 </rpminfo_test> 65371 <rpminfo_test id="oval:org.opensuse.security:tst:2009075068" version="1" comment="libreoffice-af is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65372 <object object_ref="oval:org.opensuse.security:obj:2009034666"/> 65373 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65374 </rpminfo_test> 65375 <rpminfo_test id="oval:org.opensuse.security:tst:2009075069" version="1" comment="libreoffice-ar is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65376 <object object_ref="oval:org.opensuse.security:obj:2009034667"/> 65377 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65378 </rpminfo_test> 65379 <rpminfo_test id="oval:org.opensuse.security:tst:2009075070" version="1" comment="libreoffice-ca is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65380 <object object_ref="oval:org.opensuse.security:obj:2009034668"/> 65381 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65382 </rpminfo_test> 65383 <rpminfo_test id="oval:org.opensuse.security:tst:2009075071" version="1" comment="libreoffice-cs is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65384 <object object_ref="oval:org.opensuse.security:obj:2009034669"/> 65385 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65386 </rpminfo_test> 65387 <rpminfo_test id="oval:org.opensuse.security:tst:2009075072" version="1" comment="libreoffice-da is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65388 <object object_ref="oval:org.opensuse.security:obj:2009034670"/> 65389 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65390 </rpminfo_test> 65391 <rpminfo_test id="oval:org.opensuse.security:tst:2009075073" version="1" comment="libreoffice-de is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65392 <object object_ref="oval:org.opensuse.security:obj:2009034672"/> 65393 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65394 </rpminfo_test> 65395 <rpminfo_test id="oval:org.opensuse.security:tst:2009075074" version="1" comment="libreoffice-el is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65396 <object object_ref="oval:org.opensuse.security:obj:2009034673"/> 65397 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65398 </rpminfo_test> 65399 <rpminfo_test id="oval:org.opensuse.security:tst:2009075075" version="1" comment="libreoffice-en-GB is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65400 <object object_ref="oval:org.opensuse.security:obj:2009034674"/> 65401 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65402 </rpminfo_test> 65403 <rpminfo_test id="oval:org.opensuse.security:tst:2009075076" version="1" comment="libreoffice-es is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65404 <object object_ref="oval:org.opensuse.security:obj:2009034675"/> 65405 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65406 </rpminfo_test> 65407 <rpminfo_test id="oval:org.opensuse.security:tst:2009075077" version="1" comment="libreoffice-fi is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65408 <object object_ref="oval:org.opensuse.security:obj:2009034676"/> 65409 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65410 </rpminfo_test> 65411 <rpminfo_test id="oval:org.opensuse.security:tst:2009075078" version="1" comment="libreoffice-fr is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65412 <object object_ref="oval:org.opensuse.security:obj:2009034677"/> 65413 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65414 </rpminfo_test> 65415 <rpminfo_test id="oval:org.opensuse.security:tst:2009075079" version="1" comment="libreoffice-galleries is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65416 <object object_ref="oval:org.opensuse.security:obj:2009034678"/> 65417 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65418 </rpminfo_test> 65419 <rpminfo_test id="oval:org.opensuse.security:tst:2009075080" version="1" comment="libreoffice-gnome is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65420 <object object_ref="oval:org.opensuse.security:obj:2009034098"/> 65421 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65422 </rpminfo_test> 65423 <rpminfo_test id="oval:org.opensuse.security:tst:2009075081" version="1" comment="libreoffice-gu-IN is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65424 <object object_ref="oval:org.opensuse.security:obj:2009034679"/> 65425 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65426 </rpminfo_test> 65427 <rpminfo_test id="oval:org.opensuse.security:tst:2009075082" version="1" comment="libreoffice-hi-IN is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65428 <object object_ref="oval:org.opensuse.security:obj:2009034680"/> 65429 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65430 </rpminfo_test> 65431 <rpminfo_test id="oval:org.opensuse.security:tst:2009075083" version="1" comment="libreoffice-hu is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65432 <object object_ref="oval:org.opensuse.security:obj:2009034681"/> 65433 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65434 </rpminfo_test> 65435 <rpminfo_test id="oval:org.opensuse.security:tst:2009075084" version="1" comment="libreoffice-it is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65436 <object object_ref="oval:org.opensuse.security:obj:2009034682"/> 65437 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65438 </rpminfo_test> 65439 <rpminfo_test id="oval:org.opensuse.security:tst:2009075085" version="1" comment="libreoffice-ja is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65440 <object object_ref="oval:org.opensuse.security:obj:2009034683"/> 65441 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65442 </rpminfo_test> 65443 <rpminfo_test id="oval:org.opensuse.security:tst:2009075086" version="1" comment="libreoffice-kde is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65444 <object object_ref="oval:org.opensuse.security:obj:2009034124"/> 65445 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65446 </rpminfo_test> 65447 <rpminfo_test id="oval:org.opensuse.security:tst:2009075087" version="1" comment="libreoffice-ko is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65448 <object object_ref="oval:org.opensuse.security:obj:2009034684"/> 65449 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65450 </rpminfo_test> 65451 <rpminfo_test id="oval:org.opensuse.security:tst:2009075088" version="1" comment="libreoffice-mono is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65452 <object object_ref="oval:org.opensuse.security:obj:2009034162"/> 65453 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65454 </rpminfo_test> 65455 <rpminfo_test id="oval:org.opensuse.security:tst:2009075089" version="1" comment="libreoffice-nb is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65456 <object object_ref="oval:org.opensuse.security:obj:2009034685"/> 65457 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65458 </rpminfo_test> 65459 <rpminfo_test id="oval:org.opensuse.security:tst:2009075090" version="1" comment="libreoffice-nl is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65460 <object object_ref="oval:org.opensuse.security:obj:2009034686"/> 65461 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65462 </rpminfo_test> 65463 <rpminfo_test id="oval:org.opensuse.security:tst:2009075091" version="1" comment="libreoffice-nn is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65464 <object object_ref="oval:org.opensuse.security:obj:2009034687"/> 65465 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65466 </rpminfo_test> 65467 <rpminfo_test id="oval:org.opensuse.security:tst:2009075092" version="1" comment="libreoffice-pl is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65468 <object object_ref="oval:org.opensuse.security:obj:2009034688"/> 65469 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65470 </rpminfo_test> 65471 <rpminfo_test id="oval:org.opensuse.security:tst:2009075093" version="1" comment="libreoffice-pt-BR is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65472 <object object_ref="oval:org.opensuse.security:obj:2009034689"/> 65473 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65474 </rpminfo_test> 65475 <rpminfo_test id="oval:org.opensuse.security:tst:2009075094" version="1" comment="libreoffice-ru is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65476 <object object_ref="oval:org.opensuse.security:obj:2009034690"/> 65477 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65478 </rpminfo_test> 65479 <rpminfo_test id="oval:org.opensuse.security:tst:2009075095" version="1" comment="libreoffice-sk is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65480 <object object_ref="oval:org.opensuse.security:obj:2009034691"/> 65481 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65482 </rpminfo_test> 65483 <rpminfo_test id="oval:org.opensuse.security:tst:2009075096" version="1" comment="libreoffice-sv is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65484 <object object_ref="oval:org.opensuse.security:obj:2009034692"/> 65485 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65486 </rpminfo_test> 65487 <rpminfo_test id="oval:org.opensuse.security:tst:2009075097" version="1" comment="libreoffice-xh is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65488 <object object_ref="oval:org.opensuse.security:obj:2009034693"/> 65489 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65490 </rpminfo_test> 65491 <rpminfo_test id="oval:org.opensuse.security:tst:2009075098" version="1" comment="libreoffice-zh-CN is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65492 <object object_ref="oval:org.opensuse.security:obj:2009034694"/> 65493 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65494 </rpminfo_test> 65495 <rpminfo_test id="oval:org.opensuse.security:tst:2009075099" version="1" comment="libreoffice-zh-TW is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65496 <object object_ref="oval:org.opensuse.security:obj:2009034695"/> 65497 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65498 </rpminfo_test> 65499 <rpminfo_test id="oval:org.opensuse.security:tst:2009075100" version="1" comment="libreoffice-zu is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65500 <object object_ref="oval:org.opensuse.security:obj:2009034696"/> 65501 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65502 </rpminfo_test> 65503 <rpminfo_test id="oval:org.opensuse.security:tst:2009075101" version="1" comment="libreoffice is <3.5.4.7-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65504 <object object_ref="oval:org.opensuse.security:obj:2009034188"/> 65505 <state state_ref="oval:org.opensuse.security:ste:2009040623"/> 65506 </rpminfo_test> 65507 <rpminfo_test id="oval:org.opensuse.security:tst:2009074907" version="1" comment="boost-32bit is <1.33.1-17.15.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65508 <object object_ref="oval:org.opensuse.security:obj:2009034665"/> 65509 <state state_ref="oval:org.opensuse.security:ste:2009040599"/> 65510 </rpminfo_test> 65511 <rpminfo_test id="oval:org.opensuse.security:tst:2009074908" version="1" comment="boost is <1.33.1-17.15.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65512 <object object_ref="oval:org.opensuse.security:obj:2009031617"/> 65513 <state state_ref="oval:org.opensuse.security:ste:2009040599"/> 65514 </rpminfo_test> 65515 <rpminfo_test id="oval:org.opensuse.security:tst:2009075201" version="1" comment="jpeg is <6b-752.8.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65516 <object object_ref="oval:org.opensuse.security:obj:2009034966"/> 65517 <state state_ref="oval:org.opensuse.security:ste:2009040646"/> 65518 </rpminfo_test> 65519 <rpminfo_test id="oval:org.opensuse.security:tst:2009075202" version="1" comment="libjpeg-32bit is <6.2.0-752.8.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65520 <object object_ref="oval:org.opensuse.security:obj:2009034967"/> 65521 <state state_ref="oval:org.opensuse.security:ste:2009040647"/> 65522 </rpminfo_test> 65523 <rpminfo_test id="oval:org.opensuse.security:tst:2009075203" version="1" comment="libjpeg-devel-32bit is <6.2.0-18.8.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65524 <object object_ref="oval:org.opensuse.security:obj:2009034968"/> 65525 <state state_ref="oval:org.opensuse.security:ste:2009040648"/> 65526 </rpminfo_test> 65527 <rpminfo_test id="oval:org.opensuse.security:tst:2009075204" version="1" comment="libjpeg-devel is <6.2.0-18.8.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65528 <object object_ref="oval:org.opensuse.security:obj:2009034969"/> 65529 <state state_ref="oval:org.opensuse.security:ste:2009040648"/> 65530 </rpminfo_test> 65531 <rpminfo_test id="oval:org.opensuse.security:tst:2009075205" version="1" comment="libjpeg is <6.2.0-752.8.45" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65532 <object object_ref="oval:org.opensuse.security:obj:2009034970"/> 65533 <state state_ref="oval:org.opensuse.security:ste:2009040647"/> 65534 </rpminfo_test> 65535 <rpminfo_test id="oval:org.opensuse.security:tst:2009075509" version="1" comment="libxml2-32bit is <2.6.23-15.33.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65536 <object object_ref="oval:org.opensuse.security:obj:2009030809"/> 65537 <state state_ref="oval:org.opensuse.security:ste:2009040686"/> 65538 </rpminfo_test> 65539 <rpminfo_test id="oval:org.opensuse.security:tst:2009075510" version="1" comment="libxml2-devel-32bit is <2.6.23-15.33.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65540 <object object_ref="oval:org.opensuse.security:obj:2009031522"/> 65541 <state state_ref="oval:org.opensuse.security:ste:2009040686"/> 65542 </rpminfo_test> 65543 <rpminfo_test id="oval:org.opensuse.security:tst:2009075511" version="1" comment="libxml2-devel is <2.6.23-15.33.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65544 <object object_ref="oval:org.opensuse.security:obj:2009030405"/> 65545 <state state_ref="oval:org.opensuse.security:ste:2009040686"/> 65546 </rpminfo_test> 65547 <rpminfo_test id="oval:org.opensuse.security:tst:2009075512" version="1" comment="libxml2 is <2.6.23-15.33.17" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65548 <object object_ref="oval:org.opensuse.security:obj:2009030406"/> 65549 <state state_ref="oval:org.opensuse.security:ste:2009040686"/> 65550 </rpminfo_test> 65551 <rpminfo_test id="oval:org.opensuse.security:tst:2009075012" version="1" comment="libexif-32bit is <0.6.13-20.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65552 <object object_ref="oval:org.opensuse.security:obj:2009030747"/> 65553 <state state_ref="oval:org.opensuse.security:ste:2009040615"/> 65554 </rpminfo_test> 65555 <rpminfo_test id="oval:org.opensuse.security:tst:2009075013" version="1" comment="libexif is <0.6.13-20.14.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65556 <object object_ref="oval:org.opensuse.security:obj:2009030484"/> 65557 <state state_ref="oval:org.opensuse.security:ste:2009040615"/> 65558 </rpminfo_test> 65559 <rpminfo_test id="oval:org.opensuse.security:tst:2009075014" version="1" comment="libxslt-32bit is <1.1.15-15.18.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65560 <object object_ref="oval:org.opensuse.security:obj:2009030841"/> 65561 <state state_ref="oval:org.opensuse.security:ste:2009040616"/> 65562 </rpminfo_test> 65563 <rpminfo_test id="oval:org.opensuse.security:tst:2009075015" version="1" comment="libxslt-devel-32bit is <1.1.15-15.18.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65564 <object object_ref="oval:org.opensuse.security:obj:2009031708"/> 65565 <state state_ref="oval:org.opensuse.security:ste:2009040616"/> 65566 </rpminfo_test> 65567 <rpminfo_test id="oval:org.opensuse.security:tst:2009075016" version="1" comment="libxslt-devel is <1.1.15-15.18.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65568 <object object_ref="oval:org.opensuse.security:obj:2009030842"/> 65569 <state state_ref="oval:org.opensuse.security:ste:2009040616"/> 65570 </rpminfo_test> 65571 <rpminfo_test id="oval:org.opensuse.security:tst:2009075017" version="1" comment="libxslt is <1.1.15-15.18.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65572 <object object_ref="oval:org.opensuse.security:obj:2009030843"/> 65573 <state state_ref="oval:org.opensuse.security:ste:2009040616"/> 65574 </rpminfo_test> 65575 <rpminfo_test id="oval:org.opensuse.security:tst:2009076851" version="1" comment="java-1_5_0-ibm-32bit is <1.5.0_sr16.0-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65576 <object object_ref="oval:org.opensuse.security:obj:2009032707"/> 65577 <state state_ref="oval:org.opensuse.security:ste:2009040915"/> 65578 </rpminfo_test> 65579 <rpminfo_test id="oval:org.opensuse.security:tst:2009076852" version="1" comment="java-1_5_0-ibm-alsa-32bit is <1.5.0_sr16.0-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65580 <object object_ref="oval:org.opensuse.security:obj:2009032708"/> 65581 <state state_ref="oval:org.opensuse.security:ste:2009040915"/> 65582 </rpminfo_test> 65583 <rpminfo_test id="oval:org.opensuse.security:tst:2009076853" version="1" comment="java-1_5_0-ibm-alsa is <1.5.0_sr16.0-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65584 <object object_ref="oval:org.opensuse.security:obj:2009032709"/> 65585 <state state_ref="oval:org.opensuse.security:ste:2009040915"/> 65586 </rpminfo_test> 65587 <rpminfo_test id="oval:org.opensuse.security:tst:2009076854" version="1" comment="java-1_5_0-ibm-demo is <1.5.0_sr16.0-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65588 <object object_ref="oval:org.opensuse.security:obj:2009032710"/> 65589 <state state_ref="oval:org.opensuse.security:ste:2009040915"/> 65590 </rpminfo_test> 65591 <rpminfo_test id="oval:org.opensuse.security:tst:2009076855" version="1" comment="java-1_5_0-ibm-devel-32bit is <1.5.0_sr16.0-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65592 <object object_ref="oval:org.opensuse.security:obj:2009032711"/> 65593 <state state_ref="oval:org.opensuse.security:ste:2009040915"/> 65594 </rpminfo_test> 65595 <rpminfo_test id="oval:org.opensuse.security:tst:2009076856" version="1" comment="java-1_5_0-ibm-devel is <1.5.0_sr16.0-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65596 <object object_ref="oval:org.opensuse.security:obj:2009032712"/> 65597 <state state_ref="oval:org.opensuse.security:ste:2009040915"/> 65598 </rpminfo_test> 65599 <rpminfo_test id="oval:org.opensuse.security:tst:2009076857" version="1" comment="java-1_5_0-ibm-fonts is <1.5.0_sr16.0-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65600 <object object_ref="oval:org.opensuse.security:obj:2009032773"/> 65601 <state state_ref="oval:org.opensuse.security:ste:2009040915"/> 65602 </rpminfo_test> 65603 <rpminfo_test id="oval:org.opensuse.security:tst:2009076858" version="1" comment="java-1_5_0-ibm-jdbc is <1.5.0_sr16.0-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65604 <object object_ref="oval:org.opensuse.security:obj:2009032713"/> 65605 <state state_ref="oval:org.opensuse.security:ste:2009040915"/> 65606 </rpminfo_test> 65607 <rpminfo_test id="oval:org.opensuse.security:tst:2009076859" version="1" comment="java-1_5_0-ibm-plugin is <1.5.0_sr16.0-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65608 <object object_ref="oval:org.opensuse.security:obj:2009032714"/> 65609 <state state_ref="oval:org.opensuse.security:ste:2009040915"/> 65610 </rpminfo_test> 65611 <rpminfo_test id="oval:org.opensuse.security:tst:2009076860" version="1" comment="java-1_5_0-ibm-src is <1.5.0_sr16.0-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65612 <object object_ref="oval:org.opensuse.security:obj:2009032715"/> 65613 <state state_ref="oval:org.opensuse.security:ste:2009040915"/> 65614 </rpminfo_test> 65615 <rpminfo_test id="oval:org.opensuse.security:tst:2009076861" version="1" comment="java-1_5_0-ibm is <1.5.0_sr16.0-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65616 <object object_ref="oval:org.opensuse.security:obj:2009032716"/> 65617 <state state_ref="oval:org.opensuse.security:ste:2009040915"/> 65618 </rpminfo_test> 65619 <rpminfo_test id="oval:org.opensuse.security:tst:2009075146" version="1" comment="gimp-devel is <2.2.10-22.42.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65620 <object object_ref="oval:org.opensuse.security:obj:2009030654"/> 65621 <state state_ref="oval:org.opensuse.security:ste:2009040631"/> 65622 </rpminfo_test> 65623 <rpminfo_test id="oval:org.opensuse.security:tst:2009075147" version="1" comment="gimp is <2.2.10-22.42.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65624 <object object_ref="oval:org.opensuse.security:obj:2009030642"/> 65625 <state state_ref="oval:org.opensuse.security:ste:2009040631"/> 65626 </rpminfo_test> 65627 <rpminfo_test id="oval:org.opensuse.security:tst:2009074959" version="1" comment="finch is <2.6.6-0.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65628 <object object_ref="oval:org.opensuse.security:obj:2009031748"/> 65629 <state state_ref="oval:org.opensuse.security:ste:2009040603"/> 65630 </rpminfo_test> 65631 <rpminfo_test id="oval:org.opensuse.security:tst:2009074960" version="1" comment="libpurple is <2.6.6-0.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65632 <object object_ref="oval:org.opensuse.security:obj:2009031423"/> 65633 <state state_ref="oval:org.opensuse.security:ste:2009040603"/> 65634 </rpminfo_test> 65635 <rpminfo_test id="oval:org.opensuse.security:tst:2009074961" version="1" comment="pidgin is <2.6.6-0.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65636 <object object_ref="oval:org.opensuse.security:obj:2009031752"/> 65637 <state state_ref="oval:org.opensuse.security:ste:2009040603"/> 65638 </rpminfo_test> 65639 <rpminfo_test id="oval:org.opensuse.security:tst:2009075102" version="1" comment="libtiff-32bit is <3.8.2-5.30.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65640 <object object_ref="oval:org.opensuse.security:obj:2009030616"/> 65641 <state state_ref="oval:org.opensuse.security:ste:2009040624"/> 65642 </rpminfo_test> 65643 <rpminfo_test id="oval:org.opensuse.security:tst:2009075103" version="1" comment="libtiff-devel is <3.8.2-5.30.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65644 <object object_ref="oval:org.opensuse.security:obj:2009031676"/> 65645 <state state_ref="oval:org.opensuse.security:ste:2009040624"/> 65646 </rpminfo_test> 65647 <rpminfo_test id="oval:org.opensuse.security:tst:2009075104" version="1" comment="libtiff is <3.8.2-5.30.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65648 <object object_ref="oval:org.opensuse.security:obj:2009030452"/> 65649 <state state_ref="oval:org.opensuse.security:ste:2009040624"/> 65650 </rpminfo_test> 65651 <rpminfo_test id="oval:org.opensuse.security:tst:2009075425" version="1" comment="gimp-devel is <2.2.10-22.46.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65652 <object object_ref="oval:org.opensuse.security:obj:2009030654"/> 65653 <state state_ref="oval:org.opensuse.security:ste:2009040666"/> 65654 </rpminfo_test> 65655 <rpminfo_test id="oval:org.opensuse.security:tst:2009075426" version="1" comment="gimp is <2.2.10-22.46.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65656 <object object_ref="oval:org.opensuse.security:obj:2009030642"/> 65657 <state state_ref="oval:org.opensuse.security:ste:2009040666"/> 65658 </rpminfo_test> 65659 <rpminfo_test id="oval:org.opensuse.security:tst:2009075266" version="1" comment="gimp-devel is <2.2.10-22.44.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65660 <object object_ref="oval:org.opensuse.security:obj:2009030654"/> 65661 <state state_ref="oval:org.opensuse.security:ste:2009040661"/> 65662 </rpminfo_test> 65663 <rpminfo_test id="oval:org.opensuse.security:tst:2009075267" version="1" comment="gimp is <2.2.10-22.44.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65664 <object object_ref="oval:org.opensuse.security:obj:2009030642"/> 65665 <state state_ref="oval:org.opensuse.security:ste:2009040661"/> 65666 </rpminfo_test> 65667 <rpminfo_test id="oval:org.opensuse.security:tst:2009075154" version="1" comment="bash is <3.1-24.30.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65668 <object object_ref="oval:org.opensuse.security:obj:2009032478"/> 65669 <state state_ref="oval:org.opensuse.security:ste:2009040635"/> 65670 </rpminfo_test> 65671 <rpminfo_test id="oval:org.opensuse.security:tst:2009075155" version="1" comment="readline-32bit is <5.1-24.30.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65672 <object object_ref="oval:org.opensuse.security:obj:2009032534"/> 65673 <state state_ref="oval:org.opensuse.security:ste:2009040636"/> 65674 </rpminfo_test> 65675 <rpminfo_test id="oval:org.opensuse.security:tst:2009075156" version="1" comment="readline-devel-32bit is <5.1-24.30.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65676 <object object_ref="oval:org.opensuse.security:obj:2009032535"/> 65677 <state state_ref="oval:org.opensuse.security:ste:2009040636"/> 65678 </rpminfo_test> 65679 <rpminfo_test id="oval:org.opensuse.security:tst:2009075157" version="1" comment="readline-devel is <5.1-24.30.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65680 <object object_ref="oval:org.opensuse.security:obj:2009032536"/> 65681 <state state_ref="oval:org.opensuse.security:ste:2009040636"/> 65682 </rpminfo_test> 65683 <rpminfo_test id="oval:org.opensuse.security:tst:2009075158" version="1" comment="readline is <5.1-24.30.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65684 <object object_ref="oval:org.opensuse.security:obj:2009032537"/> 65685 <state state_ref="oval:org.opensuse.security:ste:2009040636"/> 65686 </rpminfo_test> 65687 <rpminfo_test id="oval:org.opensuse.security:tst:2009075497" version="1" comment="quota is <3.13-17.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65688 <object object_ref="oval:org.opensuse.security:obj:2009034975"/> 65689 <state state_ref="oval:org.opensuse.security:ste:2009040683"/> 65690 </rpminfo_test> 65691 <rpminfo_test id="oval:org.opensuse.security:tst:2009076353" version="1" comment="permissions is <2013.1.7-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65692 <object object_ref="oval:org.opensuse.security:obj:2009032191"/> 65693 <state state_ref="oval:org.opensuse.security:ste:2009040804"/> 65694 </rpminfo_test> 65695 <rpminfo_test id="oval:org.opensuse.security:tst:2009075189" version="1" comment="libpng-32bit is <1.2.8-19.37.24" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65696 <object object_ref="oval:org.opensuse.security:obj:2009030638"/> 65697 <state state_ref="oval:org.opensuse.security:ste:2009040644"/> 65698 </rpminfo_test> 65699 <rpminfo_test id="oval:org.opensuse.security:tst:2009075190" version="1" comment="libpng-devel-32bit is <1.2.8-19.37.24" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65700 <object object_ref="oval:org.opensuse.security:obj:2009031449"/> 65701 <state state_ref="oval:org.opensuse.security:ste:2009040644"/> 65702 </rpminfo_test> 65703 <rpminfo_test id="oval:org.opensuse.security:tst:2009075191" version="1" comment="libpng-devel is <1.2.8-19.37.24" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65704 <object object_ref="oval:org.opensuse.security:obj:2009030639"/> 65705 <state state_ref="oval:org.opensuse.security:ste:2009040644"/> 65706 </rpminfo_test> 65707 <rpminfo_test id="oval:org.opensuse.security:tst:2009075192" version="1" comment="libpng is <1.2.8-19.37.24" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65708 <object object_ref="oval:org.opensuse.security:obj:2009030640"/> 65709 <state state_ref="oval:org.opensuse.security:ste:2009040644"/> 65710 </rpminfo_test> 65711 <rpminfo_test id="oval:org.opensuse.security:tst:2009077155" version="1" comment="ImageMagick-Magick++ is <6.2.5-16.36.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65712 <object object_ref="oval:org.opensuse.security:obj:2009030833"/> 65713 <state state_ref="oval:org.opensuse.security:ste:2009040976"/> 65714 </rpminfo_test> 65715 <rpminfo_test id="oval:org.opensuse.security:tst:2009077156" version="1" comment="ImageMagick-devel is <6.2.5-16.36.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65716 <object object_ref="oval:org.opensuse.security:obj:2009030421"/> 65717 <state state_ref="oval:org.opensuse.security:ste:2009040976"/> 65718 </rpminfo_test> 65719 <rpminfo_test id="oval:org.opensuse.security:tst:2009077157" version="1" comment="ImageMagick is <6.2.5-16.36.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65720 <object object_ref="oval:org.opensuse.security:obj:2009030422"/> 65721 <state state_ref="oval:org.opensuse.security:ste:2009040976"/> 65722 </rpminfo_test> 65723 <rpminfo_test id="oval:org.opensuse.security:tst:2009077158" version="1" comment="perl-PerlMagick is <6.2.5-16.36.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65724 <object object_ref="oval:org.opensuse.security:obj:2009030834"/> 65725 <state state_ref="oval:org.opensuse.security:ste:2009040976"/> 65726 </rpminfo_test> 65727 <rpminfo_test id="oval:org.opensuse.security:tst:2009076090" version="1" comment="libotr is <3.0.0-16.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65728 <object object_ref="oval:org.opensuse.security:obj:2009034992"/> 65729 <state state_ref="oval:org.opensuse.security:ste:2009040760"/> 65730 </rpminfo_test> 65731 <rpminfo_test id="oval:org.opensuse.security:tst:2009076207" version="1" comment="glibc-32bit is <2.4-31.107.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65732 <object object_ref="oval:org.opensuse.security:obj:2009031922"/> 65733 <state state_ref="oval:org.opensuse.security:ste:2009040782"/> 65734 </rpminfo_test> 65735 <rpminfo_test id="oval:org.opensuse.security:tst:2009076208" version="1" comment="glibc-devel-32bit is <2.4-31.107.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65736 <object object_ref="oval:org.opensuse.security:obj:2009031923"/> 65737 <state state_ref="oval:org.opensuse.security:ste:2009040782"/> 65738 </rpminfo_test> 65739 <rpminfo_test id="oval:org.opensuse.security:tst:2009076209" version="1" comment="glibc-devel is <2.4-31.107.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65740 <object object_ref="oval:org.opensuse.security:obj:2009031924"/> 65741 <state state_ref="oval:org.opensuse.security:ste:2009040782"/> 65742 </rpminfo_test> 65743 <rpminfo_test id="oval:org.opensuse.security:tst:2009076210" version="1" comment="glibc-html is <2.4-31.107.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65744 <object object_ref="oval:org.opensuse.security:obj:2009032391"/> 65745 <state state_ref="oval:org.opensuse.security:ste:2009040782"/> 65746 </rpminfo_test> 65747 <rpminfo_test id="oval:org.opensuse.security:tst:2009076211" version="1" comment="glibc-i18ndata is <2.4-31.107.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65748 <object object_ref="oval:org.opensuse.security:obj:2009032392"/> 65749 <state state_ref="oval:org.opensuse.security:ste:2009040782"/> 65750 </rpminfo_test> 65751 <rpminfo_test id="oval:org.opensuse.security:tst:2009076212" version="1" comment="glibc-info is <2.4-31.107.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65752 <object object_ref="oval:org.opensuse.security:obj:2009032393"/> 65753 <state state_ref="oval:org.opensuse.security:ste:2009040782"/> 65754 </rpminfo_test> 65755 <rpminfo_test id="oval:org.opensuse.security:tst:2009076213" version="1" comment="glibc-locale-32bit is <2.4-31.107.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65756 <object object_ref="oval:org.opensuse.security:obj:2009030531"/> 65757 <state state_ref="oval:org.opensuse.security:ste:2009040782"/> 65758 </rpminfo_test> 65759 <rpminfo_test id="oval:org.opensuse.security:tst:2009076214" version="1" comment="glibc-locale is <2.4-31.107.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65760 <object object_ref="oval:org.opensuse.security:obj:2009031925"/> 65761 <state state_ref="oval:org.opensuse.security:ste:2009040782"/> 65762 </rpminfo_test> 65763 <rpminfo_test id="oval:org.opensuse.security:tst:2009076215" version="1" comment="glibc is <2.4-31.107.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65764 <object object_ref="oval:org.opensuse.security:obj:2009031926"/> 65765 <state state_ref="oval:org.opensuse.security:ste:2009040782"/> 65766 </rpminfo_test> 65767 <rpminfo_test id="oval:org.opensuse.security:tst:2009076216" version="1" comment="nscd is <2.4-31.107.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65768 <object object_ref="oval:org.opensuse.security:obj:2009032399"/> 65769 <state state_ref="oval:org.opensuse.security:ste:2009040782"/> 65770 </rpminfo_test> 65771 <rpminfo_test id="oval:org.opensuse.security:tst:2009107426" version="1" comment="xen-devel is <3.2.3_17040_42-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65772 <object object_ref="oval:org.opensuse.security:obj:2009031479"/> 65773 <state state_ref="oval:org.opensuse.security:ste:2009044653"/> 65774 </rpminfo_test> 65775 <rpminfo_test id="oval:org.opensuse.security:tst:2009107427" version="1" comment="xen-devel is <3.2.3_17040_42-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65776 <object object_ref="oval:org.opensuse.security:obj:2009031479"/> 65777 <state state_ref="oval:org.opensuse.security:ste:2009044654"/> 65778 </rpminfo_test> 65779 <rpminfo_test id="oval:org.opensuse.security:tst:2009107428" version="1" comment="xen-doc-html is <3.2.3_17040_42-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65780 <object object_ref="oval:org.opensuse.security:obj:2009031480"/> 65781 <state state_ref="oval:org.opensuse.security:ste:2009044653"/> 65782 </rpminfo_test> 65783 <rpminfo_test id="oval:org.opensuse.security:tst:2009107429" version="1" comment="xen-doc-html is <3.2.3_17040_42-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65784 <object object_ref="oval:org.opensuse.security:obj:2009031480"/> 65785 <state state_ref="oval:org.opensuse.security:ste:2009044654"/> 65786 </rpminfo_test> 65787 <rpminfo_test id="oval:org.opensuse.security:tst:2009107430" version="1" comment="xen-doc-pdf is <3.2.3_17040_42-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65788 <object object_ref="oval:org.opensuse.security:obj:2009031481"/> 65789 <state state_ref="oval:org.opensuse.security:ste:2009044653"/> 65790 </rpminfo_test> 65791 <rpminfo_test id="oval:org.opensuse.security:tst:2009107431" version="1" comment="xen-doc-pdf is <3.2.3_17040_42-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65792 <object object_ref="oval:org.opensuse.security:obj:2009031481"/> 65793 <state state_ref="oval:org.opensuse.security:ste:2009044654"/> 65794 </rpminfo_test> 65795 <rpminfo_test id="oval:org.opensuse.security:tst:2009107432" version="1" comment="xen-doc-ps is <3.2.3_17040_42-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65796 <object object_ref="oval:org.opensuse.security:obj:2009032233"/> 65797 <state state_ref="oval:org.opensuse.security:ste:2009044653"/> 65798 </rpminfo_test> 65799 <rpminfo_test id="oval:org.opensuse.security:tst:2009107433" version="1" comment="xen-doc-ps is <3.2.3_17040_42-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65800 <object object_ref="oval:org.opensuse.security:obj:2009032233"/> 65801 <state state_ref="oval:org.opensuse.security:ste:2009044654"/> 65802 </rpminfo_test> 65803 <rpminfo_test id="oval:org.opensuse.security:tst:2009107434" version="1" comment="xen-kmp-bigsmp is <3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65804 <object object_ref="oval:org.opensuse.security:obj:2009034576"/> 65805 <state state_ref="oval:org.opensuse.security:ste:2009044655"/> 65806 </rpminfo_test> 65807 <rpminfo_test id="oval:org.opensuse.security:tst:2009107435" version="1" comment="xen-kmp-default is <3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65808 <object object_ref="oval:org.opensuse.security:obj:2009033788"/> 65809 <state state_ref="oval:org.opensuse.security:ste:2009044656"/> 65810 </rpminfo_test> 65811 <rpminfo_test id="oval:org.opensuse.security:tst:2009107436" version="1" comment="xen-kmp-default is <3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65812 <object object_ref="oval:org.opensuse.security:obj:2009033788"/> 65813 <state state_ref="oval:org.opensuse.security:ste:2009044655"/> 65814 </rpminfo_test> 65815 <rpminfo_test id="oval:org.opensuse.security:tst:2009107437" version="1" comment="xen-kmp-smp is <3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65816 <object object_ref="oval:org.opensuse.security:obj:2009034577"/> 65817 <state state_ref="oval:org.opensuse.security:ste:2009044656"/> 65818 </rpminfo_test> 65819 <rpminfo_test id="oval:org.opensuse.security:tst:2009107438" version="1" comment="xen-kmp-smp is <3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65820 <object object_ref="oval:org.opensuse.security:obj:2009034577"/> 65821 <state state_ref="oval:org.opensuse.security:ste:2009044655"/> 65822 </rpminfo_test> 65823 <rpminfo_test id="oval:org.opensuse.security:tst:2009107439" version="1" comment="xen-libs-32bit is <3.2.3_17040_42-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65824 <object object_ref="oval:org.opensuse.security:obj:2009032234"/> 65825 <state state_ref="oval:org.opensuse.security:ste:2009044653"/> 65826 </rpminfo_test> 65827 <rpminfo_test id="oval:org.opensuse.security:tst:2009107440" version="1" comment="xen-libs is <3.2.3_17040_42-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65828 <object object_ref="oval:org.opensuse.security:obj:2009031482"/> 65829 <state state_ref="oval:org.opensuse.security:ste:2009044653"/> 65830 </rpminfo_test> 65831 <rpminfo_test id="oval:org.opensuse.security:tst:2009107441" version="1" comment="xen-libs is <3.2.3_17040_42-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65832 <object object_ref="oval:org.opensuse.security:obj:2009031482"/> 65833 <state state_ref="oval:org.opensuse.security:ste:2009044654"/> 65834 </rpminfo_test> 65835 <rpminfo_test id="oval:org.opensuse.security:tst:2009107442" version="1" comment="xen-tools-domU is <3.2.3_17040_42-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65836 <object object_ref="oval:org.opensuse.security:obj:2009031483"/> 65837 <state state_ref="oval:org.opensuse.security:ste:2009044653"/> 65838 </rpminfo_test> 65839 <rpminfo_test id="oval:org.opensuse.security:tst:2009107443" version="1" comment="xen-tools-domU is <3.2.3_17040_42-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65840 <object object_ref="oval:org.opensuse.security:obj:2009031483"/> 65841 <state state_ref="oval:org.opensuse.security:ste:2009044654"/> 65842 </rpminfo_test> 65843 <rpminfo_test id="oval:org.opensuse.security:tst:2009107444" version="1" comment="xen-tools-ioemu is <3.2.3_17040_42-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65844 <object object_ref="oval:org.opensuse.security:obj:2009031484"/> 65845 <state state_ref="oval:org.opensuse.security:ste:2009044653"/> 65846 </rpminfo_test> 65847 <rpminfo_test id="oval:org.opensuse.security:tst:2009107445" version="1" comment="xen-tools-ioemu is <3.2.3_17040_42-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65848 <object object_ref="oval:org.opensuse.security:obj:2009031484"/> 65849 <state state_ref="oval:org.opensuse.security:ste:2009044654"/> 65850 </rpminfo_test> 65851 <rpminfo_test id="oval:org.opensuse.security:tst:2009107446" version="1" comment="xen-tools is <3.2.3_17040_42-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65852 <object object_ref="oval:org.opensuse.security:obj:2009031485"/> 65853 <state state_ref="oval:org.opensuse.security:ste:2009044653"/> 65854 </rpminfo_test> 65855 <rpminfo_test id="oval:org.opensuse.security:tst:2009107447" version="1" comment="xen-tools is <3.2.3_17040_42-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65856 <object object_ref="oval:org.opensuse.security:obj:2009031485"/> 65857 <state state_ref="oval:org.opensuse.security:ste:2009044654"/> 65858 </rpminfo_test> 65859 <rpminfo_test id="oval:org.opensuse.security:tst:2009107448" version="1" comment="xen is <3.2.3_17040_42-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65860 <object object_ref="oval:org.opensuse.security:obj:2009031486"/> 65861 <state state_ref="oval:org.opensuse.security:ste:2009044653"/> 65862 </rpminfo_test> 65863 <rpminfo_test id="oval:org.opensuse.security:tst:2009107449" version="1" comment="xen is <3.2.3_17040_42-0.7.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65864 <object object_ref="oval:org.opensuse.security:obj:2009031486"/> 65865 <state state_ref="oval:org.opensuse.security:ste:2009044654"/> 65866 </rpminfo_test> 65867 <rpminfo_test id="oval:org.opensuse.security:tst:2009075216" version="1" comment="dhcp-client is <3.0.7-7.17.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65868 <object object_ref="oval:org.opensuse.security:obj:2009030726"/> 65869 <state state_ref="oval:org.opensuse.security:ste:2009040652"/> 65870 </rpminfo_test> 65871 <rpminfo_test id="oval:org.opensuse.security:tst:2009075217" version="1" comment="dhcp is <3.0.7-7.17.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65872 <object object_ref="oval:org.opensuse.security:obj:2009030729"/> 65873 <state state_ref="oval:org.opensuse.security:ste:2009040652"/> 65874 </rpminfo_test> 65875 <rpminfo_test id="oval:org.opensuse.security:tst:2009075483" version="1" comment="bind-libs-32bit is <9.6ESVR7P2-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65876 <object object_ref="oval:org.opensuse.security:obj:2009031555"/> 65877 <state state_ref="oval:org.opensuse.security:ste:2009040680"/> 65878 </rpminfo_test> 65879 <rpminfo_test id="oval:org.opensuse.security:tst:2009075484" version="1" comment="bind-libs is <9.6ESVR7P2-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65880 <object object_ref="oval:org.opensuse.security:obj:2009031557"/> 65881 <state state_ref="oval:org.opensuse.security:ste:2009040680"/> 65882 </rpminfo_test> 65883 <rpminfo_test id="oval:org.opensuse.security:tst:2009075485" version="1" comment="bind-utils is <9.6ESVR7P2-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65884 <object object_ref="oval:org.opensuse.security:obj:2009030649"/> 65885 <state state_ref="oval:org.opensuse.security:ste:2009040680"/> 65886 </rpminfo_test> 65887 <rpminfo_test id="oval:org.opensuse.security:tst:2009075842" version="1" comment="MozillaFirefox-branding-SLED is <7-0.8.35" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65888 <object object_ref="oval:org.opensuse.security:obj:2009033270"/> 65889 <state state_ref="oval:org.opensuse.security:ste:2009040729"/> 65890 </rpminfo_test> 65891 <rpminfo_test id="oval:org.opensuse.security:tst:2009075843" version="1" comment="MozillaFirefox-translations is <10.0.9-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65892 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 65893 <state state_ref="oval:org.opensuse.security:ste:2009040730"/> 65894 </rpminfo_test> 65895 <rpminfo_test id="oval:org.opensuse.security:tst:2009075844" version="1" comment="MozillaFirefox is <10.0.9-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65896 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 65897 <state state_ref="oval:org.opensuse.security:ste:2009040730"/> 65898 </rpminfo_test> 65899 <rpminfo_test id="oval:org.opensuse.security:tst:2009075533" version="1" comment="wireshark is <1.4.15-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65900 <object object_ref="oval:org.opensuse.security:obj:2009031055"/> 65901 <state state_ref="oval:org.opensuse.security:ste:2009040695"/> 65902 </rpminfo_test> 65903 <rpminfo_test id="oval:org.opensuse.security:tst:2009075887" version="1" comment="MozillaFirefox-translations is <10.0.10-0.5.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65904 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 65905 <state state_ref="oval:org.opensuse.security:ste:2009040739"/> 65906 </rpminfo_test> 65907 <rpminfo_test id="oval:org.opensuse.security:tst:2009075888" version="1" comment="MozillaFirefox is <10.0.10-0.5.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65908 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 65909 <state state_ref="oval:org.opensuse.security:ste:2009040739"/> 65910 </rpminfo_test> 65911 <rpminfo_test id="oval:org.opensuse.security:tst:2009075889" version="1" comment="mozilla-nspr-32bit is <4.9.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65912 <object object_ref="oval:org.opensuse.security:obj:2009032356"/> 65913 <state state_ref="oval:org.opensuse.security:ste:2009040740"/> 65914 </rpminfo_test> 65915 <rpminfo_test id="oval:org.opensuse.security:tst:2009075890" version="1" comment="mozilla-nspr-devel is <4.9.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65916 <object object_ref="oval:org.opensuse.security:obj:2009032357"/> 65917 <state state_ref="oval:org.opensuse.security:ste:2009040740"/> 65918 </rpminfo_test> 65919 <rpminfo_test id="oval:org.opensuse.security:tst:2009075891" version="1" comment="mozilla-nspr is <4.9.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65920 <object object_ref="oval:org.opensuse.security:obj:2009032358"/> 65921 <state state_ref="oval:org.opensuse.security:ste:2009040740"/> 65922 </rpminfo_test> 65923 <rpminfo_test id="oval:org.opensuse.security:tst:2009076094" version="1" comment="MozillaFirefox-translations is <10.0.11-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65924 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 65925 <state state_ref="oval:org.opensuse.security:ste:2009040762"/> 65926 </rpminfo_test> 65927 <rpminfo_test id="oval:org.opensuse.security:tst:2009076095" version="1" comment="MozillaFirefox is <10.0.11-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65928 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 65929 <state state_ref="oval:org.opensuse.security:ste:2009040762"/> 65930 </rpminfo_test> 65931 <rpminfo_test id="oval:org.opensuse.security:tst:2009076096" version="1" comment="mozilla-nss-32bit is <3.14-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65932 <object object_ref="oval:org.opensuse.security:obj:2009032437"/> 65933 <state state_ref="oval:org.opensuse.security:ste:2009040763"/> 65934 </rpminfo_test> 65935 <rpminfo_test id="oval:org.opensuse.security:tst:2009076097" version="1" comment="mozilla-nss-devel is <3.14-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65936 <object object_ref="oval:org.opensuse.security:obj:2009032439"/> 65937 <state state_ref="oval:org.opensuse.security:ste:2009040763"/> 65938 </rpminfo_test> 65939 <rpminfo_test id="oval:org.opensuse.security:tst:2009076098" version="1" comment="mozilla-nss-tools is <3.14-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65940 <object object_ref="oval:org.opensuse.security:obj:2009032444"/> 65941 <state state_ref="oval:org.opensuse.security:ste:2009040763"/> 65942 </rpminfo_test> 65943 <rpminfo_test id="oval:org.opensuse.security:tst:2009076099" version="1" comment="mozilla-nss is <3.14-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65944 <object object_ref="oval:org.opensuse.security:obj:2009032440"/> 65945 <state state_ref="oval:org.opensuse.security:ste:2009040763"/> 65946 </rpminfo_test> 65947 <rpminfo_test id="oval:org.opensuse.security:tst:2009075892" version="1" comment="libreoffice-af is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65948 <object object_ref="oval:org.opensuse.security:obj:2009034666"/> 65949 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 65950 </rpminfo_test> 65951 <rpminfo_test id="oval:org.opensuse.security:tst:2009075893" version="1" comment="libreoffice-ar is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65952 <object object_ref="oval:org.opensuse.security:obj:2009034667"/> 65953 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 65954 </rpminfo_test> 65955 <rpminfo_test id="oval:org.opensuse.security:tst:2009075894" version="1" comment="libreoffice-ca is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65956 <object object_ref="oval:org.opensuse.security:obj:2009034668"/> 65957 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 65958 </rpminfo_test> 65959 <rpminfo_test id="oval:org.opensuse.security:tst:2009075895" version="1" comment="libreoffice-cs is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65960 <object object_ref="oval:org.opensuse.security:obj:2009034669"/> 65961 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 65962 </rpminfo_test> 65963 <rpminfo_test id="oval:org.opensuse.security:tst:2009075896" version="1" comment="libreoffice-da is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65964 <object object_ref="oval:org.opensuse.security:obj:2009034670"/> 65965 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 65966 </rpminfo_test> 65967 <rpminfo_test id="oval:org.opensuse.security:tst:2009075897" version="1" comment="libreoffice-de is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65968 <object object_ref="oval:org.opensuse.security:obj:2009034672"/> 65969 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 65970 </rpminfo_test> 65971 <rpminfo_test id="oval:org.opensuse.security:tst:2009075898" version="1" comment="libreoffice-el is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65972 <object object_ref="oval:org.opensuse.security:obj:2009034673"/> 65973 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 65974 </rpminfo_test> 65975 <rpminfo_test id="oval:org.opensuse.security:tst:2009075899" version="1" comment="libreoffice-en-GB is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65976 <object object_ref="oval:org.opensuse.security:obj:2009034674"/> 65977 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 65978 </rpminfo_test> 65979 <rpminfo_test id="oval:org.opensuse.security:tst:2009075900" version="1" comment="libreoffice-es is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65980 <object object_ref="oval:org.opensuse.security:obj:2009034675"/> 65981 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 65982 </rpminfo_test> 65983 <rpminfo_test id="oval:org.opensuse.security:tst:2009075901" version="1" comment="libreoffice-fi is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65984 <object object_ref="oval:org.opensuse.security:obj:2009034676"/> 65985 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 65986 </rpminfo_test> 65987 <rpminfo_test id="oval:org.opensuse.security:tst:2009075902" version="1" comment="libreoffice-fr is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65988 <object object_ref="oval:org.opensuse.security:obj:2009034677"/> 65989 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 65990 </rpminfo_test> 65991 <rpminfo_test id="oval:org.opensuse.security:tst:2009075903" version="1" comment="libreoffice-galleries is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65992 <object object_ref="oval:org.opensuse.security:obj:2009034678"/> 65993 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 65994 </rpminfo_test> 65995 <rpminfo_test id="oval:org.opensuse.security:tst:2009075904" version="1" comment="libreoffice-gnome is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 65996 <object object_ref="oval:org.opensuse.security:obj:2009034098"/> 65997 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 65998 </rpminfo_test> 65999 <rpminfo_test id="oval:org.opensuse.security:tst:2009075905" version="1" comment="libreoffice-gu-IN is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66000 <object object_ref="oval:org.opensuse.security:obj:2009034679"/> 66001 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66002 </rpminfo_test> 66003 <rpminfo_test id="oval:org.opensuse.security:tst:2009075906" version="1" comment="libreoffice-hi-IN is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66004 <object object_ref="oval:org.opensuse.security:obj:2009034680"/> 66005 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66006 </rpminfo_test> 66007 <rpminfo_test id="oval:org.opensuse.security:tst:2009075907" version="1" comment="libreoffice-hu is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66008 <object object_ref="oval:org.opensuse.security:obj:2009034681"/> 66009 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66010 </rpminfo_test> 66011 <rpminfo_test id="oval:org.opensuse.security:tst:2009075908" version="1" comment="libreoffice-it is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66012 <object object_ref="oval:org.opensuse.security:obj:2009034682"/> 66013 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66014 </rpminfo_test> 66015 <rpminfo_test id="oval:org.opensuse.security:tst:2009075909" version="1" comment="libreoffice-ja is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66016 <object object_ref="oval:org.opensuse.security:obj:2009034683"/> 66017 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66018 </rpminfo_test> 66019 <rpminfo_test id="oval:org.opensuse.security:tst:2009075910" version="1" comment="libreoffice-kde is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66020 <object object_ref="oval:org.opensuse.security:obj:2009034124"/> 66021 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66022 </rpminfo_test> 66023 <rpminfo_test id="oval:org.opensuse.security:tst:2009075911" version="1" comment="libreoffice-ko is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66024 <object object_ref="oval:org.opensuse.security:obj:2009034684"/> 66025 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66026 </rpminfo_test> 66027 <rpminfo_test id="oval:org.opensuse.security:tst:2009075912" version="1" comment="libreoffice-mono is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66028 <object object_ref="oval:org.opensuse.security:obj:2009034162"/> 66029 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66030 </rpminfo_test> 66031 <rpminfo_test id="oval:org.opensuse.security:tst:2009075913" version="1" comment="libreoffice-nb is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66032 <object object_ref="oval:org.opensuse.security:obj:2009034685"/> 66033 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66034 </rpminfo_test> 66035 <rpminfo_test id="oval:org.opensuse.security:tst:2009075914" version="1" comment="libreoffice-nl is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66036 <object object_ref="oval:org.opensuse.security:obj:2009034686"/> 66037 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66038 </rpminfo_test> 66039 <rpminfo_test id="oval:org.opensuse.security:tst:2009075915" version="1" comment="libreoffice-nn is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66040 <object object_ref="oval:org.opensuse.security:obj:2009034687"/> 66041 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66042 </rpminfo_test> 66043 <rpminfo_test id="oval:org.opensuse.security:tst:2009075916" version="1" comment="libreoffice-pl is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66044 <object object_ref="oval:org.opensuse.security:obj:2009034688"/> 66045 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66046 </rpminfo_test> 66047 <rpminfo_test id="oval:org.opensuse.security:tst:2009075917" version="1" comment="libreoffice-pt-BR is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66048 <object object_ref="oval:org.opensuse.security:obj:2009034689"/> 66049 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66050 </rpminfo_test> 66051 <rpminfo_test id="oval:org.opensuse.security:tst:2009075918" version="1" comment="libreoffice-ru is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66052 <object object_ref="oval:org.opensuse.security:obj:2009034690"/> 66053 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66054 </rpminfo_test> 66055 <rpminfo_test id="oval:org.opensuse.security:tst:2009075919" version="1" comment="libreoffice-sk is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66056 <object object_ref="oval:org.opensuse.security:obj:2009034691"/> 66057 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66058 </rpminfo_test> 66059 <rpminfo_test id="oval:org.opensuse.security:tst:2009075920" version="1" comment="libreoffice-sv is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66060 <object object_ref="oval:org.opensuse.security:obj:2009034692"/> 66061 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66062 </rpminfo_test> 66063 <rpminfo_test id="oval:org.opensuse.security:tst:2009075921" version="1" comment="libreoffice-xh is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66064 <object object_ref="oval:org.opensuse.security:obj:2009034693"/> 66065 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66066 </rpminfo_test> 66067 <rpminfo_test id="oval:org.opensuse.security:tst:2009075922" version="1" comment="libreoffice-zh-CN is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66068 <object object_ref="oval:org.opensuse.security:obj:2009034694"/> 66069 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66070 </rpminfo_test> 66071 <rpminfo_test id="oval:org.opensuse.security:tst:2009075923" version="1" comment="libreoffice-zh-TW is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66072 <object object_ref="oval:org.opensuse.security:obj:2009034695"/> 66073 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66074 </rpminfo_test> 66075 <rpminfo_test id="oval:org.opensuse.security:tst:2009075924" version="1" comment="libreoffice-zu is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66076 <object object_ref="oval:org.opensuse.security:obj:2009034696"/> 66077 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66078 </rpminfo_test> 66079 <rpminfo_test id="oval:org.opensuse.security:tst:2009075925" version="1" comment="libreoffice is <3.5.4.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66080 <object object_ref="oval:org.opensuse.security:obj:2009034188"/> 66081 <state state_ref="oval:org.opensuse.security:ste:2009040741"/> 66082 </rpminfo_test> 66083 <rpminfo_test id="oval:org.opensuse.security:tst:2009075857" version="1" comment="bind-libs-32bit is <9.6ESVR7P4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66084 <object object_ref="oval:org.opensuse.security:obj:2009031555"/> 66085 <state state_ref="oval:org.opensuse.security:ste:2009040735"/> 66086 </rpminfo_test> 66087 <rpminfo_test id="oval:org.opensuse.security:tst:2009075858" version="1" comment="bind-libs is <9.6ESVR7P4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66088 <object object_ref="oval:org.opensuse.security:obj:2009031557"/> 66089 <state state_ref="oval:org.opensuse.security:ste:2009040735"/> 66090 </rpminfo_test> 66091 <rpminfo_test id="oval:org.opensuse.security:tst:2009075859" version="1" comment="bind-utils is <9.6ESVR7P4-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66092 <object object_ref="oval:org.opensuse.security:obj:2009030649"/> 66093 <state state_ref="oval:org.opensuse.security:ste:2009040735"/> 66094 </rpminfo_test> 66095 <rpminfo_test id="oval:org.opensuse.security:tst:2009075676" version="1" comment="bind-libs-32bit is <9.6ESVR7P3-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66096 <object object_ref="oval:org.opensuse.security:obj:2009031555"/> 66097 <state state_ref="oval:org.opensuse.security:ste:2009040710"/> 66098 </rpminfo_test> 66099 <rpminfo_test id="oval:org.opensuse.security:tst:2009075677" version="1" comment="bind-libs is <9.6ESVR7P3-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66100 <object object_ref="oval:org.opensuse.security:obj:2009031557"/> 66101 <state state_ref="oval:org.opensuse.security:ste:2009040710"/> 66102 </rpminfo_test> 66103 <rpminfo_test id="oval:org.opensuse.security:tst:2009075678" version="1" comment="bind-utils is <9.6ESVR7P3-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66104 <object object_ref="oval:org.opensuse.security:obj:2009030649"/> 66105 <state state_ref="oval:org.opensuse.security:ste:2009040710"/> 66106 </rpminfo_test> 66107 <rpminfo_test id="oval:org.opensuse.security:tst:2009075759" version="1" comment="ghostscript-fonts-other is <8.15.4-16.28.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66108 <object object_ref="oval:org.opensuse.security:obj:2009030817"/> 66109 <state state_ref="oval:org.opensuse.security:ste:2009040716"/> 66110 </rpminfo_test> 66111 <rpminfo_test id="oval:org.opensuse.security:tst:2009075760" version="1" comment="ghostscript-fonts-std is <8.15.4-16.28.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66112 <object object_ref="oval:org.opensuse.security:obj:2009030819"/> 66113 <state state_ref="oval:org.opensuse.security:ste:2009040716"/> 66114 </rpminfo_test> 66115 <rpminfo_test id="oval:org.opensuse.security:tst:2009075761" version="1" comment="ghostscript-library is <8.15.4-16.28.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66116 <object object_ref="oval:org.opensuse.security:obj:2009030820"/> 66117 <state state_ref="oval:org.opensuse.security:ste:2009040716"/> 66118 </rpminfo_test> 66119 <rpminfo_test id="oval:org.opensuse.security:tst:2009075762" version="1" comment="ghostscript-x11 is <8.15.4-16.28.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66120 <object object_ref="oval:org.opensuse.security:obj:2009030822"/> 66121 <state state_ref="oval:org.opensuse.security:ste:2009040716"/> 66122 </rpminfo_test> 66123 <rpminfo_test id="oval:org.opensuse.security:tst:2009075763" version="1" comment="libgimpprint is <4.2.7-62.28.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66124 <object object_ref="oval:org.opensuse.security:obj:2009030824"/> 66125 <state state_ref="oval:org.opensuse.security:ste:2009040717"/> 66126 </rpminfo_test> 66127 <rpminfo_test id="oval:org.opensuse.security:tst:2009077356" version="1" comment="kernel-default is <2.6.16.60-0.103.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66128 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 66129 <state state_ref="oval:org.opensuse.security:ste:2009041013"/> 66130 </rpminfo_test> 66131 <rpminfo_test id="oval:org.opensuse.security:tst:2009077357" version="1" comment="kernel-smp is <2.6.16.60-0.103.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66132 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 66133 <state state_ref="oval:org.opensuse.security:ste:2009041013"/> 66134 </rpminfo_test> 66135 <rpminfo_test id="oval:org.opensuse.security:tst:2009077358" version="1" comment="kernel-source is <2.6.16.60-0.103.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66136 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 66137 <state state_ref="oval:org.opensuse.security:ste:2009041013"/> 66138 </rpminfo_test> 66139 <rpminfo_test id="oval:org.opensuse.security:tst:2009077359" version="1" comment="kernel-syms is <2.6.16.60-0.103.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66140 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 66141 <state state_ref="oval:org.opensuse.security:ste:2009041013"/> 66142 </rpminfo_test> 66143 <rpminfo_test id="oval:org.opensuse.security:tst:2009077360" version="1" comment="kernel-xen is <2.6.16.60-0.103.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66144 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 66145 <state state_ref="oval:org.opensuse.security:ste:2009041013"/> 66146 </rpminfo_test> 66147 <rpminfo_test id="oval:org.opensuse.security:tst:2009077361" version="1" comment="kernel-bigsmp is <2.6.16.60-0.103.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66148 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 66149 <state state_ref="oval:org.opensuse.security:ste:2009041013"/> 66150 </rpminfo_test> 66151 <rpminfo_test id="oval:org.opensuse.security:tst:2009077362" version="1" comment="kernel-xenpae is <2.6.16.60-0.103.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66152 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 66153 <state state_ref="oval:org.opensuse.security:ste:2009041013"/> 66154 </rpminfo_test> 66155 <rpminfo_test id="oval:org.opensuse.security:tst:2009076448" version="1" comment="libtiff-32bit is <3.8.2-5.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66156 <object object_ref="oval:org.opensuse.security:obj:2009030616"/> 66157 <state state_ref="oval:org.opensuse.security:ste:2009040844"/> 66158 </rpminfo_test> 66159 <rpminfo_test id="oval:org.opensuse.security:tst:2009076449" version="1" comment="libtiff-devel is <3.8.2-5.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66160 <object object_ref="oval:org.opensuse.security:obj:2009031676"/> 66161 <state state_ref="oval:org.opensuse.security:ste:2009040844"/> 66162 </rpminfo_test> 66163 <rpminfo_test id="oval:org.opensuse.security:tst:2009076450" version="1" comment="libtiff is <3.8.2-5.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66164 <object object_ref="oval:org.opensuse.security:obj:2009030452"/> 66165 <state state_ref="oval:org.opensuse.security:ste:2009040844"/> 66166 </rpminfo_test> 66167 <rpminfo_test id="oval:org.opensuse.security:tst:2009077027" version="1" comment="kernel-bigsmp is <2.6.16.60-0.101.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66168 <object object_ref="oval:org.opensuse.security:obj:2009030420"/> 66169 <state state_ref="oval:org.opensuse.security:ste:2009040951"/> 66170 </rpminfo_test> 66171 <rpminfo_test id="oval:org.opensuse.security:tst:2009077028" version="1" comment="kernel-default is <2.6.16.60-0.101.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66172 <object object_ref="oval:org.opensuse.security:obj:2009030416"/> 66173 <state state_ref="oval:org.opensuse.security:ste:2009040951"/> 66174 </rpminfo_test> 66175 <rpminfo_test id="oval:org.opensuse.security:tst:2009077029" version="1" comment="kernel-smp is <2.6.16.60-0.101.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66176 <object object_ref="oval:org.opensuse.security:obj:2009030417"/> 66177 <state state_ref="oval:org.opensuse.security:ste:2009040951"/> 66178 </rpminfo_test> 66179 <rpminfo_test id="oval:org.opensuse.security:tst:2009077030" version="1" comment="kernel-source is <2.6.16.60-0.101.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66180 <object object_ref="oval:org.opensuse.security:obj:2009030418"/> 66181 <state state_ref="oval:org.opensuse.security:ste:2009040951"/> 66182 </rpminfo_test> 66183 <rpminfo_test id="oval:org.opensuse.security:tst:2009077031" version="1" comment="kernel-syms is <2.6.16.60-0.101.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66184 <object object_ref="oval:org.opensuse.security:obj:2009030419"/> 66185 <state state_ref="oval:org.opensuse.security:ste:2009040951"/> 66186 </rpminfo_test> 66187 <rpminfo_test id="oval:org.opensuse.security:tst:2009077032" version="1" comment="kernel-xen is <2.6.16.60-0.101.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66188 <object object_ref="oval:org.opensuse.security:obj:2009031018"/> 66189 <state state_ref="oval:org.opensuse.security:ste:2009040951"/> 66190 </rpminfo_test> 66191 <rpminfo_test id="oval:org.opensuse.security:tst:2009077033" version="1" comment="kernel-xenpae is <2.6.16.60-0.101.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66192 <object object_ref="oval:org.opensuse.security:obj:2009031218"/> 66193 <state state_ref="oval:org.opensuse.security:ste:2009040951"/> 66194 </rpminfo_test> 66195 <rpminfo_test id="oval:org.opensuse.security:tst:2009076919" version="1" comment="openssl-32bit is <0.9.8a-18.76.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66196 <object object_ref="oval:org.opensuse.security:obj:2009030634"/> 66197 <state state_ref="oval:org.opensuse.security:ste:2009040930"/> 66198 </rpminfo_test> 66199 <rpminfo_test id="oval:org.opensuse.security:tst:2009076920" version="1" comment="openssl-devel-32bit is <0.9.8a-18.76.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66200 <object object_ref="oval:org.opensuse.security:obj:2009030635"/> 66201 <state state_ref="oval:org.opensuse.security:ste:2009040930"/> 66202 </rpminfo_test> 66203 <rpminfo_test id="oval:org.opensuse.security:tst:2009076921" version="1" comment="openssl-devel is <0.9.8a-18.76.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66204 <object object_ref="oval:org.opensuse.security:obj:2009030587"/> 66205 <state state_ref="oval:org.opensuse.security:ste:2009040930"/> 66206 </rpminfo_test> 66207 <rpminfo_test id="oval:org.opensuse.security:tst:2009076922" version="1" comment="openssl is <0.9.8a-18.76.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66208 <object object_ref="oval:org.opensuse.security:obj:2009030588"/> 66209 <state state_ref="oval:org.opensuse.security:ste:2009040930"/> 66210 </rpminfo_test> 66211 <rpminfo_test id="oval:org.opensuse.security:tst:2009076162" version="1" comment="libxml2-32bit is <2.6.23-15.35.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66212 <object object_ref="oval:org.opensuse.security:obj:2009030809"/> 66213 <state state_ref="oval:org.opensuse.security:ste:2009040774"/> 66214 </rpminfo_test> 66215 <rpminfo_test id="oval:org.opensuse.security:tst:2009076163" version="1" comment="libxml2-devel-32bit is <2.6.23-15.35.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66216 <object object_ref="oval:org.opensuse.security:obj:2009031522"/> 66217 <state state_ref="oval:org.opensuse.security:ste:2009040774"/> 66218 </rpminfo_test> 66219 <rpminfo_test id="oval:org.opensuse.security:tst:2009076164" version="1" comment="libxml2-devel is <2.6.23-15.35.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66220 <object object_ref="oval:org.opensuse.security:obj:2009030405"/> 66221 <state state_ref="oval:org.opensuse.security:ste:2009040774"/> 66222 </rpminfo_test> 66223 <rpminfo_test id="oval:org.opensuse.security:tst:2009076165" version="1" comment="libxml2-python is <2.6.23-15.35.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66224 <object object_ref="oval:org.opensuse.security:obj:2009030407"/> 66225 <state state_ref="oval:org.opensuse.security:ste:2009040774"/> 66226 </rpminfo_test> 66227 <rpminfo_test id="oval:org.opensuse.security:tst:2009076166" version="1" comment="libxml2 is <2.6.23-15.35.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66228 <object object_ref="oval:org.opensuse.security:obj:2009030406"/> 66229 <state state_ref="oval:org.opensuse.security:ste:2009040774"/> 66230 </rpminfo_test> 66231 <rpminfo_test id="oval:org.opensuse.security:tst:2009075800" version="1" comment="flash-player is <11.2.202.243-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66232 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 66233 <state state_ref="oval:org.opensuse.security:ste:2009040724"/> 66234 </rpminfo_test> 66235 <rpminfo_test id="oval:org.opensuse.security:tst:2009076018" version="1" comment="flash-player is <11.2.202.251-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66236 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 66237 <state state_ref="oval:org.opensuse.security:ste:2009040746"/> 66238 </rpminfo_test> 66239 <rpminfo_test id="oval:org.opensuse.security:tst:2009076124" version="1" comment="xen-devel is <3.2.3_17040_44-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66240 <object object_ref="oval:org.opensuse.security:obj:2009031479"/> 66241 <state state_ref="oval:org.opensuse.security:ste:2009040767"/> 66242 </rpminfo_test> 66243 <rpminfo_test id="oval:org.opensuse.security:tst:2009076125" version="1" comment="xen-doc-html is <3.2.3_17040_44-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66244 <object object_ref="oval:org.opensuse.security:obj:2009031480"/> 66245 <state state_ref="oval:org.opensuse.security:ste:2009040767"/> 66246 </rpminfo_test> 66247 <rpminfo_test id="oval:org.opensuse.security:tst:2009076126" version="1" comment="xen-doc-pdf is <3.2.3_17040_44-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66248 <object object_ref="oval:org.opensuse.security:obj:2009031481"/> 66249 <state state_ref="oval:org.opensuse.security:ste:2009040767"/> 66250 </rpminfo_test> 66251 <rpminfo_test id="oval:org.opensuse.security:tst:2009076127" version="1" comment="xen-doc-ps is <3.2.3_17040_44-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66252 <object object_ref="oval:org.opensuse.security:obj:2009032233"/> 66253 <state state_ref="oval:org.opensuse.security:ste:2009040767"/> 66254 </rpminfo_test> 66255 <rpminfo_test id="oval:org.opensuse.security:tst:2009076128" version="1" comment="xen-kmp-bigsmp is <3.2.3_17040_44_2.6.16.60_0.99.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66256 <object object_ref="oval:org.opensuse.security:obj:2009034576"/> 66257 <state state_ref="oval:org.opensuse.security:ste:2009040768"/> 66258 </rpminfo_test> 66259 <rpminfo_test id="oval:org.opensuse.security:tst:2009076129" version="1" comment="xen-kmp-default is <3.2.3_17040_44_2.6.16.60_0.99.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66260 <object object_ref="oval:org.opensuse.security:obj:2009033788"/> 66261 <state state_ref="oval:org.opensuse.security:ste:2009040768"/> 66262 </rpminfo_test> 66263 <rpminfo_test id="oval:org.opensuse.security:tst:2009076130" version="1" comment="xen-kmp-smp is <3.2.3_17040_44_2.6.16.60_0.99.13-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66264 <object object_ref="oval:org.opensuse.security:obj:2009034577"/> 66265 <state state_ref="oval:org.opensuse.security:ste:2009040768"/> 66266 </rpminfo_test> 66267 <rpminfo_test id="oval:org.opensuse.security:tst:2009076131" version="1" comment="xen-libs-32bit is <3.2.3_17040_44-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66268 <object object_ref="oval:org.opensuse.security:obj:2009032234"/> 66269 <state state_ref="oval:org.opensuse.security:ste:2009040767"/> 66270 </rpminfo_test> 66271 <rpminfo_test id="oval:org.opensuse.security:tst:2009076132" version="1" comment="xen-libs is <3.2.3_17040_44-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66272 <object object_ref="oval:org.opensuse.security:obj:2009031482"/> 66273 <state state_ref="oval:org.opensuse.security:ste:2009040767"/> 66274 </rpminfo_test> 66275 <rpminfo_test id="oval:org.opensuse.security:tst:2009076133" version="1" comment="xen-tools-domU is <3.2.3_17040_44-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66276 <object object_ref="oval:org.opensuse.security:obj:2009031483"/> 66277 <state state_ref="oval:org.opensuse.security:ste:2009040767"/> 66278 </rpminfo_test> 66279 <rpminfo_test id="oval:org.opensuse.security:tst:2009076134" version="1" comment="xen-tools-ioemu is <3.2.3_17040_44-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66280 <object object_ref="oval:org.opensuse.security:obj:2009031484"/> 66281 <state state_ref="oval:org.opensuse.security:ste:2009040767"/> 66282 </rpminfo_test> 66283 <rpminfo_test id="oval:org.opensuse.security:tst:2009076135" version="1" comment="xen-tools is <3.2.3_17040_44-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66284 <object object_ref="oval:org.opensuse.security:obj:2009031485"/> 66285 <state state_ref="oval:org.opensuse.security:ste:2009040767"/> 66286 </rpminfo_test> 66287 <rpminfo_test id="oval:org.opensuse.security:tst:2009076136" version="1" comment="xen is <3.2.3_17040_44-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66288 <object object_ref="oval:org.opensuse.security:obj:2009031486"/> 66289 <state state_ref="oval:org.opensuse.security:ste:2009040767"/> 66290 </rpminfo_test> 66291 <rpminfo_test id="oval:org.opensuse.security:tst:2009076539" version="1" comment="wireshark is <1.6.13-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66292 <object object_ref="oval:org.opensuse.security:obj:2009031055"/> 66293 <state state_ref="oval:org.opensuse.security:ste:2009040861"/> 66294 </rpminfo_test> 66295 <rpminfo_test id="oval:org.opensuse.security:tst:2009076564" version="1" comment="squid is <2.5.STABLE12-18.13.982.4.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66296 <object object_ref="oval:org.opensuse.security:obj:2009031125"/> 66297 <state state_ref="oval:org.opensuse.security:ste:2009040868"/> 66298 </rpminfo_test> 66299 <rpminfo_test id="oval:org.opensuse.security:tst:2009076677" version="1" comment="inkscape is <0.43-20.22.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66300 <object object_ref="oval:org.opensuse.security:obj:2009032044"/> 66301 <state state_ref="oval:org.opensuse.security:ste:2009040878"/> 66302 </rpminfo_test> 66303 <rpminfo_test id="oval:org.opensuse.security:tst:2009076451" version="1" comment="freetype2-32bit is <2.1.10-18.31.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66304 <object object_ref="oval:org.opensuse.security:obj:2009030610"/> 66305 <state state_ref="oval:org.opensuse.security:ste:2009040845"/> 66306 </rpminfo_test> 66307 <rpminfo_test id="oval:org.opensuse.security:tst:2009076452" version="1" comment="freetype2-devel-32bit is <2.1.10-18.31.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66308 <object object_ref="oval:org.opensuse.security:obj:2009030611"/> 66309 <state state_ref="oval:org.opensuse.security:ste:2009040845"/> 66310 </rpminfo_test> 66311 <rpminfo_test id="oval:org.opensuse.security:tst:2009076453" version="1" comment="freetype2-devel is <2.1.10-18.31.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66312 <object object_ref="oval:org.opensuse.security:obj:2009030612"/> 66313 <state state_ref="oval:org.opensuse.security:ste:2009040845"/> 66314 </rpminfo_test> 66315 <rpminfo_test id="oval:org.opensuse.security:tst:2009076454" version="1" comment="freetype2 is <2.1.10-18.31.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66316 <object object_ref="oval:org.opensuse.security:obj:2009030613"/> 66317 <state state_ref="oval:org.opensuse.security:ste:2009040845"/> 66318 </rpminfo_test> 66319 <rpminfo_test id="oval:org.opensuse.security:tst:2009076455" version="1" comment="ft2demos is <2.1.10-19.31.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66320 <object object_ref="oval:org.opensuse.security:obj:2009034838"/> 66321 <state state_ref="oval:org.opensuse.security:ste:2009040846"/> 66322 </rpminfo_test> 66323 <rpminfo_test id="oval:org.opensuse.security:tst:2009076204" version="1" comment="flash-player is <11.2.202.258-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66324 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 66325 <state state_ref="oval:org.opensuse.security:ste:2009040779"/> 66326 </rpminfo_test> 66327 <rpminfo_test id="oval:org.opensuse.security:tst:2009076318" version="1" comment="MozillaFirefox-translations is <10.0.12-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66328 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 66329 <state state_ref="oval:org.opensuse.security:ste:2009040797"/> 66330 </rpminfo_test> 66331 <rpminfo_test id="oval:org.opensuse.security:tst:2009076319" version="1" comment="MozillaFirefox is <10.0.12-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66332 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 66333 <state state_ref="oval:org.opensuse.security:ste:2009040797"/> 66334 </rpminfo_test> 66335 <rpminfo_test id="oval:org.opensuse.security:tst:2009076320" version="1" comment="mozilla-nspr-32bit is <4.9.4-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66336 <object object_ref="oval:org.opensuse.security:obj:2009032356"/> 66337 <state state_ref="oval:org.opensuse.security:ste:2009040798"/> 66338 </rpminfo_test> 66339 <rpminfo_test id="oval:org.opensuse.security:tst:2009076321" version="1" comment="mozilla-nspr-devel is <4.9.4-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66340 <object object_ref="oval:org.opensuse.security:obj:2009032357"/> 66341 <state state_ref="oval:org.opensuse.security:ste:2009040798"/> 66342 </rpminfo_test> 66343 <rpminfo_test id="oval:org.opensuse.security:tst:2009076322" version="1" comment="mozilla-nspr is <4.9.4-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66344 <object object_ref="oval:org.opensuse.security:obj:2009032358"/> 66345 <state state_ref="oval:org.opensuse.security:ste:2009040798"/> 66346 </rpminfo_test> 66347 <rpminfo_test id="oval:org.opensuse.security:tst:2009076323" version="1" comment="mozilla-nss-32bit is <3.14.1-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66348 <object object_ref="oval:org.opensuse.security:obj:2009032437"/> 66349 <state state_ref="oval:org.opensuse.security:ste:2009040799"/> 66350 </rpminfo_test> 66351 <rpminfo_test id="oval:org.opensuse.security:tst:2009076324" version="1" comment="mozilla-nss-devel is <3.14.1-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66352 <object object_ref="oval:org.opensuse.security:obj:2009032439"/> 66353 <state state_ref="oval:org.opensuse.security:ste:2009040799"/> 66354 </rpminfo_test> 66355 <rpminfo_test id="oval:org.opensuse.security:tst:2009076325" version="1" comment="mozilla-nss-tools is <3.14.1-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66356 <object object_ref="oval:org.opensuse.security:obj:2009032444"/> 66357 <state state_ref="oval:org.opensuse.security:ste:2009040799"/> 66358 </rpminfo_test> 66359 <rpminfo_test id="oval:org.opensuse.security:tst:2009076326" version="1" comment="mozilla-nss is <3.14.1-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66360 <object object_ref="oval:org.opensuse.security:obj:2009032440"/> 66361 <state state_ref="oval:org.opensuse.security:ste:2009040799"/> 66362 </rpminfo_test> 66363 <rpminfo_test id="oval:org.opensuse.security:tst:2009077106" version="1" comment="wireshark is <1.6.14-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66364 <object object_ref="oval:org.opensuse.security:obj:2009031055"/> 66365 <state state_ref="oval:org.opensuse.security:ste:2009040967"/> 66366 </rpminfo_test> 66367 <rpminfo_test id="oval:org.opensuse.security:tst:2009077455" version="1" comment="gpg is <1.4.2-23.21.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66368 <object object_ref="oval:org.opensuse.security:obj:2009030477"/> 66369 <state state_ref="oval:org.opensuse.security:ste:2009041026"/> 66370 </rpminfo_test> 66371 <rpminfo_test id="oval:org.opensuse.security:tst:2009077456" version="1" comment="gpg2 is <1.9.18-17.23.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66372 <object object_ref="oval:org.opensuse.security:obj:2009030602"/> 66373 <state state_ref="oval:org.opensuse.security:ste:2009041027"/> 66374 </rpminfo_test> 66375 <rpminfo_test id="oval:org.opensuse.security:tst:2009077111" version="1" comment="libxslt-32bit is <1.1.15-15.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66376 <object object_ref="oval:org.opensuse.security:obj:2009030841"/> 66377 <state state_ref="oval:org.opensuse.security:ste:2009040970"/> 66378 </rpminfo_test> 66379 <rpminfo_test id="oval:org.opensuse.security:tst:2009077112" version="1" comment="libxslt-devel-32bit is <1.1.15-15.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66380 <object object_ref="oval:org.opensuse.security:obj:2009031708"/> 66381 <state state_ref="oval:org.opensuse.security:ste:2009040970"/> 66382 </rpminfo_test> 66383 <rpminfo_test id="oval:org.opensuse.security:tst:2009077113" version="1" comment="libxslt-devel is <1.1.15-15.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66384 <object object_ref="oval:org.opensuse.security:obj:2009030842"/> 66385 <state state_ref="oval:org.opensuse.security:ste:2009040970"/> 66386 </rpminfo_test> 66387 <rpminfo_test id="oval:org.opensuse.security:tst:2009077114" version="1" comment="libxslt is <1.1.15-15.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66388 <object object_ref="oval:org.opensuse.security:obj:2009030843"/> 66389 <state state_ref="oval:org.opensuse.security:ste:2009040970"/> 66390 </rpminfo_test> 66391 <rpminfo_test id="oval:org.opensuse.security:tst:2009076718" version="1" comment="finch is <2.6.6-0.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66392 <object object_ref="oval:org.opensuse.security:obj:2009031748"/> 66393 <state state_ref="oval:org.opensuse.security:ste:2009040892"/> 66394 </rpminfo_test> 66395 <rpminfo_test id="oval:org.opensuse.security:tst:2009076719" version="1" comment="libpurple is <2.6.6-0.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66396 <object object_ref="oval:org.opensuse.security:obj:2009031423"/> 66397 <state state_ref="oval:org.opensuse.security:ste:2009040892"/> 66398 </rpminfo_test> 66399 <rpminfo_test id="oval:org.opensuse.security:tst:2009076720" version="1" comment="pidgin is <2.6.6-0.20.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66400 <object object_ref="oval:org.opensuse.security:obj:2009031752"/> 66401 <state state_ref="oval:org.opensuse.security:ste:2009040892"/> 66402 </rpminfo_test> 66403 <rpminfo_test id="oval:org.opensuse.security:tst:2009077139" version="1" comment="libxml2-32bit is <2.6.23-15.37.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66404 <object object_ref="oval:org.opensuse.security:obj:2009030809"/> 66405 <state state_ref="oval:org.opensuse.security:ste:2009040974"/> 66406 </rpminfo_test> 66407 <rpminfo_test id="oval:org.opensuse.security:tst:2009077140" version="1" comment="libxml2-devel-32bit is <2.6.23-15.37.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66408 <object object_ref="oval:org.opensuse.security:obj:2009031522"/> 66409 <state state_ref="oval:org.opensuse.security:ste:2009040974"/> 66410 </rpminfo_test> 66411 <rpminfo_test id="oval:org.opensuse.security:tst:2009077141" version="1" comment="libxml2-devel is <2.6.23-15.37.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66412 <object object_ref="oval:org.opensuse.security:obj:2009030405"/> 66413 <state state_ref="oval:org.opensuse.security:ste:2009040974"/> 66414 </rpminfo_test> 66415 <rpminfo_test id="oval:org.opensuse.security:tst:2009077142" version="1" comment="libxml2-python is <2.6.23-15.37.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66416 <object object_ref="oval:org.opensuse.security:obj:2009030407"/> 66417 <state state_ref="oval:org.opensuse.security:ste:2009040974"/> 66418 </rpminfo_test> 66419 <rpminfo_test id="oval:org.opensuse.security:tst:2009077143" version="1" comment="libxml2 is <2.6.23-15.37.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66420 <object object_ref="oval:org.opensuse.security:obj:2009030406"/> 66421 <state state_ref="oval:org.opensuse.security:ste:2009040974"/> 66422 </rpminfo_test> 66423 <rpminfo_test id="oval:org.opensuse.security:tst:2009077398" version="1" comment="java-1_5_0-ibm-32bit is <1.5.0_sr16.2-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66424 <object object_ref="oval:org.opensuse.security:obj:2009032707"/> 66425 <state state_ref="oval:org.opensuse.security:ste:2009041017"/> 66426 </rpminfo_test> 66427 <rpminfo_test id="oval:org.opensuse.security:tst:2009077399" version="1" comment="java-1_5_0-ibm-alsa-32bit is <1.5.0_sr16.2-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66428 <object object_ref="oval:org.opensuse.security:obj:2009032708"/> 66429 <state state_ref="oval:org.opensuse.security:ste:2009041017"/> 66430 </rpminfo_test> 66431 <rpminfo_test id="oval:org.opensuse.security:tst:2009077400" version="1" comment="java-1_5_0-ibm-alsa is <1.5.0_sr16.2-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66432 <object object_ref="oval:org.opensuse.security:obj:2009032709"/> 66433 <state state_ref="oval:org.opensuse.security:ste:2009041017"/> 66434 </rpminfo_test> 66435 <rpminfo_test id="oval:org.opensuse.security:tst:2009077401" version="1" comment="java-1_5_0-ibm-demo is <1.5.0_sr16.2-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66436 <object object_ref="oval:org.opensuse.security:obj:2009032710"/> 66437 <state state_ref="oval:org.opensuse.security:ste:2009041017"/> 66438 </rpminfo_test> 66439 <rpminfo_test id="oval:org.opensuse.security:tst:2009077402" version="1" comment="java-1_5_0-ibm-devel-32bit is <1.5.0_sr16.2-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66440 <object object_ref="oval:org.opensuse.security:obj:2009032711"/> 66441 <state state_ref="oval:org.opensuse.security:ste:2009041017"/> 66442 </rpminfo_test> 66443 <rpminfo_test id="oval:org.opensuse.security:tst:2009077403" version="1" comment="java-1_5_0-ibm-devel is <1.5.0_sr16.2-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66444 <object object_ref="oval:org.opensuse.security:obj:2009032712"/> 66445 <state state_ref="oval:org.opensuse.security:ste:2009041017"/> 66446 </rpminfo_test> 66447 <rpminfo_test id="oval:org.opensuse.security:tst:2009077404" version="1" comment="java-1_5_0-ibm-fonts is <1.5.0_sr16.2-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66448 <object object_ref="oval:org.opensuse.security:obj:2009032773"/> 66449 <state state_ref="oval:org.opensuse.security:ste:2009041017"/> 66450 </rpminfo_test> 66451 <rpminfo_test id="oval:org.opensuse.security:tst:2009077405" version="1" comment="java-1_5_0-ibm-jdbc is <1.5.0_sr16.2-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66452 <object object_ref="oval:org.opensuse.security:obj:2009032713"/> 66453 <state state_ref="oval:org.opensuse.security:ste:2009041017"/> 66454 </rpminfo_test> 66455 <rpminfo_test id="oval:org.opensuse.security:tst:2009077406" version="1" comment="java-1_5_0-ibm-plugin is <1.5.0_sr16.2-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66456 <object object_ref="oval:org.opensuse.security:obj:2009032714"/> 66457 <state state_ref="oval:org.opensuse.security:ste:2009041017"/> 66458 </rpminfo_test> 66459 <rpminfo_test id="oval:org.opensuse.security:tst:2009077407" version="1" comment="java-1_5_0-ibm-src is <1.5.0_sr16.2-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66460 <object object_ref="oval:org.opensuse.security:obj:2009032715"/> 66461 <state state_ref="oval:org.opensuse.security:ste:2009041017"/> 66462 </rpminfo_test> 66463 <rpminfo_test id="oval:org.opensuse.security:tst:2009077408" version="1" comment="java-1_5_0-ibm is <1.5.0_sr16.2-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66464 <object object_ref="oval:org.opensuse.security:obj:2009032716"/> 66465 <state state_ref="oval:org.opensuse.security:ste:2009041017"/> 66466 </rpminfo_test> 66467 <rpminfo_test id="oval:org.opensuse.security:tst:2009077068" version="1" comment="java-1_5_0-ibm-32bit is <1.5.0_sr16.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66468 <object object_ref="oval:org.opensuse.security:obj:2009032707"/> 66469 <state state_ref="oval:org.opensuse.security:ste:2009040961"/> 66470 </rpminfo_test> 66471 <rpminfo_test id="oval:org.opensuse.security:tst:2009077069" version="1" comment="java-1_5_0-ibm-alsa-32bit is <1.5.0_sr16.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66472 <object object_ref="oval:org.opensuse.security:obj:2009032708"/> 66473 <state state_ref="oval:org.opensuse.security:ste:2009040961"/> 66474 </rpminfo_test> 66475 <rpminfo_test id="oval:org.opensuse.security:tst:2009077070" version="1" comment="java-1_5_0-ibm-alsa is <1.5.0_sr16.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66476 <object object_ref="oval:org.opensuse.security:obj:2009032709"/> 66477 <state state_ref="oval:org.opensuse.security:ste:2009040961"/> 66478 </rpminfo_test> 66479 <rpminfo_test id="oval:org.opensuse.security:tst:2009077071" version="1" comment="java-1_5_0-ibm-demo is <1.5.0_sr16.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66480 <object object_ref="oval:org.opensuse.security:obj:2009032710"/> 66481 <state state_ref="oval:org.opensuse.security:ste:2009040961"/> 66482 </rpminfo_test> 66483 <rpminfo_test id="oval:org.opensuse.security:tst:2009077072" version="1" comment="java-1_5_0-ibm-devel-32bit is <1.5.0_sr16.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66484 <object object_ref="oval:org.opensuse.security:obj:2009032711"/> 66485 <state state_ref="oval:org.opensuse.security:ste:2009040961"/> 66486 </rpminfo_test> 66487 <rpminfo_test id="oval:org.opensuse.security:tst:2009077073" version="1" comment="java-1_5_0-ibm-devel is <1.5.0_sr16.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66488 <object object_ref="oval:org.opensuse.security:obj:2009032712"/> 66489 <state state_ref="oval:org.opensuse.security:ste:2009040961"/> 66490 </rpminfo_test> 66491 <rpminfo_test id="oval:org.opensuse.security:tst:2009077074" version="1" comment="java-1_5_0-ibm-fonts is <1.5.0_sr16.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66492 <object object_ref="oval:org.opensuse.security:obj:2009032773"/> 66493 <state state_ref="oval:org.opensuse.security:ste:2009040961"/> 66494 </rpminfo_test> 66495 <rpminfo_test id="oval:org.opensuse.security:tst:2009077075" version="1" comment="java-1_5_0-ibm-jdbc is <1.5.0_sr16.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66496 <object object_ref="oval:org.opensuse.security:obj:2009032713"/> 66497 <state state_ref="oval:org.opensuse.security:ste:2009040961"/> 66498 </rpminfo_test> 66499 <rpminfo_test id="oval:org.opensuse.security:tst:2009077076" version="1" comment="java-1_5_0-ibm-plugin is <1.5.0_sr16.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66500 <object object_ref="oval:org.opensuse.security:obj:2009032714"/> 66501 <state state_ref="oval:org.opensuse.security:ste:2009040961"/> 66502 </rpminfo_test> 66503 <rpminfo_test id="oval:org.opensuse.security:tst:2009077077" version="1" comment="java-1_5_0-ibm-src is <1.5.0_sr16.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66504 <object object_ref="oval:org.opensuse.security:obj:2009032715"/> 66505 <state state_ref="oval:org.opensuse.security:ste:2009040961"/> 66506 </rpminfo_test> 66507 <rpminfo_test id="oval:org.opensuse.security:tst:2009077078" version="1" comment="java-1_5_0-ibm is <1.5.0_sr16.1-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66508 <object object_ref="oval:org.opensuse.security:obj:2009032716"/> 66509 <state state_ref="oval:org.opensuse.security:ste:2009040961"/> 66510 </rpminfo_test> 66511 <rpminfo_test id="oval:org.opensuse.security:tst:2009076713" version="1" comment="flash-player is <11.2.202.273-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66512 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 66513 <state state_ref="oval:org.opensuse.security:ste:2009040889"/> 66514 </rpminfo_test> 66515 <rpminfo_test id="oval:org.opensuse.security:tst:2009076304" version="1" comment="flash-player is <11.2.202.261-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66516 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 66517 <state state_ref="oval:org.opensuse.security:ste:2009040791"/> 66518 </rpminfo_test> 66519 <rpminfo_test id="oval:org.opensuse.security:tst:2009076528" version="1" comment="flash-player is <11.2.202.262-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66520 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 66521 <state state_ref="oval:org.opensuse.security:ste:2009040856"/> 66522 </rpminfo_test> 66523 <rpminfo_test id="oval:org.opensuse.security:tst:2009076532" version="1" comment="flash-player is <11.2.202.270-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66524 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 66525 <state state_ref="oval:org.opensuse.security:ste:2009040858"/> 66526 </rpminfo_test> 66527 <rpminfo_test id="oval:org.opensuse.security:tst:2009076678" version="1" comment="acroread-cmaps is <9.4.6-0.6.60" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66528 <object object_ref="oval:org.opensuse.security:obj:2009033636"/> 66529 <state state_ref="oval:org.opensuse.security:ste:2009040879"/> 66530 </rpminfo_test> 66531 <rpminfo_test id="oval:org.opensuse.security:tst:2009076679" version="1" comment="acroread-fonts-ja is <9.4.6-0.6.60" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66532 <object object_ref="oval:org.opensuse.security:obj:2009033637"/> 66533 <state state_ref="oval:org.opensuse.security:ste:2009040879"/> 66534 </rpminfo_test> 66535 <rpminfo_test id="oval:org.opensuse.security:tst:2009076680" version="1" comment="acroread-fonts-ko is <9.4.6-0.6.60" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66536 <object object_ref="oval:org.opensuse.security:obj:2009033638"/> 66537 <state state_ref="oval:org.opensuse.security:ste:2009040879"/> 66538 </rpminfo_test> 66539 <rpminfo_test id="oval:org.opensuse.security:tst:2009076681" version="1" comment="acroread-fonts-zh_CN is <9.4.6-0.6.60" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66540 <object object_ref="oval:org.opensuse.security:obj:2009033639"/> 66541 <state state_ref="oval:org.opensuse.security:ste:2009040879"/> 66542 </rpminfo_test> 66543 <rpminfo_test id="oval:org.opensuse.security:tst:2009076682" version="1" comment="acroread-fonts-zh_TW is <9.4.6-0.6.60" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66544 <object object_ref="oval:org.opensuse.security:obj:2009033640"/> 66545 <state state_ref="oval:org.opensuse.security:ste:2009040879"/> 66546 </rpminfo_test> 66547 <rpminfo_test id="oval:org.opensuse.security:tst:2009076683" version="1" comment="acroread is <9.5.4-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66548 <object object_ref="oval:org.opensuse.security:obj:2009030440"/> 66549 <state state_ref="oval:org.opensuse.security:ste:2009040880"/> 66550 </rpminfo_test> 66551 <rpminfo_test id="oval:org.opensuse.security:tst:2009076803" version="1" comment="flash-player is <11.2.202.275-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66552 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 66553 <state state_ref="oval:org.opensuse.security:ste:2009040910"/> 66554 </rpminfo_test> 66555 <rpminfo_test id="oval:org.opensuse.security:tst:2009076862" version="1" comment="MozillaFirefox-branding-SLED is <7-0.10.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66556 <object object_ref="oval:org.opensuse.security:obj:2009033270"/> 66557 <state state_ref="oval:org.opensuse.security:ste:2009040916"/> 66558 </rpminfo_test> 66559 <rpminfo_test id="oval:org.opensuse.security:tst:2009076863" version="1" comment="MozillaFirefox-translations is <17.0.4esr-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66560 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 66561 <state state_ref="oval:org.opensuse.security:ste:2009040917"/> 66562 </rpminfo_test> 66563 <rpminfo_test id="oval:org.opensuse.security:tst:2009076864" version="1" comment="MozillaFirefox is <17.0.4esr-0.7.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66564 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 66565 <state state_ref="oval:org.opensuse.security:ste:2009040917"/> 66566 </rpminfo_test> 66567 <rpminfo_test id="oval:org.opensuse.security:tst:2009076865" version="1" comment="mhtml-firefox is <0.5-1.13.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66568 <object object_ref="oval:org.opensuse.security:obj:2009033688"/> 66569 <state state_ref="oval:org.opensuse.security:ste:2009040918"/> 66570 </rpminfo_test> 66571 <rpminfo_test id="oval:org.opensuse.security:tst:2009076866" version="1" comment="mozilla-nspr-32bit is <4.9.4-0.6.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66572 <object object_ref="oval:org.opensuse.security:obj:2009032356"/> 66573 <state state_ref="oval:org.opensuse.security:ste:2009040919"/> 66574 </rpminfo_test> 66575 <rpminfo_test id="oval:org.opensuse.security:tst:2009076867" version="1" comment="mozilla-nspr-devel is <4.9.4-0.6.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66576 <object object_ref="oval:org.opensuse.security:obj:2009032357"/> 66577 <state state_ref="oval:org.opensuse.security:ste:2009040919"/> 66578 </rpminfo_test> 66579 <rpminfo_test id="oval:org.opensuse.security:tst:2009076868" version="1" comment="mozilla-nspr is <4.9.4-0.6.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66580 <object object_ref="oval:org.opensuse.security:obj:2009032358"/> 66581 <state state_ref="oval:org.opensuse.security:ste:2009040919"/> 66582 </rpminfo_test> 66583 <rpminfo_test id="oval:org.opensuse.security:tst:2009076869" version="1" comment="mozilla-nss-32bit is <3.14.1-0.6.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66584 <object object_ref="oval:org.opensuse.security:obj:2009032437"/> 66585 <state state_ref="oval:org.opensuse.security:ste:2009040920"/> 66586 </rpminfo_test> 66587 <rpminfo_test id="oval:org.opensuse.security:tst:2009076870" version="1" comment="mozilla-nss-devel is <3.14.1-0.6.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66588 <object object_ref="oval:org.opensuse.security:obj:2009032439"/> 66589 <state state_ref="oval:org.opensuse.security:ste:2009040920"/> 66590 </rpminfo_test> 66591 <rpminfo_test id="oval:org.opensuse.security:tst:2009076871" version="1" comment="mozilla-nss-tools is <3.14.1-0.6.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66592 <object object_ref="oval:org.opensuse.security:obj:2009032444"/> 66593 <state state_ref="oval:org.opensuse.security:ste:2009040920"/> 66594 </rpminfo_test> 66595 <rpminfo_test id="oval:org.opensuse.security:tst:2009076872" version="1" comment="mozilla-nss is <3.14.1-0.6.3" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66596 <object object_ref="oval:org.opensuse.security:obj:2009032440"/> 66597 <state state_ref="oval:org.opensuse.security:ste:2009040920"/> 66598 </rpminfo_test> 66599 <rpminfo_test id="oval:org.opensuse.security:tst:2009076997" version="1" comment="MozillaFirefox-branding-SLED is <7-0.10.11" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66600 <object object_ref="oval:org.opensuse.security:obj:2009033270"/> 66601 <state state_ref="oval:org.opensuse.security:ste:2009040943"/> 66602 </rpminfo_test> 66603 <rpminfo_test id="oval:org.opensuse.security:tst:2009076998" version="1" comment="MozillaFirefox-translations is <17.0.5esr-0.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66604 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 66605 <state state_ref="oval:org.opensuse.security:ste:2009040944"/> 66606 </rpminfo_test> 66607 <rpminfo_test id="oval:org.opensuse.security:tst:2009076999" version="1" comment="MozillaFirefox is <17.0.5esr-0.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66608 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 66609 <state state_ref="oval:org.opensuse.security:ste:2009040944"/> 66610 </rpminfo_test> 66611 <rpminfo_test id="oval:org.opensuse.security:tst:2009077000" version="1" comment="mozilla-nspr-32bit is <4.9.6-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66612 <object object_ref="oval:org.opensuse.security:obj:2009032356"/> 66613 <state state_ref="oval:org.opensuse.security:ste:2009040945"/> 66614 </rpminfo_test> 66615 <rpminfo_test id="oval:org.opensuse.security:tst:2009077001" version="1" comment="mozilla-nspr-devel is <4.9.6-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66616 <object object_ref="oval:org.opensuse.security:obj:2009032357"/> 66617 <state state_ref="oval:org.opensuse.security:ste:2009040945"/> 66618 </rpminfo_test> 66619 <rpminfo_test id="oval:org.opensuse.security:tst:2009077002" version="1" comment="mozilla-nspr is <4.9.6-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66620 <object object_ref="oval:org.opensuse.security:obj:2009032358"/> 66621 <state state_ref="oval:org.opensuse.security:ste:2009040945"/> 66622 </rpminfo_test> 66623 <rpminfo_test id="oval:org.opensuse.security:tst:2009077003" version="1" comment="mozilla-nss-32bit is <3.14.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66624 <object object_ref="oval:org.opensuse.security:obj:2009032437"/> 66625 <state state_ref="oval:org.opensuse.security:ste:2009040946"/> 66626 </rpminfo_test> 66627 <rpminfo_test id="oval:org.opensuse.security:tst:2009077004" version="1" comment="mozilla-nss-devel is <3.14.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66628 <object object_ref="oval:org.opensuse.security:obj:2009032439"/> 66629 <state state_ref="oval:org.opensuse.security:ste:2009040946"/> 66630 </rpminfo_test> 66631 <rpminfo_test id="oval:org.opensuse.security:tst:2009077005" version="1" comment="mozilla-nss-tools is <3.14.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66632 <object object_ref="oval:org.opensuse.security:obj:2009032444"/> 66633 <state state_ref="oval:org.opensuse.security:ste:2009040946"/> 66634 </rpminfo_test> 66635 <rpminfo_test id="oval:org.opensuse.security:tst:2009077006" version="1" comment="mozilla-nss is <3.14.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66636 <object object_ref="oval:org.opensuse.security:obj:2009032440"/> 66637 <state state_ref="oval:org.opensuse.security:ste:2009040946"/> 66638 </rpminfo_test> 66639 <rpminfo_test id="oval:org.opensuse.security:tst:2009077308" version="1" comment="MozillaFirefox-translations is <17.0.6esr-0.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66640 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 66641 <state state_ref="oval:org.opensuse.security:ste:2009041007"/> 66642 </rpminfo_test> 66643 <rpminfo_test id="oval:org.opensuse.security:tst:2009077309" version="1" comment="MozillaFirefox is <17.0.6esr-0.8.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66644 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 66645 <state state_ref="oval:org.opensuse.security:ste:2009041007"/> 66646 </rpminfo_test> 66647 <rpminfo_test id="oval:org.opensuse.security:tst:2009077034" version="1" comment="flash-player is <11.2.202.280-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66648 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 66649 <state state_ref="oval:org.opensuse.security:ste:2009040952"/> 66650 </rpminfo_test> 66651 <rpminfo_test id="oval:org.opensuse.security:tst:2009077699" version="1" comment="java-1_5_0-ibm-32bit is <1.5.0_sr16.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66652 <object object_ref="oval:org.opensuse.security:obj:2009032707"/> 66653 <state state_ref="oval:org.opensuse.security:ste:2009041080"/> 66654 </rpminfo_test> 66655 <rpminfo_test id="oval:org.opensuse.security:tst:2009077700" version="1" comment="java-1_5_0-ibm-alsa-32bit is <1.5.0_sr16.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66656 <object object_ref="oval:org.opensuse.security:obj:2009032708"/> 66657 <state state_ref="oval:org.opensuse.security:ste:2009041080"/> 66658 </rpminfo_test> 66659 <rpminfo_test id="oval:org.opensuse.security:tst:2009077701" version="1" comment="java-1_5_0-ibm-alsa is <1.5.0_sr16.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66660 <object object_ref="oval:org.opensuse.security:obj:2009032709"/> 66661 <state state_ref="oval:org.opensuse.security:ste:2009041080"/> 66662 </rpminfo_test> 66663 <rpminfo_test id="oval:org.opensuse.security:tst:2009077702" version="1" comment="java-1_5_0-ibm-demo is <1.5.0_sr16.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66664 <object object_ref="oval:org.opensuse.security:obj:2009032710"/> 66665 <state state_ref="oval:org.opensuse.security:ste:2009041080"/> 66666 </rpminfo_test> 66667 <rpminfo_test id="oval:org.opensuse.security:tst:2009077703" version="1" comment="java-1_5_0-ibm-devel-32bit is <1.5.0_sr16.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66668 <object object_ref="oval:org.opensuse.security:obj:2009032711"/> 66669 <state state_ref="oval:org.opensuse.security:ste:2009041080"/> 66670 </rpminfo_test> 66671 <rpminfo_test id="oval:org.opensuse.security:tst:2009077704" version="1" comment="java-1_5_0-ibm-devel is <1.5.0_sr16.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66672 <object object_ref="oval:org.opensuse.security:obj:2009032712"/> 66673 <state state_ref="oval:org.opensuse.security:ste:2009041080"/> 66674 </rpminfo_test> 66675 <rpminfo_test id="oval:org.opensuse.security:tst:2009077705" version="1" comment="java-1_5_0-ibm-fonts is <1.5.0_sr16.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66676 <object object_ref="oval:org.opensuse.security:obj:2009032773"/> 66677 <state state_ref="oval:org.opensuse.security:ste:2009041080"/> 66678 </rpminfo_test> 66679 <rpminfo_test id="oval:org.opensuse.security:tst:2009077706" version="1" comment="java-1_5_0-ibm-jdbc is <1.5.0_sr16.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66680 <object object_ref="oval:org.opensuse.security:obj:2009032713"/> 66681 <state state_ref="oval:org.opensuse.security:ste:2009041080"/> 66682 </rpminfo_test> 66683 <rpminfo_test id="oval:org.opensuse.security:tst:2009077707" version="1" comment="java-1_5_0-ibm-plugin is <1.5.0_sr16.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66684 <object object_ref="oval:org.opensuse.security:obj:2009032714"/> 66685 <state state_ref="oval:org.opensuse.security:ste:2009041080"/> 66686 </rpminfo_test> 66687 <rpminfo_test id="oval:org.opensuse.security:tst:2009077708" version="1" comment="java-1_5_0-ibm-src is <1.5.0_sr16.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66688 <object object_ref="oval:org.opensuse.security:obj:2009032715"/> 66689 <state state_ref="oval:org.opensuse.security:ste:2009041080"/> 66690 </rpminfo_test> 66691 <rpminfo_test id="oval:org.opensuse.security:tst:2009077709" version="1" comment="java-1_5_0-ibm is <1.5.0_sr16.3-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66692 <object object_ref="oval:org.opensuse.security:obj:2009032716"/> 66693 <state state_ref="oval:org.opensuse.security:ste:2009041080"/> 66694 </rpminfo_test> 66695 <rpminfo_test id="oval:org.opensuse.security:tst:2009077115" version="1" comment="gnutls-32bit is <1.2.10-13.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66696 <object object_ref="oval:org.opensuse.security:obj:2009030605"/> 66697 <state state_ref="oval:org.opensuse.security:ste:2009040971"/> 66698 </rpminfo_test> 66699 <rpminfo_test id="oval:org.opensuse.security:tst:2009077116" version="1" comment="gnutls-devel-32bit is <1.2.10-13.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66700 <object object_ref="oval:org.opensuse.security:obj:2009030606"/> 66701 <state state_ref="oval:org.opensuse.security:ste:2009040971"/> 66702 </rpminfo_test> 66703 <rpminfo_test id="oval:org.opensuse.security:tst:2009077117" version="1" comment="gnutls-devel is <1.2.10-13.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66704 <object object_ref="oval:org.opensuse.security:obj:2009030523"/> 66705 <state state_ref="oval:org.opensuse.security:ste:2009040971"/> 66706 </rpminfo_test> 66707 <rpminfo_test id="oval:org.opensuse.security:tst:2009077118" version="1" comment="gnutls is <1.2.10-13.32.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66708 <object object_ref="oval:org.opensuse.security:obj:2009030524"/> 66709 <state state_ref="oval:org.opensuse.security:ste:2009040971"/> 66710 </rpminfo_test> 66711 <rpminfo_test id="oval:org.opensuse.security:tst:2009077536" version="1" comment="MozillaFirefox-branding-SLED is <7-0.10.28" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66712 <object object_ref="oval:org.opensuse.security:obj:2009033270"/> 66713 <state state_ref="oval:org.opensuse.security:ste:2009041042"/> 66714 </rpminfo_test> 66715 <rpminfo_test id="oval:org.opensuse.security:tst:2009077537" version="1" comment="MozillaFirefox-translations is <17.0.7esr-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66716 <object object_ref="oval:org.opensuse.security:obj:2009030475"/> 66717 <state state_ref="oval:org.opensuse.security:ste:2009041043"/> 66718 </rpminfo_test> 66719 <rpminfo_test id="oval:org.opensuse.security:tst:2009077538" version="1" comment="MozillaFirefox is <17.0.7esr-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66720 <object object_ref="oval:org.opensuse.security:obj:2009030476"/> 66721 <state state_ref="oval:org.opensuse.security:ste:2009041043"/> 66722 </rpminfo_test> 66723 <rpminfo_test id="oval:org.opensuse.security:tst:2009077212" version="1" comment="sudo is <1.6.9p23-0.18.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66724 <object object_ref="oval:org.opensuse.security:obj:2009030544"/> 66725 <state state_ref="oval:org.opensuse.security:ste:2009040985"/> 66726 </rpminfo_test> 66727 <rpminfo_test id="oval:org.opensuse.security:tst:2009076954" version="1" comment="poppler-devel is <0.4.4-19.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66728 <object object_ref="oval:org.opensuse.security:obj:2009031306"/> 66729 <state state_ref="oval:org.opensuse.security:ste:2009040935"/> 66730 </rpminfo_test> 66731 <rpminfo_test id="oval:org.opensuse.security:tst:2009076955" version="1" comment="poppler-glib is <0.4.4-19.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66732 <object object_ref="oval:org.opensuse.security:obj:2009031308"/> 66733 <state state_ref="oval:org.opensuse.security:ste:2009040935"/> 66734 </rpminfo_test> 66735 <rpminfo_test id="oval:org.opensuse.security:tst:2009076956" version="1" comment="poppler-qt is <0.4.4-19.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66736 <object object_ref="oval:org.opensuse.security:obj:2009031310"/> 66737 <state state_ref="oval:org.opensuse.security:ste:2009040935"/> 66738 </rpminfo_test> 66739 <rpminfo_test id="oval:org.opensuse.security:tst:2009076957" version="1" comment="poppler is <0.4.4-19.29.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66740 <object object_ref="oval:org.opensuse.security:obj:2009031312"/> 66741 <state state_ref="oval:org.opensuse.security:ste:2009040935"/> 66742 </rpminfo_test> 66743 <rpminfo_test id="oval:org.opensuse.security:tst:2009077278" version="1" comment="subversion-devel is <1.3.1-1.22.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66744 <object object_ref="oval:org.opensuse.security:obj:2009031998"/> 66745 <state state_ref="oval:org.opensuse.security:ste:2009041001"/> 66746 </rpminfo_test> 66747 <rpminfo_test id="oval:org.opensuse.security:tst:2009077279" version="1" comment="subversion is <1.3.1-1.22.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66748 <object object_ref="oval:org.opensuse.security:obj:2009032000"/> 66749 <state state_ref="oval:org.opensuse.security:ste:2009041001"/> 66750 </rpminfo_test> 66751 <rpminfo_test id="oval:org.opensuse.security:tst:2009077370" version="1" comment="glibc-32bit is <2.4-31.109.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66752 <object object_ref="oval:org.opensuse.security:obj:2009031922"/> 66753 <state state_ref="oval:org.opensuse.security:ste:2009041014"/> 66754 </rpminfo_test> 66755 <rpminfo_test id="oval:org.opensuse.security:tst:2009077371" version="1" comment="glibc-devel-32bit is <2.4-31.109.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66756 <object object_ref="oval:org.opensuse.security:obj:2009031923"/> 66757 <state state_ref="oval:org.opensuse.security:ste:2009041014"/> 66758 </rpminfo_test> 66759 <rpminfo_test id="oval:org.opensuse.security:tst:2009077372" version="1" comment="glibc-devel is <2.4-31.109.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66760 <object object_ref="oval:org.opensuse.security:obj:2009031924"/> 66761 <state state_ref="oval:org.opensuse.security:ste:2009041014"/> 66762 </rpminfo_test> 66763 <rpminfo_test id="oval:org.opensuse.security:tst:2009077373" version="1" comment="glibc-html is <2.4-31.109.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66764 <object object_ref="oval:org.opensuse.security:obj:2009032391"/> 66765 <state state_ref="oval:org.opensuse.security:ste:2009041014"/> 66766 </rpminfo_test> 66767 <rpminfo_test id="oval:org.opensuse.security:tst:2009077374" version="1" comment="glibc-i18ndata is <2.4-31.109.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66768 <object object_ref="oval:org.opensuse.security:obj:2009032392"/> 66769 <state state_ref="oval:org.opensuse.security:ste:2009041014"/> 66770 </rpminfo_test> 66771 <rpminfo_test id="oval:org.opensuse.security:tst:2009077375" version="1" comment="glibc-info is <2.4-31.109.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66772 <object object_ref="oval:org.opensuse.security:obj:2009032393"/> 66773 <state state_ref="oval:org.opensuse.security:ste:2009041014"/> 66774 </rpminfo_test> 66775 <rpminfo_test id="oval:org.opensuse.security:tst:2009077376" version="1" comment="glibc-locale-32bit is <2.4-31.109.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66776 <object object_ref="oval:org.opensuse.security:obj:2009030531"/> 66777 <state state_ref="oval:org.opensuse.security:ste:2009041014"/> 66778 </rpminfo_test> 66779 <rpminfo_test id="oval:org.opensuse.security:tst:2009077377" version="1" comment="glibc-locale is <2.4-31.109.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66780 <object object_ref="oval:org.opensuse.security:obj:2009031925"/> 66781 <state state_ref="oval:org.opensuse.security:ste:2009041014"/> 66782 </rpminfo_test> 66783 <rpminfo_test id="oval:org.opensuse.security:tst:2009077378" version="1" comment="glibc is <2.4-31.109.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66784 <object object_ref="oval:org.opensuse.security:obj:2009031926"/> 66785 <state state_ref="oval:org.opensuse.security:ste:2009041014"/> 66786 </rpminfo_test> 66787 <rpminfo_test id="oval:org.opensuse.security:tst:2009077379" version="1" comment="nscd is <2.4-31.109.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66788 <object object_ref="oval:org.opensuse.security:obj:2009032399"/> 66789 <state state_ref="oval:org.opensuse.security:ste:2009041014"/> 66790 </rpminfo_test> 66791 <rpminfo_test id="oval:org.opensuse.security:tst:2009077276" version="1" comment="nfs-utils is <1.0.7-36.52.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66792 <object object_ref="oval:org.opensuse.security:obj:2009030860"/> 66793 <state state_ref="oval:org.opensuse.security:ste:2009040999"/> 66794 </rpminfo_test> 66795 <rpminfo_test id="oval:org.opensuse.security:tst:2009077380" version="1" comment="xorg-x11-server is <6.9.0-50.82.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66796 <object object_ref="oval:org.opensuse.security:obj:2009031304"/> 66797 <state state_ref="oval:org.opensuse.security:ste:2009041015"/> 66798 </rpminfo_test> 66799 <rpminfo_test id="oval:org.opensuse.security:tst:2009077196" version="1" comment="curl-32bit is <7.15.1-19.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66800 <object object_ref="oval:org.opensuse.security:obj:2009030528"/> 66801 <state state_ref="oval:org.opensuse.security:ste:2009040980"/> 66802 </rpminfo_test> 66803 <rpminfo_test id="oval:org.opensuse.security:tst:2009077197" version="1" comment="curl-devel is <7.15.1-19.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66804 <object object_ref="oval:org.opensuse.security:obj:2009030595"/> 66805 <state state_ref="oval:org.opensuse.security:ste:2009040980"/> 66806 </rpminfo_test> 66807 <rpminfo_test id="oval:org.opensuse.security:tst:2009077198" version="1" comment="curl is <7.15.1-19.26.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66808 <object object_ref="oval:org.opensuse.security:obj:2009030596"/> 66809 <state state_ref="oval:org.opensuse.security:ste:2009040980"/> 66810 </rpminfo_test> 66811 <rpminfo_test id="oval:org.opensuse.security:tst:2009077199" version="1" comment="compat-curl2-32bit is <7.11.0-20.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66812 <object object_ref="oval:org.opensuse.security:obj:2009032182"/> 66813 <state state_ref="oval:org.opensuse.security:ste:2009040981"/> 66814 </rpminfo_test> 66815 <rpminfo_test id="oval:org.opensuse.security:tst:2009077200" version="1" comment="compat-curl2 is <7.11.0-20.9.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66816 <object object_ref="oval:org.opensuse.security:obj:2009032184"/> 66817 <state state_ref="oval:org.opensuse.security:ste:2009040981"/> 66818 </rpminfo_test> 66819 <rpminfo_test id="oval:org.opensuse.security:tst:2009077213" version="1" comment="libtiff-32bit is <3.8.2-5.34.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66820 <object object_ref="oval:org.opensuse.security:obj:2009030616"/> 66821 <state state_ref="oval:org.opensuse.security:ste:2009040986"/> 66822 </rpminfo_test> 66823 <rpminfo_test id="oval:org.opensuse.security:tst:2009077214" version="1" comment="libtiff-devel is <3.8.2-5.34.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66824 <object object_ref="oval:org.opensuse.security:obj:2009031676"/> 66825 <state state_ref="oval:org.opensuse.security:ste:2009040986"/> 66826 </rpminfo_test> 66827 <rpminfo_test id="oval:org.opensuse.security:tst:2009077215" version="1" comment="libtiff is <3.8.2-5.34.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66828 <object object_ref="oval:org.opensuse.security:obj:2009030452"/> 66829 <state state_ref="oval:org.opensuse.security:ste:2009040986"/> 66830 </rpminfo_test> 66831 <rpminfo_test id="oval:org.opensuse.security:tst:2009077646" version="1" comment="subversion-devel is <1.3.1-1.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66832 <object object_ref="oval:org.opensuse.security:obj:2009031998"/> 66833 <state state_ref="oval:org.opensuse.security:ste:2009041065"/> 66834 </rpminfo_test> 66835 <rpminfo_test id="oval:org.opensuse.security:tst:2009077647" version="1" comment="subversion is <1.3.1-1.24.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66836 <object object_ref="oval:org.opensuse.security:obj:2009032000"/> 66837 <state state_ref="oval:org.opensuse.security:ste:2009041065"/> 66838 </rpminfo_test> 66839 <rpminfo_test id="oval:org.opensuse.security:tst:2009077583" version="1" comment="xorg-x11-Xnest is <6.9.0-50.84.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66840 <object object_ref="oval:org.opensuse.security:obj:2009032401"/> 66841 <state state_ref="oval:org.opensuse.security:ste:2009041058"/> 66842 </rpminfo_test> 66843 <rpminfo_test id="oval:org.opensuse.security:tst:2009077584" version="1" comment="xorg-x11-Xvfb is <6.9.0-50.84.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66844 <object object_ref="oval:org.opensuse.security:obj:2009032402"/> 66845 <state state_ref="oval:org.opensuse.security:ste:2009041058"/> 66846 </rpminfo_test> 66847 <rpminfo_test id="oval:org.opensuse.security:tst:2009077585" version="1" comment="xorg-x11-Xvnc is <6.9.0-50.84.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66848 <object object_ref="oval:org.opensuse.security:obj:2009031301"/> 66849 <state state_ref="oval:org.opensuse.security:ste:2009041058"/> 66850 </rpminfo_test> 66851 <rpminfo_test id="oval:org.opensuse.security:tst:2009077586" version="1" comment="xorg-x11-devel-32bit is <6.9.0-50.84.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66852 <object object_ref="oval:org.opensuse.security:obj:2009031328"/> 66853 <state state_ref="oval:org.opensuse.security:ste:2009041058"/> 66854 </rpminfo_test> 66855 <rpminfo_test id="oval:org.opensuse.security:tst:2009077587" version="1" comment="xorg-x11-devel is <6.9.0-50.84.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66856 <object object_ref="oval:org.opensuse.security:obj:2009031330"/> 66857 <state state_ref="oval:org.opensuse.security:ste:2009041058"/> 66858 </rpminfo_test> 66859 <rpminfo_test id="oval:org.opensuse.security:tst:2009077588" version="1" comment="xorg-x11-fonts-100dpi is <6.9.0-50.84.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66860 <object object_ref="oval:org.opensuse.security:obj:2009032403"/> 66861 <state state_ref="oval:org.opensuse.security:ste:2009041058"/> 66862 </rpminfo_test> 66863 <rpminfo_test id="oval:org.opensuse.security:tst:2009077589" version="1" comment="xorg-x11-fonts-75dpi is <6.9.0-50.84.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66864 <object object_ref="oval:org.opensuse.security:obj:2009032404"/> 66865 <state state_ref="oval:org.opensuse.security:ste:2009041058"/> 66866 </rpminfo_test> 66867 <rpminfo_test id="oval:org.opensuse.security:tst:2009077590" version="1" comment="xorg-x11-fonts-cyrillic is <6.9.0-50.84.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66868 <object object_ref="oval:org.opensuse.security:obj:2009032405"/> 66869 <state state_ref="oval:org.opensuse.security:ste:2009041058"/> 66870 </rpminfo_test> 66871 <rpminfo_test id="oval:org.opensuse.security:tst:2009077591" version="1" comment="xorg-x11-fonts-scalable is <6.9.0-50.84.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66872 <object object_ref="oval:org.opensuse.security:obj:2009032406"/> 66873 <state state_ref="oval:org.opensuse.security:ste:2009041058"/> 66874 </rpminfo_test> 66875 <rpminfo_test id="oval:org.opensuse.security:tst:2009077592" version="1" comment="xorg-x11-fonts-syriac is <6.9.0-50.84.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66876 <object object_ref="oval:org.opensuse.security:obj:2009032407"/> 66877 <state state_ref="oval:org.opensuse.security:ste:2009041058"/> 66878 </rpminfo_test> 66879 <rpminfo_test id="oval:org.opensuse.security:tst:2009077593" version="1" comment="xorg-x11-libs-32bit is <6.9.0-50.84.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66880 <object object_ref="oval:org.opensuse.security:obj:2009031332"/> 66881 <state state_ref="oval:org.opensuse.security:ste:2009041058"/> 66882 </rpminfo_test> 66883 <rpminfo_test id="oval:org.opensuse.security:tst:2009077594" version="1" comment="xorg-x11-libs is <6.9.0-50.84.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66884 <object object_ref="oval:org.opensuse.security:obj:2009031334"/> 66885 <state state_ref="oval:org.opensuse.security:ste:2009041058"/> 66886 </rpminfo_test> 66887 <rpminfo_test id="oval:org.opensuse.security:tst:2009077595" version="1" comment="xorg-x11-man is <6.9.0-50.84.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66888 <object object_ref="oval:org.opensuse.security:obj:2009032408"/> 66889 <state state_ref="oval:org.opensuse.security:ste:2009041058"/> 66890 </rpminfo_test> 66891 <rpminfo_test id="oval:org.opensuse.security:tst:2009077596" version="1" comment="xorg-x11-server-glx is <6.9.0-50.84.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66892 <object object_ref="oval:org.opensuse.security:obj:2009032409"/> 66893 <state state_ref="oval:org.opensuse.security:ste:2009041058"/> 66894 </rpminfo_test> 66895 <rpminfo_test id="oval:org.opensuse.security:tst:2009077597" version="1" comment="xorg-x11-server is <6.9.0-50.84.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66896 <object object_ref="oval:org.opensuse.security:obj:2009031304"/> 66897 <state state_ref="oval:org.opensuse.security:ste:2009041058"/> 66898 </rpminfo_test> 66899 <rpminfo_test id="oval:org.opensuse.security:tst:2009077598" version="1" comment="xorg-x11 is <6.9.0-50.84.4" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66900 <object object_ref="oval:org.opensuse.security:obj:2009031335"/> 66901 <state state_ref="oval:org.opensuse.security:ste:2009041058"/> 66902 </rpminfo_test> 66903 <rpminfo_test id="oval:org.opensuse.security:tst:2009077599" version="1" comment="Mesa-32bit is <6.4.2-19.20.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66904 <object object_ref="oval:org.opensuse.security:obj:2009035155"/> 66905 <state state_ref="oval:org.opensuse.security:ste:2009041059"/> 66906 </rpminfo_test> 66907 <rpminfo_test id="oval:org.opensuse.security:tst:2009077600" version="1" comment="Mesa-devel-32bit is <6.4.2-19.20.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66908 <object object_ref="oval:org.opensuse.security:obj:2009035180"/> 66909 <state state_ref="oval:org.opensuse.security:ste:2009041059"/> 66910 </rpminfo_test> 66911 <rpminfo_test id="oval:org.opensuse.security:tst:2009077601" version="1" comment="Mesa-devel is <6.4.2-19.20.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66912 <object object_ref="oval:org.opensuse.security:obj:2009035181"/> 66913 <state state_ref="oval:org.opensuse.security:ste:2009041059"/> 66914 </rpminfo_test> 66915 <rpminfo_test id="oval:org.opensuse.security:tst:2009077602" version="1" comment="Mesa is <6.4.2-19.20.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66916 <object object_ref="oval:org.opensuse.security:obj:2009035156"/> 66917 <state state_ref="oval:org.opensuse.security:ste:2009041059"/> 66918 </rpminfo_test> 66919 <rpminfo_test id="oval:org.opensuse.security:tst:2009077457" version="1" comment="clamav is <0.97.8-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66920 <object object_ref="oval:org.opensuse.security:obj:2009030961"/> 66921 <state state_ref="oval:org.opensuse.security:ste:2009041028"/> 66922 </rpminfo_test> 66923 <rpminfo_test id="oval:org.opensuse.security:tst:2009077539" version="1" comment="openswan is <2.4.4-18.21.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66924 <object object_ref="oval:org.opensuse.security:obj:2009031035"/> 66925 <state state_ref="oval:org.opensuse.security:ste:2009041044"/> 66926 </rpminfo_test> 66927 <rpminfo_test id="oval:org.opensuse.security:tst:2009077458" version="1" comment="gnutls-32bit is <1.2.10-13.36.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66928 <object object_ref="oval:org.opensuse.security:obj:2009030605"/> 66929 <state state_ref="oval:org.opensuse.security:ste:2009041029"/> 66930 </rpminfo_test> 66931 <rpminfo_test id="oval:org.opensuse.security:tst:2009077459" version="1" comment="gnutls-devel-32bit is <1.2.10-13.36.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66932 <object object_ref="oval:org.opensuse.security:obj:2009030606"/> 66933 <state state_ref="oval:org.opensuse.security:ste:2009041029"/> 66934 </rpminfo_test> 66935 <rpminfo_test id="oval:org.opensuse.security:tst:2009077460" version="1" comment="gnutls-devel is <1.2.10-13.36.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66936 <object object_ref="oval:org.opensuse.security:obj:2009030523"/> 66937 <state state_ref="oval:org.opensuse.security:ste:2009041029"/> 66938 </rpminfo_test> 66939 <rpminfo_test id="oval:org.opensuse.security:tst:2009077461" version="1" comment="gnutls is <1.2.10-13.36.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66940 <object object_ref="oval:org.opensuse.security:obj:2009030524"/> 66941 <state state_ref="oval:org.opensuse.security:ste:2009041029"/> 66942 </rpminfo_test> 66943 <rpminfo_test id="oval:org.opensuse.security:tst:2009077558" version="1" comment="compat-curl2-32bit is <7.11.0-20.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66944 <object object_ref="oval:org.opensuse.security:obj:2009032182"/> 66945 <state state_ref="oval:org.opensuse.security:ste:2009041052"/> 66946 </rpminfo_test> 66947 <rpminfo_test id="oval:org.opensuse.security:tst:2009077559" version="1" comment="compat-curl2 is <7.11.0-20.11.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66948 <object object_ref="oval:org.opensuse.security:obj:2009032184"/> 66949 <state state_ref="oval:org.opensuse.security:ste:2009041052"/> 66950 </rpminfo_test> 66951 <rpminfo_test id="oval:org.opensuse.security:tst:2009077572" version="1" comment="curl-32bit is <7.15.1-19.30.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66952 <object object_ref="oval:org.opensuse.security:obj:2009030528"/> 66953 <state state_ref="oval:org.opensuse.security:ste:2009041055"/> 66954 </rpminfo_test> 66955 <rpminfo_test id="oval:org.opensuse.security:tst:2009077573" version="1" comment="curl-devel is <7.15.1-19.30.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66956 <object object_ref="oval:org.opensuse.security:obj:2009030595"/> 66957 <state state_ref="oval:org.opensuse.security:ste:2009041055"/> 66958 </rpminfo_test> 66959 <rpminfo_test id="oval:org.opensuse.security:tst:2009077574" version="1" comment="curl is <7.15.1-19.30.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66960 <object object_ref="oval:org.opensuse.security:obj:2009030596"/> 66961 <state state_ref="oval:org.opensuse.security:ste:2009041055"/> 66962 </rpminfo_test> 66963 <rpminfo_test id="oval:org.opensuse.security:tst:2009077758" version="1" comment="wireshark is <1.6.16-0.5.5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66964 <object object_ref="oval:org.opensuse.security:obj:2009031055"/> 66965 <state state_ref="oval:org.opensuse.security:ste:2009041089"/> 66966 </rpminfo_test> 66967 <rpminfo_test id="oval:org.opensuse.security:tst:2009077231" version="1" comment="acroread-cmaps is <9.4.6-0.6.63" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66968 <object object_ref="oval:org.opensuse.security:obj:2009033636"/> 66969 <state state_ref="oval:org.opensuse.security:ste:2009040991"/> 66970 </rpminfo_test> 66971 <rpminfo_test id="oval:org.opensuse.security:tst:2009077232" version="1" comment="acroread-fonts-ja is <9.4.6-0.6.63" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66972 <object object_ref="oval:org.opensuse.security:obj:2009033637"/> 66973 <state state_ref="oval:org.opensuse.security:ste:2009040991"/> 66974 </rpminfo_test> 66975 <rpminfo_test id="oval:org.opensuse.security:tst:2009077233" version="1" comment="acroread-fonts-ko is <9.4.6-0.6.63" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66976 <object object_ref="oval:org.opensuse.security:obj:2009033638"/> 66977 <state state_ref="oval:org.opensuse.security:ste:2009040991"/> 66978 </rpminfo_test> 66979 <rpminfo_test id="oval:org.opensuse.security:tst:2009077234" version="1" comment="acroread-fonts-zh_CN is <9.4.6-0.6.63" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66980 <object object_ref="oval:org.opensuse.security:obj:2009033639"/> 66981 <state state_ref="oval:org.opensuse.security:ste:2009040991"/> 66982 </rpminfo_test> 66983 <rpminfo_test id="oval:org.opensuse.security:tst:2009077235" version="1" comment="acroread-fonts-zh_TW is <9.4.6-0.6.63" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66984 <object object_ref="oval:org.opensuse.security:obj:2009033640"/> 66985 <state state_ref="oval:org.opensuse.security:ste:2009040991"/> 66986 </rpminfo_test> 66987 <rpminfo_test id="oval:org.opensuse.security:tst:2009077236" version="1" comment="acroread is <9.5.5-0.6.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66988 <object object_ref="oval:org.opensuse.security:obj:2009030440"/> 66989 <state state_ref="oval:org.opensuse.security:ste:2009040992"/> 66990 </rpminfo_test> 66991 <rpminfo_test id="oval:org.opensuse.security:tst:2009077227" version="1" comment="flash-player is <11.2.202.285-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66992 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 66993 <state state_ref="oval:org.opensuse.security:ste:2009040989"/> 66994 </rpminfo_test> 66995 <rpminfo_test id="oval:org.opensuse.security:tst:2009077451" version="1" comment="flash-player is <11.2.202.291-0.5.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 66996 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 66997 <state state_ref="oval:org.opensuse.security:ste:2009041024"/> 66998 </rpminfo_test> 66999 <rpminfo_test id="oval:org.opensuse.security:tst:2009077648" version="1" comment="flash-player is <11.2.202.297-0.5.2" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67000 <object object_ref="oval:org.opensuse.security:obj:2009030601"/> 67001 <state state_ref="oval:org.opensuse.security:ste:2009041066"/> 67002 </rpminfo_test> 67003 <rpminfo_test id="oval:org.opensuse.security:tst:2009077721" version="1" comment="ruby is <1.8.6.p369-0.16.1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67004 <object object_ref="oval:org.opensuse.security:obj:2009030431"/> 67005 <state state_ref="oval:org.opensuse.security:ste:2009041084"/> 67006 </rpminfo_test> 67007 </tests> 67008 <objects> 67009 <rpminfo_object id="oval:org.opensuse.security:obj:2009031917" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67010 <name>sled-release</name> 67011 </rpminfo_object> 67012 <rpminfo_object id="oval:org.opensuse.security:obj:2009031038" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67013 <name>krb5-32bit</name> 67014 </rpminfo_object> 67015 <rpminfo_object id="oval:org.opensuse.security:obj:2009031041" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67016 <name>krb5-client</name> 67017 </rpminfo_object> 67018 <rpminfo_object id="oval:org.opensuse.security:obj:2009031476" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67019 <name>krb5-devel-32bit</name> 67020 </rpminfo_object> 67021 <rpminfo_object id="oval:org.opensuse.security:obj:2009031478" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67022 <name>krb5-devel</name> 67023 </rpminfo_object> 67024 <rpminfo_object id="oval:org.opensuse.security:obj:2009031044" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67025 <name>krb5</name> 67026 </rpminfo_object> 67027 <rpminfo_object id="oval:org.opensuse.security:obj:2009031328" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67028 <name>xorg-x11-devel-32bit</name> 67029 </rpminfo_object> 67030 <rpminfo_object id="oval:org.opensuse.security:obj:2009031330" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67031 <name>xorg-x11-devel</name> 67032 </rpminfo_object> 67033 <rpminfo_object id="oval:org.opensuse.security:obj:2009030533" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67034 <name>gtk2-devel</name> 67035 </rpminfo_object> 67036 <rpminfo_object id="oval:org.opensuse.security:obj:2009031891" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67037 <name>NetworkManager-devel</name> 67038 </rpminfo_object> 67039 <rpminfo_object id="oval:org.opensuse.security:obj:2009030980" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67040 <name>NetworkManager-glib</name> 67041 </rpminfo_object> 67042 <rpminfo_object id="oval:org.opensuse.security:obj:2009030982" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67043 <name>NetworkManager-gnome</name> 67044 </rpminfo_object> 67045 <rpminfo_object id="oval:org.opensuse.security:obj:2009032004" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67046 <name>NetworkManager-openvpn</name> 67047 </rpminfo_object> 67048 <rpminfo_object id="oval:org.opensuse.security:obj:2009032005" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67049 <name>NetworkManager-vpnc</name> 67050 </rpminfo_object> 67051 <rpminfo_object id="oval:org.opensuse.security:obj:2009030981" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67052 <name>NetworkManager</name> 67053 </rpminfo_object> 67054 <rpminfo_object id="oval:org.opensuse.security:obj:2009032006" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67055 <name>art-sharp</name> 67056 </rpminfo_object> 67057 <rpminfo_object id="oval:org.opensuse.security:obj:2009031681" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67058 <name>audit-libs-32bit</name> 67059 </rpminfo_object> 67060 <rpminfo_object id="oval:org.opensuse.security:obj:2009031683" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67061 <name>audit-libs-python</name> 67062 </rpminfo_object> 67063 <rpminfo_object id="oval:org.opensuse.security:obj:2009031684" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67064 <name>audit-libs</name> 67065 </rpminfo_object> 67066 <rpminfo_object id="oval:org.opensuse.security:obj:2009031685" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67067 <name>audit</name> 67068 </rpminfo_object> 67069 <rpminfo_object id="oval:org.opensuse.security:obj:2009032007" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67070 <name>beagle-evolution</name> 67071 </rpminfo_object> 67072 <rpminfo_object id="oval:org.opensuse.security:obj:2009032008" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67073 <name>beagle-firefox</name> 67074 </rpminfo_object> 67075 <rpminfo_object id="oval:org.opensuse.security:obj:2009032009" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67076 <name>beagle-gui</name> 67077 </rpminfo_object> 67078 <rpminfo_object id="oval:org.opensuse.security:obj:2009032010" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67079 <name>beagle</name> 67080 </rpminfo_object> 67081 <rpminfo_object id="oval:org.opensuse.security:obj:2009031336" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67082 <name>cifs-mount</name> 67083 </rpminfo_object> 67084 <rpminfo_object id="oval:org.opensuse.security:obj:2009032011" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67085 <name>compiz</name> 67086 </rpminfo_object> 67087 <rpminfo_object id="oval:org.opensuse.security:obj:2009032012" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67088 <name>contact-lookup-applet</name> 67089 </rpminfo_object> 67090 <rpminfo_object id="oval:org.opensuse.security:obj:2009030726" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67091 <name>dhcp-client</name> 67092 </rpminfo_object> 67093 <rpminfo_object id="oval:org.opensuse.security:obj:2009030729" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67094 <name>dhcp</name> 67095 </rpminfo_object> 67096 <rpminfo_object id="oval:org.opensuse.security:obj:2009030607" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67097 <name>dia</name> 67098 </rpminfo_object> 67099 <rpminfo_object id="oval:org.opensuse.security:obj:2009030569" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67100 <name>evolution-devel</name> 67101 </rpminfo_object> 67102 <rpminfo_object id="oval:org.opensuse.security:obj:2009032013" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67103 <name>evolution-exchange</name> 67104 </rpminfo_object> 67105 <rpminfo_object id="oval:org.opensuse.security:obj:2009030464" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67106 <name>evolution-pilot</name> 67107 </rpminfo_object> 67108 <rpminfo_object id="oval:org.opensuse.security:obj:2009032014" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67109 <name>evolution-webcal</name> 67110 </rpminfo_object> 67111 <rpminfo_object id="oval:org.opensuse.security:obj:2009030465" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67112 <name>evolution</name> 67113 </rpminfo_object> 67114 <rpminfo_object id="oval:org.opensuse.security:obj:2009032015" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67115 <name>f-spot</name> 67116 </rpminfo_object> 67117 <rpminfo_object id="oval:org.opensuse.security:obj:2009032016" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67118 <name>gaim-devel</name> 67119 </rpminfo_object> 67120 <rpminfo_object id="oval:org.opensuse.security:obj:2009030467" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67121 <name>gaim</name> 67122 </rpminfo_object> 67123 <rpminfo_object id="oval:org.opensuse.security:obj:2009032017" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67124 <name>gconf-sharp</name> 67125 </rpminfo_object> 67126 <rpminfo_object id="oval:org.opensuse.security:obj:2009032018" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67127 <name>gda-sharp</name> 67128 </rpminfo_object> 67129 <rpminfo_object id="oval:org.opensuse.security:obj:2009032019" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67130 <name>gdb</name> 67131 </rpminfo_object> 67132 <rpminfo_object id="oval:org.opensuse.security:obj:2009032020" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67133 <name>gftp</name> 67134 </rpminfo_object> 67135 <rpminfo_object id="oval:org.opensuse.security:obj:2009032021" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67136 <name>glade-sharp</name> 67137 </rpminfo_object> 67138 <rpminfo_object id="oval:org.opensuse.security:obj:2009032022" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67139 <name>glib-sharp</name> 67140 </rpminfo_object> 67141 <rpminfo_object id="oval:org.opensuse.security:obj:2009030529" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67142 <name>glib2-32bit</name> 67143 </rpminfo_object> 67144 <rpminfo_object id="oval:org.opensuse.security:obj:2009031274" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67145 <name>glib2-devel</name> 67146 </rpminfo_object> 67147 <rpminfo_object id="oval:org.opensuse.security:obj:2009030892" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67148 <name>glib2-doc</name> 67149 </rpminfo_object> 67150 <rpminfo_object id="oval:org.opensuse.security:obj:2009030530" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67151 <name>glib2</name> 67152 </rpminfo_object> 67153 <rpminfo_object id="oval:org.opensuse.security:obj:2009032023" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67154 <name>gnome-backgrounds</name> 67155 </rpminfo_object> 67156 <rpminfo_object id="oval:org.opensuse.security:obj:2009032024" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67157 <name>gnome-filesystem</name> 67158 </rpminfo_object> 67159 <rpminfo_object id="oval:org.opensuse.security:obj:2009032025" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67160 <name>gnome-games</name> 67161 </rpminfo_object> 67162 <rpminfo_object id="oval:org.opensuse.security:obj:2009032026" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67163 <name>gnome-sharp</name> 67164 </rpminfo_object> 67165 <rpminfo_object id="oval:org.opensuse.security:obj:2009032027" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67166 <name>gnomedb-sharp</name> 67167 </rpminfo_object> 67168 <rpminfo_object id="oval:org.opensuse.security:obj:2009032028" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67169 <name>gnopernicus-devel</name> 67170 </rpminfo_object> 67171 <rpminfo_object id="oval:org.opensuse.security:obj:2009032029" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67172 <name>gnopernicus</name> 67173 </rpminfo_object> 67174 <rpminfo_object id="oval:org.opensuse.security:obj:2009032030" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67175 <name>gstreamer010-plugins-base-32bit</name> 67176 </rpminfo_object> 67177 <rpminfo_object id="oval:org.opensuse.security:obj:2009032031" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67178 <name>gstreamer010-plugins-base-devel</name> 67179 </rpminfo_object> 67180 <rpminfo_object id="oval:org.opensuse.security:obj:2009032032" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67181 <name>gstreamer010-plugins-base-doc</name> 67182 </rpminfo_object> 67183 <rpminfo_object id="oval:org.opensuse.security:obj:2009032033" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67184 <name>gstreamer010-plugins-base-oil-32bit</name> 67185 </rpminfo_object> 67186 <rpminfo_object id="oval:org.opensuse.security:obj:2009032034" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67187 <name>gstreamer010-plugins-base-oil</name> 67188 </rpminfo_object> 67189 <rpminfo_object id="oval:org.opensuse.security:obj:2009032035" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67190 <name>gstreamer010-plugins-base-visual-32bit</name> 67191 </rpminfo_object> 67192 <rpminfo_object id="oval:org.opensuse.security:obj:2009032036" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67193 <name>gstreamer010-plugins-base-visual</name> 67194 </rpminfo_object> 67195 <rpminfo_object id="oval:org.opensuse.security:obj:2009032037" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67196 <name>gstreamer010-plugins-base</name> 67197 </rpminfo_object> 67198 <rpminfo_object id="oval:org.opensuse.security:obj:2009032038" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67199 <name>gtk-sharp-32bit</name> 67200 </rpminfo_object> 67201 <rpminfo_object id="oval:org.opensuse.security:obj:2009032039" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67202 <name>gtk-sharp-complete</name> 67203 </rpminfo_object> 67204 <rpminfo_object id="oval:org.opensuse.security:obj:2009032040" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67205 <name>gtk-sharp-gapi</name> 67206 </rpminfo_object> 67207 <rpminfo_object id="oval:org.opensuse.security:obj:2009032041" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67208 <name>gtk-sharp</name> 67209 </rpminfo_object> 67210 <rpminfo_object id="oval:org.opensuse.security:obj:2009032042" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67211 <name>gtkhtml-sharp</name> 67212 </rpminfo_object> 67213 <rpminfo_object id="oval:org.opensuse.security:obj:2009032043" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67214 <name>helix-dbus-server</name> 67215 </rpminfo_object> 67216 <rpminfo_object id="oval:org.opensuse.security:obj:2009032044" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67217 <name>inkscape</name> 67218 </rpminfo_object> 67219 <rpminfo_object id="oval:org.opensuse.security:obj:2009032045" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67220 <name>libbeagle-32bit</name> 67221 </rpminfo_object> 67222 <rpminfo_object id="oval:org.opensuse.security:obj:2009032046" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67223 <name>libbeagle-devel</name> 67224 </rpminfo_object> 67225 <rpminfo_object id="oval:org.opensuse.security:obj:2009032047" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67226 <name>libbeagle</name> 67227 </rpminfo_object> 67228 <rpminfo_object id="oval:org.opensuse.security:obj:2009032048" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67229 <name>libgail-gnome-devel</name> 67230 </rpminfo_object> 67231 <rpminfo_object id="oval:org.opensuse.security:obj:2009032049" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67232 <name>libgail-gnome</name> 67233 </rpminfo_object> 67234 <rpminfo_object id="oval:org.opensuse.security:obj:2009032050" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67235 <name>libgdiplus</name> 67236 </rpminfo_object> 67237 <rpminfo_object id="oval:org.opensuse.security:obj:2009032051" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67238 <name>libipoddevice-32bit</name> 67239 </rpminfo_object> 67240 <rpminfo_object id="oval:org.opensuse.security:obj:2009032052" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67241 <name>libipoddevice</name> 67242 </rpminfo_object> 67243 <rpminfo_object id="oval:org.opensuse.security:obj:2009030745" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67244 <name>libsmbclient-32bit</name> 67245 </rpminfo_object> 67246 <rpminfo_object id="oval:org.opensuse.security:obj:2009030441" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67247 <name>libsmbclient-devel</name> 67248 </rpminfo_object> 67249 <rpminfo_object id="oval:org.opensuse.security:obj:2009030442" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67250 <name>libsmbclient</name> 67251 </rpminfo_object> 67252 <rpminfo_object id="oval:org.opensuse.security:obj:2009032053" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67253 <name>libtool-32bit</name> 67254 </rpminfo_object> 67255 <rpminfo_object id="oval:org.opensuse.security:obj:2009032054" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67256 <name>libtool</name> 67257 </rpminfo_object> 67258 <rpminfo_object id="oval:org.opensuse.security:obj:2009032055" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67259 <name>linphone-applet</name> 67260 </rpminfo_object> 67261 <rpminfo_object id="oval:org.opensuse.security:obj:2009032056" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67262 <name>linphone</name> 67263 </rpminfo_object> 67264 <rpminfo_object id="oval:org.opensuse.security:obj:2009032057" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67265 <name>openobex-devel</name> 67266 </rpminfo_object> 67267 <rpminfo_object id="oval:org.opensuse.security:obj:2009032058" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67268 <name>openobex</name> 67269 </rpminfo_object> 67270 <rpminfo_object id="oval:org.opensuse.security:obj:2009032059" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67271 <name>planner-devel</name> 67272 </rpminfo_object> 67273 <rpminfo_object id="oval:org.opensuse.security:obj:2009032060" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67274 <name>planner</name> 67275 </rpminfo_object> 67276 <rpminfo_object id="oval:org.opensuse.security:obj:2009032061" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67277 <name>pwlib-devel</name> 67278 </rpminfo_object> 67279 <rpminfo_object id="oval:org.opensuse.security:obj:2009031982" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67280 <name>pwlib</name> 67281 </rpminfo_object> 67282 <rpminfo_object id="oval:org.opensuse.security:obj:2009032062" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67283 <name>resapplet</name> 67284 </rpminfo_object> 67285 <rpminfo_object id="oval:org.opensuse.security:obj:2009032063" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67286 <name>rsvg-sharp</name> 67287 </rpminfo_object> 67288 <rpminfo_object id="oval:org.opensuse.security:obj:2009032064" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67289 <name>sabayon-admin</name> 67290 </rpminfo_object> 67291 <rpminfo_object id="oval:org.opensuse.security:obj:2009032065" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67292 <name>sabayon</name> 67293 </rpminfo_object> 67294 <rpminfo_object id="oval:org.opensuse.security:obj:2009030769" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67295 <name>samba-32bit</name> 67296 </rpminfo_object> 67297 <rpminfo_object id="oval:org.opensuse.security:obj:2009030770" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67298 <name>samba-client-32bit</name> 67299 </rpminfo_object> 67300 <rpminfo_object id="oval:org.opensuse.security:obj:2009030443" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67301 <name>samba-client</name> 67302 </rpminfo_object> 67303 <rpminfo_object id="oval:org.opensuse.security:obj:2009030444" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67304 <name>samba-doc</name> 67305 </rpminfo_object> 67306 <rpminfo_object id="oval:org.opensuse.security:obj:2009031344" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67307 <name>samba-krb-printing</name> 67308 </rpminfo_object> 67309 <rpminfo_object id="oval:org.opensuse.security:obj:2009030445" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67310 <name>samba-pdb</name> 67311 </rpminfo_object> 67312 <rpminfo_object id="oval:org.opensuse.security:obj:2009030447" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67313 <name>samba-vscan</name> 67314 </rpminfo_object> 67315 <rpminfo_object id="oval:org.opensuse.security:obj:2009030771" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67316 <name>samba-winbind-32bit</name> 67317 </rpminfo_object> 67318 <rpminfo_object id="oval:org.opensuse.security:obj:2009030448" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67319 <name>samba-winbind</name> 67320 </rpminfo_object> 67321 <rpminfo_object id="oval:org.opensuse.security:obj:2009030429" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67322 <name>samba</name> 67323 </rpminfo_object> 67324 <rpminfo_object id="oval:org.opensuse.security:obj:2009031247" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67325 <name>tomboy</name> 67326 </rpminfo_object> 67327 <rpminfo_object id="oval:org.opensuse.security:obj:2009032066" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67328 <name>vte-sharp</name> 67329 </rpminfo_object> 67330 <rpminfo_object id="oval:org.opensuse.security:obj:2009032067" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67331 <name>wbxml2</name> 67332 </rpminfo_object> 67333 <rpminfo_object id="oval:org.opensuse.security:obj:2009032068" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67334 <name>xgl-hardware-list</name> 67335 </rpminfo_object> 67336 <rpminfo_object id="oval:org.opensuse.security:obj:2009031271" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67337 <name>xgl</name> 67338 </rpminfo_object> 67339 <rpminfo_object id="oval:org.opensuse.security:obj:2009030834" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67340 <name>perl-PerlMagick</name> 67341 </rpminfo_object> 67342 <rpminfo_object id="oval:org.opensuse.security:obj:2009032163" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67343 <name>kdebase3-beagle</name> 67344 </rpminfo_object> 67345 <rpminfo_object id="oval:org.opensuse.security:obj:2009032203" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67346 <name>madwifi-kmp-bigsmp</name> 67347 </rpminfo_object> 67348 <rpminfo_object id="oval:org.opensuse.security:obj:2009032204" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67349 <name>madwifi-kmp-default</name> 67350 </rpminfo_object> 67351 <rpminfo_object id="oval:org.opensuse.security:obj:2009032205" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67352 <name>madwifi-kmp-smp</name> 67353 </rpminfo_object> 67354 <rpminfo_object id="oval:org.opensuse.security:obj:2009030416" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67355 <name>kernel-default</name> 67356 </rpminfo_object> 67357 <rpminfo_object id="oval:org.opensuse.security:obj:2009030417" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67358 <name>kernel-smp</name> 67359 </rpminfo_object> 67360 <rpminfo_object id="oval:org.opensuse.security:obj:2009030418" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67361 <name>kernel-source</name> 67362 </rpminfo_object> 67363 <rpminfo_object id="oval:org.opensuse.security:obj:2009030419" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67364 <name>kernel-syms</name> 67365 </rpminfo_object> 67366 <rpminfo_object id="oval:org.opensuse.security:obj:2009031018" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67367 <name>kernel-xen</name> 67368 </rpminfo_object> 67369 <rpminfo_object id="oval:org.opensuse.security:obj:2009030420" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67370 <name>kernel-bigsmp</name> 67371 </rpminfo_object> 67372 <rpminfo_object id="oval:org.opensuse.security:obj:2009031218" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67373 <name>kernel-xenpae</name> 67374 </rpminfo_object> 67375 <rpminfo_object id="oval:org.opensuse.security:obj:2009032235" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67376 <name>novell-NLDAPbase-dyn-32bit</name> 67377 </rpminfo_object> 67378 <rpminfo_object id="oval:org.opensuse.security:obj:2009032236" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67379 <name>novell-NLDAPbase-dyn</name> 67380 </rpminfo_object> 67381 <rpminfo_object id="oval:org.opensuse.security:obj:2009032237" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67382 <name>novell-NLDAPsdk-dyn-32bit</name> 67383 </rpminfo_object> 67384 <rpminfo_object id="oval:org.opensuse.security:obj:2009032238" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67385 <name>novell-NLDAPsdk-dyn</name> 67386 </rpminfo_object> 67387 <rpminfo_object id="oval:org.opensuse.security:obj:2009030632" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67388 <name>arts-32bit</name> 67389 </rpminfo_object> 67390 <rpminfo_object id="oval:org.opensuse.security:obj:2009032243" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67391 <name>arts-devel</name> 67392 </rpminfo_object> 67393 <rpminfo_object id="oval:org.opensuse.security:obj:2009030633" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67394 <name>arts</name> 67395 </rpminfo_object> 67396 <rpminfo_object id="oval:org.opensuse.security:obj:2009032244" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67397 <name>esound-32bit</name> 67398 </rpminfo_object> 67399 <rpminfo_object id="oval:org.opensuse.security:obj:2009032245" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67400 <name>esound-devel</name> 67401 </rpminfo_object> 67402 <rpminfo_object id="oval:org.opensuse.security:obj:2009032246" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67403 <name>esound</name> 67404 </rpminfo_object> 67405 <rpminfo_object id="oval:org.opensuse.security:obj:2009032247" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67406 <name>fileshareset</name> 67407 </rpminfo_object> 67408 <rpminfo_object id="oval:org.opensuse.security:obj:2009032248" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67409 <name>fontconfig-32bit</name> 67410 </rpminfo_object> 67411 <rpminfo_object id="oval:org.opensuse.security:obj:2009032249" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67412 <name>fontconfig-devel-32bit</name> 67413 </rpminfo_object> 67414 <rpminfo_object id="oval:org.opensuse.security:obj:2009032250" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67415 <name>fontconfig-devel</name> 67416 </rpminfo_object> 67417 <rpminfo_object id="oval:org.opensuse.security:obj:2009032251" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67418 <name>fontconfig</name> 67419 </rpminfo_object> 67420 <rpminfo_object id="oval:org.opensuse.security:obj:2009032252" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67421 <name>gnokii</name> 67422 </rpminfo_object> 67423 <rpminfo_object id="oval:org.opensuse.security:obj:2009032253" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67424 <name>gtk-32bit</name> 67425 </rpminfo_object> 67426 <rpminfo_object id="oval:org.opensuse.security:obj:2009032254" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67427 <name>gtk-devel</name> 67428 </rpminfo_object> 67429 <rpminfo_object id="oval:org.opensuse.security:obj:2009032255" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67430 <name>gtk</name> 67431 </rpminfo_object> 67432 <rpminfo_object id="oval:org.opensuse.security:obj:2009032256" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67433 <name>icecream-monitor</name> 67434 </rpminfo_object> 67435 <rpminfo_object id="oval:org.opensuse.security:obj:2009030744" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67436 <name>kdebase3-32bit</name> 67437 </rpminfo_object> 67438 <rpminfo_object id="oval:org.opensuse.security:obj:2009031092" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67439 <name>kdebase3-devel</name> 67440 </rpminfo_object> 67441 <rpminfo_object id="oval:org.opensuse.security:obj:2009031195" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67442 <name>kdebase3-kdm</name> 67443 </rpminfo_object> 67444 <rpminfo_object id="oval:org.opensuse.security:obj:2009031948" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67445 <name>kdebase3-ksysguardd</name> 67446 </rpminfo_object> 67447 <rpminfo_object id="oval:org.opensuse.security:obj:2009031967" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67448 <name>kdebase3-nsplugin</name> 67449 </rpminfo_object> 67450 <rpminfo_object id="oval:org.opensuse.security:obj:2009032257" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67451 <name>kdebase3-samba</name> 67452 </rpminfo_object> 67453 <rpminfo_object id="oval:org.opensuse.security:obj:2009032258" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67454 <name>kdebase3-session</name> 67455 </rpminfo_object> 67456 <rpminfo_object id="oval:org.opensuse.security:obj:2009030449" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67457 <name>kdebase3</name> 67458 </rpminfo_object> 67459 <rpminfo_object id="oval:org.opensuse.security:obj:2009030600" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67460 <name>kdelibs3-32bit</name> 67461 </rpminfo_object> 67462 <rpminfo_object id="oval:org.opensuse.security:obj:2009031698" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67463 <name>kdelibs3-arts-32bit</name> 67464 </rpminfo_object> 67465 <rpminfo_object id="oval:org.opensuse.security:obj:2009031700" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67466 <name>kdelibs3-arts</name> 67467 </rpminfo_object> 67468 <rpminfo_object id="oval:org.opensuse.security:obj:2009030763" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67469 <name>kdelibs3-devel-doc</name> 67470 </rpminfo_object> 67471 <rpminfo_object id="oval:org.opensuse.security:obj:2009030543" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67472 <name>kdelibs3-devel</name> 67473 </rpminfo_object> 67474 <rpminfo_object id="oval:org.opensuse.security:obj:2009031704" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67475 <name>kdelibs3-doc</name> 67476 </rpminfo_object> 67477 <rpminfo_object id="oval:org.opensuse.security:obj:2009030439" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67478 <name>kdelibs3</name> 67479 </rpminfo_object> 67480 <rpminfo_object id="oval:org.opensuse.security:obj:2009032259" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67481 <name>kdeutils3-devel</name> 67482 </rpminfo_object> 67483 <rpminfo_object id="oval:org.opensuse.security:obj:2009032260" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67484 <name>kdeutils3-laptop</name> 67485 </rpminfo_object> 67486 <rpminfo_object id="oval:org.opensuse.security:obj:2009031952" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67487 <name>kdeutils3</name> 67488 </rpminfo_object> 67489 <rpminfo_object id="oval:org.opensuse.security:obj:2009032261" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67490 <name>libwnck-32bit</name> 67491 </rpminfo_object> 67492 <rpminfo_object id="oval:org.opensuse.security:obj:2009032262" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67493 <name>libwnck-devel</name> 67494 </rpminfo_object> 67495 <rpminfo_object id="oval:org.opensuse.security:obj:2009032263" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67496 <name>libwnck</name> 67497 </rpminfo_object> 67498 <rpminfo_object id="oval:org.opensuse.security:obj:2009030723" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67499 <name>mysql-client</name> 67500 </rpminfo_object> 67501 <rpminfo_object id="oval:org.opensuse.security:obj:2009030570" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67502 <name>mysql-devel</name> 67503 </rpminfo_object> 67504 <rpminfo_object id="oval:org.opensuse.security:obj:2009032264" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67505 <name>mysql-shared-32bit</name> 67506 </rpminfo_object> 67507 <rpminfo_object id="oval:org.opensuse.security:obj:2009030724" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67508 <name>mysql-shared</name> 67509 </rpminfo_object> 67510 <rpminfo_object id="oval:org.opensuse.security:obj:2009030424" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67511 <name>mysql</name> 67512 </rpminfo_object> 67513 <rpminfo_object id="oval:org.opensuse.security:obj:2009031231" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67514 <name>net-snmp-32bit</name> 67515 </rpminfo_object> 67516 <rpminfo_object id="oval:org.opensuse.security:obj:2009030791" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67517 <name>net-snmp-devel</name> 67518 </rpminfo_object> 67519 <rpminfo_object id="oval:org.opensuse.security:obj:2009030550" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67520 <name>net-snmp</name> 67521 </rpminfo_object> 67522 <rpminfo_object id="oval:org.opensuse.security:obj:2009030792" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67523 <name>perl-SNMP</name> 67524 </rpminfo_object> 67525 <rpminfo_object id="oval:org.opensuse.security:obj:2009030657" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67526 <name>qt3-32bit</name> 67527 </rpminfo_object> 67528 <rpminfo_object id="oval:org.opensuse.security:obj:2009030658" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67529 <name>qt3-devel-32bit</name> 67530 </rpminfo_object> 67531 <rpminfo_object id="oval:org.opensuse.security:obj:2009030659" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67532 <name>qt3-devel-doc</name> 67533 </rpminfo_object> 67534 <rpminfo_object id="oval:org.opensuse.security:obj:2009030762" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67535 <name>qt3-devel-tools</name> 67536 </rpminfo_object> 67537 <rpminfo_object id="oval:org.opensuse.security:obj:2009030660" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67538 <name>qt3-devel</name> 67539 </rpminfo_object> 67540 <rpminfo_object id="oval:org.opensuse.security:obj:2009032265" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67541 <name>qt3-examples</name> 67542 </rpminfo_object> 67543 <rpminfo_object id="oval:org.opensuse.security:obj:2009032266" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67544 <name>qt3-man</name> 67545 </rpminfo_object> 67546 <rpminfo_object id="oval:org.opensuse.security:obj:2009030662" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67547 <name>qt3</name> 67548 </rpminfo_object> 67549 <rpminfo_object id="oval:org.opensuse.security:obj:2009032292" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67550 <name>device-mapper-32bit</name> 67551 </rpminfo_object> 67552 <rpminfo_object id="oval:org.opensuse.security:obj:2009032293" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67553 <name>device-mapper</name> 67554 </rpminfo_object> 67555 <rpminfo_object id="oval:org.opensuse.security:obj:2009032294" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67556 <name>gfxboot</name> 67557 </rpminfo_object> 67558 <rpminfo_object id="oval:org.opensuse.security:obj:2009032295" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67559 <name>icecream</name> 67560 </rpminfo_object> 67561 <rpminfo_object id="oval:org.opensuse.security:obj:2009032296" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67562 <name>lkcdutils</name> 67563 </rpminfo_object> 67564 <rpminfo_object id="oval:org.opensuse.security:obj:2009032297" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67565 <name>ltrace-32bit</name> 67566 </rpminfo_object> 67567 <rpminfo_object id="oval:org.opensuse.security:obj:2009032298" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67568 <name>ltrace</name> 67569 </rpminfo_object> 67570 <rpminfo_object id="oval:org.opensuse.security:obj:2009032299" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67571 <name>oprofile</name> 67572 </rpminfo_object> 67573 <rpminfo_object id="oval:org.opensuse.security:obj:2009030761" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67574 <name>rsync</name> 67575 </rpminfo_object> 67576 <rpminfo_object id="oval:org.opensuse.security:obj:2009031983" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67577 <name>sysstat</name> 67578 </rpminfo_object> 67579 <rpminfo_object id="oval:org.opensuse.security:obj:2009031449" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67580 <name>libpng-devel-32bit</name> 67581 </rpminfo_object> 67582 <rpminfo_object id="oval:org.opensuse.security:obj:2009030639" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67583 <name>libpng-devel</name> 67584 </rpminfo_object> 67585 <rpminfo_object id="oval:org.opensuse.security:obj:2009031466" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67586 <name>cairo-32bit</name> 67587 </rpminfo_object> 67588 <rpminfo_object id="oval:org.opensuse.security:obj:2009031469" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67589 <name>cairo-devel</name> 67590 </rpminfo_object> 67591 <rpminfo_object id="oval:org.opensuse.security:obj:2009031470" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67592 <name>cairo-doc</name> 67593 </rpminfo_object> 67594 <rpminfo_object id="oval:org.opensuse.security:obj:2009031471" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67595 <name>cairo</name> 67596 </rpminfo_object> 67597 <rpminfo_object id="oval:org.opensuse.security:obj:2009032313" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67598 <name>control-center2-devel</name> 67599 </rpminfo_object> 67600 <rpminfo_object id="oval:org.opensuse.security:obj:2009032314" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67601 <name>control-center2</name> 67602 </rpminfo_object> 67603 <rpminfo_object id="oval:org.opensuse.security:obj:2009032315" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67604 <name>eel-32bit</name> 67605 </rpminfo_object> 67606 <rpminfo_object id="oval:org.opensuse.security:obj:2009032316" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67607 <name>eel-devel</name> 67608 </rpminfo_object> 67609 <rpminfo_object id="oval:org.opensuse.security:obj:2009032317" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67610 <name>eel</name> 67611 </rpminfo_object> 67612 <rpminfo_object id="oval:org.opensuse.security:obj:2009030992" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67613 <name>evolution-data-server-32bit</name> 67614 </rpminfo_object> 67615 <rpminfo_object id="oval:org.opensuse.security:obj:2009031899" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67616 <name>evolution-data-server-devel</name> 67617 </rpminfo_object> 67618 <rpminfo_object id="oval:org.opensuse.security:obj:2009030995" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67619 <name>evolution-data-server</name> 67620 </rpminfo_object> 67621 <rpminfo_object id="oval:org.opensuse.security:obj:2009032318" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67622 <name>ghex</name> 67623 </rpminfo_object> 67624 <rpminfo_object id="oval:org.opensuse.security:obj:2009030654" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67625 <name>gimp-devel</name> 67626 </rpminfo_object> 67627 <rpminfo_object id="oval:org.opensuse.security:obj:2009030642" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67628 <name>gimp</name> 67629 </rpminfo_object> 67630 <rpminfo_object id="oval:org.opensuse.security:obj:2009032319" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67631 <name>gnome-applets-devel</name> 67632 </rpminfo_object> 67633 <rpminfo_object id="oval:org.opensuse.security:obj:2009032320" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67634 <name>gnome-applets</name> 67635 </rpminfo_object> 67636 <rpminfo_object id="oval:org.opensuse.security:obj:2009032321" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67637 <name>gnome-cups-manager-devel</name> 67638 </rpminfo_object> 67639 <rpminfo_object id="oval:org.opensuse.security:obj:2009032322" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67640 <name>gnome-cups-manager</name> 67641 </rpminfo_object> 67642 <rpminfo_object id="oval:org.opensuse.security:obj:2009032323" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67643 <name>gnome-desktop-32bit</name> 67644 </rpminfo_object> 67645 <rpminfo_object id="oval:org.opensuse.security:obj:2009032324" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67646 <name>gnome-desktop-devel</name> 67647 </rpminfo_object> 67648 <rpminfo_object id="oval:org.opensuse.security:obj:2009032325" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67649 <name>gnome-desktop</name> 67650 </rpminfo_object> 67651 <rpminfo_object id="oval:org.opensuse.security:obj:2009032326" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67652 <name>gnome-keyring-32bit</name> 67653 </rpminfo_object> 67654 <rpminfo_object id="oval:org.opensuse.security:obj:2009032327" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67655 <name>gnome-keyring-devel</name> 67656 </rpminfo_object> 67657 <rpminfo_object id="oval:org.opensuse.security:obj:2009032328" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67658 <name>gnome-keyring</name> 67659 </rpminfo_object> 67660 <rpminfo_object id="oval:org.opensuse.security:obj:2009032329" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67661 <name>gnome-main-menu-devel</name> 67662 </rpminfo_object> 67663 <rpminfo_object id="oval:org.opensuse.security:obj:2009032330" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67664 <name>gnome-main-menu</name> 67665 </rpminfo_object> 67666 <rpminfo_object id="oval:org.opensuse.security:obj:2009032331" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67667 <name>gnome-menus-32bit</name> 67668 </rpminfo_object> 67669 <rpminfo_object id="oval:org.opensuse.security:obj:2009032332" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67670 <name>gnome-menus-devel</name> 67671 </rpminfo_object> 67672 <rpminfo_object id="oval:org.opensuse.security:obj:2009032333" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67673 <name>gnome-menus</name> 67674 </rpminfo_object> 67675 <rpminfo_object id="oval:org.opensuse.security:obj:2009032334" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67676 <name>gnome-panel-nld-32bit</name> 67677 </rpminfo_object> 67678 <rpminfo_object id="oval:org.opensuse.security:obj:2009032335" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67679 <name>gnome-panel-nld-devel</name> 67680 </rpminfo_object> 67681 <rpminfo_object id="oval:org.opensuse.security:obj:2009032336" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67682 <name>gnome-panel-nld-doc</name> 67683 </rpminfo_object> 67684 <rpminfo_object id="oval:org.opensuse.security:obj:2009032337" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67685 <name>gnome-panel-nld</name> 67686 </rpminfo_object> 67687 <rpminfo_object id="oval:org.opensuse.security:obj:2009030411" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67688 <name>gnome-vfs2-32bit</name> 67689 </rpminfo_object> 67690 <rpminfo_object id="oval:org.opensuse.security:obj:2009032338" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67691 <name>gnome-vfs2-devel</name> 67692 </rpminfo_object> 67693 <rpminfo_object id="oval:org.opensuse.security:obj:2009030412" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67694 <name>gnome-vfs2-doc</name> 67695 </rpminfo_object> 67696 <rpminfo_object id="oval:org.opensuse.security:obj:2009030413" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67697 <name>gnome-vfs2</name> 67698 </rpminfo_object> 67699 <rpminfo_object id="oval:org.opensuse.security:obj:2009032339" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67700 <name>gstreamer010-32bit</name> 67701 </rpminfo_object> 67702 <rpminfo_object id="oval:org.opensuse.security:obj:2009032340" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67703 <name>gstreamer010-devel</name> 67704 </rpminfo_object> 67705 <rpminfo_object id="oval:org.opensuse.security:obj:2009032341" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67706 <name>gstreamer010-doc</name> 67707 </rpminfo_object> 67708 <rpminfo_object id="oval:org.opensuse.security:obj:2009032342" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67709 <name>gstreamer010</name> 67710 </rpminfo_object> 67711 <rpminfo_object id="oval:org.opensuse.security:obj:2009030532" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67712 <name>gtk2-32bit</name> 67713 </rpminfo_object> 67714 <rpminfo_object id="oval:org.opensuse.security:obj:2009030534" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67715 <name>gtk2-doc</name> 67716 </rpminfo_object> 67717 <rpminfo_object id="oval:org.opensuse.security:obj:2009030535" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67718 <name>gtk2</name> 67719 </rpminfo_object> 67720 <rpminfo_object id="oval:org.opensuse.security:obj:2009032343" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67721 <name>gtkhtml2-devel</name> 67722 </rpminfo_object> 67723 <rpminfo_object id="oval:org.opensuse.security:obj:2009030997" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67724 <name>gtkhtml2</name> 67725 </rpminfo_object> 67726 <rpminfo_object id="oval:org.opensuse.security:obj:2009032344" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67727 <name>intltool</name> 67728 </rpminfo_object> 67729 <rpminfo_object id="oval:org.opensuse.security:obj:2009032345" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67730 <name>libgnomedb-devel</name> 67731 </rpminfo_object> 67732 <rpminfo_object id="oval:org.opensuse.security:obj:2009032346" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67733 <name>libgnomedb</name> 67734 </rpminfo_object> 67735 <rpminfo_object id="oval:org.opensuse.security:obj:2009032347" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67736 <name>libgnomesu-devel</name> 67737 </rpminfo_object> 67738 <rpminfo_object id="oval:org.opensuse.security:obj:2009032348" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67739 <name>libgnomesu</name> 67740 </rpminfo_object> 67741 <rpminfo_object id="oval:org.opensuse.security:obj:2009032349" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67742 <name>libgnomeui-32bit</name> 67743 </rpminfo_object> 67744 <rpminfo_object id="oval:org.opensuse.security:obj:2009032350" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67745 <name>libgnomeui-devel</name> 67746 </rpminfo_object> 67747 <rpminfo_object id="oval:org.opensuse.security:obj:2009032351" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67748 <name>libgnomeui-doc</name> 67749 </rpminfo_object> 67750 <rpminfo_object id="oval:org.opensuse.security:obj:2009032352" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67751 <name>libgnomeui</name> 67752 </rpminfo_object> 67753 <rpminfo_object id="oval:org.opensuse.security:obj:2009030652" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67754 <name>libgsf-32bit</name> 67755 </rpminfo_object> 67756 <rpminfo_object id="oval:org.opensuse.security:obj:2009032353" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67757 <name>libgsf-devel</name> 67758 </rpminfo_object> 67759 <rpminfo_object id="oval:org.opensuse.security:obj:2009032354" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67760 <name>libgsf-doc</name> 67761 </rpminfo_object> 67762 <rpminfo_object id="oval:org.opensuse.security:obj:2009032355" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67763 <name>libgsf-gnome</name> 67764 </rpminfo_object> 67765 <rpminfo_object id="oval:org.opensuse.security:obj:2009030653" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67766 <name>libgsf</name> 67767 </rpminfo_object> 67768 <rpminfo_object id="oval:org.opensuse.security:obj:2009030513" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67769 <name>libsoup-32bit</name> 67770 </rpminfo_object> 67771 <rpminfo_object id="oval:org.opensuse.security:obj:2009030514" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67772 <name>libsoup-devel-32bit</name> 67773 </rpminfo_object> 67774 <rpminfo_object id="oval:org.opensuse.security:obj:2009030515" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67775 <name>libsoup-devel</name> 67776 </rpminfo_object> 67777 <rpminfo_object id="oval:org.opensuse.security:obj:2009030516" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67778 <name>libsoup</name> 67779 </rpminfo_object> 67780 <rpminfo_object id="oval:org.opensuse.security:obj:2009032356" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67781 <name>mozilla-nspr-32bit</name> 67782 </rpminfo_object> 67783 <rpminfo_object id="oval:org.opensuse.security:obj:2009032357" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67784 <name>mozilla-nspr-devel</name> 67785 </rpminfo_object> 67786 <rpminfo_object id="oval:org.opensuse.security:obj:2009032358" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67787 <name>mozilla-nspr</name> 67788 </rpminfo_object> 67789 <rpminfo_object id="oval:org.opensuse.security:obj:2009032359" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67790 <name>nautilus-32bit</name> 67791 </rpminfo_object> 67792 <rpminfo_object id="oval:org.opensuse.security:obj:2009032360" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67793 <name>nautilus-devel</name> 67794 </rpminfo_object> 67795 <rpminfo_object id="oval:org.opensuse.security:obj:2009032361" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67796 <name>nautilus</name> 67797 </rpminfo_object> 67798 <rpminfo_object id="oval:org.opensuse.security:obj:2009032362" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67799 <name>vte-devel</name> 67800 </rpminfo_object> 67801 <rpminfo_object id="oval:org.opensuse.security:obj:2009032363" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67802 <name>vte</name> 67803 </rpminfo_object> 67804 <rpminfo_object id="oval:org.opensuse.security:obj:2009032389" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67805 <name>OpenIPMI</name> 67806 </rpminfo_object> 67807 <rpminfo_object id="oval:org.opensuse.security:obj:2009032390" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67808 <name>bootsplash-theme-SuSE-NLD</name> 67809 </rpminfo_object> 67810 <rpminfo_object id="oval:org.opensuse.security:obj:2009031922" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67811 <name>glibc-32bit</name> 67812 </rpminfo_object> 67813 <rpminfo_object id="oval:org.opensuse.security:obj:2009031923" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67814 <name>glibc-devel-32bit</name> 67815 </rpminfo_object> 67816 <rpminfo_object id="oval:org.opensuse.security:obj:2009031924" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67817 <name>glibc-devel</name> 67818 </rpminfo_object> 67819 <rpminfo_object id="oval:org.opensuse.security:obj:2009032391" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67820 <name>glibc-html</name> 67821 </rpminfo_object> 67822 <rpminfo_object id="oval:org.opensuse.security:obj:2009032392" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67823 <name>glibc-i18ndata</name> 67824 </rpminfo_object> 67825 <rpminfo_object id="oval:org.opensuse.security:obj:2009032393" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67826 <name>glibc-info</name> 67827 </rpminfo_object> 67828 <rpminfo_object id="oval:org.opensuse.security:obj:2009030531" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67829 <name>glibc-locale-32bit</name> 67830 </rpminfo_object> 67831 <rpminfo_object id="oval:org.opensuse.security:obj:2009031925" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67832 <name>glibc-locale</name> 67833 </rpminfo_object> 67834 <rpminfo_object id="oval:org.opensuse.security:obj:2009031926" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67835 <name>glibc</name> 67836 </rpminfo_object> 67837 <rpminfo_object id="oval:org.opensuse.security:obj:2009032394" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67838 <name>grub</name> 67839 </rpminfo_object> 67840 <rpminfo_object id="oval:org.opensuse.security:obj:2009032395" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67841 <name>ipmitool</name> 67842 </rpminfo_object> 67843 <rpminfo_object id="oval:org.opensuse.security:obj:2009032396" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67844 <name>ivman</name> 67845 </rpminfo_object> 67846 <rpminfo_object id="oval:org.opensuse.security:obj:2009032397" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67847 <name>ksh</name> 67848 </rpminfo_object> 67849 <rpminfo_object id="oval:org.opensuse.security:obj:2009032398" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67850 <name>lvm2</name> 67851 </rpminfo_object> 67852 <rpminfo_object id="oval:org.opensuse.security:obj:2009032399" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67853 <name>nscd</name> 67854 </rpminfo_object> 67855 <rpminfo_object id="oval:org.opensuse.security:obj:2009032400" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67856 <name>timezone</name> 67857 </rpminfo_object> 67858 <rpminfo_object id="oval:org.opensuse.security:obj:2009032401" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67859 <name>xorg-x11-Xnest</name> 67860 </rpminfo_object> 67861 <rpminfo_object id="oval:org.opensuse.security:obj:2009032402" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67862 <name>xorg-x11-Xvfb</name> 67863 </rpminfo_object> 67864 <rpminfo_object id="oval:org.opensuse.security:obj:2009031301" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67865 <name>xorg-x11-Xvnc</name> 67866 </rpminfo_object> 67867 <rpminfo_object id="oval:org.opensuse.security:obj:2009032403" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67868 <name>xorg-x11-fonts-100dpi</name> 67869 </rpminfo_object> 67870 <rpminfo_object id="oval:org.opensuse.security:obj:2009032404" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67871 <name>xorg-x11-fonts-75dpi</name> 67872 </rpminfo_object> 67873 <rpminfo_object id="oval:org.opensuse.security:obj:2009032405" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67874 <name>xorg-x11-fonts-cyrillic</name> 67875 </rpminfo_object> 67876 <rpminfo_object id="oval:org.opensuse.security:obj:2009032406" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67877 <name>xorg-x11-fonts-scalable</name> 67878 </rpminfo_object> 67879 <rpminfo_object id="oval:org.opensuse.security:obj:2009032407" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67880 <name>xorg-x11-fonts-syriac</name> 67881 </rpminfo_object> 67882 <rpminfo_object id="oval:org.opensuse.security:obj:2009031332" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67883 <name>xorg-x11-libs-32bit</name> 67884 </rpminfo_object> 67885 <rpminfo_object id="oval:org.opensuse.security:obj:2009031334" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67886 <name>xorg-x11-libs</name> 67887 </rpminfo_object> 67888 <rpminfo_object id="oval:org.opensuse.security:obj:2009032408" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67889 <name>xorg-x11-man</name> 67890 </rpminfo_object> 67891 <rpminfo_object id="oval:org.opensuse.security:obj:2009032409" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67892 <name>xorg-x11-server-glx</name> 67893 </rpminfo_object> 67894 <rpminfo_object id="oval:org.opensuse.security:obj:2009031304" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67895 <name>xorg-x11-server</name> 67896 </rpminfo_object> 67897 <rpminfo_object id="oval:org.opensuse.security:obj:2009031335" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67898 <name>xorg-x11</name> 67899 </rpminfo_object> 67900 <rpminfo_object id="oval:org.opensuse.security:obj:2009030475" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67901 <name>MozillaFirefox-translations</name> 67902 </rpminfo_object> 67903 <rpminfo_object id="oval:org.opensuse.security:obj:2009030476" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67904 <name>MozillaFirefox</name> 67905 </rpminfo_object> 67906 <rpminfo_object id="oval:org.opensuse.security:obj:2009032442" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67907 <name>dejavu</name> 67908 </rpminfo_object> 67909 <rpminfo_object id="oval:org.opensuse.security:obj:2009032443" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67910 <name>desktop-data-NLD</name> 67911 </rpminfo_object> 67912 <rpminfo_object id="oval:org.opensuse.security:obj:2009032437" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67913 <name>mozilla-nss-32bit</name> 67914 </rpminfo_object> 67915 <rpminfo_object id="oval:org.opensuse.security:obj:2009032439" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67916 <name>mozilla-nss-devel</name> 67917 </rpminfo_object> 67918 <rpminfo_object id="oval:org.opensuse.security:obj:2009032444" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67919 <name>mozilla-nss-tools</name> 67920 </rpminfo_object> 67921 <rpminfo_object id="oval:org.opensuse.security:obj:2009032440" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67922 <name>mozilla-nss</name> 67923 </rpminfo_object> 67924 <rpminfo_object id="oval:org.opensuse.security:obj:2009031085" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67925 <name>openmotif-libs-32bit</name> 67926 </rpminfo_object> 67927 <rpminfo_object id="oval:org.opensuse.security:obj:2009031087" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67928 <name>openmotif-libs</name> 67929 </rpminfo_object> 67930 <rpminfo_object id="oval:org.opensuse.security:obj:2009032445" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67931 <name>sax2-gui</name> 67932 </rpminfo_object> 67933 <rpminfo_object id="oval:org.opensuse.security:obj:2009032446" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67934 <name>sax2-ident</name> 67935 </rpminfo_object> 67936 <rpminfo_object id="oval:org.opensuse.security:obj:2009032447" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67937 <name>sax2-libsax-csharp</name> 67938 </rpminfo_object> 67939 <rpminfo_object id="oval:org.opensuse.security:obj:2009032448" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67940 <name>sax2-libsax-perl</name> 67941 </rpminfo_object> 67942 <rpminfo_object id="oval:org.opensuse.security:obj:2009032449" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67943 <name>sax2-libsax</name> 67944 </rpminfo_object> 67945 <rpminfo_object id="oval:org.opensuse.security:obj:2009032450" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67946 <name>sax2-tools</name> 67947 </rpminfo_object> 67948 <rpminfo_object id="oval:org.opensuse.security:obj:2009032451" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67949 <name>sax2</name> 67950 </rpminfo_object> 67951 <rpminfo_object id="oval:org.opensuse.security:obj:2009032452" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67952 <name>tightvnc</name> 67953 </rpminfo_object> 67954 <rpminfo_object id="oval:org.opensuse.security:obj:2009032453" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67955 <name>xdg-menu</name> 67956 </rpminfo_object> 67957 <rpminfo_object id="oval:org.opensuse.security:obj:2009032454" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67958 <name>xorg-x11-driver-video-nvidia</name> 67959 </rpminfo_object> 67960 <rpminfo_object id="oval:org.opensuse.security:obj:2009032455" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67961 <name>xorg-x11-driver-video</name> 67962 </rpminfo_object> 67963 <rpminfo_object id="oval:org.opensuse.security:obj:2009032456" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67964 <name>yast2-control-center</name> 67965 </rpminfo_object> 67966 <rpminfo_object id="oval:org.opensuse.security:obj:2009032457" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67967 <name>yast2-qt</name> 67968 </rpminfo_object> 67969 <rpminfo_object id="oval:org.opensuse.security:obj:2009032458" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67970 <name>yast2-x11</name> 67971 </rpminfo_object> 67972 <rpminfo_object id="oval:org.opensuse.security:obj:2009032471" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67973 <name>CheckHardware</name> 67974 </rpminfo_object> 67975 <rpminfo_object id="oval:org.opensuse.security:obj:2009032472" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67976 <name>aaa_base</name> 67977 </rpminfo_object> 67978 <rpminfo_object id="oval:org.opensuse.security:obj:2009032473" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67979 <name>acl</name> 67980 </rpminfo_object> 67981 <rpminfo_object id="oval:org.opensuse.security:obj:2009032474" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67982 <name>at</name> 67983 </rpminfo_object> 67984 <rpminfo_object id="oval:org.opensuse.security:obj:2009032475" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67985 <name>attr</name> 67986 </rpminfo_object> 67987 <rpminfo_object id="oval:org.opensuse.security:obj:2009032476" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67988 <name>autofs</name> 67989 </rpminfo_object> 67990 <rpminfo_object id="oval:org.opensuse.security:obj:2009032477" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67991 <name>autoyast2-installation</name> 67992 </rpminfo_object> 67993 <rpminfo_object id="oval:org.opensuse.security:obj:2009031958" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67994 <name>autoyast2</name> 67995 </rpminfo_object> 67996 <rpminfo_object id="oval:org.opensuse.security:obj:2009032478" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 67997 <name>bash</name> 67998 </rpminfo_object> 67999 <rpminfo_object id="oval:org.opensuse.security:obj:2009031555" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68000 <name>bind-libs-32bit</name> 68001 </rpminfo_object> 68002 <rpminfo_object id="oval:org.opensuse.security:obj:2009031557" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68003 <name>bind-libs</name> 68004 </rpminfo_object> 68005 <rpminfo_object id="oval:org.opensuse.security:obj:2009030649" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68006 <name>bind-utils</name> 68007 </rpminfo_object> 68008 <rpminfo_object id="oval:org.opensuse.security:obj:2009030608" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68009 <name>binutils-32bit</name> 68010 </rpminfo_object> 68011 <rpminfo_object id="oval:org.opensuse.security:obj:2009030609" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68012 <name>binutils</name> 68013 </rpminfo_object> 68014 <rpminfo_object id="oval:org.opensuse.security:obj:2009032479" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68015 <name>coreutils</name> 68016 </rpminfo_object> 68017 <rpminfo_object id="oval:org.opensuse.security:obj:2009030506" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68018 <name>cpio</name> 68019 </rpminfo_object> 68020 <rpminfo_object id="oval:org.opensuse.security:obj:2009030630" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68021 <name>cron</name> 68022 </rpminfo_object> 68023 <rpminfo_object id="oval:org.opensuse.security:obj:2009030889" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68024 <name>dbus-1-32bit</name> 68025 </rpminfo_object> 68026 <rpminfo_object id="oval:org.opensuse.security:obj:2009031621" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68027 <name>dbus-1-devel</name> 68028 </rpminfo_object> 68029 <rpminfo_object id="oval:org.opensuse.security:obj:2009031622" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68030 <name>dbus-1-glib-32bit</name> 68031 </rpminfo_object> 68032 <rpminfo_object id="oval:org.opensuse.security:obj:2009031626" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68033 <name>dbus-1-glib</name> 68034 </rpminfo_object> 68035 <rpminfo_object id="oval:org.opensuse.security:obj:2009032480" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68036 <name>dbus-1-gtk</name> 68037 </rpminfo_object> 68038 <rpminfo_object id="oval:org.opensuse.security:obj:2009031627" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68039 <name>dbus-1-mono</name> 68040 </rpminfo_object> 68041 <rpminfo_object id="oval:org.opensuse.security:obj:2009031628" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68042 <name>dbus-1-python</name> 68043 </rpminfo_object> 68044 <rpminfo_object id="oval:org.opensuse.security:obj:2009031629" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68045 <name>dbus-1-qt3-32bit</name> 68046 </rpminfo_object> 68047 <rpminfo_object id="oval:org.opensuse.security:obj:2009031631" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68048 <name>dbus-1-qt3-devel</name> 68049 </rpminfo_object> 68050 <rpminfo_object id="oval:org.opensuse.security:obj:2009031632" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68051 <name>dbus-1-qt3</name> 68052 </rpminfo_object> 68053 <rpminfo_object id="oval:org.opensuse.security:obj:2009031633" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68054 <name>dbus-1-x11</name> 68055 </rpminfo_object> 68056 <rpminfo_object id="oval:org.opensuse.security:obj:2009030891" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68057 <name>dbus-1</name> 68058 </rpminfo_object> 68059 <rpminfo_object id="oval:org.opensuse.security:obj:2009032481" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68060 <name>desktop-translations</name> 68061 </rpminfo_object> 68062 <rpminfo_object id="oval:org.opensuse.security:obj:2009032482" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68063 <name>diffutils</name> 68064 </rpminfo_object> 68065 <rpminfo_object id="oval:org.opensuse.security:obj:2009032483" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68066 <name>dmraid</name> 68067 </rpminfo_object> 68068 <rpminfo_object id="oval:org.opensuse.security:obj:2009032484" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68069 <name>dosfstools</name> 68070 </rpminfo_object> 68071 <rpminfo_object id="oval:org.opensuse.security:obj:2009030785" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68072 <name>e2fsprogs-32bit</name> 68073 </rpminfo_object> 68074 <rpminfo_object id="oval:org.opensuse.security:obj:2009030786" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68075 <name>e2fsprogs-devel-32bit</name> 68076 </rpminfo_object> 68077 <rpminfo_object id="oval:org.opensuse.security:obj:2009030787" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68078 <name>e2fsprogs-devel</name> 68079 </rpminfo_object> 68080 <rpminfo_object id="oval:org.opensuse.security:obj:2009030788" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68081 <name>e2fsprogs</name> 68082 </rpminfo_object> 68083 <rpminfo_object id="oval:org.opensuse.security:obj:2009032190" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68084 <name>filesystem</name> 68085 </rpminfo_object> 68086 <rpminfo_object id="oval:org.opensuse.security:obj:2009030764" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68087 <name>findutils-locate</name> 68088 </rpminfo_object> 68089 <rpminfo_object id="oval:org.opensuse.security:obj:2009032485" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68090 <name>findutils</name> 68091 </rpminfo_object> 68092 <rpminfo_object id="oval:org.opensuse.security:obj:2009032486" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68093 <name>grep</name> 68094 </rpminfo_object> 68095 <rpminfo_object id="oval:org.opensuse.security:obj:2009031801" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68096 <name>hal-32bit</name> 68097 </rpminfo_object> 68098 <rpminfo_object id="oval:org.opensuse.security:obj:2009031803" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68099 <name>hal-devel</name> 68100 </rpminfo_object> 68101 <rpminfo_object id="oval:org.opensuse.security:obj:2009032487" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68102 <name>hal-gnome</name> 68103 </rpminfo_object> 68104 <rpminfo_object id="oval:org.opensuse.security:obj:2009031804" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68105 <name>hal</name> 68106 </rpminfo_object> 68107 <rpminfo_object id="oval:org.opensuse.security:obj:2009032488" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68108 <name>hwinfo-devel</name> 68109 </rpminfo_object> 68110 <rpminfo_object id="oval:org.opensuse.security:obj:2009032489" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68111 <name>hwinfo</name> 68112 </rpminfo_object> 68113 <rpminfo_object id="oval:org.opensuse.security:obj:2009032490" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68114 <name>insserv</name> 68115 </rpminfo_object> 68116 <rpminfo_object id="oval:org.opensuse.security:obj:2009032491" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68117 <name>iputils</name> 68118 </rpminfo_object> 68119 <rpminfo_object id="oval:org.opensuse.security:obj:2009032492" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68120 <name>klogd</name> 68121 </rpminfo_object> 68122 <rpminfo_object id="oval:org.opensuse.security:obj:2009032493" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68123 <name>ldapcpplib</name> 68124 </rpminfo_object> 68125 <rpminfo_object id="oval:org.opensuse.security:obj:2009032494" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68126 <name>libacl-32bit</name> 68127 </rpminfo_object> 68128 <rpminfo_object id="oval:org.opensuse.security:obj:2009032495" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68129 <name>libacl-devel</name> 68130 </rpminfo_object> 68131 <rpminfo_object id="oval:org.opensuse.security:obj:2009032496" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68132 <name>libacl</name> 68133 </rpminfo_object> 68134 <rpminfo_object id="oval:org.opensuse.security:obj:2009032497" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68135 <name>libattr-32bit</name> 68136 </rpminfo_object> 68137 <rpminfo_object id="oval:org.opensuse.security:obj:2009032498" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68138 <name>libattr-devel</name> 68139 </rpminfo_object> 68140 <rpminfo_object id="oval:org.opensuse.security:obj:2009032499" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68141 <name>libattr</name> 68142 </rpminfo_object> 68143 <rpminfo_object id="oval:org.opensuse.security:obj:2009032500" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68144 <name>libcom_err-32bit</name> 68145 </rpminfo_object> 68146 <rpminfo_object id="oval:org.opensuse.security:obj:2009032501" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68147 <name>libcom_err</name> 68148 </rpminfo_object> 68149 <rpminfo_object id="oval:org.opensuse.security:obj:2009030594" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68150 <name>liby2util</name> 68151 </rpminfo_object> 68152 <rpminfo_object id="oval:org.opensuse.security:obj:2009032502" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68153 <name>libzypp-zmd-backend</name> 68154 </rpminfo_object> 68155 <rpminfo_object id="oval:org.opensuse.security:obj:2009031757" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68156 <name>libzypp</name> 68157 </rpminfo_object> 68158 <rpminfo_object id="oval:org.opensuse.security:obj:2009032503" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68159 <name>lilo</name> 68160 </rpminfo_object> 68161 <rpminfo_object id="oval:org.opensuse.security:obj:2009032504" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68162 <name>limal-bootloader</name> 68163 </rpminfo_object> 68164 <rpminfo_object id="oval:org.opensuse.security:obj:2009032505" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68165 <name>limal-perl</name> 68166 </rpminfo_object> 68167 <rpminfo_object id="oval:org.opensuse.security:obj:2009032506" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68168 <name>limal</name> 68169 </rpminfo_object> 68170 <rpminfo_object id="oval:org.opensuse.security:obj:2009032507" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68171 <name>mailx</name> 68172 </rpminfo_object> 68173 <rpminfo_object id="oval:org.opensuse.security:obj:2009032508" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68174 <name>mcelog</name> 68175 </rpminfo_object> 68176 <rpminfo_object id="oval:org.opensuse.security:obj:2009032509" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68177 <name>mdadm</name> 68178 </rpminfo_object> 68179 <rpminfo_object id="oval:org.opensuse.security:obj:2009032510" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68180 <name>microcode_ctl</name> 68181 </rpminfo_object> 68182 <rpminfo_object id="oval:org.opensuse.security:obj:2009032230" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68183 <name>mkinitrd</name> 68184 </rpminfo_object> 68185 <rpminfo_object id="oval:org.opensuse.security:obj:2009032511" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68186 <name>module-init-tools</name> 68187 </rpminfo_object> 68188 <rpminfo_object id="oval:org.opensuse.security:obj:2009030871" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68189 <name>multipath-tools</name> 68190 </rpminfo_object> 68191 <rpminfo_object id="oval:org.opensuse.security:obj:2009032512" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68192 <name>ncurses-32bit</name> 68193 </rpminfo_object> 68194 <rpminfo_object id="oval:org.opensuse.security:obj:2009032513" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68195 <name>ncurses-devel-32bit</name> 68196 </rpminfo_object> 68197 <rpminfo_object id="oval:org.opensuse.security:obj:2009032514" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68198 <name>ncurses-devel</name> 68199 </rpminfo_object> 68200 <rpminfo_object id="oval:org.opensuse.security:obj:2009032515" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68201 <name>ncurses</name> 68202 </rpminfo_object> 68203 <rpminfo_object id="oval:org.opensuse.security:obj:2009030860" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68204 <name>nfs-utils</name> 68205 </rpminfo_object> 68206 <rpminfo_object id="oval:org.opensuse.security:obj:2009032516" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68207 <name>nfsidmap</name> 68208 </rpminfo_object> 68209 <rpminfo_object id="oval:org.opensuse.security:obj:2009030669" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68210 <name>openldap2-client-32bit</name> 68211 </rpminfo_object> 68212 <rpminfo_object id="oval:org.opensuse.security:obj:2009030545" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68213 <name>openldap2-client</name> 68214 </rpminfo_object> 68215 <rpminfo_object id="oval:org.opensuse.security:obj:2009030814" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68216 <name>openldap2-devel-32bit</name> 68217 </rpminfo_object> 68218 <rpminfo_object id="oval:org.opensuse.security:obj:2009030546" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68219 <name>openldap2-devel</name> 68220 </rpminfo_object> 68221 <rpminfo_object id="oval:org.opensuse.security:obj:2009030656" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68222 <name>openldap2</name> 68223 </rpminfo_object> 68224 <rpminfo_object id="oval:org.opensuse.security:obj:2009030583" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68225 <name>openssh-askpass</name> 68226 </rpminfo_object> 68227 <rpminfo_object id="oval:org.opensuse.security:obj:2009030403" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68228 <name>openssh</name> 68229 </rpminfo_object> 68230 <rpminfo_object id="oval:org.opensuse.security:obj:2009032517" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68231 <name>pam-32bit</name> 68232 </rpminfo_object> 68233 <rpminfo_object id="oval:org.opensuse.security:obj:2009032518" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68234 <name>pam-devel</name> 68235 </rpminfo_object> 68236 <rpminfo_object id="oval:org.opensuse.security:obj:2009032519" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68237 <name>pam-modules-32bit</name> 68238 </rpminfo_object> 68239 <rpminfo_object id="oval:org.opensuse.security:obj:2009032520" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68240 <name>pam-modules</name> 68241 </rpminfo_object> 68242 <rpminfo_object id="oval:org.opensuse.security:obj:2009032521" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68243 <name>pam</name> 68244 </rpminfo_object> 68245 <rpminfo_object id="oval:org.opensuse.security:obj:2009032522" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68246 <name>parted-32bit</name> 68247 </rpminfo_object> 68248 <rpminfo_object id="oval:org.opensuse.security:obj:2009032523" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68249 <name>parted</name> 68250 </rpminfo_object> 68251 <rpminfo_object id="oval:org.opensuse.security:obj:2009032524" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68252 <name>pciutils</name> 68253 </rpminfo_object> 68254 <rpminfo_object id="oval:org.opensuse.security:obj:2009032525" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68255 <name>pcsc-lite-devel</name> 68256 </rpminfo_object> 68257 <rpminfo_object id="oval:org.opensuse.security:obj:2009032526" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68258 <name>pcsc-lite</name> 68259 </rpminfo_object> 68260 <rpminfo_object id="oval:org.opensuse.security:obj:2009032527" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68261 <name>perl-Bootloader</name> 68262 </rpminfo_object> 68263 <rpminfo_object id="oval:org.opensuse.security:obj:2009032191" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68264 <name>permissions</name> 68265 </rpminfo_object> 68266 <rpminfo_object id="oval:org.opensuse.security:obj:2009032528" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68267 <name>popt-32bit</name> 68268 </rpminfo_object> 68269 <rpminfo_object id="oval:org.opensuse.security:obj:2009032529" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68270 <name>popt-devel-32bit</name> 68271 </rpminfo_object> 68272 <rpminfo_object id="oval:org.opensuse.security:obj:2009032530" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68273 <name>popt-devel</name> 68274 </rpminfo_object> 68275 <rpminfo_object id="oval:org.opensuse.security:obj:2009032531" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68276 <name>popt</name> 68277 </rpminfo_object> 68278 <rpminfo_object id="oval:org.opensuse.security:obj:2009032532" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68279 <name>portmap</name> 68280 </rpminfo_object> 68281 <rpminfo_object id="oval:org.opensuse.security:obj:2009030854" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68282 <name>postfix</name> 68283 </rpminfo_object> 68284 <rpminfo_object id="oval:org.opensuse.security:obj:2009031806" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68285 <name>powersave-libs-32bit</name> 68286 </rpminfo_object> 68287 <rpminfo_object id="oval:org.opensuse.security:obj:2009031808" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68288 <name>powersave-libs</name> 68289 </rpminfo_object> 68290 <rpminfo_object id="oval:org.opensuse.security:obj:2009031809" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68291 <name>powersave</name> 68292 </rpminfo_object> 68293 <rpminfo_object id="oval:org.opensuse.security:obj:2009032533" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68294 <name>procinfo</name> 68295 </rpminfo_object> 68296 <rpminfo_object id="oval:org.opensuse.security:obj:2009032192" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68297 <name>pwdutils</name> 68298 </rpminfo_object> 68299 <rpminfo_object id="oval:org.opensuse.security:obj:2009032534" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68300 <name>readline-32bit</name> 68301 </rpminfo_object> 68302 <rpminfo_object id="oval:org.opensuse.security:obj:2009032535" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68303 <name>readline-devel-32bit</name> 68304 </rpminfo_object> 68305 <rpminfo_object id="oval:org.opensuse.security:obj:2009032536" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68306 <name>readline-devel</name> 68307 </rpminfo_object> 68308 <rpminfo_object id="oval:org.opensuse.security:obj:2009032537" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68309 <name>readline</name> 68310 </rpminfo_object> 68311 <rpminfo_object id="oval:org.opensuse.security:obj:2009032538" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68312 <name>reiserfs</name> 68313 </rpminfo_object> 68314 <rpminfo_object id="oval:org.opensuse.security:obj:2009032539" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68315 <name>rpm-devel</name> 68316 </rpminfo_object> 68317 <rpminfo_object id="oval:org.opensuse.security:obj:2009032540" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68318 <name>rpm-python</name> 68319 </rpminfo_object> 68320 <rpminfo_object id="oval:org.opensuse.security:obj:2009032541" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68321 <name>rpm</name> 68322 </rpminfo_object> 68323 <rpminfo_object id="oval:org.opensuse.security:obj:2009030522" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68324 <name>rug</name> 68325 </rpminfo_object> 68326 <rpminfo_object id="oval:org.opensuse.security:obj:2009032542" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68327 <name>scpm-devel</name> 68328 </rpminfo_object> 68329 <rpminfo_object id="oval:org.opensuse.security:obj:2009032543" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68330 <name>scpm</name> 68331 </rpminfo_object> 68332 <rpminfo_object id="oval:org.opensuse.security:obj:2009030655" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68333 <name>screen</name> 68334 </rpminfo_object> 68335 <rpminfo_object id="oval:org.opensuse.security:obj:2009032544" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68336 <name>scsi</name> 68337 </rpminfo_object> 68338 <rpminfo_object id="oval:org.opensuse.security:obj:2009032545" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68339 <name>sed</name> 68340 </rpminfo_object> 68341 <rpminfo_object id="oval:org.opensuse.security:obj:2009030544" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68342 <name>sudo</name> 68343 </rpminfo_object> 68344 <rpminfo_object id="oval:org.opensuse.security:obj:2009032546" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68345 <name>suseRegister</name> 68346 </rpminfo_object> 68347 <rpminfo_object id="oval:org.opensuse.security:obj:2009032547" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68348 <name>sysconfig</name> 68349 </rpminfo_object> 68350 <rpminfo_object id="oval:org.opensuse.security:obj:2009032548" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68351 <name>sysfsutils-32bit</name> 68352 </rpminfo_object> 68353 <rpminfo_object id="oval:org.opensuse.security:obj:2009032549" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68354 <name>sysfsutils</name> 68355 </rpminfo_object> 68356 <rpminfo_object id="oval:org.opensuse.security:obj:2009031963" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68357 <name>syslinux</name> 68358 </rpminfo_object> 68359 <rpminfo_object id="oval:org.opensuse.security:obj:2009032550" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68360 <name>sysvinit</name> 68361 </rpminfo_object> 68362 <rpminfo_object id="oval:org.opensuse.security:obj:2009032551" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68363 <name>terminfo</name> 68364 </rpminfo_object> 68365 <rpminfo_object id="oval:org.opensuse.security:obj:2009031048" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68366 <name>udev</name> 68367 </rpminfo_object> 68368 <rpminfo_object id="oval:org.opensuse.security:obj:2009032552" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68369 <name>ulimit</name> 68370 </rpminfo_object> 68371 <rpminfo_object id="oval:org.opensuse.security:obj:2009032553" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68372 <name>update-desktop-files</name> 68373 </rpminfo_object> 68374 <rpminfo_object id="oval:org.opensuse.security:obj:2009030584" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68375 <name>util-linux</name> 68376 </rpminfo_object> 68377 <rpminfo_object id="oval:org.opensuse.security:obj:2009032554" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68378 <name>wireless-tools</name> 68379 </rpminfo_object> 68380 <rpminfo_object id="oval:org.opensuse.security:obj:2009032555" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68381 <name>xfsprogs</name> 68382 </rpminfo_object> 68383 <rpminfo_object id="oval:org.opensuse.security:obj:2009030870" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68384 <name>xntp</name> 68385 </rpminfo_object> 68386 <rpminfo_object id="oval:org.opensuse.security:obj:2009030865" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68387 <name>yast2-backup</name> 68388 </rpminfo_object> 68389 <rpminfo_object id="oval:org.opensuse.security:obj:2009032556" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68390 <name>yast2-bootloader</name> 68391 </rpminfo_object> 68392 <rpminfo_object id="oval:org.opensuse.security:obj:2009030808" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68393 <name>yast2-core</name> 68394 </rpminfo_object> 68395 <rpminfo_object id="oval:org.opensuse.security:obj:2009032557" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68396 <name>yast2-country</name> 68397 </rpminfo_object> 68398 <rpminfo_object id="oval:org.opensuse.security:obj:2009032558" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68399 <name>yast2-firewall</name> 68400 </rpminfo_object> 68401 <rpminfo_object id="oval:org.opensuse.security:obj:2009032559" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68402 <name>yast2-hardware-detection</name> 68403 </rpminfo_object> 68404 <rpminfo_object id="oval:org.opensuse.security:obj:2009032560" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68405 <name>yast2-inetd</name> 68406 </rpminfo_object> 68407 <rpminfo_object id="oval:org.opensuse.security:obj:2009032561" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68408 <name>yast2-installation</name> 68409 </rpminfo_object> 68410 <rpminfo_object id="oval:org.opensuse.security:obj:2009032562" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68411 <name>yast2-irda</name> 68412 </rpminfo_object> 68413 <rpminfo_object id="oval:org.opensuse.security:obj:2009032563" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68414 <name>yast2-kerberos-client</name> 68415 </rpminfo_object> 68416 <rpminfo_object id="oval:org.opensuse.security:obj:2009032564" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68417 <name>yast2-ldap-client</name> 68418 </rpminfo_object> 68419 <rpminfo_object id="oval:org.opensuse.security:obj:2009032565" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68420 <name>yast2-ldap</name> 68421 </rpminfo_object> 68422 <rpminfo_object id="oval:org.opensuse.security:obj:2009032566" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68423 <name>yast2-mail-aliases</name> 68424 </rpminfo_object> 68425 <rpminfo_object id="oval:org.opensuse.security:obj:2009032567" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68426 <name>yast2-mail</name> 68427 </rpminfo_object> 68428 <rpminfo_object id="oval:org.opensuse.security:obj:2009032568" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68429 <name>yast2-ncurses</name> 68430 </rpminfo_object> 68431 <rpminfo_object id="oval:org.opensuse.security:obj:2009032569" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68432 <name>yast2-network</name> 68433 </rpminfo_object> 68434 <rpminfo_object id="oval:org.opensuse.security:obj:2009032570" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68435 <name>yast2-nfs-client</name> 68436 </rpminfo_object> 68437 <rpminfo_object id="oval:org.opensuse.security:obj:2009032571" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68438 <name>yast2-nis-client</name> 68439 </rpminfo_object> 68440 <rpminfo_object id="oval:org.opensuse.security:obj:2009032572" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68441 <name>yast2-ntp-client</name> 68442 </rpminfo_object> 68443 <rpminfo_object id="oval:org.opensuse.security:obj:2009032573" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68444 <name>yast2-online-update-frontend</name> 68445 </rpminfo_object> 68446 <rpminfo_object id="oval:org.opensuse.security:obj:2009032574" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68447 <name>yast2-online-update</name> 68448 </rpminfo_object> 68449 <rpminfo_object id="oval:org.opensuse.security:obj:2009032575" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68450 <name>yast2-packager</name> 68451 </rpminfo_object> 68452 <rpminfo_object id="oval:org.opensuse.security:obj:2009032576" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68453 <name>yast2-pam</name> 68454 </rpminfo_object> 68455 <rpminfo_object id="oval:org.opensuse.security:obj:2009032577" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68456 <name>yast2-perl-bindings</name> 68457 </rpminfo_object> 68458 <rpminfo_object id="oval:org.opensuse.security:obj:2009032578" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68459 <name>yast2-pkg-bindings</name> 68460 </rpminfo_object> 68461 <rpminfo_object id="oval:org.opensuse.security:obj:2009032579" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68462 <name>yast2-power-management</name> 68463 </rpminfo_object> 68464 <rpminfo_object id="oval:org.opensuse.security:obj:2009032580" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68465 <name>yast2-powertweak</name> 68466 </rpminfo_object> 68467 <rpminfo_object id="oval:org.opensuse.security:obj:2009032581" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68468 <name>yast2-printer</name> 68469 </rpminfo_object> 68470 <rpminfo_object id="oval:org.opensuse.security:obj:2009032582" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68471 <name>yast2-profile-manager</name> 68472 </rpminfo_object> 68473 <rpminfo_object id="oval:org.opensuse.security:obj:2009032583" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68474 <name>yast2-repair</name> 68475 </rpminfo_object> 68476 <rpminfo_object id="oval:org.opensuse.security:obj:2009032584" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68477 <name>yast2-restore</name> 68478 </rpminfo_object> 68479 <rpminfo_object id="oval:org.opensuse.security:obj:2009032585" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68480 <name>yast2-runlevel</name> 68481 </rpminfo_object> 68482 <rpminfo_object id="oval:org.opensuse.security:obj:2009032586" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68483 <name>yast2-samba-client</name> 68484 </rpminfo_object> 68485 <rpminfo_object id="oval:org.opensuse.security:obj:2009032587" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68486 <name>yast2-schema</name> 68487 </rpminfo_object> 68488 <rpminfo_object id="oval:org.opensuse.security:obj:2009032588" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68489 <name>yast2-security</name> 68490 </rpminfo_object> 68491 <rpminfo_object id="oval:org.opensuse.security:obj:2009032589" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68492 <name>yast2-slp</name> 68493 </rpminfo_object> 68494 <rpminfo_object id="oval:org.opensuse.security:obj:2009032590" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68495 <name>yast2-storage-lib</name> 68496 </rpminfo_object> 68497 <rpminfo_object id="oval:org.opensuse.security:obj:2009032591" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68498 <name>yast2-storage</name> 68499 </rpminfo_object> 68500 <rpminfo_object id="oval:org.opensuse.security:obj:2009032592" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68501 <name>yast2-support</name> 68502 </rpminfo_object> 68503 <rpminfo_object id="oval:org.opensuse.security:obj:2009032593" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68504 <name>yast2-sysconfig</name> 68505 </rpminfo_object> 68506 <rpminfo_object id="oval:org.opensuse.security:obj:2009032594" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68507 <name>yast2-theme-NLD</name> 68508 </rpminfo_object> 68509 <rpminfo_object id="oval:org.opensuse.security:obj:2009032595" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68510 <name>yast2-trans-stats</name> 68511 </rpminfo_object> 68512 <rpminfo_object id="oval:org.opensuse.security:obj:2009032596" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68513 <name>yast2-transfer</name> 68514 </rpminfo_object> 68515 <rpminfo_object id="oval:org.opensuse.security:obj:2009032597" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68516 <name>yast2-tune</name> 68517 </rpminfo_object> 68518 <rpminfo_object id="oval:org.opensuse.security:obj:2009032598" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68519 <name>yast2-tv</name> 68520 </rpminfo_object> 68521 <rpminfo_object id="oval:org.opensuse.security:obj:2009032599" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68522 <name>yast2-update</name> 68523 </rpminfo_object> 68524 <rpminfo_object id="oval:org.opensuse.security:obj:2009032600" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68525 <name>yast2-users</name> 68526 </rpminfo_object> 68527 <rpminfo_object id="oval:org.opensuse.security:obj:2009032601" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68528 <name>yast2-vm</name> 68529 </rpminfo_object> 68530 <rpminfo_object id="oval:org.opensuse.security:obj:2009032602" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68531 <name>yast2-xml</name> 68532 </rpminfo_object> 68533 <rpminfo_object id="oval:org.opensuse.security:obj:2009032603" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68534 <name>yast2</name> 68535 </rpminfo_object> 68536 <rpminfo_object id="oval:org.opensuse.security:obj:2009032604" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68537 <name>zmd-inventory</name> 68538 </rpminfo_object> 68539 <rpminfo_object id="oval:org.opensuse.security:obj:2009032605" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68540 <name>zmd</name> 68541 </rpminfo_object> 68542 <rpminfo_object id="oval:org.opensuse.security:obj:2009031758" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68543 <name>zypper</name> 68544 </rpminfo_object> 68545 <rpminfo_object id="oval:org.opensuse.security:obj:2009030789" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68546 <name>nss_ldap-32bit</name> 68547 </rpminfo_object> 68548 <rpminfo_object id="oval:org.opensuse.security:obj:2009030790" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68549 <name>nss_ldap</name> 68550 </rpminfo_object> 68551 <rpminfo_object id="oval:org.opensuse.security:obj:2009030663" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68552 <name>pam_ldap-32bit</name> 68553 </rpminfo_object> 68554 <rpminfo_object id="oval:org.opensuse.security:obj:2009030547" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68555 <name>pam_ldap</name> 68556 </rpminfo_object> 68557 <rpminfo_object id="oval:org.opensuse.security:obj:2009031893" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68558 <name>NetworkManager-kde</name> 68559 </rpminfo_object> 68560 <rpminfo_object id="oval:org.opensuse.security:obj:2009031869" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68561 <name>amarok-libvisual</name> 68562 </rpminfo_object> 68563 <rpminfo_object id="oval:org.opensuse.security:obj:2009031870" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68564 <name>amarok-xine</name> 68565 </rpminfo_object> 68566 <rpminfo_object id="oval:org.opensuse.security:obj:2009031872" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68567 <name>amarok</name> 68568 </rpminfo_object> 68569 <rpminfo_object id="oval:org.opensuse.security:obj:2009032656" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68570 <name>beagle-index</name> 68571 </rpminfo_object> 68572 <rpminfo_object id="oval:org.opensuse.security:obj:2009032657" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68573 <name>digikam</name> 68574 </rpminfo_object> 68575 <rpminfo_object id="oval:org.opensuse.security:obj:2009032658" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68576 <name>digikamimageplugins</name> 68577 </rpminfo_object> 68578 <rpminfo_object id="oval:org.opensuse.security:obj:2009030601" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68579 <name>flash-player</name> 68580 </rpminfo_object> 68581 <rpminfo_object id="oval:org.opensuse.security:obj:2009032659" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68582 <name>gtk-qt-engine-32bit</name> 68583 </rpminfo_object> 68584 <rpminfo_object id="oval:org.opensuse.security:obj:2009032660" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68585 <name>gtk-qt-engine</name> 68586 </rpminfo_object> 68587 <rpminfo_object id="oval:org.opensuse.security:obj:2009032661" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68588 <name>kdeaddons3-kate</name> 68589 </rpminfo_object> 68590 <rpminfo_object id="oval:org.opensuse.security:obj:2009032662" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68591 <name>kdeaddons3-kicker</name> 68592 </rpminfo_object> 68593 <rpminfo_object id="oval:org.opensuse.security:obj:2009032663" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68594 <name>kdeaddons3-konqueror</name> 68595 </rpminfo_object> 68596 <rpminfo_object id="oval:org.opensuse.security:obj:2009032664" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68597 <name>kdemultimedia3-CD</name> 68598 </rpminfo_object> 68599 <rpminfo_object id="oval:org.opensuse.security:obj:2009032665" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68600 <name>kdemultimedia3-devel</name> 68601 </rpminfo_object> 68602 <rpminfo_object id="oval:org.opensuse.security:obj:2009032666" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68603 <name>kdemultimedia3-mixer</name> 68604 </rpminfo_object> 68605 <rpminfo_object id="oval:org.opensuse.security:obj:2009032667" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68606 <name>kdemultimedia3-sound</name> 68607 </rpminfo_object> 68608 <rpminfo_object id="oval:org.opensuse.security:obj:2009032668" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68609 <name>kdemultimedia3-video</name> 68610 </rpminfo_object> 68611 <rpminfo_object id="oval:org.opensuse.security:obj:2009032669" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68612 <name>kdemultimedia3</name> 68613 </rpminfo_object> 68614 <rpminfo_object id="oval:org.opensuse.security:obj:2009032155" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68615 <name>kdenetwork3-InstantMessenger</name> 68616 </rpminfo_object> 68617 <rpminfo_object id="oval:org.opensuse.security:obj:2009032670" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68618 <name>kdenetwork3-news</name> 68619 </rpminfo_object> 68620 <rpminfo_object id="oval:org.opensuse.security:obj:2009032671" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68621 <name>kdenetwork3-vnc</name> 68622 </rpminfo_object> 68623 <rpminfo_object id="oval:org.opensuse.security:obj:2009031951" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68624 <name>kdenetwork3</name> 68625 </rpminfo_object> 68626 <rpminfo_object id="oval:org.opensuse.security:obj:2009032672" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68627 <name>kdepim3-devel</name> 68628 </rpminfo_object> 68629 <rpminfo_object id="oval:org.opensuse.security:obj:2009032673" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68630 <name>kdepim3-kpilot</name> 68631 </rpminfo_object> 68632 <rpminfo_object id="oval:org.opensuse.security:obj:2009032674" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68633 <name>kdepim3-mobile</name> 68634 </rpminfo_object> 68635 <rpminfo_object id="oval:org.opensuse.security:obj:2009032675" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68636 <name>kdepim3-networkstatus</name> 68637 </rpminfo_object> 68638 <rpminfo_object id="oval:org.opensuse.security:obj:2009032676" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68639 <name>kdepim3-sync</name> 68640 </rpminfo_object> 68641 <rpminfo_object id="oval:org.opensuse.security:obj:2009031975" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68642 <name>kdepim3</name> 68643 </rpminfo_object> 68644 <rpminfo_object id="oval:org.opensuse.security:obj:2009032677" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68645 <name>kerry</name> 68646 </rpminfo_object> 68647 <rpminfo_object id="oval:org.opensuse.security:obj:2009032678" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68648 <name>kinternet</name> 68649 </rpminfo_object> 68650 <rpminfo_object id="oval:org.opensuse.security:obj:2009032679" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68651 <name>krecord</name> 68652 </rpminfo_object> 68653 <rpminfo_object id="oval:org.opensuse.security:obj:2009032680" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68654 <name>kscpm</name> 68655 </rpminfo_object> 68656 <rpminfo_object id="oval:org.opensuse.security:obj:2009032681" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68657 <name>yast2-CASA</name> 68658 </rpminfo_object> 68659 <rpminfo_object id="oval:org.opensuse.security:obj:2009031377" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68660 <name>OpenOffice_org-af</name> 68661 </rpminfo_object> 68662 <rpminfo_object id="oval:org.opensuse.security:obj:2009030617" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68663 <name>OpenOffice_org-ar</name> 68664 </rpminfo_object> 68665 <rpminfo_object id="oval:org.opensuse.security:obj:2009030618" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68666 <name>OpenOffice_org-ca</name> 68667 </rpminfo_object> 68668 <rpminfo_object id="oval:org.opensuse.security:obj:2009030485" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68669 <name>OpenOffice_org-cs</name> 68670 </rpminfo_object> 68671 <rpminfo_object id="oval:org.opensuse.security:obj:2009030486" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68672 <name>OpenOffice_org-da</name> 68673 </rpminfo_object> 68674 <rpminfo_object id="oval:org.opensuse.security:obj:2009032118" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68675 <name>OpenOffice_org-de-templates</name> 68676 </rpminfo_object> 68677 <rpminfo_object id="oval:org.opensuse.security:obj:2009030487" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68678 <name>OpenOffice_org-de</name> 68679 </rpminfo_object> 68680 <rpminfo_object id="oval:org.opensuse.security:obj:2009030490" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68681 <name>OpenOffice_org-es</name> 68682 </rpminfo_object> 68683 <rpminfo_object id="oval:org.opensuse.security:obj:2009030491" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68684 <name>OpenOffice_org-fi</name> 68685 </rpminfo_object> 68686 <rpminfo_object id="oval:org.opensuse.security:obj:2009030492" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68687 <name>OpenOffice_org-fr</name> 68688 </rpminfo_object> 68689 <rpminfo_object id="oval:org.opensuse.security:obj:2009032226" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68690 <name>OpenOffice_org-galleries</name> 68691 </rpminfo_object> 68692 <rpminfo_object id="oval:org.opensuse.security:obj:2009030493" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68693 <name>OpenOffice_org-gnome</name> 68694 </rpminfo_object> 68695 <rpminfo_object id="oval:org.opensuse.security:obj:2009031382" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68696 <name>OpenOffice_org-gu-IN</name> 68697 </rpminfo_object> 68698 <rpminfo_object id="oval:org.opensuse.security:obj:2009031383" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68699 <name>OpenOffice_org-hi-IN</name> 68700 </rpminfo_object> 68701 <rpminfo_object id="oval:org.opensuse.security:obj:2009030494" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68702 <name>OpenOffice_org-hu</name> 68703 </rpminfo_object> 68704 <rpminfo_object id="oval:org.opensuse.security:obj:2009030495" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68705 <name>OpenOffice_org-it</name> 68706 </rpminfo_object> 68707 <rpminfo_object id="oval:org.opensuse.security:obj:2009030496" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68708 <name>OpenOffice_org-ja</name> 68709 </rpminfo_object> 68710 <rpminfo_object id="oval:org.opensuse.security:obj:2009030497" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68711 <name>OpenOffice_org-kde</name> 68712 </rpminfo_object> 68713 <rpminfo_object id="oval:org.opensuse.security:obj:2009031354" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68714 <name>OpenOffice_org-mono</name> 68715 </rpminfo_object> 68716 <rpminfo_object id="oval:org.opensuse.security:obj:2009031388" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68717 <name>OpenOffice_org-nb</name> 68718 </rpminfo_object> 68719 <rpminfo_object id="oval:org.opensuse.security:obj:2009030622" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68720 <name>OpenOffice_org-nl</name> 68721 </rpminfo_object> 68722 <rpminfo_object id="oval:org.opensuse.security:obj:2009032702" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68723 <name>OpenOffice_org-nld</name> 68724 </rpminfo_object> 68725 <rpminfo_object id="oval:org.opensuse.security:obj:2009031389" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68726 <name>OpenOffice_org-nn</name> 68727 </rpminfo_object> 68728 <rpminfo_object id="oval:org.opensuse.security:obj:2009030498" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68729 <name>OpenOffice_org-pl</name> 68730 </rpminfo_object> 68731 <rpminfo_object id="oval:org.opensuse.security:obj:2009030623" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68732 <name>OpenOffice_org-pt-BR</name> 68733 </rpminfo_object> 68734 <rpminfo_object id="oval:org.opensuse.security:obj:2009030500" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68735 <name>OpenOffice_org-ru</name> 68736 </rpminfo_object> 68737 <rpminfo_object id="oval:org.opensuse.security:obj:2009030501" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68738 <name>OpenOffice_org-sk</name> 68739 </rpminfo_object> 68740 <rpminfo_object id="oval:org.opensuse.security:obj:2009030502" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68741 <name>OpenOffice_org-sv</name> 68742 </rpminfo_object> 68743 <rpminfo_object id="oval:org.opensuse.security:obj:2009031396" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68744 <name>OpenOffice_org-xh</name> 68745 </rpminfo_object> 68746 <rpminfo_object id="oval:org.opensuse.security:obj:2009030503" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68747 <name>OpenOffice_org-zh-CN</name> 68748 </rpminfo_object> 68749 <rpminfo_object id="oval:org.opensuse.security:obj:2009030504" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68750 <name>OpenOffice_org-zh-TW</name> 68751 </rpminfo_object> 68752 <rpminfo_object id="oval:org.opensuse.security:obj:2009031397" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68753 <name>OpenOffice_org-zu</name> 68754 </rpminfo_object> 68755 <rpminfo_object id="oval:org.opensuse.security:obj:2009030505" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68756 <name>OpenOffice_org</name> 68757 </rpminfo_object> 68758 <rpminfo_object id="oval:org.opensuse.security:obj:2009034744" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68759 <name>wpa_supplicant</name> 68760 </rpminfo_object> 68761 <rpminfo_object id="oval:org.opensuse.security:obj:2009030634" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68762 <name>openssl-32bit</name> 68763 </rpminfo_object> 68764 <rpminfo_object id="oval:org.opensuse.security:obj:2009030635" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68765 <name>openssl-devel-32bit</name> 68766 </rpminfo_object> 68767 <rpminfo_object id="oval:org.opensuse.security:obj:2009030587" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68768 <name>openssl-devel</name> 68769 </rpminfo_object> 68770 <rpminfo_object id="oval:org.opensuse.security:obj:2009030588" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68771 <name>openssl</name> 68772 </rpminfo_object> 68773 <rpminfo_object id="oval:org.opensuse.security:obj:2009030440" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68774 <name>acroread</name> 68775 </rpminfo_object> 68776 <rpminfo_object id="oval:org.opensuse.security:obj:2009032700" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68777 <name>acroread_ja</name> 68778 </rpminfo_object> 68779 <rpminfo_object id="oval:org.opensuse.security:obj:2009032753" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68780 <name>ekiga</name> 68781 </rpminfo_object> 68782 <rpminfo_object id="oval:org.opensuse.security:obj:2009031411" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68783 <name>opal</name> 68784 </rpminfo_object> 68785 <rpminfo_object id="oval:org.opensuse.security:obj:2009032754" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68786 <name>pwlib-plugins-avc</name> 68787 </rpminfo_object> 68788 <rpminfo_object id="oval:org.opensuse.security:obj:2009032755" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68789 <name>pwlib-plugins-dc</name> 68790 </rpminfo_object> 68791 <rpminfo_object id="oval:org.opensuse.security:obj:2009032756" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68792 <name>pwlib-plugins-v4l2</name> 68793 </rpminfo_object> 68794 <rpminfo_object id="oval:org.opensuse.security:obj:2009032869" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68795 <name>sletc-release</name> 68796 </rpminfo_object> 68797 <rpminfo_object id="oval:org.opensuse.security:obj:2009031639" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68798 <name>qemu</name> 68799 </rpminfo_object> 68800 <rpminfo_object id="oval:org.opensuse.security:obj:2009034030" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68801 <name>ed</name> 68802 </rpminfo_object> 68803 <rpminfo_object id="oval:org.opensuse.security:obj:2009031424" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68804 <name>compat-openssl097g-32bit</name> 68805 </rpminfo_object> 68806 <rpminfo_object id="oval:org.opensuse.security:obj:2009031426" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68807 <name>compat-openssl097g</name> 68808 </rpminfo_object> 68809 <rpminfo_object id="oval:org.opensuse.security:obj:2009030867" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68810 <name>audiofile-32bit</name> 68811 </rpminfo_object> 68812 <rpminfo_object id="oval:org.opensuse.security:obj:2009031860" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68813 <name>audiofile-devel</name> 68814 </rpminfo_object> 68815 <rpminfo_object id="oval:org.opensuse.security:obj:2009030868" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68816 <name>audiofile</name> 68817 </rpminfo_object> 68818 <rpminfo_object id="oval:org.opensuse.security:obj:2009033425" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68819 <name>mozilla-xulrunner191-32bit</name> 68820 </rpminfo_object> 68821 <rpminfo_object id="oval:org.opensuse.security:obj:2009033431" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68822 <name>mozilla-xulrunner191-gnomevfs-32bit</name> 68823 </rpminfo_object> 68824 <rpminfo_object id="oval:org.opensuse.security:obj:2009033426" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68825 <name>mozilla-xulrunner191-gnomevfs</name> 68826 </rpminfo_object> 68827 <rpminfo_object id="oval:org.opensuse.security:obj:2009033433" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68828 <name>mozilla-xulrunner191-translations-32bit</name> 68829 </rpminfo_object> 68830 <rpminfo_object id="oval:org.opensuse.security:obj:2009033427" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68831 <name>mozilla-xulrunner191-translations</name> 68832 </rpminfo_object> 68833 <rpminfo_object id="oval:org.opensuse.security:obj:2009033429" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68834 <name>mozilla-xulrunner191</name> 68835 </rpminfo_object> 68836 <rpminfo_object id="oval:org.opensuse.security:obj:2009030638" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68837 <name>libpng-32bit</name> 68838 </rpminfo_object> 68839 <rpminfo_object id="oval:org.opensuse.security:obj:2009030640" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68840 <name>libpng</name> 68841 </rpminfo_object> 68842 <rpminfo_object id="oval:org.opensuse.security:obj:2009030968" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68843 <name>mozilla-xulrunner190-32bit</name> 68844 </rpminfo_object> 68845 <rpminfo_object id="oval:org.opensuse.security:obj:2009032851" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68846 <name>mozilla-xulrunner190-gnomevfs-32bit</name> 68847 </rpminfo_object> 68848 <rpminfo_object id="oval:org.opensuse.security:obj:2009030969" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68849 <name>mozilla-xulrunner190-gnomevfs</name> 68850 </rpminfo_object> 68851 <rpminfo_object id="oval:org.opensuse.security:obj:2009032853" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68852 <name>mozilla-xulrunner190-translations-32bit</name> 68853 </rpminfo_object> 68854 <rpminfo_object id="oval:org.opensuse.security:obj:2009030970" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68855 <name>mozilla-xulrunner190-translations</name> 68856 </rpminfo_object> 68857 <rpminfo_object id="oval:org.opensuse.security:obj:2009030972" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68858 <name>mozilla-xulrunner190</name> 68859 </rpminfo_object> 68860 <rpminfo_object id="oval:org.opensuse.security:obj:2009031843" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68861 <name>avahi-glib</name> 68862 </rpminfo_object> 68863 <rpminfo_object id="oval:org.opensuse.security:obj:2009031847" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68864 <name>avahi</name> 68865 </rpminfo_object> 68866 <rpminfo_object id="oval:org.opensuse.security:obj:2009032867" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68867 <name>dbus-1-qt-32bit</name> 68868 </rpminfo_object> 68869 <rpminfo_object id="oval:org.opensuse.security:obj:2009032866" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68870 <name>dbus-1-qt</name> 68871 </rpminfo_object> 68872 <rpminfo_object id="oval:org.opensuse.security:obj:2009033478" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68873 <name>qt-qt3support-32bit</name> 68874 </rpminfo_object> 68875 <rpminfo_object id="oval:org.opensuse.security:obj:2009033479" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68876 <name>qt-qt3support</name> 68877 </rpminfo_object> 68878 <rpminfo_object id="oval:org.opensuse.security:obj:2009033480" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68879 <name>qt-sql-32bit</name> 68880 </rpminfo_object> 68881 <rpminfo_object id="oval:org.opensuse.security:obj:2009033481" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68882 <name>qt-sql</name> 68883 </rpminfo_object> 68884 <rpminfo_object id="oval:org.opensuse.security:obj:2009033482" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68885 <name>qt-x11-32bit</name> 68886 </rpminfo_object> 68887 <rpminfo_object id="oval:org.opensuse.security:obj:2009033483" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68888 <name>qt-x11</name> 68889 </rpminfo_object> 68890 <rpminfo_object id="oval:org.opensuse.security:obj:2009031874" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68891 <name>kdegraphics3-devel</name> 68892 </rpminfo_object> 68893 <rpminfo_object id="oval:org.opensuse.security:obj:2009030415" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68894 <name>kdegraphics3-fax</name> 68895 </rpminfo_object> 68896 <rpminfo_object id="oval:org.opensuse.security:obj:2009031877" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68897 <name>kdegraphics3-kamera</name> 68898 </rpminfo_object> 68899 <rpminfo_object id="oval:org.opensuse.security:obj:2009031453" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68900 <name>kdegraphics3-pdf</name> 68901 </rpminfo_object> 68902 <rpminfo_object id="oval:org.opensuse.security:obj:2009031878" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68903 <name>kdegraphics3-postscript</name> 68904 </rpminfo_object> 68905 <rpminfo_object id="oval:org.opensuse.security:obj:2009031879" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68906 <name>kdegraphics3-scan</name> 68907 </rpminfo_object> 68908 <rpminfo_object id="oval:org.opensuse.security:obj:2009030674" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68909 <name>kdegraphics3</name> 68910 </rpminfo_object> 68911 <rpminfo_object id="oval:org.opensuse.security:obj:2009033279" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68912 <name>firefox3-pango-32bit</name> 68913 </rpminfo_object> 68914 <rpminfo_object id="oval:org.opensuse.security:obj:2009033280" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68915 <name>firefox3-pango</name> 68916 </rpminfo_object> 68917 <rpminfo_object id="oval:org.opensuse.security:obj:2009030536" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68918 <name>pango-32bit</name> 68919 </rpminfo_object> 68920 <rpminfo_object id="oval:org.opensuse.security:obj:2009033190" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68921 <name>pango-devel</name> 68922 </rpminfo_object> 68923 <rpminfo_object id="oval:org.opensuse.security:obj:2009031053" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68924 <name>pango-doc</name> 68925 </rpminfo_object> 68926 <rpminfo_object id="oval:org.opensuse.security:obj:2009030537" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68927 <name>pango</name> 68928 </rpminfo_object> 68929 <rpminfo_object id="oval:org.opensuse.security:obj:2009032726" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68930 <name>neon-32bit</name> 68931 </rpminfo_object> 68932 <rpminfo_object id="oval:org.opensuse.security:obj:2009033462" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68933 <name>neon-devel</name> 68934 </rpminfo_object> 68935 <rpminfo_object id="oval:org.opensuse.security:obj:2009032728" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68936 <name>neon</name> 68937 </rpminfo_object> 68938 <rpminfo_object id="oval:org.opensuse.security:obj:2009033235" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68939 <name>libapr-util1-devel</name> 68940 </rpminfo_object> 68941 <rpminfo_object id="oval:org.opensuse.security:obj:2009033229" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68942 <name>libapr-util1</name> 68943 </rpminfo_object> 68944 <rpminfo_object id="oval:org.opensuse.security:obj:2009033458" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68945 <name>libapr1-devel</name> 68946 </rpminfo_object> 68947 <rpminfo_object id="oval:org.opensuse.security:obj:2009033455" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68948 <name>libapr1</name> 68949 </rpminfo_object> 68950 <rpminfo_object id="oval:org.opensuse.security:obj:2009032707" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68951 <name>java-1_5_0-ibm-32bit</name> 68952 </rpminfo_object> 68953 <rpminfo_object id="oval:org.opensuse.security:obj:2009032708" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68954 <name>java-1_5_0-ibm-alsa-32bit</name> 68955 </rpminfo_object> 68956 <rpminfo_object id="oval:org.opensuse.security:obj:2009032710" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68957 <name>java-1_5_0-ibm-demo</name> 68958 </rpminfo_object> 68959 <rpminfo_object id="oval:org.opensuse.security:obj:2009032711" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68960 <name>java-1_5_0-ibm-devel-32bit</name> 68961 </rpminfo_object> 68962 <rpminfo_object id="oval:org.opensuse.security:obj:2009032712" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68963 <name>java-1_5_0-ibm-devel</name> 68964 </rpminfo_object> 68965 <rpminfo_object id="oval:org.opensuse.security:obj:2009032773" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68966 <name>java-1_5_0-ibm-fonts</name> 68967 </rpminfo_object> 68968 <rpminfo_object id="oval:org.opensuse.security:obj:2009032713" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68969 <name>java-1_5_0-ibm-jdbc</name> 68970 </rpminfo_object> 68971 <rpminfo_object id="oval:org.opensuse.security:obj:2009032714" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68972 <name>java-1_5_0-ibm-plugin</name> 68973 </rpminfo_object> 68974 <rpminfo_object id="oval:org.opensuse.security:obj:2009032715" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68975 <name>java-1_5_0-ibm-src</name> 68976 </rpminfo_object> 68977 <rpminfo_object id="oval:org.opensuse.security:obj:2009032716" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68978 <name>java-1_5_0-ibm</name> 68979 </rpminfo_object> 68980 <rpminfo_object id="oval:org.opensuse.security:obj:2009030758" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68981 <name>ethereal</name> 68982 </rpminfo_object> 68983 <rpminfo_object id="oval:org.opensuse.security:obj:2009031125" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68984 <name>squid</name> 68985 </rpminfo_object> 68986 <rpminfo_object id="oval:org.opensuse.security:obj:2009030554" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68987 <name>python-32bit</name> 68988 </rpminfo_object> 68989 <rpminfo_object id="oval:org.opensuse.security:obj:2009030555" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68990 <name>python-curses</name> 68991 </rpminfo_object> 68992 <rpminfo_object id="oval:org.opensuse.security:obj:2009030557" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68993 <name>python-devel</name> 68994 </rpminfo_object> 68995 <rpminfo_object id="oval:org.opensuse.security:obj:2009030560" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68996 <name>python-gdbm</name> 68997 </rpminfo_object> 68998 <rpminfo_object id="oval:org.opensuse.security:obj:2009030563" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 68999 <name>python-tk</name> 69000 </rpminfo_object> 69001 <rpminfo_object id="oval:org.opensuse.security:obj:2009030564" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69002 <name>python-xml</name> 69003 </rpminfo_object> 69004 <rpminfo_object id="oval:org.opensuse.security:obj:2009030463" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69005 <name>python</name> 69006 </rpminfo_object> 69007 <rpminfo_object id="oval:org.opensuse.security:obj:2009033741" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69008 <name>libicecore</name> 69009 </rpminfo_object> 69010 <rpminfo_object id="oval:org.opensuse.security:obj:2009033742" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69011 <name>libiiclib</name> 69012 </rpminfo_object> 69013 <rpminfo_object id="oval:org.opensuse.security:obj:2009033743" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69014 <name>libiksemel</name> 69015 </rpminfo_object> 69016 <rpminfo_object id="oval:org.opensuse.security:obj:2009033744" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69017 <name>libnetlib</name> 69018 </rpminfo_object> 69019 <rpminfo_object id="oval:org.opensuse.security:obj:2009033745" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69020 <name>libxmlrpc</name> 69021 </rpminfo_object> 69022 <rpminfo_object id="oval:org.opensuse.security:obj:2009030754" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69023 <name>libvorbis-32bit</name> 69024 </rpminfo_object> 69025 <rpminfo_object id="oval:org.opensuse.security:obj:2009030756" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69026 <name>libvorbis</name> 69027 </rpminfo_object> 69028 <rpminfo_object id="oval:org.opensuse.security:obj:2009030746" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69029 <name>ldapsmb</name> 69030 </rpminfo_object> 69031 <rpminfo_object id="oval:org.opensuse.security:obj:2009031748" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69032 <name>finch</name> 69033 </rpminfo_object> 69034 <rpminfo_object id="oval:org.opensuse.security:obj:2009031423" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69035 <name>libpurple</name> 69036 </rpminfo_object> 69037 <rpminfo_object id="oval:org.opensuse.security:obj:2009031752" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69038 <name>pidgin</name> 69039 </rpminfo_object> 69040 <rpminfo_object id="oval:org.opensuse.security:obj:2009033270" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69041 <name>MozillaFirefox-branding-SLED</name> 69042 </rpminfo_object> 69043 <rpminfo_object id="oval:org.opensuse.security:obj:2009030469" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69044 <name>postgresql-devel</name> 69045 </rpminfo_object> 69046 <rpminfo_object id="oval:org.opensuse.security:obj:2009030626" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69047 <name>postgresql-libs-32bit</name> 69048 </rpminfo_object> 69049 <rpminfo_object id="oval:org.opensuse.security:obj:2009030471" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69050 <name>postgresql-libs</name> 69051 </rpminfo_object> 69052 <rpminfo_object id="oval:org.opensuse.security:obj:2009033601" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69053 <name>fuse-devel</name> 69054 </rpminfo_object> 69055 <rpminfo_object id="oval:org.opensuse.security:obj:2009033599" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69056 <name>fuse</name> 69057 </rpminfo_object> 69058 <rpminfo_object id="oval:org.opensuse.security:obj:2009033600" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69059 <name>libfuse2</name> 69060 </rpminfo_object> 69061 <rpminfo_object id="oval:org.opensuse.security:obj:2009032709" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69062 <name>java-1_5_0-ibm-alsa</name> 69063 </rpminfo_object> 69064 <rpminfo_object id="oval:org.opensuse.security:obj:2009030605" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69065 <name>gnutls-32bit</name> 69066 </rpminfo_object> 69067 <rpminfo_object id="oval:org.opensuse.security:obj:2009030606" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69068 <name>gnutls-devel-32bit</name> 69069 </rpminfo_object> 69070 <rpminfo_object id="oval:org.opensuse.security:obj:2009030523" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69071 <name>gnutls-devel</name> 69072 </rpminfo_object> 69073 <rpminfo_object id="oval:org.opensuse.security:obj:2009030524" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69074 <name>gnutls</name> 69075 </rpminfo_object> 69076 <rpminfo_object id="oval:org.opensuse.security:obj:2009033986" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69077 <name>java-1_6_0-sun-32bit</name> 69078 </rpminfo_object> 69079 <rpminfo_object id="oval:org.opensuse.security:obj:2009031443" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69080 <name>java-1_6_0-sun-alsa</name> 69081 </rpminfo_object> 69082 <rpminfo_object id="oval:org.opensuse.security:obj:2009031444" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69083 <name>java-1_6_0-sun-demo</name> 69084 </rpminfo_object> 69085 <rpminfo_object id="oval:org.opensuse.security:obj:2009031446" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69086 <name>java-1_6_0-sun-jdbc</name> 69087 </rpminfo_object> 69088 <rpminfo_object id="oval:org.opensuse.security:obj:2009033987" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69089 <name>java-1_6_0-sun-plugin-32bit</name> 69090 </rpminfo_object> 69091 <rpminfo_object id="oval:org.opensuse.security:obj:2009031447" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69092 <name>java-1_6_0-sun-plugin</name> 69093 </rpminfo_object> 69094 <rpminfo_object id="oval:org.opensuse.security:obj:2009031908" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69095 <name>java-1_6_0-sun-src</name> 69096 </rpminfo_object> 69097 <rpminfo_object id="oval:org.opensuse.security:obj:2009031448" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69098 <name>java-1_6_0-sun</name> 69099 </rpminfo_object> 69100 <rpminfo_object id="oval:org.opensuse.security:obj:2009033546" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69101 <name>pyxml</name> 69102 </rpminfo_object> 69103 <rpminfo_object id="oval:org.opensuse.security:obj:2009033494" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69104 <name>expat-32bit</name> 69105 </rpminfo_object> 69106 <rpminfo_object id="oval:org.opensuse.security:obj:2009033464" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69107 <name>expat</name> 69108 </rpminfo_object> 69109 <rpminfo_object id="oval:org.opensuse.security:obj:2009031326" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69110 <name>xpdf-tools</name> 69111 </rpminfo_object> 69112 <rpminfo_object id="oval:org.opensuse.security:obj:2009031306" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69113 <name>poppler-devel</name> 69114 </rpminfo_object> 69115 <rpminfo_object id="oval:org.opensuse.security:obj:2009031308" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69116 <name>poppler-glib</name> 69117 </rpminfo_object> 69118 <rpminfo_object id="oval:org.opensuse.security:obj:2009031310" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69119 <name>poppler-qt</name> 69120 </rpminfo_object> 69121 <rpminfo_object id="oval:org.opensuse.security:obj:2009031312" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69122 <name>poppler</name> 69123 </rpminfo_object> 69124 <rpminfo_object id="oval:org.opensuse.security:obj:2009030425" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69125 <name>cups-client</name> 69126 </rpminfo_object> 69127 <rpminfo_object id="oval:org.opensuse.security:obj:2009030426" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69128 <name>cups-devel</name> 69129 </rpminfo_object> 69130 <rpminfo_object id="oval:org.opensuse.security:obj:2009030730" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69131 <name>cups-libs-32bit</name> 69132 </rpminfo_object> 69133 <rpminfo_object id="oval:org.opensuse.security:obj:2009030427" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69134 <name>cups-libs</name> 69135 </rpminfo_object> 69136 <rpminfo_object id="oval:org.opensuse.security:obj:2009030428" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69137 <name>cups</name> 69138 </rpminfo_object> 69139 <rpminfo_object id="oval:org.opensuse.security:obj:2009033545" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69140 <name>perl-HTML-Parser</name> 69141 </rpminfo_object> 69142 <rpminfo_object id="oval:org.opensuse.security:obj:2009030817" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69143 <name>ghostscript-fonts-other</name> 69144 </rpminfo_object> 69145 <rpminfo_object id="oval:org.opensuse.security:obj:2009030819" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69146 <name>ghostscript-fonts-std</name> 69147 </rpminfo_object> 69148 <rpminfo_object id="oval:org.opensuse.security:obj:2009030820" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69149 <name>ghostscript-library</name> 69150 </rpminfo_object> 69151 <rpminfo_object id="oval:org.opensuse.security:obj:2009030822" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69152 <name>ghostscript-x11</name> 69153 </rpminfo_object> 69154 <rpminfo_object id="oval:org.opensuse.security:obj:2009030824" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69155 <name>libgimpprint</name> 69156 </rpminfo_object> 69157 <rpminfo_object id="oval:org.opensuse.security:obj:2009030815" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69158 <name>libmikmod-32bit</name> 69159 </rpminfo_object> 69160 <rpminfo_object id="oval:org.opensuse.security:obj:2009030816" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69161 <name>libmikmod</name> 69162 </rpminfo_object> 69163 <rpminfo_object id="oval:org.opensuse.security:obj:2009033881" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69164 <name>gst-fluendo-mp3</name> 69165 </rpminfo_object> 69166 <rpminfo_object id="oval:org.opensuse.security:obj:2009033882" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69167 <name>helix-banshee-devel</name> 69168 </rpminfo_object> 69169 <rpminfo_object id="oval:org.opensuse.security:obj:2009033883" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69170 <name>helix-banshee-engine-gst</name> 69171 </rpminfo_object> 69172 <rpminfo_object id="oval:org.opensuse.security:obj:2009033884" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69173 <name>helix-banshee-plugins-default</name> 69174 </rpminfo_object> 69175 <rpminfo_object id="oval:org.opensuse.security:obj:2009033885" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69176 <name>helix-banshee-plugins-extra</name> 69177 </rpminfo_object> 69178 <rpminfo_object id="oval:org.opensuse.security:obj:2009033886" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69179 <name>helix-banshee</name> 69180 </rpminfo_object> 69181 <rpminfo_object id="oval:org.opensuse.security:obj:2009032770" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69182 <name>libnetpbm-32bit</name> 69183 </rpminfo_object> 69184 <rpminfo_object id="oval:org.opensuse.security:obj:2009030552" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69185 <name>libnetpbm</name> 69186 </rpminfo_object> 69187 <rpminfo_object id="oval:org.opensuse.security:obj:2009030553" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69188 <name>netpbm</name> 69189 </rpminfo_object> 69190 <rpminfo_object id="oval:org.opensuse.security:obj:2009031187" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69191 <name>sendmail</name> 69192 </rpminfo_object> 69193 <rpminfo_object id="oval:org.opensuse.security:obj:2009030977" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69194 <name>libsndfile-32bit</name> 69195 </rpminfo_object> 69196 <rpminfo_object id="oval:org.opensuse.security:obj:2009031882" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69197 <name>libsndfile-devel</name> 69198 </rpminfo_object> 69199 <rpminfo_object id="oval:org.opensuse.security:obj:2009030979" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69200 <name>libsndfile</name> 69201 </rpminfo_object> 69202 <rpminfo_object id="oval:org.opensuse.security:obj:2009030647" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69203 <name>gzip</name> 69204 </rpminfo_object> 69205 <rpminfo_object id="oval:org.opensuse.security:obj:2009030961" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69206 <name>clamav</name> 69207 </rpminfo_object> 69208 <rpminfo_object id="oval:org.opensuse.security:obj:2009033636" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69209 <name>acroread-cmaps</name> 69210 </rpminfo_object> 69211 <rpminfo_object id="oval:org.opensuse.security:obj:2009033637" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69212 <name>acroread-fonts-ja</name> 69213 </rpminfo_object> 69214 <rpminfo_object id="oval:org.opensuse.security:obj:2009033638" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69215 <name>acroread-fonts-ko</name> 69216 </rpminfo_object> 69217 <rpminfo_object id="oval:org.opensuse.security:obj:2009033639" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69218 <name>acroread-fonts-zh_CN</name> 69219 </rpminfo_object> 69220 <rpminfo_object id="oval:org.opensuse.security:obj:2009033640" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69221 <name>acroread-fonts-zh_TW</name> 69222 </rpminfo_object> 69223 <rpminfo_object id="oval:org.opensuse.security:obj:2009030619" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69224 <name>OpenOffice_org-el</name> 69225 </rpminfo_object> 69226 <rpminfo_object id="oval:org.opensuse.security:obj:2009031381" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69227 <name>OpenOffice_org-en-GB</name> 69228 </rpminfo_object> 69229 <rpminfo_object id="oval:org.opensuse.security:obj:2009030621" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69230 <name>OpenOffice_org-ko</name> 69231 </rpminfo_object> 69232 <rpminfo_object id="oval:org.opensuse.security:obj:2009030835" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69233 <name>bzip2-32bit</name> 69234 </rpminfo_object> 69235 <rpminfo_object id="oval:org.opensuse.security:obj:2009030508" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69236 <name>bzip2</name> 69237 </rpminfo_object> 69238 <rpminfo_object id="oval:org.opensuse.security:obj:2009030401" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69239 <name>tar</name> 69240 </rpminfo_object> 69241 <rpminfo_object id="oval:org.opensuse.security:obj:2009030793" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69242 <name>te_ams</name> 69243 </rpminfo_object> 69244 <rpminfo_object id="oval:org.opensuse.security:obj:2009030794" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69245 <name>te_cont</name> 69246 </rpminfo_object> 69247 <rpminfo_object id="oval:org.opensuse.security:obj:2009030795" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69248 <name>te_dvilj</name> 69249 </rpminfo_object> 69250 <rpminfo_object id="oval:org.opensuse.security:obj:2009030796" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69251 <name>te_eplai</name> 69252 </rpminfo_object> 69253 <rpminfo_object id="oval:org.opensuse.security:obj:2009030798" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69254 <name>te_kpath</name> 69255 </rpminfo_object> 69256 <rpminfo_object id="oval:org.opensuse.security:obj:2009030799" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69257 <name>te_latex</name> 69258 </rpminfo_object> 69259 <rpminfo_object id="oval:org.opensuse.security:obj:2009030800" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69260 <name>te_mpost</name> 69261 </rpminfo_object> 69262 <rpminfo_object id="oval:org.opensuse.security:obj:2009030801" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69263 <name>te_omega</name> 69264 </rpminfo_object> 69265 <rpminfo_object id="oval:org.opensuse.security:obj:2009030803" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69266 <name>te_ptex</name> 69267 </rpminfo_object> 69268 <rpminfo_object id="oval:org.opensuse.security:obj:2009030804" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69269 <name>te_web</name> 69270 </rpminfo_object> 69271 <rpminfo_object id="oval:org.opensuse.security:obj:2009030805" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69272 <name>tetex</name> 69273 </rpminfo_object> 69274 <rpminfo_object id="oval:org.opensuse.security:obj:2009030460" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69275 <name>ncpfs</name> 69276 </rpminfo_object> 69277 <rpminfo_object id="oval:org.opensuse.security:obj:2009030599" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69278 <name>perl-32bit</name> 69279 </rpminfo_object> 69280 <rpminfo_object id="oval:org.opensuse.security:obj:2009030410" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69281 <name>perl</name> 69282 </rpminfo_object> 69283 <rpminfo_object id="oval:org.opensuse.security:obj:2009030616" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69284 <name>libtiff-32bit</name> 69285 </rpminfo_object> 69286 <rpminfo_object id="oval:org.opensuse.security:obj:2009031676" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69287 <name>libtiff-devel</name> 69288 </rpminfo_object> 69289 <rpminfo_object id="oval:org.opensuse.security:obj:2009030452" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69290 <name>libtiff</name> 69291 </rpminfo_object> 69292 <rpminfo_object id="oval:org.opensuse.security:obj:2009031055" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69293 <name>wireshark</name> 69294 </rpminfo_object> 69295 <rpminfo_object id="oval:org.opensuse.security:obj:2009033842" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69296 <name>mozilla-xulrunner192-32bit</name> 69297 </rpminfo_object> 69298 <rpminfo_object id="oval:org.opensuse.security:obj:2009033851" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69299 <name>mozilla-xulrunner192</name> 69300 </rpminfo_object> 69301 <rpminfo_object id="oval:org.opensuse.security:obj:2009033845" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69302 <name>mozilla-xulrunner192-gnome-32bit</name> 69303 </rpminfo_object> 69304 <rpminfo_object id="oval:org.opensuse.security:obj:2009033846" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69305 <name>mozilla-xulrunner192-gnome</name> 69306 </rpminfo_object> 69307 <rpminfo_object id="oval:org.opensuse.security:obj:2009033962" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69308 <name>mozilla-xulrunner192-translations-32bit</name> 69309 </rpminfo_object> 69310 <rpminfo_object id="oval:org.opensuse.security:obj:2009033959" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69311 <name>mozilla-xulrunner192-translations</name> 69312 </rpminfo_object> 69313 <rpminfo_object id="oval:org.opensuse.security:obj:2009030610" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69314 <name>freetype2-32bit</name> 69315 </rpminfo_object> 69316 <rpminfo_object id="oval:org.opensuse.security:obj:2009030611" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69317 <name>freetype2-devel-32bit</name> 69318 </rpminfo_object> 69319 <rpminfo_object id="oval:org.opensuse.security:obj:2009030612" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69320 <name>freetype2-devel</name> 69321 </rpminfo_object> 69322 <rpminfo_object id="oval:org.opensuse.security:obj:2009030613" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69323 <name>freetype2</name> 69324 </rpminfo_object> 69325 <rpminfo_object id="oval:org.opensuse.security:obj:2009030675" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69326 <name>w3m</name> 69327 </rpminfo_object> 69328 <rpminfo_object id="oval:org.opensuse.security:obj:2009031850" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69329 <name>libvirt-python</name> 69330 </rpminfo_object> 69331 <rpminfo_object id="oval:org.opensuse.security:obj:2009031851" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69332 <name>libvirt</name> 69333 </rpminfo_object> 69334 <rpminfo_object id="oval:org.opensuse.security:obj:2009030602" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69335 <name>gpg2</name> 69336 </rpminfo_object> 69337 <rpminfo_object id="oval:org.opensuse.security:obj:2009032701" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69338 <name>evince</name> 69339 </rpminfo_object> 69340 <rpminfo_object id="oval:org.opensuse.security:obj:2009034914" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69341 <name>socat</name> 69342 </rpminfo_object> 69343 <rpminfo_object id="oval:org.opensuse.security:obj:2009034665" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69344 <name>boost-32bit</name> 69345 </rpminfo_object> 69346 <rpminfo_object id="oval:org.opensuse.security:obj:2009031617" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69347 <name>boost</name> 69348 </rpminfo_object> 69349 <rpminfo_object id="oval:org.opensuse.security:obj:2009034666" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69350 <name>libreoffice-af</name> 69351 </rpminfo_object> 69352 <rpminfo_object id="oval:org.opensuse.security:obj:2009034667" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69353 <name>libreoffice-ar</name> 69354 </rpminfo_object> 69355 <rpminfo_object id="oval:org.opensuse.security:obj:2009034668" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69356 <name>libreoffice-ca</name> 69357 </rpminfo_object> 69358 <rpminfo_object id="oval:org.opensuse.security:obj:2009034669" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69359 <name>libreoffice-cs</name> 69360 </rpminfo_object> 69361 <rpminfo_object id="oval:org.opensuse.security:obj:2009034670" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69362 <name>libreoffice-da</name> 69363 </rpminfo_object> 69364 <rpminfo_object id="oval:org.opensuse.security:obj:2009034671" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69365 <name>libreoffice-de-templates</name> 69366 </rpminfo_object> 69367 <rpminfo_object id="oval:org.opensuse.security:obj:2009034672" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69368 <name>libreoffice-de</name> 69369 </rpminfo_object> 69370 <rpminfo_object id="oval:org.opensuse.security:obj:2009034673" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69371 <name>libreoffice-el</name> 69372 </rpminfo_object> 69373 <rpminfo_object id="oval:org.opensuse.security:obj:2009034674" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69374 <name>libreoffice-en-GB</name> 69375 </rpminfo_object> 69376 <rpminfo_object id="oval:org.opensuse.security:obj:2009034675" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69377 <name>libreoffice-es</name> 69378 </rpminfo_object> 69379 <rpminfo_object id="oval:org.opensuse.security:obj:2009034676" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69380 <name>libreoffice-fi</name> 69381 </rpminfo_object> 69382 <rpminfo_object id="oval:org.opensuse.security:obj:2009034677" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69383 <name>libreoffice-fr</name> 69384 </rpminfo_object> 69385 <rpminfo_object id="oval:org.opensuse.security:obj:2009034678" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69386 <name>libreoffice-galleries</name> 69387 </rpminfo_object> 69388 <rpminfo_object id="oval:org.opensuse.security:obj:2009034098" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69389 <name>libreoffice-gnome</name> 69390 </rpminfo_object> 69391 <rpminfo_object id="oval:org.opensuse.security:obj:2009034679" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69392 <name>libreoffice-gu-IN</name> 69393 </rpminfo_object> 69394 <rpminfo_object id="oval:org.opensuse.security:obj:2009034680" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69395 <name>libreoffice-hi-IN</name> 69396 </rpminfo_object> 69397 <rpminfo_object id="oval:org.opensuse.security:obj:2009034681" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69398 <name>libreoffice-hu</name> 69399 </rpminfo_object> 69400 <rpminfo_object id="oval:org.opensuse.security:obj:2009034682" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69401 <name>libreoffice-it</name> 69402 </rpminfo_object> 69403 <rpminfo_object id="oval:org.opensuse.security:obj:2009034683" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69404 <name>libreoffice-ja</name> 69405 </rpminfo_object> 69406 <rpminfo_object id="oval:org.opensuse.security:obj:2009034124" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69407 <name>libreoffice-kde</name> 69408 </rpminfo_object> 69409 <rpminfo_object id="oval:org.opensuse.security:obj:2009034684" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69410 <name>libreoffice-ko</name> 69411 </rpminfo_object> 69412 <rpminfo_object id="oval:org.opensuse.security:obj:2009034162" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69413 <name>libreoffice-mono</name> 69414 </rpminfo_object> 69415 <rpminfo_object id="oval:org.opensuse.security:obj:2009034685" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69416 <name>libreoffice-nb</name> 69417 </rpminfo_object> 69418 <rpminfo_object id="oval:org.opensuse.security:obj:2009034686" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69419 <name>libreoffice-nl</name> 69420 </rpminfo_object> 69421 <rpminfo_object id="oval:org.opensuse.security:obj:2009034687" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69422 <name>libreoffice-nn</name> 69423 </rpminfo_object> 69424 <rpminfo_object id="oval:org.opensuse.security:obj:2009034688" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69425 <name>libreoffice-pl</name> 69426 </rpminfo_object> 69427 <rpminfo_object id="oval:org.opensuse.security:obj:2009034689" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69428 <name>libreoffice-pt-BR</name> 69429 </rpminfo_object> 69430 <rpminfo_object id="oval:org.opensuse.security:obj:2009034690" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69431 <name>libreoffice-ru</name> 69432 </rpminfo_object> 69433 <rpminfo_object id="oval:org.opensuse.security:obj:2009034691" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69434 <name>libreoffice-sk</name> 69435 </rpminfo_object> 69436 <rpminfo_object id="oval:org.opensuse.security:obj:2009034692" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69437 <name>libreoffice-sv</name> 69438 </rpminfo_object> 69439 <rpminfo_object id="oval:org.opensuse.security:obj:2009034693" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69440 <name>libreoffice-xh</name> 69441 </rpminfo_object> 69442 <rpminfo_object id="oval:org.opensuse.security:obj:2009034694" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69443 <name>libreoffice-zh-CN</name> 69444 </rpminfo_object> 69445 <rpminfo_object id="oval:org.opensuse.security:obj:2009034695" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69446 <name>libreoffice-zh-TW</name> 69447 </rpminfo_object> 69448 <rpminfo_object id="oval:org.opensuse.security:obj:2009034696" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69449 <name>libreoffice-zu</name> 69450 </rpminfo_object> 69451 <rpminfo_object id="oval:org.opensuse.security:obj:2009034188" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69452 <name>libreoffice</name> 69453 </rpminfo_object> 69454 <rpminfo_object id="oval:org.opensuse.security:obj:2009034189" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69455 <name>myspell-african</name> 69456 </rpminfo_object> 69457 <rpminfo_object id="oval:org.opensuse.security:obj:2009034190" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69458 <name>myspell-american</name> 69459 </rpminfo_object> 69460 <rpminfo_object id="oval:org.opensuse.security:obj:2009034191" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69461 <name>myspell-brazilian</name> 69462 </rpminfo_object> 69463 <rpminfo_object id="oval:org.opensuse.security:obj:2009034192" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69464 <name>myspell-british</name> 69465 </rpminfo_object> 69466 <rpminfo_object id="oval:org.opensuse.security:obj:2009034193" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69467 <name>myspell-catalan</name> 69468 </rpminfo_object> 69469 <rpminfo_object id="oval:org.opensuse.security:obj:2009034194" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69470 <name>myspell-czech</name> 69471 </rpminfo_object> 69472 <rpminfo_object id="oval:org.opensuse.security:obj:2009034195" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69473 <name>myspell-danish</name> 69474 </rpminfo_object> 69475 <rpminfo_object id="oval:org.opensuse.security:obj:2009034196" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69476 <name>myspell-dutch</name> 69477 </rpminfo_object> 69478 <rpminfo_object id="oval:org.opensuse.security:obj:2009034197" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69479 <name>myspell-french</name> 69480 </rpminfo_object> 69481 <rpminfo_object id="oval:org.opensuse.security:obj:2009034198" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69482 <name>myspell-german</name> 69483 </rpminfo_object> 69484 <rpminfo_object id="oval:org.opensuse.security:obj:2009034439" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69485 <name>myspell-greek</name> 69486 </rpminfo_object> 69487 <rpminfo_object id="oval:org.opensuse.security:obj:2009034199" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69488 <name>myspell-gujarati</name> 69489 </rpminfo_object> 69490 <rpminfo_object id="oval:org.opensuse.security:obj:2009034200" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69491 <name>myspell-hindi</name> 69492 </rpminfo_object> 69493 <rpminfo_object id="oval:org.opensuse.security:obj:2009034202" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69494 <name>myspell-italian</name> 69495 </rpminfo_object> 69496 <rpminfo_object id="oval:org.opensuse.security:obj:2009034449" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69497 <name>myspell-lithuanian</name> 69498 </rpminfo_object> 69499 <rpminfo_object id="oval:org.opensuse.security:obj:2009034455" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69500 <name>myspell-marathi</name> 69501 </rpminfo_object> 69502 <rpminfo_object id="oval:org.opensuse.security:obj:2009034203" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69503 <name>myspell-norsk-bokmaal</name> 69504 </rpminfo_object> 69505 <rpminfo_object id="oval:org.opensuse.security:obj:2009034204" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69506 <name>myspell-norsk-nynorsk</name> 69507 </rpminfo_object> 69508 <rpminfo_object id="oval:org.opensuse.security:obj:2009034205" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69509 <name>myspell-polish</name> 69510 </rpminfo_object> 69511 <rpminfo_object id="oval:org.opensuse.security:obj:2009034206" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69512 <name>myspell-portuguese</name> 69513 </rpminfo_object> 69514 <rpminfo_object id="oval:org.opensuse.security:obj:2009034207" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69515 <name>myspell-russian</name> 69516 </rpminfo_object> 69517 <rpminfo_object id="oval:org.opensuse.security:obj:2009034208" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69518 <name>myspell-slovak</name> 69519 </rpminfo_object> 69520 <rpminfo_object id="oval:org.opensuse.security:obj:2009034464" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69521 <name>myspell-slovene</name> 69522 </rpminfo_object> 69523 <rpminfo_object id="oval:org.opensuse.security:obj:2009034209" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69524 <name>myspell-spanish</name> 69525 </rpminfo_object> 69526 <rpminfo_object id="oval:org.opensuse.security:obj:2009034210" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69527 <name>myspell-swedish</name> 69528 </rpminfo_object> 69529 <rpminfo_object id="oval:org.opensuse.security:obj:2009034211" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69530 <name>myspell-xhosa</name> 69531 </rpminfo_object> 69532 <rpminfo_object id="oval:org.opensuse.security:obj:2009034212" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69533 <name>myspell-zulu</name> 69534 </rpminfo_object> 69535 <rpminfo_object id="oval:org.opensuse.security:obj:2009031765" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69536 <name>bytefx-data-mysql</name> 69537 </rpminfo_object> 69538 <rpminfo_object id="oval:org.opensuse.security:obj:2009031766" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69539 <name>ibm-data-db2</name> 69540 </rpminfo_object> 69541 <rpminfo_object id="oval:org.opensuse.security:obj:2009031768" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69542 <name>mono-core-32bit</name> 69543 </rpminfo_object> 69544 <rpminfo_object id="oval:org.opensuse.security:obj:2009031769" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69545 <name>mono-core</name> 69546 </rpminfo_object> 69547 <rpminfo_object id="oval:org.opensuse.security:obj:2009031770" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69548 <name>mono-data-firebird</name> 69549 </rpminfo_object> 69550 <rpminfo_object id="oval:org.opensuse.security:obj:2009031771" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69551 <name>mono-data-oracle</name> 69552 </rpminfo_object> 69553 <rpminfo_object id="oval:org.opensuse.security:obj:2009031772" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69554 <name>mono-data-postgresql</name> 69555 </rpminfo_object> 69556 <rpminfo_object id="oval:org.opensuse.security:obj:2009031773" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69557 <name>mono-data-sqlite</name> 69558 </rpminfo_object> 69559 <rpminfo_object id="oval:org.opensuse.security:obj:2009031774" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69560 <name>mono-data-sybase</name> 69561 </rpminfo_object> 69562 <rpminfo_object id="oval:org.opensuse.security:obj:2009031775" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69563 <name>mono-data</name> 69564 </rpminfo_object> 69565 <rpminfo_object id="oval:org.opensuse.security:obj:2009030855" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69566 <name>mono-devel</name> 69567 </rpminfo_object> 69568 <rpminfo_object id="oval:org.opensuse.security:obj:2009031776" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69569 <name>mono-extras</name> 69570 </rpminfo_object> 69571 <rpminfo_object id="oval:org.opensuse.security:obj:2009031778" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69572 <name>mono-locale-extras</name> 69573 </rpminfo_object> 69574 <rpminfo_object id="oval:org.opensuse.security:obj:2009031779" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69575 <name>mono-nunit</name> 69576 </rpminfo_object> 69577 <rpminfo_object id="oval:org.opensuse.security:obj:2009031780" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69578 <name>mono-web</name> 69579 </rpminfo_object> 69580 <rpminfo_object id="oval:org.opensuse.security:obj:2009031781" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69581 <name>mono-winforms</name> 69582 </rpminfo_object> 69583 <rpminfo_object id="oval:org.opensuse.security:obj:2009033991" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69584 <name>openslp-32bit</name> 69585 </rpminfo_object> 69586 <rpminfo_object id="oval:org.opensuse.security:obj:2009033995" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69587 <name>openslp-devel</name> 69588 </rpminfo_object> 69589 <rpminfo_object id="oval:org.opensuse.security:obj:2009033994" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69590 <name>openslp</name> 69591 </rpminfo_object> 69592 <rpminfo_object id="oval:org.opensuse.security:obj:2009034036" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69593 <name>supportutils</name> 69594 </rpminfo_object> 69595 <rpminfo_object id="oval:org.opensuse.security:obj:2009030809" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69596 <name>libxml2-32bit</name> 69597 </rpminfo_object> 69598 <rpminfo_object id="oval:org.opensuse.security:obj:2009031522" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69599 <name>libxml2-devel-32bit</name> 69600 </rpminfo_object> 69601 <rpminfo_object id="oval:org.opensuse.security:obj:2009030405" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69602 <name>libxml2-devel</name> 69603 </rpminfo_object> 69604 <rpminfo_object id="oval:org.opensuse.security:obj:2009030406" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69605 <name>libxml2</name> 69606 </rpminfo_object> 69607 <rpminfo_object id="oval:org.opensuse.security:obj:2009030962" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69608 <name>libcurl4-32bit</name> 69609 </rpminfo_object> 69610 <rpminfo_object id="oval:org.opensuse.security:obj:2009030964" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69611 <name>libcurl4</name> 69612 </rpminfo_object> 69613 <rpminfo_object id="oval:org.opensuse.security:obj:2009034080" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69614 <name>build</name> 69615 </rpminfo_object> 69616 <rpminfo_object id="oval:org.opensuse.security:obj:2009033785" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69617 <name>virt-manager</name> 69618 </rpminfo_object> 69619 <rpminfo_object id="oval:org.opensuse.security:obj:2009031479" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69620 <name>xen-devel</name> 69621 </rpminfo_object> 69622 <rpminfo_object id="oval:org.opensuse.security:obj:2009031480" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69623 <name>xen-doc-html</name> 69624 </rpminfo_object> 69625 <rpminfo_object id="oval:org.opensuse.security:obj:2009031481" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69626 <name>xen-doc-pdf</name> 69627 </rpminfo_object> 69628 <rpminfo_object id="oval:org.opensuse.security:obj:2009032233" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69629 <name>xen-doc-ps</name> 69630 </rpminfo_object> 69631 <rpminfo_object id="oval:org.opensuse.security:obj:2009034576" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69632 <name>xen-kmp-bigsmp</name> 69633 </rpminfo_object> 69634 <rpminfo_object id="oval:org.opensuse.security:obj:2009033788" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69635 <name>xen-kmp-default</name> 69636 </rpminfo_object> 69637 <rpminfo_object id="oval:org.opensuse.security:obj:2009034577" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69638 <name>xen-kmp-smp</name> 69639 </rpminfo_object> 69640 <rpminfo_object id="oval:org.opensuse.security:obj:2009032234" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69641 <name>xen-libs-32bit</name> 69642 </rpminfo_object> 69643 <rpminfo_object id="oval:org.opensuse.security:obj:2009031482" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69644 <name>xen-libs</name> 69645 </rpminfo_object> 69646 <rpminfo_object id="oval:org.opensuse.security:obj:2009031483" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69647 <name>xen-tools-domU</name> 69648 </rpminfo_object> 69649 <rpminfo_object id="oval:org.opensuse.security:obj:2009031484" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69650 <name>xen-tools-ioemu</name> 69651 </rpminfo_object> 69652 <rpminfo_object id="oval:org.opensuse.security:obj:2009031485" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69653 <name>xen-tools</name> 69654 </rpminfo_object> 69655 <rpminfo_object id="oval:org.opensuse.security:obj:2009031486" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69656 <name>xen</name> 69657 </rpminfo_object> 69658 <rpminfo_object id="oval:org.opensuse.security:obj:2009030777" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69659 <name>icu</name> 69660 </rpminfo_object> 69661 <rpminfo_object id="oval:org.opensuse.security:obj:2009031398" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69662 <name>libicu-32bit</name> 69663 </rpminfo_object> 69664 <rpminfo_object id="oval:org.opensuse.security:obj:2009031403" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69665 <name>libicu</name> 69666 </rpminfo_object> 69667 <rpminfo_object id="oval:org.opensuse.security:obj:2009031445" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69668 <name>java-1_6_0-sun-devel</name> 69669 </rpminfo_object> 69670 <rpminfo_object id="oval:org.opensuse.security:obj:2009031998" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69671 <name>subversion-devel</name> 69672 </rpminfo_object> 69673 <rpminfo_object id="oval:org.opensuse.security:obj:2009032000" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69674 <name>subversion</name> 69675 </rpminfo_object> 69676 <rpminfo_object id="oval:org.opensuse.security:obj:2009030431" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69677 <name>ruby</name> 69678 </rpminfo_object> 69679 <rpminfo_object id="oval:org.opensuse.security:obj:2009031078" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69680 <name>pure-ftpd</name> 69681 </rpminfo_object> 69682 <rpminfo_object id="oval:org.opensuse.security:obj:2009030760" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69683 <name>t1lib</name> 69684 </rpminfo_object> 69685 <rpminfo_object id="oval:org.opensuse.security:obj:2009034537" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69686 <name>vino</name> 69687 </rpminfo_object> 69688 <rpminfo_object id="oval:org.opensuse.security:obj:2009030539" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69689 <name>dhcpcd</name> 69690 </rpminfo_object> 69691 <rpminfo_object id="oval:org.opensuse.security:obj:2009034546" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69692 <name>logrotate</name> 69693 </rpminfo_object> 69694 <rpminfo_object id="oval:org.opensuse.security:obj:2009033277" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69695 <name>firefox3-gtk2-32bit</name> 69696 </rpminfo_object> 69697 <rpminfo_object id="oval:org.opensuse.security:obj:2009033278" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69698 <name>firefox3-gtk2</name> 69699 </rpminfo_object> 69700 <rpminfo_object id="oval:org.opensuse.security:obj:2009033688" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69701 <name>mhtml-firefox</name> 69702 </rpminfo_object> 69703 <rpminfo_object id="oval:org.opensuse.security:obj:2009030844" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69704 <name>rdesktop</name> 69705 </rpminfo_object> 69706 <rpminfo_object id="oval:org.opensuse.security:obj:2009034593" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69707 <name>tftp</name> 69708 </rpminfo_object> 69709 <rpminfo_object id="oval:org.opensuse.security:obj:2009032911" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69710 <name>libxcrypt-32bit</name> 69711 </rpminfo_object> 69712 <rpminfo_object id="oval:org.opensuse.security:obj:2009032914" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69713 <name>libxcrypt</name> 69714 </rpminfo_object> 69715 <rpminfo_object id="oval:org.opensuse.security:obj:2009032177" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69716 <name>gdk-pixbuf-32bit</name> 69717 </rpminfo_object> 69718 <rpminfo_object id="oval:org.opensuse.security:obj:2009030591" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69719 <name>gdk-pixbuf</name> 69720 </rpminfo_object> 69721 <rpminfo_object id="oval:org.opensuse.security:obj:2009034616" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69722 <name>opie</name> 69723 </rpminfo_object> 69724 <rpminfo_object id="oval:org.opensuse.security:obj:2009034651" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69725 <name>vpnc</name> 69726 </rpminfo_object> 69727 <rpminfo_object id="oval:org.opensuse.security:obj:2009031074" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69728 <name>foomatic-filters</name> 69729 </rpminfo_object> 69730 <rpminfo_object id="oval:org.opensuse.security:obj:2009032821" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69731 <name>libgssapi-32bit</name> 69732 </rpminfo_object> 69733 <rpminfo_object id="oval:org.opensuse.security:obj:2009032822" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69734 <name>libgssapi</name> 69735 </rpminfo_object> 69736 <rpminfo_object id="oval:org.opensuse.security:obj:2009030528" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69737 <name>curl-32bit</name> 69738 </rpminfo_object> 69739 <rpminfo_object id="oval:org.opensuse.security:obj:2009030595" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69740 <name>curl-devel</name> 69741 </rpminfo_object> 69742 <rpminfo_object id="oval:org.opensuse.security:obj:2009030596" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69743 <name>curl</name> 69744 </rpminfo_object> 69745 <rpminfo_object id="oval:org.opensuse.security:obj:2009030841" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69746 <name>libxslt-32bit</name> 69747 </rpminfo_object> 69748 <rpminfo_object id="oval:org.opensuse.security:obj:2009031708" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69749 <name>libxslt-devel-32bit</name> 69750 </rpminfo_object> 69751 <rpminfo_object id="oval:org.opensuse.security:obj:2009030842" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69752 <name>libxslt-devel</name> 69753 </rpminfo_object> 69754 <rpminfo_object id="oval:org.opensuse.security:obj:2009030843" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69755 <name>libxslt</name> 69756 </rpminfo_object> 69757 <rpminfo_object id="oval:org.opensuse.security:obj:2009031035" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69758 <name>openswan</name> 69759 </rpminfo_object> 69760 <rpminfo_object id="oval:org.opensuse.security:obj:2009030857" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69761 <name>libjasper-32bit</name> 69762 </rpminfo_object> 69763 <rpminfo_object id="oval:org.opensuse.security:obj:2009030858" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69764 <name>libjasper</name> 69765 </rpminfo_object> 69766 <rpminfo_object id="oval:org.opensuse.security:obj:2009030833" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69767 <name>ImageMagick-Magick++</name> 69768 </rpminfo_object> 69769 <rpminfo_object id="oval:org.opensuse.security:obj:2009030421" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69770 <name>ImageMagick-devel</name> 69771 </rpminfo_object> 69772 <rpminfo_object id="oval:org.opensuse.security:obj:2009030422" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69773 <name>ImageMagick</name> 69774 </rpminfo_object> 69775 <rpminfo_object id="oval:org.opensuse.security:obj:2009034991" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69776 <name>inst-source-utils</name> 69777 </rpminfo_object> 69778 <rpminfo_object id="oval:org.opensuse.security:obj:2009030755" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69779 <name>libvorbis-devel</name> 69780 </rpminfo_object> 69781 <rpminfo_object id="oval:org.opensuse.security:obj:2009031943" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69782 <name>cvs</name> 69783 </rpminfo_object> 69784 <rpminfo_object id="oval:org.opensuse.security:obj:2009034907" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69785 <name>taglib-32bit</name> 69786 </rpminfo_object> 69787 <rpminfo_object id="oval:org.opensuse.security:obj:2009034910" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69788 <name>taglib-devel</name> 69789 </rpminfo_object> 69790 <rpminfo_object id="oval:org.opensuse.security:obj:2009034909" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69791 <name>taglib</name> 69792 </rpminfo_object> 69793 <rpminfo_object id="oval:org.opensuse.security:obj:2009034838" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69794 <name>ft2demos</name> 69795 </rpminfo_object> 69796 <rpminfo_object id="oval:org.opensuse.security:obj:2009034898" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69797 <name>python-pam</name> 69798 </rpminfo_object> 69799 <rpminfo_object id="oval:org.opensuse.security:obj:2009033273" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69800 <name>firefox3-cairo-32bit</name> 69801 </rpminfo_object> 69802 <rpminfo_object id="oval:org.opensuse.security:obj:2009033274" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69803 <name>firefox3-cairo</name> 69804 </rpminfo_object> 69805 <rpminfo_object id="oval:org.opensuse.security:obj:2009034966" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69806 <name>jpeg</name> 69807 </rpminfo_object> 69808 <rpminfo_object id="oval:org.opensuse.security:obj:2009034967" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69809 <name>libjpeg-32bit</name> 69810 </rpminfo_object> 69811 <rpminfo_object id="oval:org.opensuse.security:obj:2009034968" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69812 <name>libjpeg-devel-32bit</name> 69813 </rpminfo_object> 69814 <rpminfo_object id="oval:org.opensuse.security:obj:2009034969" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69815 <name>libjpeg-devel</name> 69816 </rpminfo_object> 69817 <rpminfo_object id="oval:org.opensuse.security:obj:2009034970" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69818 <name>libjpeg</name> 69819 </rpminfo_object> 69820 <rpminfo_object id="oval:org.opensuse.security:obj:2009030747" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69821 <name>libexif-32bit</name> 69822 </rpminfo_object> 69823 <rpminfo_object id="oval:org.opensuse.security:obj:2009030484" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69824 <name>libexif</name> 69825 </rpminfo_object> 69826 <rpminfo_object id="oval:org.opensuse.security:obj:2009034975" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69827 <name>quota</name> 69828 </rpminfo_object> 69829 <rpminfo_object id="oval:org.opensuse.security:obj:2009034992" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69830 <name>libotr</name> 69831 </rpminfo_object> 69832 <rpminfo_object id="oval:org.opensuse.security:obj:2009030407" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69833 <name>libxml2-python</name> 69834 </rpminfo_object> 69835 <rpminfo_object id="oval:org.opensuse.security:obj:2009030477" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69836 <name>gpg</name> 69837 </rpminfo_object> 69838 <rpminfo_object id="oval:org.opensuse.security:obj:2009032182" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69839 <name>compat-curl2-32bit</name> 69840 </rpminfo_object> 69841 <rpminfo_object id="oval:org.opensuse.security:obj:2009032184" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69842 <name>compat-curl2</name> 69843 </rpminfo_object> 69844 <rpminfo_object id="oval:org.opensuse.security:obj:2009035155" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69845 <name>Mesa-32bit</name> 69846 </rpminfo_object> 69847 <rpminfo_object id="oval:org.opensuse.security:obj:2009035180" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69848 <name>Mesa-devel-32bit</name> 69849 </rpminfo_object> 69850 <rpminfo_object id="oval:org.opensuse.security:obj:2009035181" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69851 <name>Mesa-devel</name> 69852 </rpminfo_object> 69853 <rpminfo_object id="oval:org.opensuse.security:obj:2009035156" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69854 <name>Mesa</name> 69855 </rpminfo_object> 69856 </objects> 69857 <states> 69858 <rpminfo_state id="oval:org.opensuse.security:ste:2009032190" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69859 <version operation="equals">10</version> 69860 </rpminfo_state> 69861 <rpminfo_state id="oval:org.opensuse.security:ste:2009041060" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69862 <evr datatype="evr_string" operation="less than">0:1.4.3-19.49.53.1</evr> 69863 </rpminfo_state> 69864 <rpminfo_state id="oval:org.opensuse.security:ste:2009032914" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69865 <evr datatype="evr_string" operation="less than">0:6.9.0-50.45</evr> 69866 </rpminfo_state> 69867 <rpminfo_state id="oval:org.opensuse.security:ste:2009032940" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69868 <evr datatype="evr_string" operation="less than">0:2.8.11-0.15</evr> 69869 </rpminfo_state> 69870 <rpminfo_state id="oval:org.opensuse.security:ste:2009032975" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69871 <evr datatype="evr_string" operation="less than">0:0.6.4-60.26</evr> 69872 </rpminfo_state> 69873 <rpminfo_state id="oval:org.opensuse.security:ste:2009032976" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69874 <evr datatype="evr_string" operation="less than">0:0.3.2cvs20060202-20.25</evr> 69875 </rpminfo_state> 69876 <rpminfo_state id="oval:org.opensuse.security:ste:2009032977" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69877 <evr datatype="evr_string" operation="less than">0:0.5.0cvs20060202-19.30</evr> 69878 </rpminfo_state> 69879 <rpminfo_state id="oval:org.opensuse.security:ste:2009032978" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69880 <evr datatype="evr_string" operation="less than">0:1.0.10-30.15</evr> 69881 </rpminfo_state> 69882 <rpminfo_state id="oval:org.opensuse.security:ste:2009032979" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69883 <evr datatype="evr_string" operation="less than">0:1.2.9-6.9</evr> 69884 </rpminfo_state> 69885 <rpminfo_state id="oval:org.opensuse.security:ste:2009032980" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69886 <evr datatype="evr_string" operation="less than">0:1.2.9-12.9</evr> 69887 </rpminfo_state> 69888 <rpminfo_state id="oval:org.opensuse.security:ste:2009032981" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69889 <evr datatype="evr_string" operation="less than">0:0.2.16.3-1.13</evr> 69890 </rpminfo_state> 69891 <rpminfo_state id="oval:org.opensuse.security:ste:2009032982" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69892 <evr datatype="evr_string" operation="less than">0:3.0.24-2.23</evr> 69893 </rpminfo_state> 69894 <rpminfo_state id="oval:org.opensuse.security:ste:2009032983" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69895 <evr datatype="evr_string" operation="less than">0:0.4.0-0.21</evr> 69896 </rpminfo_state> 69897 <rpminfo_state id="oval:org.opensuse.security:ste:2009032984" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69898 <evr datatype="evr_string" operation="less than">0:0.13-21.14</evr> 69899 </rpminfo_state> 69900 <rpminfo_state id="oval:org.opensuse.security:ste:2009032985" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69901 <evr datatype="evr_string" operation="less than">0:3.0.3-23.33</evr> 69902 </rpminfo_state> 69903 <rpminfo_state id="oval:org.opensuse.security:ste:2009032986" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69904 <evr datatype="evr_string" operation="less than">0:0.94-41.22</evr> 69905 </rpminfo_state> 69906 <rpminfo_state id="oval:org.opensuse.security:ste:2009032987" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69907 <evr datatype="evr_string" operation="less than">0:2.6.0-49.55</evr> 69908 </rpminfo_state> 69909 <rpminfo_state id="oval:org.opensuse.security:ste:2009032988" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69910 <evr datatype="evr_string" operation="less than">0:2.6.0-27.34</evr> 69911 </rpminfo_state> 69912 <rpminfo_state id="oval:org.opensuse.security:ste:2009032989" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69913 <evr datatype="evr_string" operation="less than">0:2.4.1-18.14</evr> 69914 </rpminfo_state> 69915 <rpminfo_state id="oval:org.opensuse.security:ste:2009032990" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69916 <evr datatype="evr_string" operation="less than">0:0.3.5-0.16</evr> 69917 </rpminfo_state> 69918 <rpminfo_state id="oval:org.opensuse.security:ste:2009032991" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69919 <evr datatype="evr_string" operation="less than">0:1.5.0-50.17</evr> 69920 </rpminfo_state> 69921 <rpminfo_state id="oval:org.opensuse.security:ste:2009032992" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69922 <evr datatype="evr_string" operation="less than">0:6.6-12.20</evr> 69923 </rpminfo_state> 69924 <rpminfo_state id="oval:org.opensuse.security:ste:2009032993" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69925 <evr datatype="evr_string" operation="less than">0:2.0.18-25.15</evr> 69926 </rpminfo_state> 69927 <rpminfo_state id="oval:org.opensuse.security:ste:2009032994" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69928 <evr datatype="evr_string" operation="less than">0:2.8.6-0.8</evr> 69929 </rpminfo_state> 69930 <rpminfo_state id="oval:org.opensuse.security:ste:2009032995" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69931 <evr datatype="evr_string" operation="less than">0:2.12.3.1-0.8</evr> 69932 </rpminfo_state> 69933 <rpminfo_state id="oval:org.opensuse.security:ste:2009032996" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69934 <evr datatype="evr_string" operation="less than">0:0.1-261.12</evr> 69935 </rpminfo_state> 69936 <rpminfo_state id="oval:org.opensuse.security:ste:2009032997" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69937 <evr datatype="evr_string" operation="less than">0:2.12.3-0.12</evr> 69938 </rpminfo_state> 69939 <rpminfo_state id="oval:org.opensuse.security:ste:2009032998" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69940 <evr datatype="evr_string" operation="less than">0:1.0.0-23.14</evr> 69941 </rpminfo_state> 69942 <rpminfo_state id="oval:org.opensuse.security:ste:2009032999" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69943 <evr datatype="evr_string" operation="less than">0:0.10.5-11.17</evr> 69944 </rpminfo_state> 69945 <rpminfo_state id="oval:org.opensuse.security:ste:2009033000" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69946 <evr datatype="evr_string" operation="less than">0:0.4.0-0.10</evr> 69947 </rpminfo_state> 69948 <rpminfo_state id="oval:org.opensuse.security:ste:2009033001" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69949 <evr datatype="evr_string" operation="less than">0:0.43-20.15</evr> 69950 </rpminfo_state> 69951 <rpminfo_state id="oval:org.opensuse.security:ste:2009033002" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69952 <evr datatype="evr_string" operation="less than">0:0.2.16.3-1.12</evr> 69953 </rpminfo_state> 69954 <rpminfo_state id="oval:org.opensuse.security:ste:2009033003" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69955 <evr datatype="evr_string" operation="less than">0:1.1.3-41.13</evr> 69956 </rpminfo_state> 69957 <rpminfo_state id="oval:org.opensuse.security:ste:2009033004" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69958 <evr datatype="evr_string" operation="less than">0:1.2.2-13.13</evr> 69959 </rpminfo_state> 69960 <rpminfo_state id="oval:org.opensuse.security:ste:2009033005" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69961 <evr datatype="evr_string" operation="less than">0:0.5.2-1.17</evr> 69962 </rpminfo_state> 69963 <rpminfo_state id="oval:org.opensuse.security:ste:2009033006" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69964 <evr datatype="evr_string" operation="less than">0:1.5.22-13.12</evr> 69965 </rpminfo_state> 69966 <rpminfo_state id="oval:org.opensuse.security:ste:2009033007" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69967 <evr datatype="evr_string" operation="less than">0:1.2.0-16.14</evr> 69968 </rpminfo_state> 69969 <rpminfo_state id="oval:org.opensuse.security:ste:2009033008" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69970 <evr datatype="evr_string" operation="less than">0:1.3-28.7</evr> 69971 </rpminfo_state> 69972 <rpminfo_state id="oval:org.opensuse.security:ste:2009033009" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69973 <evr datatype="evr_string" operation="less than">0:0.14.1-24.12</evr> 69974 </rpminfo_state> 69975 <rpminfo_state id="oval:org.opensuse.security:ste:2009033010" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69976 <evr datatype="evr_string" operation="less than">0:1.10.4-0.10</evr> 69977 </rpminfo_state> 69978 <rpminfo_state id="oval:org.opensuse.security:ste:2009033011" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69979 <evr datatype="evr_string" operation="less than">0:0.1.4-5.20</evr> 69980 </rpminfo_state> 69981 <rpminfo_state id="oval:org.opensuse.security:ste:2009033012" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69982 <evr datatype="evr_string" operation="less than">0:2.12.3-21.29</evr> 69983 </rpminfo_state> 69984 <rpminfo_state id="oval:org.opensuse.security:ste:2009033013" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69985 <evr datatype="evr_string" operation="less than">0:0.3.6b-42.49</evr> 69986 </rpminfo_state> 69987 <rpminfo_state id="oval:org.opensuse.security:ste:2009033014" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69988 <evr datatype="evr_string" operation="less than">0:0.6.0-0.21</evr> 69989 </rpminfo_state> 69990 <rpminfo_state id="oval:org.opensuse.security:ste:2009033015" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69991 <evr datatype="evr_string" operation="less than">0:0.9.0-18.10</evr> 69992 </rpminfo_state> 69993 <rpminfo_state id="oval:org.opensuse.security:ste:2009033016" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69994 <evr datatype="evr_string" operation="less than">0:070326-0.5</evr> 69995 </rpminfo_state> 69996 <rpminfo_state id="oval:org.opensuse.security:ste:2009033017" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 69997 <evr datatype="evr_string" operation="less than">0:cvs_060522-0.32</evr> 69998 </rpminfo_state> 69999 <rpminfo_state id="oval:org.opensuse.security:ste:2009033123" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70000 <evr datatype="evr_string" operation="less than">0:6.2.5-16.20</evr> 70001 </rpminfo_state> 70002 <rpminfo_state id="oval:org.opensuse.security:ste:2009033391" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70003 <evr datatype="evr_string" operation="less than">0:3.5.1-69.52</evr> 70004 </rpminfo_state> 70005 <rpminfo_state id="oval:org.opensuse.security:ste:2009033747" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70006 <evr datatype="evr_string" operation="less than">0:0.9.3_2.6.16.46_0.12-6.6</evr> 70007 </rpminfo_state> 70008 <rpminfo_state id="oval:org.opensuse.security:ste:2009037527" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70009 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.58.1</evr> 70010 </rpminfo_state> 70011 <rpminfo_state id="oval:org.opensuse.security:ste:2009034060" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70012 <evr datatype="evr_string" operation="less than">0:3.4.1-0.14</evr> 70013 </rpminfo_state> 70014 <rpminfo_state id="oval:org.opensuse.security:ste:2009034109" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70015 <evr datatype="evr_string" operation="less than">0:1.5.1-15.15</evr> 70016 </rpminfo_state> 70017 <rpminfo_state id="oval:org.opensuse.security:ste:2009034110" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70018 <evr datatype="evr_string" operation="less than">0:0.2.36-19.13</evr> 70019 </rpminfo_state> 70020 <rpminfo_state id="oval:org.opensuse.security:ste:2009034111" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70021 <evr datatype="evr_string" operation="less than">0:2.0-84.51</evr> 70022 </rpminfo_state> 70023 <rpminfo_state id="oval:org.opensuse.security:ste:2009034112" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70024 <evr datatype="evr_string" operation="less than">0:2.3.94-18.16</evr> 70025 </rpminfo_state> 70026 <rpminfo_state id="oval:org.opensuse.security:ste:2009034113" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70027 <evr datatype="evr_string" operation="less than">0:0.6.14-40.9</evr> 70028 </rpminfo_state> 70029 <rpminfo_state id="oval:org.opensuse.security:ste:2009034114" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70030 <evr datatype="evr_string" operation="less than">0:1.2.10-907.11</evr> 70031 </rpminfo_state> 70032 <rpminfo_state id="oval:org.opensuse.security:ste:2009034115" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70033 <evr datatype="evr_string" operation="less than">0:1.0-45.8</evr> 70034 </rpminfo_state> 70035 <rpminfo_state id="oval:org.opensuse.security:ste:2009034116" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70036 <evr datatype="evr_string" operation="less than">0:3.5.1-49.35</evr> 70037 </rpminfo_state> 70038 <rpminfo_state id="oval:org.opensuse.security:ste:2009034117" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70039 <evr datatype="evr_string" operation="less than">0:3.5.1-49.34</evr> 70040 </rpminfo_state> 70041 <rpminfo_state id="oval:org.opensuse.security:ste:2009034118" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70042 <evr datatype="evr_string" operation="less than">0:3.5.1-25.14</evr> 70043 </rpminfo_state> 70044 <rpminfo_state id="oval:org.opensuse.security:ste:2009034119" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70045 <evr datatype="evr_string" operation="less than">0:2.12.3-0.10</evr> 70046 </rpminfo_state> 70047 <rpminfo_state id="oval:org.opensuse.security:ste:2009034120" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70048 <evr datatype="evr_string" operation="less than">0:5.0.26-12.8</evr> 70049 </rpminfo_state> 70050 <rpminfo_state id="oval:org.opensuse.security:ste:2009034121" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70051 <evr datatype="evr_string" operation="less than">0:5.3.0.1-25.15</evr> 70052 </rpminfo_state> 70053 <rpminfo_state id="oval:org.opensuse.security:ste:2009034122" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70054 <evr datatype="evr_string" operation="less than">0:3.3.5-58.24</evr> 70055 </rpminfo_state> 70056 <rpminfo_state id="oval:org.opensuse.security:ste:2009034123" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70057 <evr datatype="evr_string" operation="less than">0:3.3.5-58.22</evr> 70058 </rpminfo_state> 70059 <rpminfo_state id="oval:org.opensuse.security:ste:2009034124" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70060 <evr datatype="evr_string" operation="less than">0:1.02.13-6.9</evr> 70061 </rpminfo_state> 70062 <rpminfo_state id="oval:org.opensuse.security:ste:2009034125" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70063 <evr datatype="evr_string" operation="less than">0:3.2.38-0.6</evr> 70064 </rpminfo_state> 70065 <rpminfo_state id="oval:org.opensuse.security:ste:2009034126" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70066 <evr datatype="evr_string" operation="less than">0:0.7.14-20.7</evr> 70067 </rpminfo_state> 70068 <rpminfo_state id="oval:org.opensuse.security:ste:2009034127" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70069 <evr datatype="evr_string" operation="less than">0:2.6.16.46-0.12</evr> 70070 </rpminfo_state> 70071 <rpminfo_state id="oval:org.opensuse.security:ste:2009034128" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70072 <evr datatype="evr_string" operation="less than">0:7.0.1-22.23</evr> 70073 </rpminfo_state> 70074 <rpminfo_state id="oval:org.opensuse.security:ste:2009034129" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70075 <evr datatype="evr_string" operation="less than">0:0.4-31.9</evr> 70076 </rpminfo_state> 70077 <rpminfo_state id="oval:org.opensuse.security:ste:2009034130" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70078 <evr datatype="evr_string" operation="less than">0:0.9.1-17.16</evr> 70079 </rpminfo_state> 70080 <rpminfo_state id="oval:org.opensuse.security:ste:2009034131" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70081 <evr datatype="evr_string" operation="less than">0:2.6.8-36.8</evr> 70082 </rpminfo_state> 70083 <rpminfo_state id="oval:org.opensuse.security:ste:2009034132" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70084 <evr datatype="evr_string" operation="less than">0:6.0.2-16.19</evr> 70085 </rpminfo_state> 70086 <rpminfo_state id="oval:org.opensuse.security:ste:2009034211" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70087 <evr datatype="evr_string" operation="less than">0:1.2.8-19.6</evr> 70088 </rpminfo_state> 70089 <rpminfo_state id="oval:org.opensuse.security:ste:2009034239" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70090 <evr datatype="evr_string" operation="less than">0:1.0.2-27.16</evr> 70091 </rpminfo_state> 70092 <rpminfo_state id="oval:org.opensuse.security:ste:2009034240" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70093 <evr datatype="evr_string" operation="less than">0:2.12.3-0.21</evr> 70094 </rpminfo_state> 70095 <rpminfo_state id="oval:org.opensuse.security:ste:2009034241" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70096 <evr datatype="evr_string" operation="less than">0:2.12.2-18.14</evr> 70097 </rpminfo_state> 70098 <rpminfo_state id="oval:org.opensuse.security:ste:2009034242" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70099 <evr datatype="evr_string" operation="less than">0:1.6.0-43.53</evr> 70100 </rpminfo_state> 70101 <rpminfo_state id="oval:org.opensuse.security:ste:2009034243" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70102 <evr datatype="evr_string" operation="less than">0:2.8.1-27.14</evr> 70103 </rpminfo_state> 70104 <rpminfo_state id="oval:org.opensuse.security:ste:2009034244" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70105 <evr datatype="evr_string" operation="less than">0:2.2.10-22.20</evr> 70106 </rpminfo_state> 70107 <rpminfo_state id="oval:org.opensuse.security:ste:2009034245" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70108 <evr datatype="evr_string" operation="less than">0:2.12.2-51.14</evr> 70109 </rpminfo_state> 70110 <rpminfo_state id="oval:org.opensuse.security:ste:2009034246" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70111 <evr datatype="evr_string" operation="less than">0:0.32cvs20060120-33.23</evr> 70112 </rpminfo_state> 70113 <rpminfo_state id="oval:org.opensuse.security:ste:2009034247" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70114 <evr datatype="evr_string" operation="less than">0:2.12.2-25.16</evr> 70115 </rpminfo_state> 70116 <rpminfo_state id="oval:org.opensuse.security:ste:2009034248" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70117 <evr datatype="evr_string" operation="less than">0:0.4.6-18.16</evr> 70118 </rpminfo_state> 70119 <rpminfo_state id="oval:org.opensuse.security:ste:2009034249" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70120 <evr datatype="evr_string" operation="less than">0:0.9.8-0.15</evr> 70121 </rpminfo_state> 70122 <rpminfo_state id="oval:org.opensuse.security:ste:2009034250" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70123 <evr datatype="evr_string" operation="less than">0:2.16.1-38.11</evr> 70124 </rpminfo_state> 70125 <rpminfo_state id="oval:org.opensuse.security:ste:2009034251" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70126 <evr datatype="evr_string" operation="less than">0:2.12.3-0.35</evr> 70127 </rpminfo_state> 70128 <rpminfo_state id="oval:org.opensuse.security:ste:2009034252" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70129 <evr datatype="evr_string" operation="less than">0:2.12.2-58.28</evr> 70130 </rpminfo_state> 70131 <rpminfo_state id="oval:org.opensuse.security:ste:2009034253" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70132 <evr datatype="evr_string" operation="less than">0:0.10.4-11.17</evr> 70133 </rpminfo_state> 70134 <rpminfo_state id="oval:org.opensuse.security:ste:2009034254" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70135 <evr datatype="evr_string" operation="less than">0:3.10.0-15.15</evr> 70136 </rpminfo_state> 70137 <rpminfo_state id="oval:org.opensuse.security:ste:2009034255" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70138 <evr datatype="evr_string" operation="less than">0:0.35.2-4.10</evr> 70139 </rpminfo_state> 70140 <rpminfo_state id="oval:org.opensuse.security:ste:2009034256" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70141 <evr datatype="evr_string" operation="less than">0:1.3.91-23.14</evr> 70142 </rpminfo_state> 70143 <rpminfo_state id="oval:org.opensuse.security:ste:2009034257" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70144 <evr datatype="evr_string" operation="less than">0:1.0.0-32.24</evr> 70145 </rpminfo_state> 70146 <rpminfo_state id="oval:org.opensuse.security:ste:2009034258" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70147 <evr datatype="evr_string" operation="less than">0:2.12.1-0.13</evr> 70148 </rpminfo_state> 70149 <rpminfo_state id="oval:org.opensuse.security:ste:2009034259" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70150 <evr datatype="evr_string" operation="less than">0:1.13.99-13.13</evr> 70151 </rpminfo_state> 70152 <rpminfo_state id="oval:org.opensuse.security:ste:2009034260" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70153 <evr datatype="evr_string" operation="less than">0:2.2.90-18.19</evr> 70154 </rpminfo_state> 70155 <rpminfo_state id="oval:org.opensuse.security:ste:2009034261" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70156 <evr datatype="evr_string" operation="less than">0:4.6.4-0.7</evr> 70157 </rpminfo_state> 70158 <rpminfo_state id="oval:org.opensuse.security:ste:2009034262" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70159 <evr datatype="evr_string" operation="less than">0:2.12.2-64.33</evr> 70160 </rpminfo_state> 70161 <rpminfo_state id="oval:org.opensuse.security:ste:2009034263" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70162 <evr datatype="evr_string" operation="less than">0:0.11.17-0.11</evr> 70163 </rpminfo_state> 70164 <rpminfo_state id="oval:org.opensuse.security:ste:2009034313" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70165 <evr datatype="evr_string" operation="less than">0:2.0.7-35.10</evr> 70166 </rpminfo_state> 70167 <rpminfo_state id="oval:org.opensuse.security:ste:2009034314" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70168 <evr datatype="evr_string" operation="less than">0:3.1-69.17</evr> 70169 </rpminfo_state> 70170 <rpminfo_state id="oval:org.opensuse.security:ste:2009034315" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70171 <evr datatype="evr_string" operation="less than">0:2.4-31.30</evr> 70172 </rpminfo_state> 70173 <rpminfo_state id="oval:org.opensuse.security:ste:2009034316" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70174 <evr datatype="evr_string" operation="less than">0:0.97-16.8</evr> 70175 </rpminfo_state> 70176 <rpminfo_state id="oval:org.opensuse.security:ste:2009034317" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70177 <evr datatype="evr_string" operation="less than">0:1.8.9-2.7</evr> 70178 </rpminfo_state> 70179 <rpminfo_state id="oval:org.opensuse.security:ste:2009034318" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70180 <evr datatype="evr_string" operation="less than">0:0.6.9-16.14</evr> 70181 </rpminfo_state> 70182 <rpminfo_state id="oval:org.opensuse.security:ste:2009034319" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70183 <evr datatype="evr_string" operation="less than">0:93r-12.28</evr> 70184 </rpminfo_state> 70185 <rpminfo_state id="oval:org.opensuse.security:ste:2009034320" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70186 <evr datatype="evr_string" operation="less than">0:2.02.17-7.9</evr> 70187 </rpminfo_state> 70188 <rpminfo_state id="oval:org.opensuse.security:ste:2009034432" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70189 <evr datatype="evr_string" operation="less than">0:2.0.0.2-2.13</evr> 70190 </rpminfo_state> 70191 <rpminfo_state id="oval:org.opensuse.security:ste:2009034433" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70192 <evr datatype="evr_string" operation="less than">0:2.9-0.10</evr> 70193 </rpminfo_state> 70194 <rpminfo_state id="oval:org.opensuse.security:ste:2009034434" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70195 <evr datatype="evr_string" operation="less than">0:10.1-31.24</evr> 70196 </rpminfo_state> 70197 <rpminfo_state id="oval:org.opensuse.security:ste:2009034435" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70198 <evr datatype="evr_string" operation="less than">0:3.11.4-0.7</evr> 70199 </rpminfo_state> 70200 <rpminfo_state id="oval:org.opensuse.security:ste:2009034436" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70201 <evr datatype="evr_string" operation="less than">0:2.2.4-21.12</evr> 70202 </rpminfo_state> 70203 <rpminfo_state id="oval:org.opensuse.security:ste:2009034437" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70204 <evr datatype="evr_string" operation="less than">0:1.7-125.37</evr> 70205 </rpminfo_state> 70206 <rpminfo_state id="oval:org.opensuse.security:ste:2009034438" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70207 <evr datatype="evr_string" operation="less than">0:1.7-125.38</evr> 70208 </rpminfo_state> 70209 <rpminfo_state id="oval:org.opensuse.security:ste:2009034439" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70210 <evr datatype="evr_string" operation="less than">0:7.1-121.37</evr> 70211 </rpminfo_state> 70212 <rpminfo_state id="oval:org.opensuse.security:ste:2009034440" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70213 <evr datatype="evr_string" operation="less than">0:7.1-125.37</evr> 70214 </rpminfo_state> 70215 <rpminfo_state id="oval:org.opensuse.security:ste:2009034441" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70216 <evr datatype="evr_string" operation="less than">0:2.7-125.37</evr> 70217 </rpminfo_state> 70218 <rpminfo_state id="oval:org.opensuse.security:ste:2009034442" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70219 <evr datatype="evr_string" operation="less than">0:1.2.9-201.12</evr> 70220 </rpminfo_state> 70221 <rpminfo_state id="oval:org.opensuse.security:ste:2009034443" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70222 <evr datatype="evr_string" operation="less than">0:0.2-66.10</evr> 70223 </rpminfo_state> 70224 <rpminfo_state id="oval:org.opensuse.security:ste:2009034444" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70225 <evr datatype="evr_string" operation="less than">0:6.9.0-46.40</evr> 70226 </rpminfo_state> 70227 <rpminfo_state id="oval:org.opensuse.security:ste:2009034445" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70228 <evr datatype="evr_string" operation="less than">0:2.13.10-0.8</evr> 70229 </rpminfo_state> 70230 <rpminfo_state id="oval:org.opensuse.security:ste:2009034446" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70231 <evr datatype="evr_string" operation="less than">0:2.13.82-0.3</evr> 70232 </rpminfo_state> 70233 <rpminfo_state id="oval:org.opensuse.security:ste:2009034447" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70234 <evr datatype="evr_string" operation="less than">0:2.13.13-0.4</evr> 70235 </rpminfo_state> 70236 <rpminfo_state id="oval:org.opensuse.security:ste:2009034540" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70237 <evr datatype="evr_string" operation="less than">0:0.1-988.11</evr> 70238 </rpminfo_state> 70239 <rpminfo_state id="oval:org.opensuse.security:ste:2009034541" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70240 <evr datatype="evr_string" operation="less than">0:10-12.26</evr> 70241 </rpminfo_state> 70242 <rpminfo_state id="oval:org.opensuse.security:ste:2009034542" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70243 <evr datatype="evr_string" operation="less than">0:2.2.41-0.7</evr> 70244 </rpminfo_state> 70245 <rpminfo_state id="oval:org.opensuse.security:ste:2009034543" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70246 <evr datatype="evr_string" operation="less than">0:3.1.8-921.16</evr> 70247 </rpminfo_state> 70248 <rpminfo_state id="oval:org.opensuse.security:ste:2009034544" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70249 <evr datatype="evr_string" operation="less than">0:2.4.34-0.7</evr> 70250 </rpminfo_state> 70251 <rpminfo_state id="oval:org.opensuse.security:ste:2009034545" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70252 <evr datatype="evr_string" operation="less than">0:4.1.4-23.14</evr> 70253 </rpminfo_state> 70254 <rpminfo_state id="oval:org.opensuse.security:ste:2009034546" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70255 <evr datatype="evr_string" operation="less than">0:2.13.95-0.8</evr> 70256 </rpminfo_state> 70257 <rpminfo_state id="oval:org.opensuse.security:ste:2009034547" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70258 <evr datatype="evr_string" operation="less than">0:3.1-24.14</evr> 70259 </rpminfo_state> 70260 <rpminfo_state id="oval:org.opensuse.security:ste:2009034548" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70261 <evr datatype="evr_string" operation="less than">0:9.3.4-1.8</evr> 70262 </rpminfo_state> 70263 <rpminfo_state id="oval:org.opensuse.security:ste:2009034549" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70264 <evr datatype="evr_string" operation="less than">0:2.16.91.0.5-23.20</evr> 70265 </rpminfo_state> 70266 <rpminfo_state id="oval:org.opensuse.security:ste:2009034550" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70267 <evr datatype="evr_string" operation="less than">0:5.93-22.14</evr> 70268 </rpminfo_state> 70269 <rpminfo_state id="oval:org.opensuse.security:ste:2009034551" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70270 <evr datatype="evr_string" operation="less than">0:2.6-19.12</evr> 70271 </rpminfo_state> 70272 <rpminfo_state id="oval:org.opensuse.security:ste:2009034552" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70273 <evr datatype="evr_string" operation="less than">0:4.1-45.15</evr> 70274 </rpminfo_state> 70275 <rpminfo_state id="oval:org.opensuse.security:ste:2009034553" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70276 <evr datatype="evr_string" operation="less than">0:0.60-33.13</evr> 70277 </rpminfo_state> 70278 <rpminfo_state id="oval:org.opensuse.security:ste:2009034554" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70279 <evr datatype="evr_string" operation="less than">0:0.60-33.16</evr> 70280 </rpminfo_state> 70281 <rpminfo_state id="oval:org.opensuse.security:ste:2009034555" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70282 <evr datatype="evr_string" operation="less than">0:10.1-40.28</evr> 70283 </rpminfo_state> 70284 <rpminfo_state id="oval:org.opensuse.security:ste:2009034556" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70285 <evr datatype="evr_string" operation="less than">0:2.8.7-17.14</evr> 70286 </rpminfo_state> 70287 <rpminfo_state id="oval:org.opensuse.security:ste:2009034557" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70288 <evr datatype="evr_string" operation="less than">0:0.99_1.0.0rc13-0.8</evr> 70289 </rpminfo_state> 70290 <rpminfo_state id="oval:org.opensuse.security:ste:2009034558" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70291 <evr datatype="evr_string" operation="less than">0:2.11-15.10</evr> 70292 </rpminfo_state> 70293 <rpminfo_state id="oval:org.opensuse.security:ste:2009034559" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70294 <evr datatype="evr_string" operation="less than">0:1.38-25.21</evr> 70295 </rpminfo_state> 70296 <rpminfo_state id="oval:org.opensuse.security:ste:2009034560" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70297 <evr datatype="evr_string" operation="less than">0:10-1.12</evr> 70298 </rpminfo_state> 70299 <rpminfo_state id="oval:org.opensuse.security:ste:2009034561" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70300 <evr datatype="evr_string" operation="less than">0:4.2.27-14.10</evr> 70301 </rpminfo_state> 70302 <rpminfo_state id="oval:org.opensuse.security:ste:2009034562" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70303 <evr datatype="evr_string" operation="less than">0:2.5.1a-20.11</evr> 70304 </rpminfo_state> 70305 <rpminfo_state id="oval:org.opensuse.security:ste:2009034563" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70306 <evr datatype="evr_string" operation="less than">0:0.5.6-33.26</evr> 70307 </rpminfo_state> 70308 <rpminfo_state id="oval:org.opensuse.security:ste:2009034564" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70309 <evr datatype="evr_string" operation="less than">0:12.46-0.5</evr> 70310 </rpminfo_state> 70311 <rpminfo_state id="oval:org.opensuse.security:ste:2009034565" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70312 <evr datatype="evr_string" operation="less than">0:1.04.0-20.13</evr> 70313 </rpminfo_state> 70314 <rpminfo_state id="oval:org.opensuse.security:ste:2009034566" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70315 <evr datatype="evr_string" operation="less than">0:ss021109-167.10</evr> 70316 </rpminfo_state> 70317 <rpminfo_state id="oval:org.opensuse.security:ste:2009034567" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70318 <evr datatype="evr_string" operation="less than">0:1.4.1-559.12</evr> 70319 </rpminfo_state> 70320 <rpminfo_state id="oval:org.opensuse.security:ste:2009034568" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70321 <evr datatype="evr_string" operation="less than">0:1.4.3-19.17</evr> 70322 </rpminfo_state> 70323 <rpminfo_state id="oval:org.opensuse.security:ste:2009034569" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70324 <evr datatype="evr_string" operation="less than">0:0.0.4-14.13</evr> 70325 </rpminfo_state> 70326 <rpminfo_state id="oval:org.opensuse.security:ste:2009034570" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70327 <evr datatype="evr_string" operation="less than">0:2.13.8-0.12</evr> 70328 </rpminfo_state> 70329 <rpminfo_state id="oval:org.opensuse.security:ste:2009034571" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70330 <evr datatype="evr_string" operation="less than">0:7.1.1.0_0.8-0.16</evr> 70331 </rpminfo_state> 70332 <rpminfo_state id="oval:org.opensuse.security:ste:2009034572" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70333 <evr datatype="evr_string" operation="less than">0:2.15.10-0.4</evr> 70334 </rpminfo_state> 70335 <rpminfo_state id="oval:org.opensuse.security:ste:2009034573" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70336 <evr datatype="evr_string" operation="less than">0:22.7-19.12</evr> 70337 </rpminfo_state> 70338 <rpminfo_state id="oval:org.opensuse.security:ste:2009034574" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70339 <evr datatype="evr_string" operation="less than">0:1.1.50-0.12</evr> 70340 </rpminfo_state> 70341 <rpminfo_state id="oval:org.opensuse.security:ste:2009034575" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70342 <evr datatype="evr_string" operation="less than">0:1.1.56-0.6</evr> 70343 </rpminfo_state> 70344 <rpminfo_state id="oval:org.opensuse.security:ste:2009034576" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70345 <evr datatype="evr_string" operation="less than">0:11.25-14.14</evr> 70346 </rpminfo_state> 70347 <rpminfo_state id="oval:org.opensuse.security:ste:2009034577" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70348 <evr datatype="evr_string" operation="less than">0:0.7-2.12</evr> 70349 </rpminfo_state> 70350 <rpminfo_state id="oval:org.opensuse.security:ste:2009034578" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70351 <evr datatype="evr_string" operation="less than">0:2.6-0.11</evr> 70352 </rpminfo_state> 70353 <rpminfo_state id="oval:org.opensuse.security:ste:2009034579" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70354 <evr datatype="evr_string" operation="less than">0:1.15-12.8</evr> 70355 </rpminfo_state> 70356 <rpminfo_state id="oval:org.opensuse.security:ste:2009034580" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70357 <evr datatype="evr_string" operation="less than">0:1.2-106.52</evr> 70358 </rpminfo_state> 70359 <rpminfo_state id="oval:org.opensuse.security:ste:2009034581" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70360 <evr datatype="evr_string" operation="less than">0:3.2.2-32.27</evr> 70361 </rpminfo_state> 70362 <rpminfo_state id="oval:org.opensuse.security:ste:2009034582" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70363 <evr datatype="evr_string" operation="less than">0:0.4.7-34.18</evr> 70364 </rpminfo_state> 70365 <rpminfo_state id="oval:org.opensuse.security:ste:2009034583" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70366 <evr datatype="evr_string" operation="less than">0:5.5-18.11</evr> 70367 </rpminfo_state> 70368 <rpminfo_state id="oval:org.opensuse.security:ste:2009034584" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70369 <evr datatype="evr_string" operation="less than">0:1.0.7-36.21</evr> 70370 </rpminfo_state> 70371 <rpminfo_state id="oval:org.opensuse.security:ste:2009034585" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70372 <evr datatype="evr_string" operation="less than">0:0.12-16.12</evr> 70373 </rpminfo_state> 70374 <rpminfo_state id="oval:org.opensuse.security:ste:2009034586" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70375 <evr datatype="evr_string" operation="less than">0:2.3.32-0.10</evr> 70376 </rpminfo_state> 70377 <rpminfo_state id="oval:org.opensuse.security:ste:2009034587" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70378 <evr datatype="evr_string" operation="less than">0:4.2p1-18.25</evr> 70379 </rpminfo_state> 70380 <rpminfo_state id="oval:org.opensuse.security:ste:2009034588" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70381 <evr datatype="evr_string" operation="less than">0:0.99.6.3-28.8</evr> 70382 </rpminfo_state> 70383 <rpminfo_state id="oval:org.opensuse.security:ste:2009034589" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70384 <evr datatype="evr_string" operation="less than">0:10-2.11</evr> 70385 </rpminfo_state> 70386 <rpminfo_state id="oval:org.opensuse.security:ste:2009034590" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70387 <evr datatype="evr_string" operation="less than">0:1.6.25.1-15.13</evr> 70388 </rpminfo_state> 70389 <rpminfo_state id="oval:org.opensuse.security:ste:2009034591" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70390 <evr datatype="evr_string" operation="less than">0:2.2.4-16.9</evr> 70391 </rpminfo_state> 70392 <rpminfo_state id="oval:org.opensuse.security:ste:2009034592" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70393 <evr datatype="evr_string" operation="less than">0:1.2.9_beta9-17.10</evr> 70394 </rpminfo_state> 70395 <rpminfo_state id="oval:org.opensuse.security:ste:2009034593" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70396 <evr datatype="evr_string" operation="less than">0:0.4.15-0.6</evr> 70397 </rpminfo_state> 70398 <rpminfo_state id="oval:org.opensuse.security:ste:2009034594" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70399 <evr datatype="evr_string" operation="less than">0:2007.2.15-0.7</evr> 70400 </rpminfo_state> 70401 <rpminfo_state id="oval:org.opensuse.security:ste:2009034595" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70402 <evr datatype="evr_string" operation="less than">0:1.7-271.19</evr> 70403 </rpminfo_state> 70404 <rpminfo_state id="oval:org.opensuse.security:ste:2009034596" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70405 <evr datatype="evr_string" operation="less than">0:5beta-749.10</evr> 70406 </rpminfo_state> 70407 <rpminfo_state id="oval:org.opensuse.security:ste:2009034597" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70408 <evr datatype="evr_string" operation="less than">0:2.2.9-10.18</evr> 70409 </rpminfo_state> 70410 <rpminfo_state id="oval:org.opensuse.security:ste:2009034598" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70411 <evr datatype="evr_string" operation="less than">0:0.12.26-0.6</evr> 70412 </rpminfo_state> 70413 <rpminfo_state id="oval:org.opensuse.security:ste:2009034599" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70414 <evr datatype="evr_string" operation="less than">0:18-55.12</evr> 70415 </rpminfo_state> 70416 <rpminfo_state id="oval:org.opensuse.security:ste:2009034600" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70417 <evr datatype="evr_string" operation="less than">0:3.0.7.1-17.24</evr> 70418 </rpminfo_state> 70419 <rpminfo_state id="oval:org.opensuse.security:ste:2009034601" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70420 <evr datatype="evr_string" operation="less than">0:5.1-24.13</evr> 70421 </rpminfo_state> 70422 <rpminfo_state id="oval:org.opensuse.security:ste:2009034602" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70423 <evr datatype="evr_string" operation="less than">0:3.6.19-19.12</evr> 70424 </rpminfo_state> 70425 <rpminfo_state id="oval:org.opensuse.security:ste:2009034603" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70426 <evr datatype="evr_string" operation="less than">0:4.4.2-43.19</evr> 70427 </rpminfo_state> 70428 <rpminfo_state id="oval:org.opensuse.security:ste:2009034604" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70429 <evr datatype="evr_string" operation="less than">0:7.2.0.0-0.8</evr> 70430 </rpminfo_state> 70431 <rpminfo_state id="oval:org.opensuse.security:ste:2009034605" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70432 <evr datatype="evr_string" operation="less than">0:1.1.3-18.16</evr> 70433 </rpminfo_state> 70434 <rpminfo_state id="oval:org.opensuse.security:ste:2009034606" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70435 <evr datatype="evr_string" operation="less than">0:4.0.2-62.14</evr> 70436 </rpminfo_state> 70437 <rpminfo_state id="oval:org.opensuse.security:ste:2009034607" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70438 <evr datatype="evr_string" operation="less than">0:1.7_2.36_1.19_0.17_0.97-12.14</evr> 70439 </rpminfo_state> 70440 <rpminfo_state id="oval:org.opensuse.security:ste:2009034608" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70441 <evr datatype="evr_string" operation="less than">0:4.1.4-17.11</evr> 70442 </rpminfo_state> 70443 <rpminfo_state id="oval:org.opensuse.security:ste:2009034609" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70444 <evr datatype="evr_string" operation="less than">0:10-9.22</evr> 70445 </rpminfo_state> 70446 <rpminfo_state id="oval:org.opensuse.security:ste:2009034610" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70447 <evr datatype="evr_string" operation="less than">0:1.6.8p12-18.14</evr> 70448 </rpminfo_state> 70449 <rpminfo_state id="oval:org.opensuse.security:ste:2009034611" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70450 <evr datatype="evr_string" operation="less than">0:1.2-9.26</evr> 70451 </rpminfo_state> 70452 <rpminfo_state id="oval:org.opensuse.security:ste:2009034612" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70453 <evr datatype="evr_string" operation="less than">0:0.50.9-13.25</evr> 70454 </rpminfo_state> 70455 <rpminfo_state id="oval:org.opensuse.security:ste:2009034613" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70456 <evr datatype="evr_string" operation="less than">0:1.3.0-16.10</evr> 70457 </rpminfo_state> 70458 <rpminfo_state id="oval:org.opensuse.security:ste:2009034614" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70459 <evr datatype="evr_string" operation="less than">0:3.11-20.11</evr> 70460 </rpminfo_state> 70461 <rpminfo_state id="oval:org.opensuse.security:ste:2009034615" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70462 <evr datatype="evr_string" operation="less than">0:2.86-21.15</evr> 70463 </rpminfo_state> 70464 <rpminfo_state id="oval:org.opensuse.security:ste:2009034616" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70465 <evr datatype="evr_string" operation="less than">0:085-30.37</evr> 70466 </rpminfo_state> 70467 <rpminfo_state id="oval:org.opensuse.security:ste:2009034617" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70468 <evr datatype="evr_string" operation="less than">0:1.1-146.10</evr> 70469 </rpminfo_state> 70470 <rpminfo_state id="oval:org.opensuse.security:ste:2009034618" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70471 <evr datatype="evr_string" operation="less than">0:2.12r-35.22</evr> 70472 </rpminfo_state> 70473 <rpminfo_state id="oval:org.opensuse.security:ste:2009034619" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70474 <evr datatype="evr_string" operation="less than">0:28pre13-22.12</evr> 70475 </rpminfo_state> 70476 <rpminfo_state id="oval:org.opensuse.security:ste:2009034620" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70477 <evr datatype="evr_string" operation="less than">0:2.8.16-0.10</evr> 70478 </rpminfo_state> 70479 <rpminfo_state id="oval:org.opensuse.security:ste:2009034621" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70480 <evr datatype="evr_string" operation="less than">0:4.2.0a-70.14</evr> 70481 </rpminfo_state> 70482 <rpminfo_state id="oval:org.opensuse.security:ste:2009034622" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70483 <evr datatype="evr_string" operation="less than">0:2.13.5-0.12</evr> 70484 </rpminfo_state> 70485 <rpminfo_state id="oval:org.opensuse.security:ste:2009034623" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70486 <evr datatype="evr_string" operation="less than">0:2.13.97-0.4</evr> 70487 </rpminfo_state> 70488 <rpminfo_state id="oval:org.opensuse.security:ste:2009034624" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70489 <evr datatype="evr_string" operation="less than">0:2.13.39-0.3</evr> 70490 </rpminfo_state> 70491 <rpminfo_state id="oval:org.opensuse.security:ste:2009034625" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70492 <evr datatype="evr_string" operation="less than">0:2.13.52-0.9</evr> 70493 </rpminfo_state> 70494 <rpminfo_state id="oval:org.opensuse.security:ste:2009034626" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70495 <evr datatype="evr_string" operation="less than">0:2.13.15-0.10</evr> 70496 </rpminfo_state> 70497 <rpminfo_state id="oval:org.opensuse.security:ste:2009034627" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70498 <evr datatype="evr_string" operation="less than">0:2.13.7-0.9</evr> 70499 </rpminfo_state> 70500 <rpminfo_state id="oval:org.opensuse.security:ste:2009034628" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70501 <evr datatype="evr_string" operation="less than">0:2.13.8-0.6</evr> 70502 </rpminfo_state> 70503 <rpminfo_state id="oval:org.opensuse.security:ste:2009034629" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70504 <evr datatype="evr_string" operation="less than">0:2.13.192-0.4</evr> 70505 </rpminfo_state> 70506 <rpminfo_state id="oval:org.opensuse.security:ste:2009034630" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70507 <evr datatype="evr_string" operation="less than">0:2.13.3-0.11</evr> 70508 </rpminfo_state> 70509 <rpminfo_state id="oval:org.opensuse.security:ste:2009034631" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70510 <evr datatype="evr_string" operation="less than">0:2.13.11-0.10</evr> 70511 </rpminfo_state> 70512 <rpminfo_state id="oval:org.opensuse.security:ste:2009034632" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70513 <evr datatype="evr_string" operation="less than">0:2.13.27-0.11</evr> 70514 </rpminfo_state> 70515 <rpminfo_state id="oval:org.opensuse.security:ste:2009034633" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70516 <evr datatype="evr_string" operation="less than">0:2.13.5-1.11</evr> 70517 </rpminfo_state> 70518 <rpminfo_state id="oval:org.opensuse.security:ste:2009034634" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70519 <evr datatype="evr_string" operation="less than">0:2.13.8-0.11</evr> 70520 </rpminfo_state> 70521 <rpminfo_state id="oval:org.opensuse.security:ste:2009034635" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70522 <evr datatype="evr_string" operation="less than">0:2.13.66-0.12</evr> 70523 </rpminfo_state> 70524 <rpminfo_state id="oval:org.opensuse.security:ste:2009034636" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70525 <evr datatype="evr_string" operation="less than">0:2.13.98-0.7</evr> 70526 </rpminfo_state> 70527 <rpminfo_state id="oval:org.opensuse.security:ste:2009034637" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70528 <evr datatype="evr_string" operation="less than">0:2.13.4-0.11</evr> 70529 </rpminfo_state> 70530 <rpminfo_state id="oval:org.opensuse.security:ste:2009034638" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70531 <evr datatype="evr_string" operation="less than">0:2.13.17-0.10</evr> 70532 </rpminfo_state> 70533 <rpminfo_state id="oval:org.opensuse.security:ste:2009034639" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70534 <evr datatype="evr_string" operation="less than">0:2.13.59-0.3</evr> 70535 </rpminfo_state> 70536 <rpminfo_state id="oval:org.opensuse.security:ste:2009034640" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70537 <evr datatype="evr_string" operation="less than">0:2.13.175-0.5</evr> 70538 </rpminfo_state> 70539 <rpminfo_state id="oval:org.opensuse.security:ste:2009034641" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70540 <evr datatype="evr_string" operation="less than">0:2.13.5-0.11</evr> 70541 </rpminfo_state> 70542 <rpminfo_state id="oval:org.opensuse.security:ste:2009034642" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70543 <evr datatype="evr_string" operation="less than">0:2.13.11-0.17</evr> 70544 </rpminfo_state> 70545 <rpminfo_state id="oval:org.opensuse.security:ste:2009034643" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70546 <evr datatype="evr_string" operation="less than">0:2.13.117-0.13</evr> 70547 </rpminfo_state> 70548 <rpminfo_state id="oval:org.opensuse.security:ste:2009034644" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70549 <evr datatype="evr_string" operation="less than">0:2.13.9-0.9</evr> 70550 </rpminfo_state> 70551 <rpminfo_state id="oval:org.opensuse.security:ste:2009034645" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70552 <evr datatype="evr_string" operation="less than">0:2.13.8-0.10</evr> 70553 </rpminfo_state> 70554 <rpminfo_state id="oval:org.opensuse.security:ste:2009034646" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70555 <evr datatype="evr_string" operation="less than">0:2.13.32-1.13</evr> 70556 </rpminfo_state> 70557 <rpminfo_state id="oval:org.opensuse.security:ste:2009034647" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70558 <evr datatype="evr_string" operation="less than">0:2.13.6-0.12</evr> 70559 </rpminfo_state> 70560 <rpminfo_state id="oval:org.opensuse.security:ste:2009034648" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70561 <evr datatype="evr_string" operation="less than">0:2.13.10-0.13</evr> 70562 </rpminfo_state> 70563 <rpminfo_state id="oval:org.opensuse.security:ste:2009034649" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70564 <evr datatype="evr_string" operation="less than">0:2.13.2-0.13</evr> 70565 </rpminfo_state> 70566 <rpminfo_state id="oval:org.opensuse.security:ste:2009034650" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70567 <evr datatype="evr_string" operation="less than">0:2.13.11-0.11</evr> 70568 </rpminfo_state> 70569 <rpminfo_state id="oval:org.opensuse.security:ste:2009034651" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70570 <evr datatype="evr_string" operation="less than">0:2.13.36-0.8</evr> 70571 </rpminfo_state> 70572 <rpminfo_state id="oval:org.opensuse.security:ste:2009034652" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70573 <evr datatype="evr_string" operation="less than">0:2.13.5-0.13</evr> 70574 </rpminfo_state> 70575 <rpminfo_state id="oval:org.opensuse.security:ste:2009034653" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70576 <evr datatype="evr_string" operation="less than">0:2.13.7-0.11</evr> 70577 </rpminfo_state> 70578 <rpminfo_state id="oval:org.opensuse.security:ste:2009034654" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70579 <evr datatype="evr_string" operation="less than">0:2.13.4-0.17</evr> 70580 </rpminfo_state> 70581 <rpminfo_state id="oval:org.opensuse.security:ste:2009034655" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70582 <evr datatype="evr_string" operation="less than">0:2.13.94-0.4</evr> 70583 </rpminfo_state> 70584 <rpminfo_state id="oval:org.opensuse.security:ste:2009034656" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70585 <evr datatype="evr_string" operation="less than">0:2.13.6-0.10</evr> 70586 </rpminfo_state> 70587 <rpminfo_state id="oval:org.opensuse.security:ste:2009034657" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70588 <evr datatype="evr_string" operation="less than">0:0.4.5-3.20</evr> 70589 </rpminfo_state> 70590 <rpminfo_state id="oval:org.opensuse.security:ste:2009034658" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70591 <evr datatype="evr_string" operation="less than">0:2.11.0-21.18</evr> 70592 </rpminfo_state> 70593 <rpminfo_state id="oval:org.opensuse.security:ste:2009034659" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70594 <evr datatype="evr_string" operation="less than">0:2.13.4-0.10</evr> 70595 </rpminfo_state> 70596 <rpminfo_state id="oval:org.opensuse.security:ste:2009034660" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70597 <evr datatype="evr_string" operation="less than">0:2.13.12-0.8</evr> 70598 </rpminfo_state> 70599 <rpminfo_state id="oval:org.opensuse.security:ste:2009034661" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70600 <evr datatype="evr_string" operation="less than">0:2.13.9-0.11</evr> 70601 </rpminfo_state> 70602 <rpminfo_state id="oval:org.opensuse.security:ste:2009034662" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70603 <evr datatype="evr_string" operation="less than">0:2.13.52-0.4</evr> 70604 </rpminfo_state> 70605 <rpminfo_state id="oval:org.opensuse.security:ste:2009034663" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70606 <evr datatype="evr_string" operation="less than">0:2.13.55-0.4</evr> 70607 </rpminfo_state> 70608 <rpminfo_state id="oval:org.opensuse.security:ste:2009034664" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70609 <evr datatype="evr_string" operation="less than">0:2.13.77-0.4</evr> 70610 </rpminfo_state> 70611 <rpminfo_state id="oval:org.opensuse.security:ste:2009034665" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70612 <evr datatype="evr_string" operation="less than">0:2.13.4-0.8</evr> 70613 </rpminfo_state> 70614 <rpminfo_state id="oval:org.opensuse.security:ste:2009034666" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70615 <evr datatype="evr_string" operation="less than">0:2.13.104-0.7</evr> 70616 </rpminfo_state> 70617 <rpminfo_state id="oval:org.opensuse.security:ste:2009034667" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70618 <evr datatype="evr_string" operation="less than">0:7.2.0-0.9</evr> 70619 </rpminfo_state> 70620 <rpminfo_state id="oval:org.opensuse.security:ste:2009034668" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70621 <evr datatype="evr_string" operation="less than">0:7.2.0.0-0.13</evr> 70622 </rpminfo_state> 70623 <rpminfo_state id="oval:org.opensuse.security:ste:2009034669" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70624 <evr datatype="evr_string" operation="less than">0:0.6.17-0.16</evr> 70625 </rpminfo_state> 70626 <rpminfo_state id="oval:org.opensuse.security:ste:2009034678" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70627 <evr datatype="evr_string" operation="less than">0:246-14.13</evr> 70628 </rpminfo_state> 70629 <rpminfo_state id="oval:org.opensuse.security:ste:2009034679" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70630 <evr datatype="evr_string" operation="less than">0:180-13.12</evr> 70631 </rpminfo_state> 70632 <rpminfo_state id="oval:org.opensuse.security:ste:2009034681" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70633 <evr datatype="evr_string" operation="less than">0:0.1r588481-1.17</evr> 70634 </rpminfo_state> 70635 <rpminfo_state id="oval:org.opensuse.security:ste:2009034682" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70636 <evr datatype="evr_string" operation="less than">0:1.3.8-34.14</evr> 70637 </rpminfo_state> 70638 <rpminfo_state id="oval:org.opensuse.security:ste:2009034683" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70639 <evr datatype="evr_string" operation="less than">0:10.1_20070202-0.13</evr> 70640 </rpminfo_state> 70641 <rpminfo_state id="oval:org.opensuse.security:ste:2009034684" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70642 <evr datatype="evr_string" operation="less than">0:0.8.2-39.9</evr> 70643 </rpminfo_state> 70644 <rpminfo_state id="oval:org.opensuse.security:ste:2009034685" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70645 <evr datatype="evr_string" operation="less than">0:0.8.2-36.9</evr> 70646 </rpminfo_state> 70647 <rpminfo_state id="oval:org.opensuse.security:ste:2009034686" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70648 <evr datatype="evr_string" operation="less than">0:9.0.31.0-1.7</evr> 70649 </rpminfo_state> 70650 <rpminfo_state id="oval:org.opensuse.security:ste:2009034687" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70651 <evr datatype="evr_string" operation="less than">0:0.7cvs20060209-22.13</evr> 70652 </rpminfo_state> 70653 <rpminfo_state id="oval:org.opensuse.security:ste:2009034688" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70654 <evr datatype="evr_string" operation="less than">0:3.5.1-18.14</evr> 70655 </rpminfo_state> 70656 <rpminfo_state id="oval:org.opensuse.security:ste:2009034689" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70657 <evr datatype="evr_string" operation="less than">0:3.5.1-20.15</evr> 70658 </rpminfo_state> 70659 <rpminfo_state id="oval:org.opensuse.security:ste:2009034690" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70660 <evr datatype="evr_string" operation="less than">0:3.5.1-32.24</evr> 70661 </rpminfo_state> 70662 <rpminfo_state id="oval:org.opensuse.security:ste:2009034691" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70663 <evr datatype="evr_string" operation="less than">0:3.5.1-41.30</evr> 70664 </rpminfo_state> 70665 <rpminfo_state id="oval:org.opensuse.security:ste:2009034692" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70666 <evr datatype="evr_string" operation="less than">0:0.2.2-0.14</evr> 70667 </rpminfo_state> 70668 <rpminfo_state id="oval:org.opensuse.security:ste:2009034693" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70669 <evr datatype="evr_string" operation="less than">0:0.75-19.14</evr> 70670 </rpminfo_state> 70671 <rpminfo_state id="oval:org.opensuse.security:ste:2009034694" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70672 <evr datatype="evr_string" operation="less than">0:1.16-25.13</evr> 70673 </rpminfo_state> 70674 <rpminfo_state id="oval:org.opensuse.security:ste:2009034695" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70675 <evr datatype="evr_string" operation="less than">0:0.5.3-17.14</evr> 70676 </rpminfo_state> 70677 <rpminfo_state id="oval:org.opensuse.security:ste:2009034696" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70678 <evr datatype="evr_string" operation="less than">0:1.7.1271-3.8</evr> 70679 </rpminfo_state> 70680 <rpminfo_state id="oval:org.opensuse.security:ste:2009034763" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70681 <evr datatype="evr_string" operation="less than">0:2.1-0.21</evr> 70682 </rpminfo_state> 70683 <rpminfo_state id="oval:org.opensuse.security:ste:2009034764" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70684 <evr datatype="evr_string" operation="less than">0:8.2-171.6</evr> 70685 </rpminfo_state> 70686 <rpminfo_state id="oval:org.opensuse.security:ste:2009040340" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70687 <evr datatype="evr_string" operation="less than">0:0.6.6-0.21.5</evr> 70688 </rpminfo_state> 70689 <rpminfo_state id="oval:org.opensuse.security:ste:2009040341" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70690 <evr datatype="evr_string" operation="less than">0:0.4.8-14.29.5</evr> 70691 </rpminfo_state> 70692 <rpminfo_state id="oval:org.opensuse.security:ste:2009040428" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70693 <evr datatype="evr_string" operation="less than">0:0.9.8a-18.64.3</evr> 70694 </rpminfo_state> 70695 <rpminfo_state id="oval:org.opensuse.security:ste:2009037263" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70696 <evr datatype="evr_string" operation="less than">0:8.1.7-0.5.1</evr> 70697 </rpminfo_state> 70698 <rpminfo_state id="oval:org.opensuse.security:ste:2009035078" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70699 <evr datatype="evr_string" operation="less than">0:2.0.5-0.9</evr> 70700 </rpminfo_state> 70701 <rpminfo_state id="oval:org.opensuse.security:ste:2009035079" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70702 <evr datatype="evr_string" operation="less than">0:2.2.5-0.7</evr> 70703 </rpminfo_state> 70704 <rpminfo_state id="oval:org.opensuse.security:ste:2009038208" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70705 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.66.1</evr> 70706 </rpminfo_state> 70707 <rpminfo_state id="oval:org.opensuse.security:ste:2009035895" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70708 <evr datatype="evr_string" operation="less than">0:0.8.2-37.9</evr> 70709 </rpminfo_state> 70710 <rpminfo_state id="oval:org.opensuse.security:ste:2009039937" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70711 <evr datatype="evr_string" operation="less than">0:2.4-31.77.76.1</evr> 70712 </rpminfo_state> 70713 <rpminfo_state id="oval:org.opensuse.security:ste:2009039479" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70714 <evr datatype="evr_string" operation="less than">0:0.60-33.29.1</evr> 70715 </rpminfo_state> 70716 <rpminfo_state id="oval:org.opensuse.security:ste:2009038912" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70717 <evr datatype="evr_string" operation="less than">0:0.2-881.9.1</evr> 70718 </rpminfo_state> 70719 <rpminfo_state id="oval:org.opensuse.security:ste:2009038210" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70720 <evr datatype="evr_string" operation="less than">0:9.0.277.0-0.4.1</evr> 70721 </rpminfo_state> 70722 <rpminfo_state id="oval:org.opensuse.security:ste:2009038868" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70723 <evr datatype="evr_string" operation="less than">0:3.5.1-32.34.1</evr> 70724 </rpminfo_state> 70725 <rpminfo_state id="oval:org.opensuse.security:ste:2009039752" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70726 <evr datatype="evr_string" operation="less than">0:0.9.7g-13.21.1</evr> 70727 </rpminfo_state> 70728 <rpminfo_state id="oval:org.opensuse.security:ste:2009039224" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70729 <evr datatype="evr_string" operation="less than">0:0.2.6-17.10.14</evr> 70730 </rpminfo_state> 70731 <rpminfo_state id="oval:org.opensuse.security:ste:2009039150" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70732 <evr datatype="evr_string" operation="less than">0:0.2.6-17.10.8</evr> 70733 </rpminfo_state> 70734 <rpminfo_state id="oval:org.opensuse.security:ste:2009039151" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70735 <evr datatype="evr_string" operation="less than">0:0.2.6-17.10.7</evr> 70736 </rpminfo_state> 70737 <rpminfo_state id="oval:org.opensuse.security:ste:2009038284" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70738 <evr datatype="evr_string" operation="less than">0:3.5.10-0.4.1</evr> 70739 </rpminfo_state> 70740 <rpminfo_state id="oval:org.opensuse.security:ste:2009038285" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70741 <evr datatype="evr_string" operation="less than">0:1.9.1.10-1.4.1</evr> 70742 </rpminfo_state> 70743 <rpminfo_state id="oval:org.opensuse.security:ste:2009039806" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70744 <evr datatype="evr_string" operation="less than">0:1.2.8-19.31.9</evr> 70745 </rpminfo_state> 70746 <rpminfo_state id="oval:org.opensuse.security:ste:2009037898" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70747 <evr datatype="evr_string" operation="less than">0:5.0.26-12.28.1</evr> 70748 </rpminfo_state> 70749 <rpminfo_state id="oval:org.opensuse.security:ste:2009038725" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70750 <evr datatype="evr_string" operation="less than">0:0.9.8a-18.43.1</evr> 70751 </rpminfo_state> 70752 <rpminfo_state id="oval:org.opensuse.security:ste:2009037876" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70753 <evr datatype="evr_string" operation="less than">0:3.2-0.6.1</evr> 70754 </rpminfo_state> 70755 <rpminfo_state id="oval:org.opensuse.security:ste:2009038133" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70756 <evr datatype="evr_string" operation="less than">0:1.6.0-43.92.1</evr> 70757 </rpminfo_state> 70758 <rpminfo_state id="oval:org.opensuse.security:ste:2009037511" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70759 <evr datatype="evr_string" operation="less than">0:3.5.1-49.53.1</evr> 70760 </rpminfo_state> 70761 <rpminfo_state id="oval:org.opensuse.security:ste:2009037296" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70762 <evr datatype="evr_string" operation="less than">0:3.5.4-1.4.1</evr> 70763 </rpminfo_state> 70764 <rpminfo_state id="oval:org.opensuse.security:ste:2009037297" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70765 <evr datatype="evr_string" operation="less than">0:1.9.1.4-2.4.1</evr> 70766 </rpminfo_state> 70767 <rpminfo_state id="oval:org.opensuse.security:ste:2009037298" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70768 <evr datatype="evr_string" operation="less than">0:1.9.0.15-0.4.2</evr> 70769 </rpminfo_state> 70770 <rpminfo_state id="oval:org.opensuse.security:ste:2009037322" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70771 <evr datatype="evr_string" operation="less than">0:4.8.2-1.5.1</evr> 70772 </rpminfo_state> 70773 <rpminfo_state id="oval:org.opensuse.security:ste:2009037677" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70774 <evr datatype="evr_string" operation="less than">0:0.6.5-29.26.1</evr> 70775 </rpminfo_state> 70776 <rpminfo_state id="oval:org.opensuse.security:ste:2009037340" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70777 <evr datatype="evr_string" operation="less than">0:4.3.4-0.7.1</evr> 70778 </rpminfo_state> 70779 <rpminfo_state id="oval:org.opensuse.security:ste:2009038818" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70780 <evr datatype="evr_string" operation="less than">0:3.5.1-23.30.4</evr> 70781 </rpminfo_state> 70782 <rpminfo_state id="oval:org.opensuse.security:ste:2009037337" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70783 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.57.1</evr> 70784 </rpminfo_state> 70785 <rpminfo_state id="oval:org.opensuse.security:ste:2009038640" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70786 <evr datatype="evr_string" operation="less than">0:1.14.5-0.10.1</evr> 70787 </rpminfo_state> 70788 <rpminfo_state id="oval:org.opensuse.security:ste:2009037721" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70789 <evr datatype="evr_string" operation="less than">0:1.10.2-23.8.1</evr> 70790 </rpminfo_state> 70791 <rpminfo_state id="oval:org.opensuse.security:ste:2009038034" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70792 <evr datatype="evr_string" operation="less than">0:2.2.10-22.33.1</evr> 70793 </rpminfo_state> 70794 <rpminfo_state id="oval:org.opensuse.security:ste:2009037790" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70795 <evr datatype="evr_string" operation="less than">0:1.9.0.18-0.4.1</evr> 70796 </rpminfo_state> 70797 <rpminfo_state id="oval:org.opensuse.security:ste:2009037797" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70798 <evr datatype="evr_string" operation="less than">0:3.5.8-0.4.1</evr> 70799 </rpminfo_state> 70800 <rpminfo_state id="oval:org.opensuse.security:ste:2009037796" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70801 <evr datatype="evr_string" operation="less than">0:1.9.1.8-1.4.1</evr> 70802 </rpminfo_state> 70803 <rpminfo_state id="oval:org.opensuse.security:ste:2009038808" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70804 <evr datatype="evr_string" operation="less than">0:3.5.1-49.55.1</evr> 70805 </rpminfo_state> 70806 <rpminfo_state id="oval:org.opensuse.security:ste:2009037299" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70807 <evr datatype="evr_string" operation="less than">0:2.3.32-0.36.91</evr> 70808 </rpminfo_state> 70809 <rpminfo_state id="oval:org.opensuse.security:ste:2009037300" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70810 <evr datatype="evr_string" operation="less than">0:2.3.32-0.36.50</evr> 70811 </rpminfo_state> 70812 <rpminfo_state id="oval:org.opensuse.security:ste:2009037278" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70813 <evr datatype="evr_string" operation="less than">0:0.24.7-20.8.1</evr> 70814 </rpminfo_state> 70815 <rpminfo_state id="oval:org.opensuse.security:ste:2009037240" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70816 <evr datatype="evr_string" operation="less than">0:1.2.2-13.9.1</evr> 70817 </rpminfo_state> 70818 <rpminfo_state id="oval:org.opensuse.security:ste:2009037241" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70819 <evr datatype="evr_string" operation="less than">0:1.2.2-13.8.1</evr> 70820 </rpminfo_state> 70821 <rpminfo_state id="oval:org.opensuse.security:ste:2009037572" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70822 <evr datatype="evr_string" operation="less than">0:1.5.0_sr11-0.4.2</evr> 70823 </rpminfo_state> 70824 <rpminfo_state id="oval:org.opensuse.security:ste:2009037400" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70825 <evr datatype="evr_string" operation="less than">0:0.10.14-16.39.1</evr> 70826 </rpminfo_state> 70827 <rpminfo_state id="oval:org.opensuse.security:ste:2009037894" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70828 <evr datatype="evr_string" operation="less than">0:0.10.14-16.41.1</evr> 70829 </rpminfo_state> 70830 <rpminfo_state id="oval:org.opensuse.security:ste:2009037927" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70831 <evr datatype="evr_string" operation="less than">0:2.5.STABLE12-18.13.982.2.1</evr> 70832 </rpminfo_state> 70833 <rpminfo_state id="oval:org.opensuse.security:ste:2009038144" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70834 <evr datatype="evr_string" operation="less than">0:2.4.2-18.29.2</evr> 70835 </rpminfo_state> 70836 <rpminfo_state id="oval:org.opensuse.security:ste:2009038126" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70837 <evr datatype="evr_string" operation="less than">0:1.0.8-0.6.1</evr> 70838 </rpminfo_state> 70839 <rpminfo_state id="oval:org.opensuse.security:ste:2009038262" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70840 <evr datatype="evr_string" operation="less than">0:1.1.2-13.17.1</evr> 70841 </rpminfo_state> 70842 <rpminfo_state id="oval:org.opensuse.security:ste:2009037249" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70843 <evr datatype="evr_string" operation="less than">0:3.0.36-0.7.1</evr> 70844 </rpminfo_state> 70845 <rpminfo_state id="oval:org.opensuse.security:ste:2009037250" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70846 <evr datatype="evr_string" operation="less than">0:1.34b-25.7.1</evr> 70847 </rpminfo_state> 70848 <rpminfo_state id="oval:org.opensuse.security:ste:2009037251" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70849 <evr datatype="evr_string" operation="less than">0:0.3.6b-43.7.1</evr> 70850 </rpminfo_state> 70851 <rpminfo_state id="oval:org.opensuse.security:ste:2009037516" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70852 <evr datatype="evr_string" operation="less than">0:2.6.3-0.5.1</evr> 70853 </rpminfo_state> 70854 <rpminfo_state id="oval:org.opensuse.security:ste:2009037216" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70855 <evr datatype="evr_string" operation="less than">0:3.5-1.6.7</evr> 70856 </rpminfo_state> 70857 <rpminfo_state id="oval:org.opensuse.security:ste:2009037217" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70858 <evr datatype="evr_string" operation="less than">0:3.5.3-1.5.3</evr> 70859 </rpminfo_state> 70860 <rpminfo_state id="oval:org.opensuse.security:ste:2009037218" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70861 <evr datatype="evr_string" operation="less than">0:1.9.0.14-0.6.6</evr> 70862 </rpminfo_state> 70863 <rpminfo_state id="oval:org.opensuse.security:ste:2009037219" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70864 <evr datatype="evr_string" operation="less than">0:1.9.1.3-1.5.7</evr> 70865 </rpminfo_state> 70866 <rpminfo_state id="oval:org.opensuse.security:ste:2009037220" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70867 <evr datatype="evr_string" operation="less than">0:8.1.18-0.5.1</evr> 70868 </rpminfo_state> 70869 <rpminfo_state id="oval:org.opensuse.security:ste:2009037951" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70870 <evr datatype="evr_string" operation="less than">0:0.9.8a-18.42.2</evr> 70871 </rpminfo_state> 70872 <rpminfo_state id="oval:org.opensuse.security:ste:2009038096" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70873 <evr datatype="evr_string" operation="less than">0:2.7.2-15.8.1</evr> 70874 </rpminfo_state> 70875 <rpminfo_state id="oval:org.opensuse.security:ste:2009037726" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70876 <evr datatype="evr_string" operation="less than">0:2.7.2-15.7.1</evr> 70877 </rpminfo_state> 70878 <rpminfo_state id="oval:org.opensuse.security:ste:2009037550" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70879 <evr datatype="evr_string" operation="less than">0:3.5.6-1.4.1</evr> 70880 </rpminfo_state> 70881 <rpminfo_state id="oval:org.opensuse.security:ste:2009037551" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70882 <evr datatype="evr_string" operation="less than">0:1.9.1.6-1.4.1</evr> 70883 </rpminfo_state> 70884 <rpminfo_state id="oval:org.opensuse.security:ste:2009038270" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70885 <evr datatype="evr_string" operation="less than">0:1.5.0_sr11.2-0.4.1</evr> 70886 </rpminfo_state> 70887 <rpminfo_state id="oval:org.opensuse.security:ste:2009039974" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70888 <evr datatype="evr_string" operation="less than">0:1.5.0_sr12.2-0.4.1</evr> 70889 </rpminfo_state> 70890 <rpminfo_state id="oval:org.opensuse.security:ste:2009038013" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70891 <evr datatype="evr_string" operation="less than">0:3.12.6-3.4.1</evr> 70892 </rpminfo_state> 70893 <rpminfo_state id="oval:org.opensuse.security:ste:2009038016" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70894 <evr datatype="evr_string" operation="less than">0:1.9.0.19-0.4.1</evr> 70895 </rpminfo_state> 70896 <rpminfo_state id="oval:org.opensuse.security:ste:2009038937" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70897 <evr datatype="evr_string" operation="less than">0:1.2.10-13.26.1</evr> 70898 </rpminfo_state> 70899 <rpminfo_state id="oval:org.opensuse.security:ste:2009038730" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70900 <evr datatype="evr_string" operation="less than">0:1.6.0.u22-1.8.1</evr> 70901 </rpminfo_state> 70902 <rpminfo_state id="oval:org.opensuse.security:ste:2009038017" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70903 <evr datatype="evr_string" operation="less than">0:3.5.9-0.4.1</evr> 70904 </rpminfo_state> 70905 <rpminfo_state id="oval:org.opensuse.security:ste:2009038018" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70906 <evr datatype="evr_string" operation="less than">0:1.9.1.9-1.4.1</evr> 70907 </rpminfo_state> 70908 <rpminfo_state id="oval:org.opensuse.security:ste:2009037354" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70909 <evr datatype="evr_string" operation="less than">0:0.9.7g-13.19.1</evr> 70910 </rpminfo_state> 70911 <rpminfo_state id="oval:org.opensuse.security:ste:2009037355" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70912 <evr datatype="evr_string" operation="less than">0:0.9.8a-18.39.1</evr> 70913 </rpminfo_state> 70914 <rpminfo_state id="oval:org.opensuse.security:ste:2009037944" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70915 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.60.1</evr> 70916 </rpminfo_state> 70917 <rpminfo_state id="oval:org.opensuse.security:ste:2009037532" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70918 <evr datatype="evr_string" operation="less than">0:0.8.4-17.9.1</evr> 70919 </rpminfo_state> 70920 <rpminfo_state id="oval:org.opensuse.security:ste:2009037614" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70921 <evr datatype="evr_string" operation="less than">0:2.0.0-13.9.1</evr> 70922 </rpminfo_state> 70923 <rpminfo_state id="oval:org.opensuse.security:ste:2009037526" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70924 <evr datatype="evr_string" operation="less than">0:2.0.0-13.8.1</evr> 70925 </rpminfo_state> 70926 <rpminfo_state id="oval:org.opensuse.security:ste:2009037536" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70927 <evr datatype="evr_string" operation="less than">0:4.2.4p3-48.15.1</evr> 70928 </rpminfo_state> 70929 <rpminfo_state id="oval:org.opensuse.security:ste:2009037319" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70930 <evr datatype="evr_string" operation="less than">0:3.01-21.23.2</evr> 70931 </rpminfo_state> 70932 <rpminfo_state id="oval:org.opensuse.security:ste:2009037348" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70933 <evr datatype="evr_string" operation="less than">0:3.5.1-23.26.1</evr> 70934 </rpminfo_state> 70935 <rpminfo_state id="oval:org.opensuse.security:ste:2009037579" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70936 <evr datatype="evr_string" operation="less than">0:0.4.4-19.26.1</evr> 70937 </rpminfo_state> 70938 <rpminfo_state id="oval:org.opensuse.security:ste:2009037553" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70939 <evr datatype="evr_string" operation="less than">0:1.1.23-40.59.8</evr> 70940 </rpminfo_state> 70941 <rpminfo_state id="oval:org.opensuse.security:ste:2009037512" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70942 <evr datatype="evr_string" operation="less than">0:3.48-12.7.1</evr> 70943 </rpminfo_state> 70944 <rpminfo_state id="oval:org.opensuse.security:ste:2009037379" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70945 <evr datatype="evr_string" operation="less than">0:2.0.0-13.7.1</evr> 70946 </rpminfo_state> 70947 <rpminfo_state id="oval:org.opensuse.security:ste:2009037585" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70948 <evr datatype="evr_string" operation="less than">0:1.5.22-13.16.1</evr> 70949 </rpminfo_state> 70950 <rpminfo_state id="oval:org.opensuse.security:ste:2009040450" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70951 <evr datatype="evr_string" operation="less than">0:8.15.4-16.14.1</evr> 70952 </rpminfo_state> 70953 <rpminfo_state id="oval:org.opensuse.security:ste:2009040451" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70954 <evr datatype="evr_string" operation="less than">0:4.2.7-62.14.1</evr> 70955 </rpminfo_state> 70956 <rpminfo_state id="oval:org.opensuse.security:ste:2009037595" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70957 <evr datatype="evr_string" operation="less than">0:9.0.260.0-0.4.1</evr> 70958 </rpminfo_state> 70959 <rpminfo_state id="oval:org.opensuse.security:ste:2009037679" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70960 <evr datatype="evr_string" operation="less than">0:9.3-0.5.1</evr> 70961 </rpminfo_state> 70962 <rpminfo_state id="oval:org.opensuse.security:ste:2009037680" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70963 <evr datatype="evr_string" operation="less than">0:9.3-0.6.1</evr> 70964 </rpminfo_state> 70965 <rpminfo_state id="oval:org.opensuse.security:ste:2009037382" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70966 <evr datatype="evr_string" operation="less than">0:3.5.5-1.4.1</evr> 70967 </rpminfo_state> 70968 <rpminfo_state id="oval:org.opensuse.security:ste:2009037383" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70969 <evr datatype="evr_string" operation="less than">0:1.9.1.5-1.4.1</evr> 70970 </rpminfo_state> 70971 <rpminfo_state id="oval:org.opensuse.security:ste:2009037556" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70972 <evr datatype="evr_string" operation="less than">0:1.9.0.16-0.4.1</evr> 70973 </rpminfo_state> 70974 <rpminfo_state id="oval:org.opensuse.security:ste:2009038112" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70975 <evr datatype="evr_string" operation="less than">0:3.1.11-14.10.1</evr> 70976 </rpminfo_state> 70977 <rpminfo_state id="oval:org.opensuse.security:ste:2009037628" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70978 <evr datatype="evr_string" operation="less than">0:8.1.19-0.4.2</evr> 70979 </rpminfo_state> 70980 <rpminfo_state id="oval:org.opensuse.security:ste:2009040086" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70981 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.91.1</evr> 70982 </rpminfo_state> 70983 <rpminfo_state id="oval:org.opensuse.security:ste:2009038921" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70984 <evr datatype="evr_string" operation="less than">0:2.4.2-18.32.5</evr> 70985 </rpminfo_state> 70986 <rpminfo_state id="oval:org.opensuse.security:ste:2009037638" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70987 <evr datatype="evr_string" operation="less than">0:1.4.3-19.44.1</evr> 70988 </rpminfo_state> 70989 <rpminfo_state id="oval:org.opensuse.security:ste:2009038426" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70990 <evr datatype="evr_string" operation="less than">0:2-108.4.1</evr> 70991 </rpminfo_state> 70992 <rpminfo_state id="oval:org.opensuse.security:ste:2009038427" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70993 <evr datatype="evr_string" operation="less than">0:0.13.2-1.16.1</evr> 70994 </rpminfo_state> 70995 <rpminfo_state id="oval:org.opensuse.security:ste:2009037836" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70996 <evr datatype="evr_string" operation="less than">0:1.0.0-657.10.1</evr> 70997 </rpminfo_state> 70998 <rpminfo_state id="oval:org.opensuse.security:ste:2009037837" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 70999 <evr datatype="evr_string" operation="less than">0:10.26.22-14.10.1</evr> 71000 </rpminfo_state> 71001 <rpminfo_state id="oval:org.opensuse.security:ste:2009037656" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71002 <evr datatype="evr_string" operation="less than">0:0.9.8a-18.40.1</evr> 71003 </rpminfo_state> 71004 <rpminfo_state id="oval:org.opensuse.security:ste:2009037642" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71005 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.59.1</evr> 71006 </rpminfo_state> 71007 <rpminfo_state id="oval:org.opensuse.security:ste:2009038069" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71008 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.62.1</evr> 71009 </rpminfo_state> 71010 <rpminfo_state id="oval:org.opensuse.security:ste:2009037808" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71011 <evr datatype="evr_string" operation="less than">0:8.13.6-9.18.1</evr> 71012 </rpminfo_state> 71013 <rpminfo_state id="oval:org.opensuse.security:ste:2009039768" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71014 <evr datatype="evr_string" operation="less than">0:1.0.12-13.13.1</evr> 71015 </rpminfo_state> 71016 <rpminfo_state id="oval:org.opensuse.security:ste:2009040231" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71017 <evr datatype="evr_string" operation="less than">0:2.4-31.97.1</evr> 71018 </rpminfo_state> 71019 <rpminfo_state id="oval:org.opensuse.security:ste:2009037658" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71020 <evr datatype="evr_string" operation="less than">0:1.3.5-159.10.1</evr> 71021 </rpminfo_state> 71022 <rpminfo_state id="oval:org.opensuse.security:ste:2009039567" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71023 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.87.1</evr> 71024 </rpminfo_state> 71025 <rpminfo_state id="oval:org.opensuse.security:ste:2009037818" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71026 <evr datatype="evr_string" operation="less than">0:2.6.6-0.4.1</evr> 71027 </rpminfo_state> 71028 <rpminfo_state id="oval:org.opensuse.security:ste:2009038079" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71029 <evr datatype="evr_string" operation="less than">0:0.96-0.6.1</evr> 71030 </rpminfo_state> 71031 <rpminfo_state id="oval:org.opensuse.security:ste:2009038883" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71032 <evr datatype="evr_string" operation="less than">0:3.5.16-0.4.1</evr> 71033 </rpminfo_state> 71034 <rpminfo_state id="oval:org.opensuse.security:ste:2009038884" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71035 <evr datatype="evr_string" operation="less than">0:1.9.1.16-0.4.1</evr> 71036 </rpminfo_state> 71037 <rpminfo_state id="oval:org.opensuse.security:ste:2009037828" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71038 <evr datatype="evr_string" operation="less than">0:9.3.1-0.4.1</evr> 71039 </rpminfo_state> 71040 <rpminfo_state id="oval:org.opensuse.security:ste:2009037754" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71041 <evr datatype="evr_string" operation="less than">0:9.0.262.0-0.4.1</evr> 71042 </rpminfo_state> 71043 <rpminfo_state id="oval:org.opensuse.security:ste:2009038053" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71044 <evr datatype="evr_string" operation="less than">0:9.3.2-0.4.1</evr> 71045 </rpminfo_state> 71046 <rpminfo_state id="oval:org.opensuse.security:ste:2009038128" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71047 <evr datatype="evr_string" operation="less than">0:1.2.8-19.28.1</evr> 71048 </rpminfo_state> 71049 <rpminfo_state id="oval:org.opensuse.security:ste:2009038430" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71050 <evr datatype="evr_string" operation="less than">0:9.3.4-0.5.1</evr> 71051 </rpminfo_state> 71052 <rpminfo_state id="oval:org.opensuse.security:ste:2009038382" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71053 <evr datatype="evr_string" operation="less than">0:9.0.280.0-0.4.1</evr> 71054 </rpminfo_state> 71055 <rpminfo_state id="oval:org.opensuse.security:ste:2009038431" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71056 <evr datatype="evr_string" operation="less than">0:9.3.4-0.4.1</evr> 71057 </rpminfo_state> 71058 <rpminfo_state id="oval:org.opensuse.security:ste:2009038399" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71059 <evr datatype="evr_string" operation="less than">0:2.3.32-0.37.1</evr> 71060 </rpminfo_state> 71061 <rpminfo_state id="oval:org.opensuse.security:ste:2009037688" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71062 <evr datatype="evr_string" operation="less than">0:1.9.0.17-0.4.1</evr> 71063 </rpminfo_state> 71064 <rpminfo_state id="oval:org.opensuse.security:ste:2009037689" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71065 <evr datatype="evr_string" operation="less than">0:3.5.7-1.4.1</evr> 71066 </rpminfo_state> 71067 <rpminfo_state id="oval:org.opensuse.security:ste:2009037690" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71068 <evr datatype="evr_string" operation="less than">0:1.9.1.7-1.4.1</evr> 71069 </rpminfo_state> 71070 <rpminfo_state id="oval:org.opensuse.security:ste:2009037615" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71071 <evr datatype="evr_string" operation="less than">0:2.5.6-4.8.4</evr> 71072 </rpminfo_state> 71073 <rpminfo_state id="oval:org.opensuse.security:ste:2009038323" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71074 <evr datatype="evr_string" operation="less than">0:3.2.1-0.4.1</evr> 71075 </rpminfo_state> 71076 <rpminfo_state id="oval:org.opensuse.security:ste:2009038571" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71077 <evr datatype="evr_string" operation="less than">0:1.0.3-17.15.4</evr> 71078 </rpminfo_state> 71079 <rpminfo_state id="oval:org.opensuse.security:ste:2009038492" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71080 <evr datatype="evr_string" operation="less than">0:1.2.9_beta9-17.17.1</evr> 71081 </rpminfo_state> 71082 <rpminfo_state id="oval:org.opensuse.security:ste:2009038040" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71083 <evr datatype="evr_string" operation="less than">0:1.10.2-23.9.1</evr> 71084 </rpminfo_state> 71085 <rpminfo_state id="oval:org.opensuse.security:ste:2009037901" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71086 <evr datatype="evr_string" operation="less than">0:4.1-45.31.1</evr> 71087 </rpminfo_state> 71088 <rpminfo_state id="oval:org.opensuse.security:ste:2009037872" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71089 <evr datatype="evr_string" operation="less than">0:1.6.8p12-18.17.1</evr> 71090 </rpminfo_state> 71091 <rpminfo_state id="oval:org.opensuse.security:ste:2009038047" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71092 <evr datatype="evr_string" operation="less than">0:2.0-84.77.1</evr> 71093 </rpminfo_state> 71094 <rpminfo_state id="oval:org.opensuse.security:ste:2009038048" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71095 <evr datatype="evr_string" operation="less than">0:3.5.1-69.77.1</evr> 71096 </rpminfo_state> 71097 <rpminfo_state id="oval:org.opensuse.security:ste:2009040033" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71098 <evr datatype="evr_string" operation="less than">0:1.1.23-40.62.1</evr> 71099 </rpminfo_state> 71100 <rpminfo_state id="oval:org.opensuse.security:ste:2009038788" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71101 <evr datatype="evr_string" operation="less than">0:1.1.23-40.60.12</evr> 71102 </rpminfo_state> 71103 <rpminfo_state id="oval:org.opensuse.security:ste:2009037982" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71104 <evr datatype="evr_string" operation="less than">0:3.0.36-0.9.1</evr> 71105 </rpminfo_state> 71106 <rpminfo_state id="oval:org.opensuse.security:ste:2009037983" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71107 <evr datatype="evr_string" operation="less than">0:1.34b-25.9.1</evr> 71108 </rpminfo_state> 71109 <rpminfo_state id="oval:org.opensuse.security:ste:2009037984" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71110 <evr datatype="evr_string" operation="less than">0:0.3.6b-43.9.1</evr> 71111 </rpminfo_state> 71112 <rpminfo_state id="oval:org.opensuse.security:ste:2009038110" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71113 <evr datatype="evr_string" operation="less than">0:2.6-19.26.1</evr> 71114 </rpminfo_state> 71115 <rpminfo_state id="oval:org.opensuse.security:ste:2009038097" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71116 <evr datatype="evr_string" operation="less than">0:1.15.1-23.16.1</evr> 71117 </rpminfo_state> 71118 <rpminfo_state id="oval:org.opensuse.security:ste:2009038346" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71119 <evr datatype="evr_string" operation="less than">0:3.5.11-0.4.1</evr> 71120 </rpminfo_state> 71121 <rpminfo_state id="oval:org.opensuse.security:ste:2009038347" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71122 <evr datatype="evr_string" operation="less than">0:1.9.1.11-0.4.1</evr> 71123 </rpminfo_state> 71124 <rpminfo_state id="oval:org.opensuse.security:ste:2009038293" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71125 <evr datatype="evr_string" operation="less than">0:8.1.21-0.4.1</evr> 71126 </rpminfo_state> 71127 <rpminfo_state id="oval:org.opensuse.security:ste:2009038152" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71128 <evr datatype="evr_string" operation="less than">0:3.0-37.13.1</evr> 71129 </rpminfo_state> 71130 <rpminfo_state id="oval:org.opensuse.security:ste:2009038240" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71131 <evr datatype="evr_string" operation="less than">0:3.0.36-0.11.1</evr> 71132 </rpminfo_state> 71133 <rpminfo_state id="oval:org.opensuse.security:ste:2009038241" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71134 <evr datatype="evr_string" operation="less than">0:1.34b-25.11.1</evr> 71135 </rpminfo_state> 71136 <rpminfo_state id="oval:org.opensuse.security:ste:2009038242" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71137 <evr datatype="evr_string" operation="less than">0:0.3.6b-43.11.1</evr> 71138 </rpminfo_state> 71139 <rpminfo_state id="oval:org.opensuse.security:ste:2009038168" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71140 <evr datatype="evr_string" operation="less than">0:2.2.6-24.17.1</evr> 71141 </rpminfo_state> 71142 <rpminfo_state id="oval:org.opensuse.security:ste:2009038383" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71143 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.67.1</evr> 71144 </rpminfo_state> 71145 <rpminfo_state id="oval:org.opensuse.security:ste:2009038282" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71146 <evr datatype="evr_string" operation="less than">0:6.9.0-50.66.1</evr> 71147 </rpminfo_state> 71148 <rpminfo_state id="oval:org.opensuse.security:ste:2009038577" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71149 <evr datatype="evr_string" operation="less than">0:6.9.0-50.67.1</evr> 71150 </rpminfo_state> 71151 <rpminfo_state id="oval:org.opensuse.security:ste:2009038387" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71152 <evr datatype="evr_string" operation="less than">0:5.8.8-14.15.1</evr> 71153 </rpminfo_state> 71154 <rpminfo_state id="oval:org.opensuse.security:ste:2009039123" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71155 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.77.1</evr> 71156 </rpminfo_state> 71157 <rpminfo_state id="oval:org.opensuse.security:ste:2009038447" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71158 <evr datatype="evr_string" operation="less than">0:1.2.8-19.29.1</evr> 71159 </rpminfo_state> 71160 <rpminfo_state id="oval:org.opensuse.security:ste:2009038264" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71161 <evr datatype="evr_string" operation="less than">0:9.3.3-0.4.1</evr> 71162 </rpminfo_state> 71163 <rpminfo_state id="oval:org.opensuse.security:ste:2009038193" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71164 <evr datatype="evr_string" operation="less than">0:1.4.3-19.45.1</evr> 71165 </rpminfo_state> 71166 <rpminfo_state id="oval:org.opensuse.security:ste:2009038841" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71167 <evr datatype="evr_string" operation="less than">0:1.4.3-19.47.1</evr> 71168 </rpminfo_state> 71169 <rpminfo_state id="oval:org.opensuse.security:ste:2009038218" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71170 <evr datatype="evr_string" operation="less than">0:3.8.2-5.18.1</evr> 71171 </rpminfo_state> 71172 <rpminfo_state id="oval:org.opensuse.security:ste:2009039192" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71173 <evr datatype="evr_string" operation="less than">0:1.4.4-0.37.1</evr> 71174 </rpminfo_state> 71175 <rpminfo_state id="oval:org.opensuse.security:ste:2009038552" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71176 <evr datatype="evr_string" operation="less than">0:1.2.2-13.20.1</evr> 71177 </rpminfo_state> 71178 <rpminfo_state id="oval:org.opensuse.security:ste:2009039225" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71179 <evr datatype="evr_string" operation="less than">0:3.6.16-0.6.1</evr> 71180 </rpminfo_state> 71181 <rpminfo_state id="oval:org.opensuse.security:ste:2009039226" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71182 <evr datatype="evr_string" operation="less than">0:1.9.2.16-1.5.1</evr> 71183 </rpminfo_state> 71184 <rpminfo_state id="oval:org.opensuse.security:ste:2009039041" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71185 <evr datatype="evr_string" operation="less than">0:3.6.15-0.6.1</evr> 71186 </rpminfo_state> 71187 <rpminfo_state id="oval:org.opensuse.security:ste:2009039042" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71188 <evr datatype="evr_string" operation="less than">0:1.9.2.15-0.5.1</evr> 71189 </rpminfo_state> 71190 <rpminfo_state id="oval:org.opensuse.security:ste:2009039017" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71191 <evr datatype="evr_string" operation="less than">0:1.9.1.17-0.5.1</evr> 71192 </rpminfo_state> 71193 <rpminfo_state id="oval:org.opensuse.security:ste:2009040113" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71194 <evr datatype="evr_string" operation="less than">0:2.6.6-0.10.1</evr> 71195 </rpminfo_state> 71196 <rpminfo_state id="oval:org.opensuse.security:ste:2009038624" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71197 <evr datatype="evr_string" operation="less than">0:5.0.26-12.29.1</evr> 71198 </rpminfo_state> 71199 <rpminfo_state id="oval:org.opensuse.security:ste:2009038326" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71200 <evr datatype="evr_string" operation="less than">0:0.96.1-0.4.1</evr> 71201 </rpminfo_state> 71202 <rpminfo_state id="oval:org.opensuse.security:ste:2009038419" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71203 <evr datatype="evr_string" operation="less than">0:2.1.10-18.22.1</evr> 71204 </rpminfo_state> 71205 <rpminfo_state id="oval:org.opensuse.security:ste:2009038496" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71206 <evr datatype="evr_string" operation="less than">0:1.7-271.36.1</evr> 71207 </rpminfo_state> 71208 <rpminfo_state id="oval:org.opensuse.security:ste:2009038497" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71209 <evr datatype="evr_string" operation="less than">0:4.4.2-43.36.1</evr> 71210 </rpminfo_state> 71211 <rpminfo_state id="oval:org.opensuse.security:ste:2009038316" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71212 <evr datatype="evr_string" operation="less than">0:0.5.1-19.10.1</evr> 71213 </rpminfo_state> 71214 <rpminfo_state id="oval:org.opensuse.security:ste:2009038842" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71215 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.74.7</evr> 71216 </rpminfo_state> 71217 <rpminfo_state id="oval:org.opensuse.security:ste:2009038433" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71218 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.68.1</evr> 71219 </rpminfo_state> 71220 <rpminfo_state id="oval:org.opensuse.security:ste:2009038501" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71221 <evr datatype="evr_string" operation="less than">0:0.3.3-18.18.1</evr> 71222 </rpminfo_state> 71223 <rpminfo_state id="oval:org.opensuse.security:ste:2009038374" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71224 <evr datatype="evr_string" operation="less than">0:1.9.18-17.21.1</evr> 71225 </rpminfo_state> 71226 <rpminfo_state id="oval:org.opensuse.security:ste:2009039975" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71227 <evr datatype="evr_string" operation="less than">0:0.4.0-25.13.4</evr> 71228 </rpminfo_state> 71229 <rpminfo_state id="oval:org.opensuse.security:ste:2009038696" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71230 <evr datatype="evr_string" operation="less than">0:3.5.15-0.7.1</evr> 71231 </rpminfo_state> 71232 <rpminfo_state id="oval:org.opensuse.security:ste:2009038697" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71233 <evr datatype="evr_string" operation="less than">0:1.9.1.15-0.5.1</evr> 71234 </rpminfo_state> 71235 <rpminfo_state id="oval:org.opensuse.security:ste:2009038927" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71236 <evr datatype="evr_string" operation="less than">0:5.8.8-14.17.15</evr> 71237 </rpminfo_state> 71238 <rpminfo_state id="oval:org.opensuse.security:ste:2009040582" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71239 <evr datatype="evr_string" operation="less than">0:1.7.0.0-1.10.1</evr> 71240 </rpminfo_state> 71241 <rpminfo_state id="oval:org.opensuse.security:ste:2009038594" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71242 <evr datatype="evr_string" operation="less than">0:9.4-0.4.1</evr> 71243 </rpminfo_state> 71244 <rpminfo_state id="oval:org.opensuse.security:ste:2009038533" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71245 <evr datatype="evr_string" operation="less than">0:9.0.283.0-0.4.1</evr> 71246 </rpminfo_state> 71247 <rpminfo_state id="oval:org.opensuse.security:ste:2009038626" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71248 <evr datatype="evr_string" operation="less than">0:3.2.1-0.5.1</evr> 71249 </rpminfo_state> 71250 <rpminfo_state id="oval:org.opensuse.security:ste:2009039976" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71251 <evr datatype="evr_string" operation="less than">0:1.33.1-17.13.2.1</evr> 71252 </rpminfo_state> 71253 <rpminfo_state id="oval:org.opensuse.security:ste:2009039977" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71254 <evr datatype="evr_string" operation="less than">0:3.3.1.2-1.6.2.2</evr> 71255 </rpminfo_state> 71256 <rpminfo_state id="oval:org.opensuse.security:ste:2009039978" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71257 <evr datatype="evr_string" operation="less than">0:8.2.1-0.5.1</evr> 71258 </rpminfo_state> 71259 <rpminfo_state id="oval:org.opensuse.security:ste:2009039979" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71260 <evr datatype="evr_string" operation="less than">0:20040727-33.3.1</evr> 71261 </rpminfo_state> 71262 <rpminfo_state id="oval:org.opensuse.security:ste:2009039980" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71263 <evr datatype="evr_string" operation="less than">0:20040623-33.3.1</evr> 71264 </rpminfo_state> 71265 <rpminfo_state id="oval:org.opensuse.security:ste:2009039981" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71266 <evr datatype="evr_string" operation="less than">0:20020806-33.3.1</evr> 71267 </rpminfo_state> 71268 <rpminfo_state id="oval:org.opensuse.security:ste:2009039982" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71269 <evr datatype="evr_string" operation="less than">0:20050526-27.3.1</evr> 71270 </rpminfo_state> 71271 <rpminfo_state id="oval:org.opensuse.security:ste:2009039983" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71272 <evr datatype="evr_string" operation="less than">0:0.1-248.3.1</evr> 71273 </rpminfo_state> 71274 <rpminfo_state id="oval:org.opensuse.security:ste:2009039984" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71275 <evr datatype="evr_string" operation="less than">0:20030907-59.3.1</evr> 71276 </rpminfo_state> 71277 <rpminfo_state id="oval:org.opensuse.security:ste:2009039985" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71278 <evr datatype="evr_string" operation="less than">0:20050421-27.3.1</evr> 71279 </rpminfo_state> 71280 <rpminfo_state id="oval:org.opensuse.security:ste:2009039986" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71281 <evr datatype="evr_string" operation="less than">0:20050719-22.14.3.1</evr> 71282 </rpminfo_state> 71283 <rpminfo_state id="oval:org.opensuse.security:ste:2009039987" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71284 <evr datatype="evr_string" operation="less than">0:1.0.1.1-26.14.3.1</evr> 71285 </rpminfo_state> 71286 <rpminfo_state id="oval:org.opensuse.security:ste:2009039988" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71287 <evr datatype="evr_string" operation="less than">0:20051213-19.14.3.1</evr> 71288 </rpminfo_state> 71289 <rpminfo_state id="oval:org.opensuse.security:ste:2009039989" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71290 <evr datatype="evr_string" operation="less than">0:20041220-26.14.3.1</evr> 71291 </rpminfo_state> 71292 <rpminfo_state id="oval:org.opensuse.security:ste:2009039990" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71293 <evr datatype="evr_string" operation="less than">0:20060929-20.12.3.1</evr> 71294 </rpminfo_state> 71295 <rpminfo_state id="oval:org.opensuse.security:ste:2009039991" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71296 <evr datatype="evr_string" operation="less than">0:0.1-20.12.3.1</evr> 71297 </rpminfo_state> 71298 <rpminfo_state id="oval:org.opensuse.security:ste:2009039992" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71299 <evr datatype="evr_string" operation="less than">0:20050711-22.14.3.1</evr> 71300 </rpminfo_state> 71301 <rpminfo_state id="oval:org.opensuse.security:ste:2009039993" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71302 <evr datatype="evr_string" operation="less than">0:20031231-26.14.3.1</evr> 71303 </rpminfo_state> 71304 <rpminfo_state id="oval:org.opensuse.security:ste:2009039994" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71305 <evr datatype="evr_string" operation="less than">0:20050308-22.14.3.1</evr> 71306 </rpminfo_state> 71307 <rpminfo_state id="oval:org.opensuse.security:ste:2009039995" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71308 <evr datatype="evr_string" operation="less than">0:20041208-26.14.3.1</evr> 71309 </rpminfo_state> 71310 <rpminfo_state id="oval:org.opensuse.security:ste:2009039996" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71311 <evr datatype="evr_string" operation="less than">0:20051016-20.14.3.1</evr> 71312 </rpminfo_state> 71313 <rpminfo_state id="oval:org.opensuse.security:ste:2009039997" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71314 <evr datatype="evr_string" operation="less than">0:20020629-243.14.3.1</evr> 71315 </rpminfo_state> 71316 <rpminfo_state id="oval:org.opensuse.security:ste:2009039998" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71317 <evr datatype="evr_string" operation="less than">0:20040406-28.14.3.1</evr> 71318 </rpminfo_state> 71319 <rpminfo_state id="oval:org.opensuse.security:ste:2009039999" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71320 <evr datatype="evr_string" operation="less than">0:20050901-20.14.3.1</evr> 71321 </rpminfo_state> 71322 <rpminfo_state id="oval:org.opensuse.security:ste:2009040000" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71323 <evr datatype="evr_string" operation="less than">0:20030907-54.14.3.1</evr> 71324 </rpminfo_state> 71325 <rpminfo_state id="oval:org.opensuse.security:ste:2009040001" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71326 <evr datatype="evr_string" operation="less than">0:20051029-20.14.3.1</evr> 71327 </rpminfo_state> 71328 <rpminfo_state id="oval:org.opensuse.security:ste:2009040002" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71329 <evr datatype="evr_string" operation="less than">0:20061207-1.12.3.1</evr> 71330 </rpminfo_state> 71331 <rpminfo_state id="oval:org.opensuse.security:ste:2009040003" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71332 <evr datatype="evr_string" operation="less than">0:20060123-20.12.3.1</evr> 71333 </rpminfo_state> 71334 <rpminfo_state id="oval:org.opensuse.security:ste:2009040004" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71335 <evr datatype="evr_string" operation="less than">0:0.2-26.14.3.1</evr> 71336 </rpminfo_state> 71337 <rpminfo_state id="oval:org.opensuse.security:ste:2009038534" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71338 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.69.1</evr> 71339 </rpminfo_state> 71340 <rpminfo_state id="oval:org.opensuse.security:ste:2009038595" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71341 <evr datatype="evr_string" operation="less than">0:2.1.10-18.23.1</evr> 71342 </rpminfo_state> 71343 <rpminfo_state id="oval:org.opensuse.security:ste:2009038554" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71344 <evr datatype="evr_string" operation="less than">0:3.0.36-0.13.12.1</evr> 71345 </rpminfo_state> 71346 <rpminfo_state id="oval:org.opensuse.security:ste:2009038555" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71347 <evr datatype="evr_string" operation="less than">0:1.34b-25.13.12.1</evr> 71348 </rpminfo_state> 71349 <rpminfo_state id="oval:org.opensuse.security:ste:2009038556" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71350 <evr datatype="evr_string" operation="less than">0:0.3.6b-43.13.12.1</evr> 71351 </rpminfo_state> 71352 <rpminfo_state id="oval:org.opensuse.security:ste:2009038698" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71353 <evr datatype="evr_string" operation="less than">0:4.8.6-1.6.1</evr> 71354 </rpminfo_state> 71355 <rpminfo_state id="oval:org.opensuse.security:ste:2009038699" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71356 <evr datatype="evr_string" operation="less than">0:3.12.8-1.4.1</evr> 71357 </rpminfo_state> 71358 <rpminfo_state id="oval:org.opensuse.security:ste:2009040093" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71359 <evr datatype="evr_string" operation="less than">0:0.99.6.3-28.25.4</evr> 71360 </rpminfo_state> 71361 <rpminfo_state id="oval:org.opensuse.security:ste:2009040408" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71362 <evr datatype="evr_string" operation="less than">0:1.2.2-12.32.1</evr> 71363 </rpminfo_state> 71364 <rpminfo_state id="oval:org.opensuse.security:ste:2009038639" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71365 <evr datatype="evr_string" operation="less than">0:8.1.22-0.4.1</evr> 71366 </rpminfo_state> 71367 <rpminfo_state id="oval:org.opensuse.security:ste:2009038768" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71368 <evr datatype="evr_string" operation="less than">0:0.96.4-0.4.1</evr> 71369 </rpminfo_state> 71370 <rpminfo_state id="oval:org.opensuse.security:ste:2009039086" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71371 <evr datatype="evr_string" operation="less than">0:1.5.0_sr12.3-0.7.1</evr> 71372 </rpminfo_state> 71373 <rpminfo_state id="oval:org.opensuse.security:ste:2009038762" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71374 <evr datatype="evr_string" operation="less than">0:1.2.0-22.31.1</evr> 71375 </rpminfo_state> 71376 <rpminfo_state id="oval:org.opensuse.security:ste:2009038810" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71377 <evr datatype="evr_string" operation="less than">0:9.4.1-0.4.1</evr> 71378 </rpminfo_state> 71379 <rpminfo_state id="oval:org.opensuse.security:ste:2009038726" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71380 <evr datatype="evr_string" operation="less than">0:9.0.289.0-0.4.1</evr> 71381 </rpminfo_state> 71382 <rpminfo_state id="oval:org.opensuse.security:ste:2009038936" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71383 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.76.8</evr> 71384 </rpminfo_state> 71385 <rpminfo_state id="oval:org.opensuse.security:ste:2009038870" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71386 <evr datatype="evr_string" operation="less than">0:3.01-21.24.1</evr> 71387 </rpminfo_state> 71388 <rpminfo_state id="oval:org.opensuse.security:ste:2009038747" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71389 <evr datatype="evr_string" operation="less than">0:0.4.4-19.27.1</evr> 71390 </rpminfo_state> 71391 <rpminfo_state id="oval:org.opensuse.security:ste:2009039433" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71392 <evr datatype="evr_string" operation="less than">0:2.1.10-18.25.11</evr> 71393 </rpminfo_state> 71394 <rpminfo_state id="oval:org.opensuse.security:ste:2009040280" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71395 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.93.1</evr> 71396 </rpminfo_state> 71397 <rpminfo_state id="oval:org.opensuse.security:ste:2009039165" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71398 <evr datatype="evr_string" operation="less than">0:2.7.2-15.10.11.1</evr> 71399 </rpminfo_state> 71400 <rpminfo_state id="oval:org.opensuse.security:ste:2009039166" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71401 <evr datatype="evr_string" operation="less than">0:2.12r-35.41.43.7</evr> 71402 </rpminfo_state> 71403 <rpminfo_state id="oval:org.opensuse.security:ste:2009039228" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71404 <evr datatype="evr_string" operation="less than">0:2.7.2-15.10.11.10</evr> 71405 </rpminfo_state> 71406 <rpminfo_state id="oval:org.opensuse.security:ste:2009038894" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71407 <evr datatype="evr_string" operation="less than">0:1.20-0.7.6.1</evr> 71408 </rpminfo_state> 71409 <rpminfo_state id="oval:org.opensuse.security:ste:2009038774" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71410 <evr datatype="evr_string" operation="less than">0:2.6.23-15.23.13</evr> 71411 </rpminfo_state> 71412 <rpminfo_state id="oval:org.opensuse.security:ste:2009039152" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71413 <evr datatype="evr_string" operation="less than">0:8.1.22-0.6.1</evr> 71414 </rpminfo_state> 71415 <rpminfo_state id="oval:org.opensuse.security:ste:2009039229" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71416 <evr datatype="evr_string" operation="less than">0:8.1.22-0.6.4</evr> 71417 </rpminfo_state> 71418 <rpminfo_state id="oval:org.opensuse.security:ste:2009038996" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71419 <evr datatype="evr_string" operation="less than">0:9.4.2-0.5.1</evr> 71420 </rpminfo_state> 71421 <rpminfo_state id="oval:org.opensuse.security:ste:2009039446" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71422 <evr datatype="evr_string" operation="less than">0:1.2.2-12.30.14</evr> 71423 </rpminfo_state> 71424 <rpminfo_state id="oval:org.opensuse.security:ste:2009039482" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71425 <evr datatype="evr_string" operation="less than">0:1.2.2-12.30.16</evr> 71426 </rpminfo_state> 71427 <rpminfo_state id="oval:org.opensuse.security:ste:2009039484" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71428 <evr datatype="evr_string" operation="less than">0:0.9.8a-18.50.1</evr> 71429 </rpminfo_state> 71430 <rpminfo_state id="oval:org.opensuse.security:ste:2009041051" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71431 <evr datatype="evr_string" operation="less than">0:7.19.0-11.6.1</evr> 71432 </rpminfo_state> 71433 <rpminfo_state id="oval:org.opensuse.security:ste:2009039153" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71434 <evr datatype="evr_string" operation="less than">0:2007.05.10-0.16.1</evr> 71435 </rpminfo_state> 71436 <rpminfo_state id="oval:org.opensuse.security:ste:2009039673" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71437 <evr datatype="evr_string" operation="less than">0:0.5.3-0.33.32.14</evr> 71438 </rpminfo_state> 71439 <rpminfo_state id="oval:org.opensuse.security:ste:2009039674" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71440 <evr datatype="evr_string" operation="less than">0:3.2.3_17040_24-0.4.1</evr> 71441 </rpminfo_state> 71442 <rpminfo_state id="oval:org.opensuse.security:ste:2009039675" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71443 <evr datatype="evr_string" operation="less than">0:3.2.3_17040_24_2.6.16.60_0.74.7-0.4.1</evr> 71444 </rpminfo_state> 71445 <rpminfo_state id="oval:org.opensuse.security:ste:2009038828" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71446 <evr datatype="evr_string" operation="less than">0:0.96.5-0.4.2</evr> 71447 </rpminfo_state> 71448 <rpminfo_state id="oval:org.opensuse.security:ste:2009044633" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71449 <evr datatype="evr_string" operation="less than">0:3.4-16.13.2</evr> 71450 </rpminfo_state> 71451 <rpminfo_state id="oval:org.opensuse.security:ste:2009038971" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71452 <evr datatype="evr_string" operation="less than">0:1.6.0.u24-0.5.1</evr> 71453 </rpminfo_state> 71454 <rpminfo_state id="oval:org.opensuse.security:ste:2009039438" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71455 <evr datatype="evr_string" operation="less than">0:1.5.0_sr12.4-0.7.18</evr> 71456 </rpminfo_state> 71457 <rpminfo_state id="oval:org.opensuse.security:ste:2009039154" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71458 <evr datatype="evr_string" operation="less than">0:1.5.0_sr12.4-0.7.1</evr> 71459 </rpminfo_state> 71460 <rpminfo_state id="oval:org.opensuse.security:ste:2009038948" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71461 <evr datatype="evr_string" operation="less than">0:1.2.9_beta9-17.19.1</evr> 71462 </rpminfo_state> 71463 <rpminfo_state id="oval:org.opensuse.security:ste:2009038983" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71464 <evr datatype="evr_string" operation="less than">0:1.3.1-1.16.1</evr> 71465 </rpminfo_state> 71466 <rpminfo_state id="oval:org.opensuse.security:ste:2009039131" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71467 <evr datatype="evr_string" operation="less than">0:2.2.10-22.35.34.1</evr> 71468 </rpminfo_state> 71469 <rpminfo_state id="oval:org.opensuse.security:ste:2009040734" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71470 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.99.1</evr> 71471 </rpminfo_state> 71472 <rpminfo_state id="oval:org.opensuse.security:ste:2009039488" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71473 <evr datatype="evr_string" operation="less than">0:3.8.2-5.24.1</evr> 71474 </rpminfo_state> 71475 <rpminfo_state id="oval:org.opensuse.security:ste:2009040365" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71476 <evr datatype="evr_string" operation="less than">0:6.9.0-50.78.5</evr> 71477 </rpminfo_state> 71478 <rpminfo_state id="oval:org.opensuse.security:ste:2009039569" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71479 <evr datatype="evr_string" operation="less than">0:1.14.5-0.12.1</evr> 71480 </rpminfo_state> 71481 <rpminfo_state id="oval:org.opensuse.security:ste:2009039505" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71482 <evr datatype="evr_string" operation="less than">0:3.6.17-0.5.1</evr> 71483 </rpminfo_state> 71484 <rpminfo_state id="oval:org.opensuse.security:ste:2009039506" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71485 <evr datatype="evr_string" operation="less than">0:1.9.2.17-0.6.1</evr> 71486 </rpminfo_state> 71487 <rpminfo_state id="oval:org.opensuse.security:ste:2009039504" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71488 <evr datatype="evr_string" operation="less than">0:1.9.1.19-0.5.1</evr> 71489 </rpminfo_state> 71490 <rpminfo_state id="oval:org.opensuse.security:ste:2009039693" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71491 <evr datatype="evr_string" operation="less than">0:3.6.18-0.5.1</evr> 71492 </rpminfo_state> 71493 <rpminfo_state id="oval:org.opensuse.security:ste:2009039694" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71494 <evr datatype="evr_string" operation="less than">0:1.9.2.18-1.6.1</evr> 71495 </rpminfo_state> 71496 <rpminfo_state id="oval:org.opensuse.security:ste:2009039866" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71497 <evr datatype="evr_string" operation="less than">0:3.6.20-0.5.1</evr> 71498 </rpminfo_state> 71499 <rpminfo_state id="oval:org.opensuse.security:ste:2009039867" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71500 <evr datatype="evr_string" operation="less than">0:1.9.2.20-1.5.1</evr> 71501 </rpminfo_state> 71502 <rpminfo_state id="oval:org.opensuse.security:ste:2009039597" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71503 <evr datatype="evr_string" operation="less than">0:1.8.6.p369-0.12.1</evr> 71504 </rpminfo_state> 71505 <rpminfo_state id="oval:org.opensuse.security:ste:2009039137" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71506 <evr datatype="evr_string" operation="less than">0:3.8.2-5.20.1</evr> 71507 </rpminfo_state> 71508 <rpminfo_state id="oval:org.opensuse.security:ste:2009039447" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71509 <evr datatype="evr_string" operation="less than">0:2.5.6-4.10.1</evr> 71510 </rpminfo_state> 71511 <rpminfo_state id="oval:org.opensuse.security:ste:2009039585" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71512 <evr datatype="evr_string" operation="less than">0:1.0.22-0.20.1</evr> 71513 </rpminfo_state> 71514 <rpminfo_state id="oval:org.opensuse.security:ste:2009037238" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71515 <evr datatype="evr_string" operation="less than">0:1.2.2-13.10.1</evr> 71516 </rpminfo_state> 71517 <rpminfo_state id="oval:org.opensuse.security:ste:2009039177" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71518 <evr datatype="evr_string" operation="less than">0:0.4.0-25.15.1</evr> 71519 </rpminfo_state> 71520 <rpminfo_state id="oval:org.opensuse.security:ste:2009039232" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71521 <evr datatype="evr_string" operation="less than">0:0.4.0-25.19.1</evr> 71522 </rpminfo_state> 71523 <rpminfo_state id="oval:org.opensuse.security:ste:2009039233" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71524 <evr datatype="evr_string" operation="less than">0:6.9.0-50.74.1</evr> 71525 </rpminfo_state> 71526 <rpminfo_state id="oval:org.opensuse.security:ste:2009039234" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71527 <evr datatype="evr_string" operation="less than">0:6.9.0-50.69.69.9</evr> 71528 </rpminfo_state> 71529 <rpminfo_state id="oval:org.opensuse.security:ste:2009039676" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71530 <evr datatype="evr_string" operation="less than">0:2.4-31.91.1</evr> 71531 </rpminfo_state> 71532 <rpminfo_state id="oval:org.opensuse.security:ste:2009038964" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71533 <evr datatype="evr_string" operation="less than">0:10.2.152.26-0.5.1</evr> 71534 </rpminfo_state> 71535 <rpminfo_state id="oval:org.opensuse.security:ste:2009039565" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71536 <evr datatype="evr_string" operation="less than">0:10.3.181.14-0.5.1</evr> 71537 </rpminfo_state> 71538 <rpminfo_state id="oval:org.opensuse.security:ste:2009039132" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71539 <evr datatype="evr_string" operation="less than">0:10.2.153.1-0.5.1</evr> 71540 </rpminfo_state> 71541 <rpminfo_state id="oval:org.opensuse.security:ste:2009039434" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71542 <evr datatype="evr_string" operation="less than">0:10.2.159.1-0.5.1</evr> 71543 </rpminfo_state> 71544 <rpminfo_state id="oval:org.opensuse.security:ste:2009039655" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71545 <evr datatype="evr_string" operation="less than">0:1.3.1-1.18.1</evr> 71546 </rpminfo_state> 71547 <rpminfo_state id="oval:org.opensuse.security:ste:2009039489" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71548 <evr datatype="evr_string" operation="less than">0:3.0.36-0.13.14.4</evr> 71549 </rpminfo_state> 71550 <rpminfo_state id="oval:org.opensuse.security:ste:2009039490" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71551 <evr datatype="evr_string" operation="less than">0:1.34b-25.13.14.4</evr> 71552 </rpminfo_state> 71553 <rpminfo_state id="oval:org.opensuse.security:ste:2009039491" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71554 <evr datatype="evr_string" operation="less than">0:0.3.6b-43.13.14.4</evr> 71555 </rpminfo_state> 71556 <rpminfo_state id="oval:org.opensuse.security:ste:2009039492" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71557 <evr datatype="evr_string" operation="less than">0:3.0.36-0.13.14.1</evr> 71558 </rpminfo_state> 71559 <rpminfo_state id="oval:org.opensuse.security:ste:2009039493" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71560 <evr datatype="evr_string" operation="less than">0:1.34b-25.13.14.1</evr> 71561 </rpminfo_state> 71562 <rpminfo_state id="oval:org.opensuse.security:ste:2009039494" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71563 <evr datatype="evr_string" operation="less than">0:0.3.6b-43.13.14.1</evr> 71564 </rpminfo_state> 71565 <rpminfo_state id="oval:org.opensuse.security:ste:2009039794" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71566 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.89.1</evr> 71567 </rpminfo_state> 71568 <rpminfo_state id="oval:org.opensuse.security:ste:2009040550" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71569 <evr datatype="evr_string" operation="less than">0:1.3.1-585.11.1</evr> 71570 </rpminfo_state> 71571 <rpminfo_state id="oval:org.opensuse.security:ste:2009039633" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71572 <evr datatype="evr_string" operation="less than">0:1.6.0.u26-0.11.1</evr> 71573 </rpminfo_state> 71574 <rpminfo_state id="oval:org.opensuse.security:ste:2009039772" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71575 <evr datatype="evr_string" operation="less than">0:1.5.0_sr12.5-0.5.1</evr> 71576 </rpminfo_state> 71577 <rpminfo_state id="oval:org.opensuse.security:ste:2009039624" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71578 <evr datatype="evr_string" operation="less than">0:2.12.0-25.25.1</evr> 71579 </rpminfo_state> 71580 <rpminfo_state id="oval:org.opensuse.security:ste:2009039194" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71581 <evr datatype="evr_string" operation="less than">0:1.0.22-0.18.1</evr> 71582 </rpminfo_state> 71583 <rpminfo_state id="oval:org.opensuse.security:ste:2009039196" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71584 <evr datatype="evr_string" operation="less than">0:1.3.22pl4-223.16.1</evr> 71585 </rpminfo_state> 71586 <rpminfo_state id="oval:org.opensuse.security:ste:2009039219" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71587 <evr datatype="evr_string" operation="less than">0:1.3.22pl4-223.18.1</evr> 71588 </rpminfo_state> 71589 <rpminfo_state id="oval:org.opensuse.security:ste:2009039235" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71590 <evr datatype="evr_string" operation="less than">0:3.0.7-7.13.1</evr> 71591 </rpminfo_state> 71592 <rpminfo_state id="oval:org.opensuse.security:ste:2009039236" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71593 <evr datatype="evr_string" operation="less than">0:3.0.7-7.7.7.1</evr> 71594 </rpminfo_state> 71595 <rpminfo_state id="oval:org.opensuse.security:ste:2009039237" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71596 <evr datatype="evr_string" operation="less than">0:3.0.7-7.11.1</evr> 71597 </rpminfo_state> 71598 <rpminfo_state id="oval:org.opensuse.security:ste:2009039138" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71599 <evr datatype="evr_string" operation="less than">0:0.97-5.5.3</evr> 71600 </rpminfo_state> 71601 <rpminfo_state id="oval:org.opensuse.security:ste:2009040457" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71602 <evr datatype="evr_string" operation="less than">0:2.4.2-18.41.2</evr> 71603 </rpminfo_state> 71604 <rpminfo_state id="oval:org.opensuse.security:ste:2009040750" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71605 <evr datatype="evr_string" operation="less than">0:2.4-31.103.1</evr> 71606 </rpminfo_state> 71607 <rpminfo_state id="oval:org.opensuse.security:ste:2009039900" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71608 <evr datatype="evr_string" operation="less than">0:2.2.6-24.19.1</evr> 71609 </rpminfo_state> 71610 <rpminfo_state id="oval:org.opensuse.security:ste:2009040239" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71611 <evr datatype="evr_string" operation="less than">0:2.6.6-0.12.2</evr> 71612 </rpminfo_state> 71613 <rpminfo_state id="oval:org.opensuse.security:ste:2009039588" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71614 <evr datatype="evr_string" operation="less than">0:3.7.3-13.15.1</evr> 71615 </rpminfo_state> 71616 <rpminfo_state id="oval:org.opensuse.security:ste:2009039684" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71617 <evr datatype="evr_string" operation="less than">0:3.2.3_17040_36-0.7.1</evr> 71618 </rpminfo_state> 71619 <rpminfo_state id="oval:org.opensuse.security:ste:2009039685" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71620 <evr datatype="evr_string" operation="less than">0:3.2.3_17040_36_2.6.16.60_0.87.4-0.7.1</evr> 71621 </rpminfo_state> 71622 <rpminfo_state id="oval:org.opensuse.security:ste:2009039614" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71623 <evr datatype="evr_string" operation="less than">0:2.2.10-22.38.1</evr> 71624 </rpminfo_state> 71625 <rpminfo_state id="oval:org.opensuse.security:ste:2009040508" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71626 <evr datatype="evr_string" operation="less than">0:7-0.8.12</evr> 71627 </rpminfo_state> 71628 <rpminfo_state id="oval:org.opensuse.security:ste:2009040509" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71629 <evr datatype="evr_string" operation="less than">0:10.0.4-0.7.6</evr> 71630 </rpminfo_state> 71631 <rpminfo_state id="oval:org.opensuse.security:ste:2009040510" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71632 <evr datatype="evr_string" operation="less than">0:0.2.18-78.13.1.102</evr> 71633 </rpminfo_state> 71634 <rpminfo_state id="oval:org.opensuse.security:ste:2009040511" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71635 <evr datatype="evr_string" operation="less than">0:2.10.6-0.10.1</evr> 71636 </rpminfo_state> 71637 <rpminfo_state id="oval:org.opensuse.security:ste:2009040512" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71638 <evr datatype="evr_string" operation="less than">0:0.5-1.11.5</evr> 71639 </rpminfo_state> 71640 <rpminfo_state id="oval:org.opensuse.security:ste:2009040513" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71641 <evr datatype="evr_string" operation="less than">0:3.13.4-0.5.5</evr> 71642 </rpminfo_state> 71643 <rpminfo_state id="oval:org.opensuse.security:ste:2009040115" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71644 <evr datatype="evr_string" operation="less than">0:9.4.6-0.5.1</evr> 71645 </rpminfo_state> 71646 <rpminfo_state id="oval:org.opensuse.security:ste:2009040005" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71647 <evr datatype="evr_string" operation="less than">0:5.8.8-14.19.7</evr> 71648 </rpminfo_state> 71649 <rpminfo_state id="oval:org.opensuse.security:ste:2009039575" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71650 <evr datatype="evr_string" operation="less than">0:2.4.2-18.37.1</evr> 71651 </rpminfo_state> 71652 <rpminfo_state id="oval:org.opensuse.security:ste:2009040226" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71653 <evr datatype="evr_string" operation="less than">0:1.4.3-19.49.49.1</evr> 71654 </rpminfo_state> 71655 <rpminfo_state id="oval:org.opensuse.security:ste:2009040382" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71656 <evr datatype="evr_string" operation="less than">0:3.7.3-13.17.1</evr> 71657 </rpminfo_state> 71658 <rpminfo_state id="oval:org.opensuse.security:ste:2009039620" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71659 <evr datatype="evr_string" operation="less than">0:1.4.4-0.39.1</evr> 71660 </rpminfo_state> 71661 <rpminfo_state id="oval:org.opensuse.security:ste:2009039578" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71662 <evr datatype="evr_string" operation="less than">0:1.6.0-39.6.2</evr> 71663 </rpminfo_state> 71664 <rpminfo_state id="oval:org.opensuse.security:ste:2009039528" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71665 <evr datatype="evr_string" operation="less than">0:2.5.6-4.12.1</evr> 71666 </rpminfo_state> 71667 <rpminfo_state id="oval:org.opensuse.security:ste:2009039622" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71668 <evr datatype="evr_string" operation="less than">0:9.6ESVR4P1-0.12.1</evr> 71669 </rpminfo_state> 71670 <rpminfo_state id="oval:org.opensuse.security:ste:2009039840" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71671 <evr datatype="evr_string" operation="less than">0:3.2.3_17040_37-0.7.1</evr> 71672 </rpminfo_state> 71673 <rpminfo_state id="oval:org.opensuse.security:ste:2009039841" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71674 <evr datatype="evr_string" operation="less than">0:3.2.3_17040_37_2.6.16.60_0.87.9-0.7.1</evr> 71675 </rpminfo_state> 71676 <rpminfo_state id="oval:org.opensuse.security:ste:2009039742" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71677 <evr datatype="evr_string" operation="less than">0:2.6.23-15.25.5</evr> 71678 </rpminfo_state> 71679 <rpminfo_state id="oval:org.opensuse.security:ste:2009039636" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71680 <evr datatype="evr_string" operation="less than">0:0.9.8a-18.52.1</evr> 71681 </rpminfo_state> 71682 <rpminfo_state id="oval:org.opensuse.security:ste:2009039659" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71683 <evr datatype="evr_string" operation="less than">0:1.0.0-32.39.1</evr> 71684 </rpminfo_state> 71685 <rpminfo_state id="oval:org.opensuse.security:ste:2009040034" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71686 <evr datatype="evr_string" operation="less than">0:1.4.4-0.41.1</evr> 71687 </rpminfo_state> 71688 <rpminfo_state id="oval:org.opensuse.security:ste:2009039625" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71689 <evr datatype="evr_string" operation="less than">0:10.3.181.22-0.5.1</evr> 71690 </rpminfo_state> 71691 <rpminfo_state id="oval:org.opensuse.security:ste:2009039640" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71692 <evr datatype="evr_string" operation="less than">0:10.3.181.26-0.5.1</evr> 71693 </rpminfo_state> 71694 <rpminfo_state id="oval:org.opensuse.security:ste:2009039788" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71695 <evr datatype="evr_string" operation="less than">0:10.3.183.5-0.5.1</evr> 71696 </rpminfo_state> 71697 <rpminfo_state id="oval:org.opensuse.security:ste:2009039702" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71698 <evr datatype="evr_string" operation="less than">0:0.48-1.13.1</evr> 71699 </rpminfo_state> 71700 <rpminfo_state id="oval:org.opensuse.security:ste:2009039718" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71701 <evr datatype="evr_string" operation="less than">0:0.60-33.31.1</evr> 71702 </rpminfo_state> 71703 <rpminfo_state id="oval:org.opensuse.security:ste:2009040006" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71704 <evr datatype="evr_string" operation="less than">0:3.6.23-0.5.1</evr> 71705 </rpminfo_state> 71706 <rpminfo_state id="oval:org.opensuse.security:ste:2009040007" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71707 <evr datatype="evr_string" operation="less than">0:1.9.2.23-1.6.1</evr> 71708 </rpminfo_state> 71709 <rpminfo_state id="oval:org.opensuse.security:ste:2009040144" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71710 <evr datatype="evr_string" operation="less than">0:3.13.1-0.5.1</evr> 71711 </rpminfo_state> 71712 <rpminfo_state id="oval:org.opensuse.security:ste:2009039949" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71713 <evr datatype="evr_string" operation="less than">0:10.3.183.10-0.5.1</evr> 71714 </rpminfo_state> 71715 <rpminfo_state id="oval:org.opensuse.security:ste:2009040126" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71716 <evr datatype="evr_string" operation="less than">0:10.3.183.11-0.5.1</evr> 71717 </rpminfo_state> 71718 <rpminfo_state id="oval:org.opensuse.security:ste:2009040255" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71719 <evr datatype="evr_string" operation="less than">0:9.4.6-0.5.9</evr> 71720 </rpminfo_state> 71721 <rpminfo_state id="oval:org.opensuse.security:ste:2009040256" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71722 <evr datatype="evr_string" operation="less than">0:9.4.7-0.5.1</evr> 71723 </rpminfo_state> 71724 <rpminfo_state id="oval:org.opensuse.security:ste:2009039711" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71725 <evr datatype="evr_string" operation="less than">0:9.6ESVR4P3-0.7.1</evr> 71726 </rpminfo_state> 71727 <rpminfo_state id="oval:org.opensuse.security:ste:2009039956" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71728 <evr datatype="evr_string" operation="less than">0:2.13.48-0.8.1</evr> 71729 </rpminfo_state> 71730 <rpminfo_state id="oval:org.opensuse.security:ste:2009039834" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71731 <evr datatype="evr_string" operation="less than">0:2.4-31.93.1</evr> 71732 </rpminfo_state> 71733 <rpminfo_state id="oval:org.opensuse.security:ste:2009039835" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71734 <evr datatype="evr_string" operation="less than">0:2.4-12.9.4</evr> 71735 </rpminfo_state> 71736 <rpminfo_state id="oval:org.opensuse.security:ste:2009039836" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71737 <evr datatype="evr_string" operation="less than">0:10-2.17.4</evr> 71738 </rpminfo_state> 71739 <rpminfo_state id="oval:org.opensuse.security:ste:2009039837" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71740 <evr datatype="evr_string" operation="less than">0:3.0.7.1-17.36.2</evr> 71741 </rpminfo_state> 71742 <rpminfo_state id="oval:org.opensuse.security:ste:2009040726" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71743 <evr datatype="evr_string" operation="less than">0:8.1.23-0.11.1</evr> 71744 </rpminfo_state> 71745 <rpminfo_state id="oval:org.opensuse.security:ste:2009040587" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71746 <evr datatype="evr_string" operation="less than">0:0.22.0-93.9.1</evr> 71747 </rpminfo_state> 71748 <rpminfo_state id="oval:org.opensuse.security:ste:2009040588" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71749 <evr datatype="evr_string" operation="less than">0:2.8.11-0.29.2</evr> 71750 </rpminfo_state> 71751 <rpminfo_state id="oval:org.opensuse.security:ste:2009039755" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71752 <evr datatype="evr_string" operation="less than">0:2.4-567.8.1</evr> 71753 </rpminfo_state> 71754 <rpminfo_state id="oval:org.opensuse.security:ste:2009039756" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71755 <evr datatype="evr_string" operation="less than">0:2011.6.28-0.5.1</evr> 71756 </rpminfo_state> 71757 <rpminfo_state id="oval:org.opensuse.security:ste:2009039798" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71758 <evr datatype="evr_string" operation="less than">0:0.3.3-18.22.1</evr> 71759 </rpminfo_state> 71760 <rpminfo_state id="oval:org.opensuse.security:ste:2009039909" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71761 <evr datatype="evr_string" operation="less than">0:3.0.36-0.13.16.5</evr> 71762 </rpminfo_state> 71763 <rpminfo_state id="oval:org.opensuse.security:ste:2009039910" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71764 <evr datatype="evr_string" operation="less than">0:1.34b-25.13.16.5</evr> 71765 </rpminfo_state> 71766 <rpminfo_state id="oval:org.opensuse.security:ste:2009039911" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71767 <evr datatype="evr_string" operation="less than">0:0.3.6b-43.13.16.5</evr> 71768 </rpminfo_state> 71769 <rpminfo_state id="oval:org.opensuse.security:ste:2009040145" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71770 <evr datatype="evr_string" operation="less than">0:1.4.10-0.40.1</evr> 71771 </rpminfo_state> 71772 <rpminfo_state id="oval:org.opensuse.security:ste:2009039880" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71773 <evr datatype="evr_string" operation="less than">0:0.5.1-1.7.1</evr> 71774 </rpminfo_state> 71775 <rpminfo_state id="oval:org.opensuse.security:ste:2009044638" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71776 <evr datatype="evr_string" operation="less than">0:3.4.2.6-2.7.1</evr> 71777 </rpminfo_state> 71778 <rpminfo_state id="oval:org.opensuse.security:ste:2009040937" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71779 <evr datatype="evr_string" operation="less than">0:1.8.6.p369-0.14.1</evr> 71780 </rpminfo_state> 71781 <rpminfo_state id="oval:org.opensuse.security:ste:2009039790" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71782 <evr datatype="evr_string" operation="less than">0:3.0.2-20.11.1</evr> 71783 </rpminfo_state> 71784 <rpminfo_state id="oval:org.opensuse.security:ste:2009040580" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71785 <evr datatype="evr_string" operation="less than">0:0.6-13.12.1</evr> 71786 </rpminfo_state> 71787 <rpminfo_state id="oval:org.opensuse.security:ste:2009039853" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71788 <evr datatype="evr_string" operation="less than">0:0.97.2-1.5.2</evr> 71789 </rpminfo_state> 71790 <rpminfo_state id="oval:org.opensuse.security:ste:2009040903" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71791 <evr datatype="evr_string" operation="less than">0:5.8.8-14.21.3</evr> 71792 </rpminfo_state> 71793 <rpminfo_state id="oval:org.opensuse.security:ste:2009039932" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71794 <evr datatype="evr_string" operation="less than">0:3.0.7-7.15.1</evr> 71795 </rpminfo_state> 71796 <rpminfo_state id="oval:org.opensuse.security:ste:2009040175" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71797 <evr datatype="evr_string" operation="less than">0:6.9.0-50.76.4</evr> 71798 </rpminfo_state> 71799 <rpminfo_state id="oval:org.opensuse.security:ste:2009040184" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71800 <evr datatype="evr_string" operation="less than">0:2.1.10-18.27.5</evr> 71801 </rpminfo_state> 71802 <rpminfo_state id="oval:org.opensuse.security:ste:2009040058" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71803 <evr datatype="evr_string" operation="less than">0:2.2.10-22.40.1</evr> 71804 </rpminfo_state> 71805 <rpminfo_state id="oval:org.opensuse.security:ste:2009039891" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71806 <evr datatype="evr_string" operation="less than">0:3.2.3_17040_37-0.9.1</evr> 71807 </rpminfo_state> 71808 <rpminfo_state id="oval:org.opensuse.security:ste:2009039892" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71809 <evr datatype="evr_string" operation="less than">0:3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1</evr> 71810 </rpminfo_state> 71811 <rpminfo_state id="oval:org.opensuse.security:ste:2009040551" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71812 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.97.1</evr> 71813 </rpminfo_state> 71814 <rpminfo_state id="oval:org.opensuse.security:ste:2009040374" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71815 <evr datatype="evr_string" operation="less than">0:1.2.8-19.33.7</evr> 71816 </rpminfo_state> 71817 <rpminfo_state id="oval:org.opensuse.security:ste:2009040356" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71818 <evr datatype="evr_string" operation="less than">0:3.6.27-0.5.4</evr> 71819 </rpminfo_state> 71820 <rpminfo_state id="oval:org.opensuse.security:ste:2009040357" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71821 <evr datatype="evr_string" operation="less than">0:1.9.2.27-0.5.6</evr> 71822 </rpminfo_state> 71823 <rpminfo_state id="oval:org.opensuse.security:ste:2009040542" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71824 <evr datatype="evr_string" operation="less than">0:1.2.8-19.35.4</evr> 71825 </rpminfo_state> 71826 <rpminfo_state id="oval:org.opensuse.security:ste:2009040556" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71827 <evr datatype="evr_string" operation="less than">0:10.0.5-0.8.4</evr> 71828 </rpminfo_state> 71829 <rpminfo_state id="oval:org.opensuse.security:ste:2009040557" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71830 <evr datatype="evr_string" operation="less than">0:4.9.1-0.8.1</evr> 71831 </rpminfo_state> 71832 <rpminfo_state id="oval:org.opensuse.security:ste:2009040558" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71833 <evr datatype="evr_string" operation="less than">0:3.13.5-0.7.2</evr> 71834 </rpminfo_state> 71835 <rpminfo_state id="oval:org.opensuse.security:ste:2009040575" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71836 <evr datatype="evr_string" operation="less than">0:2.6.23-15.31.4</evr> 71837 </rpminfo_state> 71838 <rpminfo_state id="oval:org.opensuse.security:ste:2009039938" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71839 <evr datatype="evr_string" operation="less than">0:1.0.22-0.26.1</evr> 71840 </rpminfo_state> 71841 <rpminfo_state id="oval:org.opensuse.security:ste:2009040054" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71842 <evr datatype="evr_string" operation="less than">0:0.9.8a-18.54.1</evr> 71843 </rpminfo_state> 71844 <rpminfo_state id="oval:org.opensuse.security:ste:2009040098" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71845 <evr datatype="evr_string" operation="less than">0:1.7-271.42.2</evr> 71846 </rpminfo_state> 71847 <rpminfo_state id="oval:org.opensuse.security:ste:2009040099" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71848 <evr datatype="evr_string" operation="less than">0:4.4.2-43.42.2</evr> 71849 </rpminfo_state> 71850 <rpminfo_state id="oval:org.opensuse.security:ste:2009040478" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71851 <evr datatype="evr_string" operation="less than">0:1.5.0_sr13.1-0.8.3</evr> 71852 </rpminfo_state> 71853 <rpminfo_state id="oval:org.opensuse.security:ste:2009040315" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71854 <evr datatype="evr_string" operation="less than">0:7.15.1-19.20.1</evr> 71855 </rpminfo_state> 71856 <rpminfo_state id="oval:org.opensuse.security:ste:2009040177" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71857 <evr datatype="evr_string" operation="less than">0:1.5.0_sr13.0-0.5.1</evr> 71858 </rpminfo_state> 71859 <rpminfo_state id="oval:org.opensuse.security:ste:2009040082" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71860 <evr datatype="evr_string" operation="less than">0:0.97.3-0.5.1</evr> 71861 </rpminfo_state> 71862 <rpminfo_state id="oval:org.opensuse.security:ste:2009040148" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71863 <evr datatype="evr_string" operation="less than">0:3.6.24-0.5.1</evr> 71864 </rpminfo_state> 71865 <rpminfo_state id="oval:org.opensuse.security:ste:2009040149" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71866 <evr datatype="evr_string" operation="less than">0:1.9.2.24-0.5.1</evr> 71867 </rpminfo_state> 71868 <rpminfo_state id="oval:org.opensuse.security:ste:2009040321" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71869 <evr datatype="evr_string" operation="less than">0:3.6.26-0.6.1</evr> 71870 </rpminfo_state> 71871 <rpminfo_state id="oval:org.opensuse.security:ste:2009040322" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71872 <evr datatype="evr_string" operation="less than">0:1.9.2.26-0.5.1</evr> 71873 </rpminfo_state> 71874 <rpminfo_state id="oval:org.opensuse.security:ste:2009040284" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71875 <evr datatype="evr_string" operation="less than">0:2.6.23-15.27.1</evr> 71876 </rpminfo_state> 71877 <rpminfo_state id="oval:org.opensuse.security:ste:2009040426" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71878 <evr datatype="evr_string" operation="less than">0:1.1.15-15.16.21</evr> 71879 </rpminfo_state> 71880 <rpminfo_state id="oval:org.opensuse.security:ste:2009040189" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71881 <evr datatype="evr_string" operation="less than">0:2.4.4-18.19.1</evr> 71882 </rpminfo_state> 71883 <rpminfo_state id="oval:org.opensuse.security:ste:2009040248" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71884 <evr datatype="evr_string" operation="less than">0:0.9.8a-18.56.3</evr> 71885 </rpminfo_state> 71886 <rpminfo_state id="oval:org.opensuse.security:ste:2009040324" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71887 <evr datatype="evr_string" operation="less than">0:0.50.9-13.68.1</evr> 71888 </rpminfo_state> 71889 <rpminfo_state id="oval:org.opensuse.security:ste:2009040152" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71890 <evr datatype="evr_string" operation="less than">0:9.6ESVR5P1-0.9.1</evr> 71891 </rpminfo_state> 71892 <rpminfo_state id="oval:org.opensuse.security:ste:2009040205" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71893 <evr datatype="evr_string" operation="less than">0:1.701.0-16.15.1</evr> 71894 </rpminfo_state> 71895 <rpminfo_state id="oval:org.opensuse.security:ste:2009040423" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71896 <evr datatype="evr_string" operation="less than">0:3.4.5.5-0.7.1</evr> 71897 </rpminfo_state> 71898 <rpminfo_state id="oval:org.opensuse.security:ste:2009040668" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71899 <evr datatype="evr_string" operation="less than">0:5.1p1-41.12.8</evr> 71900 </rpminfo_state> 71901 <rpminfo_state id="oval:org.opensuse.security:ste:2009040352" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71902 <evr datatype="evr_string" operation="less than">0:1.4.11-0.5.1</evr> 71903 </rpminfo_state> 71904 <rpminfo_state id="oval:org.opensuse.security:ste:2009040345" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71905 <evr datatype="evr_string" operation="less than">0:0.9.8a-18.60.3</evr> 71906 </rpminfo_state> 71907 <rpminfo_state id="oval:org.opensuse.security:ste:2009040490" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71908 <evr datatype="evr_string" operation="less than">0:1.7-271.46.16</evr> 71909 </rpminfo_state> 71910 <rpminfo_state id="oval:org.opensuse.security:ste:2009040491" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71911 <evr datatype="evr_string" operation="less than">0:4.4.2-43.46.16</evr> 71912 </rpminfo_state> 71913 <rpminfo_state id="oval:org.opensuse.security:ste:2009040538" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71914 <evr datatype="evr_string" operation="less than">0:3.2.3_17040_38-0.11.1</evr> 71915 </rpminfo_state> 71916 <rpminfo_state id="oval:org.opensuse.security:ste:2009040539" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71917 <evr datatype="evr_string" operation="less than">0:3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1</evr> 71918 </rpminfo_state> 71919 <rpminfo_state id="oval:org.opensuse.security:ste:2009040561" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71920 <evr datatype="evr_string" operation="less than">0:6.2.5-16.34.1</evr> 71921 </rpminfo_state> 71922 <rpminfo_state id="oval:org.opensuse.security:ste:2009040583" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71923 <evr datatype="evr_string" operation="less than">0:1.2.10-13.30.1</evr> 71924 </rpminfo_state> 71925 <rpminfo_state id="oval:org.opensuse.security:ste:2009040758" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71926 <evr datatype="evr_string" operation="less than">0:2008.11.26-0.9.1</evr> 71927 </rpminfo_state> 71928 <rpminfo_state id="oval:org.opensuse.security:ste:2009040378" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71929 <evr datatype="evr_string" operation="less than">0:1.1.2-13.19.1</evr> 71930 </rpminfo_state> 71931 <rpminfo_state id="oval:org.opensuse.security:ste:2009040414" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71932 <evr datatype="evr_string" operation="less than">0:3.6.28-0.5.2</evr> 71933 </rpminfo_state> 71934 <rpminfo_state id="oval:org.opensuse.security:ste:2009040415" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71935 <evr datatype="evr_string" operation="less than">0:4.9.0-0.6.1</evr> 71936 </rpminfo_state> 71937 <rpminfo_state id="oval:org.opensuse.security:ste:2009040416" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71938 <evr datatype="evr_string" operation="less than">0:3.13.3-0.5.1</evr> 71939 </rpminfo_state> 71940 <rpminfo_state id="oval:org.opensuse.security:ste:2009040417" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71941 <evr datatype="evr_string" operation="less than">0:1.9.2.28-0.7.1</evr> 71942 </rpminfo_state> 71943 <rpminfo_state id="oval:org.opensuse.security:ste:2009040362" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71944 <evr datatype="evr_string" operation="less than">0:10.3.183.15-0.6.1</evr> 71945 </rpminfo_state> 71946 <rpminfo_state id="oval:org.opensuse.security:ste:2009040390" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71947 <evr datatype="evr_string" operation="less than">0:10.3.183.16-0.5.1</evr> 71948 </rpminfo_state> 71949 <rpminfo_state id="oval:org.opensuse.security:ste:2009040421" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71950 <evr datatype="evr_string" operation="less than">0:10.3.183.18-0.5.2</evr> 71951 </rpminfo_state> 71952 <rpminfo_state id="oval:org.opensuse.security:ste:2009040454" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71953 <evr datatype="evr_string" operation="less than">0:9.4.6-0.6.1</evr> 71954 </rpminfo_state> 71955 <rpminfo_state id="oval:org.opensuse.security:ste:2009040455" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71956 <evr datatype="evr_string" operation="less than">0:9.5.1-0.6.1</evr> 71957 </rpminfo_state> 71958 <rpminfo_state id="oval:org.opensuse.security:ste:2009040473" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71959 <evr datatype="evr_string" operation="less than">0:11.2.202.235-0.5.1</evr> 71960 </rpminfo_state> 71961 <rpminfo_state id="oval:org.opensuse.security:ste:2009040368" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71962 <evr datatype="evr_string" operation="less than">0:1.12.12-19.10.1</evr> 71963 </rpminfo_state> 71964 <rpminfo_state id="oval:org.opensuse.security:ste:2009040492" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71965 <evr datatype="evr_string" operation="less than">0:2.6.23-15.29.1</evr> 71966 </rpminfo_state> 71967 <rpminfo_state id="oval:org.opensuse.security:ste:2009040474" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71968 <evr datatype="evr_string" operation="less than">0:2.4-31.101.2</evr> 71969 </rpminfo_state> 71970 <rpminfo_state id="oval:org.opensuse.security:ste:2009040521" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71971 <evr datatype="evr_string" operation="less than">0:8.1.22-0.8.1</evr> 71972 </rpminfo_state> 71973 <rpminfo_state id="oval:org.opensuse.security:ste:2009040391" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71974 <evr datatype="evr_string" operation="less than">0:3.0.36-0.13.18.1</evr> 71975 </rpminfo_state> 71976 <rpminfo_state id="oval:org.opensuse.security:ste:2009040392" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71977 <evr datatype="evr_string" operation="less than">0:1.34b-25.13.18.1</evr> 71978 </rpminfo_state> 71979 <rpminfo_state id="oval:org.opensuse.security:ste:2009040393" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71980 <evr datatype="evr_string" operation="less than">0:0.3.6b-43.13.18.1</evr> 71981 </rpminfo_state> 71982 <rpminfo_state id="oval:org.opensuse.security:ste:2009040566" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71983 <evr datatype="evr_string" operation="less than">0:2.0.0-13.15.16</evr> 71984 </rpminfo_state> 71985 <rpminfo_state id="oval:org.opensuse.security:ste:2009040552" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71986 <evr datatype="evr_string" operation="less than">0:1.4-20.8.2</evr> 71987 </rpminfo_state> 71988 <rpminfo_state id="oval:org.opensuse.security:ste:2009040433" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71989 <evr datatype="evr_string" operation="less than">0:2.1.10-18.29.6</evr> 71990 </rpminfo_state> 71991 <rpminfo_state id="oval:org.opensuse.security:ste:2009040434" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71992 <evr datatype="evr_string" operation="less than">0:2.1.10-19.29.2</evr> 71993 </rpminfo_state> 71994 <rpminfo_state id="oval:org.opensuse.security:ste:2009040449" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71995 <evr datatype="evr_string" operation="less than">0:3.8.2-5.26.1</evr> 71996 </rpminfo_state> 71997 <rpminfo_state id="oval:org.opensuse.security:ste:2009040567" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 71998 <evr datatype="evr_string" operation="less than">0:2.6.6-0.16.1</evr> 71999 </rpminfo_state> 72000 <rpminfo_state id="oval:org.opensuse.security:ste:2009040438" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72001 <evr datatype="evr_string" operation="less than">0:3.0.36-0.13.20.1</evr> 72002 </rpminfo_state> 72003 <rpminfo_state id="oval:org.opensuse.security:ste:2009040439" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72004 <evr datatype="evr_string" operation="less than">0:1.34b-25.13.20.1</evr> 72005 </rpminfo_state> 72006 <rpminfo_state id="oval:org.opensuse.security:ste:2009040440" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72007 <evr datatype="evr_string" operation="less than">0:3.0.36-0.12.20.1</evr> 72008 </rpminfo_state> 72009 <rpminfo_state id="oval:org.opensuse.security:ste:2009040441" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72010 <evr datatype="evr_string" operation="less than">0:0.3.6b-43.13.20.1</evr> 72011 </rpminfo_state> 72012 <rpminfo_state id="oval:org.opensuse.security:ste:2009040594" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72013 <evr datatype="evr_string" operation="less than">0:0.97.5-0.5.2</evr> 72014 </rpminfo_state> 72015 <rpminfo_state id="oval:org.opensuse.security:ste:2009040502" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72016 <evr datatype="evr_string" operation="less than">0:0.5.0-2.7.1</evr> 72017 </rpminfo_state> 72018 <rpminfo_state id="oval:org.opensuse.security:ste:2009040793" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72019 <evr datatype="evr_string" operation="less than">0:9.4.6-0.6.59</evr> 72020 </rpminfo_state> 72021 <rpminfo_state id="oval:org.opensuse.security:ste:2009040794" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72022 <evr datatype="evr_string" operation="less than">0:9.5.3-0.6.2</evr> 72023 </rpminfo_state> 72024 <rpminfo_state id="oval:org.opensuse.security:ste:2009040751" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72025 <evr datatype="evr_string" operation="less than">0:1.5.0_sr15.0-0.5.1</evr> 72026 </rpminfo_state> 72027 <rpminfo_state id="oval:org.opensuse.security:ste:2009040651" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72028 <evr datatype="evr_string" operation="less than">0:11.2.202.238-0.5.1</evr> 72029 </rpminfo_state> 72030 <rpminfo_state id="oval:org.opensuse.security:ste:2009040864" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72031 <evr datatype="evr_string" operation="less than">0:3.0.36-0.13.24.1</evr> 72032 </rpminfo_state> 72033 <rpminfo_state id="oval:org.opensuse.security:ste:2009040865" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72034 <evr datatype="evr_string" operation="less than">0:1.34b-25.13.24.1</evr> 72035 </rpminfo_state> 72036 <rpminfo_state id="oval:org.opensuse.security:ste:2009040866" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72037 <evr datatype="evr_string" operation="less than">0:3.0.36-0.12.24.1</evr> 72038 </rpminfo_state> 72039 <rpminfo_state id="oval:org.opensuse.security:ste:2009040867" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72040 <evr datatype="evr_string" operation="less than">0:0.3.6b-43.13.24.1</evr> 72041 </rpminfo_state> 72042 <rpminfo_state id="oval:org.opensuse.security:ste:2009040467" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72043 <evr datatype="evr_string" operation="less than">0:1.4.12-0.5.6</evr> 72044 </rpminfo_state> 72045 <rpminfo_state id="oval:org.opensuse.security:ste:2009040559" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72046 <evr datatype="evr_string" operation="less than">0:9.6ESVR7P1-0.10.1</evr> 72047 </rpminfo_state> 72048 <rpminfo_state id="oval:org.opensuse.security:ste:2009040712" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72049 <evr datatype="evr_string" operation="less than">0:1.5.0_sr14.0-0.9.1</evr> 72050 </rpminfo_state> 72051 <rpminfo_state id="oval:org.opensuse.security:ste:2009040610" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72052 <evr datatype="evr_string" operation="less than">0:7-0.8.25</evr> 72053 </rpminfo_state> 72054 <rpminfo_state id="oval:org.opensuse.security:ste:2009040611" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72055 <evr datatype="evr_string" operation="less than">0:10.0.6-0.6.1</evr> 72056 </rpminfo_state> 72057 <rpminfo_state id="oval:org.opensuse.security:ste:2009040612" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72058 <evr datatype="evr_string" operation="less than">0:2.10.6-0.12.1</evr> 72059 </rpminfo_state> 72060 <rpminfo_state id="oval:org.opensuse.security:ste:2009040689" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72061 <evr datatype="evr_string" operation="less than">0:7-0.8.31</evr> 72062 </rpminfo_state> 72063 <rpminfo_state id="oval:org.opensuse.security:ste:2009040690" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72064 <evr datatype="evr_string" operation="less than">0:10.0.7-0.5.1</evr> 72065 </rpminfo_state> 72066 <rpminfo_state id="oval:org.opensuse.security:ste:2009040691" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72067 <evr datatype="evr_string" operation="less than">0:1.2.4-0.8.1</evr> 72068 </rpminfo_state> 72069 <rpminfo_state id="oval:org.opensuse.security:ste:2009040692" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72070 <evr datatype="evr_string" operation="less than">0:4.9.2-0.9.1</evr> 72071 </rpminfo_state> 72072 <rpminfo_state id="oval:org.opensuse.security:ste:2009040693" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72073 <evr datatype="evr_string" operation="less than">0:3.13.6-0.8.1</evr> 72074 </rpminfo_state> 72075 <rpminfo_state id="oval:org.opensuse.security:ste:2009040527" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72076 <evr datatype="evr_string" operation="less than">0:11.2.202.236-0.5.1</evr> 72077 </rpminfo_state> 72078 <rpminfo_state id="oval:org.opensuse.security:ste:2009040608" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72079 <evr datatype="evr_string" operation="less than">0:3.8.2-5.28.1</evr> 72080 </rpminfo_state> 72081 <rpminfo_state id="oval:org.opensuse.security:ste:2009040694" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72082 <evr datatype="evr_string" operation="less than">0:0.9.7g-13.23.1</evr> 72083 </rpminfo_state> 72084 <rpminfo_state id="oval:org.opensuse.security:ste:2009040493" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72085 <evr datatype="evr_string" operation="less than">0:0.9.8a-18.68.1</evr> 72086 </rpminfo_state> 72087 <rpminfo_state id="oval:org.opensuse.security:ste:2009040602" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72088 <evr datatype="evr_string" operation="less than">0:5.3.0.1-25.43.1</evr> 72089 </rpminfo_state> 72090 <rpminfo_state id="oval:org.opensuse.security:ste:2009040504" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72091 <evr datatype="evr_string" operation="less than">0:0.9.8a-18.70.5</evr> 72092 </rpminfo_state> 72093 <rpminfo_state id="oval:org.opensuse.security:ste:2009040501" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72094 <evr datatype="evr_string" operation="less than">0:1.6.9p23-0.14.1</evr> 72095 </rpminfo_state> 72096 <rpminfo_state id="oval:org.opensuse.security:ste:2009040578" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72097 <evr datatype="evr_string" operation="less than">0:1.4.13-0.5.1</evr> 72098 </rpminfo_state> 72099 <rpminfo_state id="oval:org.opensuse.security:ste:2009044645" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72100 <evr datatype="evr_string" operation="less than">0:3.2.3_17040_40-0.7.2</evr> 72101 </rpminfo_state> 72102 <rpminfo_state id="oval:org.opensuse.security:ste:2009044646" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72103 <evr datatype="evr_string" operation="less than">0:3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2</evr> 72104 </rpminfo_state> 72105 <rpminfo_state id="oval:org.opensuse.security:ste:2009040623" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72106 <evr datatype="evr_string" operation="less than">0:3.5.4.7-0.7.1</evr> 72107 </rpminfo_state> 72108 <rpminfo_state id="oval:org.opensuse.security:ste:2009040599" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72109 <evr datatype="evr_string" operation="less than">0:1.33.1-17.15.1</evr> 72110 </rpminfo_state> 72111 <rpminfo_state id="oval:org.opensuse.security:ste:2009040646" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72112 <evr datatype="evr_string" operation="less than">0:6b-752.8.45</evr> 72113 </rpminfo_state> 72114 <rpminfo_state id="oval:org.opensuse.security:ste:2009040647" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72115 <evr datatype="evr_string" operation="less than">0:6.2.0-752.8.45</evr> 72116 </rpminfo_state> 72117 <rpminfo_state id="oval:org.opensuse.security:ste:2009040648" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72118 <evr datatype="evr_string" operation="less than">0:6.2.0-18.8.45</evr> 72119 </rpminfo_state> 72120 <rpminfo_state id="oval:org.opensuse.security:ste:2009040686" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72121 <evr datatype="evr_string" operation="less than">0:2.6.23-15.33.17</evr> 72122 </rpminfo_state> 72123 <rpminfo_state id="oval:org.opensuse.security:ste:2009040615" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72124 <evr datatype="evr_string" operation="less than">0:0.6.13-20.14.1</evr> 72125 </rpminfo_state> 72126 <rpminfo_state id="oval:org.opensuse.security:ste:2009040616" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72127 <evr datatype="evr_string" operation="less than">0:1.1.15-15.18.4</evr> 72128 </rpminfo_state> 72129 <rpminfo_state id="oval:org.opensuse.security:ste:2009040915" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72130 <evr datatype="evr_string" operation="less than">0:1.5.0_sr16.0-0.6.1</evr> 72131 </rpminfo_state> 72132 <rpminfo_state id="oval:org.opensuse.security:ste:2009040631" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72133 <evr datatype="evr_string" operation="less than">0:2.2.10-22.42.1</evr> 72134 </rpminfo_state> 72135 <rpminfo_state id="oval:org.opensuse.security:ste:2009040603" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72136 <evr datatype="evr_string" operation="less than">0:2.6.6-0.18.1</evr> 72137 </rpminfo_state> 72138 <rpminfo_state id="oval:org.opensuse.security:ste:2009040624" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72139 <evr datatype="evr_string" operation="less than">0:3.8.2-5.30.5</evr> 72140 </rpminfo_state> 72141 <rpminfo_state id="oval:org.opensuse.security:ste:2009040666" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72142 <evr datatype="evr_string" operation="less than">0:2.2.10-22.46.1</evr> 72143 </rpminfo_state> 72144 <rpminfo_state id="oval:org.opensuse.security:ste:2009040661" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72145 <evr datatype="evr_string" operation="less than">0:2.2.10-22.44.1</evr> 72146 </rpminfo_state> 72147 <rpminfo_state id="oval:org.opensuse.security:ste:2009040635" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72148 <evr datatype="evr_string" operation="less than">0:3.1-24.30.1</evr> 72149 </rpminfo_state> 72150 <rpminfo_state id="oval:org.opensuse.security:ste:2009040636" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72151 <evr datatype="evr_string" operation="less than">0:5.1-24.30.1</evr> 72152 </rpminfo_state> 72153 <rpminfo_state id="oval:org.opensuse.security:ste:2009040683" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72154 <evr datatype="evr_string" operation="less than">0:3.13-17.18.1</evr> 72155 </rpminfo_state> 72156 <rpminfo_state id="oval:org.opensuse.security:ste:2009040804" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72157 <evr datatype="evr_string" operation="less than">0:2013.1.7-0.5.1</evr> 72158 </rpminfo_state> 72159 <rpminfo_state id="oval:org.opensuse.security:ste:2009040644" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72160 <evr datatype="evr_string" operation="less than">0:1.2.8-19.37.24</evr> 72161 </rpminfo_state> 72162 <rpminfo_state id="oval:org.opensuse.security:ste:2009040976" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72163 <evr datatype="evr_string" operation="less than">0:6.2.5-16.36.2</evr> 72164 </rpminfo_state> 72165 <rpminfo_state id="oval:org.opensuse.security:ste:2009040760" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72166 <evr datatype="evr_string" operation="less than">0:3.0.0-16.9.1</evr> 72167 </rpminfo_state> 72168 <rpminfo_state id="oval:org.opensuse.security:ste:2009040782" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72169 <evr datatype="evr_string" operation="less than">0:2.4-31.107.1</evr> 72170 </rpminfo_state> 72171 <rpminfo_state id="oval:org.opensuse.security:ste:2009044653" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72172 <evr datatype="evr_string" operation="less than">0:3.2.3_17040_42-0.7.1</evr> 72173 </rpminfo_state> 72174 <rpminfo_state id="oval:org.opensuse.security:ste:2009044654" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72175 <evr datatype="evr_string" operation="less than">0:3.2.3_17040_42-0.7.2</evr> 72176 </rpminfo_state> 72177 <rpminfo_state id="oval:org.opensuse.security:ste:2009044655" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72178 <evr datatype="evr_string" operation="less than">0:3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1</evr> 72179 </rpminfo_state> 72180 <rpminfo_state id="oval:org.opensuse.security:ste:2009044656" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72181 <evr datatype="evr_string" operation="less than">0:3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2</evr> 72182 </rpminfo_state> 72183 <rpminfo_state id="oval:org.opensuse.security:ste:2009040652" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72184 <evr datatype="evr_string" operation="less than">0:3.0.7-7.17.1</evr> 72185 </rpminfo_state> 72186 <rpminfo_state id="oval:org.opensuse.security:ste:2009040680" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72187 <evr datatype="evr_string" operation="less than">0:9.6ESVR7P2-0.7.1</evr> 72188 </rpminfo_state> 72189 <rpminfo_state id="oval:org.opensuse.security:ste:2009040729" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72190 <evr datatype="evr_string" operation="less than">0:7-0.8.35</evr> 72191 </rpminfo_state> 72192 <rpminfo_state id="oval:org.opensuse.security:ste:2009040730" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72193 <evr datatype="evr_string" operation="less than">0:10.0.9-0.5.1</evr> 72194 </rpminfo_state> 72195 <rpminfo_state id="oval:org.opensuse.security:ste:2009040695" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72196 <evr datatype="evr_string" operation="less than">0:1.4.15-0.5.1</evr> 72197 </rpminfo_state> 72198 <rpminfo_state id="oval:org.opensuse.security:ste:2009040739" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72199 <evr datatype="evr_string" operation="less than">0:10.0.10-0.5.2</evr> 72200 </rpminfo_state> 72201 <rpminfo_state id="oval:org.opensuse.security:ste:2009040740" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72202 <evr datatype="evr_string" operation="less than">0:4.9.3-0.5.1</evr> 72203 </rpminfo_state> 72204 <rpminfo_state id="oval:org.opensuse.security:ste:2009040762" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72205 <evr datatype="evr_string" operation="less than">0:10.0.11-0.5.1</evr> 72206 </rpminfo_state> 72207 <rpminfo_state id="oval:org.opensuse.security:ste:2009040763" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72208 <evr datatype="evr_string" operation="less than">0:3.14-0.6.1</evr> 72209 </rpminfo_state> 72210 <rpminfo_state id="oval:org.opensuse.security:ste:2009040741" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72211 <evr datatype="evr_string" operation="less than">0:3.5.4.13-0.7.1</evr> 72212 </rpminfo_state> 72213 <rpminfo_state id="oval:org.opensuse.security:ste:2009040735" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72214 <evr datatype="evr_string" operation="less than">0:9.6ESVR7P4-0.7.1</evr> 72215 </rpminfo_state> 72216 <rpminfo_state id="oval:org.opensuse.security:ste:2009040710" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72217 <evr datatype="evr_string" operation="less than">0:9.6ESVR7P3-0.7.1</evr> 72218 </rpminfo_state> 72219 <rpminfo_state id="oval:org.opensuse.security:ste:2009040716" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72220 <evr datatype="evr_string" operation="less than">0:8.15.4-16.28.1</evr> 72221 </rpminfo_state> 72222 <rpminfo_state id="oval:org.opensuse.security:ste:2009040717" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72223 <evr datatype="evr_string" operation="less than">0:4.2.7-62.28.1</evr> 72224 </rpminfo_state> 72225 <rpminfo_state id="oval:org.opensuse.security:ste:2009041013" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72226 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.103.1</evr> 72227 </rpminfo_state> 72228 <rpminfo_state id="oval:org.opensuse.security:ste:2009040844" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72229 <evr datatype="evr_string" operation="less than">0:3.8.2-5.32.1</evr> 72230 </rpminfo_state> 72231 <rpminfo_state id="oval:org.opensuse.security:ste:2009040951" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72232 <evr datatype="evr_string" operation="less than">0:2.6.16.60-0.101.1</evr> 72233 </rpminfo_state> 72234 <rpminfo_state id="oval:org.opensuse.security:ste:2009040930" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72235 <evr datatype="evr_string" operation="less than">0:0.9.8a-18.76.1</evr> 72236 </rpminfo_state> 72237 <rpminfo_state id="oval:org.opensuse.security:ste:2009040774" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72238 <evr datatype="evr_string" operation="less than">0:2.6.23-15.35.1</evr> 72239 </rpminfo_state> 72240 <rpminfo_state id="oval:org.opensuse.security:ste:2009040724" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72241 <evr datatype="evr_string" operation="less than">0:11.2.202.243-0.5.1</evr> 72242 </rpminfo_state> 72243 <rpminfo_state id="oval:org.opensuse.security:ste:2009040746" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72244 <evr datatype="evr_string" operation="less than">0:11.2.202.251-0.5.1</evr> 72245 </rpminfo_state> 72246 <rpminfo_state id="oval:org.opensuse.security:ste:2009040767" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72247 <evr datatype="evr_string" operation="less than">0:3.2.3_17040_44-0.7.1</evr> 72248 </rpminfo_state> 72249 <rpminfo_state id="oval:org.opensuse.security:ste:2009040768" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72250 <evr datatype="evr_string" operation="less than">0:3.2.3_17040_44_2.6.16.60_0.99.13-0.7.1</evr> 72251 </rpminfo_state> 72252 <rpminfo_state id="oval:org.opensuse.security:ste:2009040861" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72253 <evr datatype="evr_string" operation="less than">0:1.6.13-0.5.1</evr> 72254 </rpminfo_state> 72255 <rpminfo_state id="oval:org.opensuse.security:ste:2009040868" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72256 <evr datatype="evr_string" operation="less than">0:2.5.STABLE12-18.13.982.4.1</evr> 72257 </rpminfo_state> 72258 <rpminfo_state id="oval:org.opensuse.security:ste:2009040878" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72259 <evr datatype="evr_string" operation="less than">0:0.43-20.22.1</evr> 72260 </rpminfo_state> 72261 <rpminfo_state id="oval:org.opensuse.security:ste:2009040845" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72262 <evr datatype="evr_string" operation="less than">0:2.1.10-18.31.1</evr> 72263 </rpminfo_state> 72264 <rpminfo_state id="oval:org.opensuse.security:ste:2009040846" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72265 <evr datatype="evr_string" operation="less than">0:2.1.10-19.31.1</evr> 72266 </rpminfo_state> 72267 <rpminfo_state id="oval:org.opensuse.security:ste:2009040779" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72268 <evr datatype="evr_string" operation="less than">0:11.2.202.258-0.5.1</evr> 72269 </rpminfo_state> 72270 <rpminfo_state id="oval:org.opensuse.security:ste:2009040797" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72271 <evr datatype="evr_string" operation="less than">0:10.0.12-0.6.1</evr> 72272 </rpminfo_state> 72273 <rpminfo_state id="oval:org.opensuse.security:ste:2009040798" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72274 <evr datatype="evr_string" operation="less than">0:4.9.4-0.6.1</evr> 72275 </rpminfo_state> 72276 <rpminfo_state id="oval:org.opensuse.security:ste:2009040799" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72277 <evr datatype="evr_string" operation="less than">0:3.14.1-0.6.1</evr> 72278 </rpminfo_state> 72279 <rpminfo_state id="oval:org.opensuse.security:ste:2009040967" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72280 <evr datatype="evr_string" operation="less than">0:1.6.14-0.5.1</evr> 72281 </rpminfo_state> 72282 <rpminfo_state id="oval:org.opensuse.security:ste:2009041026" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72283 <evr datatype="evr_string" operation="less than">0:1.4.2-23.21.1</evr> 72284 </rpminfo_state> 72285 <rpminfo_state id="oval:org.opensuse.security:ste:2009041027" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72286 <evr datatype="evr_string" operation="less than">0:1.9.18-17.23.1</evr> 72287 </rpminfo_state> 72288 <rpminfo_state id="oval:org.opensuse.security:ste:2009040970" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72289 <evr datatype="evr_string" operation="less than">0:1.1.15-15.20.1</evr> 72290 </rpminfo_state> 72291 <rpminfo_state id="oval:org.opensuse.security:ste:2009040892" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72292 <evr datatype="evr_string" operation="less than">0:2.6.6-0.20.1</evr> 72293 </rpminfo_state> 72294 <rpminfo_state id="oval:org.opensuse.security:ste:2009040974" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72295 <evr datatype="evr_string" operation="less than">0:2.6.23-15.37.1</evr> 72296 </rpminfo_state> 72297 <rpminfo_state id="oval:org.opensuse.security:ste:2009041017" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72298 <evr datatype="evr_string" operation="less than">0:1.5.0_sr16.2-0.5.1</evr> 72299 </rpminfo_state> 72300 <rpminfo_state id="oval:org.opensuse.security:ste:2009040961" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72301 <evr datatype="evr_string" operation="less than">0:1.5.0_sr16.1-0.5.1</evr> 72302 </rpminfo_state> 72303 <rpminfo_state id="oval:org.opensuse.security:ste:2009040889" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72304 <evr datatype="evr_string" operation="less than">0:11.2.202.273-0.5.1</evr> 72305 </rpminfo_state> 72306 <rpminfo_state id="oval:org.opensuse.security:ste:2009040791" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72307 <evr datatype="evr_string" operation="less than">0:11.2.202.261-0.5.1</evr> 72308 </rpminfo_state> 72309 <rpminfo_state id="oval:org.opensuse.security:ste:2009040856" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72310 <evr datatype="evr_string" operation="less than">0:11.2.202.262-0.5.1</evr> 72311 </rpminfo_state> 72312 <rpminfo_state id="oval:org.opensuse.security:ste:2009040858" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72313 <evr datatype="evr_string" operation="less than">0:11.2.202.270-0.5.1</evr> 72314 </rpminfo_state> 72315 <rpminfo_state id="oval:org.opensuse.security:ste:2009040879" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72316 <evr datatype="evr_string" operation="less than">0:9.4.6-0.6.60</evr> 72317 </rpminfo_state> 72318 <rpminfo_state id="oval:org.opensuse.security:ste:2009040880" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72319 <evr datatype="evr_string" operation="less than">0:9.5.4-0.6.1</evr> 72320 </rpminfo_state> 72321 <rpminfo_state id="oval:org.opensuse.security:ste:2009040910" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72322 <evr datatype="evr_string" operation="less than">0:11.2.202.275-0.5.1</evr> 72323 </rpminfo_state> 72324 <rpminfo_state id="oval:org.opensuse.security:ste:2009040916" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72325 <evr datatype="evr_string" operation="less than">0:7-0.10.4</evr> 72326 </rpminfo_state> 72327 <rpminfo_state id="oval:org.opensuse.security:ste:2009040917" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72328 <evr datatype="evr_string" operation="less than">0:17.0.4esr-0.7.1</evr> 72329 </rpminfo_state> 72330 <rpminfo_state id="oval:org.opensuse.security:ste:2009040918" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72331 <evr datatype="evr_string" operation="less than">0:0.5-1.13.4</evr> 72332 </rpminfo_state> 72333 <rpminfo_state id="oval:org.opensuse.security:ste:2009040919" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72334 <evr datatype="evr_string" operation="less than">0:4.9.4-0.6.3</evr> 72335 </rpminfo_state> 72336 <rpminfo_state id="oval:org.opensuse.security:ste:2009040920" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72337 <evr datatype="evr_string" operation="less than">0:3.14.1-0.6.3</evr> 72338 </rpminfo_state> 72339 <rpminfo_state id="oval:org.opensuse.security:ste:2009040943" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72340 <evr datatype="evr_string" operation="less than">0:7-0.10.11</evr> 72341 </rpminfo_state> 72342 <rpminfo_state id="oval:org.opensuse.security:ste:2009040944" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72343 <evr datatype="evr_string" operation="less than">0:17.0.5esr-0.8.1</evr> 72344 </rpminfo_state> 72345 <rpminfo_state id="oval:org.opensuse.security:ste:2009040945" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72346 <evr datatype="evr_string" operation="less than">0:4.9.6-0.5.1</evr> 72347 </rpminfo_state> 72348 <rpminfo_state id="oval:org.opensuse.security:ste:2009040946" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72349 <evr datatype="evr_string" operation="less than">0:3.14.3-0.5.1</evr> 72350 </rpminfo_state> 72351 <rpminfo_state id="oval:org.opensuse.security:ste:2009041007" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72352 <evr datatype="evr_string" operation="less than">0:17.0.6esr-0.8.1</evr> 72353 </rpminfo_state> 72354 <rpminfo_state id="oval:org.opensuse.security:ste:2009040952" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72355 <evr datatype="evr_string" operation="less than">0:11.2.202.280-0.5.1</evr> 72356 </rpminfo_state> 72357 <rpminfo_state id="oval:org.opensuse.security:ste:2009041080" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72358 <evr datatype="evr_string" operation="less than">0:1.5.0_sr16.3-0.5.1</evr> 72359 </rpminfo_state> 72360 <rpminfo_state id="oval:org.opensuse.security:ste:2009040971" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72361 <evr datatype="evr_string" operation="less than">0:1.2.10-13.32.1</evr> 72362 </rpminfo_state> 72363 <rpminfo_state id="oval:org.opensuse.security:ste:2009041042" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72364 <evr datatype="evr_string" operation="less than">0:7-0.10.28</evr> 72365 </rpminfo_state> 72366 <rpminfo_state id="oval:org.opensuse.security:ste:2009041043" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72367 <evr datatype="evr_string" operation="less than">0:17.0.7esr-0.6.1</evr> 72368 </rpminfo_state> 72369 <rpminfo_state id="oval:org.opensuse.security:ste:2009040985" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72370 <evr datatype="evr_string" operation="less than">0:1.6.9p23-0.18.1</evr> 72371 </rpminfo_state> 72372 <rpminfo_state id="oval:org.opensuse.security:ste:2009040935" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72373 <evr datatype="evr_string" operation="less than">0:0.4.4-19.29.1</evr> 72374 </rpminfo_state> 72375 <rpminfo_state id="oval:org.opensuse.security:ste:2009041001" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72376 <evr datatype="evr_string" operation="less than">0:1.3.1-1.22.1</evr> 72377 </rpminfo_state> 72378 <rpminfo_state id="oval:org.opensuse.security:ste:2009041014" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72379 <evr datatype="evr_string" operation="less than">0:2.4-31.109.1</evr> 72380 </rpminfo_state> 72381 <rpminfo_state id="oval:org.opensuse.security:ste:2009040999" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72382 <evr datatype="evr_string" operation="less than">0:1.0.7-36.52.1</evr> 72383 </rpminfo_state> 72384 <rpminfo_state id="oval:org.opensuse.security:ste:2009041015" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72385 <evr datatype="evr_string" operation="less than">0:6.9.0-50.82.1</evr> 72386 </rpminfo_state> 72387 <rpminfo_state id="oval:org.opensuse.security:ste:2009040980" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72388 <evr datatype="evr_string" operation="less than">0:7.15.1-19.26.1</evr> 72389 </rpminfo_state> 72390 <rpminfo_state id="oval:org.opensuse.security:ste:2009040981" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72391 <evr datatype="evr_string" operation="less than">0:7.11.0-20.9.1</evr> 72392 </rpminfo_state> 72393 <rpminfo_state id="oval:org.opensuse.security:ste:2009040986" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72394 <evr datatype="evr_string" operation="less than">0:3.8.2-5.34.1</evr> 72395 </rpminfo_state> 72396 <rpminfo_state id="oval:org.opensuse.security:ste:2009041065" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72397 <evr datatype="evr_string" operation="less than">0:1.3.1-1.24.1</evr> 72398 </rpminfo_state> 72399 <rpminfo_state id="oval:org.opensuse.security:ste:2009041058" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72400 <evr datatype="evr_string" operation="less than">0:6.9.0-50.84.4</evr> 72401 </rpminfo_state> 72402 <rpminfo_state id="oval:org.opensuse.security:ste:2009041059" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72403 <evr datatype="evr_string" operation="less than">0:6.4.2-19.20.2</evr> 72404 </rpminfo_state> 72405 <rpminfo_state id="oval:org.opensuse.security:ste:2009041028" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72406 <evr datatype="evr_string" operation="less than">0:0.97.8-0.5.1</evr> 72407 </rpminfo_state> 72408 <rpminfo_state id="oval:org.opensuse.security:ste:2009041044" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72409 <evr datatype="evr_string" operation="less than">0:2.4.4-18.21.1</evr> 72410 </rpminfo_state> 72411 <rpminfo_state id="oval:org.opensuse.security:ste:2009041029" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72412 <evr datatype="evr_string" operation="less than">0:1.2.10-13.36.1</evr> 72413 </rpminfo_state> 72414 <rpminfo_state id="oval:org.opensuse.security:ste:2009041052" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72415 <evr datatype="evr_string" operation="less than">0:7.11.0-20.11.1</evr> 72416 </rpminfo_state> 72417 <rpminfo_state id="oval:org.opensuse.security:ste:2009041055" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72418 <evr datatype="evr_string" operation="less than">0:7.15.1-19.30.1</evr> 72419 </rpminfo_state> 72420 <rpminfo_state id="oval:org.opensuse.security:ste:2009041089" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72421 <evr datatype="evr_string" operation="less than">0:1.6.16-0.5.5</evr> 72422 </rpminfo_state> 72423 <rpminfo_state id="oval:org.opensuse.security:ste:2009040991" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72424 <evr datatype="evr_string" operation="less than">0:9.4.6-0.6.63</evr> 72425 </rpminfo_state> 72426 <rpminfo_state id="oval:org.opensuse.security:ste:2009040992" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72427 <evr datatype="evr_string" operation="less than">0:9.5.5-0.6.1</evr> 72428 </rpminfo_state> 72429 <rpminfo_state id="oval:org.opensuse.security:ste:2009040989" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72430 <evr datatype="evr_string" operation="less than">0:11.2.202.285-0.5.1</evr> 72431 </rpminfo_state> 72432 <rpminfo_state id="oval:org.opensuse.security:ste:2009041024" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72433 <evr datatype="evr_string" operation="less than">0:11.2.202.291-0.5.1</evr> 72434 </rpminfo_state> 72435 <rpminfo_state id="oval:org.opensuse.security:ste:2009041066" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72436 <evr datatype="evr_string" operation="less than">0:11.2.202.297-0.5.2</evr> 72437 </rpminfo_state> 72438 <rpminfo_state id="oval:org.opensuse.security:ste:2009041084" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> 72439 <evr datatype="evr_string" operation="less than">0:1.8.6.p369-0.16.1</evr> 72440 </rpminfo_state> 72441 </states> 72442 </oval_definitions>