Vulnerability Change Records for CVE-2016-4448

Change History

CVE Modified by Source 6/20/2016 9:59:55 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722

CPE Deprecation Remap 4/22/2019 1:48:01 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:redhat:enterprise_linux:6:*:*:*:*:*:*:*
OR
     *cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

CVE Modified by Source 8/16/2016 10:1:04 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709

Initial CVE Analysis 6/09/2016 2:5:25 PM

Action Type Old Value New Value

CVE Modified by Source 7/13/2016 10:2:27 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2016:1292

CPE Deprecation Remap 12/27/2019 11:8:55 AM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:oracle:linux:6.0:*:*:*:*:*:*:*
OR
     *cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*

Modified Analysis 9/12/2016 10:44:23 AM

Action Type Old Value New Value
Changed CPE Configuration
Configuration 1
     OR
          *cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:-:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:o:novell:opensuse_leap:42.1:*:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:o:mageia.org:mageia:5:*:*:*:*:*:*:*
Configuration 4
     OR
          *cpe:2.3:o:novell:suse_openstack_cloud:5:*:*:*:*:*:*:*
Configuration 5
     AND
          OR
               *cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
               *cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*
          OR
               cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Configuration 6
     OR
          *cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.8.1:*:*:*:*:*:*:*
          *cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.8:*:*:*:*:*:*:*
Configuration 7
     OR
          *cpe:2.3:o:novell:suse_manager_proxy:2.1:*:*:*:*:*:*:*
Configuration 8
     OR
          *cpe:2.3:a:apple:icloud_for_windows:5.2:*:*:*:*:*:*:*
Configuration 9
     OR
          *cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*
          *cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*
Configuration 10
     AND
          OR
               *cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
               *cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*
          OR
               cpe:2.3:o:redhat:enterprise_linux:6:*:*:*:*:*:*:*
Configuration 11
     OR
          *cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp4:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:ltss:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp2:*:*:ltss:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:-:*:*:*:*:*:*
Configuration 12
     OR
          *cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux:6:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
Configuration 13
     OR
          *cpe:2.3:o:apple:watchos:2.2.1:*:*:*:*:*:*:* (and previous)
Configuration 14
     OR
          *cpe:2.3:o:apple:ios:9.3.2:*:*:*:*:*:*:* (and previous)
Configuration 15
     OR
          *cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*
          *cpe:2.3:o:apple:mac_os_x:10.11.5:*:*:*:*:*:*:*
          *cpe:2.3:o:apple:mac_os_x:10.10.5:*:*:*:*:*:*:*
Configuration 16
     AND
          OR
               *cpe:2.3:a:apple:itunes:12.4.1:*:*:*:*:*:*:* (and previous)
          OR
               cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
Configuration 17
     OR
          *cpe:2.3:a:redhat:jboss_web_server:3.0:*:*:*:*:*:*:*
Configuration 18
     OR
          *cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*
          *cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*
          *cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:-:*:*:*:*:*:*
Configuration 19
     OR
          *cpe:2.3:o:novell:suse_manager:2.1:*:*:*:*:*:*:*
Configuration 20
     OR
          *cpe:2.3:o:apple:tvos:9.2.1:*:*:*:*:*:*:* (and previous)
Configuration 21
     OR
          *cpe:2.3:a:xmlsoft:libxml2:2.9.3:*:*:*:*:*:*:* (and previous)
Configuration 1
     OR
          *cpe:2.3:o:apple:watchos:2.2.1:*:*:*:*:*:*:* (and previous)
Configuration 2
     OR
          *cpe:2.3:o:mageia.org:mageia:5:*:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*
          *cpe:2.3:o:apple:mac_os_x:10.11.5:*:*:*:*:*:*:*
          *cpe:2.3:o:apple:mac_os_x:10.10.5:*:*:*:*:*:*:*
Configuration 4
     OR
          *cpe:2.3:o:apple:ios:9.3.2:*:*:*:*:*:*:* (and previous)
Configuration 5
     OR
          *cpe:2.3:a:redhat:jboss_web_server:3.0:*:*:*:*:*:*:*
Configuration 6
     AND
          OR
               *cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
               *cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*
          OR
               cpe:2.3:o:redhat:enterprise_linux:6:*:*:*:*:*:*:*
Configuration 7
     OR
          *cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*
          *cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*
          *cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:-:*:*:*:*:*:*
Configuration 8
     OR
          *cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:*:*
          *cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*
Configuration 9
     OR
          *cpe:2.3:a:apple:icloud_for_windows:5.2:*:*:*:*:*:*:*
Configuration 10
     AND
          OR
               *cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
               *cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*
          OR
               cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Configuration 11
     AND
          OR
               *cpe:2.3:a:apple:itunes:12.4.1:*:*:*:*:*:*:* (and previous)
          OR
               cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
Configuration 12
     OR
          *cpe:2.3:o:novell:suse_manager_proxy:2.1:*:*:*:*:*:*:*
Configuration 13
     OR
          *cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.8.1:*:*:*:*:*:*:*
          *cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.8:*:*:*:*:*:*:*
Configuration 14
     OR
          *cpe:2.3:a:xmlsoft:libxml2:2.9.3:*:*:*:*:*:*:* (and previous)
Configuration 15
     OR
          *cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux:6:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
Configuration 16
     OR
          *cpe:2.3:o:apple:tvos:9.2.1:*:*:*:*:*:*:* (and previous)
Configuration 17
     OR
          *cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:-:*:*:*:*:*:*
Configuration 18
     OR
          *cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp4:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:ltss:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp2:*:*:ltss:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:-:*:*:*:*:*:*
Configuration 19
     OR
          *cpe:2.3:o:novell:opensuse_leap:42.1:*:*:*:*:*:*:*
Configuration 20
     OR
          *cpe:2.3:o:novell:suse_manager:2.1:*:*:*:*:*:*:*
Configuration 21
     OR
          *cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*
          *cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*
Configuration 22
     OR
          *cpe:2.3:o:novell:suse_openstack_cloud:5:*:*:*:*:*:*:*
Changed Reference Type
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html No Types Assigned
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html Vendor Advisory

Modified Analysis 9/20/2019 5:4:16 PM

Action Type Old Value New Value
Changed CPE Configuration
AND
     OR
          *cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*
          *cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
     OR
          cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
AND
     OR
          *cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*
     OR
          cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Removed CVSS V3
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

								
						
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
CWE-134
Removed CWE
NVD-CWE-noinfo

								
						
Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-2957.html No Types Assigned
http://rhn.redhat.com/errata/RHSA-2016-2957.html Third Party Advisory
Changed Reference Type
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html No Types Assigned
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html Third Party Advisory
Changed Reference Type
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html No Types Assigned
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html Third Party Advisory
Changed Reference Type
http://www.securityfocus.com/bid/90856 No Types Assigned
http://www.securityfocus.com/bid/90856 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.securitytracker.com/id/1036348 No Types Assigned
http://www.securitytracker.com/id/1036348 Third Party Advisory, VDB Entry
Changed Reference Type
https://kc.mcafee.com/corporate/index?page=content&id=SB10170 No Types Assigned
https://kc.mcafee.com/corporate/index?page=content&id=SB10170 Third Party Advisory
Changed Reference Type
https://www.tenable.com/security/tns-2016-18 No Types Assigned
https://www.tenable.com/security/tns-2016-18 Third Party Advisory

Modified Analysis 8/23/2016 11:1:08 AM

Action Type Old Value New Value
Changed CPE Configuration
Configuration 1
     OR
          *cpe:2.3:a:xmlsoft:libxml2:2.9.3:*:*:*:*:*:*:* (and previous)
Configuration 1
     OR
          *cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:-:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:o:novell:opensuse_leap:42.1:*:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:o:mageia.org:mageia:5:*:*:*:*:*:*:*
Configuration 4
     OR
          *cpe:2.3:o:novell:suse_openstack_cloud:5:*:*:*:*:*:*:*
Configuration 5
     AND
          OR
               *cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
               *cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*
          OR
               cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Configuration 6
     OR
          *cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.8.1:*:*:*:*:*:*:*
          *cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.8:*:*:*:*:*:*:*
Configuration 7
     OR
          *cpe:2.3:o:novell:suse_manager_proxy:2.1:*:*:*:*:*:*:*
Configuration 8
     OR
          *cpe:2.3:a:apple:icloud_for_windows:5.2:*:*:*:*:*:*:*
Configuration 9
     OR
          *cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*
          *cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*
Configuration 10
     AND
          OR
               *cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
               *cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*
          OR
               cpe:2.3:o:redhat:enterprise_linux:6:*:*:*:*:*:*:*
Configuration 11
     OR
          *cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp4:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:ltss:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp2:*:*:ltss:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:-:*:*:*:*:*:*
Configuration 12
     OR
          *cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux:6:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
Configuration 13
     OR
          *cpe:2.3:o:apple:watchos:2.2.1:*:*:*:*:*:*:* (and previous)
Configuration 14
     OR
          *cpe:2.3:o:apple:ios:9.3.2:*:*:*:*:*:*:* (and previous)
Configuration 15
     OR
          *cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*
          *cpe:2.3:o:apple:mac_os_x:10.11.5:*:*:*:*:*:*:*
          *cpe:2.3:o:apple:mac_os_x:10.10.5:*:*:*:*:*:*:*
Configuration 16
     AND
          OR
               *cpe:2.3:a:apple:itunes:12.4.1:*:*:*:*:*:*:* (and previous)
          OR
               cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
Configuration 17
     OR
          *cpe:2.3:a:redhat:jboss_web_server:3.0:*:*:*:*:*:*:*
Configuration 18
     OR
          *cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*
          *cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*
          *cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:-:*:*:*:*:*:*
Configuration 19
     OR
          *cpe:2.3:o:novell:suse_manager:2.1:*:*:*:*:*:*:*
Configuration 20
     OR
          *cpe:2.3:o:apple:tvos:9.2.1:*:*:*:*:*:*:* (and previous)
Configuration 21
     OR
          *cpe:2.3:a:xmlsoft:libxml2:2.9.3:*:*:*:*:*:*:* (and previous)
Added Reference

								
							
							
						
http://advisories.mageia.org/MGASA-2016-0263.html
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00012.html
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00026.html
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00029.html
Added Reference

								
							
							
						
http://www-01.ibm.com/support/docview.wss?uid=swg21986391
Added Reference

								
							
							
						
https://access.redhat.com/security/cve/CVE-2016-4448
Added Reference

								
							
							
						
https://bugzilla.gnome.org/show_bug.cgi?id=761029
Added Reference

								
							
							
						
https://bugzilla.suse.com/show_bug.cgi?id=981549
Added Reference

								
							
							
						
https://www.suse.com/security/cve/CVE-2016-4448
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html No Types Assigned
http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html Release Notes, Mailing List
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html No Types Assigned
http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html Release Notes, Mailing List
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html No Types Assigned
http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html Release Notes, Mailing List
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html No Types Assigned
http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html Release Notes, Mailing List
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html No Types Assigned
http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html Release Notes, Mailing List
Changed Reference Type
http://www.openwall.com/lists/oss-security/2016/05/25/2 No Types Assigned
http://www.openwall.com/lists/oss-security/2016/05/25/2 Mailing List
Changed Reference Type
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722 No Types Assigned
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722 Third Party Advisory
Changed Reference Type
http://xmlsoft.org/news.html No Types Assigned
http://xmlsoft.org/news.html Release Notes
Changed Reference Type
https://access.redhat.com/errata/RHSA-2016:1292 No Types Assigned
https://access.redhat.com/errata/RHSA-2016:1292 Third Party Advisory
Changed Reference Type
https://bugzilla.redhat.com/show_bug.cgi?id=1338700 No Types Assigned
https://bugzilla.redhat.com/show_bug.cgi?id=1338700 Issue Tracking
Changed Reference Type
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709 No Types Assigned
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709 Third Party Advisory
Changed Reference Type
https://support.apple.com/HT206899 No Types Assigned
https://support.apple.com/HT206899 Release Notes
Changed Reference Type
https://support.apple.com/HT206901 No Types Assigned
https://support.apple.com/HT206901 Release Notes
Changed Reference Type
https://support.apple.com/HT206902 No Types Assigned
https://support.apple.com/HT206902 Release Notes
Changed Reference Type
https://support.apple.com/HT206903 No Types Assigned
https://support.apple.com/HT206903 Release Notes
Changed Reference Type
https://support.apple.com/HT206904 No Types Assigned
https://support.apple.com/HT206904 Release Notes
Changed Reference Type
https://support.apple.com/HT206905 No Types Assigned
https://support.apple.com/HT206905 Release Notes

CVE Modified by Red Hat, Inc. 8/31/2017 9:29:24 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securitytracker.com/id/1036348 [No Types Assigned]

CVE Modified by Source 9/27/2016 10:1:05 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

CVE Modified by Red Hat, Inc. 1/04/2018 9:30:53 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2016-2957.html [No Types Assigned]

CVE Modified by Red Hat, Inc. 12/27/2016 9:59:30 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://kc.mcafee.com/corporate/index?page=content&id=SB10170 [No Types Assigned]
Removed Reference
http://advisories.mageia.org/MGASA-2016-0263.html [Third Party Advisory]

								
						
Removed Reference
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00012.html [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00026.html [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00029.html [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://www-01.ibm.com/support/docview.wss?uid=swg21986391 [Third Party Advisory]

								
						
Removed Reference
https://access.redhat.com/security/cve/CVE-2016-4448 [No Types Assigned]

								
						
Removed Reference
https://bugzilla.gnome.org/show_bug.cgi?id=761029 [Issue Tracking, Permissions Required]

								
						
Removed Reference
https://bugzilla.suse.com/show_bug.cgi?id=981549 [Issue Tracking]

								
						
Removed Reference
https://www.suse.com/security/cve/CVE-2016-4448 [Third Party Advisory]

								
						

Modified Analysis 6/10/2016 10:40:35 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
Configuration 1
     OR
          *cpe:2.3:a:xmlsoft:libxml2:2.9.3:*:*:*:*:*:*:* (and previous)
Added CVSS V2

								
							
							
						
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Added CVSS V3

								
							
							
						
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
NVD-CWE-noinfo
Changed Reference Type
https://git.gnome.org/browse/libxml2/commit/?id=4472c3a5a5b516aaf59b89be602fbce52756c3e9 No Types Assigned
https://git.gnome.org/browse/libxml2/commit/?id=4472c3a5a5b516aaf59b89be602fbce52756c3e9 Advisory
Changed Reference Type
https://git.gnome.org/browse/libxml2/commit/?id=502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b No Types Assigned
https://git.gnome.org/browse/libxml2/commit/?id=502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b Advisory

CVE Modified by Red Hat, Inc. 2/28/2017 9:59:02 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.tenable.com/security/tns-2016-18 [No Types Assigned]

CVE Modified by Source 7/22/2016 9:59:57 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
Added Reference

								
							
							
						
http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
Added Reference

								
							
							
						
http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
Added Reference

								
							
							
						
http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
Added Reference

								
							
							
						
http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html
Added Reference

								
							
							
						
https://support.apple.com/HT206899
Added Reference

								
							
							
						
https://support.apple.com/HT206901
Added Reference

								
							
							
						
https://support.apple.com/HT206902
Added Reference

								
							
							
						
https://support.apple.com/HT206903
Added Reference

								
							
							
						
https://support.apple.com/HT206904
Added Reference

								
							
							
						
https://support.apple.com/HT206905

Modified Analysis 9/14/2016 10:47:19 AM

Action Type Old Value New Value
Changed CPE Configuration
Configuration 1
     OR
          *cpe:2.3:o:apple:watchos:2.2.1:*:*:*:*:*:*:* (and previous)
Configuration 2
     OR
          *cpe:2.3:o:mageia.org:mageia:5:*:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*
          *cpe:2.3:o:apple:mac_os_x:10.11.5:*:*:*:*:*:*:*
          *cpe:2.3:o:apple:mac_os_x:10.10.5:*:*:*:*:*:*:*
Configuration 4
     OR
          *cpe:2.3:o:apple:ios:9.3.2:*:*:*:*:*:*:* (and previous)
Configuration 5
     OR
          *cpe:2.3:a:redhat:jboss_web_server:3.0:*:*:*:*:*:*:*
Configuration 6
     AND
          OR
               *cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
               *cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*
          OR
               cpe:2.3:o:redhat:enterprise_linux:6:*:*:*:*:*:*:*
Configuration 7
     OR
          *cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*
          *cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*
          *cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:-:*:*:*:*:*:*
Configuration 8
     OR
          *cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:*:*
          *cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*
Configuration 9
     OR
          *cpe:2.3:a:apple:icloud_for_windows:5.2:*:*:*:*:*:*:*
Configuration 10
     AND
          OR
               *cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
               *cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*
          OR
               cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Configuration 11
     AND
          OR
               *cpe:2.3:a:apple:itunes:12.4.1:*:*:*:*:*:*:* (and previous)
          OR
               cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
Configuration 12
     OR
          *cpe:2.3:o:novell:suse_manager_proxy:2.1:*:*:*:*:*:*:*
Configuration 13
     OR
          *cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.8.1:*:*:*:*:*:*:*
          *cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.8:*:*:*:*:*:*:*
Configuration 14
     OR
          *cpe:2.3:a:xmlsoft:libxml2:2.9.3:*:*:*:*:*:*:* (and previous)
Configuration 15
     OR
          *cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux:6:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
Configuration 16
     OR
          *cpe:2.3:o:apple:tvos:9.2.1:*:*:*:*:*:*:* (and previous)
Configuration 17
     OR
          *cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:-:*:*:*:*:*:*
Configuration 18
     OR
          *cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp4:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:ltss:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp2:*:*:ltss:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:-:*:*:*:*:*:*
Configuration 19
     OR
          *cpe:2.3:o:novell:opensuse_leap:42.1:*:*:*:*:*:*:*
Configuration 20
     OR
          *cpe:2.3:o:novell:suse_manager:2.1:*:*:*:*:*:*:*
Configuration 21
     OR
          *cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*
          *cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*
Configuration 22
     OR
          *cpe:2.3:o:novell:suse_openstack_cloud:5:*:*:*:*:*:*:*
Configuration 1
     AND
          OR
               *cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
               *cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*
          OR
               cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:o:novell:suse_manager_proxy:2.1:*:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:o:mageia.org:mageia:5:*:*:*:*:*:*:*
Configuration 4
     OR
          *cpe:2.3:o:apple:watchos:2.2.1:*:*:*:*:*:*:* (and previous)
Configuration 5
     OR
          *cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*
          *cpe:2.3:o:apple:mac_os_x:10.11.5:*:*:*:*:*:*:*
          *cpe:2.3:o:apple:mac_os_x:10.10.5:*:*:*:*:*:*:*
Configuration 6
     OR
          *cpe:2.3:o:apple:tvos:9.2.1:*:*:*:*:*:*:* (and previous)
Configuration 7
     OR
          *cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:*:*
          *cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*
Configuration 8
     OR
          *cpe:2.3:a:xmlsoft:libxml2:2.9.3:*:*:*:*:*:*:* (and previous)
Configuration 9
     OR
          *cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*
          *cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*
          *cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:-:*:*:*:*:*:*
Configuration 10
     OR
          *cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.8.1:*:*:*:*:*:*:*
          *cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.8:*:*:*:*:*:*:*
Configuration 11
     OR
          *cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux:6:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
Configuration 12
     OR
          *cpe:2.3:a:redhat:jboss_web_server:3.0:*:*:*:*:*:*:*
Configuration 13
     OR
          *cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:-:*:*:*:*:*:*
Configuration 14
     OR
          *cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp4:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:ltss:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp2:*:*:ltss:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:-:*:*:*:*:*:*
Configuration 15
     OR
          *cpe:2.3:o:novell:opensuse_leap:42.1:*:*:*:*:*:*:*
Configuration 16
     OR
          *cpe:2.3:o:novell:suse_manager:2.1:*:*:*:*:*:*:*
Configuration 17
     AND
          OR
               *cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
               *cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*
          OR
               cpe:2.3:o:redhat:enterprise_linux:6:*:*:*:*:*:*:*
Configuration 18
     OR
          *cpe:2.3:o:novell:suse_openstack_cloud:5:*:*:*:*:*:*:*
Configuration 19
     OR
          *cpe:2.3:a:apple:icloud_for_windows:5.2:*:*:*:*:*:*:*
Configuration 20
     OR
          *cpe:2.3:o:apple:ios:9.3.2:*:*:*:*:*:*:* (and previous)
Configuration 21
     AND
          OR
               *cpe:2.3:a:apple:itunes:12.4.1:*:*:*:*:*:*:* (and previous)
          OR
               cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
Configuration 22
     OR
          *cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*
          *cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*

CVE Modified by Source 9/08/2016 10:1:13 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

CVE Modified by Source 9/22/2016 10:0:14 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

Reanalysis 9/25/2019 11:29:16 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:* versions up to (including) 7.5.2.10
     *cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:* versions from (including) 7.6.0.0 up to (including) 7.6.2.3
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:oracle:linux:6.0:*:*:*:*:*:*:*
     *cpe:2.3:o:oracle:linux:7:0:*:*:*:*:*:*
Changed CPE Configuration
OR
     *cpe:2.3:a:apple:icloud_for_windows:5.2:*:*:*:*:*:*:*
AND
     OR
          *cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.1
     OR
          cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Changed CPE Configuration
AND
     OR
          *cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*
     OR
          cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
AND
     OR
          *cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*
     OR
          cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Changed CPE Configuration
OR
     *cpe:2.3:o:novell:suse_openstack_cloud:5:*:*:*:*:*:*:*
OR
     *cpe:2.3:a:tenable:log_correlation_engine:4.8.0:*:*:*:*:*:*:*
Changed CPE Configuration
OR
     *cpe:2.3:o:apple:ios:*:*:*:*:*:*:*:* versions up to (including) 9.3.2
OR
     *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to (including) 9.3.2
Changed CPE Configuration
OR
     *cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.10.5:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.11.5:*:*:*:*:*:*:*
OR
     *cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to (excluding) 10.11.6
Changed CPE Configuration
OR
     *cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
OR
     *cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Removed CPE Configuration
AND
     OR
          *cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*
          *cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
     OR
          cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

								
						
Removed CPE Configuration
OR
     *cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.8:*:*:*:*:*:*:*
     *cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.8.1:*:*:*:*:*:*:*

								
						
Removed CPE Configuration
OR
     *cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*
     *cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:-:*:*:*:*:*:*
     *cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*

								
						
Removed CPE Configuration
OR
     *cpe:2.3:a:redhat:jboss_web_server:3.0:*:*:*:*:*:*:*

								
						
Removed CPE Configuration
OR
     *cpe:2.3:o:mageia.org:mageia:5:*:*:*:*:*:*:*

								
						
Removed CPE Configuration
OR
     *cpe:2.3:o:novell:opensuse_leap:42.1:*:*:*:*:*:*:*

								
						
Removed CPE Configuration
OR
     *cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:-:*:*:*:*:*:*
     *cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*

								
						
Removed CPE Configuration
OR
     *cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp2:*:*:ltss:*:*:*
     *cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:ltss:*:*:*
     *cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp4:*:*:*:*:*:*
     *cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:-:*:*:*:*:*:*
     *cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*

								
						
Removed CPE Configuration
OR
     *cpe:2.3:o:novell:suse_manager:2.1:*:*:*:*:*:*:*

								
						
Removed CPE Configuration
OR
     *cpe:2.3:o:novell:suse_manager_proxy:2.1:*:*:*:*:*:*:*

								
						
Changed Reference Type
http://www.openwall.com/lists/oss-security/2016/05/25/2 Mailing List
http://www.openwall.com/lists/oss-security/2016/05/25/2 Mailing List, Third Party Advisory
Changed Reference Type
https://bugzilla.redhat.com/show_bug.cgi?id=1338700 Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=1338700 Issue Tracking, Third Party Advisory

CPE Deprecation Remap 3/08/2019 11:6:37 AM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:apple:apple_tv:*:*:*:*:*:*:*:* versions from (including) 9.2.1
OR
     *cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* versions from (including) 9.2.1

CVE Modified by Red Hat, Inc. 11/28/2016 3:18:08 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/90856 [No Types Assigned]