Vulnerability Change Records for CVE-2016-5418

Change History

CPE Deprecation Remap 12/27/2019 11:9:04 AM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:oracle:linux:7.0:*:*:*:*:*:*:*
OR
     *cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*

CVE Modified by MITRE 6/30/2017 9:29:57 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.gentoo.org/glsa/201701-03 [No Types Assigned]

CVE Modified by MITRE 11/28/2016 3:25:05 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/93165 [No Types Assigned]

CPE Deprecation Remap 12/27/2019 11:8:55 AM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:oracle:linux:6.0:*:*:*:*:*:*:*
OR
     *cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*

Modified Analysis 9/22/2016 10:22:00 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
Configuration 1
     OR
          *cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
          *cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
Configuration 3
     OR
          *cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Configuration 4
     OR
          *cpe:2.3:a:libarchive:libarchive:3.2.0:*:*:*:*:*:*:* (and previous)
Added CVSS V2

								
							
							
						
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Added CVSS V3

								
							
							
						
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Added CWE

								
							
							
						
CWE-19
Added CWE

								
							
							
						
CWE-20
Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-1844.html No Types Assigned
http://rhn.redhat.com/errata/RHSA-2016-1844.html Third Party Advisory
Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-1850.html No Types Assigned
http://rhn.redhat.com/errata/RHSA-2016-1850.html Third Party Advisory
Changed Reference Type
http://www.openwall.com/lists/oss-security/2016/08/09/2 No Types Assigned
http://www.openwall.com/lists/oss-security/2016/08/09/2 Technical Description, Exploit
Changed Reference Type
https://access.redhat.com/errata/RHSA-2016:1852 No Types Assigned
https://access.redhat.com/errata/RHSA-2016:1852 Third Party Advisory
Changed Reference Type
https://access.redhat.com/errata/RHSA-2016:1853 No Types Assigned
https://access.redhat.com/errata/RHSA-2016:1853 Third Party Advisory
Changed Reference Type
https://bugzilla.redhat.com/show_bug.cgi?id=1362601 No Types Assigned
https://bugzilla.redhat.com/show_bug.cgi?id=1362601 Third Party Advisory, VDB Entry, Issue Tracking
Changed Reference Type
https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f No Types Assigned
https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f Technical Description, Exploit
Changed Reference Type
https://github.com/libarchive/libarchive/commit/dfd6b54ce33960e420fb206d8872fb759b577ad9 No Types Assigned
https://github.com/libarchive/libarchive/commit/dfd6b54ce33960e420fb206d8872fb759b577ad9 Patch
Changed Reference Type
https://github.com/libarchive/libarchive/issues/746 No Types Assigned
https://github.com/libarchive/libarchive/issues/746 Exploit, Patch

CVE Modified by Source 9/27/2016 10:1:36 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

Initial CVE Analysis 10/04/2016 11:13:00 AM

Action Type Old Value New Value
Changed CPE Configuration
Configuration 1
     OR
          *cpe:2.3:a:libarchive:libarchive:3.2.0:*:*:*:*:*:*:* (and previous)
Configuration 2
     OR
          *cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
          *cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
Configuration 3
     OR
          *cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
Configuration 4
     OR
          *cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Configuration 1
     OR
          *cpe:2.3:o:oracle:linux:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:oracle:linux:7.0:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:a:libarchive:libarchive:3.2.0:*:*:*:*:*:*:* (and previous)
Configuration 3
     OR
          *cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
Configuration 4
     OR
          *cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Configuration 5
     OR
          *cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
          *cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
Changed Reference Type
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html No Types Assigned
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html Third Party Advisory

Initial CVE Analysis 9/21/2016 10:9:37 PM

Action Type Old Value New Value