-
-
Notifications
You must be signed in to change notification settings - Fork 303
Expand file tree
/
Copy pathorg.opensuse.CVE-2008-5679.xml
More file actions
81 lines (80 loc) · 5.13 KB
/
org.opensuse.CVE-2008-5679.xml
File metadata and controls
81 lines (80 loc) · 5.13 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
<?xml version="1.0" encoding="UTF-8"?>
<oval_definitions
xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd"
xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5"
xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5">
<generator>
<oval:product_name>Marcus OVAL Generator</oval:product_name>
<oval:schema_version>5.5</oval:schema_version>
<oval:timestamp>2009-01-14T09:08:29.480-05:00</oval:timestamp>
</generator>
<definitions>
<definition id="oval:org.opensuse.security:def:2009030400" version="1" class="patch">
<metadata>
<title>CVE-2008-5679</title>
<affected family="unix">
</affected>
<reference ref_id="CVE-2008-5679" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5679" source="CVE"/>
<description>
The HTML parsing engine in Opera before 9.63 allows remote attackers to execute arbitrary code via crafted web pages that trigger an invalid pointer calculation and heap corruption.
</description>
</metadata>
<criteria operator="OR">
<criteria operator="AND">
<criteria operator="OR">
<criterion test_ref="oval:org.opensuse.security:tst:2009030401" comment="suse103 is installed"/>
<criterion test_ref="oval:org.opensuse.security:tst:2009030402" comment="suse110 is installed"/>
<criterion test_ref="oval:org.opensuse.security:tst:2009030403" comment="suse111 is installed"/>
</criteria>
<criterion test_ref="oval:org.opensuse.security:tst:2009030400" comment="oval:org.opensuse.security:tst:2009030400 is installed"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:org.opensuse.security:tst:2009030403" comment="suse111-debug is installed"/>
<criterion test_ref="oval:org.opensuse.security:tst:2009030400" comment="oval:org.opensuse.security:tst:2009030400 is installed"/>
</criteria>
</criteria>
</definition>
</definitions>
<tests>
<rpminfo_test id="oval:org.opensuse.security:tst:2009030400" version="1" comment="oval:org.opensuse.security:obj:2009030400 is version oval:org.opensuse.security:ste:2009030400" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:org.opensuse.security:obj:2009030400"/>
<state state_ref="oval:org.opensuse.security:ste:2009030400"/>
</rpminfo_test>
<rpminfo_test id="oval:org.opensuse.security:tst:2009030401" version="1" comment="oval:org.opensuse.security:obj:2009030401 is version oval:org.opensuse.security:ste:2009030401" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:org.opensuse.security:obj:2009030401"/>
<state state_ref="oval:org.opensuse.security:ste:2009030401"/>
</rpminfo_test>
<rpminfo_test id="oval:org.opensuse.security:tst:2009030402" version="1" comment="oval:org.opensuse.security:obj:2009030401 is version oval:org.opensuse.security:ste:2009030402" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:org.opensuse.security:obj:2009030401"/>
<state state_ref="oval:org.opensuse.security:ste:2009030402"/>
</rpminfo_test>
<rpminfo_test id="oval:org.opensuse.security:tst:2009030403" version="1" comment="oval:org.opensuse.security:obj:2009030401 is version oval:org.opensuse.security:ste:2009030403" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:org.opensuse.security:obj:2009030401"/>
<state state_ref="oval:org.opensuse.security:ste:2009030403"/>
</rpminfo_test>
</tests>
<objects>
<rpminfo_object id="oval:org.opensuse.security:obj:2009030400" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<name>opera</name>
</rpminfo_object>
<rpminfo_object id="oval:org.opensuse.security:obj:2009030401" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<name>openSUSE-release</name>
</rpminfo_object>
</objects>
<states>
<rpminfo_state id="oval:org.opensuse.security:ste:2009030400" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<evr datatype="evr_string" operation="less than">0:9.63-1.1</evr>
</rpminfo_state>
<rpminfo_state id="oval:org.opensuse.security:ste:2009030401" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<version operation="pattern match">^10.3$</version>
</rpminfo_state>
<rpminfo_state id="oval:org.opensuse.security:ste:2009030402" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<version operation="pattern match">^11.0$</version>
</rpminfo_state>
<rpminfo_state id="oval:org.opensuse.security:ste:2009030403" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<version operation="pattern match">^11.1$</version>
</rpminfo_state>
</states>
</oval_definitions>