Vulnerability Details : CVE-2019-7317

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
Publish Date : 2019-02-04 Last Update Date : 2022-05-23

Collapse All Expand All Select Select&Copy	Scroll To Vendor Statements(0) Additional Vendor Data(0) OVAL Definitions(0) Vulnerable Products(0) # Of Vulns By Products References(0) Metasploit Modules(0)	Comments View User Comments Add Comment	External Links Secunia Advisories XForce Advisories Vulnerability Details at NVD Vulnerability Details at Mitre Nessus Plugins Linux Kernel Git Repository First CVSS Guide
Search Twitter Search YouTube Search Google

- CVSS Scores & Vulnerability Types

CVSS Score	2.6
Confidentiality Impact	None (There is no impact to the confidentiality of the system.)
Integrity Impact	None (There is no impact to the integrity of the system)
Availability Impact	Partial (There is reduced performance or interruptions in resource availability.)
Access Complexity	High (Specialized access conditions exist. It is hard to exploit and several special conditions must be satisfied to exploit)
Authentication	Not required (Authentication is not required to exploit the vulnerability.)
Gained Access	None
Vulnerability Type(s)
CWE ID	416

- Related OVAL Definitions

Title	Definition Id	Family
RHSA-2019:1265: firefox security update (Critical)	oval:com.redhat.rhsa:def:20191265	unix
RHSA-2019:1267: firefox security update (Critical)	oval:com.redhat.rhsa:def:20191267	unix
RHSA-2019:1269: firefox security update (Critical)	oval:com.redhat.rhsa:def:20191269	unix
RHSA-2019:1308: thunderbird security update (Important)	oval:com.redhat.rhsa:def:20191308	unix
RHSA-2019:1309: thunderbird security update (Important)	oval:com.redhat.rhsa:def:20191309	unix
RHSA-2019:1310: thunderbird security update (Important)	oval:com.redhat.rhsa:def:20191310	unix
RHSA-2019:2590: java-1.8.0-ibm security update (Important)	oval:com.redhat.rhsa:def:20192590	unix

OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability.

- Products Affected By CVE-2019-7317

#	Product Type	Vendor	Product	Version	Update	Edition	Language
1	OS	Canonical	Ubuntu Linux	16.04	*	*	*	Version Details Vulnerabilities
2	OS	Canonical	Ubuntu Linux	16.04	*	*	*	Version Details Vulnerabilities
3	OS	Canonical	Ubuntu Linux	18.04	*	*	*	Version Details Vulnerabilities
4	OS	Canonical	Ubuntu Linux	18.10	*	*	*	Version Details Vulnerabilities
5	OS	Canonical	Ubuntu Linux	19.04	*	*	*	Version Details Vulnerabilities
6	OS	Debian	Debian Linux	8.0	*	*	*	Version Details Vulnerabilities
7	OS	Debian	Debian Linux	9.0	*	*	*	Version Details Vulnerabilities
8	Application	HP	Xp7 Command View	*	*	*	*	Version Details Vulnerabilities
9	Application	HPE	Xp7 Command View Advanced Edition Suite	*	*	*	*	Version Details Vulnerabilities
10	Application	Libpng	Libpng	*	*	*	*	Version Details Vulnerabilities
11	Application	Mozilla	Firefox Esr	-	*	*	*	Version Details Vulnerabilities
12	Application	Mozilla	Thunderbird	-	*	*	*	Version Details Vulnerabilities
13	Application	Netapp	Active Iq Unified Manager	*	*	*	*	Version Details Vulnerabilities
14	Application	Netapp	Active Iq Unified Manager	*	*	*	*	Version Details Vulnerabilities
15	Application	Netapp	Active Iq Unified Manager	9.6	*	*	*	Version Details Vulnerabilities
16	Application	Netapp	Active Iq Unified Manager	9.6	*	*	*	Version Details Vulnerabilities
17	Application	Netapp	Cloud Backup	-	*	*	*	Version Details Vulnerabilities
18	Application	Netapp	E-series Santricity Management	-	*	*	*	Version Details Vulnerabilities
19	Application	Netapp	E-series Santricity Storage Manager	*	*	*	*	Version Details Vulnerabilities
20	Application	Netapp	E-series Santricity Unified Manager	*	*	*	*	Version Details Vulnerabilities
21	Application	Netapp	E-series Santricity Web Services	*	*	*	*	Version Details Vulnerabilities
22	Application	Netapp	Oncommand Insight	*	*	*	*	Version Details Vulnerabilities
23	Application	Netapp	Oncommand Workflow Automation	*	*	*	*	Version Details Vulnerabilities
24	Application	Netapp	Plug-in For Symantec Netbackup	-	*	*	*	Version Details Vulnerabilities
25	Application	Netapp	Snapmanager	*	*	*	*	Version Details Vulnerabilities
26	Application	Netapp	Snapmanager	*	*	*	*	Version Details Vulnerabilities
27	Application	Netapp	Snapmanager	3.4.2	P1	*	*	Version Details Vulnerabilities
28	Application	Netapp	Snapmanager	3.4.2	P1	*	*	Version Details Vulnerabilities
29	Application	Netapp	Steelstore	-	*	*	*	Version Details Vulnerabilities
30	OS	Opensuse	Leap	15.0	*	*	*	Version Details Vulnerabilities
31	OS	Opensuse	Leap	15.1	*	*	*	Version Details Vulnerabilities
32	OS	Opensuse	Leap	42.3	*	*	*	Version Details Vulnerabilities
33	Application	Oracle	Hyperion Infrastructure Technology	11.2.6.0	*	*	*	Version Details Vulnerabilities
34	Application	Oracle	Java Se	7u221	*	*	*	Version Details Vulnerabilities
35	Application	Oracle	Java Se	8u212	*	*	*	Version Details Vulnerabilities
36	Application	Oracle	JDK	11.0.3	*	*	*	Version Details Vulnerabilities
37	Application	Oracle	JDK	12.0.1	*	*	*	Version Details Vulnerabilities
38	Application	Oracle	Mysql	*	*	*	*	Version Details Vulnerabilities
39	OS	Redhat	Enterprise Linux	6.0	*	*	*	Version Details Vulnerabilities
40	OS	Redhat	Enterprise Linux	7.0	*	*	*	Version Details Vulnerabilities
41	OS	Redhat	Enterprise Linux	8.0	*	*	*	Version Details Vulnerabilities
42	OS	Redhat	Enterprise Linux Desktop	6.0	*	*	*	Version Details Vulnerabilities
43	OS	Redhat	Enterprise Linux Desktop	7.0	*	*	*	Version Details Vulnerabilities
44	OS	Redhat	Enterprise Linux For Ibm Z Systems	6.0	*	*	*	Version Details Vulnerabilities
45	OS	Redhat	Enterprise Linux For Ibm Z Systems	7.0	*	*	*	Version Details Vulnerabilities
46	OS	Redhat	Enterprise Linux For Ibm Z Systems	8.0	*	*	*	Version Details Vulnerabilities
47	OS	Redhat	Enterprise Linux For Power Big Endian	6.0	*	*	*	Version Details Vulnerabilities
48	OS	Redhat	Enterprise Linux For Power Big Endian	7.0	*	*	*	Version Details Vulnerabilities
49	OS	Redhat	Enterprise Linux For Power Little Endian	7.0	*	*	*	Version Details Vulnerabilities
50	OS	Redhat	Enterprise Linux For Power Little Endian	8.0	*	*	*	Version Details Vulnerabilities
51	OS	Redhat	Enterprise Linux For Scientific Computing	6.0	*	*	*	Version Details Vulnerabilities
52	OS	Redhat	Enterprise Linux For Scientific Computing	7.0	*	*	*	Version Details Vulnerabilities
53	OS	Redhat	Enterprise Linux Workstation	6.0	*	*	*	Version Details Vulnerabilities
54	OS	Redhat	Enterprise Linux Workstation	7.0	*	*	*	Version Details Vulnerabilities
55	Application	Redhat	Satellite	5.8	*	*	*	Version Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor	Product	Vulnerable Versions
Canonical	Ubuntu Linux	5
Debian	Debian Linux	2
HP	Xp7 Command View	1
HPE	Xp7 Command View Advanced Edition Suite	1
Libpng	Libpng	1
Mozilla	Firefox Esr	1
Mozilla	Thunderbird	1
Netapp	Active Iq Unified Manager	4
Netapp	Cloud Backup	1
Netapp	E-series Santricity Management	1
Netapp	E-series Santricity Storage Manager	1
Netapp	E-series Santricity Unified Manager	1
Netapp	E-series Santricity Web Services	1
Netapp	Oncommand Insight	1
Netapp	Oncommand Workflow Automation	1
Netapp	Plug-in For Symantec Netbackup	1
Netapp	Snapmanager	4
Netapp	Steelstore	1
Opensuse	Leap	3
Oracle	Hyperion Infrastructure Technology	1
Oracle	Java Se	2
Oracle	JDK	2
Oracle	Mysql	1
Redhat	Enterprise Linux	3
Redhat	Enterprise Linux Desktop	2
Redhat	Enterprise Linux For Ibm Z Systems	3
Redhat	Enterprise Linux For Power Big Endian	2
Redhat	Enterprise Linux For Power Little Endian	2
Redhat	Enterprise Linux For Scientific Computing	2
Redhat	Enterprise Linux Workstation	2
Redhat	Satellite	1

- References For CVE-2019-7317

https://access.redhat.com/errata/RHSA-2019:2590
REDHAT RHSA-2019:2590

https://access.redhat.com/errata/RHSA-2019:2592
REDHAT RHSA-2019:2592

https://access.redhat.com/errata/RHSA-2019:2737
REDHAT RHSA-2019:2737

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03977en_us CONFIRM

https://www.oracle.com/security-alerts/cpuApr2021.html

https://www.debian.org/security/2019/dsa-4435
DEBIAN DSA-4435

https://access.redhat.com/errata/RHSA-2019:2585
REDHAT RHSA-2019:2585

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html
SUSE openSUSE-SU-2019:1916

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html
SUSE openSUSE-SU-2019:1912

https://access.redhat.com/errata/RHSA-2019:2495
REDHAT RHSA-2019:2495

https://access.redhat.com/errata/RHSA-2019:2494
REDHAT RHSA-2019:2494

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html
SUSE openSUSE-SU-2019:1534

https://security.gentoo.org/glsa/201908-02
GENTOO GLSA-201908-02

https://www.oracle.com/security-alerts/cpuoct2021.html

https://security.netapp.com/advisory/ntap-20190719-0005/ CONFIRM

https://seclists.org/bugtraq/2019/May/59
BUGTRAQ 20190523 [SECURITY] [DSA 4448-1] firefox-esr security update

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html
SUSE openSUSE-SU-2019:1664

https://access.redhat.com/errata/RHSA-2019:1310
REDHAT RHSA-2019:1310

https://access.redhat.com/errata/RHSA-2019:1309
REDHAT RHSA-2019:1309

https://access.redhat.com/errata/RHSA-2019:1308
REDHAT RHSA-2019:1308

https://usn.ubuntu.com/3997-1/
UBUNTU USN-3997-1

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html
SUSE openSUSE-SU-2019:1484

https://www.debian.org/security/2019/dsa-4448
DEBIAN DSA-4448

https://usn.ubuntu.com/3962-1/
UBUNTU USN-3962-1

https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html
MLIST [debian-lts-announce] 20190527 [SECURITY] [DLA 1806-1] thunderbird security update

https://access.redhat.com/errata/RHSA-2019:1267
REDHAT RHSA-2019:1267

https://www.debian.org/security/2019/dsa-4451
DEBIAN DSA-4451

https://seclists.org/bugtraq/2019/May/67
BUGTRAQ 20190527 [SECURITY] [DSA 4451-1] thunderbird security update

https://access.redhat.com/errata/RHSA-2019:1269
REDHAT RHSA-2019:1269

https://access.redhat.com/errata/RHSA-2019:1265
REDHAT RHSA-2019:1265

https://seclists.org/bugtraq/2019/Apr/30
BUGTRAQ 20190417 [slackware-security] libpng (SSA:2019-107-01)

https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html
MLIST [debian-lts-announce] 20190523 [SECURITY] [DLA 1800-1] firefox-esr security update

http://www.securityfocus.com/bid/108098
BID 108098 libpng CVE-2019-7317 Use After Free Denial of Service Vulnerability Release Date:2019-07-17

https://usn.ubuntu.com/4080-1/
UBUNTU USN-4080-1

https://usn.ubuntu.com/3991-1/
UBUNTU USN-3991-1

https://seclists.org/bugtraq/2019/May/56
BUGTRAQ 20190522 [slackware-security] mozilla-firefox (SSA:2019-141-01)

http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html

https://usn.ubuntu.com/4083-1/
UBUNTU USN-4083-1

https://seclists.org/bugtraq/2019/Apr/36
BUGTRAQ 20190429 [SECURITY] [DSA 4435-1] libpng1.6 security update

https://github.com/glennrp/libpng/issues/275

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803

- Vulnerability Conditions

Vulnerability is valid if product versions listed below are used 0
Redhat Enterprise Linux Workstation 6.0 * * * Redhat Enterprise Linux For Power Little Endian 8.0 * * * Redhat Enterprise Linux For Power Big Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 8.0 * * * Redhat Enterprise Linux For Ibm Z Systems 7.0 * * * Redhat Enterprise Linux 8.0 * * * Redhat Satellite 5.8 * * * Redhat Enterprise Linux For Power Big Endian 6.0 * * * Redhat Enterprise Linux Desktop 6.0 * * * Redhat Enterprise Linux For Power Little Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 6.0 * * * Redhat Enterprise Linux 6.0 * * * Redhat Enterprise Linux 7.0 * * * Redhat Enterprise Linux For Scientific Computing 7.0 * * * Redhat Enterprise Linux Workstation 7.0 * * * Redhat Enterprise Linux For Scientific Computing 6.0 * * * Redhat Enterprise Linux Desktop 7.0 * * * Netapp Oncommand Workflow Automation * * * * Netapp Oncommand Insight * * * * Netapp E-series Santricity Web Services * * * * Netapp E-series Santricity Unified Manager * * * * Netapp E-series Santricity Storage Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Snapmanager 3.4.2 P1 * * Netapp Snapmanager 3.4.2 P1 * * Netapp Plug-in For Symantec Netbackup * * * Netapp Snapmanager * * * * Netapp Snapmanager * * * * Netapp E-series Santricity Management * * * Netapp Steelstore * * * Netapp Cloud Backup * * * Opensuse Leap 15.1 * * * Opensuse Leap 15.0 * * * Opensuse Leap 42.3 * * * Mozilla Firefox Esr * * * Mozilla Thunderbird * * * HP Xp7 Command View * * * * HPE Xp7 Command View Advanced Edition Suite * * * * Oracle Hyperion Infrastructure Technology 11.2.6.0 * * * Oracle Mysql * * * * Oracle Java Se 7u221 * * * Oracle Java Se 8u212 * * * Oracle JDK 12.0.1 * * * Oracle JDK 11.0.3 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 19.04 * * * Canonical Ubuntu Linux 18.10 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 18.04 * * * Debian Debian Linux 9.0 * * * Debian Debian Linux 8.0 * * * Libpng Libpng * * * *	Opensuse Package Hub * * * Suse Linux Enterprise 12.0 * * *
Vulnerability is valid if product versions listed below are used 0
Redhat Enterprise Linux Workstation 6.0 * * * Redhat Enterprise Linux For Power Little Endian 8.0 * * * Redhat Enterprise Linux For Power Big Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 8.0 * * * Redhat Enterprise Linux For Ibm Z Systems 7.0 * * * Redhat Enterprise Linux 8.0 * * * Redhat Satellite 5.8 * * * Redhat Enterprise Linux For Power Big Endian 6.0 * * * Redhat Enterprise Linux Desktop 6.0 * * * Redhat Enterprise Linux For Power Little Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 6.0 * * * Redhat Enterprise Linux 6.0 * * * Redhat Enterprise Linux 7.0 * * * Redhat Enterprise Linux For Scientific Computing 7.0 * * * Redhat Enterprise Linux Workstation 7.0 * * * Redhat Enterprise Linux For Scientific Computing 6.0 * * * Redhat Enterprise Linux Desktop 7.0 * * * Netapp Oncommand Workflow Automation * * * * Netapp Oncommand Insight * * * * Netapp E-series Santricity Web Services * * * * Netapp E-series Santricity Unified Manager * * * * Netapp E-series Santricity Storage Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Snapmanager 3.4.2 P1 * * Netapp Snapmanager 3.4.2 P1 * * Netapp Plug-in For Symantec Netbackup * * * Netapp Snapmanager * * * * Netapp Snapmanager * * * * Netapp E-series Santricity Management * * * Netapp Steelstore * * * Netapp Cloud Backup * * * Opensuse Leap 15.1 * * * Opensuse Leap 15.0 * * * Opensuse Leap 42.3 * * * Mozilla Firefox Esr * * * Mozilla Thunderbird * * * HP Xp7 Command View * * * * HPE Xp7 Command View Advanced Edition Suite * * * * Oracle Hyperion Infrastructure Technology 11.2.6.0 * * * Oracle Mysql * * * * Oracle Java Se 7u221 * * * Oracle Java Se 8u212 * * * Oracle JDK 12.0.1 * * * Oracle JDK 11.0.3 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 19.04 * * * Canonical Ubuntu Linux 18.10 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 18.04 * * * Debian Debian Linux 9.0 * * * Debian Debian Linux 8.0 * * * Libpng Libpng * * * *	Opensuse Package Hub * * * Suse Linux Enterprise 12.0 * * *
Vulnerability is valid if product versions listed below are used 0
Redhat Enterprise Linux Workstation 6.0 * * * Redhat Enterprise Linux For Power Little Endian 8.0 * * * Redhat Enterprise Linux For Power Big Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 8.0 * * * Redhat Enterprise Linux For Ibm Z Systems 7.0 * * * Redhat Enterprise Linux 8.0 * * * Redhat Satellite 5.8 * * * Redhat Enterprise Linux For Power Big Endian 6.0 * * * Redhat Enterprise Linux Desktop 6.0 * * * Redhat Enterprise Linux For Power Little Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 6.0 * * * Redhat Enterprise Linux 6.0 * * * Redhat Enterprise Linux 7.0 * * * Redhat Enterprise Linux For Scientific Computing 7.0 * * * Redhat Enterprise Linux Workstation 7.0 * * * Redhat Enterprise Linux For Scientific Computing 6.0 * * * Redhat Enterprise Linux Desktop 7.0 * * * Netapp Oncommand Workflow Automation * * * * Netapp Oncommand Insight * * * * Netapp E-series Santricity Web Services * * * * Netapp E-series Santricity Unified Manager * * * * Netapp E-series Santricity Storage Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Snapmanager 3.4.2 P1 * * Netapp Snapmanager 3.4.2 P1 * * Netapp Plug-in For Symantec Netbackup * * * Netapp Snapmanager * * * * Netapp Snapmanager * * * * Netapp E-series Santricity Management * * * Netapp Steelstore * * * Netapp Cloud Backup * * * Opensuse Leap 15.1 * * * Opensuse Leap 15.0 * * * Opensuse Leap 42.3 * * * Mozilla Firefox Esr * * * Mozilla Thunderbird * * * HP Xp7 Command View * * * * HPE Xp7 Command View Advanced Edition Suite * * * * Oracle Hyperion Infrastructure Technology 11.2.6.0 * * * Oracle Mysql * * * * Oracle Java Se 7u221 * * * Oracle Java Se 8u212 * * * Oracle JDK 12.0.1 * * * Oracle JDK 11.0.3 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 19.04 * * * Canonical Ubuntu Linux 18.10 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 18.04 * * * Debian Debian Linux 9.0 * * * Debian Debian Linux 8.0 * * * Libpng Libpng * * * *	Opensuse Package Hub * * * Suse Linux Enterprise 12.0 * * *
Vulnerability is valid if product versions listed below are used 0
Redhat Enterprise Linux Workstation 6.0 * * * Redhat Enterprise Linux For Power Little Endian 8.0 * * * Redhat Enterprise Linux For Power Big Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 8.0 * * * Redhat Enterprise Linux For Ibm Z Systems 7.0 * * * Redhat Enterprise Linux 8.0 * * * Redhat Satellite 5.8 * * * Redhat Enterprise Linux For Power Big Endian 6.0 * * * Redhat Enterprise Linux Desktop 6.0 * * * Redhat Enterprise Linux For Power Little Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 6.0 * * * Redhat Enterprise Linux 6.0 * * * Redhat Enterprise Linux 7.0 * * * Redhat Enterprise Linux For Scientific Computing 7.0 * * * Redhat Enterprise Linux Workstation 7.0 * * * Redhat Enterprise Linux For Scientific Computing 6.0 * * * Redhat Enterprise Linux Desktop 7.0 * * * Netapp Oncommand Workflow Automation * * * * Netapp Oncommand Insight * * * * Netapp E-series Santricity Web Services * * * * Netapp E-series Santricity Unified Manager * * * * Netapp E-series Santricity Storage Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Snapmanager 3.4.2 P1 * * Netapp Snapmanager 3.4.2 P1 * * Netapp Plug-in For Symantec Netbackup * * * Netapp Snapmanager * * * * Netapp Snapmanager * * * * Netapp E-series Santricity Management * * * Netapp Steelstore * * * Netapp Cloud Backup * * * Opensuse Leap 15.1 * * * Opensuse Leap 15.0 * * * Opensuse Leap 42.3 * * * Mozilla Firefox Esr * * * Mozilla Thunderbird * * * HP Xp7 Command View * * * * HPE Xp7 Command View Advanced Edition Suite * * * * Oracle Hyperion Infrastructure Technology 11.2.6.0 * * * Oracle Mysql * * * * Oracle Java Se 7u221 * * * Oracle Java Se 8u212 * * * Oracle JDK 12.0.1 * * * Oracle JDK 11.0.3 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 19.04 * * * Canonical Ubuntu Linux 18.10 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 18.04 * * * Debian Debian Linux 9.0 * * * Debian Debian Linux 8.0 * * * Libpng Libpng * * * *	Opensuse Package Hub * * * Suse Linux Enterprise 12.0 * * *
Vulnerability is valid if product versions listed below are used 0
Redhat Enterprise Linux Workstation 6.0 * * * Redhat Enterprise Linux For Power Little Endian 8.0 * * * Redhat Enterprise Linux For Power Big Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 8.0 * * * Redhat Enterprise Linux For Ibm Z Systems 7.0 * * * Redhat Enterprise Linux 8.0 * * * Redhat Satellite 5.8 * * * Redhat Enterprise Linux For Power Big Endian 6.0 * * * Redhat Enterprise Linux Desktop 6.0 * * * Redhat Enterprise Linux For Power Little Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 6.0 * * * Redhat Enterprise Linux 6.0 * * * Redhat Enterprise Linux 7.0 * * * Redhat Enterprise Linux For Scientific Computing 7.0 * * * Redhat Enterprise Linux Workstation 7.0 * * * Redhat Enterprise Linux For Scientific Computing 6.0 * * * Redhat Enterprise Linux Desktop 7.0 * * * Netapp Oncommand Workflow Automation * * * * Netapp Oncommand Insight * * * * Netapp E-series Santricity Web Services * * * * Netapp E-series Santricity Unified Manager * * * * Netapp E-series Santricity Storage Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Snapmanager 3.4.2 P1 * * Netapp Snapmanager 3.4.2 P1 * * Netapp Plug-in For Symantec Netbackup * * * Netapp Snapmanager * * * * Netapp Snapmanager * * * * Netapp E-series Santricity Management * * * Netapp Steelstore * * * Netapp Cloud Backup * * * Opensuse Leap 15.1 * * * Opensuse Leap 15.0 * * * Opensuse Leap 42.3 * * * Mozilla Firefox Esr * * * Mozilla Thunderbird * * * HP Xp7 Command View * * * * HPE Xp7 Command View Advanced Edition Suite * * * * Oracle Hyperion Infrastructure Technology 11.2.6.0 * * * Oracle Mysql * * * * Oracle Java Se 7u221 * * * Oracle Java Se 8u212 * * * Oracle JDK 12.0.1 * * * Oracle JDK 11.0.3 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 19.04 * * * Canonical Ubuntu Linux 18.10 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 18.04 * * * Debian Debian Linux 9.0 * * * Debian Debian Linux 8.0 * * * Libpng Libpng * * * *	Opensuse Package Hub * * * Suse Linux Enterprise 12.0 * * *
Vulnerability is valid if product versions listed below are used 0
Redhat Enterprise Linux Workstation 6.0 * * * Redhat Enterprise Linux For Power Little Endian 8.0 * * * Redhat Enterprise Linux For Power Big Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 8.0 * * * Redhat Enterprise Linux For Ibm Z Systems 7.0 * * * Redhat Enterprise Linux 8.0 * * * Redhat Satellite 5.8 * * * Redhat Enterprise Linux For Power Big Endian 6.0 * * * Redhat Enterprise Linux Desktop 6.0 * * * Redhat Enterprise Linux For Power Little Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 6.0 * * * Redhat Enterprise Linux 6.0 * * * Redhat Enterprise Linux 7.0 * * * Redhat Enterprise Linux For Scientific Computing 7.0 * * * Redhat Enterprise Linux Workstation 7.0 * * * Redhat Enterprise Linux For Scientific Computing 6.0 * * * Redhat Enterprise Linux Desktop 7.0 * * * Netapp Oncommand Workflow Automation * * * * Netapp Oncommand Insight * * * * Netapp E-series Santricity Web Services * * * * Netapp E-series Santricity Unified Manager * * * * Netapp E-series Santricity Storage Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Snapmanager 3.4.2 P1 * * Netapp Snapmanager 3.4.2 P1 * * Netapp Plug-in For Symantec Netbackup * * * Netapp Snapmanager * * * * Netapp Snapmanager * * * * Netapp E-series Santricity Management * * * Netapp Steelstore * * * Netapp Cloud Backup * * * Opensuse Leap 15.1 * * * Opensuse Leap 15.0 * * * Opensuse Leap 42.3 * * * Mozilla Firefox Esr * * * Mozilla Thunderbird * * * HP Xp7 Command View * * * * HPE Xp7 Command View Advanced Edition Suite * * * * Oracle Hyperion Infrastructure Technology 11.2.6.0 * * * Oracle Mysql * * * * Oracle Java Se 7u221 * * * Oracle Java Se 8u212 * * * Oracle JDK 12.0.1 * * * Oracle JDK 11.0.3 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 19.04 * * * Canonical Ubuntu Linux 18.10 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 18.04 * * * Debian Debian Linux 9.0 * * * Debian Debian Linux 8.0 * * * Libpng Libpng * * * *	Opensuse Package Hub * * * Suse Linux Enterprise 12.0 * * *
Vulnerability is valid if product versions listed below are used 0
Redhat Enterprise Linux Workstation 6.0 * * * Redhat Enterprise Linux For Power Little Endian 8.0 * * * Redhat Enterprise Linux For Power Big Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 8.0 * * * Redhat Enterprise Linux For Ibm Z Systems 7.0 * * * Redhat Enterprise Linux 8.0 * * * Redhat Satellite 5.8 * * * Redhat Enterprise Linux For Power Big Endian 6.0 * * * Redhat Enterprise Linux Desktop 6.0 * * * Redhat Enterprise Linux For Power Little Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 6.0 * * * Redhat Enterprise Linux 6.0 * * * Redhat Enterprise Linux 7.0 * * * Redhat Enterprise Linux For Scientific Computing 7.0 * * * Redhat Enterprise Linux Workstation 7.0 * * * Redhat Enterprise Linux For Scientific Computing 6.0 * * * Redhat Enterprise Linux Desktop 7.0 * * * Netapp Oncommand Workflow Automation * * * * Netapp Oncommand Insight * * * * Netapp E-series Santricity Web Services * * * * Netapp E-series Santricity Unified Manager * * * * Netapp E-series Santricity Storage Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Snapmanager 3.4.2 P1 * * Netapp Snapmanager 3.4.2 P1 * * Netapp Plug-in For Symantec Netbackup * * * Netapp Snapmanager * * * * Netapp Snapmanager * * * * Netapp E-series Santricity Management * * * Netapp Steelstore * * * Netapp Cloud Backup * * * Opensuse Leap 15.1 * * * Opensuse Leap 15.0 * * * Opensuse Leap 42.3 * * * Mozilla Firefox Esr * * * Mozilla Thunderbird * * * HP Xp7 Command View * * * * HPE Xp7 Command View Advanced Edition Suite * * * * Oracle Hyperion Infrastructure Technology 11.2.6.0 * * * Oracle Mysql * * * * Oracle Java Se 7u221 * * * Oracle Java Se 8u212 * * * Oracle JDK 12.0.1 * * * Oracle JDK 11.0.3 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 19.04 * * * Canonical Ubuntu Linux 18.10 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 18.04 * * * Debian Debian Linux 9.0 * * * Debian Debian Linux 8.0 * * * Libpng Libpng * * * *	Opensuse Package Hub * * * Suse Linux Enterprise 12.0 * * *
Vulnerability is valid if product versions listed below are used 0
Redhat Enterprise Linux Workstation 6.0 * * * Redhat Enterprise Linux For Power Little Endian 8.0 * * * Redhat Enterprise Linux For Power Big Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 8.0 * * * Redhat Enterprise Linux For Ibm Z Systems 7.0 * * * Redhat Enterprise Linux 8.0 * * * Redhat Satellite 5.8 * * * Redhat Enterprise Linux For Power Big Endian 6.0 * * * Redhat Enterprise Linux Desktop 6.0 * * * Redhat Enterprise Linux For Power Little Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 6.0 * * * Redhat Enterprise Linux 6.0 * * * Redhat Enterprise Linux 7.0 * * * Redhat Enterprise Linux For Scientific Computing 7.0 * * * Redhat Enterprise Linux Workstation 7.0 * * * Redhat Enterprise Linux For Scientific Computing 6.0 * * * Redhat Enterprise Linux Desktop 7.0 * * * Netapp Oncommand Workflow Automation * * * * Netapp Oncommand Insight * * * * Netapp E-series Santricity Web Services * * * * Netapp E-series Santricity Unified Manager * * * * Netapp E-series Santricity Storage Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Snapmanager 3.4.2 P1 * * Netapp Snapmanager 3.4.2 P1 * * Netapp Plug-in For Symantec Netbackup * * * Netapp Snapmanager * * * * Netapp Snapmanager * * * * Netapp E-series Santricity Management * * * Netapp Steelstore * * * Netapp Cloud Backup * * * Opensuse Leap 15.1 * * * Opensuse Leap 15.0 * * * Opensuse Leap 42.3 * * * Mozilla Firefox Esr * * * Mozilla Thunderbird * * * HP Xp7 Command View * * * * HPE Xp7 Command View Advanced Edition Suite * * * * Oracle Hyperion Infrastructure Technology 11.2.6.0 * * * Oracle Mysql * * * * Oracle Java Se 7u221 * * * Oracle Java Se 8u212 * * * Oracle JDK 12.0.1 * * * Oracle JDK 11.0.3 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 19.04 * * * Canonical Ubuntu Linux 18.10 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 18.04 * * * Debian Debian Linux 9.0 * * * Debian Debian Linux 8.0 * * * Libpng Libpng * * * *	Opensuse Package Hub * * * Suse Linux Enterprise 12.0 * * *
Vulnerability is valid if product versions listed below are used 0
Redhat Enterprise Linux Workstation 6.0 * * * Redhat Enterprise Linux For Power Little Endian 8.0 * * * Redhat Enterprise Linux For Power Big Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 8.0 * * * Redhat Enterprise Linux For Ibm Z Systems 7.0 * * * Redhat Enterprise Linux 8.0 * * * Redhat Satellite 5.8 * * * Redhat Enterprise Linux For Power Big Endian 6.0 * * * Redhat Enterprise Linux Desktop 6.0 * * * Redhat Enterprise Linux For Power Little Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 6.0 * * * Redhat Enterprise Linux 6.0 * * * Redhat Enterprise Linux 7.0 * * * Redhat Enterprise Linux For Scientific Computing 7.0 * * * Redhat Enterprise Linux Workstation 7.0 * * * Redhat Enterprise Linux For Scientific Computing 6.0 * * * Redhat Enterprise Linux Desktop 7.0 * * * Netapp Oncommand Workflow Automation * * * * Netapp Oncommand Insight * * * * Netapp E-series Santricity Web Services * * * * Netapp E-series Santricity Unified Manager * * * * Netapp E-series Santricity Storage Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Snapmanager 3.4.2 P1 * * Netapp Snapmanager 3.4.2 P1 * * Netapp Plug-in For Symantec Netbackup * * * Netapp Snapmanager * * * * Netapp Snapmanager * * * * Netapp E-series Santricity Management * * * Netapp Steelstore * * * Netapp Cloud Backup * * * Opensuse Leap 15.1 * * * Opensuse Leap 15.0 * * * Opensuse Leap 42.3 * * * Mozilla Firefox Esr * * * Mozilla Thunderbird * * * HP Xp7 Command View * * * * HPE Xp7 Command View Advanced Edition Suite * * * * Oracle Hyperion Infrastructure Technology 11.2.6.0 * * * Oracle Mysql * * * * Oracle Java Se 7u221 * * * Oracle Java Se 8u212 * * * Oracle JDK 12.0.1 * * * Oracle JDK 11.0.3 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 19.04 * * * Canonical Ubuntu Linux 18.10 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 18.04 * * * Debian Debian Linux 9.0 * * * Debian Debian Linux 8.0 * * * Libpng Libpng * * * *	Opensuse Package Hub * * * Suse Linux Enterprise 12.0 * * *
Vulnerability is valid if product versions listed below are used 0
Redhat Enterprise Linux Workstation 6.0 * * * Redhat Enterprise Linux For Power Little Endian 8.0 * * * Redhat Enterprise Linux For Power Big Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 8.0 * * * Redhat Enterprise Linux For Ibm Z Systems 7.0 * * * Redhat Enterprise Linux 8.0 * * * Redhat Satellite 5.8 * * * Redhat Enterprise Linux For Power Big Endian 6.0 * * * Redhat Enterprise Linux Desktop 6.0 * * * Redhat Enterprise Linux For Power Little Endian 7.0 * * * Redhat Enterprise Linux For Ibm Z Systems 6.0 * * * Redhat Enterprise Linux 6.0 * * * Redhat Enterprise Linux 7.0 * * * Redhat Enterprise Linux For Scientific Computing 7.0 * * * Redhat Enterprise Linux Workstation 7.0 * * * Redhat Enterprise Linux For Scientific Computing 6.0 * * * Redhat Enterprise Linux Desktop 7.0 * * * Netapp Oncommand Workflow Automation * * * * Netapp Oncommand Insight * * * * Netapp E-series Santricity Web Services * * * * Netapp E-series Santricity Unified Manager * * * * Netapp E-series Santricity Storage Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager * * * * Netapp Active Iq Unified Manager 9.6 * * * Netapp Snapmanager 3.4.2 P1 * * Netapp Snapmanager 3.4.2 P1 * * Netapp Plug-in For Symantec Netbackup * * * Netapp Snapmanager * * * * Netapp Snapmanager * * * * Netapp E-series Santricity Management * * * Netapp Steelstore * * * Netapp Cloud Backup * * * Opensuse Leap 15.1 * * * Opensuse Leap 15.0 * * * Opensuse Leap 42.3 * * * Mozilla Firefox Esr * * * Mozilla Thunderbird * * * HP Xp7 Command View * * * * HPE Xp7 Command View Advanced Edition Suite * * * * Oracle Hyperion Infrastructure Technology 11.2.6.0 * * * Oracle Mysql * * * * Oracle Java Se 7u221 * * * Oracle Java Se 8u212 * * * Oracle JDK 12.0.1 * * * Oracle JDK 11.0.3 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 19.04 * * * Canonical Ubuntu Linux 18.10 * * * Canonical Ubuntu Linux 16.04 * * * Canonical Ubuntu Linux 18.04 * * * Debian Debian Linux 9.0 * * * Debian Debian Linux 8.0 * * * Libpng Libpng * * * *	Opensuse Package Hub * * * Suse Linux Enterprise 12.0 * * *

- Metasploit Modules Related To CVE-2019-7317

There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)