CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (Memory Corruption)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
3501 CVE-2013-1686 399 DoS Exec Code Mem. Corr. 2013-06-25 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
3502 CVE-2013-1685 399 DoS Exec Code Mem. Corr. 2013-06-25 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in the nsIDocument::GetRootElement function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.
3503 CVE-2013-1684 399 DoS Exec Code Mem. Corr. 2013-06-25 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.
3504 CVE-2013-1683 DoS Exec Code Mem. Corr. 2013-06-25 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
3505 CVE-2013-1682 DoS Exec Code Mem. Corr. 2013-06-25 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
3506 CVE-2013-1681 399 DoS Exec Code Mem. Corr. 2013-05-16 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
3507 CVE-2013-1680 119 DoS Exec Code Overflow Mem. Corr. 2013-05-16 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
3508 CVE-2013-1679 399 DoS Exec Code Mem. Corr. 2013-05-16 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the mozilla::plugins::child::_geturlnotify function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
3509 CVE-2013-1669 DoS Exec Code Mem. Corr. 2013-05-16 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
3510 CVE-2013-1659 DoS Exec Code Mem. Corr. 2013-02-22 2013-02-25
7.6
None Remote High Not required Complete Complete Complete
VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption) by modifying the client-server data stream.
3511 CVE-2013-1493 119 1 DoS Exec Code Overflow Mem. Corr. 2013-03-05 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
3512 CVE-2013-1480 Mem. Corr. 2013-02-01 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption.
3513 CVE-2013-1478 Overflow Mem. Corr. 2013-02-01 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" that can trigger an integer overflow and memory corruption.
3514 CVE-2013-1405 287 DoS Exec Code Mem. Corr. 2013-02-15 2013-02-15
10.0
None Remote Low Not required Complete Complete Complete
VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3.5 through 4.1, and VMware ESX 3.5 through 4.1 do not properly implement the management authentication protocol, which allow remote servers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
3515 CVE-2013-1386 DoS Exec Code Mem. Corr. 2013-04-09 2013-04-10
10.0
None Remote Low Not required Complete Complete Complete
Adobe Shockwave Player before 12.0.2.122 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-1384.
3516 CVE-2013-1384 DoS Exec Code Mem. Corr. 2013-04-09 2013-04-10
10.0
None Remote Low Not required Complete Complete Complete
Adobe Shockwave Player before 12.0.2.122 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-1386.
3517 CVE-2013-1380 DoS Exec Code Mem. Corr. 2013-04-09 2014-03-26
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-1378.
3518 CVE-2013-1379 119 DoS Exec Code Overflow Mem. Corr. 2013-04-09 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 do not properly initialize pointer arrays, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
3519 CVE-2013-1378 119 DoS Exec Code Overflow Mem. Corr. 2013-04-09 2014-03-26
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-1380.
3520 CVE-2013-1377 119 DoS Exec Code Overflow Mem. Corr. 2013-07-31 2013-07-31
10.0
None Remote Low Not required Complete Complete Complete
Adobe Digital Editions 2.x before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
3521 CVE-2013-1371 119 DoS Exec Code Overflow Mem. Corr. 2013-03-13 2014-03-26
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
3522 CVE-2013-1346 119 DoS Exec Code Overflow Mem. Corr. 2013-05-15 2013-05-15
9.3
None Remote Medium Not required Complete Complete Complete
mpengine.dll in Microsoft Malware Protection Engine before 1.1.9506.0 on x64 platforms allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file.
3523 CVE-2013-1315 119 DoS Exec Code Overflow Mem. Corr. 2013-09-11 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
3524 CVE-2013-1295 119 Overflow +Priv Mem. Corr. 2013-04-09 2018-10-12
7.2
None Local Low Not required Complete Complete Complete
The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "CSRSS Memory Corruption Vulnerability."
3525 CVE-2013-1119 119 DoS Exec Code Overflow Mem. Corr. 2013-09-06 2013-09-06
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DHT index value in JPEG data within a WRF file, aka Bug ID CSCuc24503.
3526 CVE-2013-1117 119 DoS Exec Code Overflow Mem. Corr. 2013-09-06 2013-09-06
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in the exception handler in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCuc27639.
3527 CVE-2013-1116 119 DoS Exec Code Overflow Mem. Corr. 2013-09-06 2013-09-06
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted ARF file, aka Bug IDs CSCue74147 and CSCub28383.
3528 CVE-2013-1115 119 DoS Exec Code Overflow Mem. Corr. 2013-09-06 2013-09-06
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ARF file, aka Bug IDs CSCue74118, CSCub28371, CSCud23401, and CSCud31109.
3529 CVE-2013-1047 119 DoS Exec Code Overflow Mem. Corr. 2013-09-19 2016-11-17
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.
3530 CVE-2013-1046 119 DoS Exec Code Overflow Mem. Corr. 2013-09-19 2014-01-27
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.
3531 CVE-2013-1045 119 DoS Exec Code Overflow Mem. Corr. 2013-09-19 2014-01-27
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.
3532 CVE-2013-1044 119 DoS Exec Code Overflow Mem. Corr. 2013-09-19 2014-01-27
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.
3533 CVE-2013-1043 119 DoS Exec Code Overflow Mem. Corr. 2013-09-19 2014-01-27
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.
3534 CVE-2013-1042 119 DoS Exec Code Overflow Mem. Corr. 2013-09-19 2014-01-27
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.
3535 CVE-2013-1041 119 DoS Exec Code Overflow Mem. Corr. 2013-09-19 2016-11-18
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.
3536 CVE-2013-1040 119 DoS Exec Code Overflow Mem. Corr. 2013-09-19 2016-11-18
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.
3537 CVE-2013-1039 119 DoS Exec Code Overflow Mem. Corr. 2013-09-19 2016-11-18
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.
3538 CVE-2013-1038 119 DoS Exec Code Overflow Mem. Corr. 2013-09-19 2016-11-18
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.
3539 CVE-2013-1037 119 DoS Exec Code Overflow Mem. Corr. 2013-09-19 2016-11-18
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.
3540 CVE-2013-1036 119 DoS Exec Code Overflow Mem. Corr. 2013-09-19 2013-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Safari in Apple iOS before 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
3541 CVE-2013-1035 119 DoS Exec Code Overflow Mem. Corr. 2013-09-19 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
The iTunes ActiveX control in Apple iTunes before 11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
3542 CVE-2013-1032 119 DoS Exec Code Overflow Mem. Corr. 2013-09-16 2014-03-05
6.8
None Remote Medium Not required Partial Partial Partial
QuickTime in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted idsc atom in a QuickTime movie file.
3543 CVE-2013-1023 119 DoS Exec Code Overflow Mem. Corr. 2013-06-05 2013-06-05
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2013-1009.
3544 CVE-2013-1020 399 DoS Exec Code Mem. Corr. 2013-05-24 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JPEG data in a movie file.
3545 CVE-2013-1015 119 DoS Exec Code Overflow Mem. Corr. 2013-05-24 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TeXML file.
3546 CVE-2013-1011 399 DoS Exec Code Mem. Corr. 2013-05-20 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3547 CVE-2013-1010 399 DoS Exec Code Mem. Corr. 2013-05-20 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3548 CVE-2013-1009 119 DoS Exec Code Overflow Mem. Corr. 2013-06-05 2013-06-05
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2013-1023.
3549 CVE-2013-1008 399 DoS Exec Code Mem. Corr. 2013-05-20 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3550 CVE-2013-1007 399 DoS Exec Code Mem. Corr. 2013-05-20 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
Total number of vulnerabilities : 5273   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 (This Page)72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.