Vulnerabilities > CVE-2010-0161 - Resource Management Errors vulnerability in Mozilla Seamonkey and Thunderbird
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The nsAuthSSPI::Unwrap function in extensions/auth/nsAuthSSPI.cpp in Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 on Windows Vista, Windows Server 2008 R2, and Windows 7 allows remote SMTP, IMAP, and POP servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via crafted data in a session that uses SSPI.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Windows NASL id MOZILLA_THUNDERBIRD_20024.NASL description The installed version of Thunderbird is earlier than 2.0.0.24. Such versions are potentially affected by multiple vulnerabilities : - The columns of a XUL tree element can be manipulated in a particular way that would leave a pointer owned by the column pointing to freed memory. (MFSA 2009-49) - A heap-based buffer overflow exists in Mozilla last seen 2020-06-01 modified 2020-06-02 plugin id 45110 published 2010-03-19 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/45110 title Mozilla Thunderbird < 2.0.0.24 Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(45110); script_version("1.15"); script_cve_id( "CVE-2009-0689", "CVE-2009-2463", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3077", "CVE-2009-3376", "CVE-2010-0161", "CVE-2010-0163" ); script_bugtraq_id(37366,38831); script_xref(name:"Secunia", value:"37682"); script_name(english:"Mozilla Thunderbird < 2.0.0.24 Multiple Vulnerabilities"); script_summary(english:"Checks version of Thunderbird"); script_set_attribute(attribute:"synopsis",value: "The remote Windows host contains a mail client that is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description",value: "The installed version of Thunderbird is earlier than 2.0.0.24. Such versions are potentially affected by multiple vulnerabilities : - The columns of a XUL tree element can be manipulated in a particular way that would leave a pointer owned by the column pointing to freed memory. (MFSA 2009-49) - A heap-based buffer overflow exists in Mozilla's string to floating point number conversion routines. (MFSA 2009-59) - It is possible to obfuscate the name of files to be downloaded by using a right-to-left override character (RTL). (MFSA 2009-62) - Multiple memory corruption vulnerabilities exist that may result in the execution of arbitrary code. (MFSA 2010-07)"); script_set_attribute(attribute:"see_also",value:"https://www.mozilla.org/en-US/security/advisories/mfsa2010-07/"); script_set_attribute(attribute:"see_also",value:"https://www.mozilla.org/en-US/security/advisories/mfsa2009-62/"); script_set_attribute(attribute:"see_also",value:"https://www.mozilla.org/en-US/security/advisories/mfsa2009-59/"); script_set_attribute(attribute:"see_also",value:"https://www.mozilla.org/en-US/security/advisories/mfsa2009-49/"); script_set_attribute(attribute:"see_also",value:"http://www.nessus.org/u?fff60c73"); script_set_attribute(attribute:"solution",value:"Upgrade to Thunderbird 2.0.0.24 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(16, 94, 119, 189); script_set_attribute(attribute:"vuln_publication_date",value:"2009/09/09"); script_set_attribute(attribute:"patch_publication_date",value:"2010/03/16"); script_set_attribute(attribute:"plugin_publication_date",value:"2010/03/19"); script_cvs_date("Date: 2018/07/16 14:09:15"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:thunderbird"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc."); script_dependencies("mozilla_org_installed.nasl"); script_require_keys("Mozilla/Thunderbird/Version"); exit(0); } include("mozilla_version.inc"); port = get_kb_item_or_exit("SMB/transport"); installs = get_kb_list("SMB/Mozilla/Thunderbird/*"); if (isnull(installs)) audit(AUDIT_NOT_INST, "Thunderbird"); mozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'2.0.0.24', severity:SECURITY_HOLE);NASL family Windows NASL id SEAMONKEY_1119.NASL description The installed version of SeaMonkey is earlier than 1.1.19. Such versions are potentially affected by the following security issues : - The columns of a XUL tree element can be manipulated in a particular way that would leave a pointer owned by the column pointing to freed memory. (MFSA 2009-49) - A heap-based buffer overflow exists in Mozilla last seen 2020-06-01 modified 2020-06-02 plugin id 45111 published 2010-03-19 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/45111 title SeaMonkey < 1.1.19 Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(45111); script_version("1.15"); script_cve_id( "CVE-2009-0689", "CVE-2009-2463", "CVE-2009-2072", "CVE-2009-3075", "CVE-2009-3077", "CVE-2009-3385", "CVE-2009-3983", "CVE-2010-0161", "CVE-2010-0163" ); script_bugtraq_id(37366, 38830, 38831); script_xref(name:"Secunia", value:"39001"); script_name(english:"SeaMonkey < 1.1.19 Multiple Vulnerabilities"); script_summary(english:"Checks version of SeaMonkey"); script_set_attribute(attribute:"synopsis",value: "A web browser on the remote host is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description",value: "The installed version of SeaMonkey is earlier than 1.1.19. Such versions are potentially affected by the following security issues : - The columns of a XUL tree element can be manipulated in a particular way that would leave a pointer owned by the column pointing to freed memory. (MFSA 2009-49) - A heap-based buffer overflow exists in Mozilla's string to floating point number conversion routines. (MFSA 2009-59) - It is possible to obfuscate the name of files to be downloaded by using a right-to-left override character (RTL). (MFSA 2009-62) - Mozilla's NTLM implementation is vulnerable to reflection attacks in which NTLM credentials from one application could be forwarded to another arbitrary application. (MFSA 2009-68) - Scriptable plugin content, such as Flash objects, can be loaded and executed by embedding the content in an iframe inside the message. (MFSA 2010-06) - Multiple memory corruption vulnerabilities exist that may result in the execution of arbitrary code. (MFSA 2010-07)"); script_set_attribute(attribute:"see_also",value:"https://www.mozilla.org/en-US/security/advisories/mfsa2010-06/"); script_set_attribute(attribute:"see_also",value:"https://www.mozilla.org/en-US/security/advisories/mfsa2010-07/"); script_set_attribute(attribute:"see_also",value:"https://www.mozilla.org/en-US/security/advisories/mfsa2009-68/"); script_set_attribute(attribute:"see_also",value:"https://www.mozilla.org/en-US/security/advisories/mfsa2009-62/"); script_set_attribute(attribute:"see_also",value:"https://www.mozilla.org/en-US/security/advisories/mfsa2009-59/"); script_set_attribute(attribute:"see_also",value:"https://www.mozilla.org/en-US/security/advisories/mfsa2009-49/"); script_set_attribute(attribute:"solution",value: "Upgrade to SeaMonkey 2.0.3 / 1.1.19 or later. Note that 1.1.19 is a legacy release and is affected by known vulnerabilities."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(94, 119, 189, 287); script_set_attribute(attribute:"vuln_publication_date",value:"2010/09/09"); script_set_attribute(attribute:"patch_publication_date",value:"2010/03/16"); script_set_attribute(attribute:"plugin_publication_date",value:"2010/03/19"); script_cvs_date("Date: 2018/07/27 18:38:15"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:seamonkey"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc."); script_dependencies("mozilla_org_installed.nasl"); script_require_keys("SeaMonkey/Version"); exit(0); } include("mozilla_version.inc"); port = get_kb_item("SMB/transport"); if (!port) port = 445; installs = get_kb_list("SMB/SeaMonkey/*"); if (isnull(installs)) audit(AUDIT_NOT_INST, "SeaMonkey"); mozilla_check_version(installs:installs, product:'seamonkey', fix:'1.1.19', severity:SECURITY_HOLE);NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2010-071.NASL description Multiple vulnerabilities has been found and corrected in mozilla-thunderbird : Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing (CVE-2009-0689). Integer overflow in a base64 decoding function in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors (CVE-2009-2463). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2009-3072). Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2009-3075). Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns (aka TreeColumns) of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a dangling pointer vulnerability. (CVE-2009-3077) Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file (CVE-2009-3376). Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user (CVE-2009-3983). Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing (CVE-2010-0163). This update provides the latest version of Thunderbird which are not vulnerable to these issues. Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products. Additionally, some packages which require so, have been rebuilt and are being provided as updates. last seen 2020-06-01 modified 2020-06-02 plugin id 45521 published 2010-04-14 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/45521 title Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2010:071) NASL family SuSE Local Security Checks NASL id SUSE9_12616.NASL description This update brings Mozilla SeaMonkey to 1.1.19 fixing various bugs and security issues. The following security issues are fixed : - Mozilla developers took fixes from previously fixed memory safety bugs in newer Mozilla-based products and ported them to the Mozilla 1.8.1 branch so they can be utilized by Thunderbird 2 and SeaMonkey 1.1. (MFSA 2010-07) - Paul Fisher reported a crash when joined to an Active Directory server under Vista or Windows 7 and using SSPI authentication. (CVE-2010-0161) - Ludovic Hirlimann reported a crash indexing some messages with attachments. (CVE-2010-0163) - Carsten Book reported a crash in the JavaScript engine. (CVE-2009-3075) - Josh Soref reported a crash in the BinHex decoder used on non-Mac platforms. (CVE-2009-3072) - monarch2000 reported an integer overflow in a base64 decoding function. (CVE-2009-2463) - Security researcher Takehiro Takahashi of the IBM X-Force reported that Mozilla last seen 2020-06-01 modified 2020-06-02 plugin id 46685 published 2010-05-20 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/46685 title SuSE9 Security Update : epiphany (YOU Patch Number 12616) NASL family SuSE Local Security Checks NASL id SUSE_11_1_SEAMONKEY-100430.NASL description This update brings Mozilla SeaMonkey to 1.1.19 fixing various bugs and security issues. Following security issues are fixed: MFSA 2010-07: Mozilla developers took fixes from previously fixed memory safety bugs in newer Mozilla-based products and ported them to the Mozilla 1.8.1 branch so they can be utilized by Thunderbird 2 and SeaMonkey 1.1. Paul Fisher reported a crash when joined to an Active Directory server under Vista or Windows 7 and using SSPI authentication. (CVE-2010-0161) Ludovic Hirlimann reported a crash indexing some messages with attachments (CVE-2010-0163) Carsten Book reported a crash in the JavaScript engine (CVE-2009-3075) Josh Soref reported a crash in the BinHex decoder used on non-Mac platforms. (CVE-2009-3072) monarch2000 reported an integer overflow in a base64 decoding function (CVE-2009-2463) MFSA 2009-68 / CVE-2009-3983: Security researcher Takehiro Takahashi of the IBM X-Force reported that Mozilla last seen 2020-06-01 modified 2020-06-02 plugin id 46687 published 2010-05-20 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/46687 title openSUSE Security Update : seamonkey (openSUSE-SU-2010:0273-1) NASL family Fedora Local Security Checks NASL id FEDORA_2010-7100.NASL description Update to new upstream SeaMonkey version 1.1.19, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/seamonkey11.html#seamonkey1.1.19 CVE-2010-0161 CVE-2010-0163 CVE-2009-3075 CVE-2009-3072 CVE-2009-2463 CVE-2009-3385 CVE-2009-3983 CVE-2009-3376 CVE-2009-0689 CVE-2009-3077 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47453 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47453 title Fedora 11 : seamonkey-1.1.19-1.fc11 (2010-7100) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_56CFE192329F11DFABB2000F20797EDE.NASL description Mozilla Project reports : MFSA 2010-07 Fixes for potentially exploitable crashes ported to the legacy branch MFSA 2010-06 Scriptable plugin execution in SeaMonkey mail MFSA 2009-68 NTLM reflection vulnerability MFSA 2009-62 Download filename spoofing with RTL override MFSA 2009-59 Heap buffer overflow in string to number conversion MFSA 2009-49 TreeColumns dangling pointer vulnerability last seen 2020-06-01 modified 2020-06-02 plugin id 45114 published 2010-03-22 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/45114 title FreeBSD : mozilla -- multiple vulnerabilities (56cfe192-329f-11df-abb2-000f20797ede) NASL family SuSE Local Security Checks NASL id SUSE_11_1_MOZILLATHUNDERBIRD-100324.NASL description Mozilla Thunderbird was updated to 2.0.0.14 fixing several security issues and bugs. MFSA 2010-07: Mozilla developers took fixes from previously fixed memory safety bugs in newer Mozilla-based products and ported them to the Mozilla 1.8.1 branch so they can be utilized by Thunderbird 2 and SeaMonkey 1.1. Paul Fisher reported a crash when joined to an Active Directory server under Vista or Windows 7 and using SSPI authentication. (CVE-2010-0161) Ludovic Hirlimann reported a crash indexing some messages with attachments (CVE-2010-0163) Carsten Book reported a crash in the JavaScript engine (CVE-2009-3075) Josh Soref reported a crash in the BinHex decoder used on non-Mac platforms. (CVE-2009-3072) monarch2000 reported an integer overflow in a base64 decoding function (CVE-2009-2463) MFSA 2009-68 / CVE-2009-3983: Security researcher Takehiro Takahashi of the IBM X-Force reported that Mozilla last seen 2020-06-01 modified 2020-06-02 plugin id 45376 published 2010-03-30 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/45376 title openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-2189) NASL family SuSE Local Security Checks NASL id SUSE_11_0_MOZILLATHUNDERBIRD-100324.NASL description Mozilla Thunderbird was updated to 2.0.0.14 fixing several security issues and bugs. MFSA 2010-07: Mozilla developers took fixes from previously fixed memory safety bugs in newer Mozilla-based products and ported them to the Mozilla 1.8.1 branch so they can be utilized by Thunderbird 2 and SeaMonkey 1.1. Paul Fisher reported a crash when joined to an Active Directory server under Vista or Windows 7 and using SSPI authentication. (CVE-2010-0161) Ludovic Hirlimann reported a crash indexing some messages with attachments (CVE-2010-0163) Carsten Book reported a crash in the JavaScript engine (CVE-2009-3075) Josh Soref reported a crash in the BinHex decoder used on non-Mac platforms. (CVE-2009-3072) monarch2000 reported an integer overflow in a base64 decoding function (CVE-2009-2463) MFSA 2009-68 / CVE-2009-3983: Security researcher Takehiro Takahashi of the IBM X-Force reported that Mozilla last seen 2020-06-01 modified 2020-06-02 plugin id 45375 published 2010-03-30 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/45375 title openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-2189) NASL family SuSE Local Security Checks NASL id SUSE_11_0_SEAMONKEY-100430.NASL description This update brings Mozilla SeaMonkey to 1.1.19 fixing various bugs and security issues. Following security issues are fixed: MFSA 2010-07: Mozilla developers took fixes from previously fixed memory safety bugs in newer Mozilla-based products and ported them to the Mozilla 1.8.1 branch so they can be utilized by Thunderbird 2 and SeaMonkey 1.1. Paul Fisher reported a crash when joined to an Active Directory server under Vista or Windows 7 and using SSPI authentication. (CVE-2010-0161) Ludovic Hirlimann reported a crash indexing some messages with attachments (CVE-2010-0163) Carsten Book reported a crash in the JavaScript engine (CVE-2009-3075) Josh Soref reported a crash in the BinHex decoder used on non-Mac platforms. (CVE-2009-3072) monarch2000 reported an integer overflow in a base64 decoding function (CVE-2009-2463) MFSA 2009-68 / CVE-2009-3983: Security researcher Takehiro Takahashi of the IBM X-Force reported that Mozilla last seen 2020-06-01 modified 2020-06-02 plugin id 46686 published 2010-05-20 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/46686 title openSUSE Security Update : seamonkey (openSUSE-SU-2010:0273-1)
Oval
| accepted | 2014-10-06T04:01:14.016-04:00 | ||||||||||||||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||||||||||||||
| description | The nsAuthSSPI::Unwrap function in extensions/auth/nsAuthSSPI.cpp in Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 on Windows Vista, Windows Server 2008 R2, and Windows 7 allows remote SMTP, IMAP, and POP servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via crafted data in a session that uses SSPI. | ||||||||||||||||||||||||||||||||||||
| family | windows | ||||||||||||||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:14159 | ||||||||||||||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||||||||||||||
| submitted | 2011-11-25T18:05:16.000-05:00 | ||||||||||||||||||||||||||||||||||||
| title | The nsAuthSSPI::Unwrap function in extensions/auth/nsAuthSSPI.cpp in Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 on Windows Vista, Windows Server 2008 R2, and Windows 7 allows remote SMTP, IMAP, and POP servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via crafted data in a session that uses SSPI. | ||||||||||||||||||||||||||||||||||||
| version | 39 |
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 38831 CVE(CAN) ID: CVE-2010-0161,CVE-2010-0163 Thunderbird是一个邮件客户端,支持IMAP、POP邮件协议以及HTML邮件格式。 如果将Thunderbird客户端配置为使用calmail.berkeley.edu(在这种情况下会对SSL/TLS连接广播 AUTH=GSSAPI),运行在Vista或Windows 7平台上的Thunderbird在加入到AD期间试图使用SSPI时就会崩溃。默认下Thunderbird 2在SMTP期间总会试图使用SSPI。 用户使用Thunderbird客户端打开包含有附件的恶意Mime邮件消息时也可能会崩溃。 Mozilla Thunderbird < 2.0.0.24 Mozilla SeaMonkey < 1.1.19 厂商补丁: Mozilla ------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.mozilla.org/ |
| id | SSV:19323 |
| last seen | 2017-11-19 |
| modified | 2010-03-23 |
| published | 2010-03-23 |
| reporter | Root |
| title | Mozilla Thunderbird多个拒绝服务漏洞 |
References
- http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
- http://secunia.com/advisories/39001
- http://www.mozilla.org/security/announce/2010/mfsa2010-07.html
- http://www.securityfocus.com/bid/38831
- http://www.vupen.com/english/advisories/2010/0648
- https://bugzilla.mozilla.org/show_bug.cgi?id=511806
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56992
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14159