Oracle Solaris Third Party Bulletin - July 2018

Related Vulnerabilities: CVE-2016-2337   CVE-2017-2292   CVE-2016-3616   CVE-2017-7555   CVE-2017-8291   CVE-2018-1166   CVE-2016-3958   CVE-2016-1246   CVE-2016-3959   CVE-2016-8864   CVE-2017-3135   CVE-2017-8786   CVE-2018-0500   CVE-2018-0732   CVE-2016-9013   CVE-2016-9014   CVE-2016-10196   CVE-2018-14424   CVE-2017-1000083   CVE-2016-1251   CVE-2017-3138   CVE-2017-5753   CVE-2017-9110   CVE-2016-10504   CVE-2016-6352   CVE-2016-7977   CVE-2015-9251   CVE-2018-5950   CVE-2016-6153   CVE-2016-7957   CVE-2016-9185   CVE-2017-10788   CVE-2017-2592   CVE-2017-3136   CVE-2018-0737   CVE-2018-1000024   CVE-2016-7979   CVE-2016-10165   CVE-2016-7162   CVE-2017-17087   CVE-2018-10919   CVE-2017-11112   CVE-2017-11113   CVE-2017-5334   CVE-2017-5335   CVE-2018-8011   CVE-2016-1952   CVE-2016-1249   CVE-2017-8932   CVE-2016-7044   CVE-2016-7163   CVE-2016-1924   CVE-2016-3190   CVE-2016-7445   CVE-2016-9179   CVE-2017-11109   CVE-2018-12085   CVE-2016-2167   CVE-2016-2168   CVE-2016-7166   CVE-2017-3140   CVE-2017-7407   CVE-2016-7553   CVE-2017-12982   CVE-2017-14039   CVE-2017-7511   CVE-2018-8740   CVE-2015-8107   CVE-2016-7976   CVE-2017-11368   CVE-2017-7544   CVE-2017-11735   CVE-2017-14160   CVE-2018-10392   CVE-2018-12364   CVE-2018-8905   CVE-2017-1000158   CVE-2017-13738   CVE-2017-2862   CVE-2016-2179   CVE-2016-4425   CVE-2016-9811   CVE-2017-16844   CVE-2017-17095   CVE-2017-3145   CVE-2017-3600   CVE-2018-14341   CVE-2018-0495   CVE-2016-10198   CVE-2018-8014   CVE-2017-13726   CVE-2018-1000021   CVE-2018-6126   CVE-2017-17969   CVE-2018-10115   CVE-2018-12020   CVE-2017-12613   CVE-2017-7418   CVE-2018-5996   CVE-2018-11233   CVE-2018-11235   CVE-2018-12359   CVE-2018-12360   CVE-2018-12362   CVE-2018-12363   CVE-2018-12365   CVE-2018-12366   CVE-2018-12368   CVE-2018-5156   CVE-2018-5188   CVE-2016-9445   CVE-2016-9446   CVE-2016-9447   CVE-2016-9634   CVE-2016-9635   CVE-2016-9636   CVE-2016-9807   CVE-2016-9808   CVE-2016-9809   CVE-2016-9810   CVE-2016-9812   CVE-2016-9813   CVE-2016-10199   CVE-2017-5838   CVE-2017-5839   CVE-2017-5840   CVE-2017-5841   CVE-2017-5842   CVE-2017-5844   CVE-2017-5845   CVE-2016-2105   CVE-2016-2106   CVE-2016-2177   CVE-2016-2178   CVE-2016-2180   CVE-2016-2181   CVE-2016-2182   CVE-2016-2183   CVE-2016-3424   CVE-2016-3440   CVE-2016-3452   CVE-2016-3459   CVE-2016-3486   CVE-2016-3492   CVE-2016-3495   CVE-2016-3501   CVE-2016-3518   CVE-2016-3588   CVE-2016-3614   CVE-2016-3615   CVE-2016-5436   CVE-2016-5437   CVE-2016-5439   CVE-2016-5440   CVE-2016-5441   CVE-2016-5442   CVE-2016-5443   CVE-2016-5444   CVE-2016-5507   CVE-2016-5584   CVE-2016-5609   CVE-2016-5612   CVE-2016-5624   CVE-2016-5625   CVE-2016-5626   CVE-2016-5627   CVE-2016-5628   CVE-2016-5629   CVE-2016-5630   CVE-2016-5631   CVE-2016-5632   CVE-2016-5633   CVE-2016-5634   CVE-2016-5635   CVE-2016-6302   CVE-2016-6303   CVE-2016-6306   CVE-2016-7440   CVE-2016-8283   CVE-2016-8284   CVE-2016-8286   CVE-2016-8287   CVE-2016-8288   CVE-2016-8289   CVE-2016-8290   CVE-2017-10155   CVE-2017-10165   CVE-2017-10167   CVE-2017-10227   CVE-2017-10268   CVE-2017-10276   CVE-2017-10279   CVE-2017-10283   CVE-2017-10284   CVE-2017-10286   CVE-2017-10294   CVE-2017-10296   CVE-2017-10311   CVE-2017-10313   CVE-2017-10314   CVE-2017-10320   CVE-2017-10365   CVE-2017-10379   CVE-2017-10384   CVE-2017-3308   CVE-2017-3309   CVE-2017-3329   CVE-2017-3331   CVE-2017-3450   CVE-2017-3453   CVE-2017-3454   CVE-2017-3455   CVE-2017-3456   CVE-2017-3457   CVE-2017-3458   CVE-2017-3459   CVE-2017-3460   CVE-2017-3461   CVE-2017-3462   CVE-2017-3463   CVE-2017-3464   CVE-2017-3465   CVE-2017-3467   CVE-2017-3468   CVE-2017-3529   CVE-2017-3599   CVE-2017-3633   CVE-2017-3634   CVE-2017-3635   CVE-2017-3637   CVE-2017-3638   CVE-2017-3639   CVE-2017-3640   CVE-2017-3641   CVE-2017-3642   CVE-2017-3643   CVE-2017-3644   CVE-2017-3645   CVE-2017-3647   CVE-2017-3648   CVE-2017-3649   CVE-2017-3650   CVE-2017-3651   CVE-2017-3652   CVE-2017-3653   CVE-2017-3731   CVE-2017-3732   CVE-2017-3737   CVE-2018-2562   CVE-2018-2565   CVE-2018-2573   CVE-2018-2576   CVE-2018-2583   CVE-2018-2586   CVE-2018-2590   CVE-2018-2591   CVE-2018-2600   CVE-2018-2612   CVE-2018-2622   CVE-2018-2640   CVE-2018-2645   CVE-2018-2646   CVE-2018-2647   CVE-2018-2665   CVE-2018-2667   CVE-2018-2668   CVE-2018-2696   CVE-2018-2703   CVE-2018-2755   CVE-2018-2758   CVE-2018-2759   CVE-2018-2761   CVE-2018-2762   CVE-2018-2766   CVE-2018-2769   CVE-2018-2771   CVE-2018-2773   CVE-2018-2775   CVE-2018-2776   CVE-2018-2777   CVE-2018-2778   CVE-2018-2779   CVE-2018-2780   CVE-2018-2781   CVE-2018-2782   CVE-2018-2784   CVE-2018-2786   CVE-2018-2787   CVE-2018-2810   CVE-2018-2812   CVE-2018-2813   CVE-2018-2816   CVE-2018-2817   CVE-2018-2818   CVE-2018-2819   CVE-2018-2839   CVE-2018-2846   CVE-2017-13739   CVE-2017-13740   CVE-2017-13741   CVE-2017-13742   CVE-2017-13743   CVE-2017-13744   CVE-2017-3137   CVE-2017-11333   CVE-2018-5146   CVE-2018-10393   CVE-2018-1336   CVE-2018-8034   CVE-2018-8037   CVE-2017-3738   CVE-2018-0739   CVE-2018-2767   CVE-2018-3054   CVE-2018-3056   CVE-2018-3058   CVE-2018-3060   CVE-2018-3061   CVE-2018-3062   CVE-2018-3064   CVE-2018-3065   CVE-2018-3066   CVE-2018-3070   CVE-2018-3071   CVE-2018-3077   CVE-2018-3081   CVE-2018-10963   CVE-2018-14339   CVE-2018-14340   CVE-2018-14342   CVE-2018-14343   CVE-2018-14344   CVE-2018-14367   CVE-2018-14368   CVE-2018-14369   CVE-2018-12372   CVE-2018-12373   CVE-2018-12374   CVE-2017-11462   CVE-2017-15088   CVE-2018-5710   CVE-2018-5729   CVE-2018-5730   CVE-2001-1593   CVE-2014-0466   CVE-2017-14040   CVE-2017-14041   CVE-2017-14151   CVE-2017-14152   CVE-2017-14164   CVE-2016-7978   CVE-2015-8915   CVE-2015-8916   CVE-2015-8917   CVE-2015-8918   CVE-2015-8919   CVE-2015-8920   CVE-2015-8921   CVE-2015-8922   CVE-2015-8923   CVE-2015-8924   CVE-2015-8925   CVE-2015-8926   CVE-2015-8927   CVE-2015-8928   CVE-2015-8929   CVE-2015-8930   CVE-2015-8931   CVE-2015-8932   CVE-2015-8933   CVE-2015-8934   CVE-2017-5336   CVE-2017-5337   CVE-2016-7045   CVE-2017-5429   CVE-2017-5430   CVE-2017-5432   CVE-2017-5433   CVE-2017-5434   CVE-2017-5435   CVE-2017-5436   CVE-2017-5438   CVE-2017-5439   CVE-2017-5440   CVE-2017-5441   CVE-2017-5442   CVE-2017-5443   CVE-2017-5444   CVE-2017-5445   CVE-2017-5446   CVE-2017-5447   CVE-2017-5448   CVE-2017-5449   CVE-2017-5451   CVE-2017-5454   CVE-2017-5455   CVE-2017-5456   CVE-2017-5459   CVE-2017-5460   CVE-2017-5461   CVE-2017-5462   CVE-2017-5464   CVE-2017-5465   CVE-2017-5466   CVE-2017-5467   CVE-2017-5468   CVE-2017-5469   CVE-2016-10505   CVE-2016-10506   CVE-2016-10507   CVE-2017-9083   CVE-2017-9406   CVE-2017-9408   CVE-2016-7958   CVE-2015-4513   CVE-2016-1930   CVE-2016-2805   CVE-2016-2807   CVE-2016-2808   CVE-2016-1923   CVE-2017-9111   CVE-2017-9112   CVE-2017-9113   CVE-2017-9114   CVE-2017-9115   CVE-2017-9116   CVE-2018-1000027   CVE-2017-1000382   CVE-2017-13884   CVE-2017-13885   CVE-2017-5715   CVE-2017-7153   CVE-2017-7160   CVE-2017-7161   CVE-2017-7165   CVE-2018-4088   CVE-2018-4089   CVE-2018-4096   CVE-2012-6708   CVE-2018-1333  

Oracle Solaris Third Party Bulletin - July 2018


Description

The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions. Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critical Patch Updates are released. These bulletins will also be updated on the Tuesday closest to the 17th of the following two months after their release (i.e. the two months between the normal quarterly Critical Patch Update publication dates). In addition, Third Party Bulletins may also be updated for vulnerability fixes deemed too critical to wait for the next monthly update.

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Third Party Bulletin fixes as soon as possible.


Patch Availability

Please see My Oracle Support Note 1448883.1


Third Party Bulletin Schedule

Third Party Bulletins are released on the Tuesday closest to the 17th day of January, April, July and October. The next four dates are:

  • 16 October 2018
  • 15 January 2019
  • 16 April 2019
  • 16 July 2019

References


Modification History

2018-September-24 Rev 3. Added all CVEs fixed in Solaris 11.4 and Solaris 11.4 SRU 1
2018-August-23 Rev 2. Added all CVEs fixed in Solaris 11.3 SRU 35
2018-July-17 Rev 1. Initial Release with all CVEs fixed in Solaris 11.3 SRU 34

 

 

Oracle Solaris Executive Summary

 

This Oracle Solaris Bulletin contains 103 new security fixes for the Oracle Solaris Operating System.  62 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password. 

 

Oracle Solaris Third Party Bulletin Risk Matrix

 


Revision 3: Published on 2018-09-24



CVE# Product Third
Party
component
Protocol Remote
Exploit
without
Auth.?
CVSS VERSION 3.0 RISK (see Risk Matrix Definitions) Supported
Versions
Affected
Notes
Base
Score
Attack
Vector
Attack
Complexity
Privs
Req'd
User
Interact
Scope Confid-
entiality
Inte-
grity
Avail-
ability
CVE-2016-2337 Solaris Ruby Multiple Yes 9.8 Network Low None None Un
changed
High High High 11.3  
CVE-2017-2292 Solaris MCollective Multiple No 9 Network Low High None Changed High High Low 11.3  
CVE-2016-3616 Solaris LibJPEG None No 7.8 Local Low None Required Un
changed
High High High 11.4, 10  
CVE-2017-7555 Solaris Augeas None No 7.8 Local Low Low None Un
changed
High High High 11.3  
CVE-2017-8291 Solaris Ghostscript None No 7.8 Local Low None Required Un
changed
High High High 11.3  
CVE-2018-1166 Solaris SMB FS None No 7.8 Local Low Low None Un
changed
High High High 11.3  
CVE-2016-3958 Solaris Go Programming Language None No 7.7 Local Low None None Un
changed
High High None 11.3  
CVE-2016-1246 Solaris Mysql module for perl Multiple Yes 7.5 Network Low None None Un
changed
None None High 11.3  
CVE-2016-3959 Solaris Go Programming Language Multiple Yes 7.5 Network Low None None Un
changed
None None High 11.3  
CVE-2016-8864 Solaris Bind DNS Yes 7.5 Network Low None None Un
changed
None None High 11.3 See
Note 32
CVE-2017-3135 Solaris Bind DNS Yes 7.5 Network Low None None Un
changed
None None High 11.3  
CVE-2017-8786 Solaris PCRE Multiple Yes 7.5 Network Low None None Un
changed
None None High 11.3  
CVE-2018-0500 Solaris LibcURL Multiple Yes 7.5 Network High None Required Un
changed
High High High 11.4  
CVE-2018-0732 Solaris OpenSSL SSL/TLS Yes 7.5 Network Low None None Un
changed
None None High 11.4, 10  
CVE-2016-9013 Solaris Django Python web framework Multiple Yes 7.4 Network High None None Un
changed
High High None 11.3  
CVE-2016-9014 Solaris Django Python web framework Multiple Yes 7.4 Network High None None Un
changed
High High None 11.3  
CVE-2016-10196 Solaris Firefox Multiple Yes 7.3 Network Low None None Un
changed
Low Low Low 11.3 See
Note 23
CVE-2016-10196 Solaris Thunderbird Multiple Yes 7.3 Network Low None None Un
changed
Low Low Low 11.3 See
Note 28
CVE-2018-14424 Solaris GDM display manager None No 7.3 Local Low Low Required Un
changed
High High High 11.4  
CVE-2017-1000083 Solaris Evince Multiple Yes 7.1 Network Low None Required Changed Low Low Low 11.3  
CVE-2016-1251 Solaris Mysql module for perl Multiple Yes 6.5 Network Low None Required Un
changed
None High None 11.3  
CVE-2017-3138 Solaris Bind DNS No 6.5 Network Low Low None Un
changed
None None High 11.3  
CVE-2017-5753 Solaris WebKitGTK+ None No 6.5 Local Low High Required Un
changed
High High High 11.4 See
Note 36
CVE-2017-9110 Solaris Openexr Multiple Yes 6.5 Network Low None Required Un
changed
None None High 11.3 See
Note 33
CVE-2016-10504 Solaris OpenJPEG Multiple Yes 6.3 Network Low None Required Un
changed
Low Low Low 11.3 See
Note 24
CVE-2016-6352 Solaris GDK-Pixbuf Multiple Yes 6.3 Network Low None Required Un
changed
Low Low Low 11.3, 10  
CVE-2016-7977 Solaris Ghostscript None No 6.2 Local Low None None Un
changed
High None None 11.3  
CVE-2015-9251 Solaris Automated Install Engine Multiple Yes 6.1 Network Low None Required Changed Low Low None 11.4 See
Note 37
CVE-2018-5950 Solaris Mailman Multiple Yes 6.1 Network Low None Required Changed Low Low None 11.4  
CVE-2016-6153 Solaris SQLite3 None No 5.9 Local Low None None Un
changed
Low Low Low 11.3  
CVE-2016-7957 Solaris Wireshark Multiple Yes 5.9 Network High None None Un
changed
None None High 11.3 See
Note 26
CVE-2016-9185 Solaris OpenStack Orchestration API (Heat) Multiple Yes 5.9 Network High None None Un
changed
High None None 11.3  
CVE-2017-10788 Solaris Mysql module for perl Multiple Yes 5.9 Network High None None Un
changed
None None High 11.3  
CVE-2017-2592 Solaris Openstack Middleware Library None No 5.9 Local Low Low Required Changed High None None 11.3  
CVE-2017-3136 Solaris Bind DNS Yes 5.9 Network High None None Un
changed
None None High 11.3 See
Note 31
CVE-2018-0737 Solaris OpenSSL SSL/TLS Yes 5.9 Network High None None Un
changed
High None None 11.4, 10  
CVE-2018-1000024 Solaris Squid Multiple Yes 5.9 Network High None None Un
changed
None None High 11.3 See
Note 34
CVE-2016-7977 Solaris Ghostscript Multiple Yes 5.8 Network High None Required Changed Low Low Low 11.3 See
Note 19
CVE-2016-7979 Solaris Ghostscript Multiple Yes 5.8 Network High None Required Changed Low Low Low 11.3  
CVE-2016-10165 Solaris LittleCMS None No 5.7 Local High None None Un
changed
Low None High 11.3  
CVE-2016-7162 Solaris File Roller None No 5.5 Local Low None Required Un
changed
None High None 11.3  
CVE-2017-17087 Solaris VIM None No 5.5 Local Low Low None Un
changed
High None None 11.4 See
Note 35
CVE-2018-10919 Solaris Samba Multiple No 5.4 Adjacent
Network
Low None None Un
changed
Low Low None 11.4, 10  
CVE-2017-11112 Solaris Ncurses None No 5.3 Local Low Low None Un
changed
Low Low Low 11.3  
CVE-2017-11113 Solaris Ncurses None No 5.3 Local Low Low None Un
changed
Low Low Low 11.3  
CVE-2017-5334 Solaris GnuTLS SSL/TLS Yes 5.3 Network Low None None Un
changed
None Low None 11.3  
CVE-2017-5335 Solaris GnuTLS SSL/TLS Yes 5.3 Network Low None None Un
changed
None None Low 11.3 See
Note 21
CVE-2018-8011 Solaris Apache HTTP server HTTP Yes 5.3 Network Low None None Un
changed
None None Low 11.4 See
Note 38
CVE-2016-1952 Solaris MozJS Multiple Yes 5 Network High None Required Un
changed
Low Low Low 11.3 See
Note 27
CVE-2016-1249 Solaris Mysql module for perl Multiple Yes 4.8 Network High None None Un
changed
Low None Low 11.3  
CVE-2017-8932 Solaris Go Programming Language Multiple Yes 4.8 Network High None None Un
changed
Low Low None 11.3  
CVE-2016-7044 Solaris Irssi None No 4.4 Local Low None Required Un
changed
None Low Low 11.3 See
Note 22
CVE-2016-7163 Solaris OpenJPEG None No 4.4 Local Low None Required Un
changed
None Low Low 11.3  
CVE-2016-1924 Solaris OpenJPEG Multiple Yes 4.3 Network Low None Required Un
changed
None None Low 11.3 See
Note 30
CVE-2016-3190 Solaris Cairo Graphics Library Multiple Yes 4.3 Network Low None Required Un
changed
None None Low 11.3  
CVE-2016-7445 Solaris OpenJPEG Multiple Yes 4.3 Network Low None Required Un
changed
None None Low 11.3  
CVE-2016-9179 Solaris Lynx Multiple Yes 4.2 Network High None Required Un
changed
Low Low None 11.3  
CVE-2017-11109 Solaris VIM None No 4.2 Local High Low Required Un
changed
Low Low Low 11.3  
CVE-2018-12085 Solaris Liblouis Multiple Yes 4.2 Network High None Required Un
changed
None Low Low 11.4  
CVE-2016-2167 Solaris Apache Subversion Multiple No 3.9 Network High High Required Un
changed
Low Low Low 11.3  
CVE-2016-2168 Solaris Apache Subversion Multiple No 3.9 Network High High Required Un
changed
Low Low Low 11.3  
CVE-2016-7166 Solaris Libarchive Multiple Yes 3.7 Network High None None Un
changed
Low None None 11.3 See
Note 20
CVE-2017-3140 Solaris Bind DNS Yes 3.7 Network High None None Un
changed
None None Low 11.3  
CVE-2017-7407 Solaris LibcURL None No 3.5 Physical Low None None Un
changed
Low Low None 11.3  
CVE-2016-7553 Solaris Irssi None No 3.3 Local Low None Required Un
changed
Low None None 11.3  
CVE-2017-12982 Solaris OpenJPEG None No 3.3 Local Low None Required Un
changed
None None Low 11.3  
CVE-2017-14039 Solaris OpenJPEG None No 3.3 Local Low None Required Un
changed
None None Low 11.3 See
Note 18
CVE-2017-7511 Solaris Poppler None No 3.3 Local Low None Required Un
changed
None None Low 11.3 See
Note 25
CVE-2017-7511 Solaris Poppler None No 3.3 Local Low None Required Un
changed
None None Low 11.3  
CVE-2018-8740 Solaris SQLite3 None No 3.3 Local Low Low None Un
changed
None None Low 11.4  
CVE-2015-8107 Solaris A2ps Print Filter Multiple Yes 3.1 Network High None Required Un
changed
Low None None 11.3 See
Note 17
CVE-2016-7976 Solaris Ghostscript None No 2.8 Local Low Low Required Un
changed
None None Low 11.3 See
Note 29


Revision 2: Published on 2018-08-23



CVE# Product Third
Party
component
Protocol Remote
Exploit
without
Auth.?
CVSS VERSION 3.0 RISK (see Risk Matrix Definitions) Supported
Versions
Affected
Notes
Base
Score
Attack
Vector
Attack
Complexity
Privs
Req'd
User
Interact
Scope Confid-
entiality
Inte-
grity
Avail-
ability
CVE-2017-11368 Solaris Kerberos Multiple Yes 9.8 Network Low None None Un
changed
High High High 11.3 See
Note 16
CVE-2017-7544 Solaris LibEXIF Multiple Yes 9.1 Network Low None None Un
changed
High None High 11.3  
CVE-2017-11735 Solaris Libvorbis Multiple Yes 8.8 Network Low None Required Un
changed
High High High 11.3 See
Note 9
CVE-2017-14160 Solaris Libvorbis Multiple Yes 8.8 Network Low None Required Un
changed
High High High 11.3 See
Note 10
CVE-2018-10392 Solaris Libvorbis Multiple Yes 8.8 Network Low None Required Un
changed
High High High 11.3  
CVE-2018-12364 Solaris Thunderbird Multiple Yes 8.8 Network Low None Required Un
changed
High High High 11.3 See
Note 15
CVE-2018-8905 Solaris LibTIFF Multiple Yes 8.8 Network Low None Required Un
changed
High High High 11.3  
CVE-2017-1000158 Solaris Python Multiple Yes 8.1 Network High None None Un
changed
High High High 11.3  
CVE-2017-13738 Solaris Liblouis None No 7.8 Local Low Low None Un
changed
High High High 11.3 See
Note 7
CVE-2017-2862 Solaris Gdk-Pixbuf None No 7.8 Local Low None Required Un
changed
High High High 11.3  
CVE-2016-2179 Solaris MySQL Multiple No 7.7 Network Low Low None Changed None None High 11.3 See
Note 6
CVE-2016-4425 Solaris Jansson Multiple Yes 7.5 Network Low None None Un
changed
None None High 11.3  
CVE-2016-9811 Solaris GStreamer Multiple Yes 7.5 Network High None Required Un
changed
High High High 11.3 See
Note 4
CVE-2017-16844 Solaris Procmail Multiple Yes 7.5 Network High None Required Un
changed
High High High 11.3  
CVE-2017-17095 Solaris LibTIFF Multiple Yes 7.5 Network Low None None Un
changed
None None High 11.3  
CVE-2017-3145 Solaris Bind DNS Yes 7.5 Network Low None None Un
changed
None None High 11.3 See
Note 8
CVE-2017-3600 Solaris MySQL Multiple No 7.1 Network Low Low None Un
changed
None Low High 11.3 See
Note 12
CVE-2018-14341 Solaris Wireshark Multiple Yes 5.9 Network High None None Un
changed
None None High 11.3 See
Note 14
CVE-2018-0495 Solaris Libgcrypt None No 5.1 Local High None None Un
changed
High None None 11.3  
CVE-2016-10198 Solaris GStreamer Multiple Yes 5 Network High None Required Un
changed
Low Low Low 11.3 See
Note 5
CVE-2018-8014 Solaris Apache Tomcat Multiple No 4.3 Network Low Low None Un
changed
Low None None 11.3 See
Note 11
CVE-2017-13726 Solaris LibTIFF None No 3.3 Local Low None Required Un
changed
None None Low 11.3 See
Note 13




Revision 1: Published on 2018-07-17



CVE# Product Third
Party
component
Protocol Remote
Exploit
without
Auth.?
CVSS VERSION 3.0 RISK (see Risk Matrix Definitions) Supported
Versions
Affected
Notes
Base
Score
Attack
Vector
Attack
Complexity
Privs
Req'd
User
Interact
Scope Confid-
entiality
Inte-
grity
Avail-
ability
CVE-2018-1000021 Solaris Git Multiple Yes 8.8 Network Low None Required Un
changed
High High High 11.3 See
Note 2
CVE-2018-6126 Solaris Firefox Multiple Yes 8.8 Network Low None Required Un
changed
High High High 11.3  
CVE-2017-17969 Solaris P7ZIP None No 7.8 Local Low None Required Un
changed
High High High 11.3, 10 See
Note 1
CVE-2018-10115 Solaris P7ZIP None No 7.8 Local Low None Required Un
changed
High High High 11.3  
CVE-2017-17969 Solaris P7ZIP None No 7.8 Local Low None Required Un
changed
High High High 11.3  
CVE-2018-12020 Solaris GnuPG Multiple Yes 7.5 Network Low None None Un
changed
None High None 11.3  
CVE-2018-12364 Solaris Firefox Multiple Yes 7.5 Network High None Required Un
changed
High High High 11.3 See
Note 3
CVE-2017-12613 Solaris Apache HTTP server Multiple Yes 7.4 Network High None None Un
changed
High None High 11.3, 10  
CVE-2017-7418 Solaris ProFTPD None No 5.5 Local Low Low None Un
changed
None High None 11.3  

 

Notes:

  1. This fix also addresses CVE-2018-5996.
  2. This fix also addresses CVE-2018-11233 CVE-2018-11235.
  3. This fix also addresses CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12365 CVE-2018-12366 CVE-2018-12368 CVE-2018-5156 CVE-2018-5188.
  4. This fix also addresses CVE-2016-9445 CVE-2016-9446 CVE-2016-9447 CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9807 CVE-2016-9808 CVE-2016-9809 CVE-2016-9810 CVE-2016-9812 CVE-2016-9813.
  5. This fix also addresses CVE-2016-10199 CVE-2017-5838 CVE-2017-5839 CVE-2017-5840 CVE-2017-5841 CVE-2017-5842 CVE-2017-5844 CVE-2017-5845.
  6. This fix also addresses CVE-2016-2105 CVE-2016-2106 CVE-2016-2177 CVE-2016-2178 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-3424 CVE-2016-3440 CVE-2016-3452 CVE-2016-3459 CVE-2016-3486 CVE-2016-3492 CVE-2016-3495 CVE-2016-3501 CVE-2016-3518 CVE-2016-3588 CVE-2016-3614 CVE-2016-3615 CVE-2016-5436 CVE-2016-5437 CVE-2016-5439 CVE-2016-5440 CVE-2016-5441 CVE-2016-5442 CVE-2016-5443 CVE-2016-5444 CVE-2016-5507 CVE-2016-5584 CVE-2016-5609 CVE-2016-5612 CVE-2016-5624 CVE-2016-5625 CVE-2016-5626 CVE-2016-5627 CVE-2016-5628 CVE-2016-5629 CVE-2016-5630 CVE-2016-5631 CVE-2016-5632 CVE-2016-5633 CVE-2016-5634 CVE-2016-5635 CVE-2016-6302 CVE-2016-6303 CVE-2016-6306 CVE-2016-7440 CVE-2016-8283 CVE-2016-8284 CVE-2016-8286 CVE-2016-8287 CVE-2016-8288 CVE-2016-8289 CVE-2016-8290 CVE-2017-10155 CVE-2017-10165 CVE-2017-10167 CVE-2017-10227 CVE-2017-10268 CVE-2017-10276 CVE-2017-10279 CVE-2017-10283 CVE-2017-10284 CVE-2017-10286 CVE-2017-10294 CVE-2017-10296 CVE-2017-10311 CVE-2017-10313 CVE-2017-10314 CVE-2017-10320 CVE-2017-10365 CVE-2017-10379 CVE-2017-10384 CVE-2017-3308 CVE-2017-3309 CVE-2017-3329 CVE-2017-3331 CVE-2017-3450 CVE-2017-3453 CVE-2017-3454 CVE-2017-3455 CVE-2017-3456 CVE-2017-3457 CVE-2017-3458 CVE-2017-3459 CVE-2017-3460 CVE-2017-3461 CVE-2017-3462 CVE-2017-3463 CVE-2017-3464 CVE-2017-3465 CVE-2017-3467 CVE-2017-3468 CVE-2017-3529 CVE-2017-3599 CVE-2017-3600 CVE-2017-3633 CVE-2017-3634 CVE-2017-3635 CVE-2017-3637 CVE-2017-3638 CVE-2017-3639 CVE-2017-3640 CVE-2017-3641 CVE-2017-3642 CVE-2017-3643 CVE-2017-3644 CVE-2017-3645 CVE-2017-3647 CVE-2017-3648 CVE-2017-3649 CVE-2017-3650 CVE-2017-3651 CVE-2017-3652 CVE-2017-3653 CVE-2017-3731 CVE-2017-3732 CVE-2017-3737 CVE-2018-2562 CVE-2018-2565 CVE-2018-2573 CVE-2018-2576 CVE-2018-2583 CVE-2018-2586 CVE-2018-2590 CVE-2018-2591 CVE-2018-2600 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2645 CVE-2018-2646 CVE-2018-2647 CVE-2018-2665 CVE-2018-2667 CVE-2018-2668 CVE-2018-2696 CVE-2018-2703 CVE-2018-2755 CVE-2018-2758 CVE-2018-2759 CVE-2018-2761 CVE-2018-2762 CVE-2018-2766 CVE-2018-2769 CVE-2018-2771 CVE-2018-2773 CVE-2018-2775 CVE-2018-2776 CVE-2018-2777 CVE-2018-2778 CVE-2018-2779 CVE-2018-2780 CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2786 CVE-2018-2787 CVE-2018-2810 CVE-2018-2812 CVE-2018-2813 CVE-2018-2816 CVE-2018-2817 CVE-2018-2818 CVE-2018-2819 CVE-2018-2839 CVE-2018-2846.
  7. This fix also addresses CVE-2017-13739 CVE-2017-13740 CVE-2017-13741 CVE-2017-13742 CVE-2017-13743 CVE-2017-13744.
  8. This fix also addresses CVE-2017-3137.
  9. This fix also addresses CVE-2017-11333 CVE-2018-5146.
  10. This fix also addresses CVE-2018-10393.
  11. This fix also addresses CVE-2018-1336 CVE-2018-8034 CVE-2018-8037.
  12. This fix also addresses CVE-2017-10155 CVE-2017-10165 CVE-2017-10167 CVE-2017-10227 CVE-2017-10268 CVE-2017-10276 CVE-2017-10279 CVE-2017-10283 CVE-2017-10284 CVE-2017-10286 CVE-2017-10294 CVE-2017-10296 CVE-2017-10311 CVE-2017-10313 CVE-2017-10314 CVE-2017-10320 CVE-2017-10365 CVE-2017-10379 CVE-2017-10384 CVE-2017-3329 CVE-2017-3331 CVE-2017-3453 CVE-2017-3454 CVE-2017-3455 CVE-2017-3456 CVE-2017-3457 CVE-2017-3458 CVE-2017-3459 CVE-2017-3460 CVE-2017-3461 CVE-2017-3462 CVE-2017-3463 CVE-2017-3464 CVE-2017-3465 CVE-2017-3467 CVE-2017-3468 CVE-2017-3529 CVE-2017-3633 CVE-2017-3634 CVE-2017-3635 CVE-2017-3637 CVE-2017-3638 CVE-2017-3639 CVE-2017-3640 CVE-2017-3641 CVE-2017-3642 CVE-2017-3643 CVE-2017-3644 CVE-2017-3645 CVE-2017-3647 CVE-2017-3648 CVE-2017-3649 CVE-2017-3650 CVE-2017-3651 CVE-2017-3652 CVE-2017-3653 CVE-2017-3731 CVE-2017-3732 CVE-2017-3737 CVE-2017-3738 CVE-2018-0739 CVE-2018-2562 CVE-2018-2565 CVE-2018-2573 CVE-2018-2576 CVE-2018-2583 CVE-2018-2586 CVE-2018-2590 CVE-2018-2591 CVE-2018-2600 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2645 CVE-2018-2646 CVE-2018-2647 CVE-2018-2665 CVE-2018-2667 CVE-2018-2668 CVE-2018-2696 CVE-2018-2703 CVE-2018-2755 CVE-2018-2758 CVE-2018-2759 CVE-2018-2761 CVE-2018-2762 CVE-2018-2766 CVE-2018-2767 CVE-2018-2769 CVE-2018-2771 CVE-2018-2773 CVE-2018-2775 CVE-2018-2776 CVE-2018-2777 CVE-2018-2778 CVE-2018-2779 CVE-2018-2780 CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2786 CVE-2018-2787 CVE-2018-2810 CVE-2018-2812 CVE-2018-2813 CVE-2018-2816 CVE-2018-2817 CVE-2018-2818 CVE-2018-2819 CVE-2018-2839 CVE-2018-2846 CVE-2018-3054 CVE-2018-3056 CVE-2018-3058 CVE-2018-3060 CVE-2018-3061 CVE-2018-3062 CVE-2018-3064 CVE-2018-3065 CVE-2018-3066 CVE-2018-3070 CVE-2018-3071 CVE-2018-3077 CVE-2018-3081.
  13. This fix also addresses CVE-2018-10963.
  14. This fix also addresses CVE-2018-14339 CVE-2018-14340 CVE-2018-14342 CVE-2018-14343 CVE-2018-14344 CVE-2018-14367 CVE-2018-14368 CVE-2018-14369.
  15. This fix also addresses CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12365 CVE-2018-12366 CVE-2018-12368 CVE-2018-12372 CVE-2018-12373 CVE-2018-12374 CVE-2018-5188.
  16. This fix also addresses CVE-2017-11462 CVE-2017-15088 CVE-2018-5710 CVE-2018-5729 CVE-2018-5730.
  17. This fix also addresses CVE-2001-1593 CVE-2014-0466.
  18. This fix also addresses CVE-2017-14040 CVE-2017-14041 CVE-2017-14151 CVE-2017-14152 CVE-2017-14164.
  19. This fix also addresses CVE-2016-7978.
  20. This fix also addresses CVE-2015-8915 CVE-2015-8916 CVE-2015-8917 CVE-2015-8918 CVE-2015-8919 CVE-2015-8920 CVE-2015-8921 CVE-2015-8922 CVE-2015-8923 CVE-2015-8924 CVE-2015-8925 CVE-2015-8926 CVE-2015-8927 CVE-2015-8928 CVE-2015-8929 CVE-2015-8930 CVE-2015-8931 CVE-2015-8932 CVE-2015-8933 CVE-2015-8934.
  21. This fix also addresses CVE-2017-5336 CVE-2017-5337.
  22. This fix also addresses CVE-2016-7045.
  23. This fix also addresses CVE-2017-5429 CVE-2017-5430 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5448 CVE-2017-5449 CVE-2017-5451 CVE-2017-5454 CVE-2017-5455 CVE-2017-5456 CVE-2017-5459 CVE-2017-5460 CVE-2017-5461 CVE-2017-5462 CVE-2017-5464 CVE-2017-5465 CVE-2017-5466 CVE-2017-5467 CVE-2017-5468 CVE-2017-5469.
  24. This fix also addresses CVE-2016-10505 CVE-2016-10506 CVE-2016-10507.
  25. This fix also addresses CVE-2017-9083 CVE-2017-9406 CVE-2017-9408.
  26. This fix also addresses CVE-2016-7958.
  27. This fix also addresses CVE-2015-4513 CVE-2016-1930 CVE-2016-2805 CVE-2016-2807 CVE-2016-2808.
  28. This fix also addresses CVE-2017-5429 CVE-2017-5430 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5449 CVE-2017-5451 CVE-2017-5454 CVE-2017-5459 CVE-2017-5460 CVE-2017-5461 CVE-2017-5462 CVE-2017-5464 CVE-2017-5465 CVE-2017-5466 CVE-2017-5467 CVE-2017-5469.
  29. This fix also addresses CVE-2016-7977.
  30. This fix also addresses CVE-2016-1923.
  31. This fix also addresses CVE-2017-3137 CVE-2017-3138.
  32. This fix also addresses CVE-2017-3136 CVE-2017-3137.
  33. This fix also addresses CVE-2017-9111 CVE-2017-9112 CVE-2017-9113 CVE-2017-9114 CVE-2017-9115 CVE-2017-9116.
  34. This fix also addresses CVE-2018-1000027.
  35. This fix also addresses CVE-2017-1000382 CVE-2017-11109.
  36. This fix also addresses CVE-2017-13884 CVE-2017-13885 CVE-2017-5715 CVE-2017-7153 CVE-2017-7160 CVE-2017-7161 CVE-2017-7165 CVE-2018-4088 CVE-2018-4089 CVE-2018-4096.
  37. This fix also addresses CVE-2012-6708 CVE-2015-9251.
  38. This fix also addresses CVE-2018-1333.