NVD脆弱性詳細

CVE-2014-0098

概要	The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.
公表日	2014年3月18日14:18
登録日	2021年1月26日15:04
最終更新日	2024年11月21日11:01

CVSS2.0 : MEDIUM
スコア	5.0
ベクター	AV:N/AC:L/Au:N/C:N/I:N/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	低
全ての特権を取得	いいえ
ユーザー権限を取得	いいえ
その他の権限を取得	いいえ
ユーザー操作が必要	いいえ

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:apache:http_server::::::::	2.2.0			2.2.27
cpe:2.3:a:apache:http_server::::::::	2.4.1			2.4.9

構成2	以上	以下	より上	未満
cpe:2.3:a:oracle:secure_global_desktop:4.71:::::::*
cpe:2.3:a:oracle:http_server:12.1.3.0:::::::*
cpe:2.3:a:oracle:secure_global_desktop:4.63:::::::*
cpe:2.3:a:oracle:http_server:12.1.2.0:::::::*
cpe:2.3:a:oracle:http_server:11.1.1.7.0:::::::*
cpe:2.3:a:oracle:http_server:10.1.3.5.0:::::::*
cpe:2.3:a:oracle:secure_global_desktop:5.0:::::::*
cpe:2.3:a:oracle:secure_global_desktop:5.1:::::::*

構成3	以上	以下	より上	未満
cpe:2.3:o:canonical:ubuntu_linux:13.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::

関連情報、対策とツール

No	URL	タグ
1	http://advisories.mageia.org/MGASA-2014-0135.html	Third Party Advisory
2	http://advisories.mageia.org/MGASA-2014-0135.html	Third Party Advisory
3	http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html	Broken Link
4	http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html	Broken Link
5	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698	Third Party Advisory
6	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698	Third Party Advisory
7	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html	Broken Link Mailing List
8	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html	Broken Link Mailing List
9	http://marc.info/?l=bugtraq&m=141017844705317&w=2	Issue Tracking Mailing List Third Party Advisory
10	http://marc.info/?l=bugtraq&m=141017844705317&w=2	Issue Tracking Mailing List Third Party Advisory
11	http://marc.info/?l=bugtraq&m=141017844705317&w=2	Issue Tracking Mailing List Third Party Advisory
12	http://marc.info/?l=bugtraq&m=141017844705317&w=2	Issue Tracking Mailing List Third Party Advisory
13	http://marc.info/?l=bugtraq&m=141390017113542&w=2	Issue Tracking Mailing List Third Party Advisory
14	http://marc.info/?l=bugtraq&m=141390017113542&w=2	Issue Tracking Mailing List Third Party Advisory
15	http://seclists.org/fulldisclosure/2014/Dec/23	Mailing List Third Party Advisory
16	http://seclists.org/fulldisclosure/2014/Dec/23	Mailing List Third Party Advisory
17	http://secunia.com/advisories/58230	Not Applicable
18	http://secunia.com/advisories/58230	Not Applicable
19	http://secunia.com/advisories/58915	Not Applicable
20	http://secunia.com/advisories/58915	Not Applicable
21	http://secunia.com/advisories/59219	Not Applicable
22	http://secunia.com/advisories/59219	Not Applicable
23	http://secunia.com/advisories/59315	Not Applicable
24	http://secunia.com/advisories/59315	Not Applicable
25	http://secunia.com/advisories/59345	Not Applicable
26	http://secunia.com/advisories/59345	Not Applicable
27	http://secunia.com/advisories/60536	Not Applicable
28	http://secunia.com/advisories/60536	Not Applicable
29	http://security.gentoo.org/glsa/glsa-201408-12.xml	Third Party Advisory
30	http://security.gentoo.org/glsa/glsa-201408-12.xml	Third Party Advisory
31	http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15320.html	Third Party Advisory
32	http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15320.html	Third Party Advisory
33	http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES	Vendor Advisory
34	http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES	Vendor Advisory
35	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c	Vendor Advisory
36	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c	Vendor Advisory
37	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c?r1=1575394&r2=1575400&diff_format=h	Patch Vendor Advisory
38	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c?r1=1575394&r2=1575400&diff_format=h	Patch Vendor Advisory
39	http://www.apache.org/dist/httpd/CHANGES_2.4.9	Broken Link
40	http://www.apache.org/dist/httpd/CHANGES_2.4.9	Broken Link
41	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	Third Party Advisory
42	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	Third Party Advisory
43	http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	Third Party Advisory
44	http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	Third Party Advisory
45	http://www.securityfocus.com/archive/1/534161/100/0/threaded	Third Party Advisory VDB Entry
46	http://www.securityfocus.com/archive/1/534161/100/0/threaded	Third Party Advisory VDB Entry
47	http://www.securityfocus.com/bid/66303	Third Party Advisory VDB Entry
48	http://www.securityfocus.com/bid/66303	Third Party Advisory VDB Entry
49	http://www.ubuntu.com/usn/USN-2152-1	Third Party Advisory
50	http://www.ubuntu.com/usn/USN-2152-1	Third Party Advisory
51	http://www.vmware.com/security/advisories/VMSA-2014-0012.html	Third Party Advisory
52	http://www.vmware.com/security/advisories/VMSA-2014-0012.html	Third Party Advisory
53	http://www-01.ibm.com/support/docview.wss?uid=swg21668973	Third Party Advisory
54	http://www-01.ibm.com/support/docview.wss?uid=swg21668973	Third Party Advisory
55	http://www-01.ibm.com/support/docview.wss?uid=swg21676091	Third Party Advisory
56	http://www-01.ibm.com/support/docview.wss?uid=swg21676091	Third Party Advisory
57	http://www-01.ibm.com/support/docview.wss?uid=swg21676092	Third Party Advisory
58	http://www-01.ibm.com/support/docview.wss?uid=swg21676092	Third Party Advisory
59	https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in1	Third Party Advisory
60	https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in1	Third Party Advisory
61	https://httpd.apache.org/security/vulnerabilities_24.html	Vendor Advisory
62	https://httpd.apache.org/security/vulnerabilities_24.html	Vendor Advisory
63	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
64	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
65	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
66	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
67	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
68	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
69	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
70	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
71	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
72	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
73	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
74	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
75	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
76	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
77	https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
78	https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
79	https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
80	https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
81	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
82	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
83	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
84	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
85	https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
86	https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
87	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
88	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
89	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
90	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
91	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
92	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
93	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
94	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
95	https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
96	https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
97	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
98	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
99	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
100	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
101	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
102	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
103	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
104	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
105	https://puppet.com/security/cve/cve-2014-0098	Third Party Advisory
106	https://puppet.com/security/cve/cve-2014-0098	Third Party Advisory
107	https://support.apple.com/HT204659	Third Party Advisory
108	https://support.apple.com/HT204659	Third Party Advisory
109	https://support.apple.com/kb/HT6535	Third Party Advisory
110	https://support.apple.com/kb/HT6535	Third Party Advisory

共通脆弱性一覧

JVN脆弱性情報

Apache HTTP Server の mod_log_config モジュールの mod_log_config.c におけるサービス運用妨害 (DoS) の脆弱性

タイトル	Apache HTTP Server の mod_log_config モジュールの mod_log_config.c におけるサービス運用妨害 (DoS) の脆弱性
概要	Apache HTTP Server の mod_log_config モジュールの mod_log_config.c 内の log_cookie 関数には、サービス運用妨害 (セグメンテーション違反およびデーモンクラッシュ) 状態にされる脆弱性が存在します。
想定される影響	第三者により、切り捨て時に適切に処理されない巧妙に細工された Cookie を介して、サービス運用妨害 (セグメンテーション違反およびデーモンクラッシュ) 状態にされる可能性があります。
対策	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
公表日	2014年3月7日0:00
登録日	2014年3月19日14:34
最終更新日	2015年12月2日15:15

影響を受けるシステム

Apache Software Foundation

Apache HTTP Server 2.4.8 未満

オラクル

Oracle HTTP Server 10.1.3.5.0

Oracle HTTP Server 11.1.1.7.0

Oracle HTTP Server 12.1.2.0

Oracle HTTP Server 12.1.3.0

Oracle Virtualization の Oracle Secure Global Desktop 4.63

Oracle Virtualization の Oracle Secure Global Desktop 4.71

Oracle Virtualization の Oracle Secure Global Desktop 5.0

Oracle Virtualization の Oracle Secure Global Desktop 5.1

IBM

Rational Build Forge 7.1.1.0 から 7.1.1.4

Rational Build Forge 7.1.2.0 から 7.1.2.3

Rational Build Forge 7.1.3.0 から 7.1.3.5 iFix1

Rational Build Forge 8.0.0.0 から 8.0.0.1

アップル

Apple Mac OS X 10.10 から 10.10.2 (HT204659)

Apple Mac OS X 10.10 未満 (HT6535)

Apple Mac OS X 10.8.5 (HT204659)

Apple Mac OS X 10.9.5 (HT204659)

CVE (情報セキュリティ共通脆弱性識別子)

No	名前	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2014-0098	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098
National Vulnerability Database (NVD)
2	CVE-2014-0098	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0098

CWE (共通脆弱性タイプ一覧)

No	名前	URL
JVNDB
1	CWE-20	https://jvndb.jvn.jp/ja/cwe/CWE-20.html

ベンダー情報

No	名前	URL
Apache-SVN
1	Diff of /httpd/httpd/trunk/modules/loggers/mod_log_config.c	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c?r1=1575394&r2=1575400&diff_format=h
2	Log of /httpd/httpd/trunk/modules/loggers/mod_log_config.c	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c
Apple Mailing Lists
3	APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
Apple Security Updates
4	HT204659	https://support.apple.com/en-us/HT204659
5	HT6535	http://support.apple.com/kb/HT6535
Apple セキュリティアップデート
6	HT204659	http://support.apple.com/ja-jp/HT204659
7	HT6535	http://support.apple.com/kb/HT6535?viewlocale=ja_JP
Changes with Apache
8	Apache 2.4.9	http://www.apache.org/dist/httpd/CHANGES_2.4.9
HP Security Bulletin
9	HPSBUX03150 SSRT101681	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c04483248
IBM Support Document
10	1668973	http://www-01.ibm.com/support/docview.wss?uid=swg21668973
11	1676091	http://www-01.ibm.com/support/docview.wss?uid=swg21676091
12	1676092	http://www-01.ibm.com/support/docview.wss?uid=swg21676092
Oracle Critical Patch Update
13	Oracle Critical Patch Update Advisory - January 2015	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
14	Oracle Critical Patch Update Advisory - July 2014	http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
15	Text Form of Oracle Critical Patch Update - January 2015 Risk Matrices	http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html
16	Text Form of Oracle Critical Patch Update - July 2014 Risk Matrices	http://www.oracle.com/technetwork/topics/security/cpujul2014verbose-1972958.html
SECURITY BLOG
17	January 2015 Critical Patch Update Released	https://blogs.oracle.com/security/entry/january_2015_critical_patch_update
18	July 2014 Critical Patch Update Released	https://blogs.oracle.com/security/entry/july_2014_critical_patch_update
19	Multiple Input Validation vulnerabilities in Apache HTTP Server	https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in1
Security Bulletin
20	JSA10698	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698&actp=search
Turbolinux Security Advisory
21	TLSA-2014-5	http://www.turbolinux.co.jp/security/2014/TLSA-2014-5j.html
VMware Security Advisories
22	VMSA-2014-0012	http://www.vmware.com/security/advisories/VMSA-2014-0012.html

その他

No	名前	URL
JVN
1	JVNVU#91828320	http://jvn.jp/vu/JVNVU91828320/index.html
2	JVNVU#97537282	http://jvn.jp/vu/JVNVU97537282/index.html
関連文書
3	APPLE-SA-2014-10-16-1 OS X Yosemite v10.10	http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html
4	MGASA-2014-0135	http://advisories.mageia.org/MGASA-2014-0135.html

変更履歴

No	変更内容	変更日
0	[2014年03月19日] 掲載 [2014年06月02日] ベンダ情報：オラクル (Multiple Input Validation vulnerabilities in Apache HTTP Server) を追加 [2014年07月18日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：オラクル (Oracle Critical Patch Update Advisory - July 2014) を追加ベンダ情報：オラクル (Text Form of Oracle Critical Patch Update - July 2014 Risk Matrices) を追加ベンダ情報：オラクル (July 2014 Critical Patch Update Released) を追加 [2014年08月05日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：IBM (1668973) を追加 [2014年08月12日] ベンダ情報：ターボリナックス (TLSA-2014-5) を追加 [2014年11月05日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：アップル (HT6535) を追加参考情報：JVN (JVNVU#97537282) を追加参考情報：関連文書 (APPLE-SA-2014-10-16-1 OS X Yosemite v10.10) を追加 [2014年12月08日] ベンダ情報：ヒューレット・パッカード (HPSBUX03150 SSRT101681) を追加 [2015年01月22日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：オラクル (Oracle Critical Patch Update Advisory - January 2015) を追加ベンダ情報：オラクル (Text Form of Oracle Critical Patch Update - January 2015 Risk Matrices) を追加ベンダ情報：オラクル (January 2015 Critical Patch Update Released) を追加 [2015年04月10日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：アップル (HT204659) を追加ベンダ情報：アップル (APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004) を追加参考情報：JVN (JVNVU#91828320) を追加 [2015年05月11日] ベンダ情報：VMware (VMSA-2014-0012) を追加参考情報：関連文書 (MGASA-2014-0135) を追加 [2015年06月26日] ベンダ情報：IBM (1676091) を追加ベンダ情報：IBM (1676092) を追加 [2015年12月02日] ベンダ情報：ジュニパーネットワークス (JSA10698) を追加	2018年2月17日10:37

構成2	以上	以下	より上	未満
cpe:2.3:a:oracle:secure_global_desktop:4.71:::::::*
cpe:2.3:a:oracle:http_server:12.1.3.0:::::::*
cpe:2.3:a:oracle:secure_global_desktop:4.63:::::::*
cpe:2.3:a:oracle:http_server:12.1.2.0:::::::*
cpe:2.3:a:oracle:http_server:11.1.1.7.0:::::::*
cpe:2.3:a:oracle:http_server:10.1.3.5.0:::::::*
cpe:2.3:a:oracle:secure_global_desktop:5.0:::::::*
cpe:2.3:a:oracle:secure_global_desktop:5.1:::::::*