|
Advisory |
Indicates if the vulnerability report was based on a 3rd party advisory organization's report. Note that vendor advisories are *not* included in this category.
|
| Category |
Establishes the type of software or equipment that is vulnerable. Example categories are "Web Server" and "Mail Server". The category is displayed near the top of the SecurityTracker Archive page. Just after the category you will find the "target", which indicates the name of the vulnerable object (e.g., software, hardware).
|
| Cause |
Describes the general type of cause for this vulnerability. We have established several categories of causes. For detailed information about the cause, read the full report.
|
CVE
Reference |
Lists the number(s) assigned by the Common Vulnerabilities and Exposures (CVE) project, when available. For more information on CVE, see http://cve.mitre.org/.
|
| Exploit Included |
Indicates that exploit or vulnerability demonstration code is contained in the original report, or that the report provides a description that sufficiently describes an exploit method (even if no code is included).
|
| Fix Available |
Notifies that a fix, patch, or workaround has been posted.
|
| Impact |
Indicates the effect of the vulnerability. There are several categories of impact, such as "root access via network". The impact statement will usually indicate if the vulnerability is a locally or remotely expoited one.
|
| Reported By |
Lists the e-mail address of the person who submitted the vulnerability report. This name may not always be the person(s) who discovered the vulnerability. Credit for vulnerability discovery is usually listed within the full report.
|
| Solution |
Summarizes the solution, if one is available at the time. Many vulnerabilities are initially reported without solutions but later updated with a vendor solution. So, keep checking back for updates.
|
| Vendor Confirmed |
Indicates if the report contains a vendor confirmation. Because of the rapidly changing nature of vulnerability reporting, make sure that you check for recent updates.
|
| Vendors |
Lists the vendors whose products are potentially affected by the vunerability report.
|
| Vendor URL |
Provides the vendor's URL. This may be a specific URL for the vendor's advisory, or it may be a generic URL for the vendor.
|
| Versions |
Indicates the version numbers of the affected products. Version numbers may not always be listed, even though version numbers are usually contained in the original source report.
|
