Executive Summary
Summary | |
---|---|
Title | java-1.5.0-ibm security update |
Informations | |||
---|---|---|---|
Name | RHSA-2013:0624 | First vendor Publication | 2013-03-11 |
Vendor | RedHat | Last vendor Modification | 2013-03-11 |
Severity (Vendor) | Critical | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2013-0409, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0440, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0450, CVE-2013-0809, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481, CVE-2013-1486, CVE-2013-1493) All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM J2SE 5.0 SR16 release. All running instances of IBM Java must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 859140 - CVE-2013-0440 OpenJDK: CPU consumption DoS via repeated SSL ClientHello packets (JSSE, 7192393) 906813 - CVE-2013-0424 OpenJDK: RMI CGIHandler XSS issue (RMI, 6563318) 906894 - CVE-2013-1478 OpenJDK: image parser insufficient raster parameter checks (2D, 8001972) 906899 - CVE-2013-0442 OpenJDK: insufficient privilege checking issue (AWT, 7192977) 906900 - CVE-2013-0445 OpenJDK: insufficient privilege checking issue (AWT, 8001057) 906904 - CVE-2013-1480 OpenJDK: image parser insufficient raster parameter checks (AWT, 8002325) 906911 - CVE-2013-0450 OpenJDK: RequiredModelMBean missing access control context checks (JMX, 8000537) 907207 - CVE-2013-0428 OpenJDK: reflection API incorrect checks for proxy classes (Libraries, 7197546, SE-2012-01 Issue 29) 907219 - CVE-2013-0432 OpenJDK: insufficient clipboard access premission checks (AWT, 7186952) 907224 - CVE-2013-1481 Oracle JDK: unspecified vulnerability fixed in 6u39 (Sound) 907226 - CVE-2013-0409 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (JMX) 907340 - CVE-2013-0443 OpenJDK: insufficient Diffie-Hellman public key checks (JSSE, 7192392) 907344 - CVE-2013-0425 OpenJDK: logging insufficient access control checks (Libraries, 6664509) 907346 - CVE-2013-0426 OpenJDK: logging insufficient access control checks (Libraries, 6664528) 907453 - CVE-2013-0434 OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235) 907455 - CVE-2013-0427 OpenJDK: invalid threads subject to interrupts (Libraries, 6776941) 907456 - CVE-2013-0433 OpenJDK: InetSocketAddress serialization issue (Networking, 7201071) 907457 - CVE-2013-1476 OpenJDK: missing ValueHandlerImpl class constructor access restriction (CORBA, 8000631) 913014 - CVE-2013-1486 OpenJDK: MBeanServer insufficient privilege restrictions (JMX, 8006446) 917550 - CVE-2013-0809 OpenJDK: Specially crafted sample model integer overflow (2D, 8007014) 917553 - CVE-2013-1493 OpenJDK: CMM malformed raster memory corruption (2D, 8007675) |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2013-0624.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15733 | |||
Oval ID: | oval:org.mitre.oval:def:15733 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: 2D) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" that can trigger an integer overflow and memory corruption. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" that can trigger an integer overflow and memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1478 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15832 | |||
Oval ID: | oval:org.mitre.oval:def:15832 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: JSSE) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect validation of Diffie-Hellman keys, which allows remote attackers to conduct a "small subgroup attack" to force the use of weak session keys or obtain sensitive information about the private key. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect validation of Diffie-Hellman keys, which allows remote attackers to conduct a "small subgroup attack" to force the use of weak session keys or obtain sensitive information about the private key. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0443 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15888 | |||
Oval ID: | oval:org.mitre.oval:def:15888 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Libraries) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0428. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0428. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0426 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16013 | |||
Oval ID: | oval:org.mitre.oval:def:16013 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Libraries) 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, allows remote attackers to affect integrity via unknown vectors related to Libraries. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to interrupt certain threads that should not be interrupted. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Libraries. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to interrupt certain threads that should not be interrupted. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0427 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16035 | |||
Oval ID: | oval:org.mitre.oval:def:16035 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: AWT) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0442 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16045 | |||
Oval ID: | oval:org.mitre.oval:def:16045 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: AWT) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1480 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16058 | |||
Oval ID: | oval:org.mitre.oval:def:16058 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Libraries) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0428 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0428 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0425 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16430 | |||
Oval ID: | oval:org.mitre.oval:def:16430 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Sound) 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1481 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16496 | |||
Oval ID: | oval:org.mitre.oval:def:16496 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Libraries) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect checks for proxy classes" in the Reflection API. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect checks for proxy classes" in the Reflection API. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0428 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16519 | |||
Oval ID: | oval:org.mitre.oval:def:16519 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: RMI) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect integrity via vectors related to RMI. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to cross-site scripting (XSS) in the sun.rmi.transport.proxy CGIHandler class that does not properly handle error messages in a (1) command or (2) port number. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to RMI. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to cross-site scripting (XSS) in the sun.rmi.transport.proxy CGIHandler class that does not properly handle error messages in a (1) command or (2) port number. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0424 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16528 | |||
Oval ID: | oval:org.mitre.oval:def:16528 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: JAXP) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the public declaration of the loadPropertyFile method in the JAXP FuncSystemProperty class, which allows remote attackers to obtain sensitive information. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the public declaration of the loadPropertyFile method in the JAXP FuncSystemProperty class, which allows remote attackers to obtain sensitive information. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0434 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16530 | |||
Oval ID: | oval:org.mitre.oval:def:16530 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: JMX) 7 through Update 11, 6 through Update 38, and 5.0 through Update 38 allows remote attackers to affect confidentiality via vectors related to JMX. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38 allows remote attackers to affect confidentiality via vectors related to JMX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0409 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16537 | |||
Oval ID: | oval:org.mitre.oval:def:16537 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Networking) 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, allows remote attackers to affect integrity via unknown vectors related to Networking. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to avoid triggering an exception during the deserialization of invalid InetSocketAddress data. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Networking. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to avoid triggering an exception during the deserialization of invalid InetSocketAddress data. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0433 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16550 | |||
Oval ID: | oval:org.mitre.oval:def:16550 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: JMX) 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper checks of "access control context" in the JMX RequiredModelMBean class. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper checks of "access control context" in the JMX RequiredModelMBean class. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0450 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16558 | |||
Oval ID: | oval:org.mitre.oval:def:16558 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: JSSE) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect availability via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to CPU consumption in the the SSL/TLS implementation via a large number of ClientHello packets that are not properly handled by (1) ClientHandshaker.java and (2) ServerHandshaker.java. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect availability via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to CPU consumption in the the SSL/TLS implementation via a large number of ClientHello packets that are not properly handled by (1) ClientHandshaker.java and (2) ServerHandshaker.java. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0440 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16567 | |||
Oval ID: | oval:org.mitre.oval:def:16567 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: AWT) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality and integrity via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient clipboard access premission checks." | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient clipboard access premission checks." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0432 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16652 | |||
Oval ID: | oval:org.mitre.oval:def:16652 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: CORBA) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-0441 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via "certain value handler constructors." | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-0441 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via "certain value handler constructors." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1476 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16680 | |||
Oval ID: | oval:org.mitre.oval:def:16680 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: AWT) 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0445 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18247 | |||
Oval ID: | oval:org.mitre.oval:def:18247 | ||
Title: | USN-1755-2 -- openjdk-7 vulnerabilities | ||
Description: | OpenJDK could be made to crash or run programs as your login if it opened a specially crafted file. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1755-2 CVE-2013-0809 CVE-2013-1493 | Version: | 7 |
Platform(s): | Ubuntu 12.10 | Product(s): | openjdk-7 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19010 | |||
Oval ID: | oval:org.mitre.oval:def:19010 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect validation of Diffie-Hellman keys, which allows remote attackers to conduct a "small subgroup attack" to force the use of weak session keys or obtain sensitive information about the private key. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0443 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19114 | |||
Oval ID: | oval:org.mitre.oval:def:19114 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38 allows remote attackers to affect confidentiality via vectors related to JMX. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0409 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19131 | |||
Oval ID: | oval:org.mitre.oval:def:19131 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to RMI. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to cross-site scripting (XSS) in the sun.rmi.transport.proxy CGIHandler class that does not properly handle error messages in a (1) command or (2) port number. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0424 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19246 | |||
Oval ID: | oval:org.mitre.oval:def:19246 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-1493 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19261 | |||
Oval ID: | oval:org.mitre.oval:def:19261 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0428. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0426 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19285 | |||
Oval ID: | oval:org.mitre.oval:def:19285 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect availability via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to CPU consumption in the the SSL/TLS implementation via a large number of ClientHello packets that are not properly handled by (1) ClientHandshaker.java and (2) ServerHandshaker.java. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0440 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19304 | |||
Oval ID: | oval:org.mitre.oval:def:19304 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0445 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19320 | |||
Oval ID: | oval:org.mitre.oval:def:19320 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the 2D component in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-1493. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0809 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19363 | |||
Oval ID: | oval:org.mitre.oval:def:19363 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper checks of "access control context" in the JMX RequiredModelMBean class. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0450 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19382 | |||
Oval ID: | oval:org.mitre.oval:def:19382 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect validation of Diffie-Hellman keys, which allows remote attackers to conduct a "small subgroup attack" to force the use of weak session keys or obtain sensitive information about the private key. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0443 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19434 | |||
Oval ID: | oval:org.mitre.oval:def:19434 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0442 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19459 | |||
Oval ID: | oval:org.mitre.oval:def:19459 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Networking. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to avoid triggering an exception during the deserialization of invalid InetSocketAddress data. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0433 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19466 | |||
Oval ID: | oval:org.mitre.oval:def:19466 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-0441 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via "certain value handler constructors." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-1476 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19469 | |||
Oval ID: | oval:org.mitre.oval:def:19469 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-1486 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19480 | |||
Oval ID: | oval:org.mitre.oval:def:19480 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect checks for proxy classes" in the Reflection API. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0428 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19483 | |||
Oval ID: | oval:org.mitre.oval:def:19483 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0428 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0425 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19488 | |||
Oval ID: | oval:org.mitre.oval:def:19488 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Libraries. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to interrupt certain threads that should not be interrupted. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0427 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19489 | |||
Oval ID: | oval:org.mitre.oval:def:19489 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient clipboard access premission checks." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0432 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19504 | |||
Oval ID: | oval:org.mitre.oval:def:19504 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-1480 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19505 | |||
Oval ID: | oval:org.mitre.oval:def:19505 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the public declaration of the loadPropertyFile method in the JAXP FuncSystemProperty class, which allows remote attackers to obtain sensitive information. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0434 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19529 | |||
Oval ID: | oval:org.mitre.oval:def:19529 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" that can trigger an integer overflow and memory corruption. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-1478 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20157 | |||
Oval ID: | oval:org.mitre.oval:def:20157 | ||
Title: | RHSA-2013:0246: java-1.6.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0246-00 CESA-2013:0246 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0450 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 | Version: | 283 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20185 | |||
Oval ID: | oval:org.mitre.oval:def:20185 | ||
Title: | RHSA-2013:0601: java-1.6.0-sun security update (Critical) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0601-02 CVE-2013-0809 CVE-2013-1493 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | java-1.6.0-sun |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20333 | |||
Oval ID: | oval:org.mitre.oval:def:20333 | ||
Title: | RHSA-2013:0605: java-1.6.0-openjdk security update (Critical) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0605-02 CESA-2013:0605 CVE-2013-0809 CVE-2013-1493 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20575 | |||
Oval ID: | oval:org.mitre.oval:def:20575 | ||
Title: | RHSA-2013:0274: java-1.6.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0274-00 CESA-2013:0274 CVE-2013-0169 CVE-2013-1486 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20744 | |||
Oval ID: | oval:org.mitre.oval:def:20744 | ||
Title: | RHSA-2013:0602: java-1.7.0-openjdk security update (Critical) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0602-01 CESA-2013:0602 CVE-2013-0809 CVE-2013-1493 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20766 | |||
Oval ID: | oval:org.mitre.oval:def:20766 | ||
Title: | RHSA-2013:0273: java-1.6.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0273-01 CESA-2013:0273 CVE-2013-0169 CVE-2013-1486 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20775 | |||
Oval ID: | oval:org.mitre.oval:def:20775 | ||
Title: | RHSA-2013:0604: java-1.6.0-openjdk security update (Important) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0604-00 CESA-2013:0604 CVE-2013-0809 CVE-2013-1493 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20778 | |||
Oval ID: | oval:org.mitre.oval:def:20778 | ||
Title: | RHSA-2013:0275: java-1.7.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0275-01 CESA-2013:0275 CVE-2013-0169 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486 | Version: | 59 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20835 | |||
Oval ID: | oval:org.mitre.oval:def:20835 | ||
Title: | RHSA-2013:0245: java-1.6.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0245-02 CESA-2013:0245 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0450 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 | Version: | 283 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20870 | |||
Oval ID: | oval:org.mitre.oval:def:20870 | ||
Title: | RHSA-2013:0600: java-1.7.0-oracle security update (Critical) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0600-02 CVE-2013-0809 CVE-2013-1493 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | java-1.7.0-oracle |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20981 | |||
Oval ID: | oval:org.mitre.oval:def:20981 | ||
Title: | RHSA-2013:0247: java-1.7.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0247-01 CESA-2013:0247 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0431 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0444 CVE-2013-0445 CVE-2013-0450 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 | Version: | 311 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21156 | |||
Oval ID: | oval:org.mitre.oval:def:21156 | ||
Title: | RHSA-2013:0603: java-1.7.0-openjdk security update (Important) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0603-00 CESA-2013:0603 CVE-2013-0809 CVE-2013-1493 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22881 | |||
Oval ID: | oval:org.mitre.oval:def:22881 | ||
Title: | ELSA-2013:0246: java-1.6.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0246-00 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0450 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 | Version: | 85 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23009 | |||
Oval ID: | oval:org.mitre.oval:def:23009 | ||
Title: | ELSA-2013:0603: java-1.7.0-openjdk security update (Important) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0603-00 CVE-2013-0809 CVE-2013-1493 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23179 | |||
Oval ID: | oval:org.mitre.oval:def:23179 | ||
Title: | ELSA-2013:0602: java-1.7.0-openjdk security update (Critical) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0602-01 CVE-2013-0809 CVE-2013-1493 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23321 | |||
Oval ID: | oval:org.mitre.oval:def:23321 | ||
Title: | ELSA-2013:0274: java-1.6.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0274-00 CVE-2013-0169 CVE-2013-1486 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23436 | |||
Oval ID: | oval:org.mitre.oval:def:23436 | ||
Title: | ELSA-2013:0604: java-1.6.0-openjdk security update (Important) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0604-00 CVE-2013-0809 CVE-2013-1493 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23891 | |||
Oval ID: | oval:org.mitre.oval:def:23891 | ||
Title: | ELSA-2013:0273: java-1.6.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0273-01 CVE-2013-0169 CVE-2013-1486 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23933 | |||
Oval ID: | oval:org.mitre.oval:def:23933 | ||
Title: | ELSA-2013:0245: java-1.6.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0245-02 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0450 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 | Version: | 85 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23975 | |||
Oval ID: | oval:org.mitre.oval:def:23975 | ||
Title: | ELSA-2013:0601: java-1.6.0-sun security update (Critical) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0601-02 CVE-2013-0809 CVE-2013-1493 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-sun |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24070 | |||
Oval ID: | oval:org.mitre.oval:def:24070 | ||
Title: | ELSA-2013:0605: java-1.6.0-openjdk security update (Critical) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0605-02 CVE-2013-0809 CVE-2013-1493 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24072 | |||
Oval ID: | oval:org.mitre.oval:def:24072 | ||
Title: | ELSA-2013:0600: java-1.7.0-oracle security update (Critical) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0600-02 CVE-2013-0809 CVE-2013-1493 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-oracle |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24141 | |||
Oval ID: | oval:org.mitre.oval:def:24141 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1486 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25872 | |||
Oval ID: | oval:org.mitre.oval:def:25872 | ||
Title: | SUSE-SU-2013:0710-1 -- Security update for IBM Java | ||
Description: | IBM Java 1.4.2 has been updated to SR13 FP16 which fixes bugs and security issues. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:0710-1 CVE-2013-0485 CVE-2013-0809 CVE-2013-1493 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10 | Product(s): | IBM Java |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25934 | |||
Oval ID: | oval:org.mitre.oval:def:25934 | ||
Title: | SUSE-SU-2013:0434-1 -- Security update for Java | ||
Description: | This release of Icedtea6-1.12.4 fixes the following two issues that allowed a remote attacker to execute arbitrary code remotely by providing crafted images to the affected code. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:0434-1 CVE-2013-0809 CVE-2013-1493 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Desktop 11 | Product(s): | Java |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25940 | |||
Oval ID: | oval:org.mitre.oval:def:25940 | ||
Title: | SUSE-SU-2013:0440-2 -- Security update for Java | ||
Description: | IBM Java 1.4.2 has been updated to SR13-FP15 which fixes various critical security issues and bugs. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:0440-2 CVE-2013-1478 CVE-2013-1480 CVE-2013-1476 CVE-2013-0442 CVE-2013-0425 CVE-2013-0426 CVE-2013-0428 CVE-2013-1481 CVE-2013-0432 CVE-2013-0434 CVE-2013-0424 CVE-2013-0440 CVE-2013-0443 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10 | Product(s): | Java |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26128 | |||
Oval ID: | oval:org.mitre.oval:def:26128 | ||
Title: | SUSE-SU-2013:0315-1 -- Security update for Java 1.6.0 | ||
Description: | java-1_6_0-openjdk based on Icedtea6-1.12.2 was released, fixing various security issues. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:0315-1 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0429 CVE-2013-0432 CVE-2013-0443 CVE-2013-0440 CVE-2013-0442 CVE-2013-0428 CVE-2013-0441 CVE-2013-0435 CVE-2013-0433 CVE-2013-0450 CVE-2013-1475 CVE-2013-1476 CVE-2013-0434 CVE-2013-1478 CVE-2013-1480 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Desktop 11 | Product(s): | Java 1.6.0 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26262 | |||
Oval ID: | oval:org.mitre.oval:def:26262 | ||
Title: | SUSE-SU-2013:0440-3 -- Security update for Java | ||
Description: | IBM Java 1.4.2 has been updated to SR13-FP15 which fixes various critical security issues and bugs. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:0440-3 CVE-2013-1478 CVE-2013-1480 CVE-2013-1476 CVE-2013-0442 CVE-2013-0425 CVE-2013-0426 CVE-2013-0428 CVE-2013-1481 CVE-2013-0432 CVE-2013-0434 CVE-2013-0424 CVE-2013-0440 CVE-2013-0443 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10 | Product(s): | Java |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26692 | |||
Oval ID: | oval:org.mitre.oval:def:26692 | ||
Title: | DEPRECATED: ELSA-2013-0604 -- java-1.6.0-openjdk security update (important) | ||
Description: | [ 1:1.6.0.0-1.36.1.11.9.0.1.el5_9] - Add oracle-enterprise.patch [1:1.6.0.0-1.36.1.11.9] - Updated to icedtea6 1.11.9 - Resolves: rhbz#917176 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0604 CVE-2013-1493 CVE-2013-0809 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27328 | |||
Oval ID: | oval:org.mitre.oval:def:27328 | ||
Title: | DEPRECATED: ELSA-2013-0274 -- java-1.6.0-openjdk security update (important) | ||
Description: | [ 1:1.6.0.0-1.35.1.11.8.0.1.el5_9] - Add oracle-enterprise.patch [1:1.6.0.0-1.35.1.11.8] - Rebuild with updated source tarball - Resolves: rhbz#911522 [1:1.6.0.0-1.34.1.11.8] - Updated to icedtea6 1.11.8 - Removed patch9 7201064.patch - Removed patch10 8005615.patch - Removed not-applied patch 6664509.patch - Removed mauve as deadly outdated and run on QA - jtreg kept, useless, but valid - Rewritten java-1.6.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz#911522 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0274 CVE-2013-0169 CVE-2013-1486 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27509 | |||
Oval ID: | oval:org.mitre.oval:def:27509 | ||
Title: | DEPRECATED: ELSA-2013-0246 -- java-1.6.0-openjdk security update (important) | ||
Description: | [ 1:1.6.0.0-1.33.1.11.6.0.1.el5_9] - Add oracle-enterprise.patch [1:1.6.0.0-1.33.1.11.6] - removed patch9 revertTwoWrongSecurityPatches2013-02-06.patch - added patch9: 7201064.patch to be reverted - added patch10: 8005615.patch to fix the 6664509.patch - Resolves: rhbz#906705 [1:1.6.0.0-1.32.1.11.6] - added patch9 revertTwoWrongSecurityPatches2013-02-06.patch to remove 6664509 and 7201064 from 1.11.6 tarball - Resolves: rhbz#906705 [1:1.6.0.0-1.31.1.11.6] - Updated to icedtea6 1.11.6 - Rewritten java-1.6.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz#906705 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0246 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0450 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27569 | |||
Oval ID: | oval:org.mitre.oval:def:27569 | ||
Title: | DEPRECATED: ELSA-2013-0605 -- java-1.6.0-openjdk security update (critical) | ||
Description: | [1:1.6.0.0-1.57.1.11.9] - Updated to icedtea6 1.11.9 - Resolves: rhbz#917179 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0605 CVE-2013-1493 CVE-2013-0809 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27572 | |||
Oval ID: | oval:org.mitre.oval:def:27572 | ||
Title: | DEPRECATED: ELSA-2013-0603 -- java-1.7.0-openjdk security update (important) | ||
Description: | [1.7.0.9-2.3.8.0.0.1.el5_9] - Add oracle-enterprise.patch - Fix DISTRO_NAME to 'Enterprise Linux' [1.7.0.9-2.3.8.0.el5_9] - Updated to icedtea7-forest-2.3 - Resolves: rhbz#917181 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0603 CVE-2013-0809 CVE-2013-1493 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27578 | |||
Oval ID: | oval:org.mitre.oval:def:27578 | ||
Title: | DEPRECATED: ELSA-2013-0273 -- java-1.6.0-openjdk security update (critical) | ||
Description: | [1:1.6.0.0-1.56.1.11.8] - Rebuild with updated sources - Resolves: rhbz#911524 [1:1.6.0.0-1.55.1.11.8] - Updated to icedtea6 1.11.8 - Removed patch9 7201064.patch - Removed patch10 8005615.patch - Removed not-applied patch 6664509.patch - Removed mauve as deadly outdated and run on QA - jtreg kept, useless, but working - Resolves: rhbz#911524 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0273 CVE-2013-0169 CVE-2013-1486 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27593 | |||
Oval ID: | oval:org.mitre.oval:def:27593 | ||
Title: | DEPRECATED: ELSA-2013-0602 -- java-1.7.0-openjdk security update (critical) | ||
Description: | [1.7.0.9-2.3.8.0.0.1.el6_4] - Update DISTRO_NAME in specfile [1.7.0.9-2.3.8.0el6] - Revert to rhel 6.3 version of spec file - Revert to icedtea7 2.3.8 forest - Resolves: rhbz#917183 [1.7.0.11-2.4.0.pre5.el6] - Update to latest snapshot of icedtea7 2.4 forest - Resolves: rhbz#917183 [1.7.0.9-2.4.0.pre4.3.el6] - Updated to icedtea 2.4.0.pre4, - Rewritten (again) patch3 java-1.7.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz#911530 [1.7.0.9-2.4.0.pre3.3.el6] - Updated to icedtea 2.4.0.pre3, updated! - Rewritten patch3 java-1.7.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz#911530 [1.7.0.9-2.4.0.pre2.3.el6] - Removed testing - mauve was outdated and - jtreg was icedtea relict - Updated to icedtea 2.4.0.pre2, updated? - Added java -Xshare:dump to post (see 513605) fo jitarchs - Resolves: rhbz#911530 [1.7.0.11-2.4.0.2.el6] - Unapplied but kept (for 2.3revert) patch110, java-1.7.0-openjdk-nss-icedtea-e9c857dcb964.patch - Added and applied patch113: java-1.7.0-openjdk-aes-update_reset.patch - Added and applied patch114: java-1.7.0-openjdk-nss-tck.patch - Added and applied patch115: java-1.7.0-openjdk-nss-split_results.patch - NSS enabled by default - enable_nss set to 1 - rewritten patch109 - java-1.7.0-openjdk-nss-config-1.patch - rewritten patch111 - java-1.7.0-openjdk-nss-config-2.patch - Resolves: rhbz#831734 [1.7.0.11-2.4.0.1.el6] - Rewritten patch105: java-1.7.0-openjdk-disable-system-lcms.patch - Added jxmd and idlj to alternatives - make executed with DISABLE_INTREE_EC=true and UNLIMITED_CRYPTO=true - Unapplied patch302 and deleted systemtap.patch - buildver increased to 11 - icedtea_version set to 2.4.0 - Added and applied patch112 java-1.7.openjdk-doNotUseDisabledEcc.patch - removed tmp-patches source tarball - Added /lib/security/US_export_policy.jar and lib/security/local_policy.jar - Disabled nss - enable_nss set to 0 - Resolves: rhbz#895034 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0602 CVE-2013-0809 CVE-2013-1493 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27631 | |||
Oval ID: | oval:org.mitre.oval:def:27631 | ||
Title: | DEPRECATED: ELSA-2013-0245 -- java-1.6.0-openjdk security update (critical) | ||
Description: | [1:1.6.0.0-1.54.1.11.6] - removed patch8 revertTwoWrongSecurityPatches2013-02-06.patch - added patch8: 7201064.patch to be reverted - added patch9: 8005615.patch to fix the 6664509.patch - Resolves: rhbz#906707 [1:1.6.0.0-1.53.1.11.6] - added patch8 revertTwoWrongSecurityPatches2013-02-06.patch to remove 6664509 and 7201064 from 1.11.6 tarball - Resolves: rhbz#906707 [1:1.6.0.0-1.51.1.11.6] - Updated to icedtea6 1.11.6 - Rewritten java-1.6.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz#906707 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0245 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0450 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Java Runtime Environment Color Management memory overwrite | More info here |
ExploitDB Exploits
id | Description |
---|---|
2013-03-29 | Java CMM Remote Code Execution |
Snort® IPS/IDS
Date | Description |
---|---|
2014-03-06 | Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt RuleID : 29606 - Revision : 4 - Type : FILE-JAVA |
2014-03-06 | Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt RuleID : 29605 - Revision : 3 - Type : FILE-JAVA |
2014-01-11 | Neutrino exploit kit initial outbound request - generic detection RuleID : 28911 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request by Java - generic detection RuleID : 28476 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request - generic detection RuleID : 28475 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound plugin detection response - generic detection RuleID : 28474 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28460 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28459 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit landing page RuleID : 28458 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28457 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28456 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28455 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28304 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28298 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28275 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28274 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28273 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28214 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28032 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit Oracle Java exploit download attempt RuleID : 28031 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 27785 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit Oracle Java exploit download attempt RuleID : 27784 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Gong Da exploit kit possible jar download RuleID : 27706 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Gong Da exploit kit Java exploit requested RuleID : 27705 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Gong Da exploit kit Java exploit requested RuleID : 27704 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Gong Da exploit kit plugin detection RuleID : 27703 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Gong Da exploit kit landing page RuleID : 27702 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Gong Da Jar file download RuleID : 27701 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Private exploit kit outbound traffic RuleID : 27144-community - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Private exploit kit outbound traffic RuleID : 27144 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Private exploit kit landing page RuleID : 27143 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Private exploit kit landing page RuleID : 27142 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Private exploit kit landing page RuleID : 27141 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Private exploit kit numerically named exe file dowload RuleID : 27140 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt RuleID : 27113-community - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt RuleID : 27113 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit JNLP request RuleID : 27070 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit landing page - specific structure RuleID : 27067 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt RuleID : 26950-community - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt RuleID : 26950 - Revision : 10 - Type : EXPLOIT-KIT |
2014-01-10 | DotkaChef/Rmayana/DotCache exploit kit inbound java exploit download RuleID : 26948-community - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | DotkaChef/Rmayana/DotCache exploit kit inbound java exploit download RuleID : 26948 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | iFramer injection - specific structure RuleID : 26617 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit successful redirection - jnlp bypass RuleID : 26541 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | iFramer injection - specific structure RuleID : 26540 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java payload detection RuleID : 26512 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Sakura exploit kit redirection structure RuleID : 26511 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit pdf payload detection RuleID : 26510 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit java payload detection RuleID : 26509 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page - specific structure RuleID : 26507 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit jar file redirection RuleID : 26506 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious jar download RuleID : 26256 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit redirection page RuleID : 26254 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit MyApplet class retrieval RuleID : 26229 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit redirection page RuleID : 26228 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt RuleID : 26200 - Revision : 8 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib LookupOp integer overflow attempt RuleID : 26199 - Revision : 8 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt RuleID : 26198 - Revision : 8 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt RuleID : 26197 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib LookupOp integer overflow attempt RuleID : 26196 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt RuleID : 26195 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Neutrino exploit kit redirection page RuleID : 26100 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit redirection page RuleID : 26099 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit Java archive transfer RuleID : 26098 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit Java archive transfer RuleID : 26097 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit landing page RuleID : 26096 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit landing page RuleID : 26095 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit Portable Executable download RuleID : 26056 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 26055 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 26054 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 26053 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 26052 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious jar file download RuleID : 26051 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit SWF file download RuleID : 26050 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 26049 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit PDF exploit RuleID : 26048 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit redirection structure RuleID : 26047 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page RuleID : 26046 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Known malicious jar archive download attempt RuleID : 26030 - Revision : 3 - Type : FILE-OTHER |
2014-01-10 | Java user-agent request to svchost.jpg RuleID : 26025 - Revision : 3 - Type : INDICATOR-COMPROMISE |
2014-01-10 | Gong Da exploit kit redirection page received RuleID : 26013 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit Portable Executable download RuleID : 25968 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25967 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25966 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25965 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25964 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit SWF file download RuleID : 25963 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25962 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit former location - has been removed RuleID : 25960 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25959 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25958 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25957 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25956 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious jar file download RuleID : 25955 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit SWF file download RuleID : 25954 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page RuleID : 25953 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page RuleID : 25952 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25951 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit PDF exploit RuleID : 25950 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25862 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25861 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page RuleID : 25860 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious jar file download RuleID : 25859 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit Java exploit download RuleID : 25858 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit PDF exploit RuleID : 25857 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Whitehole exploit kit landing page RuleID : 25806 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Whitehole exploit kit Java exploit retrieval RuleID : 25805 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Whitehole exploit kit malicious jar download attempt RuleID : 25804 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Sibhost exploit kit outbound JAR download attempt RuleID : 24841 - Revision : 5 - Type : EXPLOIT-KIT |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1455.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1456.nasl - Type : ACT_GATHER_INFO |
2014-08-22 | Name : The remote host is affected by multiple vulnerabilities. File : juniper_nsm_jsa10642.nasl - Type : ACT_GATHER_INFO |
2014-06-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201406-32.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-131.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-164.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-165.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-198.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-230.nasl - Type : ACT_GATHER_INFO |
2014-01-27 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201401-30.nasl - Type : ACT_GATHER_INFO |
2014-01-08 | Name : The remote server is affected by multiple vulnerabilities. File : domino_9_0_1.nasl - Type : ACT_GATHER_INFO |
2014-01-08 | Name : The remote host has software installed that is affected by multiple vulnerabi... File : lotus_domino_9_0_1.nasl - Type : ACT_GATHER_INFO |
2013-11-04 | Name : The remote server is affected by multiple vulnerabilities. File : domino_8_5_3fp5.nasl - Type : ACT_GATHER_INFO |
2013-11-04 | Name : The remote host has software installed that is affected by multiple vulnerabi... File : lotus_domino_8_5_3_fp5.nasl - Type : ACT_GATHER_INFO |
2013-11-04 | Name : The remote host has software installed that is affected by multiple vulnerabi... File : lotus_notes_8_5_3_fp5.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-155.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-156.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-162.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-163.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-167.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-168.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0245.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0246.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0247.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0273.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0274.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0275.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0602.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0603.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0604.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0605.nasl - Type : ACT_GATHER_INFO |
2013-05-10 | Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_8_0_0_6.nasl - Type : ACT_GATHER_INFO |
2013-05-10 | Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_8_5_0_2.nasl - Type : ACT_GATHER_INFO |
2013-04-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-130415.nasl - Type : ACT_GATHER_INFO |
2013-04-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-130416.nasl - Type : ACT_GATHER_INFO |
2013-04-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-8543.nasl - Type : ACT_GATHER_INFO |
2013-04-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_5_0-ibm-8542.nasl - Type : ACT_GATHER_INFO |
2013-04-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_6_0-ibm-8544.nasl - Type : ACT_GATHER_INFO |
2013-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-095.nasl - Type : ACT_GATHER_INFO |
2013-04-19 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-130415.nasl - Type : ACT_GATHER_INFO |
2013-03-17 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-130312.nasl - Type : ACT_GATHER_INFO |
2013-03-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_5_0-ibm-8483.nasl - Type : ACT_GATHER_INFO |
2013-03-15 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_6_0-ibm-8495.nasl - Type : ACT_GATHER_INFO |
2013-03-14 | Name : The remote Fedora host is missing a security update. File : fedora_2013-3468.nasl - Type : ACT_GATHER_INFO |
2013-03-14 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-130306.nasl - Type : ACT_GATHER_INFO |
2013-03-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-8481.nasl - Type : ACT_GATHER_INFO |
2013-03-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-130307.nasl - Type : ACT_GATHER_INFO |
2013-03-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-130306.nasl - Type : ACT_GATHER_INFO |
2013-03-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0624.nasl - Type : ACT_GATHER_INFO |
2013-03-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0625.nasl - Type : ACT_GATHER_INFO |
2013-03-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0626.nasl - Type : ACT_GATHER_INFO |
2013-03-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0602.nasl - Type : ACT_GATHER_INFO |
2013-03-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0605.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0603.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130306_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130306_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130306_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130306_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1755-2.nasl - Type : ACT_GATHER_INFO |
2013-03-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0604.nasl - Type : ACT_GATHER_INFO |
2013-03-07 | Name : The remote Fedora host is missing a security update. File : fedora_2013-3467.nasl - Type : ACT_GATHER_INFO |
2013-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0600.nasl - Type : ACT_GATHER_INFO |
2013-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0601.nasl - Type : ACT_GATHER_INFO |
2013-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0602.nasl - Type : ACT_GATHER_INFO |
2013-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0603.nasl - Type : ACT_GATHER_INFO |
2013-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0604.nasl - Type : ACT_GATHER_INFO |
2013-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0605.nasl - Type : ACT_GATHER_INFO |
2013-03-06 | Name : The remote host contains a runtime environment that can allow code execution. File : oracle_java5_update41.nasl - Type : ACT_GATHER_INFO |
2013-03-06 | Name : The remote host contains a runtime environment that can allow code execution. File : oracle_java5_update41_unix.nasl - Type : ACT_GATHER_INFO |
2013-03-06 | Name : The remote host contains a runtime environment that can allow code execution. File : oracle_java6_update43.nasl - Type : ACT_GATHER_INFO |
2013-03-06 | Name : The remote host contains a runtime environment that can allow code execution. File : oracle_java6_update43_unix.nasl - Type : ACT_GATHER_INFO |
2013-03-06 | Name : The remote host contains a runtime environment that can allow code execution. File : oracle_java7_update17.nasl - Type : ACT_GATHER_INFO |
2013-03-06 | Name : The remote host contains a runtime environment that can allow code execution. File : oracle_java7_update17_unix.nasl - Type : ACT_GATHER_INFO |
2013-03-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1755-1.nasl - Type : ACT_GATHER_INFO |
2013-03-05 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update14.nasl - Type : ACT_GATHER_INFO |
2013-03-05 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_2013-002.nasl - Type : ACT_GATHER_INFO |
2013-02-27 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0274.nasl - Type : ACT_GATHER_INFO |
2013-02-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-014.nasl - Type : ACT_GATHER_INFO |
2013-02-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-130221.nasl - Type : ACT_GATHER_INFO |
2013-02-22 | Name : The remote Unix host contains a programming platform that is potentially affe... File : oracle_java_cpu_feb_2013_1_unix.nasl - Type : ACT_GATHER_INFO |
2013-02-22 | Name : The remote Unix host contains a programming platform that is potentially affe... File : oracle_java_cpu_feb_2013_unix.nasl - Type : ACT_GATHER_INFO |
2013-02-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1735-1.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0273.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0275.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_java_cpu_feb_2013_1.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0273.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0274.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0275.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0531.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0532.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-130212.nasl - Type : ACT_GATHER_INFO |
2013-02-20 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update13.nasl - Type : ACT_GATHER_INFO |
2013-02-20 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_2013-001.nasl - Type : ACT_GATHER_INFO |
2013-02-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1724-1.nasl - Type : ACT_GATHER_INFO |
2013-02-13 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130205_jdk_1_6_0_on_SL_5_0.nasl - Type : ACT_GATHER_INFO |
2013-02-12 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-010.nasl - Type : ACT_GATHER_INFO |
2013-02-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0245.nasl - Type : ACT_GATHER_INFO |
2013-02-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0247.nasl - Type : ACT_GATHER_INFO |
2013-02-11 | Name : The remote Fedora host is missing a security update. File : fedora_2013-2188.nasl - Type : ACT_GATHER_INFO |
2013-02-11 | Name : The remote Fedora host is missing a security update. File : fedora_2013-2197.nasl - Type : ACT_GATHER_INFO |
2013-02-11 | Name : The remote Fedora host is missing a security update. File : fedora_2013-2205.nasl - Type : ACT_GATHER_INFO |
2013-02-11 | Name : The remote Fedora host is missing a security update. File : fedora_2013-2209.nasl - Type : ACT_GATHER_INFO |
2013-02-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0246.nasl - Type : ACT_GATHER_INFO |
2013-02-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0245.nasl - Type : ACT_GATHER_INFO |
2013-02-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0246.nasl - Type : ACT_GATHER_INFO |
2013-02-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0247.nasl - Type : ACT_GATHER_INFO |
2013-02-10 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130208_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-02-10 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130208_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-02-10 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130208_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-02-06 | Name : The remote Fedora host is missing a security update. File : fedora_2013-1898.nasl - Type : ACT_GATHER_INFO |
2013-02-05 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update12.nasl - Type : ACT_GATHER_INFO |
2013-02-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0236.nasl - Type : ACT_GATHER_INFO |
2013-02-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0237.nasl - Type : ACT_GATHER_INFO |
2013-02-04 | Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_java_cpu_feb_2013.nasl - Type : ACT_GATHER_INFO |
2013-01-17 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_d5e0317e5e4511e2a113c48508086173.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:57:01 |
|
2013-03-12 00:25:58 |
|