Executive Summary

Summary
Title ICU vulnerabilities
Informations
Name USN-2522-3 First vendor Publication 2015-03-10
Vendor Ubuntu Last vendor Modification 2015-03-10
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

ICU could be made to crash or run programs as your login if it processed specially crafted data.

Software Description: - icu: International Components for Unicode library

Details:

USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font patches caused a regression when using LibreOffice Calc. The patches have now been updated to fix the regression.

We apologize for the inconvenience.

Original advisory details:

It was discovered that ICU incorrectly handled memory operations when
processing fonts. If an application using ICU processed crafted data, an
attacker could cause it to crash or potentially execute arbitrary code with
the privileges of the user invoking the program. This issue only affected
Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384,
CVE-2013-2419)
It was discovered that ICU incorrectly handled memory operations when
processing fonts. If an application using ICU processed crafted data, an
attacker could cause it to crash or potentially execute arbitrary code with
the privileges of the user invoking the program. (CVE-2014-6585,
CVE-2014-6591)
It was discovered that ICU incorrectly handled memory operations when
processing regular expressions. If an application using ICU processed
crafted data, an attacker could cause it to crash or potentially execute
arbitrary code with the privileges of the user invoking the program.
(CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)
It was discovered that ICU collator implementation incorrectly handled
memory operations. If an application using ICU processed crafted data, an
attacker could cause it to crash or potentially execute arbitrary code with
the privileges of the user invoking the program. (CVE-2014-7940)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.04 LTS:
libicu48 4.8.1.1-3ubuntu0.5

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2522-3
http://www.ubuntu.com/usn/usn-2522-1
CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2419,
CVE-2014-6585, CVE-2014-6591

Package Information:
https://launchpad.net/ubuntu/+source/icu/4.8.1.1-3ubuntu0.5

Original Source

Url : http://www.ubuntu.com/usn/USN-2522-3

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-17 Code
25 % CWE-399 Resource Management Errors
25 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:16527
 
Oval ID: oval:org.mitre.oval:def:16527
Title: Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java Runtime Environment.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font processing errors" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family: windows Class: vulnerability
Reference(s): CVE-2013-2419
 Version: 9
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
 Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16549
 
Oval ID: oval:org.mitre.oval:def:16549
Title: Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5 Update 41 and earlier can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data as well as read access to a subset of Java Runtime Environment accessible data.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2383, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font layout" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family: windows Class: vulnerability
Reference(s): CVE-2013-2384
 Version: 9
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
 Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16564
 
Oval ID: oval:org.mitre.oval:def:16564
Title: Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5 Update 41 and earlier can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data as well as read access to a subset of Java Runtime Environment accessible data.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "handling of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family: windows Class: vulnerability
Reference(s): CVE-2013-2383
 Version: 9
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
 Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16697
 
Oval ID: oval:org.mitre.oval:def:16697
Title: Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5 Update 41 and earlier can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data as well as read access to a subset of Java Runtime Environment accessible data.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "checking of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1569
 Version: 9
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
 Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17267
 
Oval ID: oval:org.mitre.oval:def:17267
Title: USN-1819-1 -- OpenJDK 6 vulnerabilities
Description: Several security issues were fixed in OpenJDK 6.
Family: unix Class: patch
Reference(s): usn-1819-1
CVE-2013-0401
CVE-2013-1488
CVE-2013-1518
CVE-2013-1537
CVE-2013-1557
CVE-2013-1558
CVE-2013-1569
CVE-2013-2383
CVE-2013-2384
CVE-2013-2420
CVE-2013-2421
CVE-2013-2422
CVE-2013-2426
CVE-2013-2429
CVE-2013-2430
CVE-2013-2431
CVE-2013-2436
CVE-2013-2415
CVE-2013-2424
CVE-2013-2417
CVE-2013-2419
 Version: 7
Platform(s): Ubuntu 10.04
Ubuntu 12.04
Ubuntu 11.10
 Product(s): openjdk-6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19291
 
Oval ID: oval:org.mitre.oval:def:19291
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "handling of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family: unix Class: vulnerability
Reference(s): CVE-2013-2383
 Version: 13
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19327
 
Oval ID: oval:org.mitre.oval:def:19327
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "checking of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family: unix Class: vulnerability
Reference(s): CVE-2013-1569
 Version: 13
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19341
 
Oval ID: oval:org.mitre.oval:def:19341
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2383, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font layout" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family: unix Class: vulnerability
Reference(s): CVE-2013-2384
 Version: 13
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19386
 
Oval ID: oval:org.mitre.oval:def:19386
Title: HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font processing errors" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family: unix Class: vulnerability
Reference(s): CVE-2013-2419
 Version: 12
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19526
 
Oval ID: oval:org.mitre.oval:def:19526
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font processing errors" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family: unix Class: vulnerability
Reference(s): CVE-2013-2419
 Version: 12
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19549
 
Oval ID: oval:org.mitre.oval:def:19549
Title: HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2383, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font layout" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family: unix Class: vulnerability
Reference(s): CVE-2013-2384
 Version: 12
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19556
 
Oval ID: oval:org.mitre.oval:def:19556
Title: HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "checking of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family: unix Class: vulnerability
Reference(s): CVE-2013-1569
 Version: 12
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19725
 
Oval ID: oval:org.mitre.oval:def:19725
Title: HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "handling of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family: unix Class: vulnerability
Reference(s): CVE-2013-2383
 Version: 12
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27661
 
Oval ID: oval:org.mitre.oval:def:27661
Title: DEPRECATED: ELSA-2013-0751 -- java-1.7.0-openjdk security update (critical)
Description: [1.7.0.19-2.3.9.1.0.1.el6_4] - Update DISTRO_NAME in specfile
Family: unix Class: patch
Reference(s): ELSA-2013-0751
CVE-2013-1557
CVE-2013-2424
CVE-2013-2436
CVE-2013-2419
CVE-2013-2420
CVE-2013-2421
CVE-2013-2426
CVE-2013-1558
CVE-2013-2430
CVE-2013-0401
CVE-2013-1488
CVE-2013-2384
CVE-2013-2422
CVE-2013-2431
CVE-2013-1569
CVE-2013-2415
CVE-2013-2423
CVE-2013-2429
CVE-2013-1537
CVE-2013-2417
CVE-2013-1518
CVE-2013-2383
 Version: 4
Platform(s): Oracle Linux 6
 Product(s): java-1.7.0-openjdk
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28035
 
Oval ID: oval:org.mitre.oval:def:28035
Title: Multiple vulnerabilities in current releases of the IBM® SDK,Java Technology Edition
Description: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors reelated to 2D, a different vulnerability than CVE-2014-6591.
Family: unix Class: vulnerability
Reference(s): CVE-2014-6585
 Version: 4
Platform(s): IBM AIX 6.1
IBM AIX 7.1
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28445
 
Oval ID: oval:org.mitre.oval:def:28445
Title: JRE and JDK Vulnerability on HPUX
Description: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors reelated to 2D, a different vulnerability than CVE-2014-6591.
Family: unix Class: vulnerability
Reference(s): CVE-2014-6585
 Version: 4
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28455
 
Oval ID: oval:org.mitre.oval:def:28455
Title: Multiple vulnerabilities in current releases of the IBM® SDK,Java Technology Edition
Description: Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585.
Family: unix Class: vulnerability
Reference(s): CVE-2014-6591
 Version: 4
Platform(s): IBM AIX 6.1
IBM AIX 7.1
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28462
 
Oval ID: oval:org.mitre.oval:def:28462
Title: Potential security vulnerabilities have been identified in the Java Runtime Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities.
Description: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors reelated to 2D, a different vulnerability than CVE-2014-6591.
Family: unix Class: vulnerability
Reference(s): CVE-2014-6585
 Version: 4
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28733
 
Oval ID: oval:org.mitre.oval:def:28733
Title: Potential security vulnerabilities have been identified in the Java Runtime Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities.
Description: Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585.
Family: unix Class: vulnerability
Reference(s): CVE-2014-6591
 Version: 4
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28809
 
Oval ID: oval:org.mitre.oval:def:28809
Title: Potential security vulnerabilities have been identified in the Java Runtime Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities.
Description: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors reelated to 2D, a different vulnerability than CVE-2014-6591.
Family: unix Class: vulnerability
Reference(s): CVE-2014-6585
 Version: 4
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28820
 
Oval ID: oval:org.mitre.oval:def:28820
Title: Potential security vulnerabilities have been identified in the Java Runtime Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities.
Description: Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585.
Family: unix Class: vulnerability
Reference(s): CVE-2014-6591
 Version: 4
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28931
 
Oval ID: oval:org.mitre.oval:def:28931
Title: JRE and JDK Vulnerability on HPUX
Description: Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585.
Family: unix Class: vulnerability
Reference(s): CVE-2014-6591
 Version: 4
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29203
 
Oval ID: oval:org.mitre.oval:def:29203
Title: SUSE-SU-2015:1144-1 -- Security update for icu (moderate)
Description: This update fixes the following security issue in icu:
Family: unix Class: patch
Reference(s): SUSE-SU-2015:1144-1
CVE-2014-9654
 Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
 Product(s): icu
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 3913
Application 1
Application 2
Application 270
Application 190
Application 55
Application 53
Os 2
Os 3
Os 2
Os 2
Os 1
Os 1
Os 1
Os 1

ExploitDB Exploits

id Description
2013-04-18 Java Web Start Launcher ActiveX Control - Memory Corruption

Nessus® Vulnerability Scanner

Date Description
2016-04-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-1090-1.nasl - Type : ACT_GATHER_INFO
2016-03-14 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201603-14.nasl - Type : ACT_GATHER_INFO
2015-10-22 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1790-1.nasl - Type : ACT_GATHER_INFO
2015-10-14 Name : The remote Fedora host is missing a security update.
File : fedora_2015-16314.nasl - Type : ACT_GATHER_INFO
2015-09-24 Name : The remote Fedora host is missing a security update.
File : fedora_2015-16315.nasl - Type : ACT_GATHER_INFO
2015-08-03 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3323.nasl - Type : ACT_GATHER_INFO
2015-07-14 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201507-14.nasl - Type : ACT_GATHER_INFO
2015-06-26 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1144-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0458-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0503-1.nasl - Type : ACT_GATHER_INFO
2015-05-15 Name : The remote Debian host is missing a security update.
File : debian_DLA-219.nasl - Type : ACT_GATHER_INFO
2015-05-01 Name : The remote host has a virtualization management application installed that is...
File : vmware_vcenter_vmsa-2015-0003.nasl - Type : ACT_GATHER_INFO
2015-04-29 Name : The remote Fedora host is missing a security update.
File : fedora_2015-6084.nasl - Type : ACT_GATHER_INFO
2015-04-29 Name : The remote Fedora host is missing a security update.
File : fedora_2015-6087.nasl - Type : ACT_GATHER_INFO
2015-04-20 Name : The remote Windows host has an application installed that is affected by mult...
File : vmware_vcenter_chargeback_manager_vmsa_2015_0003.nasl - Type : ACT_GATHER_INFO
2015-04-13 Name : The remote Windows host has an application installed that is affected by mult...
File : vmware_horizon_view_VMSA-2015-0003.nasl - Type : ACT_GATHER_INFO
2015-04-13 Name : The remote host has a device management application installed that is affecte...
File : vmware_workspace_portal_vmsa2015-0003.nasl - Type : ACT_GATHER_INFO
2015-04-10 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-198.nasl - Type : ACT_GATHER_INFO
2015-04-10 Name : The remote Linux host has a virtualization application installed that is miss...
File : vcenter_operations_manager_vmsa_2015-0003-linux.nasl - Type : ACT_GATHER_INFO
2015-04-10 Name : The remote host has a virtualization application installed that is missing a ...
File : vcenter_operations_manager_vmsa_2015-0003-vapp.nasl - Type : ACT_GATHER_INFO
2015-04-10 Name : The remote Windows host has a virtualization application installed that is mi...
File : vcenter_operations_manager_vmsa_2015-0003-win.nasl - Type : ACT_GATHER_INFO
2015-04-03 Name : The remote Fedora host is missing a security update.
File : fedora_2015-3569.nasl - Type : ACT_GATHER_INFO
2015-03-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-161.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote Debian host is missing a security update.
File : debian_DLA-157.nasl - Type : ACT_GATHER_INFO
2015-03-25 Name : The remote Fedora host is missing a security update.
File : fedora_2015-3590.nasl - Type : ACT_GATHER_INFO
2015-03-24 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201503-06.nasl - Type : ACT_GATHER_INFO
2015-03-17 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3187.nasl - Type : ACT_GATHER_INFO
2015-03-11 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2522-3.nasl - Type : ACT_GATHER_INFO
2015-03-09 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-204.nasl - Type : ACT_GATHER_INFO
2015-03-09 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2522-2.nasl - Type : ACT_GATHER_INFO
2015-03-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2522-1.nasl - Type : ACT_GATHER_INFO
2015-02-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0263.nasl - Type : ACT_GATHER_INFO
2015-02-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0264.nasl - Type : ACT_GATHER_INFO
2015-02-24 Name : The remote AIX host has a version of Java SDK installed that is affected by m...
File : aix_java_feb2015_advisory.nasl - Type : ACT_GATHER_INFO
2015-02-20 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_7_0-openjdk-150206.nasl - Type : ACT_GATHER_INFO
2015-02-18 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201502-13.nasl - Type : ACT_GATHER_INFO
2015-02-13 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-480.nasl - Type : ACT_GATHER_INFO
2015-02-09 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-033.nasl - Type : ACT_GATHER_INFO
2015-02-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0133.nasl - Type : ACT_GATHER_INFO
2015-02-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0134.nasl - Type : ACT_GATHER_INFO
2015-02-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0135.nasl - Type : ACT_GATHER_INFO
2015-02-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0136.nasl - Type : ACT_GATHER_INFO
2015-02-03 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-91.nasl - Type : ACT_GATHER_INFO
2015-02-02 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3147.nasl - Type : ACT_GATHER_INFO
2015-01-30 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3144.nasl - Type : ACT_GATHER_INFO
2015-01-28 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0093.nasl - Type : ACT_GATHER_INFO
2015-01-28 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2486-1.nasl - Type : ACT_GATHER_INFO
2015-01-28 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2487-1.nasl - Type : ACT_GATHER_INFO
2015-01-27 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0085.nasl - Type : ACT_GATHER_INFO
2015-01-27 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0085.nasl - Type : ACT_GATHER_INFO
2015-01-27 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0085.nasl - Type : ACT_GATHER_INFO
2015-01-27 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0086.nasl - Type : ACT_GATHER_INFO
2015-01-27 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150126_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-01-27 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2476-1.nasl - Type : ACT_GATHER_INFO
2015-01-23 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-471.nasl - Type : ACT_GATHER_INFO
2015-01-23 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-472.nasl - Type : ACT_GATHER_INFO
2015-01-23 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : google_chrome_40_0_2214_91.nasl - Type : ACT_GATHER_INFO
2015-01-23 Name : The remote Mac OS X host contains a web browser that is affected by multiple ...
File : macosx_google_chrome_40_0_2214_91.nasl - Type : ACT_GATHER_INFO
2015-01-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0079.nasl - Type : ACT_GATHER_INFO
2015-01-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0080.nasl - Type : ACT_GATHER_INFO
2015-01-22 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_e30e0c99a1b711e4b85c00262d5ed8ee.nasl - Type : ACT_GATHER_INFO
2015-01-22 Name : The remote Windows host contains a programming platform that is affected by m...
File : oracle_java_cpu_jan_2015.nasl - Type : ACT_GATHER_INFO
2015-01-22 Name : The remote Unix host contains a programming platform that is affected by mult...
File : oracle_java_cpu_jan_2015_unix.nasl - Type : ACT_GATHER_INFO
2015-01-22 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0067.nasl - Type : ACT_GATHER_INFO
2015-01-22 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0068.nasl - Type : ACT_GATHER_INFO
2015-01-22 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0069.nasl - Type : ACT_GATHER_INFO
2015-01-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150121_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-01-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150121_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-01-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150121_java_1_8_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-01-21 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0067.nasl - Type : ACT_GATHER_INFO
2015-01-21 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0068.nasl - Type : ACT_GATHER_INFO
2015-01-21 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0069.nasl - Type : ACT_GATHER_INFO
2015-01-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0067.nasl - Type : ACT_GATHER_INFO
2015-01-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0068.nasl - Type : ACT_GATHER_INFO
2015-01-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0069.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1455.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1456.nasl - Type : ACT_GATHER_INFO
2014-06-30 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201406-32.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-402.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-410.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-426.nasl - Type : ACT_GATHER_INFO
2014-01-27 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201401-30.nasl - Type : ACT_GATHER_INFO
2014-01-08 Name : The remote server is affected by multiple vulnerabilities.
File : domino_9_0_1.nasl - Type : ACT_GATHER_INFO
2014-01-08 Name : The remote host has software installed that is affected by multiple vulnerabi...
File : lotus_domino_9_0_1.nasl - Type : ACT_GATHER_INFO
2013-11-04 Name : The remote server is affected by multiple vulnerabilities.
File : domino_8_5_3fp5.nasl - Type : ACT_GATHER_INFO
2013-11-04 Name : The remote host has software installed that is affected by multiple vulnerabi...
File : lotus_domino_8_5_3_fp5.nasl - Type : ACT_GATHER_INFO
2013-11-04 Name : The remote host has software installed that is affected by multiple vulnerabi...
File : lotus_notes_8_5_3_fp5.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-183.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-185.nasl - Type : ACT_GATHER_INFO
2013-08-05 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2013-13479.nasl - Type : ACT_GATHER_INFO
2013-07-28 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2013-13523.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0751.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0752.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0770.nasl - Type : ACT_GATHER_INFO
2013-06-11 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_4_2-ibm-130529.nasl - Type : ACT_GATHER_INFO
2013-06-11 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_7_0-ibm-130529.nasl - Type : ACT_GATHER_INFO
2013-05-28 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_6_0-ibm-130517.nasl - Type : ACT_GATHER_INFO
2013-05-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0855.nasl - Type : ACT_GATHER_INFO
2013-05-22 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_6_0-openjdk-130512.nasl - Type : ACT_GATHER_INFO
2013-05-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0822.nasl - Type : ACT_GATHER_INFO
2013-05-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0823.nasl - Type : ACT_GATHER_INFO
2013-05-08 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1819-1.nasl - Type : ACT_GATHER_INFO
2013-05-07 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-161.nasl - Type : ACT_GATHER_INFO
2013-04-26 Name : The remote Fedora host is missing a security update.
File : fedora_2013-6368.nasl - Type : ACT_GATHER_INFO
2013-04-26 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130424_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-04-25 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-0770.nasl - Type : ACT_GATHER_INFO
2013-04-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0770.nasl - Type : ACT_GATHER_INFO
2013-04-24 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1806-1.nasl - Type : ACT_GATHER_INFO
2013-04-20 Name : The remote Fedora host is missing a security update.
File : fedora_2013-5922.nasl - Type : ACT_GATHER_INFO
2013-04-19 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-0751.nasl - Type : ACT_GATHER_INFO
2013-04-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0757.nasl - Type : ACT_GATHER_INFO
2013-04-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0758.nasl - Type : ACT_GATHER_INFO
2013-04-18 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-0752.nasl - Type : ACT_GATHER_INFO
2013-04-18 Name : The remote Fedora host is missing a security update.
File : fedora_2013-5958.nasl - Type : ACT_GATHER_INFO
2013-04-18 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0751.nasl - Type : ACT_GATHER_INFO
2013-04-18 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0752.nasl - Type : ACT_GATHER_INFO
2013-04-18 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130417_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-04-18 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130417_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-04-17 Name : The remote host has a version of Java that is affected by multiple vulnerabil...
File : macosx_java_10_6_update15.nasl - Type : ACT_GATHER_INFO
2013-04-17 Name : The remote host has a version of Java that is affected by multiple vulnerabil...
File : macosx_java_2013-003.nasl - Type : ACT_GATHER_INFO
2013-04-17 Name : The remote Windows host contains a programming platform that is potentially a...
File : oracle_java_cpu_apr_2013.nasl - Type : ACT_GATHER_INFO
2013-04-17 Name : The remote Unix host contains a programming platform that is potentially affe...
File : oracle_java_cpu_apr_2013_unix.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2017-05-12 12:08:46
  • Multiple Updates
2015-03-12 13:24:21
  • Multiple Updates
2015-03-10 21:23:19
  • First insertion