This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Oracle First view 2014-01-15
Product Jrockit Last view 2014-01-15
Version r28.2.9 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:oracle:jrockit

Activity : Overall

Related : CVE

  Date Alert Description
5.5 2014-01-15 CVE-2014-0423

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability in DocumentHandler.java, related to Beans decoding.

4 2014-01-15 CVE-2014-0411

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.

10 2014-01-15 CVE-2013-5907

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file.

Information Assurance Vulnerability Management (IAVM)

id Description
2014-A-0010 Multiple Vulnerabilities in Oracle Java SE
Severity: Category I - VMSKEY: V0043398

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-12-22 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10659.nasl - Type: ACT_GATHER_INFO
2014-11-08 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2014-0982.nasl - Type: ACT_GATHER_INFO
2014-11-08 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2014-0414.nasl - Type: ACT_GATHER_INFO
2014-08-22 Name: The remote host is affected by multiple vulnerabilities.
File: juniper_nsm_jsa10642.nasl - Type: ACT_GATHER_INFO
2014-07-30 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2014-0705.nasl - Type: ACT_GATHER_INFO
2014-07-28 Name: The remote AIX host has a version of Java SDK installed that is potentially a...
File: aix_java_jan2014_advisory.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2014-96.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2014-95.nasl - Type: ACT_GATHER_INFO
2014-05-12 Name: The remote host has software installed that is affected by multiple vulnerabi...
File: lotus_notes_9_0_1_fp1.nasl - Type: ACT_GATHER_INFO
2014-05-12 Name: The remote server is affected by multiple vulnerabilities.
File: domino_9_0_1_fp1.nasl - Type: ACT_GATHER_INFO
2014-05-12 Name: The remote host has software installed that is affected by multiple vulnerabi...
File: lotus_domino_9_0_1_fp1.nasl - Type: ACT_GATHER_INFO
2014-04-08 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2124-2.nasl - Type: ACT_GATHER_INFO
2014-02-28 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2124-1.nasl - Type: ACT_GATHER_INFO
2014-02-25 Name: The remote SuSE 11 host is missing one or more security updates.
File: suse_11_java-1_6_0-ibm-140213.nasl - Type: ACT_GATHER_INFO
2014-02-18 Name: The remote SuSE 11 host is missing one or more security updates.
File: suse_11_java-1_7_0-ibm-140206.nasl - Type: ACT_GATHER_INFO
2014-02-11 Name: The remote SuSE 11 host is missing one or more security updates.
File: suse_11_java-1_7_0-openjdk-140205.nasl - Type: ACT_GATHER_INFO
2014-02-05 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2014-283.nasl - Type: ACT_GATHER_INFO
2014-02-05 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2014-0136.nasl - Type: ACT_GATHER_INFO
2014-02-05 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2014-280.nasl - Type: ACT_GATHER_INFO
2014-02-05 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2014-0135.nasl - Type: ACT_GATHER_INFO
2014-02-05 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2014-0134.nasl - Type: ACT_GATHER_INFO
2014-01-28 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2014-0097.nasl - Type: ACT_GATHER_INFO
2014-01-28 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2014-0097.nasl - Type: ACT_GATHER_INFO
2014-01-28 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2014-0097.nasl - Type: ACT_GATHER_INFO
2014-01-28 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20140127_java_1_6_0_openjdk_on_SL5_x.nasl - Type: ACT_GATHER_INFO