Summary
| Detail | |||
|---|---|---|---|
| Vendor | Oracle | First view | 2009-04-15 |
| Product | Jrockit | Last view | 2013-10-16 |
| Version | r27.6 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:oracle:jrockit | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 10 | 2013-10-16 | CVE-2013-5830 | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. |
| 5 | 2013-10-16 | CVE-2013-5825 | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP. |
| 5 | 2013-10-16 | CVE-2013-5823 | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security. |
| 6.4 | 2013-10-16 | CVE-2013-5804 | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc. |
| 2.6 | 2013-10-16 | CVE-2013-5803 | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS. |
| 7.5 | 2013-10-16 | CVE-2013-5802 | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP. |
| 3.5 | 2013-10-16 | CVE-2013-5797 | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc. |
| 10 | 2013-10-16 | CVE-2013-5782 | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. |
| 4.3 | 2013-10-16 | CVE-2013-5780 | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. |
| 7.1 | 2013-07-23 | CVE-2013-4002 | XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names. |
| 7.5 | 2013-06-18 | CVE-2013-2461 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June and July 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass verification of XML signatures via vectors related to a "Missing check for [a] valid DOMCanonicalizationMethod canonicalization algorithm." |
| 10 | 2013-04-17 | CVE-2013-2380 | Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware R27.7.4 and earlier and R28.2.6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this might be a duplicate of CVE-2013-1537 and CVE-2013-2415. If so, then CVE-2013-2380 might be REJECTed in the future. |
| 10 | 2012-10-16 | CVE-2012-3202 | Multiple unspecified vulnerabilities in the Oracle JRockit component in Oracle Fusion Middleware 28.2.4 and earlier, and 27.7.3 and earlier, when using JDK/JRE 5 or 6, allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this overlaps CVE-2012-5083, CVE-2012-1531, CVE-2012-5081, and CVE-2012-5085. |
| 6.8 | 2011-10-19 | CVE-2011-3557 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3556. |
| 7.5 | 2011-10-19 | CVE-2011-3556 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3557. |
| 3.5 | 2011-10-19 | CVE-2011-3553 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote authenticated users to affect confidentiality, related to JAXWS. |
| 9.3 | 2011-10-19 | CVE-2011-3551 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. |
| 10 | 2011-10-19 | CVE-2011-3545 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. |
| 10 | 2009-04-15 | CVE-2009-1006 | Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SDK/JRE 1.4.2, JRE/JDK 5, and JRE/JDK 6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 76512 | Oracle Java SE JRE JAXWS Component Unspecified Remote Information Disclosure |
| 76506 | Oracle Java SE JRE RMI Component Unspecified Remote Issue (2011-3557) |
| 76505 | Oracle Java SE JRE RMI Component Unspecified Remote Issue (2011-3556) |
| 76502 | Oracle Java SE JRE 2D Component Unspecified Remote Issue |
| 76499 | Oracle Java SE JRE jsound.dll MixerSequencer.nAddControllerEventCallback Func... |
| 53761 | Oracle BEA JRockit Unspecified Remote Compromise |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-10-19 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-16351 File : nvt/gb_fedora_2012_16351_java-1.6.0-openjdk_fc16.nasl |
| 2012-10-19 | Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-16351 File : nvt/gb_fedora_2012_16351_java-1.7.0-openjdk_fc16.nasl |
| 2012-09-22 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-13127 File : nvt/gb_fedora_2012_13127_java-1.6.0-openjdk_fc16.nasl |
| 2012-09-04 | Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-13138 File : nvt/gb_fedora_2012_13138_java-1.7.0-openjdk_fc16.nasl |
| 2012-07-30 | Name : CentOS Update for java CESA-2011:1380 centos5 x86_64 File : nvt/gb_CESA-2011_1380_java_centos5_x86_64.nasl |
| 2012-06-19 | Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-9593 File : nvt/gb_fedora_2012_9593_java-1.7.0-openjdk_fc16.nasl |
| 2012-06-19 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-9545 File : nvt/gb_fedora_2012_9545_java-1.6.0-openjdk_fc16.nasl |
| 2012-06-19 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-9541 File : nvt/gb_fedora_2012_9541_java-1.6.0-openjdk_fc15.nasl |
| 2012-04-02 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-15020 File : nvt/gb_fedora_2011_15020_java-1.6.0-openjdk_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-1690 File : nvt/gb_fedora_2012_1690_java-1.7.0-openjdk_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-1711 File : nvt/gb_fedora_2012_1711_java-1.6.0-openjdk_fc16.nasl |
| 2012-03-19 | Name : Fedora Update for java-1.7.0-openjdk FEDORA-2011-15555 File : nvt/gb_fedora_2011_15555_java-1.7.0-openjdk_fc16.nasl |
| 2012-03-09 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-1721 File : nvt/gb_fedora_2012_1721_java-1.6.0-openjdk_fc15.nasl |
| 2012-02-12 | Name : Gentoo Security Advisory GLSA 201111-02 (sun-jre-bin sun-jdk emul-linux-x86-j... File : nvt/glsa_201111_02.nasl |
| 2012-02-11 | Name : Debian Security Advisory DSA 2358-1 (openjdk-6) File : nvt/deb_2358_1.nasl |
| 2012-02-11 | Name : Debian Security Advisory DSA 2356-1 (openjdk-6) File : nvt/deb_2356_1.nasl |
| 2012-01-25 | Name : Ubuntu Update for openjdk-6 USN-1263-2 File : nvt/gb_ubuntu_USN_1263_2.nasl |
| 2011-11-18 | Name : Ubuntu Update for icedtea-web USN-1263-1 File : nvt/gb_ubuntu_USN_1263_1.nasl |
| 2011-11-15 | Name : Oracle Java SE Multiple Vulnerabilities - October 2011 (Windows01) File : nvt/gb_oracle_java_se_mult_vuln_oct11_win_01.nasl |
| 2011-11-15 | Name : Oracle Java SE Multiple Vulnerabilities - October 2011 (Windows02) File : nvt/gb_oracle_java_se_mult_vuln_oct11_win_02.nasl |
| 2011-11-15 | Name : Oracle Java SE Multiple Vulnerabilities - October 2011 (Windows03) File : nvt/gb_oracle_java_se_mult_vuln_oct11_win_03.nasl |
| 2011-11-14 | Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2011:170 (java-1.6.0-openjdk) File : nvt/gb_mandriva_MDVSA_2011_170.nasl |
| 2011-10-21 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-14648 File : nvt/gb_fedora_2011_14648_java-1.6.0-openjdk_fc15.nasl |
| 2011-10-21 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-14638 File : nvt/gb_fedora_2011_14638_java-1.6.0-openjdk_fc14.nasl |
| 2011-10-21 | Name : RedHat Update for java-1.6.0-openjdk RHSA-2011:1380-01 File : nvt/gb_RHSA-2011_1380-01_java-1.6.0-openjdk.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2013-A-0191 | Multiple Vulnerabilities in Java for Mac OS X Severity: Category I - VMSKEY: V0040779 |
| 2013-A-0200 | Multiple Vulnerabilities in Oracle Java Severity: Category I - VMSKEY: V0040783 |
| 2012-B-0048 | Multiple Vulnerabilities in HP Systems Insight Manager Severity: Category I - VMSKEY: V0032178 |
| 2012-A-0048 | Multiple Vulnerabilities in VMware vCenter Update Manager 5.0 Severity: Category I - VMSKEY: V0031901 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Oracle Java XML digital signature spoofing attempt RuleID : 28157 - Type : BROWSER-PLUGINS - Revision : 3 |
| 2014-01-10 | Oracle Java MixerSequencer RMF MIDI structure handling exploit attempt RuleID : 23490 - Type : FILE-MULTIMEDIA - Revision : 8 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2016-06-10 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL48802597.nasl - Type: ACT_GATHER_INFO |
| 2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_esx_VMSA-2013-0012_remote.nasl - Type: ACT_GATHER_INFO |
| 2016-03-03 | Name: The remote VMware ESXi / ESX host is missing a security-related patch. File: vmware_VMSA-2012-0005_remote.nasl - Type: ACT_GATHER_INFO |
| 2015-09-14 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL16872.nasl - Type: ACT_GATHER_INFO |
| 2015-05-20 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2013-1256-1.nasl - Type: ACT_GATHER_INFO |
| 2015-05-20 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2013-1669-1.nasl - Type: ACT_GATHER_INFO |
| 2014-11-11 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2014-1818.nasl - Type: ACT_GATHER_INFO |
| 2014-11-11 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2014-1821.nasl - Type: ACT_GATHER_INFO |
| 2014-11-11 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2014-1822.nasl - Type: ACT_GATHER_INFO |
| 2014-11-08 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2013-1455.nasl - Type: ACT_GATHER_INFO |
| 2014-11-08 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2013-1793.nasl - Type: ACT_GATHER_INFO |
| 2014-11-08 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2014-0414.nasl - Type: ACT_GATHER_INFO |
| 2014-11-06 | Name: The remote host has a version of Java installed that is affected by multiple ... File: macosx_java_2014-001.nasl - Type: ACT_GATHER_INFO |
| 2014-11-03 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2014-436.nasl - Type: ACT_GATHER_INFO |
| 2014-10-02 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2014-193.nasl - Type: ACT_GATHER_INFO |
| 2014-10-01 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2014-1319.nasl - Type: ACT_GATHER_INFO |
| 2014-09-30 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2014-1319.nasl - Type: ACT_GATHER_INFO |
| 2014-09-30 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20140929_xerces_j2_on_SL6_x.nasl - Type: ACT_GATHER_INFO |
| 2014-09-30 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2014-1319.nasl - Type: ACT_GATHER_INFO |
| 2014-09-26 | Name: The remote Fedora host is missing a security update. File: fedora_2014-10626.nasl - Type: ACT_GATHER_INFO |
| 2014-09-26 | Name: The remote Fedora host is missing a security update. File: fedora_2014-10649.nasl - Type: ACT_GATHER_INFO |
| 2014-09-23 | Name: The remote Fedora host is missing a security update. File: fedora_2014-10617.nasl - Type: ACT_GATHER_INFO |
| 2014-08-22 | Name: The remote host is affected by multiple vulnerabilities. File: juniper_nsm_jsa10642.nasl - Type: ACT_GATHER_INFO |
| 2014-07-30 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2014-0675.nasl - Type: ACT_GATHER_INFO |
| 2014-07-30 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2014-0685.nasl - Type: ACT_GATHER_INFO |
