10 - GLSA-201401-30

Executive Summary

Summary
Title	Oracle JRE/JDK: Multiple vulnerabilities

Informations
Name	GLSA-201401-30	First vendor Publication	2014-01-27
Vendor	Gentoo	Last vendor Modification	2014-01-27
Severity (Vendor)	High	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact.

Background

The Oracle Java Development Kit (JDK) (formerly known as Sun JDK) and the Oracle Java Runtime Environment (JRE) (formerly known as Sun JRE)
provide the Oracle Java platform (formerly known as Sun Java Platform).

Description

Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details.

Impact

An unauthenticated, remote attacker could exploit these vulnerabilities to execute arbitrary code.
Furthermore, a local or remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code.

Workaround

There is no known workaround at this time.

Resolution

All Oracle JDK 1.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51"

All Oracle JRE 1.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51"

All users of the precompiled 32-bit Oracle JRE should upgrade to the latest version:
# emerge --sync
# emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51"

All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one of the newer Oracle packages like dev-java/oracle-jdk-bin or dev-java/oracle-jre-bin or choose another alternative we provide; eg.
the IBM JDK/JRE or the open source IcedTea.

NOTE: As Oracle has revoked the DLJ license for its Java implementation, the packages can no longer be updated automatically.

References

[ 1 ] CVE-2011-3563 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563
[ 2 ] CVE-2011-5035 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035
[ 3 ] CVE-2012-0497 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497
[ 4 ] CVE-2012-0498 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498
[ 5 ] CVE-2012-0499 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499
[ 6 ] CVE-2012-0500 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500
[ 7 ] CVE-2012-0501 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501
[ 8 ] CVE-2012-0502 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502
[ 9 ] CVE-2012-0503 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503
[ 10 ] CVE-2012-0504 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504
[ 11 ] CVE-2012-0505 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505
[ 12 ] CVE-2012-0506 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506
[ 13 ] CVE-2012-0507 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507
[ 14 ] CVE-2012-0547 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547
[ 15 ] CVE-2012-1531 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531
[ 16 ] CVE-2012-1532 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532
[ 17 ] CVE-2012-1533 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533
[ 18 ] CVE-2012-1541 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541
[ 19 ] CVE-2012-1682 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682
[ 20 ] CVE-2012-1711 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711
[ 21 ] CVE-2012-1713 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713
[ 22 ] CVE-2012-1716 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716
[ 23 ] CVE-2012-1717 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717
[ 24 ] CVE-2012-1718 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718
[ 25 ] CVE-2012-1719 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719
[ 26 ] CVE-2012-1721 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721
[ 27 ] CVE-2012-1722 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722
[ 28 ] CVE-2012-1723 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723
[ 29 ] CVE-2012-1724 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724
[ 30 ] CVE-2012-1725 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725
[ 31 ] CVE-2012-1726 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726
[ 32 ] CVE-2012-3136 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136
[ 33 ] CVE-2012-3143 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143
[ 34 ] CVE-2012-3159 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159
[ 35 ] CVE-2012-3174 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174
[ 36 ] CVE-2012-3213 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213
[ 37 ] CVE-2012-3216 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216
[ 38 ] CVE-2012-3342 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342
[ 39 ] CVE-2012-4416 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416
[ 40 ] CVE-2012-4681 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681
[ 41 ] CVE-2012-5067 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067
[ 42 ] CVE-2012-5068 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068
[ 43 ] CVE-2012-5069 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069
[ 44 ] CVE-2012-5070 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070
[ 45 ] CVE-2012-5071 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071
[ 46 ] CVE-2012-5072 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072
[ 47 ] CVE-2012-5073 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073
[ 48 ] CVE-2012-5074 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074
[ 49 ] CVE-2012-5075 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075
[ 50 ] CVE-2012-5076 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076
[ 51 ] CVE-2012-5077 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077
[ 52 ] CVE-2012-5079 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079
[ 53 ] CVE-2012-5081 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081
[ 54 ] CVE-2012-5083 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083
[ 55 ] CVE-2012-5084 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084
[ 56 ] CVE-2012-5085 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085
[ 57 ] CVE-2012-5086 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086
[ 58 ] CVE-2012-5087 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087
[ 59 ] CVE-2012-5088 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088
[ 60 ] CVE-2012-5089 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089
[ 61 ] CVE-2013-0169 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169
[ 62 ] CVE-2013-0351 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351
[ 63 ] CVE-2013-0401 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401
[ 64 ] CVE-2013-0402 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402
[ 65 ] CVE-2013-0409 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409
[ 66 ] CVE-2013-0419 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419
[ 67 ] CVE-2013-0422 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422
[ 68 ] CVE-2013-0423 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423
[ 69 ] CVE-2013-0430 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430
[ 70 ] CVE-2013-0437 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437
[ 71 ] CVE-2013-0438 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438
[ 72 ] CVE-2013-0445 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445
[ 73 ] CVE-2013-0446 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446
[ 74 ] CVE-2013-0448 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448
[ 75 ] CVE-2013-0449 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449
[ 76 ] CVE-2013-0809 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809
[ 77 ] CVE-2013-1473 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473
[ 78 ] CVE-2013-1479 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479
[ 79 ] CVE-2013-1481 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481
[ 80 ] CVE-2013-1484 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484
[ 81 ] CVE-2013-1485 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485
[ 82 ] CVE-2013-1486 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486
[ 83 ] CVE-2013-1487 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487
[ 84 ] CVE-2013-1488 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488
[ 85 ] CVE-2013-1491 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491
[ 86 ] CVE-2013-1493 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493
[ 87 ] CVE-2013-1500 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500
[ 88 ] CVE-2013-1518 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518
[ 89 ] CVE-2013-1537 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537
[ 90 ] CVE-2013-1540 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540
[ 91 ] CVE-2013-1557 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557
[ 92 ] CVE-2013-1558 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558
[ 93 ] CVE-2013-1561 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561
[ 94 ] CVE-2013-1563 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563
[ 95 ] CVE-2013-1564 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564
[ 96 ] CVE-2013-1569 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569
[ 97 ] CVE-2013-1571 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571
[ 98 ] CVE-2013-2383 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383
[ 99 ] CVE-2013-2384 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384
[ 100 ] CVE-2013-2394 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394
[ 101 ] CVE-2013-2400 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400
[ 102 ] CVE-2013-2407 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407
[ 103 ] CVE-2013-2412 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412
[ 104 ] CVE-2013-2414 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414
[ 105 ] CVE-2013-2415 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415
[ 106 ] CVE-2013-2416 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416
[ 107 ] CVE-2013-2417 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417
[ 108 ] CVE-2013-2418 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418
[ 109 ] CVE-2013-2419 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419
[ 110 ] CVE-2013-2420 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420
[ 111 ] CVE-2013-2421 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421
[ 112 ] CVE-2013-2422 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422
[ 113 ] CVE-2013-2423 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423
[ 114 ] CVE-2013-2424 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424
[ 115 ] CVE-2013-2425 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425
[ 116 ] CVE-2013-2426 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426
[ 117 ] CVE-2013-2427 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427
[ 118 ] CVE-2013-2428 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428
[ 119 ] CVE-2013-2429 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429
[ 120 ] CVE-2013-2430 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430
[ 121 ] CVE-2013-2431 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431
[ 122 ] CVE-2013-2432 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432
[ 123 ] CVE-2013-2433 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433
[ 124 ] CVE-2013-2434 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434
[ 125 ] CVE-2013-2435 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435
[ 126 ] CVE-2013-2436 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436
[ 127 ] CVE-2013-2437 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437
[ 128 ] CVE-2013-2438 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438
[ 129 ] CVE-2013-2439 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439
[ 130 ] CVE-2013-2440 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440
[ 131 ] CVE-2013-2442 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442
[ 132 ] CVE-2013-2443 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443
[ 133 ] CVE-2013-2444 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444
[ 134 ] CVE-2013-2445 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445
[ 135 ] CVE-2013-2446 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446
[ 136 ] CVE-2013-2447 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447
[ 137 ] CVE-2013-2448 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448
[ 138 ] CVE-2013-2449 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449
[ 139 ] CVE-2013-2450 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450
[ 140 ] CVE-2013-2451 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451
[ 141 ] CVE-2013-2452 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452
[ 142 ] CVE-2013-2453 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453
[ 143 ] CVE-2013-2454 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454
[ 144 ] CVE-2013-2455 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455
[ 145 ] CVE-2013-2456 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456
[ 146 ] CVE-2013-2457 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457
[ 147 ] CVE-2013-2458 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458
[ 148 ] CVE-2013-2459 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459
[ 149 ] CVE-2013-2460 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460
[ 150 ] CVE-2013-2461 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461
[ 151 ] CVE-2013-2462 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462
[ 152 ] CVE-2013-2463 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463
[ 153 ] CVE-2013-2464 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464
[ 154 ] CVE-2013-2465 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465
[ 155 ] CVE-2013-2466 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466
[ 156 ] CVE-2013-2467 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467
[ 157 ] CVE-2013-2468 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468
[ 158 ] CVE-2013-2469 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469
[ 159 ] CVE-2013-2470 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470
[ 160 ] CVE-2013-2471 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471
[ 161 ] CVE-2013-2472 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472
[ 162 ] CVE-2013-2473 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473
[ 163 ] CVE-2013-3743 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743
[ 164 ] CVE-2013-3744 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744
[ 165 ] CVE-2013-3829 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829
[ 166 ] CVE-2013-5772 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772
[ 167 ] CVE-2013-5774 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774
[ 168 ] CVE-2013-5775 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775
[ 169 ] CVE-2013-5776 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776
[ 170 ] CVE-2013-5777 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777
[ 171 ] CVE-2013-5778 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778
[ 172 ] CVE-2013-5780 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780
[ 173 ] CVE-2013-5782 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782
[ 174 ] CVE-2013-5783 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783
[ 175 ] CVE-2013-5784 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784
[ 176 ] CVE-2013-5787 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787
[ 177 ] CVE-2013-5788 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788
[ 178 ] CVE-2013-5789 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789
[ 179 ] CVE-2013-5790 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790
[ 180 ] CVE-2013-5797 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797
[ 181 ] CVE-2013-5800 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800
[ 182 ] CVE-2013-5801 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801
[ 183 ] CVE-2013-5802 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802
[ 184 ] CVE-2013-5803 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803
[ 185 ] CVE-2013-5804 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804
[ 186 ] CVE-2013-5805 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805
[ 187 ] CVE-2013-5806 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806
[ 188 ] CVE-2013-5809 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809
[ 189 ] CVE-2013-5810 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810
[ 190 ] CVE-2013-5812 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812
[ 191 ] CVE-2013-5814 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814
[ 192 ] CVE-2013-5817 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817
[ 193 ] CVE-2013-5818 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818
[ 194 ] CVE-2013-5819 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819
[ 195 ] CVE-2013-5820 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820
[ 196 ] CVE-2013-5823 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823
[ 197 ] CVE-2013-5824 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824
[ 198 ] CVE-2013-5825 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825
[ 199 ] CVE-2013-5829 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829
[ 200 ] CVE-2013-5830 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830
[ 201 ] CVE-2013-5831 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831
[ 202 ] CVE-2013-5832 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832
[ 203 ] CVE-2013-5838 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838
[ 204 ] CVE-2013-5840 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840
[ 205 ] CVE-2013-5842 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842
[ 206 ] CVE-2013-5843 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843
[ 207 ] CVE-2013-5844 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844
[ 208 ] CVE-2013-5846 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846
[ 209 ] CVE-2013-5848 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848
[ 210 ] CVE-2013-5849 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849
[ 211 ] CVE-2013-5850 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850
[ 212 ] CVE-2013-5851 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851
[ 213 ] CVE-2013-5852 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852
[ 214 ] CVE-2013-5854 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854
[ 215 ] CVE-2013-5870 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870
[ 216 ] CVE-2013-5878 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878
[ 217 ] CVE-2013-5887 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887
[ 218 ] CVE-2013-5888 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888
[ 219 ] CVE-2013-5889 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889
[ 220 ] CVE-2013-5893 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893
[ 221 ] CVE-2013-5895 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895
[ 222 ] CVE-2013-5896 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896
[ 223 ] CVE-2013-5898 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898
[ 224 ] CVE-2013-5899 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899
[ 225 ] CVE-2013-5902 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902
[ 226 ] CVE-2013-5904 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904
[ 227 ] CVE-2013-5905 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905
[ 228 ] CVE-2013-5906 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906
[ 229 ] CVE-2013-5907 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907
[ 230 ] CVE-2013-5910 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910
[ 231 ] CVE-2014-0368 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368
[ 232 ] CVE-2014-0373 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373
[ 233 ] CVE-2014-0375 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375
[ 234 ] CVE-2014-0376 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376
[ 235 ] CVE-2014-0382 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382
[ 236 ] CVE-2014-0385 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385
[ 237 ] CVE-2014-0387 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387
[ 238 ] CVE-2014-0403 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403
[ 239 ] CVE-2014-0408 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408
[ 240 ] CVE-2014-0410 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410
[ 241 ] CVE-2014-0411 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411
[ 242 ] CVE-2014-0415 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415
[ 243 ] CVE-2014-0416 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416
[ 244 ] CVE-2014-0417 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417
[ 245 ] CVE-2014-0418 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418
[ 246 ] CVE-2014-0422 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422
[ 247 ] CVE-2014-0423 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423
[ 248 ] CVE-2014-0424 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424
[ 249 ] CVE-2014-0428 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201401-30.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201401-30.xml

CWE : Common Weakness Enumeration

%	Id	Name
33 %	CWE-94	Failure to Control Generation of Code ('Code Injection')
22 %	CWE-264	Permissions, Privileges, and Access Controls
22 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
11 %	CWE-310	Cryptographic Issues
11 %	CWE-20	Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:13976

Oval ID:	oval:org.mitre.oval:def:13976
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-0505	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update34 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update34 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:14082

Oval ID:	oval:org.mitre.oval:def:14082
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to CORBA.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to CORBA.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-0506	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update34 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update34 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:14772

Oval ID:	oval:org.mitre.oval:def:14772
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-0497	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:14813

Oval ID:	oval:org.mitre.oval:def:14813
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to I18n.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to I18n.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-0503	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update34 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update34 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:14844

Oval ID:	oval:org.mitre.oval:def:14844
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and JavaFX 2.0.2 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and JavaFX 2.0.2 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-0500	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 AND Java SE Runtime Environment 6 is installed

Definition Id: oval:org.mitre.oval:def:14878

Oval ID:	oval:org.mitre.oval:def:14878
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier; and JavaFX 2.0.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier; and JavaFX 2.0.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-0499	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update34 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update34 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:14890

Oval ID:	oval:org.mitre.oval:def:14890
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install and the Java Update mechanism.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install and the Java Update mechanism.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-0504	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:14900

Oval ID:	oval:org.mitre.oval:def:14900
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and availability, related to AWT.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and availability, related to AWT.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-0502	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update34 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update34 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:14942

Oval ID:	oval:org.mitre.oval:def:14942
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Sound.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Sound.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-3563	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update34 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update34 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:15069

Oval ID:	oval:org.mitre.oval:def:15069
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect availability via unknown vectors.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect availability via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-0501	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update34 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update34 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:15075

Oval ID:	oval:org.mitre.oval:def:15075
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-0498	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update34 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update34 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:15259

Oval ID:	oval:org.mitre.oval:def:15259
Title:	DSA-2420-1 openjdk-6 -- several
Description:	Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform. CVE-2011-3377 The Iced Tea browser plugin included in the openjdk-6 package does not properly enforce the Same Origin Policy on web content served under a domain name which has a common suffix with the required domain name. CVE-2011-3563 The Java Sound component did not properly check for array boundaries. A malicious input or an untrusted Java application or applet could use this flaw to cause Java Virtual Machine to crash or disclose portion of its memory. CVE-2011-5035 The OpenJDK embedded web server did not guard against an excessive number of a request parameters, leading to a denial of service vulnerability involving hash collisions. CVE-2012-0497 It was discovered that Java2D did not properly check graphics rendering objects before passing them to the native renderer. This could lead to JVM crash or Java sandbox bypass. CVE-2012-0501 The ZIP central directory parser used by java.util.zip.ZipFile entered an infinite recursion in native code when processing a crafted ZIP file, leading to a denial of service. CVE-2012-0502 A flaw was found in the AWT KeyboardFocusManager class that could allow untrusted Java applets to acquire keyboard focus and possibly steal sensitive information. CVE-2012-0503 The java.util.TimeZone.setDefault method lacked a security manager invocation, allowing an untrusted Java application or applet to set a new default time zone. CVE-2012-0505 The Java serialization code leaked references to serialization exceptions, possibly leaking critical objects to untrusted code in Java applets and applications. CVE-2012-0506 It was discovered that CORBA implementation in Java did not properly protect repository identifiers on certain Corba objects. This could have been used to perform modification of the data that should have been immutable. CVE-2012-0507 The AtomicReferenceArray class implementation did not properly check if the array is of an expected Object[] type. A malicious Java application or applet could use this flaw to cause Java Virtual Machine to crash or bypass Java sandbox restrictions
Family:	unix	Class:	patch
Reference(s):	DSA-2420-1 CVE-2011-3377 CVE-2011-3563 CVE-2011-5035 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	openjdk-6
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND Installed architecture is all AND openjdk-6 DPKG is earlier than 6b18-1.8.13-0+squeeze1

Definition Id: oval:org.mitre.oval:def:15326

Oval ID:	oval:org.mitre.oval:def:15326
Title:	USN-1373-1 -- OpenJDK 6 vulnerabilities
Description:	openjdk-6: Open Source Java implementation Multiple OpenJDK 6 vulnerabilities have been fixed.
Family:	unix	Class:	patch
Reference(s):	USN-1373-1 CVE-2011-5035 CVE-2011-3563 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507	Version:	5
Platform(s):	Ubuntu 11.04 Ubuntu 11.10 Ubuntu 10.04 Ubuntu 10.10	Product(s):	OpenJDK
Definition Synopsis:
Release section Ubuntu 11.04 is installed AND Installed architecture is all AND Packages section openjdk-6-jre-headless DPKG is earlier than 6b22-1.10.6-0ubuntu1 AND icedtea-6-jre-cacao DPKG is earlier than 6b22-1.10.6-0ubuntu1 AND icedtea-6-jre-jamvm DPKG is earlier than 6b22-1.10.6-0ubuntu1 AND openjdk-6-jre-lib DPKG is earlier than 6b22-1.10.6-0ubuntu1 AND openjdk-6-jre-zero DPKG is earlier than 6b22-1.10.6-0ubuntu1 AND openjdk-6-jre DPKG is earlier than 6b22-1.10.6-0ubuntu1 OR Release section Ubuntu 11.10 is installed AND Installed architecture is all AND Packages section openjdk-6-jre-headless DPKG is earlier than 6b23~pre11-0ubuntu1.11.10.2 AND icedtea-6-jre-cacao DPKG is earlier than 6b23~pre11-0ubuntu1.11.10.2 AND icedtea-6-jre-jamvm DPKG is earlier than 6b23~pre11-0ubuntu1.11.10.2 AND openjdk-6-jre-lib DPKG is earlier than 6b23~pre11-0ubuntu1.11.10.2 AND openjdk-6-jre-zero DPKG is earlier than 6b23~pre11-0ubuntu1.11.10.2 AND openjdk-6-jre DPKG is earlier than 6b23~pre11-0ubuntu1.11.10.2 OR Release section Ubuntu 10.04 is installed AND Installed architecture is all AND Packages section openjdk-6-jre-headless DPKG is earlier than 6b20-1.9.13-0ubuntu1~10.04.1 AND openjdk-6-jre-lib DPKG is earlier than 6b20-1.9.13-0ubuntu1~10.04.1 AND icedtea-6-jre-cacao DPKG is earlier than 6b20-1.9.13-0ubuntu1~10.04.1 AND openjdk-6-jre-zero DPKG is earlier than 6b20-1.9.13-0ubuntu1~10.04.1 AND openjdk-6-jre DPKG is earlier than 6b20-1.9.13-0ubuntu1~10.04.1 OR Release section Ubuntu 10.10 is installed AND Installed architecture is all AND Packages section openjdk-6-jre-headless DPKG is earlier than 6b20-1.9.13-0ubuntu1~10.10.1 AND openjdk-6-jre-lib DPKG is earlier than 6b20-1.9.13-0ubuntu1~10.10.1 AND icedtea-6-jre-cacao DPKG is earlier than 6b20-1.9.13-0ubuntu1~10.10.1 AND openjdk-6-jre-zero DPKG is earlier than 6b20-1.9.13-0ubuntu1~10.10.1 AND openjdk-6-jre DPKG is earlier than 6b20-1.9.13-0ubuntu1~10.10.1

Definition Id: oval:org.mitre.oval:def:15473

Oval ID:	oval:org.mitre.oval:def:15473
Title:	USN-1373-2 -- OpenJDK 6 (ARM) vulnerabilities
Description:	openjdk-6b18: Open Source Java implementation Details: USN 1373-1 fixed vulnerabilities in OpenJDK 6 in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04 for all architectures except for ARM . This provides the corresponding OpenJDK 6 update for use with the ARM architecture in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. Original advisory Multiple vulnerabilities in OpenJDK 6 for the ARM architecture have been fixed.
Family:	unix	Class:	patch
Reference(s):	USN-1373-2 CVE-2011-5035 CVE-2011-3563 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507	Version:	5
Platform(s):	Ubuntu 11.04 Ubuntu 10.04 Ubuntu 10.10	Product(s):	OpenJDK
Definition Synopsis:
Release section Ubuntu 11.04 is installed AND Installed architecture is all AND Packages section openjdk-6-jre-headless DPKG is earlier than 6b18-1.8.13-0ubuntu1~11.04.1 AND openjdk-6-jre-zero DPKG is earlier than 6b18-1.8.13-0ubuntu1~11.04.1 AND icedtea-6-jre-cacao DPKG is earlier than 6b18-1.8.13-0ubuntu1~11.04.1 AND openjdk-6-jre DPKG is earlier than 6b18-1.8.13-0ubuntu1~11.04.1 AND icedtea-6-jre-jamvm DPKG is earlier than 6b18-1.8.13-0ubuntu1~11.04.1 OR Release section Ubuntu 10.04 is installed AND Installed architecture is all AND Packages section openjdk-6-jre-headless DPKG is earlier than 6b18-1.8.13-0ubuntu1~10.04.1 AND icedtea-6-jre-cacao DPKG is earlier than 6b18-1.8.13-0ubuntu1~10.04.1 AND openjdk-6-jre-zero DPKG is earlier than 6b18-1.8.13-0ubuntu1~10.04.1 AND openjdk-6-jre DPKG is earlier than 6b18-1.8.13-0ubuntu1~10.04.1 OR Release section Ubuntu 10.10 is installed AND Installed architecture is all AND Packages section openjdk-6-jre-headless DPKG is earlier than 6b18-1.8.13-0ubuntu1~10.10.1 AND icedtea-6-jre-cacao DPKG is earlier than 6b18-1.8.13-0ubuntu1~10.10.1 AND openjdk-6-jre-zero DPKG is earlier than 6b18-1.8.13-0ubuntu1~10.10.1 AND openjdk-6-jre DPKG is earlier than 6b18-1.8.13-0ubuntu1~10.10.1

Definition Id: oval:org.mitre.oval:def:15708

Oval ID:	oval:org.mitre.oval:def:15708
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before and JavaFX 2.2.7 and before. Very difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageReader state corruption" when using native code.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2430	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than or equal to 2.2.7 IF Determine if the version of JavaFX is less than or equal to 2.2.7 AND Determine if the version of JavaFX is less than 2.2.7 (JRE 1.7.0:update_7 and later) AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:15728

Oval ID:	oval:org.mitre.oval:def:15728
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before and JavaFX 2.2.7 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Heap-based buffer overflow in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via unspecified vectors related to JavaFX, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0402	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than or equal to 2.2.7 IF Determine if the version of JavaFX is less than or equal to 2.2.7 AND Determine if the version of JavaFX is less than 2.2.7 (JRE 1.7.0:update_7 and later) AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:15923

Oval ID:	oval:org.mitre.oval:def:15923
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Security) 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect availability via unknown vectors related to Security.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect availability via unknown vectors related to Security.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1718	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.4.2:update_38 and is greater than or equal to 1.4.0 Determine if the version of Java Runtime Environment is less than 1.4.2:update_38 AND Java SE Runtime Environment 4 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_36 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_36 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:15996

Oval ID:	oval:org.mitre.oval:def:15996
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: CORBA) 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to CORBA.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to CORBA.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1711	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.4.2:update_38 and is greater than or equal to 1.4.0 Determine if the version of Java Runtime Environment is less than 1.4.2:update_38 AND Java SE Runtime Environment 4 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_36 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_36 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16011

Oval ID:	oval:org.mitre.oval:def:16011
Title:	Vulnerability in the Java Runtime Environment component of Oracle Java SE (subcomponent: JAX-WS) 7 Update 17 and before. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized read access to a subset of Java Runtime Environment accessible data.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows local users to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "processing of MTOM attachments" and the creation of temporary files with weak permissions.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2415	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16043

Oval ID:	oval:org.mitre.oval:def:16043
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5081	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.4.2:update_39 and is greater than or equal to 1.4.0 Determine if the version of Java Runtime Environment is less than 1.4.2:update_39 AND Java SE Runtime Environment 4 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16055

Oval ID:	oval:org.mitre.oval:def:16055
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5067	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16074

Oval ID:	oval:org.mitre.oval:def:16074
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 through Update 11 and 6 through Update 38 allows remote attackers to affect integrity via unknown vectors related to Deployment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect integrity via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1473	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16093

Oval ID:	oval:org.mitre.oval:def:16093
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, related to JMX.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, related to JMX.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5070	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16147

Oval ID:	oval:org.mitre.oval:def:16147
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before and JavaFX 2.2.7 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized read access to a subset of Java Runtime Environment accessible data.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1564	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than or equal to 2.2.7 IF Determine if the version of JavaFX is less than or equal to 2.2.7 AND Determine if the version of JavaFX is less than 2.2.7 (JRE 1.7.0:update_7 and later) AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:16162

Oval ID:	oval:org.mitre.oval:def:16162
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before and JavaFX 2.2.7 and before. Very difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2432 and CVE-2013-1491.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2394	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than or equal to 2.2.7 IF Determine if the version of JavaFX is less than or equal to 2.2.7 AND Determine if the version of JavaFX is less than 2.2.7 (JRE 1.7.0:update_7 and later) AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:16168

Oval ID:	oval:org.mitre.oval:def:16168
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Swing) 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1716	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_36 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_36 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16201

Oval ID:	oval:org.mitre.oval:def:16201
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before and JavaFX 2.2.7 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2434	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of JavaFX is less than or equal to 2.2.7 IF Determine if the version of JavaFX is less than or equal to 2.2.7 AND Determine if the version of JavaFX is less than 2.2.7 (JRE 1.7.0:update_7 and later) AND JavaFX 2.x is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16213

Oval ID:	oval:org.mitre.oval:def:16213
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2440.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2435	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16214

Oval ID:	oval:org.mitre.oval:def:16214
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1721.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1721.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1722	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16227

Oval ID:	oval:org.mitre.oval:def:16227
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5071	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16247

Oval ID:	oval:org.mitre.oval:def:16247
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0419	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16258

Oval ID:	oval:org.mitre.oval:def:16258
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect MethodHandle lookups, which allows remote attackers to bypass Java sandbox restrictions.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2421	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16259

Oval ID:	oval:org.mitre.oval:def:16259
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Hotspot) 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1723	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.4.2:update_38 and is greater than or equal to 1.4.0 Determine if the version of Java Runtime Environment is less than 1.4.2:update_38 AND Java SE Runtime Environment 4 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_36 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_36 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16264

Oval ID:	oval:org.mitre.oval:def:16264
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Libraries) 7 through Update 11 allows remote attackers to affect integrity via unknown vectors related to Libraries.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows remote attackers to affect integrity via unknown vectors related to Libraries.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0448	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16287

Oval ID:	oval:org.mitre.oval:def:16287
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-3342	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16297

Oval ID:	oval:org.mitre.oval:def:16297
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data as well as read access to a subset of Java Runtime Environment accessible data.
Description:	The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0401	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16311

Oval ID:	oval:org.mitre.oval:def:16311
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality via vectors related to CORBA.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly enforce access restrictions for CORBA output streams.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2446	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16312

Oval ID:	oval:org.mitre.oval:def:16312
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: CORBA) 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect integrity, related to CORBA.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect integrity, related to CORBA.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1719	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.4.2:update_38 and is greater than or equal to 1.4.0 Determine if the version of Java Runtime Environment is less than 1.4.2:update_38 AND Java SE Runtime Environment 4 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_36 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_36 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16314

Oval ID:	oval:org.mitre.oval:def:16314
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java Runtime Environment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality via vectors related to JMX. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient class access checks" when "creating new instances" using MBeanInstantiator.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2424	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16333

Oval ID:	oval:org.mitre.oval:def:16333
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2433.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1540	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16353

Oval ID:	oval:org.mitre.oval:def:16353
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0446	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16358

Oval ID:	oval:org.mitre.oval:def:16358
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1722.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1722.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1721	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16384

Oval ID:	oval:org.mitre.oval:def:16384
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from a third party that the issue is due to an interaction error in between the JRE plug-in for WebKit-based browsers and the Javascript engine, which allows remote attackers to execute arbitrary code by modifying DOM nodes that contain applet elements in a way that triggers an incorrect reference count and a use after free.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1541	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16387

Oval ID:	oval:org.mitre.oval:def:16387
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5086	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16389

Oval ID:	oval:org.mitre.oval:def:16389
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, and CVE-2013-2473.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2464	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16410

Oval ID:	oval:org.mitre.oval:def:16410
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to bypassing the Java sandbox using "method handle intrinsic frames."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2431	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16416

Oval ID:	oval:org.mitre.oval:def:16416
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before and JavaFX 2.2.7 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2414, and CVE-2013-2427.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2428	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than or equal to 2.2.7 IF Determine if the version of JavaFX is less than or equal to 2.2.7 AND Determine if the version of JavaFX is less than 2.2.7 (JRE 1.7.0:update_7 and later) AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:16430

Oval ID:	oval:org.mitre.oval:def:16430
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Sound) 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1481	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.4.2:update_41 and is greater than or equal to 1.4.0 Determine if the version of Java Runtime Environment is less than 1.4.2:update_41 AND Java SE Runtime Environment 4 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_39 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_39 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 AND Java SE Runtime Environment 6 is installed

Definition Id: oval:org.mitre.oval:def:16444

Oval ID:	oval:org.mitre.oval:def:16444
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data as well as read access to a subset of Java Runtime Environment accessible data and ability to cause a partial denial of service (partial DOS) of Java Runtime Environment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2418	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16446

Oval ID:	oval:org.mitre.oval:def:16446
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java Runtime Environment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to Networking. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an information leak involving InetAddress serialization. CVE has not investigated the apparent discrepancy between vendor reports regarding the impact of this issue.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2417	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16454

Oval ID:	oval:org.mitre.oval:def:16454
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before and 6 Update 43 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-1540.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2433	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16464

Oval ID:	oval:org.mitre.oval:def:16464
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2416	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16466

Oval ID:	oval:org.mitre.oval:def:16466
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5073	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.4.2:update_39 and is greater than or equal to 1.4.0 Determine if the version of Java Runtime Environment is less than 1.4.2:update_39 AND Java SE Runtime Environment 4 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than or equal to 2.2 Determine if the version of JavaFX is less than or equal to 2.2 AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:16471

Oval ID:	oval:org.mitre.oval:def:16471
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2425	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16476

Oval ID:	oval:org.mitre.oval:def:16476
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0423	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16481

Oval ID:	oval:org.mitre.oval:def:16481
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before and JavaFX 2.2.7 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized read access to a subset of Java Runtime Environment accessible data.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to JavaFX.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1561	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than or equal to 2.2.7 IF Determine if the version of JavaFX is less than or equal to 2.2.7 AND Determine if the version of JavaFX is less than 2.2.7 (JRE 1.7.0:update_7 and later) AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:16492

Oval ID:	oval:org.mitre.oval:def:16492
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: 2D) 7 through Update 11 and JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0437	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of JavaFX is less than 2.2.5 IF Determine if the version of JavaFX is less than 2.2.5 AND Determine if the version of JavaFX is less than 2.2.5 (JDK 1.7.0:update_7 and later) AND JavaFX 2.x is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16502

Oval ID:	oval:org.mitre.oval:def:16502
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: 2D) 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1713	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of JavaFX is less than 2.2 Determine if the version of JavaFX is less than 2.2 AND JavaFX 2.x is installed OR Determine if the version of Java Runtime Environment is less than 1.4.2:update_38 and is greater than or equal to 1.4.0 Determine if the version of Java Runtime Environment is less than 1.4.2:update_38 AND Java SE Runtime Environment 4 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_36 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_36 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16506

Oval ID:	oval:org.mitre.oval:def:16506
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5089	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16508

Oval ID:	oval:org.mitre.oval:def:16508
Title:	DEPRECATED: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Java Runtime Environment) 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1717	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.4.2:update_38 and is greater than or equal to 1.4.0 Determine if the version of Java Runtime Environment is less than 1.4.2:update_38 AND Java SE Runtime Environment 4 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_36 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_36 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16511

Oval ID:	oval:org.mitre.oval:def:16511
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as demonstrated by James Forshaw during a Pwn2Own competition at CanSecWest 2013.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1488	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16512

Oval ID:	oval:org.mitre.oval:def:16512
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Scripting) 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-3213	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16513

Oval ID:	oval:org.mitre.oval:def:16513
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Hotspot) 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1725	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_36 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_36 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16522

Oval ID:	oval:org.mitre.oval:def:16522
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Security.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Security.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5072	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16527

Oval ID:	oval:org.mitre.oval:def:16527
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java Runtime Environment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font processing errors" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2419	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16530

Oval ID:	oval:org.mitre.oval:def:16530
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: JMX) 7 through Update 11, 6 through Update 38, and 5.0 through Update 38 allows remote attackers to affect confidentiality via vectors related to JMX.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38 allows remote attackers to affect confidentiality via vectors related to JMX.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0409	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_39 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_39 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16531

Oval ID:	oval:org.mitre.oval:def:16531
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: JavaFX) 7 through Update 11, 6 through Update 38, and JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1479	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of JavaFX is less than 2.2.5 IF Determine if the version of JavaFX is less than 2.2.5 AND Determine if the version of JavaFX is less than 2.2.5 (JDK 1.7.0:update_7 and later) AND JavaFX 2.x is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16533

Oval ID:	oval:org.mitre.oval:def:16533
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5068	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16536

Oval ID:	oval:org.mitre.oval:def:16536
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before and JavaFX 2.2.7 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2414, and CVE-2013-2428.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2427	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than or equal to 2.2.7 IF Determine if the version of JavaFX is less than or equal to 2.2.7 AND Determine if the version of JavaFX is less than 2.2.7 (JRE 1.7.0:update_7 and later) AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:16538

Oval ID:	oval:org.mitre.oval:def:16538
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-3216	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.4.2:update_39 and is greater than or equal to 1.4.0 Determine if the version of Java Runtime Environment is less than 1.4.2:update_39 AND Java SE Runtime Environment 4 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16540

Oval ID:	oval:org.mitre.oval:def:16540
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-1488 and CVE-2013-2426. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "type checks" and "method handle binding" involving Wrapper.convert.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2436	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16543

Oval ID:	oval:org.mitre.oval:def:16543
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1558	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16544

Oval ID:	oval:org.mitre.oval:def:16544
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.2_38 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.2_38 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5083	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.4.2:update_39 and is greater than or equal to 1.4.0 Determine if the version of Java Runtime Environment is less than 1.4.2:update_39 AND Java SE Runtime Environment 4 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than or equal to 2.2 Determine if the version of JavaFX is less than or equal to 2.2 AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:16545

Oval ID:	oval:org.mitre.oval:def:16545
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to a missing check for "package access" by the MBeanServer Introspector.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2453	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16546

Oval ID:	oval:org.mitre.oval:def:16546
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1531	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.4.2:update_39 and is greater than or equal to 1.4.0 Determine if the version of Java Runtime Environment is less than 1.4.2:update_39 AND Java SE Runtime Environment 4 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than or equal to 2.2 Determine if the version of JavaFX is less than or equal to 2.2 AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:16549

Oval ID:	oval:org.mitre.oval:def:16549
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5 Update 41 and earlier can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data as well as read access to a subset of Java Runtime Environment accessible data.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2383, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font layout" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2384	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16553

Oval ID:	oval:org.mitre.oval:def:16553
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5084	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.4.2:update_39 and is greater than or equal to 1.4.0 Determine if the version of Java Runtime Environment is less than 1.4.2:update_39 AND Java SE Runtime Environment 4 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16556

Oval ID:	oval:org.mitre.oval:def:16556
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier and 6 Update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier and 6 Update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1532	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16560

Oval ID:	oval:org.mitre.oval:def:16560
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5087	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16561

Oval ID:	oval:org.mitre.oval:def:16561
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper method-invocation restrictions by the MethodUtil trampoline class, which allows remote attackers to bypass the Java sandbox.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2422	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16564

Oval ID:	oval:org.mitre.oval:def:16564
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5 Update 41 and earlier can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data as well as read access to a subset of Java Runtime Environment accessible data.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "handling of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2383	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16578

Oval ID:	oval:org.mitre.oval:def:16578
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the default java.rmi.server.useCodebaseOnly setting of false, which allows remote attackers to perform "dynamic class downloading" and execute arbitrary code.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1537	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16580

Oval ID:	oval:org.mitre.oval:def:16580
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "network address handling in virtual machine identifiers" and the lack of "unique and unpredictable IDs" in the java.rmi.dgc.VMID class.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2452	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16582

Oval ID:	oval:org.mitre.oval:def:16582
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0438	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16585

Oval ID:	oval:org.mitre.oval:def:16585
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Security.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Security.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5077	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.4.2:update_39 and is greater than or equal to 1.4.0 Determine if the version of Java Runtime Environment is less than 1.4.2:update_39 AND Java SE Runtime Environment 4 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16586

Oval ID:	oval:org.mitre.oval:def:16586
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2440	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16597

Oval ID:	oval:org.mitre.oval:def:16597
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before and 5.0 Update 41 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient "validation of images" in share/native/sun/awt/image/awt_ImageRep.c, possibly involving offsets.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2420	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16600

Oval ID:	oval:org.mitre.oval:def:16600
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Install) 7 through Update 11 and 6 through Update 38, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the installation process of the client.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the installation process of the client.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0430	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16602

Oval ID:	oval:org.mitre.oval:def:16602
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5079	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.4.2:update_39 and is greater than or equal to 1.4.0 Determine if the version of Java Runtime Environment is less than 1.4.2:update_39 AND Java SE Runtime Environment 4 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16605

Oval ID:	oval:org.mitre.oval:def:16605
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5088	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16610

Oval ID:	oval:org.mitre.oval:def:16610
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 through Update 11 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0449	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16611

Oval ID:	oval:org.mitre.oval:def:16611
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before and JavaFX 2.2.7 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2394 and CVE-2013-1491.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2432	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than or equal to 2.2.7 IF Determine if the version of JavaFX is less than or equal to 2.2.7 AND Determine if the version of JavaFX is less than 2.2.7 (JRE 1.7.0:update_7 and later) AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:16615

Oval ID:	oval:org.mitre.oval:def:16615
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-3159	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16617

Oval ID:	oval:org.mitre.oval:def:16617
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2437	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16618

Oval ID:	oval:org.mitre.oval:def:16618
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized read access to a subset of Java Runtime Environment accessible data.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2438	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16623

Oval ID:	oval:org.mitre.oval:def:16623
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Hotspot.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Hotspot.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-4416	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16641

Oval ID:	oval:org.mitre.oval:def:16641
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JAX-WS.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5076	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16648

Oval ID:	oval:org.mitre.oval:def:16648
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1533	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16654

Oval ID:	oval:org.mitre.oval:def:16654
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5085	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.4.2:update_39 and is greater than or equal to 1.4.0 Determine if the version of Java Runtime Environment is less than 1.4.2:update_39 AND Java SE Runtime Environment 4 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16659

Oval ID:	oval:org.mitre.oval:def:16659
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: JAXP) 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect availability, related to JAXP.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect availability, related to JAXP.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1724	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_33 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16663

Oval ID:	oval:org.mitre.oval:def:16663
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before and JavaFX 2.2.7 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via vectors related to 2D, as demonstrated by Joshua Drake during a Pwn2Own competition at CanSecWest 2013.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1491	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than or equal to 2.2.7 IF Determine if the version of JavaFX is less than or equal to 2.2.7 AND Determine if the version of JavaFX is less than 2.2.7 (JRE 1.7.0:update_7 and later) AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:16667

Oval ID:	oval:org.mitre.oval:def:16667
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before and JavaFX 2.2.7 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2427, and CVE-2013-2428.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2414	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than or equal to 2.2.7 IF Determine if the version of JavaFX is less than or equal to 2.2.7 AND Determine if the version of JavaFX is less than 2.2.7 (JRE 1.7.0:update_7 and later) AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:16668

Oval ID:	oval:org.mitre.oval:def:16668
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality and integrity, related to JAX-WS.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5074	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16680

Oval ID:	oval:org.mitre.oval:def:16680
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: AWT) 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0445	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_39 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_39 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16683

Oval ID:	oval:org.mitre.oval:def:16683
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before.Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect invocation of the defaultReadObject method in the ConcurrentHashMap class, which allows remote attackers to bypass the Java sandbox.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2426	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16684

Oval ID:	oval:org.mitre.oval:def:16684
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5075	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16685

Oval ID:	oval:org.mitre.oval:def:16685
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5069	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16686

Oval ID:	oval:org.mitre.oval:def:16686
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-3143	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_37 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_35 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_7 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16688

Oval ID:	oval:org.mitre.oval:def:16688
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "missing security restrictions" in the LogStream.setDefaultStream method.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1557	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16697

Oval ID:	oval:org.mitre.oval:def:16697
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5 Update 41 and earlier can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data as well as read access to a subset of Java Runtime Environment accessible data.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "checking of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1569	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16699

Oval ID:	oval:org.mitre.oval:def:16699
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Libraries) 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1726	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_5 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16700

Oval ID:	oval:org.mitre.oval:def:16700
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from the original researcher that this vulnerability allows remote attackers to bypass permission checks by the MethodHandles method and modify arbitrary public final fields using reflection and type confusion, as demonstrated using integer and double fields to disable the security manager.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2423	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16702

Oval ID:	oval:org.mitre.oval:def:16702
Title:	Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "missing security restrictions."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1518	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_42 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_43 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16703

Oval ID:	oval:org.mitre.oval:def:16703
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0351	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_12 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16712

Oval ID:	oval:org.mitre.oval:def:16712
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ShortBandedRaster size checks" in 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2472	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16770

Oval ID:	oval:org.mitre.oval:def:16770
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Networking.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to obtain a socket's local address via vectors involving inconsistencies between Socket.getLocalAddress and InetAddress.getLocalHost.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2447	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16803

Oval ID:	oval:org.mitre.oval:def:16803
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2466 and CVE-2013-2468.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2442	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16806

Oval ID:	oval:org.mitre.oval:def:16806
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "ImagingLib byte lookup processing."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2470	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16840

Oval ID:	oval:org.mitre.oval:def:16840
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect IntegerComponentRaster size checks."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2471	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16851

Oval ID:	oval:org.mitre.oval:def:16851
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, 5.0 Update 45 and earlier, and JavaFX 2.2.21 and earlier allows remote attackers to affect availability via vectors related to AWT.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not "properly manage and restrict certain resources related to the processing of fonts," possibly involving temporary files.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2444	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than or equal to 2.2.21 Determine if the version of JavaFX is less than or equal to 2.2.21 Determine if the version of JavaFX is less than or equal to 2.2.21 AND Determine if the version of JavaFX is less than or equal to 2.2.21 (JRE 1.7.0:update_6 and later) AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:16887

Oval ID:	oval:org.mitre.oval:def:16887
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June and July 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass verification of XML signatures via vectors related to a "Missing check for [a] valid DOMCanonicalizationMethod canonicalization algorithm."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2461	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16899

Oval ID:	oval:org.mitre.oval:def:16899
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-3744.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2400	Version:	6
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:16908

Oval ID:	oval:org.mitre.oval:def:16908
Title:	Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container). Supported versions that are affected are 9.2.4, 10.0.2, 10.3.5, 10.3.6 and 12.1.1. Easily exploitable vulnerability allows successful unauthenticated network attacks via HTTP. Successful attack of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server
Description:	Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-5035	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Oracle WebLogic Server
Definition Synopsis:
Oracle WebLogic Server is installed Check if the version of Oracle WebLogic Server is 9.2.4, 10.0.2, 10.3.5.0, 10.3.6, 12.1.1 Check if the version of Oracle WebLogic Server is 9.2.4 AND Check if the version of Oracle WebLogic Server is 10.0.2 AND Check if the version of Oracle WebLogic Server is 10.3.5.0 AND Check if the version of Oracle WebLogic Server is 10.3.6 AND Check if the version of Oracle WebLogic Server is 12.1.1

Definition Id: oval:org.mitre.oval:def:16982

Oval ID:	oval:org.mitre.oval:def:16982
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2442 and CVE-2013-2468.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2466	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17014

Oval ID:	oval:org.mitre.oval:def:17014
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 5.0 Update 45 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Java installer.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 5.0 Update 45 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Java installer.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2467	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed

Definition Id: oval:org.mitre.oval:def:17042

Oval ID:	oval:org.mitre.oval:def:17042
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image layout verification" in 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2469	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17052

Oval ID:	oval:org.mitre.oval:def:17052
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to insufficient "access restrictions" and "robustness of sound classes."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2448	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17069

Oval ID:	oval:org.mitre.oval:def:17069
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via "an error related to method handles."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2458	Version:	7
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17090

Oval ID:	oval:org.mitre.oval:def:17090
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect availability via unknown vectors related to Hotspot.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Hotspot. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "handling of memory allocation errors."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2445	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17098

Oval ID:	oval:org.mitre.oval:def:17098
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Serviceability.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient indication of an SSL connection failure by JConsole, related to RMI connection dialog box.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2412	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17106

Oval ID:	oval:org.mitre.oval:def:17106
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2465	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17116

Oval ID:	oval:org.mitre.oval:def:17116
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "insufficient access checks" in the tracing component.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2460	Version:	7
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17149

Oval ID:	oval:org.mitre.oval:def:17149
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image attribute verification" in 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2463	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17176

Oval ID:	oval:org.mitre.oval:def:17176
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect availability via unknown vectors related to Serialization.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper handling of circular references in ObjectStreamClass.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2450	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17180

Oval ID:	oval:org.mitre.oval:def:17180
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2400.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-3744	Version:	6
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17181

Oval ID:	oval:org.mitre.oval:def:17181
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "integer overflow checks."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2459	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17189

Oval ID:	oval:org.mitre.oval:def:17189
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2473	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17192

Oval ID:	oval:org.mitre.oval:def:17192
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to GnomeFileTypeDetector and a missing check for read permissions for a path.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2449	Version:	7
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17195

Oval ID:	oval:org.mitre.oval:def:17195
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "XML security and the class loader."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2407	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17202

Oval ID:	oval:org.mitre.oval:def:17202
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-3743	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed

Definition Id: oval:org.mitre.oval:def:17206

Oval ID:	oval:org.mitre.oval:def:17206
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2442 and CVE-2013-2466.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2468	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17214

Oval ID:	oval:org.mitre.oval:def:17214
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2452. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect access checks by the (1) getEnclosingClass, (2) getEnclosingMethod, and (3) getEnclosingConstructor methods.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2455	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17215

Oval ID:	oval:org.mitre.oval:def:17215
Title:	Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, 5.0 Update 45 and earlier, and JavaFX 2.2.21 and earlier allows remote attackers to affect integrity via unknown vectors related to Javadoc.
Description:	Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to frame injection in HTML that is generated by Javadoc.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1571	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than or equal to 2.2.21 Determine if the version of JavaFX is less than or equal to 2.2.21 Determine if the version of JavaFX is less than or equal to 2.2.21 AND Determine if the version of JavaFX is less than or equal to 2.2.21 (JRE 1.7.0:update_6 and later) AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:17221

Oval ID:	oval:org.mitre.oval:def:17221
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to 2D.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows local users to affect confidentiality and integrity via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to weak permissions for shared memory.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1500	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17230

Oval ID:	oval:org.mitre.oval:def:17230
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2452 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to an incorrect "checking order" within the AccessControlContext class.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2443	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17236

Oval ID:	oval:org.mitre.oval:def:17236
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality and integrity via vectors related to JDBC.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via vectors related to JDBC. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly restrict access to certain class packages in the SerialJavaObject class, which allows remote attackers to bypass the Java sandbox.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2454	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17256

Oval ID:	oval:org.mitre.oval:def:17256
Title:	Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to an incorrect implementation of "certain class checks" that allows remote attackers to bypass intended class restrictions.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2457	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17257

Oval ID:	oval:org.mitre.oval:def:17257
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2462	Version:	6
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17265

Oval ID:	oval:org.mitre.oval:def:17265
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Networking.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Networking. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper enforcement of exclusive port binds when running on Windows, which allows attackers to bind to ports that are already in use.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2451	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17267

Oval ID:	oval:org.mitre.oval:def:17267
Title:	USN-1819-1 -- OpenJDK 6 vulnerabilities
Description:	Several security issues were fixed in OpenJDK 6.
Family:	unix	Class:	patch
Reference(s):	usn-1819-1 CVE-2013-0401 CVE-2013-1488 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1558 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 CVE-2013-2436 CVE-2013-2415 CVE-2013-2424 CVE-2013-2417 CVE-2013-2419	Version:	7
Platform(s):	Ubuntu 10.04 Ubuntu 12.04 Ubuntu 11.10	Product(s):	openjdk-6
Definition Synopsis:
Release section Ubuntu 11.10 is installed AND Installed architecture is all AND Packages section openjdk-6-jre-lib DPKG is earlier than 6b27-1.12.5-0ubuntu0.11.10.1 AND icedtea-6-jre-cacao DPKG is earlier than 6b27-1.12.5-0ubuntu0.11.10.1 AND icedtea-6-jre-jamvm DPKG is earlier than 6b27-1.12.5-0ubuntu0.11.10.1 AND openjdk-6-jre DPKG is earlier than 6b27-1.12.5-0ubuntu0.11.10.1 AND openjdk-6-jre-headless DPKG is earlier than 6b27-1.12.5-0ubuntu0.11.10.1 AND openjdk-6-jre-zero DPKG is earlier than 6b27-1.12.5-0ubuntu0.11.10.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND Packages section openjdk-6-jre-lib DPKG is earlier than 6b27-1.12.5-0ubuntu0.12.04.1 AND icedtea-6-jre-cacao DPKG is earlier than 6b27-1.12.5-0ubuntu0.12.04.1 AND icedtea-6-jre-jamvm DPKG is earlier than 6b27-1.12.5-0ubuntu0.12.04.1 AND openjdk-6-jre DPKG is earlier than 6b27-1.12.5-0ubuntu0.12.04.1 AND openjdk-6-jre-headless DPKG is earlier than 6b27-1.12.5-0ubuntu0.12.04.1 AND openjdk-6-jre-zero DPKG is earlier than 6b27-1.12.5-0ubuntu0.12.04.1 OR Release section Ubuntu 10.04 is installed AND Installed architecture is all AND Packages section openjdk-6-jre-lib DPKG is earlier than 6b27-1.12.5-0ubuntu0.10.04.1 AND icedtea-6-jre-cacao DPKG is earlier than 6b27-1.12.5-0ubuntu0.10.04.1 AND icedtea-6-jre-jamvm DPKG is earlier than 6b27-1.12.5-0ubuntu0.10.04.1 AND openjdk-6-jre DPKG is earlier than 6b27-1.12.5-0ubuntu0.10.04.1 AND openjdk-6-jre-headless DPKG is earlier than 6b27-1.12.5-0ubuntu0.10.04.1 AND openjdk-6-jre-zero DPKG is earlier than 6b27-1.12.5-0ubuntu0.10.04.1

Definition Id: oval:org.mitre.oval:def:17294

Oval ID:	oval:org.mitre.oval:def:17294
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Serialization.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper access checks for subclasses in the ObjectOutputStream class.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-2456	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_46 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_46 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_22 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:17565

Oval ID:	oval:org.mitre.oval:def:17565
Title:	USN-1505-2 -- icedtea-web regression
Description:	USN 1505-1 introduced a regression in the IcedTea-Web Java web browser plugin that prevented it from working with the Chromium web browser.
Family:	unix	Class:	patch
Reference(s):	USN-1505-2 CVE-2012-1711 CVE-2012-1719 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1723 CVE-2012-1725 CVE-2012-1724	Version:	7
Platform(s):	Ubuntu 11.10 Ubuntu 11.04	Product(s):	icedtea-web
Definition Synopsis:
Release section Ubuntu 11.10 is installed AND icedtea-6-plugin DPKG is earlier than 1.2-2ubuntu0.11.10.3 AND Release section Ubuntu 11.04 is installed AND icedtea-6-plugin DPKG is earlier than 1.2-2ubuntu0.11.04.3

Definition Id: oval:org.mitre.oval:def:17793

Oval ID:	oval:org.mitre.oval:def:17793
Title:	USN-1553-1 -- openjdk-6 vulnerabilities
Description:	Two security issues were fixed in OpenJDK 6.
Family:	unix	Class:	patch
Reference(s):	USN-1553-1 CVE-2012-1682 CVE-2012-0547	Version:	7
Platform(s):	Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04	Product(s):	openjdk-6
Definition Synopsis:
Release section Ubuntu 12.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b24-1.11.4-1ubuntu0.12.04.1 AND icedtea-6-jre-jamvm DPKG is earlier than 6b24-1.11.4-1ubuntu0.12.04.1 AND openjdk-6-jre DPKG is earlier than 6b24-1.11.4-1ubuntu0.12.04.1 AND openjdk-6-jre-headless DPKG is earlier than 6b24-1.11.4-1ubuntu0.12.04.1 AND openjdk-6-jre-lib DPKG is earlier than 6b24-1.11.4-1ubuntu0.12.04.1 AND openjdk-6-jre-zero DPKG is earlier than 6b24-1.11.4-1ubuntu0.12.04.1 AND Release section Ubuntu 11.10 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b24-1.11.4-1ubuntu0.11.10.1 AND icedtea-6-jre-jamvm DPKG is earlier than 6b24-1.11.4-1ubuntu0.11.10.1 AND openjdk-6-jre DPKG is earlier than 6b24-1.11.4-1ubuntu0.11.10.1 AND openjdk-6-jre-headless DPKG is earlier than 6b24-1.11.4-1ubuntu0.11.10.1 AND openjdk-6-jre-lib DPKG is earlier than 6b24-1.11.4-1ubuntu0.11.10.1 AND openjdk-6-jre-zero DPKG is earlier than 6b24-1.11.4-1ubuntu0.11.10.1 AND Release section Ubuntu 11.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b24-1.11.4-1ubuntu0.11.04.1 AND icedtea-6-jre-jamvm DPKG is earlier than 6b24-1.11.4-1ubuntu0.11.04.1 AND openjdk-6-jre DPKG is earlier than 6b24-1.11.4-1ubuntu0.11.04.1 AND openjdk-6-jre-headless DPKG is earlier than 6b24-1.11.4-1ubuntu0.11.04.1 AND openjdk-6-jre-lib DPKG is earlier than 6b24-1.11.4-1ubuntu0.11.04.1 AND openjdk-6-jre-zero DPKG is earlier than 6b24-1.11.4-1ubuntu0.11.04.1 AND Release section Ubuntu 10.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b24-1.11.4-1ubuntu0.10.04.1 AND openjdk-6-jre DPKG is earlier than 6b24-1.11.4-1ubuntu0.10.04.1 AND openjdk-6-jre-headless DPKG is earlier than 6b24-1.11.4-1ubuntu0.10.04.1 AND openjdk-6-jre-lib DPKG is earlier than 6b24-1.11.4-1ubuntu0.10.04.1 AND openjdk-6-jre-zero DPKG is earlier than 6b24-1.11.4-1ubuntu0.10.04.1

Definition Id: oval:org.mitre.oval:def:17879

Oval ID:	oval:org.mitre.oval:def:17879
Title:	USN-1505-1 -- icedtea-web, openjdk-6 vulnerabilities
Description:	Several security issues were fixed in OpenJDK 6.
Family:	unix	Class:	patch
Reference(s):	USN-1505-1 CVE-2012-1711 CVE-2012-1719 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1723 CVE-2012-1725 CVE-2012-1724	Version:	7
Platform(s):	Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04	Product(s):	openjdk-6 icedtea-web
Definition Synopsis:
Release section Ubuntu 12.04 is installed AND openjdk-6-jre DPKG is earlier than 6b24-1.11.3-1ubuntu0.12.04.1 AND Release section Ubuntu 11.10 is installed Packages match section icedtea-6-plugin DPKG is earlier than 1.2-2ubuntu0.11.10.1 AND openjdk-6-jre DPKG is earlier than 6b24-1.11.3-1ubuntu0.11.10.1 AND Release section Ubuntu 11.04 is installed Packages match section icedtea-6-plugin DPKG is earlier than 1.2-2ubuntu0.11.04.1 AND openjdk-6-jre DPKG is earlier than 6b24-1.11.3-1ubuntu0.11.04.1 AND Release section Ubuntu 10.04 is installed Packages match section icedtea-6-plugin DPKG is earlier than 1.2-2ubuntu0.10.04.1 AND openjdk-6-jre DPKG is earlier than 6b24-1.11.3-1ubuntu0.10.04.1

Definition Id: oval:org.mitre.oval:def:17923

Oval ID:	oval:org.mitre.oval:def:17923
Title:	USN-1755-1 -- openjdk-6 vulnerabilities
Description:	OpenJDK could be made to crash or run programs as your login if it opened a specially crafted file.
Family:	unix	Class:	patch
Reference(s):	USN-1755-1 CVE-2013-0809 CVE-2013-1493	Version:	7
Platform(s):	Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04	Product(s):	openjdk-6
Definition Synopsis:
Release section Ubuntu 12.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b27-1.12.3-0ubuntu1~12.04.1 AND icedtea-6-jre-jamvm DPKG is earlier than 6b27-1.12.3-0ubuntu1~12.04.1 AND openjdk-6-jre DPKG is earlier than 6b27-1.12.3-0ubuntu1~12.04.1 AND openjdk-6-jre-headless DPKG is earlier than 6b27-1.12.3-0ubuntu1~12.04.1 AND openjdk-6-jre-lib DPKG is earlier than 6b27-1.12.3-0ubuntu1~12.04.1 AND openjdk-6-jre-zero DPKG is earlier than 6b27-1.12.3-0ubuntu1~12.04.1 AND Release section Ubuntu 11.10 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b27-1.12.3-0ubuntu1~11.10.1 AND icedtea-6-jre-jamvm DPKG is earlier than 6b27-1.12.3-0ubuntu1~11.10.1 AND openjdk-6-jre DPKG is earlier than 6b27-1.12.3-0ubuntu1~11.10.1 AND openjdk-6-jre-headless DPKG is earlier than 6b27-1.12.3-0ubuntu1~11.10.1 AND openjdk-6-jre-lib DPKG is earlier than 6b27-1.12.3-0ubuntu1~11.10.1 AND openjdk-6-jre-zero DPKG is earlier than 6b27-1.12.3-0ubuntu1~11.10.1 AND Release section Ubuntu 10.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b27-1.12.3-0ubuntu1~10.04.1 AND openjdk-6-jre DPKG is earlier than 6b27-1.12.3-0ubuntu1~10.04.1 AND openjdk-6-jre-headless DPKG is earlier than 6b27-1.12.3-0ubuntu1~10.04.1 AND openjdk-6-jre-lib DPKG is earlier than 6b27-1.12.3-0ubuntu1~10.04.1 AND openjdk-6-jre-zero DPKG is earlier than 6b27-1.12.3-0ubuntu1~10.04.1

Definition Id: oval:org.mitre.oval:def:18092

Oval ID:	oval:org.mitre.oval:def:18092
Title:	USN-1735-1 -- openjdk-6, openjdk-7 vulnerabilities
Description:	Several security issues were fixed in OpenJDK.
Family:	unix	Class:	patch
Reference(s):	USN-1735-1 CVE-2013-0169 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486 CVE-2013-1487	Version:	7
Platform(s):	Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04	Product(s):	openjdk-7 openjdk-6
Definition Synopsis:
Release section Ubuntu 12.10 is installed Packages match section icedtea-7-jre-cacao DPKG is earlier than 7u15-2.3.7-0ubuntu1~12.10 AND icedtea-7-jre-jamvm DPKG is earlier than 7u15-2.3.7-0ubuntu1~12.10 AND openjdk-7-jre DPKG is earlier than 7u15-2.3.7-0ubuntu1~12.10 AND openjdk-7-jre-headless DPKG is earlier than 7u15-2.3.7-0ubuntu1~12.10 AND openjdk-7-jre-lib DPKG is earlier than 7u15-2.3.7-0ubuntu1~12.10 AND openjdk-7-jre-zero DPKG is earlier than 7u15-2.3.7-0ubuntu1~12.10 AND Release section Ubuntu 12.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b27-1.12.3-0ubuntu1~12.04 AND icedtea-6-jre-jamvm DPKG is earlier than 6b27-1.12.3-0ubuntu1~12.04 AND openjdk-6-jre DPKG is earlier than 6b27-1.12.3-0ubuntu1~12.04 AND openjdk-6-jre-headless DPKG is earlier than 6b27-1.12.3-0ubuntu1~12.04 AND openjdk-6-jre-lib DPKG is earlier than 6b27-1.12.3-0ubuntu1~12.04 AND openjdk-6-jre-zero DPKG is earlier than 6b27-1.12.3-0ubuntu1~12.04 AND Release section Ubuntu 11.10 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b27-1.12.3-0ubuntu1~11.10 AND icedtea-6-jre-jamvm DPKG is earlier than 6b27-1.12.3-0ubuntu1~11.10 AND openjdk-6-jre DPKG is earlier than 6b27-1.12.3-0ubuntu1~11.10 AND openjdk-6-jre-headless DPKG is earlier than 6b27-1.12.3-0ubuntu1~11.10 AND openjdk-6-jre-lib DPKG is earlier than 6b27-1.12.3-0ubuntu1~11.10 AND openjdk-6-jre-zero DPKG is earlier than 6b27-1.12.3-0ubuntu1~11.10 AND Release section Ubuntu 10.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b27-1.12.3-0ubuntu1~10.04 AND openjdk-6-jre DPKG is earlier than 6b27-1.12.3-0ubuntu1~10.04 AND openjdk-6-jre-headless DPKG is earlier than 6b27-1.12.3-0ubuntu1~10.04 AND openjdk-6-jre-lib DPKG is earlier than 6b27-1.12.3-0ubuntu1~10.04 AND openjdk-6-jre-zero DPKG is earlier than 6b27-1.12.3-0ubuntu1~10.04

Definition Id: oval:org.mitre.oval:def:18120

Oval ID:	oval:org.mitre.oval:def:18120
Title:	USN-1619-1 -- openjdk-6, openjdk-7 vulnerabilities
Description:	Several security issues were fixed in OpenJDK.
Family:	unix	Class:	patch
Reference(s):	USN-1619-1 CVE-2012-3216 CVE-2012-5069 CVE-2012-5072 CVE-2012-5075 CVE-2012-5077 CVE-2012-5085 CVE-2012-4416 CVE-2012-5071 CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-3143 CVE-2012-3159 CVE-2012-5068 CVE-2012-5083 CVE-2012-5084 CVE-2012-5086 CVE-2012-5089 CVE-2012-5067 CVE-2012-5070 CVE-2012-5073 CVE-2012-5079 CVE-2012-5074 CVE-2012-5076 CVE-2012-5087 CVE-2012-5088 CVE-2012-5081	Version:	7
Platform(s):	Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04	Product(s):	openjdk-7 openjdk-6
Definition Synopsis:
Release section Ubuntu 12.10 is installed Packages match section icedtea-7-jre-cacao DPKG is earlier than 7u9-2.3.3-0ubuntu1~12.10.1 AND icedtea-7-jre-jamvm DPKG is earlier than 7u9-2.3.3-0ubuntu1~12.10.1 AND openjdk-7-jre DPKG is earlier than 7u9-2.3.3-0ubuntu1~12.10.1 AND openjdk-7-jre-headless DPKG is earlier than 7u9-2.3.3-0ubuntu1~12.10.1 AND openjdk-7-jre-lib DPKG is earlier than 7u9-2.3.3-0ubuntu1~12.10.1 AND openjdk-7-jre-zero DPKG is earlier than 7u9-2.3.3-0ubuntu1~12.10.1 AND Release section Ubuntu 12.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b24-1.11.5-0ubuntu1~12.04.1 AND icedtea-6-jre-jamvm DPKG is earlier than 6b24-1.11.5-0ubuntu1~12.04.1 AND openjdk-6-jre DPKG is earlier than 6b24-1.11.5-0ubuntu1~12.04.1 AND openjdk-6-jre-headless DPKG is earlier than 6b24-1.11.5-0ubuntu1~12.04.1 AND openjdk-6-jre-lib DPKG is earlier than 6b24-1.11.5-0ubuntu1~12.04.1 AND openjdk-6-jre-zero DPKG is earlier than 6b24-1.11.5-0ubuntu1~12.04.1 AND Release section Ubuntu 11.10 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b24-1.11.5-0ubuntu1~11.10.1 AND icedtea-6-jre-jamvm DPKG is earlier than 6b24-1.11.5-0ubuntu1~11.10.1 AND openjdk-6-jre DPKG is earlier than 6b24-1.11.5-0ubuntu1~11.10.1 AND openjdk-6-jre-headless DPKG is earlier than 6b24-1.11.5-0ubuntu1~11.10.1 AND openjdk-6-jre-lib DPKG is earlier than 6b24-1.11.5-0ubuntu1~11.10.1 AND openjdk-6-jre-zero DPKG is earlier than 6b24-1.11.5-0ubuntu1~11.10.1 AND Release section Ubuntu 11.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b24-1.11.5-0ubuntu1~11.04.1 AND icedtea-6-jre-jamvm DPKG is earlier than 6b24-1.11.5-0ubuntu1~11.04.1 AND openjdk-6-jre DPKG is earlier than 6b24-1.11.5-0ubuntu1~11.04.1 AND openjdk-6-jre-headless DPKG is earlier than 6b24-1.11.5-0ubuntu1~11.04.1 AND openjdk-6-jre-lib DPKG is earlier than 6b24-1.11.5-0ubuntu1~11.04.1 AND openjdk-6-jre-zero DPKG is earlier than 6b24-1.11.5-0ubuntu1~11.04.1 AND Release section Ubuntu 10.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b24-1.11.5-0ubuntu1~10.04.2 AND openjdk-6-jre DPKG is earlier than 6b24-1.11.5-0ubuntu1~10.04.2 AND openjdk-6-jre-headless DPKG is earlier than 6b24-1.11.5-0ubuntu1~10.04.2 AND openjdk-6-jre-lib DPKG is earlier than 6b24-1.11.5-0ubuntu1~10.04.2 AND openjdk-6-jre-zero DPKG is earlier than 6b24-1.11.5-0ubuntu1~10.04.2

Definition Id: oval:org.mitre.oval:def:18151

Oval ID:	oval:org.mitre.oval:def:18151
Title:	USN-1693-1 -- openjdk-7 vulnerabilities
Description:	OpenJDK 7 could be made to crash or run programs as your login if it opened a specially crafted Java applet.
Family:	unix	Class:	patch
Reference(s):	USN-1693-1 CVE-2012-3174 CVE-2013-0422	Version:	7
Platform(s):	Ubuntu 12.10	Product(s):	openjdk-7
Definition Synopsis:
Ubuntu 12.10 is installed Packages match section icedtea-7-jre-cacao DPKG is earlier than 7u9-2.3.4-0ubuntu1.12.10.1 AND icedtea-7-jre-jamvm DPKG is earlier than 7u9-2.3.4-0ubuntu1.12.10.1 AND openjdk-7-jre DPKG is earlier than 7u9-2.3.4-0ubuntu1.12.10.1 AND openjdk-7-jre-headless DPKG is earlier than 7u9-2.3.4-0ubuntu1.12.10.1 AND openjdk-7-jre-lib DPKG is earlier than 7u9-2.3.4-0ubuntu1.12.10.1 AND openjdk-7-jre-zero DPKG is earlier than 7u9-2.3.4-0ubuntu1.12.10.1

Definition Id: oval:org.mitre.oval:def:18158

Oval ID:	oval:org.mitre.oval:def:18158
Title:	USN-1806-1 -- openjdk-7 vulnerabilities
Description:	Several security issues were fixed in OpenJDK 7.
Family:	unix	Class:	patch
Reference(s):	USN-1806-1 CVE-2013-0401 CVE-2013-1488 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 CVE-2013-2436 CVE-2013-2415 CVE-2013-2424 CVE-2013-2417 CVE-2013-2419 CVE-2013-2423 CVE-2013-1558	Version:	7
Platform(s):	Ubuntu 12.10	Product(s):	openjdk-7
Definition Synopsis:
Ubuntu 12.10 is installed Packages match section icedtea-7-jre-jamvm DPKG is earlier than 7u21-2.3.9-0ubuntu0.12.10.1 AND openjdk-7-jre DPKG is earlier than 7u21-2.3.9-0ubuntu0.12.10.1 AND openjdk-7-jre-headless DPKG is earlier than 7u21-2.3.9-0ubuntu0.12.10.1 AND openjdk-7-jre-lib DPKG is earlier than 7u21-2.3.9-0ubuntu0.12.10.1 AND openjdk-7-jre-zero DPKG is earlier than 7u21-2.3.9-0ubuntu0.12.10.1

Definition Id: oval:org.mitre.oval:def:18173

Oval ID:	oval:org.mitre.oval:def:18173
Title:	DSA-2507-1 openjdk-6 - several
Description:	Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform.
Family:	unix	Class:	patch
Reference(s):	DSA-2507-1 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	openjdk-6
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND openjdk-6 DPKG is earlier than 6b18-1.8.13-0+squeeze2

Definition Id: oval:org.mitre.oval:def:18209

Oval ID:	oval:org.mitre.oval:def:18209
Title:	USN-1724-1 -- openjdk-6, openjdk-7 vulnerabilities
Description:	Several security issues were fixed in OpenJDK.
Family:	unix	Class:	patch
Reference(s):	USN-1724-1 CVE-2012-1541 CVE-2012-3342 CVE-2013-0351 CVE-2013-0419 CVE-2013-0423 CVE-2013-0446 CVE-2012-3213 CVE-2013-0425 CVE-2013-0426 CVE-2013-0428 CVE-2013-0429 CVE-2013-0430 CVE-2013-0441 CVE-2013-0442 CVE-2013-0445 CVE-2013-0450 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-0409 CVE-2013-0434 CVE-2013-0438 CVE-2013-0424 CVE-2013-0427 CVE-2013-0433 CVE-2013-1473 CVE-2013-0432 CVE-2013-0435 CVE-2013-0443 CVE-2013-0440 CVE-2013-0444 CVE-2013-0448 CVE-2013-0449 CVE-2013-1481	Version:	7
Platform(s):	Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04	Product(s):	openjdk-7 openjdk-6
Definition Synopsis:
Release section Ubuntu 12.10 is installed Packages match section icedtea-7-jre-jamvm DPKG is earlier than 7u13-2.3.6-0ubuntu0.12.10.1 AND openjdk-7-jre DPKG is earlier than 7u13-2.3.6-0ubuntu0.12.10.1 AND openjdk-7-jre-headless DPKG is earlier than 7u13-2.3.6-0ubuntu0.12.10.1 AND openjdk-7-jre-lib DPKG is earlier than 7u13-2.3.6-0ubuntu0.12.10.1 AND openjdk-7-jre-zero DPKG is earlier than 7u13-2.3.6-0ubuntu0.12.10.1 AND Release section Ubuntu 12.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b27-1.12.1-2ubuntu0.12.04.2 AND icedtea-6-jre-jamvm DPKG is earlier than 6b27-1.12.1-2ubuntu0.12.04.2 AND openjdk-6-jre DPKG is earlier than 6b27-1.12.1-2ubuntu0.12.04.2 AND openjdk-6-jre-headless DPKG is earlier than 6b27-1.12.1-2ubuntu0.12.04.2 AND openjdk-6-jre-lib DPKG is earlier than 6b27-1.12.1-2ubuntu0.12.04.2 AND openjdk-6-jre-zero DPKG is earlier than 6b27-1.12.1-2ubuntu0.12.04.2 AND Release section Ubuntu 11.10 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b27-1.12.1-2ubuntu0.11.10.2 AND icedtea-6-jre-jamvm DPKG is earlier than 6b27-1.12.1-2ubuntu0.11.10.2 AND openjdk-6-jre DPKG is earlier than 6b27-1.12.1-2ubuntu0.11.10.2 AND openjdk-6-jre-headless DPKG is earlier than 6b27-1.12.1-2ubuntu0.11.10.2 AND openjdk-6-jre-lib DPKG is earlier than 6b27-1.12.1-2ubuntu0.11.10.2 AND openjdk-6-jre-zero DPKG is earlier than 6b27-1.12.1-2ubuntu0.11.10.2 AND Release section Ubuntu 10.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b27-1.12.1-2ubuntu0.10.04.2 AND openjdk-6-jre DPKG is earlier than 6b27-1.12.1-2ubuntu0.10.04.2 AND openjdk-6-jre-headless DPKG is earlier than 6b27-1.12.1-2ubuntu0.10.04.2 AND openjdk-6-jre-lib DPKG is earlier than 6b27-1.12.1-2ubuntu0.10.04.2 AND openjdk-6-jre-zero DPKG is earlier than 6b27-1.12.1-2ubuntu0.10.04.2

Definition Id: oval:org.mitre.oval:def:18219

Oval ID:	oval:org.mitre.oval:def:18219
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and JavaFX 2.2.40 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and JavaFX 2.2.40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5848	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of JavaFX is less than 2.2.41 Determine if the version of JavaFX is less than 2.2.41 Determine if the version of JavaFX is less than 2.2.41 AND Determine if the version of JavaFX is less than 2.2.41 (JRE 1.7.0:update_6 and later) AND JavaFX 2.x is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:18236

Oval ID:	oval:org.mitre.oval:def:18236
Title:	USN-1907-2 -- icedtea-web update
Description:	IcedTea Web updated to work with new OpenJDK 7.
Family:	unix	Class:	patch
Reference(s):	USN-1907-2 CVE-2013-1500 CVE-2013-2454 CVE-2013-2458 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2446 CVE-2013-2447 CVE-2013-2449 CVE-2013-2452 CVE-2013-2456 CVE-2013-2444 CVE-2013-2445 CVE-2013-2450 CVE-2013-2448 CVE-2013-2451 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-2453 CVE-2013-2455 CVE-2013-2457	Version:	7
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	icedtea-web
Definition Synopsis:
Release section Ubuntu 13.04 is installed AND icedtea-netx DPKG is earlier than 1.3.2-1ubuntu1.1 AND Release section Ubuntu 12.10 is installed AND icedtea-netx DPKG is earlier than 1.3.2-1ubuntu0.12.10.2 AND Release section Ubuntu 12.04 is installed AND icedtea-netx DPKG is earlier than 1.2.3-0ubuntu0.12.04.3

Definition Id: oval:org.mitre.oval:def:18239

Oval ID:	oval:org.mitre.oval:def:18239
Title:	USN-1908-1 -- openjdk-6 vulnerabilities
Description:	Several security issues were fixed in OpenJDK 6.
Family:	unix	Class:	patch
Reference(s):	USN-1908-1 CVE-2013-1500 CVE-2013-2454 CVE-2013-2458 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2446 CVE-2013-2447 CVE-2013-2449 CVE-2013-2452 CVE-2013-2456 CVE-2013-2444 CVE-2013-2445 CVE-2013-2450 CVE-2013-2448 CVE-2013-2451 CVE-2013-2459 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3743 CVE-2013-2453 CVE-2013-2455 CVE-2013-2457	Version:	7
Platform(s):	Ubuntu 12.04 Ubuntu 10.04	Product(s):	openjdk-6
Definition Synopsis:
Release section Ubuntu 12.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b27-1.12.6-1ubuntu0.12.04.2 AND icedtea-6-jre-jamvm DPKG is earlier than 6b27-1.12.6-1ubuntu0.12.04.2 AND openjdk-6-doc DPKG is earlier than 6b27-1.12.6-1ubuntu0.12.04.2 AND openjdk-6-jre DPKG is earlier than 6b27-1.12.6-1ubuntu0.12.04.2 AND openjdk-6-jre-headless DPKG is earlier than 6b27-1.12.6-1ubuntu0.12.04.2 AND openjdk-6-jre-lib DPKG is earlier than 6b27-1.12.6-1ubuntu0.12.04.2 AND openjdk-6-jre-zero DPKG is earlier than 6b27-1.12.6-1ubuntu0.12.04.2 AND Release section Ubuntu 10.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 6b27-1.12.6-1ubuntu0.10.04.2 AND openjdk-6-doc DPKG is earlier than 6b27-1.12.6-1ubuntu0.10.04.2 AND openjdk-6-jre DPKG is earlier than 6b27-1.12.6-1ubuntu0.10.04.2 AND openjdk-6-jre-headless DPKG is earlier than 6b27-1.12.6-1ubuntu0.10.04.2 AND openjdk-6-jre-lib DPKG is earlier than 6b27-1.12.6-1ubuntu0.10.04.2 AND openjdk-6-jre-zero DPKG is earlier than 6b27-1.12.6-1ubuntu0.10.04.2

Definition Id: oval:org.mitre.oval:def:18247

Oval ID:	oval:org.mitre.oval:def:18247
Title:	USN-1755-2 -- openjdk-7 vulnerabilities
Description:	OpenJDK could be made to crash or run programs as your login if it opened a specially crafted file.
Family:	unix	Class:	patch
Reference(s):	USN-1755-2 CVE-2013-0809 CVE-2013-1493	Version:	7
Platform(s):	Ubuntu 12.10	Product(s):	openjdk-7
Definition Synopsis:
Ubuntu 12.10 is installed Packages match section icedtea-7-jre-cacao DPKG is earlier than 7u15-2.3.7-0ubuntu1~12.10.1 AND icedtea-7-jre-jamvm DPKG is earlier than 7u15-2.3.7-0ubuntu1~12.10.1 AND openjdk-7-jre DPKG is earlier than 7u15-2.3.7-0ubuntu1~12.10.1 AND openjdk-7-jre-headless DPKG is earlier than 7u15-2.3.7-0ubuntu1~12.10.1 AND openjdk-7-jre-lib DPKG is earlier than 7u15-2.3.7-0ubuntu1~12.10.1 AND openjdk-7-jre-zero DPKG is earlier than 7u15-2.3.7-0ubuntu1~12.10.1

Definition Id: oval:org.mitre.oval:def:18302

Oval ID:	oval:org.mitre.oval:def:18302
Title:	USN-1732-1 -- openssl vulnerabilities
Description:	Several security issues were fixed in OpenSSL.
Family:	unix	Class:	patch
Reference(s):	USN-1732-1 CVE-2012-2686 CVE-2013-0166 CVE-2013-0169	Version:	7
Platform(s):	Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04 Ubuntu 8.04	Product(s):	openssl
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND libssl1.0.0 DPKG is earlier than 1.0.1c-3ubuntu2.1 AND Release section Ubuntu 12.04 is installed AND libssl1.0.0 DPKG is earlier than 1.0.1-4ubuntu5.6 AND Release section Ubuntu 11.10 is installed AND libssl1.0.0 DPKG is earlier than 1.0.0e-2ubuntu4.7 AND Release section Ubuntu 10.04 is installed AND libssl0.9.8 DPKG is earlier than 0.9.8k-7ubuntu8.14 AND Release section Ubuntu 8.04 is installed AND libssl0.9.8 DPKG is earlier than 0.9.8g-4ubuntu3.20

Definition Id: oval:org.mitre.oval:def:18411

Oval ID:	oval:org.mitre.oval:def:18411
Title:	USN-1907-1 -- openjdk-7 vulnerabilities
Description:	Several security issues were fixed in OpenJDK 7.
Family:	unix	Class:	patch
Reference(s):	USN-1907-1 CVE-2013-1500 CVE-2013-2454 CVE-2013-2458 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2446 CVE-2013-2447 CVE-2013-2449 CVE-2013-2452 CVE-2013-2456 CVE-2013-2444 CVE-2013-2445 CVE-2013-2450 CVE-2013-2448 CVE-2013-2451 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-2453 CVE-2013-2455 CVE-2013-2457	Version:	7
Platform(s):	Ubuntu 13.04 Ubuntu 12.10	Product(s):	openjdk-7
Definition Synopsis:
Release section Ubuntu 13.04 is installed Packages match section icedtea-7-jre-jamvm DPKG is earlier than 7u25-2.3.10-1ubuntu0.13.04.2 AND openjdk-7-doc DPKG is earlier than 7u25-2.3.10-1ubuntu0.13.04.2 AND openjdk-7-jre DPKG is earlier than 7u25-2.3.10-1ubuntu0.13.04.2 AND openjdk-7-jre-headless DPKG is earlier than 7u25-2.3.10-1ubuntu0.13.04.2 AND openjdk-7-jre-lib DPKG is earlier than 7u25-2.3.10-1ubuntu0.13.04.2 AND openjdk-7-jre-zero DPKG is earlier than 7u25-2.3.10-1ubuntu0.13.04.2 AND Release section Ubuntu 12.10 is installed Packages match section icedtea-7-jre-cacao DPKG is earlier than 7u25-2.3.10-1ubuntu0.12.10.2 AND icedtea-7-jre-jamvm DPKG is earlier than 7u25-2.3.10-1ubuntu0.12.10.2 AND openjdk-7-doc DPKG is earlier than 7u25-2.3.10-1ubuntu0.12.10.2 AND openjdk-7-jre DPKG is earlier than 7u25-2.3.10-1ubuntu0.12.10.2 AND openjdk-7-jre-headless DPKG is earlier than 7u25-2.3.10-1ubuntu0.12.10.2 AND openjdk-7-jre-lib DPKG is earlier than 7u25-2.3.10-1ubuntu0.12.10.2 AND openjdk-7-jre-zero DPKG is earlier than 7u25-2.3.10-1ubuntu0.12.10.2

Definition Id: oval:org.mitre.oval:def:18436

Oval ID:	oval:org.mitre.oval:def:18436
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5842	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:18458

Oval ID:	oval:org.mitre.oval:def:18458
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5844	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than 2.2.41 Determine if the version of JavaFX is less than 2.2.41 Determine if the version of JavaFX is less than 2.2.41 AND Determine if the version of JavaFX is less than 2.2.41 (JRE 1.7.0:update_6 and later) AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:18501

Oval ID:	oval:org.mitre.oval:def:18501
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013-5805.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5806	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:18504

Oval ID:	oval:org.mitre.oval:def:18504
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5809	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:18565

Oval ID:	oval:org.mitre.oval:def:18565
Title:	DSA-2621-1 openssl - several vulnerabilities
Description:	Multiple vulnerabilities have been found in OpenSSL.
Family:	unix	Class:	patch
Reference(s):	DSA-2621-1 CVE-2013-0166 CVE-2013-0169	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	openssl
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND openssl DPKG is earlier than 0.9.8o-4squeeze14

Definition Id: oval:org.mitre.oval:def:18607

Oval ID:	oval:org.mitre.oval:def:18607
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5788	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:18622

Oval ID:	oval:org.mitre.oval:def:18622
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "XML security and the class loader."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2407	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:18645

Oval ID:	oval:org.mitre.oval:def:18645
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5782	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JRockit
Definition Synopsis:
Determine if the version of JRockit is less than R28.2.9 and is greater than or equal to R28.0.0 Determine if the version of JRockit is less than R28.2.9 AND JRockit R28 is installed OR Determine if the version of JRockit is less than R27.7.6 and is greater than or equal to R27.0.0 Determine if the version of JRockit is less than R27.7.6 AND JRockit R27 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:18699

Oval ID:	oval:org.mitre.oval:def:18699
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to obtain a socket's local address via vectors involving inconsistencies between Socket.getLocalAddress and InetAddress.getLocalHost.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2447	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:18717

Oval ID:	oval:org.mitre.oval:def:18717
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to GnomeFileTypeDetector and a missing check for read permissions for a path.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2449	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:18733

Oval ID:	oval:org.mitre.oval:def:18733
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to BEANS.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5790	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:18742

Oval ID:	oval:org.mitre.oval:def:18742
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ShortBandedRaster size checks" in 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2472	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:18758

Oval ID:	oval:org.mitre.oval:def:18758
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-3743	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:18761

Oval ID:	oval:org.mitre.oval:def:18761
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5818	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:18783

Oval ID:	oval:org.mitre.oval:def:18783
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5823	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JRockit
Definition Synopsis:
Determine if the version of JRockit is less than R28.2.9 and is greater than or equal to R28.0.0 Determine if the version of JRockit is less than R28.2.9 AND JRockit R28 is installed OR Determine if the version of JRockit is less than R27.7.6 and is greater than or equal to R27.0.0 Determine if the version of JRockit is less than R27.7.6 AND JRockit R27 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:18841

Oval ID:	oval:org.mitre.oval:def:18841
Title:	HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Unauthorized Disclosure
Description:	The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0169	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02856 HP Release B.11.11 AND filesets test openssl.OPENSSL-CER version is less than A.00.09.08y.001 AND openssl.OPENSSL-CONF version is less than A.00.09.08y.001 AND openssl.OPENSSL-DOC version is less than A.00.09.08y.001 AND openssl.OPENSSL-INC version is less than A.00.09.08y.001 AND openssl.OPENSSL-LIB version is less than A.00.09.08y.001 AND openssl.OPENSSL-MAN version is less than A.00.09.08y.001 AND openssl.OPENSSL-MIS version is less than A.00.09.08y.001 AND openssl.OPENSSL-PRNG version is less than A.00.09.08y.001 AND openssl.OPENSSL-PVT version is less than A.00.09.08y.001 AND openssl.OPENSSL-RUN version is less than A.00.09.08y.001 AND openssl.OPENSSL-SRC version is less than A.00.09.08y.001 OR Criteria meets HP Security Bulletin HPSBUX02856 HP Release B.11.23 AND filesets test openssl.OPENSSL-CER version is less than A.00.09.08y.002 AND openssl.OPENSSL-CONF version is less than A.00.09.08y.002 AND openssl.OPENSSL-DOC version is less than A.00.09.08y.002 AND openssl.OPENSSL-INC version is less than A.00.09.08y.002 AND openssl.OPENSSL-LIB version is less than A.00.09.08y.002 AND openssl.OPENSSL-MAN version is less than A.00.09.08y.002 AND openssl.OPENSSL-MIS version is less than A.00.09.08y.002 AND openssl.OPENSSL-PRNG version is less than A.00.09.08y.002 AND openssl.OPENSSL-PVT version is less than A.00.09.08y.002 AND openssl.OPENSSL-RUN version is less than A.00.09.08y.002 AND openssl.OPENSSL-SRC version is less than A.00.09.08y.002 OR Criteria meets HP Security Bulletin HPSBUX02856 HP-UX B.11.31 AND filesets test openssl.OPENSSL-CER version is less than A.00.09.08y.003 AND openssl.OPENSSL-CONF version is less than A.00.09.08y.003 AND openssl.OPENSSL-DOC version is less than A.00.09.08y.003 AND openssl.OPENSSL-INC version is less than A.00.09.08y.003 AND openssl.OPENSSL-LIB version is less than A.00.09.08y.003 AND openssl.OPENSSL-MAN version is less than A.00.09.08y.003 AND openssl.OPENSSL-MIS version is less than A.00.09.08y.003 AND openssl.OPENSSL-PRNG version is less than A.00.09.08y.003 AND openssl.OPENSSL-PVT version is less than A.00.09.08y.003 AND openssl.OPENSSL-RUN version is less than A.00.09.08y.003 AND openssl.OPENSSL-SRC version is less than A.00.09.08y.003

Definition Id: oval:org.mitre.oval:def:18846

Oval ID:	oval:org.mitre.oval:def:18846
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ShortBandedRaster size checks" in 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2472	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:18850

Oval ID:	oval:org.mitre.oval:def:18850
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2394 and CVE-2013-1491.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2432	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:18869

Oval ID:	oval:org.mitre.oval:def:18869
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0423	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:18874

Oval ID:	oval:org.mitre.oval:def:18874
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5803	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JRockit
Definition Synopsis:
Determine if the version of JRockit is less than R28.2.9 and is greater than or equal to R28.0.0 Determine if the version of JRockit is less than R28.2.9 AND JRockit R28 is installed OR Determine if the version of JRockit is less than R27.7.6 and is greater than or equal to R27.0.0 Determine if the version of JRockit is less than R27.7.6 AND JRockit R27 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:18888

Oval ID:	oval:org.mitre.oval:def:18888
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2473	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:18894

Oval ID:	oval:org.mitre.oval:def:18894
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5801	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:18904

Oval ID:	oval:org.mitre.oval:def:18904
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, and JavaFX 2.2.40 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, and JavaFX 2.2.40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5846	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than 2.2.41 Determine if the version of JavaFX is less than 2.2.41 Determine if the version of JavaFX is less than 2.2.41 AND Determine if the version of JavaFX is less than 2.2.41 (JRE 1.7.0:update_6 and later) AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:18905

Oval ID:	oval:org.mitre.oval:def:18905
Title:	DSA-2727-1 openjdk-6 - several
Description:	Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2727-1 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2459 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473	Version:	8
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	openjdk-6
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND openjdk-6 DPKG is earlier than 6b27-1.12.6-1~deb6u1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND openjdk-6 DPKG is earlier than 6b27-1.12.6-1~deb7u1

Definition Id: oval:org.mitre.oval:def:18914

Oval ID:	oval:org.mitre.oval:def:18914
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2394 and CVE-2013-1491.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2432	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:18943

Oval ID:	oval:org.mitre.oval:def:18943
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013-5806.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5805	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:18954

Oval ID:	oval:org.mitre.oval:def:18954
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-1723	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.02.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-COM version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.02.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.26.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.26.00

Definition Id: oval:org.mitre.oval:def:18956

Oval ID:	oval:org.mitre.oval:def:18956
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5797	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX JRockit
Definition Synopsis:
Determine if the version of JavaFX is less than 2.2.41 Determine if the version of JavaFX is less than 2.2.41 Determine if the version of JavaFX is less than 2.2.41 AND Determine if the version of JavaFX is less than 2.2.41 (JRE 1.7.0:update_6 and later) AND JavaFX 2.x is installed OR Determine if the version of JRockit is less than R28.2.9 and is greater than or equal to R28.0.0 Determine if the version of JRockit is less than R28.2.9 AND JRockit R28 is installed OR Determine if the version of JRockit is less than R27.7.6 and is greater than or equal to R27.0.0 Determine if the version of JRockit is less than R27.7.6 AND JRockit R27 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:18971

Oval ID:	oval:org.mitre.oval:def:18971
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to AWT.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5849	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:18972

Oval ID:	oval:org.mitre.oval:def:18972
Title:	Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier
Description:	Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5777	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than 2.2.41 Determine if the version of JavaFX is less than 2.2.41 Determine if the version of JavaFX is less than 2.2.41 AND Determine if the version of JavaFX is less than 2.2.41 (JRE 1.7.0:update_6 and later) AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:18983

Oval ID:	oval:org.mitre.oval:def:18983
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5852	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:18990

Oval ID:	oval:org.mitre.oval:def:18990
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5840	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:18994

Oval ID:	oval:org.mitre.oval:def:18994
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-5089	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19002

Oval ID:	oval:org.mitre.oval:def:19002
Title:	Unspecified vulnerability in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier
Description:	Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-3829	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19016

Oval ID:	oval:org.mitre.oval:def:19016
Title:	OpenSSL vulnerability before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d in VisualSVN Server (CVE-2013-0169)
Description:	The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0169	Version:	6
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	VisualSVN Server
Definition Synopsis:
VisualSVN Server is installed If the version of OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d in VisualSVN Server Check the version of OpenSSL in VisualSVN Server Check if OpenSSL version is greater than or equals to 0.9.8.0 in VisualSVN Server AND Check if OpenSSL version is less than or equals to 0.9.8.24 in VisualSVN Server AND Check the version of OpenSSL in VisualSVN Server Check if OpenSSL version is greater than or equals to 1.0.0.0 in VisualSVN Server AND Check if OpenSSL version is less than or equals to 1.0.0.10 in VisualSVN Server AND Check the version of OpenSSL in VisualSVN Server Check if OpenSSL version is greater than or equals to 1.0.1.0 in VisualSVN Server AND Check if OpenSSL version is less than or equals to 1.0.1.3 in VisualSVN Server AND Check if OpenSSL version is less than or equals to 0.9.6.13 in VisualSVN Server AND Check if OpenSSL version equals to 0.9.1.1 in VisualSVN Server AND Check if OpenSSL version equals to 0.9.2.2 in VisualSVN Server AND Check if OpenSSL version equals to 0.9.3.0 in VisualSVN Server AND Check if OpenSSL version equals to 0.9.3.1 in VisualSVN Server AND Check if OpenSSL version equals to 0.9.4.0 in VisualSVN Server AND Check if OpenSSL version equals to 0.9.5.0 in VisualSVN Server AND Check if OpenSSL version equals to 0.9.5.1 in VisualSVN Server

Definition Id: oval:org.mitre.oval:def:19018

Oval ID:	oval:org.mitre.oval:def:19018
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5789	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19019

Oval ID:	oval:org.mitre.oval:def:19019
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-3744.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2400	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19020

Oval ID:	oval:org.mitre.oval:def:19020
Title:	Unspecified vulnerability in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5778	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19024

Oval ID:	oval:org.mitre.oval:def:19024
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5817	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19032

Oval ID:	oval:org.mitre.oval:def:19032
Title:	Unspecified vulnerability in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5774	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19043

Oval ID:	oval:org.mitre.oval:def:19043
Title:	Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier
Description:	Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5776	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19046

Oval ID:	oval:org.mitre.oval:def:19046
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5825	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JRockit
Definition Synopsis:
Determine if the version of JRockit is less than R28.2.9 and is greater than or equal to R28.0.0 Determine if the version of JRockit is less than R28.2.9 AND JRockit R28 is installed OR Determine if the version of JRockit is less than R27.7.6 and is greater than or equal to R27.0.0 Determine if the version of JRockit is less than R27.7.6 AND JRockit R27 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19048

Oval ID:	oval:org.mitre.oval:def:19048
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0446	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19049

Oval ID:	oval:org.mitre.oval:def:19049
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to SCRIPTING.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5784	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19059

Oval ID:	oval:org.mitre.oval:def:19059
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Hotspot. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "handling of memory allocation errors."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2445	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19061

Oval ID:	oval:org.mitre.oval:def:19061
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5851	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19062

Oval ID:	oval:org.mitre.oval:def:19062
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly enforce access restrictions for CORBA output streams.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2446	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19070

Oval ID:	oval:org.mitre.oval:def:19070
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from a third party that the issue is due to an interaction error in between the JRE plug-in for WebKit-based browsers and the Javascript engine, which allows remote attackers to execute arbitrary code by modifying DOM nodes that contain applet elements in a way that triggers an incorrect reference count and a use after free.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-1541	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 OR Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00

Definition Id: oval:org.mitre.oval:def:19074

Oval ID:	oval:org.mitre.oval:def:19074
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2465	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19076

Oval ID:	oval:org.mitre.oval:def:19076
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the 2D component in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-1493.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0809	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02867 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.28.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.28.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.28.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.28.00 AND Jre15.JRE15-COM version is less than 1.5.0.28.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.28.00 OR Criteria meets HP Security Bulletin HPSBUX02867 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.28.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.28.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.28.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.28.00 AND Jre15.JRE15-COM version is less than 1.5.0.28.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.28.00

Definition Id: oval:org.mitre.oval:def:19082

Oval ID:	oval:org.mitre.oval:def:19082
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5819	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19087

Oval ID:	oval:org.mitre.oval:def:19087
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper method-invocation restrictions by the MethodUtil trampoline class, which allows remote attackers to bypass the Java sandbox.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2422	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19088

Oval ID:	oval:org.mitre.oval:def:19088
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Swing.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5783	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19093

Oval ID:	oval:org.mitre.oval:def:19093
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JGSS.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5800	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19094

Oval ID:	oval:org.mitre.oval:def:19094
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5810	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than 2.2.41 Determine if the version of JavaFX is less than 2.2.41 Determine if the version of JavaFX is less than 2.2.41 AND Determine if the version of JavaFX is less than 2.2.41 (JRE 1.7.0:update_6 and later) AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:19095

Oval ID:	oval:org.mitre.oval:def:19095
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5832	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19096

Oval ID:	oval:org.mitre.oval:def:19096
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5830	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JRockit
Definition Synopsis:
Determine if the version of JRockit is less than R28.2.9 and is greater than or equal to R28.0.0 Determine if the version of JRockit is less than R28.2.9 AND JRockit R28 is installed OR Determine if the version of JRockit is less than R27.7.6 and is greater than or equal to R27.0.0 Determine if the version of JRockit is less than R27.7.6 AND JRockit R27 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19097

Oval ID:	oval:org.mitre.oval:def:19097
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0419	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19101

Oval ID:	oval:org.mitre.oval:def:19101
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5780	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JRockit
Definition Synopsis:
Determine if the version of JRockit is less than R28.2.9 and is greater than or equal to R28.0.0 Determine if the version of JRockit is less than R28.2.9 AND JRockit R28 is installed OR Determine if the version of JRockit is less than R27.7.6 and is greater than or equal to R27.0.0 Determine if the version of JRockit is less than R27.7.6 AND JRockit R27 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19102

Oval ID:	oval:org.mitre.oval:def:19102
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0446	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 OR Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00

Definition Id: oval:org.mitre.oval:def:19107

Oval ID:	oval:org.mitre.oval:def:19107
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageWriter state corruption" when using native code, which triggers memory corruption.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2429	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19114

Oval ID:	oval:org.mitre.oval:def:19114
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38 allows remote attackers to affect confidentiality via vectors related to JMX.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0409	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19119

Oval ID:	oval:org.mitre.oval:def:19119
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-3213	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19121

Oval ID:	oval:org.mitre.oval:def:19121
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect integrity via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1473	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 OR Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00

Definition Id: oval:org.mitre.oval:def:19122

Oval ID:	oval:org.mitre.oval:def:19122
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5831	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19123

Oval ID:	oval:org.mitre.oval:def:19123
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0449	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19129

Oval ID:	oval:org.mitre.oval:def:19129
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "insufficient access checks" in the tracing component.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2460	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19137

Oval ID:	oval:org.mitre.oval:def:19137
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1493	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02867 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.28.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.28.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.28.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.28.00 AND Jre15.JRE15-COM version is less than 1.5.0.28.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.28.00 OR Criteria meets HP Security Bulletin HPSBUX02867 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.28.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.28.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.28.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.28.00 AND Jre15.JRE15-COM version is less than 1.5.0.28.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.28.00

Definition Id: oval:org.mitre.oval:def:19141

Oval ID:	oval:org.mitre.oval:def:19141
Title:	Unspecified vulnerability in Oracle Java SE 7u25 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u25 and earlier, and Java SE Embedded 7u25 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5838	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_26 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19144

Oval ID:	oval:org.mitre.oval:def:19144
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JavaFX 2.2.40 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JavaFX 2.2.40 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5843	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed OR Determine if the version of JavaFX is less than 2.2.41 Determine if the version of JavaFX is less than 2.2.41 Determine if the version of JavaFX is less than 2.2.41 AND Determine if the version of JavaFX is less than 2.2.41 (JRE 1.7.0:update_6 and later) AND JavaFX 2.x is installed

Definition Id: oval:org.mitre.oval:def:19147

Oval ID:	oval:org.mitre.oval:def:19147
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5787	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19150

Oval ID:	oval:org.mitre.oval:def:19150
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5850	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19152

Oval ID:	oval:org.mitre.oval:def:19152
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-5081	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19158

Oval ID:	oval:org.mitre.oval:def:19158
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1558	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19170

Oval ID:	oval:org.mitre.oval:def:19170
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1481	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 OR Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00

Definition Id: oval:org.mitre.oval:def:19185

Oval ID:	oval:org.mitre.oval:def:19185
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5814	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19187

Oval ID:	oval:org.mitre.oval:def:19187
Title:	Unspecified vulnerability in Oracle Java SE Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5854	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of JavaFX is less than 2.2.41 Determine if the version of JavaFX is less than 2.2.41 Determine if the version of JavaFX is less than 2.2.41 AND Determine if the version of JavaFX is less than 2.2.41 (JRE 1.7.0:update_6 and later) AND JavaFX 2.x is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19188

Oval ID:	oval:org.mitre.oval:def:19188
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5804	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JRockit
Definition Synopsis:
Determine if the version of JRockit is less than R28.2.9 and is greater than or equal to R28.0.0 Determine if the version of JRockit is less than R28.2.9 AND JRockit R28 is installed OR Determine if the version of JRockit is less than R27.7.6 and is greater than or equal to R27.0.0 Determine if the version of JRockit is less than R27.7.6 AND JRockit R27 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19189

Oval ID:	oval:org.mitre.oval:def:19189
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5829	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19190

Oval ID:	oval:org.mitre.oval:def:19190
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Hotspot. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "handling of memory allocation errors."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2445	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19198

Oval ID:	oval:org.mitre.oval:def:19198
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-3342	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19199

Oval ID:	oval:org.mitre.oval:def:19199
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0351	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 OR Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00

Definition Id: oval:org.mitre.oval:def:19203

Oval ID:	oval:org.mitre.oval:def:19203
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageWriter state corruption" when using native code, which triggers memory corruption.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2429	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19206

Oval ID:	oval:org.mitre.oval:def:19206
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to JAX-WS.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5820	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19207

Oval ID:	oval:org.mitre.oval:def:19207
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5802	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JRockit
Definition Synopsis:
Determine if the version of JRockit is less than R28.2.9 and is greater than or equal to R28.0.0 Determine if the version of JRockit is less than R28.2.9 AND JRockit R28 is installed OR Determine if the version of JRockit is less than R27.7.6 and is greater than or equal to R27.0.0 Determine if the version of JRockit is less than R27.7.6 AND JRockit R27 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_52 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19208

Oval ID:	oval:org.mitre.oval:def:19208
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5812	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19212

Oval ID:	oval:org.mitre.oval:def:19212
Title:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5824	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19213

Oval ID:	oval:org.mitre.oval:def:19213
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "network address handling in virtual machine identifiers" and the lack of "unique and unpredictable IDs" in the java.rmi.dgc.VMID class.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2452	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19216

Oval ID:	oval:org.mitre.oval:def:19216
Title:	Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier
Description:	Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5775	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of JavaFX is less than 2.2.41 Determine if the version of JavaFX is less than 2.2.41 Determine if the version of JavaFX is less than 2.2.41 AND Determine if the version of JavaFX is less than 2.2.41 (JRE 1.7.0:update_6 and later) AND JavaFX 2.x is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19219

Oval ID:	oval:org.mitre.oval:def:19219
Title:	Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u40 and earlier and Java SE 6u60 and earlier
Description:	Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u40 and earlier and Java SE 6u60 and earlier allows remote attackers to affect integrity via unknown vectors related to jhat.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5772	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_61 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_41 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:19225

Oval ID:	oval:org.mitre.oval:def:19225
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly enforce access restrictions for CORBA output streams.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2446	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19227

Oval ID:	oval:org.mitre.oval:def:19227
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, and CVE-2013-2473.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2464	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19231

Oval ID:	oval:org.mitre.oval:def:19231
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "network address handling in virtual machine identifiers" and the lack of "unique and unpredictable IDs" in the java.rmi.dgc.VMID class.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2452	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19234

Oval ID:	oval:org.mitre.oval:def:19234
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2442 and CVE-2013-2468.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2466	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19237

Oval ID:	oval:org.mitre.oval:def:19237
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via vectors related to JDBC. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly restrict access to certain class packages in the SerialJavaObject class, which allows remote attackers to bypass the Java sandbox.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2454	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19240

Oval ID:	oval:org.mitre.oval:def:19240
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38 allows remote attackers to affect confidentiality via vectors related to JMX.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0409	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02867 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.28.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.28.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.28.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.28.00 AND Jre15.JRE15-COM version is less than 1.5.0.28.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.28.00 OR Criteria meets HP Security Bulletin HPSBUX02867 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.28.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.28.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.28.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.28.00 AND Jre15.JRE15-COM version is less than 1.5.0.28.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.28.00

Definition Id: oval:org.mitre.oval:def:19246

Oval ID:	oval:org.mitre.oval:def:19246
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1493	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19252

Oval ID:	oval:org.mitre.oval:def:19252
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to obtain a socket's local address via vectors involving inconsistencies between Socket.getLocalAddress and InetAddress.getLocalHost.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2447	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19267

Oval ID:	oval:org.mitre.oval:def:19267
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper access checks for subclasses in the ObjectOutputStream class.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2456	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19268

Oval ID:	oval:org.mitre.oval:def:19268
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1481	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02867 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.28.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.28.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.28.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.28.00 AND Jre15.JRE15-COM version is less than 1.5.0.28.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.28.00 OR Criteria meets HP Security Bulletin HPSBUX02867 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.28.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.28.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.28.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.28.00 AND Jre15.JRE15-COM version is less than 1.5.0.28.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.28.00

Definition Id: oval:org.mitre.oval:def:19271

Oval ID:	oval:org.mitre.oval:def:19271
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect integrity via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1473	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19274

Oval ID:	oval:org.mitre.oval:def:19274
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-3342	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 OR Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00

Definition Id: oval:org.mitre.oval:def:19276

Oval ID:	oval:org.mitre.oval:def:19276
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to an incorrect implementation of "certain class checks" that allows remote attackers to bypass intended class restrictions.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2457	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19278

Oval ID:	oval:org.mitre.oval:def:19278
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-1716	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.02.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-COM version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.02.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.26.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.26.00

Definition Id: oval:org.mitre.oval:def:19282

Oval ID:	oval:org.mitre.oval:def:19282
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0445	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02867 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.28.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.28.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.28.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.28.00 AND Jre15.JRE15-COM version is less than 1.5.0.28.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.28.00 OR Criteria meets HP Security Bulletin HPSBUX02867 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.28.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.28.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.28.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.28.00 AND Jre15.JRE15-COM version is less than 1.5.0.28.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.28.00

Definition Id: oval:org.mitre.oval:def:19283

Oval ID:	oval:org.mitre.oval:def:19283
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-5073	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19288

Oval ID:	oval:org.mitre.oval:def:19288
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0438	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19290

Oval ID:	oval:org.mitre.oval:def:19290
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper handling of circular references in ObjectStreamClass.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2450	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19291

Oval ID:	oval:org.mitre.oval:def:19291
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "handling of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2383	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19294

Oval ID:	oval:org.mitre.oval:def:19294
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "missing security restrictions" in the LogStream.setDefaultStream method.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1557	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19295

Oval ID:	oval:org.mitre.oval:def:19295
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect IntegerComponentRaster size checks."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2471	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19299

Oval ID:	oval:org.mitre.oval:def:19299
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2452 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to an incorrect "checking order" within the AccessControlContext class.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2443	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19304

Oval ID:	oval:org.mitre.oval:def:19304
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0445	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19307

Oval ID:	oval:org.mitre.oval:def:19307
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not "properly manage and restrict certain resources related to the processing of fonts," possibly involving temporary files.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2444	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19310

Oval ID:	oval:org.mitre.oval:def:19310
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "integer overflow checks."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2459	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19314

Oval ID:	oval:org.mitre.oval:def:19314
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image layout verification" in 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2469	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19320

Oval ID:	oval:org.mitre.oval:def:19320
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the 2D component in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-1493.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0809	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19324

Oval ID:	oval:org.mitre.oval:def:19324
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to obtain a socket's local address via vectors involving inconsistencies between Socket.getLocalAddress and InetAddress.getLocalHost.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2447	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19327

Oval ID:	oval:org.mitre.oval:def:19327
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "checking of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1569	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19341

Oval ID:	oval:org.mitre.oval:def:19341
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2383, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font layout" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2384	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19348

Oval ID:	oval:org.mitre.oval:def:19348
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "ImagingLib byte lookup processing."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2470	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19354

Oval ID:	oval:org.mitre.oval:def:19354
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient "validation of images" in share/native/sun/awt/image/awt_ImageRep.c, possibly involving offsets.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2420	Version:	13
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19364

Oval ID:	oval:org.mitre.oval:def:19364
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1563	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19372

Oval ID:	oval:org.mitre.oval:def:19372
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0445	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 OR Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00

Definition Id: oval:org.mitre.oval:def:19373

Oval ID:	oval:org.mitre.oval:def:19373
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image attribute verification" in 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2463	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19375

Oval ID:	oval:org.mitre.oval:def:19375
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient indication of an SSL connection failure by JConsole, related to RMI connection dialog box.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2412	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19378

Oval ID:	oval:org.mitre.oval:def:19378
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2462	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19383

Oval ID:	oval:org.mitre.oval:def:19383
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38 allows remote attackers to affect confidentiality via vectors related to JMX.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0409	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 OR Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00

Definition Id: oval:org.mitre.oval:def:19385

Oval ID:	oval:org.mitre.oval:def:19385
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the default java.rmi.server.useCodebaseOnly setting of false, which allows remote attackers to perform "dynamic class downloading" and execute arbitrary code.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1537	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19386

Oval ID:	oval:org.mitre.oval:def:19386
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font processing errors" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2419	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19388

Oval ID:	oval:org.mitre.oval:def:19388
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1485	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19390

Oval ID:	oval:org.mitre.oval:def:19390
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, and CVE-2013-2473.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2464	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19401

Oval ID:	oval:org.mitre.oval:def:19401
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect availability, related to JAXP.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-1724	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.02.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-COM version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.02.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.26.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.26.00

Definition Id: oval:org.mitre.oval:def:19402

Oval ID:	oval:org.mitre.oval:def:19402
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1486	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02867 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.28.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.28.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.28.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.28.00 AND Jre15.JRE15-COM version is less than 1.5.0.28.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.28.00 OR Criteria meets HP Security Bulletin HPSBUX02867 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.28.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.28.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.28.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.28.00 AND Jre15.JRE15-COM version is less than 1.5.0.28.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.28.00

Definition Id: oval:org.mitre.oval:def:19403

Oval ID:	oval:org.mitre.oval:def:19403
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0437	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19407

Oval ID:	oval:org.mitre.oval:def:19407
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via vectors related to JDBC. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly restrict access to certain class packages in the SerialJavaObject class, which allows remote attackers to bypass the Java sandbox.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2454	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19408

Oval ID:	oval:org.mitre.oval:def:19408
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2011-5035	Version:	10
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.01.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-COM version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.01.00

Definition Id: oval:org.mitre.oval:def:19411

Oval ID:	oval:org.mitre.oval:def:19411
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-1531	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19413

Oval ID:	oval:org.mitre.oval:def:19413
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect IntegerComponentRaster size checks."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2471	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19417

Oval ID:	oval:org.mitre.oval:def:19417
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2440	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19424

Oval ID:	oval:org.mitre.oval:def:19424
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0169	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19425

Oval ID:	oval:org.mitre.oval:def:19425
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0423	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 OR Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00

Definition Id: oval:org.mitre.oval:def:19428

Oval ID:	oval:org.mitre.oval:def:19428
Title:	HP-UX Apache Web Server, Remote Denial of Service (DoS)
Description:	The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0169	Version:	7
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
HP Release B.11.11 AND filesets test hpuxwsAPACHE.APACHE version is less than B.2.0.64.05 AND hpuxwsAPACHE.APACHE2 version is less than B.2.0.64.05 AND hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.64.05 AND hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.64.05 AND hpuxwsAPACHE.MOD_JK version is less than B.2.0.64.05 AND hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.64.05 AND hpuxwsAPACHE.MOD_PERL version is less than B.2.0.64.05 AND hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.64.05 AND hpuxwsAPACHE.PHP version is less than B.2.0.64.05 AND hpuxwsAPACHE.PHP2 version is less than B.2.0.64.05 AND hpuxwsAPACHE.WEBPROXY version is less than B.2.0.64.05

Definition Id: oval:org.mitre.oval:def:19435

Oval ID:	oval:org.mitre.oval:def:19435
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2452. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect access checks by the (1) getEnclosingClass, (2) getEnclosingMethod, and (3) getEnclosingConstructor methods.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2455	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19439

Oval ID:	oval:org.mitre.oval:def:19439
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0351	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19441

Oval ID:	oval:org.mitre.oval:def:19441
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect IntegerComponentRaster size checks."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2471	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19445

Oval ID:	oval:org.mitre.oval:def:19445
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and availability, related to AWT.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-0502	Version:	10
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.01.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-COM version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.01.00

Definition Id: oval:org.mitre.oval:def:19451

Oval ID:	oval:org.mitre.oval:def:19451
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "missing security restrictions."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1518	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19453

Oval ID:	oval:org.mitre.oval:def:19453
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-3743	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19455

Oval ID:	oval:org.mitre.oval:def:19455
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2465	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19460

Oval ID:	oval:org.mitre.oval:def:19460
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2466 and CVE-2013-2468.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2442	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19461

Oval ID:	oval:org.mitre.oval:def:19461
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-1540.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2433	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19462

Oval ID:	oval:org.mitre.oval:def:19462
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2434	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19463

Oval ID:	oval:org.mitre.oval:def:19463
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0401	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19464

Oval ID:	oval:org.mitre.oval:def:19464
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-3213	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 OR Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00

Definition Id: oval:org.mitre.oval:def:19469

Oval ID:	oval:org.mitre.oval:def:19469
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1486	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19470

Oval ID:	oval:org.mitre.oval:def:19470
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via vectors related to JDBC. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly restrict access to certain class packages in the SerialJavaObject class, which allows remote attackers to bypass the Java sandbox.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2454	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19473

Oval ID:	oval:org.mitre.oval:def:19473
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Install.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2439	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19476

Oval ID:	oval:org.mitre.oval:def:19476
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not "properly manage and restrict certain resources related to the processing of fonts," possibly involving temporary files.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2444	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19477

Oval ID:	oval:org.mitre.oval:def:19477
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1493	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 OR Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00

Definition Id: oval:org.mitre.oval:def:19478

Oval ID:	oval:org.mitre.oval:def:19478
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2442 and CVE-2013-2466.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2468	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19479

Oval ID:	oval:org.mitre.oval:def:19479
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the 2D component in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-1493.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0809	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 OR Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00

Definition Id: oval:org.mitre.oval:def:19482

Oval ID:	oval:org.mitre.oval:def:19482
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via vectors related to 2D, as demonstrated by Joshua Drake during a Pwn2Own competition at CanSecWest 2013.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1491	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19485

Oval ID:	oval:org.mitre.oval:def:19485
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0438	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 OR Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00

Definition Id: oval:org.mitre.oval:def:19486

Oval ID:	oval:org.mitre.oval:def:19486
Title:	DSA-2722-1 openjdk-7 - several
Description:	Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2722-1 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473	Version:	5
Platform(s):	Debian GNU/Linux 7 Debian GNU/kFreeBSD 7	Product(s):	openjdk-7
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND openjdk-7 DPKG is earlier than 0:7u25-2.3.10-1~deb7u1

Definition Id: oval:org.mitre.oval:def:19499

Oval ID:	oval:org.mitre.oval:def:19499
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from a third party that the issue is due to an interaction error in between the JRE plug-in for WebKit-based browsers and the Javascript engine, which allows remote attackers to execute arbitrary code by modifying DOM nodes that contain applet elements in a way that triggers an incorrect reference count and a use after free.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-1541	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19500

Oval ID:	oval:org.mitre.oval:def:19500
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2432 and CVE-2013-1491.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2394	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19501

Oval ID:	oval:org.mitre.oval:def:19501
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0419	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.18.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.18.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 OR Criteria meets HP Security Bulletin HPSBUX02864 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.18.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-COM version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.18.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.18.00

Definition Id: oval:org.mitre.oval:def:19508

Oval ID:	oval:org.mitre.oval:def:19508
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1484	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19511

Oval ID:	oval:org.mitre.oval:def:19511
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1487	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.05.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.05.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-COM version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.05.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.05.00

Definition Id: oval:org.mitre.oval:def:19512

Oval ID:	oval:org.mitre.oval:def:19512
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 5.0 Update 45 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Java installer.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2467	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19516

Oval ID:	oval:org.mitre.oval:def:19516
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Hotspot. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "handling of memory allocation errors."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2445	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19517

Oval ID:	oval:org.mitre.oval:def:19517
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "ImagingLib byte lookup processing."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2470	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19518

Oval ID:	oval:org.mitre.oval:def:19518
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to frame injection in HTML that is generated by Javadoc.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1571	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19521

Oval ID:	oval:org.mitre.oval:def:19521
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2437	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19524

Oval ID:	oval:org.mitre.oval:def:19524
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to Networking. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an information leak involving InetAddress serialization. CVE has not investigated the apparent discrepancy between vendor reports regarding the impact of this issue.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2417	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19526

Oval ID:	oval:org.mitre.oval:def:19526
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font processing errors" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2419	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19527

Oval ID:	oval:org.mitre.oval:def:19527
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to CORBA.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-0506	Version:	10
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.01.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-COM version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.01.00

Definition Id: oval:org.mitre.oval:def:19535

Oval ID:	oval:org.mitre.oval:def:19535
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Networking. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper enforcement of exclusive port binds when running on Windows, which allows attackers to bind to ports that are already in use.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2451	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19536

Oval ID:	oval:org.mitre.oval:def:19536
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageReader state corruption" when using native code.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2430	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19540

Oval ID:	oval:org.mitre.oval:def:19540
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0169	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02867 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.28.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.28.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.28.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.28.00 AND Jre15.JRE15-COM version is less than 1.5.0.28.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.28.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.28.00 OR Criteria meets HP Security Bulletin HPSBUX02867 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.28.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.28.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.28.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.28.00 AND Jre15.JRE15-COM version is less than 1.5.0.28.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.28.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.28.00

Definition Id: oval:org.mitre.oval:def:19541

Oval ID:	oval:org.mitre.oval:def:19541
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Install.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2439	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19543

Oval ID:	oval:org.mitre.oval:def:19543
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ShortBandedRaster size checks" in 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2472	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19549

Oval ID:	oval:org.mitre.oval:def:19549
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2383, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font layout" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2384	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19550

Oval ID:	oval:org.mitre.oval:def:19550
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the default java.rmi.server.useCodebaseOnly setting of false, which allows remote attackers to perform "dynamic class downloading" and execute arbitrary code.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1537	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19551

Oval ID:	oval:org.mitre.oval:def:19551
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2437	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19552

Oval ID:	oval:org.mitre.oval:def:19552
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image layout verification" in 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2469	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19553

Oval ID:	oval:org.mitre.oval:def:19553
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via vectors related to 2D, as demonstrated by Joshua Drake during a Pwn2Own competition at CanSecWest 2013.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1491	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19554

Oval ID:	oval:org.mitre.oval:def:19554
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2432 and CVE-2013-1491.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2394	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19556

Oval ID:	oval:org.mitre.oval:def:19556
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "checking of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1569	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19557

Oval ID:	oval:org.mitre.oval:def:19557
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-0497	Version:	10
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.01.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-COM version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.01.00

Definition Id: oval:org.mitre.oval:def:19560

Oval ID:	oval:org.mitre.oval:def:19560
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2452. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect access checks by the (1) getEnclosingClass, (2) getEnclosingMethod, and (3) getEnclosingConstructor methods.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2455	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19562

Oval ID:	oval:org.mitre.oval:def:19562
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper handling of circular references in ObjectStreamClass.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2450	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19565

Oval ID:	oval:org.mitre.oval:def:19565
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June and July 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass verification of XML signatures via vectors related to a "Missing check for [a] valid DOMCanonicalizationMethod canonicalization algorithm."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2461	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19566

Oval ID:	oval:org.mitre.oval:def:19566
Title:	USN-2033-1 -- openjdk-6 vulnerabilities
Description:	Several security issues were fixed in OpenJDK 6.
Family:	unix	Class:	patch
Reference(s):	USN-2033-1 CVE-2013-3829 CVE-2013-5783 CVE-2013-5804 CVE-2013-4002 CVE-2013-5803 CVE-2013-5823 CVE-2013-5825 CVE-2013-5772 CVE-2013-5774 CVE-2013-5784 CVE-2013-5797 CVE-2013-5820 CVE-2013-5778 CVE-2013-5780 CVE-2013-5790 CVE-2013-5840 CVE-2013-5849 CVE-2013-5851 CVE-2013-5782 CVE-2013-5802 CVE-2013-5809 CVE-2013-5829 CVE-2013-5814 CVE-2013-5817 CVE-2013-5830 CVE-2013-5842 CVE-2013-5850	Version:	5
Platform(s):	Ubuntu 12.04 Ubuntu 10.04	Product(s):	openjdk-6
Definition Synopsis:
Release section Ubuntu 12.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 0:6b27-1.12.6-1ubuntu0.12.04.4 AND icedtea-6-jre-jamvm DPKG is earlier than 0:6b27-1.12.6-1ubuntu0.12.04.4 AND openjdk-6-jre DPKG is earlier than 0:6b27-1.12.6-1ubuntu0.12.04.4 AND openjdk-6-jre-headless DPKG is earlier than 0:6b27-1.12.6-1ubuntu0.12.04.4 AND openjdk-6-jre-lib DPKG is earlier than 0:6b27-1.12.6-1ubuntu0.12.04.4 AND openjdk-6-jre-zero DPKG is earlier than 0:6b27-1.12.6-1ubuntu0.12.04.4 AND Release section Ubuntu 10.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 0:6b27-1.12.6-1ubuntu0.10.04.4 AND openjdk-6-jre DPKG is earlier than 0:6b27-1.12.6-1ubuntu0.10.04.4 AND openjdk-6-jre-headless DPKG is earlier than 0:6b27-1.12.6-1ubuntu0.10.04.4 AND openjdk-6-jre-lib DPKG is earlier than 0:6b27-1.12.6-1ubuntu0.10.04.4 AND openjdk-6-jre-zero DPKG is earlier than 0:6b27-1.12.6-1ubuntu0.10.04.4

Definition Id: oval:org.mitre.oval:def:19567

Oval ID:	oval:org.mitre.oval:def:19567
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2433.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1540	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19568

Oval ID:	oval:org.mitre.oval:def:19568
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "XML security and the class loader."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2407	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19569

Oval ID:	oval:org.mitre.oval:def:19569
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2466 and CVE-2013-2468.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2442	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19570

Oval ID:	oval:org.mitre.oval:def:19570
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to Networking. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an information leak involving InetAddress serialization. CVE has not investigated the apparent discrepancy between vendor reports regarding the impact of this issue.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2417	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19575

Oval ID:	oval:org.mitre.oval:def:19575
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-5086	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19577

Oval ID:	oval:org.mitre.oval:def:19577
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-1540.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2433	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19580

Oval ID:	oval:org.mitre.oval:def:19580
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2440.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2435	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19582

Oval ID:	oval:org.mitre.oval:def:19582
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June and July 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass verification of XML signatures via vectors related to a "Missing check for [a] valid DOMCanonicalizationMethod canonicalization algorithm."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2461	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19583

Oval ID:	oval:org.mitre.oval:def:19583
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and JavaFX 2.0.2 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-0500	Version:	10
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.01.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-COM version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.01.00

Definition Id: oval:org.mitre.oval:def:19584

Oval ID:	oval:org.mitre.oval:def:19584
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2418	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19587

Oval ID:	oval:org.mitre.oval:def:19587
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "integer overflow checks."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2459	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19588

Oval ID:	oval:org.mitre.oval:def:19588
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to a missing check for "package access" by the MBeanServer Introspector.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2453	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19589

Oval ID:	oval:org.mitre.oval:def:19589
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-1540.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2433	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19591

Oval ID:	oval:org.mitre.oval:def:19591
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-3743	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19594

Oval ID:	oval:org.mitre.oval:def:19594
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality via vectors related to JMX. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient class access checks" when "creating new instances" using MBeanInstantiator.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2424	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.19.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.19.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 OR Criteria meets HP Security Bulletin HPSBUX02889 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.19.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-COM version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.19.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.19.00

Definition Id: oval:org.mitre.oval:def:19599

Oval ID:	oval:org.mitre.oval:def:19599
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect availability via unknown vectors.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-0501	Version:	10
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.01.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-COM version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.01.00

Definition Id: oval:org.mitre.oval:def:19600

Oval ID:	oval:org.mitre.oval:def:19600
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2473	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19602

Oval ID:	oval:org.mitre.oval:def:19602
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not "properly manage and restrict certain resources related to the processing of fonts," possibly involving temporary files.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2444	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19605

Oval ID:	oval:org.mitre.oval:def:19605
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2442 and CVE-2013-2466.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2468	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19608

Oval ID:	oval:org.mitre.oval:def:19608
Title:	Multiple OpenSSL vulnerabilities
Description:	The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0169	Version:	5
Platform(s):	IBM AIX 5.3 IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
Criteria meets IBM AIX Security Advisory OS check IBM AIX 5.3 is installed AND openssl.base less than or equal to 0.9.8.2400 OR OS check IBM AIX 6.1 is installed AND openssl.base less than or equal to 0.9.8.2400 OR OS check IBM AIX 7.1 is installed AND openssl.base less than or equal to 0.9.8.2400 OR Criteria meets IBM AIX Security Advisory OS check IBM AIX 5.3 is installed AND openssl-fips.base less than or equal to 12.9.8.2400 OR OS check IBM AIX 6.1 is installed AND openssl-fips.base less than or equal to 12.9.8.2400 OR OS check IBM AIX 7.1 is installed AND openssl-fips.base less than or equal to 12.9.8.2400

Definition Id: oval:org.mitre.oval:def:19611

Oval ID:	oval:org.mitre.oval:def:19611
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to a missing check for "package access" by the MBeanServer Introspector.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2453	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19615

Oval ID:	oval:org.mitre.oval:def:19615
Title:	HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities
Description:	Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-4681	Version:	10
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70 version is less than 1.7.0.03.00 AND Jdk70.JDK70-COM version is less than 1.7.0.03.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.03.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.03.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.03.00 AND Jre70.JRE70 version is less than 1.7.0.03.00 AND Jre70.JRE70-COM version is less than 1.7.0.03.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.03.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.03.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.03.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.03.00

Definition Id: oval:org.mitre.oval:def:19620

Oval ID:	oval:org.mitre.oval:def:19620
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image attribute verification" in 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2463	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19622

Oval ID:	oval:org.mitre.oval:def:19622
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2452. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect access checks by the (1) getEnclosingClass, (2) getEnclosingMethod, and (3) getEnclosingConstructor methods.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2455	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19632

Oval ID:	oval:org.mitre.oval:def:19632
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to insufficient "access restrictions" and "robustness of sound classes."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2448	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19633

Oval ID:	oval:org.mitre.oval:def:19633
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient indication of an SSL connection failure by JConsole, related to RMI connection dialog box.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2412	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19638

Oval ID:	oval:org.mitre.oval:def:19638
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to an incorrect implementation of "certain class checks" that allows remote attackers to bypass intended class restrictions.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2457	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19639

Oval ID:	oval:org.mitre.oval:def:19639
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-5068	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19641

Oval ID:	oval:org.mitre.oval:def:19641
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0401	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19643

Oval ID:	oval:org.mitre.oval:def:19643
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper access checks for subclasses in the ObjectOutputStream class.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2456	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19644

Oval ID:	oval:org.mitre.oval:def:19644
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to I18n.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-0503	Version:	10
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.01.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-COM version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.01.00

Definition Id: oval:org.mitre.oval:def:19645

Oval ID:	oval:org.mitre.oval:def:19645
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper handling of circular references in ObjectStreamClass.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2450	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19646

Oval ID:	oval:org.mitre.oval:def:19646
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-1726	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.02.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-COM version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.02.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.26.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.26.00

Definition Id: oval:org.mitre.oval:def:19649

Oval ID:	oval:org.mitre.oval:def:19649
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2442 and CVE-2013-2468.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2466	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19651

Oval ID:	oval:org.mitre.oval:def:19651
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect availability via unknown vectors related to Security.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-1718	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.02.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-COM version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.02.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.26.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.26.00

Definition Id: oval:org.mitre.oval:def:19652

Oval ID:	oval:org.mitre.oval:def:19652
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2473	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19655

Oval ID:	oval:org.mitre.oval:def:19655
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "ImagingLib byte lookup processing."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2470	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19656

Oval ID:	oval:org.mitre.oval:def:19656
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality via vectors related to JMX. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient class access checks" when "creating new instances" using MBeanInstantiator.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2424	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19658

Oval ID:	oval:org.mitre.oval:def:19658
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly enforce access restrictions for CORBA output streams.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2446	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19663

Oval ID:	oval:org.mitre.oval:def:19663
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows local users to affect confidentiality and integrity via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to weak permissions for shared memory.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1500	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19665

Oval ID:	oval:org.mitre.oval:def:19665
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "network address handling in virtual machine identifiers" and the lack of "unique and unpredictable IDs" in the java.rmi.dgc.VMID class.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2452	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19667

Oval ID:	oval:org.mitre.oval:def:19667
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to frame injection in HTML that is generated by Javadoc.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1571	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19669

Oval ID:	oval:org.mitre.oval:def:19669
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to insufficient "access restrictions" and "robustness of sound classes."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2448	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19672

Oval ID:	oval:org.mitre.oval:def:19672
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "missing security restrictions" in the LogStream.setDefaultStream method.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1557	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19676

Oval ID:	oval:org.mitre.oval:def:19676
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper access checks for subclasses in the ObjectOutputStream class.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2456	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19684

Oval ID:	oval:org.mitre.oval:def:19684
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2400.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-3744	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19685

Oval ID:	oval:org.mitre.oval:def:19685
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image attribute verification" in 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2463	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19692

Oval ID:	oval:org.mitre.oval:def:19692
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to insufficient "access restrictions" and "robustness of sound classes."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2448	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19696

Oval ID:	oval:org.mitre.oval:def:19696
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to an incorrect implementation of "certain class checks" that allows remote attackers to bypass intended class restrictions.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2457	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19703

Oval ID:	oval:org.mitre.oval:def:19703
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2465	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19704

Oval ID:	oval:org.mitre.oval:def:19704
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient "validation of images" in share/native/sun/awt/image/awt_ImageRep.c, possibly involving offsets.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2420	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19705

Oval ID:	oval:org.mitre.oval:def:19705
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "missing security restrictions."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1518	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19708

Oval ID:	oval:org.mitre.oval:def:19708
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, and CVE-2013-2473.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2464	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19709

Oval ID:	oval:org.mitre.oval:def:19709
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via "an error related to method handles."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2458	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.07.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.07.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-COM version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.07.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.07.00

Definition Id: oval:org.mitre.oval:def:19713

Oval ID:	oval:org.mitre.oval:def:19713
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image layout verification" in 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2469	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19715

Oval ID:	oval:org.mitre.oval:def:19715
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageReader state corruption" when using native code.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2430	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19718

Oval ID:	oval:org.mitre.oval:def:19718
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to frame injection in HTML that is generated by Javadoc.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1571	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.20.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.20.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 OR Criteria meets HP Security Bulletin HPSBUX02908 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.20.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-COM version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.20.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.20.00

Definition Id: oval:org.mitre.oval:def:19720

Oval ID:	oval:org.mitre.oval:def:19720
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect integrity, related to CORBA.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-1719	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.02.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-COM version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.02.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.26.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.26.00

Definition Id: oval:org.mitre.oval:def:19725

Oval ID:	oval:org.mitre.oval:def:19725
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "handling of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2383	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19726

Oval ID:	oval:org.mitre.oval:def:19726
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows local users to affect confidentiality and integrity via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to weak permissions for shared memory.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-1500	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19738

Oval ID:	oval:org.mitre.oval:def:19738
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-5075	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19741

Oval ID:	oval:org.mitre.oval:def:19741
Title:	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "integer overflow checks."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-2459	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.29.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.29.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.29.00 OR Criteria meets HP Security Bulletin HPSBUX02922 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.29.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.29.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-COM version is less than 1.5.0.29.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.29.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.29.00

Definition Id: oval:org.mitre.oval:def:19760

Oval ID:	oval:org.mitre.oval:def:19760
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-5087	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19794

Oval ID:	oval:org.mitre.oval:def:19794
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-5069	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19800

Oval ID:	oval:org.mitre.oval:def:19800
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier; and JavaFX 2.0.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-0499	Version:	10
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.01.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-COM version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.01.00

Definition Id: oval:org.mitre.oval:def:19808

Oval ID:	oval:org.mitre.oval:def:19808
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-0498	Version:	10
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.01.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-COM version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.01.00

Definition Id: oval:org.mitre.oval:def:19813

Oval ID:	oval:org.mitre.oval:def:19813
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Sound.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2011-3563	Version:	10
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.01.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-COM version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.01.00

Definition Id: oval:org.mitre.oval:def:19829

Oval ID:	oval:org.mitre.oval:def:19829
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-0505	Version:	10
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.01.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-COM version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.01.00

Definition Id: oval:org.mitre.oval:def:19830

Oval ID:	oval:org.mitre.oval:def:19830
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-5084	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19832

Oval ID:	oval:org.mitre.oval:def:19832
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-5085	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19842

Oval ID:	oval:org.mitre.oval:def:19842
Title:	HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited." NOTE: this identifier was assigned by the Oracle CNA, but CVE is not intended to cover defense-in-depth issues that are only exposed by the presence of other vulnerabilities. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "toolkit internals references."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-0547	Version:	10
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70 version is less than 1.7.0.03.00 AND Jdk70.JDK70-COM version is less than 1.7.0.03.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.03.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.03.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.03.00 AND Jre70.JRE70 version is less than 1.7.0.03.00 AND Jre70.JRE70-COM version is less than 1.7.0.03.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.03.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.03.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.03.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.03.00

Definition Id: oval:org.mitre.oval:def:19848

Oval ID:	oval:org.mitre.oval:def:19848
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-0507	Version:	10
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.01.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-COM version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.01.00

Definition Id: oval:org.mitre.oval:def:19853

Oval ID:	oval:org.mitre.oval:def:19853
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Hotspot.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-4416	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19854

Oval ID:	oval:org.mitre.oval:def:19854
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install and the Java Update mechanism.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-0504	Version:	10
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.01.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-COM version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.01.00

Definition Id: oval:org.mitre.oval:def:19858

Oval ID:	oval:org.mitre.oval:def:19858
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1722.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-1721	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.02.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-COM version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.02.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.26.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.26.00

Definition Id: oval:org.mitre.oval:def:19862

Oval ID:	oval:org.mitre.oval:def:19862
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-3216	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19863

Oval ID:	oval:org.mitre.oval:def:19863
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-1725	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.02.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-COM version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.02.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.26.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.26.00

Definition Id: oval:org.mitre.oval:def:19868

Oval ID:	oval:org.mitre.oval:def:19868
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-1713	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.02.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-COM version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.02.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.26.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.26.00

Definition Id: oval:org.mitre.oval:def:19873

Oval ID:	oval:org.mitre.oval:def:19873
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1721.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-1722	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.02.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-COM version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.02.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.26.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.26.00

Definition Id: oval:org.mitre.oval:def:19883

Oval ID:	oval:org.mitre.oval:def:19883
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-5071	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19886

Oval ID:	oval:org.mitre.oval:def:19886
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to CORBA.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-1711	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.02.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-COM version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.02.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.26.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.26.00

Definition Id: oval:org.mitre.oval:def:19890

Oval ID:	oval:org.mitre.oval:def:19890
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-1717	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.02.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.02.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-COM version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.02.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.02.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.15.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.15.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.26.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.26.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.26.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.15.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.15.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-COM version is less than 1.6.0.15.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.15.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.15.00 OR Criteria meets HP Security Bulletin HPSBUX02805 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.26.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.26.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-COM version is less than 1.5.0.26.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.26.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.26.00

Definition Id: oval:org.mitre.oval:def:19891

Oval ID:	oval:org.mitre.oval:def:19891
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier and 6 Update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-1532	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19895

Oval ID:	oval:org.mitre.oval:def:19895
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-3143	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19912

Oval ID:	oval:org.mitre.oval:def:19912
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Security.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-5077	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19914

Oval ID:	oval:org.mitre.oval:def:19914
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-3159	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19916

Oval ID:	oval:org.mitre.oval:def:19916
Title:	HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-1682.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-3136	Version:	10
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70 version is less than 1.7.0.03.00 AND Jdk70.JDK70-COM version is less than 1.7.0.03.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.03.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.03.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.03.00 AND Jre70.JRE70 version is less than 1.7.0.03.00 AND Jre70.JRE70-COM version is less than 1.7.0.03.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.03.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.03.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.03.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.03.00

Definition Id: oval:org.mitre.oval:def:19917

Oval ID:	oval:org.mitre.oval:def:19917
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.2_38 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-5083	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19918

Oval ID:	oval:org.mitre.oval:def:19918
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-1533	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19923

Oval ID:	oval:org.mitre.oval:def:19923
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-5079	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19933

Oval ID:	oval:org.mitre.oval:def:19933
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Security.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-5072	Version:	11
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk70.JDK70-COM version is less than 1.7.0.04.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.04.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-COM version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.04.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.04.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.17.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.17.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF32 version is less than 1.5.0.27.00 AND Jdk15.JDK15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF32-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64 version is less than 1.5.0.27.00 AND Jre15.JRE15-IPF64-HS version is less than 1.5.0.27.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk60.JDK60-COM version is less than 1.6.0.17.00 AND Jdk60.JDK60-DEMO version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.17.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-COM version is less than 1.6.0.17.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.17.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.17.00 OR Criteria meets HP Security Bulletin HPSBUX02832 platforms HP Release B.11.11 AND HP Release B.11.23 AND filesets tests Jdk15.JDK15-COM version is less than 1.5.0.27.00 AND Jdk15.JDK15-DEMO version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20 version is less than 1.5.0.27.00 AND Jdk15.JDK15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-COM version is less than 1.5.0.27.00 AND Jre15.JRE15-COM-DOC version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20 version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20-HS version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W version is less than 1.5.0.27.00 AND Jre15.JRE15-PA20W-HS version is less than 1.5.0.27.00

Definition Id: oval:org.mitre.oval:def:19946

Oval ID:	oval:org.mitre.oval:def:19946
Title:	HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-1682	Version:	10
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70 version is less than 1.7.0.03.00 AND Jdk70.JDK70-COM version is less than 1.7.0.03.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.03.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.03.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.03.00 AND Jre70.JRE70 version is less than 1.7.0.03.00 AND Jre70.JRE70-COM version is less than 1.7.0.03.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.03.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.03.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.03.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.03.00

Definition Id: oval:org.mitre.oval:def:20185

Oval ID:	oval:org.mitre.oval:def:20185
Title:	RHSA-2013:0601: java-1.6.0-sun security update (Critical)
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0601-02 CVE-2013-0809 CVE-2013-1493	Version:	31
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	java-1.6.0-sun
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section java-1.6.0-sun-jdbc is earlier than 1:1.6.0.43-1jpp.1.el6_4 AND java-1.6.0-sun is earlier than 1:1.6.0.43-1jpp.1.el6_4 AND java-1.6.0-sun-plugin is earlier than 1:1.6.0.43-1jpp.1.el6_4 AND java-1.6.0-sun-devel is earlier than 1:1.6.0.43-1jpp.1.el6_4 AND java-1.6.0-sun-demo is earlier than 1:1.6.0.43-1jpp.1.el6_4 AND java-1.6.0-sun-src is earlier than 1:1.6.0.43-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:20254

Oval ID:	oval:org.mitre.oval:def:20254
Title:	RHSA-2013:0822: java-1.7.0-ibm security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0822-01 CVE-2013-0169 CVE-2013-0401 CVE-2013-1488 CVE-2013-1491 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1558 CVE-2013-1563 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2394 CVE-2013-2415 CVE-2013-2416 CVE-2013-2417 CVE-2013-2418 CVE-2013-2419 CVE-2013-2420 CVE-2013-2422 CVE-2013-2423 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2432 CVE-2013-2433 CVE-2013-2434 CVE-2013-2435 CVE-2013-2436 CVE-2013-2438 CVE-2013-2440	Version:	453
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5	Product(s):	java-1.7.0-ibm
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section java-1.7.0-ibm is earlier than 1:1.7.0.4.2-1jpp.1.el5_9 AND java-1.7.0-ibm-demo is earlier than 1:1.7.0.4.2-1jpp.1.el5_9 AND java-1.7.0-ibm-devel is earlier than 1:1.7.0.4.2-1jpp.1.el5_9 AND java-1.7.0-ibm-jdbc is earlier than 1:1.7.0.4.2-1jpp.1.el5_9 AND java-1.7.0-ibm-plugin is earlier than 1:1.7.0.4.2-1jpp.1.el5_9 AND java-1.7.0-ibm-src is earlier than 1:1.7.0.4.2-1jpp.1.el5_9 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section java-1.7.0-ibm is earlier than 1:1.7.0.4.2-1jpp.1.el6_4 AND java-1.7.0-ibm-demo is earlier than 1:1.7.0.4.2-1jpp.1.el6_4 AND java-1.7.0-ibm-devel is earlier than 1:1.7.0.4.2-1jpp.1.el6_4 AND java-1.7.0-ibm-jdbc is earlier than 1:1.7.0.4.2-1jpp.1.el6_4 AND java-1.7.0-ibm-plugin is earlier than 1:1.7.0.4.2-1jpp.1.el6_4 AND java-1.7.0-ibm-src is earlier than 1:1.7.0.4.2-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:20333

Oval ID:	oval:org.mitre.oval:def:20333
Title:	RHSA-2013:0605: java-1.6.0-openjdk security update (Critical)
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0605-02 CESA-2013:0605 CVE-2013-0809 CVE-2013-1493	Version:	31
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND CentOS Linux 6.x Packages section java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.57.1.11.9.el6_4 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.57.1.11.9.el6_4 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.57.1.11.9.el6_4 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.57.1.11.9.el6_4 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.57.1.11.9.el6_4

Definition Id: oval:org.mitre.oval:def:20467

Oval ID:	oval:org.mitre.oval:def:20467
Title:	RHSA-2013:0770: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to bypassing the Java sandbox using "method handle intrinsic frames."
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0770-01 CESA-2013:0770 CVE-2013-0401 CVE-2013-1488 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1558 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431	Version:	283
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Operation system section Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND CentOS Linux 6.x Packages section java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.61.1.11.11.el6_4 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.61.1.11.11.el6_4 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.61.1.11.11.el6_4 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.61.1.11.11.el6_4 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.61.1.11.11.el6_4 AND Operation system section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.40.1.11.11.el5_9 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.40.1.11.11.el5_9 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.40.1.11.11.el5_9 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.40.1.11.11.el5_9 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.40.1.11.11.el5_9

Definition Id: oval:org.mitre.oval:def:20562

Oval ID:	oval:org.mitre.oval:def:20562
Title:	RHSA-2013:0156: java-1.7.0-oracle security update (Critical)
Description:	Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary Class references using the findClass method, and (2) using the Reflection API with recursion in a way that bypasses a security check by the java.lang.invoke.MethodHandles.Lookup.checkSecurityManager method due to the inability of the sun.reflect.Reflection.getCallerClass method to skip frames related to the new reflection API, as exploited in the wild in January 2013, as demonstrated by Blackhole and Nuclear Pack, and a different vulnerability than CVE-2012-4681 and CVE-2012-3174. NOTE: some parties have mapped the recursive Reflection API issue to CVE-2012-3174, but CVE-2012-3174 is for a different vulnerability whose details are not public as of 20130114. CVE-2013-0422 covers both the JMX/MBean and Reflection API issues. NOTE: it was originally reported that Java 6 was also vulnerable, but the reporter has retracted this claim, stating that Java 6 is not exploitable because the relevant code is called in a way that does not bypass security checks. NOTE: as of 20130114, a reliable third party has claimed that the findClass/MBeanInstantiator vector was not fixed in Oracle Java 7 Update 11. If there is still a vulnerable condition, then a separate CVE identifier might be created for the unfixed issue.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0156-01 CVE-2012-3174 CVE-2013-0422	Version:	31
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section java-1.7.0-oracle is earlier than 1:1.7.0.11-1jpp.3.el6_3 AND java-1.7.0-oracle-src is earlier than 1:1.7.0.11-1jpp.3.el6_3 AND java-1.7.0-oracle-javafx is earlier than 1:1.7.0.11-1jpp.3.el6_3 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.11-1jpp.3.el6_3 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.11-1jpp.3.el6_3 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.11-1jpp.3.el6_3

Definition Id: oval:org.mitre.oval:def:20575

Oval ID:	oval:org.mitre.oval:def:20575
Title:	RHSA-2013:0274: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0274-00 CESA-2013:0274 CVE-2013-0169 CVE-2013-1486	Version:	31
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.35.1.11.8.el5_9 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.35.1.11.8.el5_9 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.35.1.11.8.el5_9 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.35.1.11.8.el5_9 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.35.1.11.8.el5_9

Definition Id: oval:org.mitre.oval:def:20598

Oval ID:	oval:org.mitre.oval:def:20598
Title:	RHSA-2013:0236: java-1.6.0-sun security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0236-01 CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0430 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0446 CVE-2013-0450 CVE-2013-1473 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1481	Version:	423
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	java-1.6.0-sun
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section java-1.6.0-sun-jdbc is earlier than 1:1.6.0.39-1jpp.1.el6_3 AND java-1.6.0-sun is earlier than 1:1.6.0.39-1jpp.1.el6_3 AND java-1.6.0-sun-plugin is earlier than 1:1.6.0.39-1jpp.1.el6_3 AND java-1.6.0-sun-devel is earlier than 1:1.6.0.39-1jpp.1.el6_3 AND java-1.6.0-sun-demo is earlier than 1:1.6.0.39-1jpp.1.el6_3 AND java-1.6.0-sun-src is earlier than 1:1.6.0.39-1jpp.1.el6_3

Definition Id: oval:org.mitre.oval:def:20642

Oval ID:	oval:org.mitre.oval:def:20642
Title:	RHSA-2013:1509: java-1.5.0-ibm security update (Important)
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to AWT.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:1509-01 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5790 CVE-2013-5797 CVE-2013-5801 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5840 CVE-2013-5842 CVE-2013-5843 CVE-2013-5849	Version:	299
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5	Product(s):	java-1.5.0-ibm
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section java-1.5.0-ibm is earlier than 1:1.5.0.16.4-1jpp.1.el5_10 AND java-1.5.0-ibm-accessibility is earlier than 1:1.5.0.16.4-1jpp.1.el5_10 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.16.4-1jpp.1.el5_10 AND java-1.5.0-ibm-devel is earlier than 1:1.5.0.16.4-1jpp.1.el5_10 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.16.4-1jpp.1.el5_10 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.16.4-1jpp.1.el5_10 AND java-1.5.0-ibm-plugin is earlier than 1:1.5.0.16.4-1jpp.1.el5_10 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.16.4-1jpp.1.el5_10 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section java-1.5.0-ibm is earlier than 1:1.5.0.16.4-1jpp.1.el6_4 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.16.4-1jpp.1.el6_4 AND java-1.5.0-ibm-devel is earlier than 1:1.5.0.16.4-1jpp.1.el6_4 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.16.4-1jpp.1.el6_4 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.16.4-1jpp.1.el6_4 AND java-1.5.0-ibm-plugin is earlier than 1:1.5.0.16.4-1jpp.1.el6_4 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.16.4-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:20645

Oval ID:	oval:org.mitre.oval:def:20645
Title:	RHSA-2012:1392: java-1.6.0-sun security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1392-01 CVE-2012-0547 CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089	Version:	289
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	java-1.6.0-sun
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section java-1.6.0-sun-jdbc is earlier than 1:1.6.0.37-1jpp.1.el6_3 AND java-1.6.0-sun is earlier than 1:1.6.0.37-1jpp.1.el6_3 AND java-1.6.0-sun-plugin is earlier than 1:1.6.0.37-1jpp.1.el6_3 AND java-1.6.0-sun-devel is earlier than 1:1.6.0.37-1jpp.1.el6_3 AND java-1.6.0-sun-src is earlier than 1:1.6.0.37-1jpp.1.el6_3 AND java-1.6.0-sun-demo is earlier than 1:1.6.0.37-1jpp.1.el6_3

Definition Id: oval:org.mitre.oval:def:20713

Oval ID:	oval:org.mitre.oval:def:20713
Title:	RHSA-2013:0752: java-1.7.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0752-01 CESA-2013:0752 CVE-2013-0401 CVE-2013-1488 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1558 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2423 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 CVE-2013-2437	Version:	311
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.19-2.3.9.1.el5_9 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.19-2.3.9.1.el5_9 AND java-1.7.0-openjdk is earlier than 1:1.7.0.19-2.3.9.1.el5_9 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.19-2.3.9.1.el5_9 AND java-1.7.0-openjdk-devel is earlier than 1:1.7.0.19-2.3.9.1.el5_9

Definition Id: oval:org.mitre.oval:def:20743

Oval ID:	oval:org.mitre.oval:def:20743
Title:	RHSA-2013:0963: java-1.7.0-oracle security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2400.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0963-01 CVE-2013-1500 CVE-2013-1571 CVE-2013-2400 CVE-2013-2407 CVE-2013-2412 CVE-2013-2437 CVE-2013-2442 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2462 CVE-2013-2463 CVE-2013-2464 CVE-2013-2465 CVE-2013-2466 CVE-2013-2468 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3744	Version:	535
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section java-1.7.0-oracle-javafx is earlier than 1:1.7.0.25-1jpp.1.el6_4 AND java-1.7.0-oracle-src is earlier than 1:1.7.0.25-1jpp.1.el6_4 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.25-1jpp.1.el6_4 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.25-1jpp.1.el6_4 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.25-1jpp.1.el6_4 AND java-1.7.0-oracle is earlier than 1:1.7.0.25-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:20744

Oval ID:	oval:org.mitre.oval:def:20744
Title:	RHSA-2013:0602: java-1.7.0-openjdk security update (Critical)
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0602-01 CESA-2013:0602 CVE-2013-0809 CVE-2013-1493	Version:	31
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND CentOS Linux 6.x Packages section java-1.7.0-openjdk-devel is earlier than 1:1.7.0.9-2.3.8.0.el6_4 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.9-2.3.8.0.el6_4 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.9-2.3.8.0.el6_4 AND java-1.7.0-openjdk is earlier than 1:1.7.0.9-2.3.8.0.el6_4 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.9-2.3.8.0.el6_4

Definition Id: oval:org.mitre.oval:def:20752

Oval ID:	oval:org.mitre.oval:def:20752
Title:	RHSA-2013:0758: java-1.6.0-sun security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0758-02 CVE-2013-0401 CVE-2013-1491 CVE-2013-1518 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1558 CVE-2013-1563 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2394 CVE-2013-2417 CVE-2013-2418 CVE-2013-2419 CVE-2013-2420 CVE-2013-2422 CVE-2013-2424 CVE-2013-2429 CVE-2013-2430 CVE-2013-2432 CVE-2013-2433 CVE-2013-2435 CVE-2013-2439 CVE-2013-2440	Version:	353
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	java-1.6.0-sun
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section java-1.6.0-sun-demo is earlier than 1:1.6.0.45-1jpp.1.el6 AND java-1.6.0-sun is earlier than 1:1.6.0.45-1jpp.1.el6 AND java-1.6.0-sun-src is earlier than 1:1.6.0.45-1jpp.1.el6 AND java-1.6.0-sun-jdbc is earlier than 1:1.6.0.45-1jpp.1.el6 AND java-1.6.0-sun-devel is earlier than 1:1.6.0.45-1jpp.1.el6 AND java-1.6.0-sun-plugin is earlier than 1:1.6.0.45-1jpp.1.el6

Definition Id: oval:org.mitre.oval:def:20754

Oval ID:	oval:org.mitre.oval:def:20754
Title:	RHSA-2012:0322: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:0322-01 CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507	Version:	133
Platform(s):	Red Hat Enterprise Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 5 Packages section java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.25.1.10.6.el5_8 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.25.1.10.6.el5_8 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.25.1.10.6.el5_8 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.25.1.10.6.el5_8 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.25.1.10.6.el5_8

Definition Id: oval:org.mitre.oval:def:20766

Oval ID:	oval:org.mitre.oval:def:20766
Title:	RHSA-2013:0273: java-1.6.0-openjdk security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0273-01 CESA-2013:0273 CVE-2013-0169 CVE-2013-1486	Version:	31
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND CentOS Linux 6.x Packages section java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.56.1.11.8.el6_3 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.56.1.11.8.el6_3 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.56.1.11.8.el6_3 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.56.1.11.8.el6_3 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.56.1.11.8.el6_3

Definition Id: oval:org.mitre.oval:def:20775

Oval ID:	oval:org.mitre.oval:def:20775
Title:	RHSA-2013:0604: java-1.6.0-openjdk security update (Important)
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0604-00 CESA-2013:0604 CVE-2013-0809 CVE-2013-1493	Version:	31
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.36.1.11.9.el5_9 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.36.1.11.9.el5_9 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.36.1.11.9.el5_9 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.36.1.11.9.el5_9 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.36.1.11.9.el5_9

Definition Id: oval:org.mitre.oval:def:20778

Oval ID:	oval:org.mitre.oval:def:20778
Title:	RHSA-2013:0275: java-1.7.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0275-01 CESA-2013:0275 CVE-2013-0169 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486	Version:	59
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Operation system section Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND CentOS Linux 6.x Packages section java-1.7.0-openjdk-devel is earlier than 1:1.7.0.9-2.3.7.1.el6_3 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.9-2.3.7.1.el6_3 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.9-2.3.7.1.el6_3 AND java-1.7.0-openjdk is earlier than 1:1.7.0.9-2.3.7.1.el6_3 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.9-2.3.7.1.el6_3 AND Operation system section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section java-1.7.0-openjdk-devel is earlier than 1:1.7.0.9-2.3.7.1.el5_9 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.9-2.3.7.1.el5_9 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.9-2.3.7.1.el5_9 AND java-1.7.0-openjdk is earlier than 1:1.7.0.9-2.3.7.1.el5_9 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.9-2.3.7.1.el5_9

Definition Id: oval:org.mitre.oval:def:20786

Oval ID:	oval:org.mitre.oval:def:20786
Title:	VMware vSphere, ESX and ESXi updates to third party libraries
Description:	The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-0169	Version:	4
Platform(s):	VMWare ESX Server 4.1 VMWare ESX Server 4.0	Product(s):
Definition Synopsis:
Patch ESX410-201307403-SG is not installed VMware ESX Server 4.1 is installed AND Patch ESX410-201307403-SG is not installed OR Patch ESX400-201310401-SG is not installed VMware ESX Server 4.0 is installed AND Patch ESX400-201310401-SG is not installed

Definition Id: oval:org.mitre.oval:def:20807

Oval ID:	oval:org.mitre.oval:def:20807
Title:	RHSA-2013:1014: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:1014-00 CESA-2013:1014 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2459 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473	Version:	353
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Operation system section Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND CentOS Linux 6.x Packages section java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.62.1.11.11.90.el6_4 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.62.1.11.11.90.el6_4 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.62.1.11.11.90.el6_4 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.62.1.11.11.90.el6_4 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.62.1.11.11.90.el6_4 AND Operation system section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.41.1.11.11.90.el5_9 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.41.1.11.11.90.el5_9 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.41.1.11.11.90.el5_9 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.41.1.11.11.90.el5_9 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.41.1.11.11.90.el5_9

Definition Id: oval:org.mitre.oval:def:20822

Oval ID:	oval:org.mitre.oval:def:20822
Title:	RHSA-2013:0165: java-1.7.0-openjdk security update (Important)
Description:	Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary Class references using the findClass method, and (2) using the Reflection API with recursion in a way that bypasses a security check by the java.lang.invoke.MethodHandles.Lookup.checkSecurityManager method due to the inability of the sun.reflect.Reflection.getCallerClass method to skip frames related to the new reflection API, as exploited in the wild in January 2013, as demonstrated by Blackhole and Nuclear Pack, and a different vulnerability than CVE-2012-4681 and CVE-2012-3174. NOTE: some parties have mapped the recursive Reflection API issue to CVE-2012-3174, but CVE-2012-3174 is for a different vulnerability whose details are not public as of 20130114. CVE-2013-0422 covers both the JMX/MBean and Reflection API issues. NOTE: it was originally reported that Java 6 was also vulnerable, but the reporter has retracted this claim, stating that Java 6 is not exploitable because the relevant code is called in a way that does not bypass security checks. NOTE: as of 20130114, a reliable third party has claimed that the findClass/MBeanInstantiator vector was not fixed in Oracle Java 7 Update 11. If there is still a vulnerable condition, then a separate CVE identifier might be created for the unfixed issue.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0165-01 CESA-2013:0165 CVE-2012-3174 CVE-2013-0422	Version:	31
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Operation system section Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND CentOS Linux 6.x Packages section java-1.7.0-openjdk-devel is earlier than 1:1.7.0.9-2.3.4.1.el6_3 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.9-2.3.4.1.el6_3 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.9-2.3.4.1.el6_3 AND java-1.7.0-openjdk is earlier than 1:1.7.0.9-2.3.4.1.el6_3 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.9-2.3.4.1.el6_3 AND Operation system section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section java-1.7.0-openjdk-devel is earlier than 1:1.7.0.9-2.3.4.el5_9.1 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.9-2.3.4.el5_9.1 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.9-2.3.4.el5_9.1 AND java-1.7.0-openjdk is earlier than 1:1.7.0.9-2.3.4.el5_9.1 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.9-2.3.4.el5_9.1

Definition Id: oval:org.mitre.oval:def:20870

Oval ID:	oval:org.mitre.oval:def:20870
Title:	RHSA-2013:0600: java-1.7.0-oracle security update (Critical)
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0600-02 CVE-2013-0809 CVE-2013-1493	Version:	31
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section java-1.7.0-oracle is earlier than 1:1.7.0.17-1jpp.1.el6_4 AND java-1.7.0-oracle-src is earlier than 1:1.7.0.17-1jpp.1.el6_4 AND java-1.7.0-oracle-javafx is earlier than 1:1.7.0.17-1jpp.1.el6_4 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.17-1jpp.1.el6_4 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.17-1jpp.1.el6_4 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.17-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:20875

Oval ID:	oval:org.mitre.oval:def:20875
Title:	RHSA-2013:0531: java-1.6.0-sun security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0531-01 CVE-2013-0169 CVE-2013-1486 CVE-2013-1487	Version:	45
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	java-1.6.0-sun
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section java-1.6.0-sun-jdbc is earlier than 1:1.6.0.41-1jpp.1.el6_3 AND java-1.6.0-sun is earlier than 1:1.6.0.41-1jpp.1.el6_3 AND java-1.6.0-sun-plugin is earlier than 1:1.6.0.41-1jpp.1.el6_3 AND java-1.6.0-sun-devel is earlier than 1:1.6.0.41-1jpp.1.el6_3 AND java-1.6.0-sun-src is earlier than 1:1.6.0.41-1jpp.1.el6_3 AND java-1.6.0-sun-demo is earlier than 1:1.6.0.41-1jpp.1.el6_3

Definition Id: oval:org.mitre.oval:def:20895

Oval ID:	oval:org.mitre.oval:def:20895
Title:	RHSA-2013:1451: java-1.7.0-openjdk security update (Critical)
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:1451-00 CESA-2013:1451 CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5800 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5838 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851	Version:	409
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND CentOS Linux 6.x Packages section java-1.7.0-openjdk-demo is earlier than 1:1.7.0.45-2.4.3.2.el6_4 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.45-2.4.3.2.el6_4 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.45-2.4.3.2.el6_4 AND java-1.7.0-openjdk-devel is earlier than 1:1.7.0.45-2.4.3.2.el6_4 AND java-1.7.0-openjdk is earlier than 1:1.7.0.45-2.4.3.2.el6_4

Definition Id: oval:org.mitre.oval:def:20955

Oval ID:	oval:org.mitre.oval:def:20955
Title:	RHSA-2013:0757: java-1.7.0-oracle security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0757-02 CVE-2013-0401 CVE-2013-0402 CVE-2013-1488 CVE-2013-1491 CVE-2013-1518 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1558 CVE-2013-1561 CVE-2013-1563 CVE-2013-1564 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2394 CVE-2013-2414 CVE-2013-2415 CVE-2013-2416 CVE-2013-2417 CVE-2013-2418 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2423 CVE-2013-2424 CVE-2013-2425 CVE-2013-2426 CVE-2013-2427 CVE-2013-2428 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 CVE-2013-2432 CVE-2013-2433 CVE-2013-2434 CVE-2013-2435 CVE-2013-2436 CVE-2013-2438 CVE-2013-2439 CVE-2013-2440	Version:	591
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section java-1.7.0-oracle-javafx is earlier than 1:1.7.0.21-1jpp.1.el6 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.21-1jpp.1.el6 AND java-1.7.0-oracle-src is earlier than 1:1.7.0.21-1jpp.1.el6 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.21-1jpp.1.el6 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.21-1jpp.1.el6 AND java-1.7.0-oracle is earlier than 1:1.7.0.21-1jpp.1.el6

Definition Id: oval:org.mitre.oval:def:20992

Oval ID:	oval:org.mitre.oval:def:20992
Title:	RHSA-2013:0532: java-1.7.0-oracle security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0532-01 CVE-2013-0169 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486 CVE-2013-1487	Version:	73
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section java-1.7.0-oracle is earlier than 1:1.7.0.15-1jpp.1.el6_3 AND java-1.7.0-oracle-src is earlier than 1:1.7.0.15-1jpp.1.el6_3 AND java-1.7.0-oracle-javafx is earlier than 1:1.7.0.15-1jpp.1.el6_3 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.15-1jpp.1.el6_3 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.15-1jpp.1.el6_3 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.15-1jpp.1.el6_3

Definition Id: oval:org.mitre.oval:def:20996

Oval ID:	oval:org.mitre.oval:def:20996
Title:	RHSA-2012:1019: java-1.7.0-oracle security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1019-01 CVE-2012-0551 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1721 CVE-2012-1722 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 CVE-2012-1726	Version:	172
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section java-1.7.0-oracle is earlier than 1:1.7.0.5-1jpp.1.el6 AND java-1.7.0-oracle-src is earlier than 1:1.7.0.5-1jpp.1.el6 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.5-1jpp.1.el6 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.5-1jpp.1.el6 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.5-1jpp.1.el6

Definition Id: oval:org.mitre.oval:def:21040

Oval ID:	oval:org.mitre.oval:def:21040
Title:	RHSA-2013:0626: java-1.7.0-ibm security update (Critical)
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0626-02 CVE-2012-1541 CVE-2012-3174 CVE-2012-3213 CVE-2012-3342 CVE-2012-5085 CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 CVE-2013-0422 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0431 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0437 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0444 CVE-2013-0445 CVE-2013-0446 CVE-2013-0449 CVE-2013-0450 CVE-2013-0809 CVE-2013-1473 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486 CVE-2013-1487 CVE-2013-1493	Version:	579
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5	Product(s):	java-1.7.0-ibm
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section java-1.7.0-ibm is earlier than 1:1.7.0.4.0-1jpp.2.el5_9 AND java-1.7.0-ibm-demo is earlier than 1:1.7.0.4.0-1jpp.2.el5_9 AND java-1.7.0-ibm-devel is earlier than 1:1.7.0.4.0-1jpp.2.el5_9 AND java-1.7.0-ibm-jdbc is earlier than 1:1.7.0.4.0-1jpp.2.el5_9 AND java-1.7.0-ibm-plugin is earlier than 1:1.7.0.4.0-1jpp.2.el5_9 AND java-1.7.0-ibm-src is earlier than 1:1.7.0.4.0-1jpp.2.el5_9 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section java-1.7.0-ibm is earlier than 1:1.7.0.4.0-1jpp.2.el6_4 AND java-1.7.0-ibm-demo is earlier than 1:1.7.0.4.0-1jpp.2.el6_4 AND java-1.7.0-ibm-devel is earlier than 1:1.7.0.4.0-1jpp.2.el6_4 AND java-1.7.0-ibm-jdbc is earlier than 1:1.7.0.4.0-1jpp.2.el6_4 AND java-1.7.0-ibm-plugin is earlier than 1:1.7.0.4.0-1jpp.2.el6_4 AND java-1.7.0-ibm-src is earlier than 1:1.7.0.4.0-1jpp.2.el6_4

Definition Id: oval:org.mitre.oval:def:21074

Oval ID:	oval:org.mitre.oval:def:21074
Title:	RHSA-2013:0751: java-1.7.0-openjdk security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-1488 and CVE-2013-2426. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "type checks" and "method handle binding" involving Wrapper.convert.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0751-01 CESA-2013:0751 CVE-2013-0401 CVE-2013-1488 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1558 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2423 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 CVE-2013-2436	Version:	311
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND CentOS Linux 6.x Packages section java-1.7.0-openjdk-devel is earlier than 1:1.7.0.19-2.3.9.1.el6_4 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.19-2.3.9.1.el6_4 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.19-2.3.9.1.el6_4 AND java-1.7.0-openjdk is earlier than 1:1.7.0.19-2.3.9.1.el6_4 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.19-2.3.9.1.el6_4

Definition Id: oval:org.mitre.oval:def:21077

Oval ID:	oval:org.mitre.oval:def:21077
Title:	RHSA-2013:0625: java-1.6.0-ibm security update (Critical)
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0625-02 CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 CVE-2012-5085 CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0446 CVE-2013-0450 CVE-2013-0809 CVE-2013-1473 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1481 CVE-2013-1486 CVE-2013-1487 CVE-2013-1493	Version:	467
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5	Product(s):	java-1.6.0-ibm
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section java-1.6.0-ibm is earlier than 1:1.6.0.13.0-1jpp.2.el5_9 AND java-1.6.0-ibm-accessibility is earlier than 1:1.6.0.13.0-1jpp.2.el5_9 AND java-1.6.0-ibm-demo is earlier than 1:1.6.0.13.0-1jpp.2.el5_9 AND java-1.6.0-ibm-devel is earlier than 1:1.6.0.13.0-1jpp.2.el5_9 AND java-1.6.0-ibm-javacomm is earlier than 1:1.6.0.13.0-1jpp.2.el5_9 AND java-1.6.0-ibm-jdbc is earlier than 1:1.6.0.13.0-1jpp.2.el5_9 AND java-1.6.0-ibm-plugin is earlier than 1:1.6.0.13.0-1jpp.2.el5_9 AND java-1.6.0-ibm-src is earlier than 1:1.6.0.13.0-1jpp.2.el5_9 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section java-1.6.0-ibm is earlier than 1:1.6.0.13.0-1jpp.3.el6_4 AND java-1.6.0-ibm-demo is earlier than 1:1.6.0.13.0-1jpp.3.el6_4 AND java-1.6.0-ibm-devel is earlier than 1:1.6.0.13.0-1jpp.3.el6_4 AND java-1.6.0-ibm-javacomm is earlier than 1:1.6.0.13.0-1jpp.3.el6_4 AND java-1.6.0-ibm-jdbc is earlier than 1:1.6.0.13.0-1jpp.3.el6_4 AND java-1.6.0-ibm-plugin is earlier than 1:1.6.0.13.0-1jpp.3.el6_4 AND java-1.6.0-ibm-src is earlier than 1:1.6.0.13.0-1jpp.3.el6_4

Definition Id: oval:org.mitre.oval:def:21079

Oval ID:	oval:org.mitre.oval:def:21079
Title:	RHSA-2013:0587: openssl security update (Moderate)
Description:	The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0587-01 CESA-2013:0587 CVE-2012-4929 CVE-2013-0166 CVE-2013-0169	Version:	45
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	openssl
Definition Synopsis:
Operation system section Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND CentOS Linux 6.x Packages section openssl-devel is earlier than 0:1.0.0-27.el6_4.2 AND openssl-static is earlier than 0:1.0.0-27.el6_4.2 AND openssl-perl is earlier than 0:1.0.0-27.el6_4.2 AND openssl is earlier than 0:1.0.0-27.el6_4.2 AND Operation system section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section openssl-devel is earlier than 0:0.9.8e-26.el5_9.1 AND openssl-perl is earlier than 0:0.9.8e-26.el5_9.1 AND openssl is earlier than 0:0.9.8e-26.el5_9.1

Definition Id: oval:org.mitre.oval:def:21109

Oval ID:	oval:org.mitre.oval:def:21109
Title:	RHSA-2013:0624: java-1.5.0-ibm security update (Critical)
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0624-02 CVE-2012-5085 CVE-2013-0409 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0440 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0450 CVE-2013-0809 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1481 CVE-2013-1486 CVE-2013-1493	Version:	313
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5	Product(s):	java-1.5.0-ibm
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section java-1.5.0-ibm is earlier than 1:1.5.0.16.0-1jpp.1.el5_9 AND java-1.5.0-ibm-accessibility is earlier than 1:1.5.0.16.0-1jpp.1.el5_9 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.16.0-1jpp.1.el5_9 AND java-1.5.0-ibm-devel is earlier than 1:1.5.0.16.0-1jpp.1.el5_9 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.16.0-1jpp.1.el5_9 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.16.0-1jpp.1.el5_9 AND java-1.5.0-ibm-plugin is earlier than 1:1.5.0.16.0-1jpp.1.el5_9 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.16.0-1jpp.1.el5_9 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section java-1.5.0-ibm is earlier than 1:1.5.0.16.0-1jpp.1.el6_4 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.16.0-1jpp.1.el6_4 AND java-1.5.0-ibm-devel is earlier than 1:1.5.0.16.0-1jpp.1.el6_4 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.16.0-1jpp.1.el6_4 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.16.0-1jpp.1.el6_4 AND java-1.5.0-ibm-plugin is earlier than 1:1.5.0.16.0-1jpp.1.el6_4 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.16.0-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:21111

Oval ID:	oval:org.mitre.oval:def:21111
Title:	RHSA-2013:0823: java-1.6.0-ibm security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0823-01 CVE-2013-0170 CVE-2013-0401 CVE-2013-1491 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1563 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2394 CVE-2013-2417 CVE-2013-2418 CVE-2013-2419 CVE-2013-2420 CVE-2013-2422 CVE-2013-2424 CVE-2013-2429 CVE-2013-2430 CVE-2013-2432 CVE-2013-2433 CVE-2013-2435 CVE-2013-2440	Version:	327
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5	Product(s):	java-1.6.0-ibm
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section java-1.6.0-ibm is earlier than 1:1.6.0.13.2-1jpp.1.el5_9 AND java-1.6.0-ibm-accessibility is earlier than 1:1.6.0.13.2-1jpp.1.el5_9 AND java-1.6.0-ibm-demo is earlier than 1:1.6.0.13.2-1jpp.1.el5_9 AND java-1.6.0-ibm-devel is earlier than 1:1.6.0.13.2-1jpp.1.el5_9 AND java-1.6.0-ibm-javacomm is earlier than 1:1.6.0.13.2-1jpp.1.el5_9 AND java-1.6.0-ibm-jdbc is earlier than 1:1.6.0.13.2-1jpp.1.el5_9 AND java-1.6.0-ibm-plugin is earlier than 1:1.6.0.13.2-1jpp.1.el5_9 AND java-1.6.0-ibm-src is earlier than 1:1.6.0.13.2-1jpp.1.el5_9 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section java-1.6.0-ibm is earlier than 1:1.6.0.13.2-1jpp.1.el6_4 AND java-1.6.0-ibm-demo is earlier than 1:1.6.0.13.2-1jpp.1.el6_4 AND java-1.6.0-ibm-devel is earlier than 1:1.6.0.13.2-1jpp.1.el6_4 AND java-1.6.0-ibm-javacomm is earlier than 1:1.6.0.13.2-1jpp.1.el6_4 AND java-1.6.0-ibm-jdbc is earlier than 1:1.6.0.13.2-1jpp.1.el6_4 AND java-1.6.0-ibm-plugin is earlier than 1:1.6.0.13.2-1jpp.1.el6_4 AND java-1.6.0-ibm-src is earlier than 1:1.6.0.13.2-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:21135

Oval ID:	oval:org.mitre.oval:def:21135
Title:	RHSA-2013:0957: java-1.7.0-openjdk security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0957-00 CESA-2013:0957 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473	Version:	409
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND CentOS Linux 6.x Packages section java-1.7.0-openjdk-demo is earlier than 1:1.7.0.25-2.3.10.3.el6_4 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.25-2.3.10.3.el6_4 AND java-1.7.0-openjdk is earlier than 1:1.7.0.25-2.3.10.3.el6_4 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.25-2.3.10.3.el6_4 AND java-1.7.0-openjdk-devel is earlier than 1:1.7.0.25-2.3.10.3.el6_4

Definition Id: oval:org.mitre.oval:def:21151

Oval ID:	oval:org.mitre.oval:def:21151
Title:	RHSA-2013:1507: java-1.7.0-ibm security update (Critical)
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:1507-01 CVE-2013-3829 CVE-2013-4041 CVE-2013-5372 CVE-2013-5375 CVE-2013-5456 CVE-2013-5457 CVE-2013-5458 CVE-2013-5772 CVE-2013-5774 CVE-2013-5776 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5787 CVE-2013-5788 CVE-2013-5789 CVE-2013-5790 CVE-2013-5797 CVE-2013-5800 CVE-2013-5801 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5812 CVE-2013-5814 CVE-2013-5817 CVE-2013-5818 CVE-2013-5819 CVE-2013-5820 CVE-2013-5823 CVE-2013-5824 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5831 CVE-2013-5832 CVE-2013-5838 CVE-2013-5840 CVE-2013-5842 CVE-2013-5843 CVE-2013-5848 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851	Version:	649
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5	Product(s):	java-1.7.0-ibm
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section java-1.7.0-ibm is earlier than 1:1.7.0.6.0-1jpp.1.el5_10 AND java-1.7.0-ibm-demo is earlier than 1:1.7.0.6.0-1jpp.1.el5_10 AND java-1.7.0-ibm-devel is earlier than 1:1.7.0.6.0-1jpp.1.el5_10 AND java-1.7.0-ibm-jdbc is earlier than 1:1.7.0.6.0-1jpp.1.el5_10 AND java-1.7.0-ibm-plugin is earlier than 1:1.7.0.6.0-1jpp.1.el5_10 AND java-1.7.0-ibm-src is earlier than 1:1.7.0.6.0-1jpp.1.el5_10 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section java-1.7.0-ibm is earlier than 1:1.7.0.6.0-1jpp.1.el6_4 AND java-1.7.0-ibm-demo is earlier than 1:1.7.0.6.0-1jpp.1.el6_4 AND java-1.7.0-ibm-devel is earlier than 1:1.7.0.6.0-1jpp.1.el6_4 AND java-1.7.0-ibm-jdbc is earlier than 1:1.7.0.6.0-1jpp.1.el6_4 AND java-1.7.0-ibm-plugin is earlier than 1:1.7.0.6.0-1jpp.1.el6_4 AND java-1.7.0-ibm-src is earlier than 1:1.7.0.6.0-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:21156

Oval ID:	oval:org.mitre.oval:def:21156
Title:	RHSA-2013:0603: java-1.7.0-openjdk security update (Important)
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0603-00 CESA-2013:0603 CVE-2013-0809 CVE-2013-1493	Version:	31
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section java-1.7.0-openjdk-src is earlier than 1:1.7.0.9-2.3.8.0.el5_9 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.9-2.3.8.0.el5_9 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.9-2.3.8.0.el5_9 AND java-1.7.0-openjdk-devel is earlier than 1:1.7.0.9-2.3.8.0.el5_9 AND java-1.7.0-openjdk is earlier than 1:1.7.0.9-2.3.8.0.el5_9

Definition Id: oval:org.mitre.oval:def:21173

Oval ID:	oval:org.mitre.oval:def:21173
Title:	RHSA-2013:1440: java-1.7.0-oracle security update (Critical)
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality via unknown vectors.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:1440-02 CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5775 CVE-2013-5776 CVE-2013-5777 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5787 CVE-2013-5788 CVE-2013-5789 CVE-2013-5790 CVE-2013-5797 CVE-2013-5800 CVE-2013-5801 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5810 CVE-2013-5812 CVE-2013-5814 CVE-2013-5817 CVE-2013-5818 CVE-2013-5819 CVE-2013-5820 CVE-2013-5823 CVE-2013-5824 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5831 CVE-2013-5832 CVE-2013-5838 CVE-2013-5840 CVE-2013-5842 CVE-2013-5843 CVE-2013-5844 CVE-2013-5846 CVE-2013-5848 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851 CVE-2013-5852 CVE-2013-5854	Version:	675
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section java-1.7.0-oracle-javafx is earlier than 1:1.7.0.45-1jpp.2.el6_4 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.45-1jpp.2.el6_4 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.45-1jpp.2.el6_4 AND java-1.7.0-oracle-src is earlier than 1:1.7.0.45-1jpp.2.el6_4 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.45-1jpp.2.el6_4 AND java-1.7.0-oracle is earlier than 1:1.7.0.45-1jpp.2.el6_4

Definition Id: oval:org.mitre.oval:def:21176

Oval ID:	oval:org.mitre.oval:def:21176
Title:	RHSA-2012:0730: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:0730-00 CESA-2012:0730 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725	Version:	120
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.27.1.10.8.el5_8 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.27.1.10.8.el5_8 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.27.1.10.8.el5_8 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.27.1.10.8.el5_8 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.27.1.10.8.el5_8

Definition Id: oval:org.mitre.oval:def:21180

Oval ID:	oval:org.mitre.oval:def:21180
Title:	RHSA-2013:1447: java-1.7.0-openjdk security update (Important)
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:1447-00 CESA-2013:1447 CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5800 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5838 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851	Version:	409
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section java-1.7.0-openjdk-demo is earlier than 1:1.7.0.45-2.4.3.1.el5_10 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.45-2.4.3.1.el5_10 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.45-2.4.3.1.el5_10 AND java-1.7.0-openjdk-devel is earlier than 1:1.7.0.45-2.4.3.1.el5_10 AND java-1.7.0-openjdk is earlier than 1:1.7.0.45-2.4.3.1.el5_10

Definition Id: oval:org.mitre.oval:def:21198

Oval ID:	oval:org.mitre.oval:def:21198
Title:	RHSA-2013:1505: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:1505-00 CESA-2013:1505 CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850	Version:	367
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Operation system section Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND CentOS Linux 6.x Packages section java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.65.1.11.14.el6_4 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.65.1.11.14.el6_4 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.65.1.11.14.el6_4 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.65.1.11.14.el6_4 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.65.1.11.14.el6_4 AND Operation system section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.42.1.11.14.el5_10 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.42.1.11.14.el5_10 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.42.1.11.14.el5_10 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.42.1.11.14.el5_10 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.42.1.11.14.el5_10

Definition Id: oval:org.mitre.oval:def:21199

Oval ID:	oval:org.mitre.oval:def:21199
Title:	RHSA-2012:1391: java-1.7.0-oracle security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1391-01 CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4416 CVE-2012-5067 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 CVE-2012-5088 CVE-2012-5089	Version:	354
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section java-1.7.0-oracle is earlier than 1:1.7.0.9-1jpp.3.el6_3 AND java-1.7.0-oracle-src is earlier than 1:1.7.0.9-1jpp.3.el6_3 AND java-1.7.0-oracle-javafx is earlier than 1:1.7.0.9-1jpp.3.el6_3 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.9-1jpp.3.el6_3 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.9-1jpp.3.el6_3 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.9-1jpp.3.el6_3

Definition Id: oval:org.mitre.oval:def:21222

Oval ID:	oval:org.mitre.oval:def:21222
Title:	RHSA-2013:0958: java-1.7.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0958-00 CESA-2013:0958 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473	Version:	409
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section java-1.7.0-openjdk-demo is earlier than 1:1.7.0.25-2.3.10.4.el5_9 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.25-2.3.10.4.el5_9 AND java-1.7.0-openjdk is earlier than 1:1.7.0.25-2.3.10.4.el5_9 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.25-2.3.10.4.el5_9 AND java-1.7.0-openjdk-devel is earlier than 1:1.7.0.25-2.3.10.4.el5_9

Definition Id: oval:org.mitre.oval:def:21240

Oval ID:	oval:org.mitre.oval:def:21240
Title:	RHSA-2013:1508: java-1.6.0-ibm security update (Critical)
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:1508-04 CVE-2013-3829 CVE-2013-4041 CVE-2013-5372 CVE-2013-5375 CVE-2013-5457 CVE-2013-5772 CVE-2013-5774 CVE-2013-5776 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5787 CVE-2013-5789 CVE-2013-5797 CVE-2013-5801 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5812 CVE-2013-5814 CVE-2013-5817 CVE-2013-5818 CVE-2013-5819 CVE-2013-5820 CVE-2013-5823 CVE-2013-5824 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5831 CVE-2013-5832 CVE-2013-5840 CVE-2013-5842 CVE-2013-5843 CVE-2013-5848 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851	Version:	551
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5	Product(s):	java-1.6.0-ibm
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section java-1.6.0-ibm is earlier than 1:1.6.0.15.0-1jpp.1.el5_10 AND java-1.6.0-ibm-accessibility is earlier than 1:1.6.0.15.0-1jpp.1.el5_10 AND java-1.6.0-ibm-demo is earlier than 1:1.6.0.15.0-1jpp.1.el5_10 AND java-1.6.0-ibm-devel is earlier than 1:1.6.0.15.0-1jpp.1.el5_10 AND java-1.6.0-ibm-javacomm is earlier than 1:1.6.0.15.0-1jpp.1.el5_10 AND java-1.6.0-ibm-jdbc is earlier than 1:1.6.0.15.0-1jpp.1.el5_10 AND java-1.6.0-ibm-plugin is earlier than 1:1.6.0.15.0-1jpp.1.el5_10 AND java-1.6.0-ibm-src is earlier than 1:1.6.0.15.0-1jpp.1.el5_10 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section java-1.6.0-ibm is earlier than 1:1.6.0.15.0-1jpp.1.el6_4 AND java-1.6.0-ibm-demo is earlier than 1:1.6.0.15.0-1jpp.1.el6_4 AND java-1.6.0-ibm-devel is earlier than 1:1.6.0.15.0-1jpp.1.el6_4 AND java-1.6.0-ibm-javacomm is earlier than 1:1.6.0.15.0-1jpp.1.el6_4 AND java-1.6.0-ibm-jdbc is earlier than 1:1.6.0.15.0-1jpp.1.el6_4 AND java-1.6.0-ibm-plugin is earlier than 1:1.6.0.15.0-1jpp.1.el6_4 AND java-1.6.0-ibm-src is earlier than 1:1.6.0.15.0-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:21241

Oval ID:	oval:org.mitre.oval:def:21241
Title:	RHSA-2013:0855: java-1.5.0-ibm security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2394 and CVE-2013-1491.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0855-01 CVE-2013-0169 CVE-2013-0401 CVE-2013-1491 CVE-2013-1537 CVE-2013-1557 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2394 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2424 CVE-2013-2429 CVE-2013-2430 CVE-2013-2432	Version:	229
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5	Product(s):	java-1.5.0-ibm
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section java-1.5.0-ibm is earlier than 1:1.5.0.16.2-1jpp.1.el5_9 AND java-1.5.0-ibm-accessibility is earlier than 1:1.5.0.16.2-1jpp.1.el5_9 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.16.2-1jpp.1.el5_9 AND java-1.5.0-ibm-devel is earlier than 1:1.5.0.16.2-1jpp.1.el5_9 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.16.2-1jpp.1.el5_9 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.16.2-1jpp.1.el5_9 AND java-1.5.0-ibm-plugin is earlier than 1:1.5.0.16.2-1jpp.1.el5_9 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.16.2-1jpp.1.el5_9 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section java-1.5.0-ibm is earlier than 1:1.5.0.16.2-1jpp.1.el6_4 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.16.2-1jpp.1.el6_4 AND java-1.5.0-ibm-devel is earlier than 1:1.5.0.16.2-1jpp.1.el6_4 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.16.2-1jpp.1.el6_4 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.16.2-1jpp.1.el6_4 AND java-1.5.0-ibm-plugin is earlier than 1:1.5.0.16.2-1jpp.1.el6_4 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.16.2-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:21284

Oval ID:	oval:org.mitre.oval:def:21284
Title:	RHSA-2012:1221: java-1.6.0-openjdk security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder."
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1221-01 CESA-2012:1221 CVE-2012-0547 CVE-2012-1682	Version:	29
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.49.1.11.4.el6_3 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.49.1.11.4.el6_3 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.49.1.11.4.el6_3 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.49.1.11.4.el6_3 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.49.1.11.4.el6_3

Definition Id: oval:org.mitre.oval:def:21309

Oval ID:	oval:org.mitre.oval:def:21309
Title:	RHSA-2012:0729: java-1.6.0-openjdk security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:0729-01 CESA-2012:0729 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725	Version:	120
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.48.1.11.3.el6_2 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.48.1.11.3.el6_2 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.48.1.11.3.el6_2 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.48.1.11.3.el6_2 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.48.1.11.3.el6_2

Definition Id: oval:org.mitre.oval:def:21334

Oval ID:	oval:org.mitre.oval:def:21334
Title:	RHSA-2012:1245: java-1.5.0-ibm security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1245-01 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1725	Version:	83
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5	Product(s):	java-1.5.0-ibm
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section java-1.5.0-ibm is earlier than 1:1.5.0.14.0-1jpp.1.el5_8 AND java-1.5.0-ibm-accessibility is earlier than 1:1.5.0.14.0-1jpp.1.el5_8 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.14.0-1jpp.1.el5_8 AND java-1.5.0-ibm-devel is earlier than 1:1.5.0.14.0-1jpp.1.el5_8 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.14.0-1jpp.1.el5_8 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.14.0-1jpp.1.el5_8 AND java-1.5.0-ibm-plugin is earlier than 1:1.5.0.14.0-1jpp.1.el5_8 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.14.0-1jpp.1.el5_8 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section java-1.5.0-ibm is earlier than 1:1.5.0.14.0-1jpp.1.el6_3 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.14.0-1jpp.1.el6_3 AND java-1.5.0-ibm-devel is earlier than 1:1.5.0.14.0-1jpp.1.el6_3 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.14.0-1jpp.1.el6_3 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.14.0-1jpp.1.el6_3 AND java-1.5.0-ibm-plugin is earlier than 1:1.5.0.14.0-1jpp.1.el6_3 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.14.0-1jpp.1.el6_3

Definition Id: oval:org.mitre.oval:def:21340

Oval ID:	oval:org.mitre.oval:def:21340
Title:	RHSA-2012:0135: java-1.6.0-openjdk security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:0135-01 CESA-2012:0135 CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507	Version:	133
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.43.1.10.6.el6_2 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.43.1.10.6.el6_2 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.43.1.10.6.el6_2 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.43.1.10.6.el6_2 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.43.1.10.6.el6_2

Definition Id: oval:org.mitre.oval:def:21354

Oval ID:	oval:org.mitre.oval:def:21354
Title:	RHSA-2012:1223: java-1.7.0-openjdk security update (Important)
Description:	Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1223-01 CESA-2012:1223 CVE-2012-0547 CVE-2012-1682 CVE-2012-3136 CVE-2012-4681	Version:	55
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section java-1.7.0-openjdk-devel is earlier than 1:1.7.0.5-2.2.1.el6_3.3 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.5-2.2.1.el6_3.3 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.5-2.2.1.el6_3.3 AND java-1.7.0-openjdk is earlier than 1:1.7.0.5-2.2.1.el6_3.3 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.5-2.2.1.el6_3.3

Definition Id: oval:org.mitre.oval:def:21371

Oval ID:	oval:org.mitre.oval:def:21371
Title:	RHSA-2012:1222: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder."
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1222-00 CESA-2012:1222 CVE-2012-0547 CVE-2012-1682	Version:	29
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.28.1.10.9.el5_8 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.28.1.10.9.el5_8 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.28.1.10.9.el5_8 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.28.1.10.9.el5_8 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.28.1.10.9.el5_8

Definition Id: oval:org.mitre.oval:def:21384

Oval ID:	oval:org.mitre.oval:def:21384
Title:	Vulnerability in Java SE 5.0u55, Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Install)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install, a different vulnerability than CVE-2013-5906.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5905	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:21398

Oval ID:	oval:org.mitre.oval:def:21398
Title:	RHSA-2012:0508: java-1.5.0-ibm security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:0508-03 CVE-2011-3389 CVE-2011-3557 CVE-2011-3560 CVE-2011-3563 CVE-2012-0498 CVE-2012-0499 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507	Version:	161
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5	Product(s):	java-1.5.0-ibm
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section java-1.5.0-ibm is earlier than 1:1.5.0.13.1-1jpp.1.el5 AND java-1.5.0-ibm-accessibility is earlier than 1:1.5.0.13.1-1jpp.1.el5 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.13.1-1jpp.1.el5 AND java-1.5.0-ibm-devel is earlier than 1:1.5.0.13.1-1jpp.1.el5 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.13.1-1jpp.1.el5 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.13.1-1jpp.1.el5 AND java-1.5.0-ibm-plugin is earlier than 1:1.5.0.13.1-1jpp.1.el5 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.13.1-1jpp.1.el5 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section java-1.5.0-ibm is earlier than 1:1.5.0.13.1-1jpp.2.el6_2 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.13.1-1jpp.2.el6_2 AND java-1.5.0-ibm-devel is earlier than 1:1.5.0.13.1-1jpp.2.el6_2 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.13.1-1jpp.2.el6_2 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.13.1-1jpp.2.el6_2 AND java-1.5.0-ibm-plugin is earlier than 1:1.5.0.13.1-1jpp.2.el6_2 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.13.1-1jpp.2.el6_2

Definition Id: oval:org.mitre.oval:def:21403

Oval ID:	oval:org.mitre.oval:def:21403
Title:	RHSA-2012:0734: java-1.6.0-sun security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:0734-02 CVE-2012-0551 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1721 CVE-2012-1722 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725	Version:	159
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	java-1.6.0-sun
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section java-1.6.0-sun-jdbc is earlier than 1:1.6.0.33-1jpp.1.el6_2 AND java-1.6.0-sun is earlier than 1:1.6.0.33-1jpp.1.el6_2 AND java-1.6.0-sun-plugin is earlier than 1:1.6.0.33-1jpp.1.el6_2 AND java-1.6.0-sun-devel is earlier than 1:1.6.0.33-1jpp.1.el6_2 AND java-1.6.0-sun-src is earlier than 1:1.6.0.33-1jpp.1.el6_2 AND java-1.6.0-sun-demo is earlier than 1:1.6.0.33-1jpp.1.el6_2

Definition Id: oval:org.mitre.oval:def:21404

Oval ID:	oval:org.mitre.oval:def:21404
Title:	RHSA-2012:0514: java-1.6.0-ibm security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:0514-03 CVE-2011-3563 CVE-2011-5035 CVE-2012-0497 CVE-2012-0498 CVE-2012-0499 CVE-2012-0500 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507	Version:	161
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5	Product(s):	java-1.6.0-ibm
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section java-1.6.0-ibm is earlier than 1:1.6.0.10.1-1jpp.1.el5 AND java-1.6.0-ibm-accessibility is earlier than 1:1.6.0.10.1-1jpp.1.el5 AND java-1.6.0-ibm-demo is earlier than 1:1.6.0.10.1-1jpp.1.el5 AND java-1.6.0-ibm-devel is earlier than 1:1.6.0.10.1-1jpp.1.el5 AND java-1.6.0-ibm-javacomm is earlier than 1:1.6.0.10.1-1jpp.1.el5 AND java-1.6.0-ibm-jdbc is earlier than 1:1.6.0.10.1-1jpp.1.el5 AND java-1.6.0-ibm-plugin is earlier than 1:1.6.0.10.1-1jpp.1.el5 AND java-1.6.0-ibm-src is earlier than 1:1.6.0.10.1-1jpp.1.el5 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section java-1.6.0-ibm is earlier than 1:1.6.0.10.1-1jpp.5.el6_2 AND java-1.6.0-ibm-demo is earlier than 1:1.6.0.10.1-1jpp.5.el6_2 AND java-1.6.0-ibm-devel is earlier than 1:1.6.0.10.1-1jpp.5.el6_2 AND java-1.6.0-ibm-javacomm is earlier than 1:1.6.0.10.1-1jpp.5.el6_2 AND java-1.6.0-ibm-jdbc is earlier than 1:1.6.0.10.1-1jpp.5.el6_2 AND java-1.6.0-ibm-plugin is earlier than 1:1.6.0.10.1-1jpp.5.el6_2 AND java-1.6.0-ibm-src is earlier than 1:1.6.0.10.1-1jpp.5.el6_2

Definition Id: oval:org.mitre.oval:def:21410

Oval ID:	oval:org.mitre.oval:def:21410
Title:	RHSA-2012:0139: java-1.6.0-sun security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:0139-01 CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0498 CVE-2012-0499 CVE-2012-0500 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507	Version:	159
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	java-1.6.0-sun
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section java-1.6.0-sun-jdbc is earlier than 1:1.6.0.31-1jpp.1.el6_2 AND java-1.6.0-sun is earlier than 1:1.6.0.31-1jpp.1.el6_2 AND java-1.6.0-sun-plugin is earlier than 1:1.6.0.31-1jpp.1.el6_2 AND java-1.6.0-sun-devel is earlier than 1:1.6.0.31-1jpp.1.el6_2 AND java-1.6.0-sun-demo is earlier than 1:1.6.0.31-1jpp.1.el6_2 AND java-1.6.0-sun-src is earlier than 1:1.6.0.31-1jpp.1.el6_2

Definition Id: oval:org.mitre.oval:def:21418

Oval ID:	oval:org.mitre.oval:def:21418
Title:	Vulnerability in Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment)
Description:	Unspecified vulnerability in Oracle Java SE 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5904	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:21422

Oval ID:	oval:org.mitre.oval:def:21422
Title:	RHSA-2012:1385: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1385-00 CESA-2012:1385 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089	Version:	198
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.28.1.10.10.el5_8 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.28.1.10.10.el5_8 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.28.1.10.10.el5_8 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.28.1.10.10.el5_8 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.28.1.10.10.el5_8

Definition Id: oval:org.mitre.oval:def:21447

Oval ID:	oval:org.mitre.oval:def:21447
Title:	RHSA-2012:1238: java-1.6.0-ibm security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1238-01 CVE-2012-0551 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1721 CVE-2012-1722 CVE-2012-1725	Version:	122
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5	Product(s):	java-1.6.0-ibm
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section java-1.6.0-ibm is earlier than 1:1.6.0.11.0-1jpp.1.el5_8 AND java-1.6.0-ibm-accessibility is earlier than 1:1.6.0.11.0-1jpp.1.el5_8 AND java-1.6.0-ibm-demo is earlier than 1:1.6.0.11.0-1jpp.1.el5_8 AND java-1.6.0-ibm-devel is earlier than 1:1.6.0.11.0-1jpp.1.el5_8 AND java-1.6.0-ibm-javacomm is earlier than 1:1.6.0.11.0-1jpp.1.el5_8 AND java-1.6.0-ibm-jdbc is earlier than 1:1.6.0.11.0-1jpp.1.el5_8 AND java-1.6.0-ibm-plugin is earlier than 1:1.6.0.11.0-1jpp.1.el5_8 AND java-1.6.0-ibm-src is earlier than 1:1.6.0.11.0-1jpp.1.el5_8 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section java-1.6.0-ibm is earlier than 1:1.6.0.11.0-1jpp.1.el6_3 AND java-1.6.0-ibm-demo is earlier than 1:1.6.0.11.0-1jpp.1.el6_3 AND java-1.6.0-ibm-devel is earlier than 1:1.6.0.11.0-1jpp.1.el6_3 AND java-1.6.0-ibm-javacomm is earlier than 1:1.6.0.11.0-1jpp.1.el6_3 AND java-1.6.0-ibm-jdbc is earlier than 1:1.6.0.11.0-1jpp.1.el6_3 AND java-1.6.0-ibm-plugin is earlier than 1:1.6.0.11.0-1jpp.1.el6_3 AND java-1.6.0-ibm-src is earlier than 1:1.6.0.11.0-1jpp.1.el6_3

Definition Id: oval:org.mitre.oval:def:21488

Oval ID:	oval:org.mitre.oval:def:21488
Title:	Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment)
Description:	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, and CVE-2014-0424.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-0418	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:21517

Oval ID:	oval:org.mitre.oval:def:21517
Title:	RHSA-2012:1225: java-1.7.0-oracle security update (Critical)
Description:	Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1225-01 CVE-2012-0547 CVE-2012-1682 CVE-2012-3136 CVE-2012-4681	Version:	55
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section java-1.7.0-oracle is earlier than 1:1.7.0.7-1jpp.5.el6_3 AND java-1.7.0-oracle-src is earlier than 1:1.7.0.7-1jpp.5.el6_3 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.7-1jpp.5.el6_3 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.7-1jpp.5.el6_3 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.7-1jpp.5.el6_3

Definition Id: oval:org.mitre.oval:def:21580

Oval ID:	oval:org.mitre.oval:def:21580
Title:	RHSA-2012:1009: java-1.7.0-openjdk security and bug fix update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1009-01 CESA-2012:1009 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 CVE-2012-1726	Version:	133
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section java-1.7.0-openjdk-devel is earlier than 1:1.7.0.5-2.2.1.el6_3 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.5-2.2.1.el6_3 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.5-2.2.1.el6_3 AND java-1.7.0-openjdk is earlier than 1:1.7.0.5-2.2.1.el6_3 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.5-2.2.1.el6_3

Definition Id: oval:org.mitre.oval:def:21586

Oval ID:	oval:org.mitre.oval:def:21586
Title:	RHSA-2012:1386: java-1.7.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1386-02 CESA-2012:1386 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 CVE-2012-5088 CVE-2012-5089	Version:	263
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section java-1.7.0-openjdk-devel is earlier than 1:1.7.0.9-2.3.3.el6_3.1 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.9-2.3.3.el6_3.1 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.9-2.3.3.el6_3.1 AND java-1.7.0-openjdk is earlier than 1:1.7.0.9-2.3.3.el6_3.1 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.9-2.3.3.el6_3.1

Definition Id: oval:org.mitre.oval:def:21588

Oval ID:	oval:org.mitre.oval:def:21588
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5776	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:21593

Oval ID:	oval:org.mitre.oval:def:21593
Title:	RHSA-2012:1384: java-1.6.0-openjdk security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1384-01 CESA-2012:1384 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089	Version:	198
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.50.1.11.5.el6_3 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.50.1.11.5.el6_3 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.50.1.11.5.el6_3 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.50.1.11.5.el6_3 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.50.1.11.5.el6_3

Definition Id: oval:org.mitre.oval:def:21607

Oval ID:	oval:org.mitre.oval:def:21607
Title:	RHSA-2012:1289: java-1.7.0-ibm security update (Critical)
Description:	Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1289-01 CVE-2012-0547 CVE-2012-0551 CVE-2012-1682 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1719 CVE-2012-1721 CVE-2012-1722 CVE-2012-1725 CVE-2012-1726 CVE-2012-3136 CVE-2012-4681	Version:	172
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	java-1.7.0-ibm
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section java-1.7.0-ibm-devel is earlier than 1:1.7.0.2.0-1jpp.3.el6_3 AND java-1.7.0-ibm-src is earlier than 1:1.7.0.2.0-1jpp.3.el6_3 AND java-1.7.0-ibm-demo is earlier than 1:1.7.0.2.0-1jpp.3.el6_3 AND java-1.7.0-ibm is earlier than 1:1.7.0.2.0-1jpp.3.el6_3 AND java-1.7.0-ibm-plugin is earlier than 1:1.7.0.2.0-1jpp.3.el6_3 AND java-1.7.0-ibm-jdbc is earlier than 1:1.7.0.2.0-1jpp.3.el6_3

Definition Id: oval:org.mitre.oval:def:21640

Oval ID:	oval:org.mitre.oval:def:21640
Title:	RHSA-2014:0026: java-1.7.0-openjdk security update (Critical)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0026-00 CESA-2014:0026 CVE-2013-5878 CVE-2013-5884 CVE-2013-5893 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428	Version:	187
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section java-1.7.0-openjdk is earlier than 1:1.7.0.51-2.4.4.1.el6_5 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.51-2.4.4.1.el6_5 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.51-2.4.4.1.el6_5 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.51-2.4.4.1.el6_5 AND java-1.7.0-openjdk-devel is earlier than 1:1.7.0.51-2.4.4.1.el6_5

Definition Id: oval:org.mitre.oval:def:21653

Oval ID:	oval:org.mitre.oval:def:21653
Title:	Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment)
Description:	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, and CVE-2014-0418.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-0424	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:21768

Oval ID:	oval:org.mitre.oval:def:21768
Title:	Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment)
Description:	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5898 and CVE-2014-0403.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-0375	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:21832

Oval ID:	oval:org.mitre.oval:def:21832
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5797	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:21843

Oval ID:	oval:org.mitre.oval:def:21843
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5829	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:21918

Oval ID:	oval:org.mitre.oval:def:21918
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-3829	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:21962

Oval ID:	oval:org.mitre.oval:def:21962
Title:	Vulnerability in Java SE 7u45 and JavaFX 2.2.45 component of Oracle Java SE (subcomponent: JavaFX)
Description:	Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5870	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of JavaFX is less than 2.2.45 Determine if the version of JavaFX is less than 2.2.45 Determine if the version of JavaFX is less than 2.2.46 AND Determine if the version of JavaFX is less than 2.2.46 (JRE 1.7.0:update_6 and later) AND JavaFX 2.x is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:21977

Oval ID:	oval:org.mitre.oval:def:21977
Title:	Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment)
Description:	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, when running with GNOME, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5888	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:21978

Oval ID:	oval:org.mitre.oval:def:21978
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Swing.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5783	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:21979

Oval ID:	oval:org.mitre.oval:def:21979
Title:	Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, JRockit R27.7.7, JRockit R28.2.9 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Beans)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability in DocumentHandler.java, related to Beans decoding.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-0423	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JRockit
Definition Synopsis:
Determine if the version of JRockit is less than R28.2.10 and is greater than or equal to R28.0.0 Determine if the version of JRockit is less than R28.2.10 AND JRockit R28 is installed OR Determine if the version of JRockit is less than R27.7.8 and is greater than or equal to R27.0.0 Determine if the version of JRockit is less than R27.7.8 AND JRockit R27 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:21989

Oval ID:	oval:org.mitre.oval:def:21989
Title:	Vulnerability in Java SE component of Oracle Java SE 6u65 and Java SE 7u45 (subcomponent: Deployment)
Description:	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-0410	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:21993

Oval ID:	oval:org.mitre.oval:def:21993
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5817	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22015

Oval ID:	oval:org.mitre.oval:def:22015
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5809	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22034

Oval ID:	oval:org.mitre.oval:def:22034
Title:	Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, JavaFX 2.2.45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: 2D)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JavaFX 2.2.45; and Java SE Embedded 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-0417	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of JavaFX is less than 2.2.45 Determine if the version of JavaFX is less than 2.2.45 Determine if the version of JavaFX is less than 2.2.46 AND Determine if the version of JavaFX is less than 2.2.46 (JRE 1.7.0:update_6 and later) AND JavaFX 2.x is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22046

Oval ID:	oval:org.mitre.oval:def:22046
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5780	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22049

Oval ID:	oval:org.mitre.oval:def:22049
Title:	RHSA-2014:0027: java-1.7.0-openjdk security update (Important)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0027-00 CESA-2014:0027 CVE-2013-5878 CVE-2013-5884 CVE-2013-5893 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428	Version:	187
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section java-1.7.0-openjdk is earlier than 1:1.7.0.51-2.4.4.1.el5_10 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.51-2.4.4.1.el5_10 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.51-2.4.4.1.el5_10 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.51-2.4.4.1.el5_10 AND java-1.7.0-openjdk-devel is earlier than 1:1.7.0.51-2.4.4.1.el5_10

Definition Id: oval:org.mitre.oval:def:22061

Oval ID:	oval:org.mitre.oval:def:22061
Title:	USN-2089-1 -- openjdk-7 vulnerabilities
Description:	Several security issues were fixed in OpenJDK 7.
Family:	unix	Class:	patch
Reference(s):	USN-2089-1 CVE-2013-3829 CVE-2013-5783 CVE-2013-5804 CVE-2014-0411 CVE-2013-4002 CVE-2013-5803 CVE-2013-5823 CVE-2013-5825 CVE-2013-5896 CVE-2013-5910 CVE-2013-5772 CVE-2013-5774 CVE-2013-5784 CVE-2013-5797 CVE-2013-5820 CVE-2014-0376 CVE-2014-0416 CVE-2013-5778 CVE-2013-5780 CVE-2013-5790 CVE-2013-5800 CVE-2013-5840 CVE-2013-5849 CVE-2013-5851 CVE-2013-5884 CVE-2014-0368 CVE-2013-5782 CVE-2013-5802 CVE-2013-5809 CVE-2013-5829 CVE-2013-5814 CVE-2013-5817 CVE-2013-5830 CVE-2013-5842 CVE-2013-5850 CVE-2013-5878 CVE-2013-5893 CVE-2013-5907 CVE-2014-0373 CVE-2014-0408 CVE-2014-0422 CVE-2014-0428 CVE-2014-0423 CVE-2013-5805 CVE-2013-5806	Version:	5
Platform(s):	Ubuntu 13.10 Ubuntu 13.04 Ubuntu 12.10	Product(s):	openjdk-7
Definition Synopsis:
Ubuntu 13.10 release section Ubuntu 13.10 is installed Packages match section icedtea-7-jre-jamvm DPKG is earlier than 0:7u51-2.4.4-0ubuntu0.13.10.1 AND openjdk-7-jre DPKG is earlier than 0:7u51-2.4.4-0ubuntu0.13.10.1 AND openjdk-7-jre-headless DPKG is earlier than 0:7u51-2.4.4-0ubuntu0.13.10.1 AND openjdk-7-jre-lib DPKG is earlier than 0:7u51-2.4.4-0ubuntu0.13.10.1 AND openjdk-7-jre-zero DPKG is earlier than 0:7u51-2.4.4-0ubuntu0.13.10.1 AND Ubuntu 13.04 release section Ubuntu 13.04 is installed Packages match section icedtea-7-jre-jamvm DPKG is earlier than 0:7u51-2.4.4-0ubuntu0.13.04.2 AND openjdk-7-jre DPKG is earlier than 0:7u51-2.4.4-0ubuntu0.13.04.2 AND openjdk-7-jre-headless DPKG is earlier than 0:7u51-2.4.4-0ubuntu0.13.04.2 AND openjdk-7-jre-lib DPKG is earlier than 0:7u51-2.4.4-0ubuntu0.13.04.2 AND openjdk-7-jre-zero DPKG is earlier than 0:7u51-2.4.4-0ubuntu0.13.04.2 AND Ubuntu 12.10 release section Ubuntu 12.10 is installed Packages match section icedtea-7-jre-cacao DPKG is earlier than 0:7u51-2.4.4-0ubuntu0.12.10.2 AND icedtea-7-jre-jamvm DPKG is earlier than 0:7u51-2.4.4-0ubuntu0.12.10.2 AND openjdk-7-jre DPKG is earlier than 0:7u51-2.4.4-0ubuntu0.12.10.2 AND openjdk-7-jre-headless DPKG is earlier than 0:7u51-2.4.4-0ubuntu0.12.10.2 AND openjdk-7-jre-lib DPKG is earlier than 0:7u51-2.4.4-0ubuntu0.12.10.2 AND openjdk-7-jre-zero DPKG is earlier than 0:7u51-2.4.4-0ubuntu0.12.10.2

Definition Id: oval:org.mitre.oval:def:22066

Oval ID:	oval:org.mitre.oval:def:22066
Title:	Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment)
Description:	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5899	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22073

Oval ID:	oval:org.mitre.oval:def:22073
Title:	Vulnerability in Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Libraries)
Description:	Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5893	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22092

Oval ID:	oval:org.mitre.oval:def:22092
Title:	RHSA-2014:0136: java-1.5.0-ibm security update (Important)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0136-00 CVE-2013-5907 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0417 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428	Version:	87
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5	Product(s):	java-1.5.0-ibm
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section java-1.5.0-ibm is earlier than 1:1.5.0.16.5-1jpp.1.el5_10 AND java-1.5.0-ibm-accessibility is earlier than 1:1.5.0.16.5-1jpp.1.el5_10 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.16.5-1jpp.1.el5_10 AND java-1.5.0-ibm-devel is earlier than 1:1.5.0.16.5-1jpp.1.el5_10 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.16.5-1jpp.1.el5_10 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.16.5-1jpp.1.el5_10 AND java-1.5.0-ibm-plugin is earlier than 1:1.5.0.16.5-1jpp.1.el5_10 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.16.5-1jpp.1.el5_10 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section java-1.5.0-ibm is earlier than 1:1.5.0.16.5-1jpp.1.el6_5 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.16.5-1jpp.1.el6_5 AND java-1.5.0-ibm-devel is earlier than 1:1.5.0.16.5-1jpp.1.el6_5 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.16.5-1jpp.1.el6_5 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.16.5-1jpp.1.el6_5 AND java-1.5.0-ibm-plugin is earlier than 1:1.5.0.16.5-1jpp.1.el6_5 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.16.5-1jpp.1.el6_5

Definition Id: oval:org.mitre.oval:def:22096

Oval ID:	oval:org.mitre.oval:def:22096
Title:	Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, JRockit R27.7.7, JRockit R28.2.9 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: JSSE)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-0411	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JRockit
Definition Synopsis:
Determine if the version of JRockit is less than R28.2.10 and is greater than or equal to R28.0.0 Determine if the version of JRockit is less than R28.2.10 AND JRockit R28 is installed OR Determine if the version of JRockit is less than R27.7.8 and is greater than or equal to R27.0.0 Determine if the version of JRockit is less than R27.7.8 AND JRockit R27 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22106

Oval ID:	oval:org.mitre.oval:def:22106
Title:	Vulnerability in Java SE 6u65, Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment)
Description:	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5889	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22118

Oval ID:	oval:org.mitre.oval:def:22118
Title:	Vulnerability in Java SE 7u45 and JavaFX 2.2.45 component of Oracle Java SE (subcomponent: JavaFX)
Description:	Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect availability via unknown vectors related to JavaFX.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-0382	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of JavaFX is less than 2.2.45 Determine if the version of JavaFX is less than 2.2.45 Determine if the version of JavaFX is less than 2.2.46 AND Determine if the version of JavaFX is less than 2.2.46 (JRE 1.7.0:update_6 and later) AND JavaFX 2.x is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22135

Oval ID:	oval:org.mitre.oval:def:22135
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and JavaFX 2.2.40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5848	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22137

Oval ID:	oval:org.mitre.oval:def:22137
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5814	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22155

Oval ID:	oval:org.mitre.oval:def:22155
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JavaFX 2.2.40 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5843	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22157

Oval ID:	oval:org.mitre.oval:def:22157
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5775	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22170

Oval ID:	oval:org.mitre.oval:def:22170
Title:	Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, JRockit R27.7.7, Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: 2D)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5907	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JRockit
Definition Synopsis:
Determine if the version of JRockit is less than R28.2.10 and is greater than or equal to R28.0.0 Determine if the version of JRockit is less than R28.2.10 AND JRockit R28 is installed OR Determine if the version of JRockit is less than R27.7.8 and is greater than or equal to R27.0.0 Determine if the version of JRockit is less than R27.7.8 AND JRockit R27 is installed OR Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22176

Oval ID:	oval:org.mitre.oval:def:22176
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u40 and earlier and Java SE 6u60 and earlier allows remote attackers to affect integrity via unknown vectors related to jhat.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5772	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22189

Oval ID:	oval:org.mitre.oval:def:22189
Title:	RHSA-2014:0097: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0097-00 CESA-2014:0097 CVE-2013-5878 CVE-2013-5884 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428	Version:	122
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Operation system section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section java-1.6.0-openjdk is earlier than 1:1.6.0.0-3.1.13.1.el5_10 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-3.1.13.1.el5_10 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-3.1.13.1.el5_10 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-3.1.13.1.el5_10 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-3.1.13.1.el5_10 AND Operation system section Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section java-1.6.0-openjdk is earlier than 1:1.6.0.0-3.1.13.1.el6_5 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-3.1.13.1.el6_5 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-3.1.13.1.el6_5 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-3.1.13.1.el6_5 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-3.1.13.1.el6_5

Definition Id: oval:org.mitre.oval:def:22192

Oval ID:	oval:org.mitre.oval:def:22192
Title:	Vulnerability in Java SE component of Oracle Java SE 6u65 and Java SE 7u45 (subcomponent: Deployment)
Description:	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0418, and CVE-2014-0424.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-0415	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22200

Oval ID:	oval:org.mitre.oval:def:22200
Title:	Vulnerability in Java SE 5.0u55, Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Install)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install, a different vulnerability than CVE-2013-5905.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5906	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22202

Oval ID:	oval:org.mitre.oval:def:22202
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5778	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22205

Oval ID:	oval:org.mitre.oval:def:22205
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013-5805.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5806	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22214

Oval ID:	oval:org.mitre.oval:def:22214
Title:	Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: JAAS)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAAS. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to how principals are set for the Subject class, which allows attackers to escape the sandbox using deserialization of a crafted Subject instance.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-0416	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22233

Oval ID:	oval:org.mitre.oval:def:22233
Title:	Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: CORBA)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-0428	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22237

Oval ID:	oval:org.mitre.oval:def:22237
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5840	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22239

Oval ID:	oval:org.mitre.oval:def:22239
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5804	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22241

Oval ID:	oval:org.mitre.oval:def:22241
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5774	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22245

Oval ID:	oval:org.mitre.oval:def:22245
Title:	Vulnerability in Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Security)
Description:	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the the Security component does not properly handle null XML namespace (xmlns) attributes during XML document canonicalization, which allows attackers to escape the sandbox.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5878	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22256

Oval ID:	oval:org.mitre.oval:def:22256
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to JAX-WS.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5820	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22258

Oval ID:	oval:org.mitre.oval:def:22258
Title:	Vulnerability in Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Security)
Description:	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that CanonicalizerBase.java in the XML canonicalizer allows untrusted code to access mutable byte arrays.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5910	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22260

Oval ID:	oval:org.mitre.oval:def:22260
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5842	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22261

Oval ID:	oval:org.mitre.oval:def:22261
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5801	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22270

Oval ID:	oval:org.mitre.oval:def:22270
Title:	Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: JAXP)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAXP. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an improper check for "code permissions when creating document builder factories."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-0376	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22289

Oval ID:	oval:org.mitre.oval:def:22289
Title:	Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Networking)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to incorrect permission checks when listening on a socket, which allows attackers to escape the sandbox.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-0368	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22292

Oval ID:	oval:org.mitre.oval:def:22292
Title:	RHSA-2014:0134: java-1.7.0-ibm security update (Critical)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0134-00 CVE-2013-5878 CVE-2013-5884 CVE-2013-5887 CVE-2013-5888 CVE-2013-5889 CVE-2013-5896 CVE-2013-5898 CVE-2013-5899 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0375 CVE-2014-0376 CVE-2014-0387 CVE-2014-0403 CVE-2014-0410 CVE-2014-0411 CVE-2014-0415 CVE-2014-0416 CVE-2014-0417 CVE-2014-0422 CVE-2014-0423 CVE-2014-0424 CVE-2014-0428	Version:	207
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5	Product(s):	java-1.7.0-ibm
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section java-1.7.0-ibm is earlier than 1:1.7.0.6.1-1jpp.1.el5_10 AND java-1.7.0-ibm-demo is earlier than 1:1.7.0.6.1-1jpp.1.el5_10 AND java-1.7.0-ibm-devel is earlier than 1:1.7.0.6.1-1jpp.1.el5_10 AND java-1.7.0-ibm-jdbc is earlier than 1:1.7.0.6.1-1jpp.1.el5_10 AND java-1.7.0-ibm-plugin is earlier than 1:1.7.0.6.1-1jpp.1.el5_10 AND java-1.7.0-ibm-src is earlier than 1:1.7.0.6.1-1jpp.1.el5_10 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section java-1.7.0-ibm is earlier than 1:1.7.0.6.1-1jpp.1.el6_5 AND java-1.7.0-ibm-demo is earlier than 1:1.7.0.6.1-1jpp.1.el6_5 AND java-1.7.0-ibm-devel is earlier than 1:1.7.0.6.1-1jpp.1.el6_5 AND java-1.7.0-ibm-jdbc is earlier than 1:1.7.0.6.1-1jpp.1.el6_5 AND java-1.7.0-ibm-plugin is earlier than 1:1.7.0.6.1-1jpp.1.el6_5 AND java-1.7.0-ibm-src is earlier than 1:1.7.0.6.1-1jpp.1.el6_5

Definition Id: oval:org.mitre.oval:def:22304

Oval ID:	oval:org.mitre.oval:def:22304
Title:	Vulnerability in Java SE 5.0u55, Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Serviceability)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to throwing of an incorrect exception when SnmpStatusException should have been used in the SNMP implementation, which allows attackers to escape the sandbox.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-0373	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22311

Oval ID:	oval:org.mitre.oval:def:22311
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, and JavaFX 2.2.40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5846	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22317

Oval ID:	oval:org.mitre.oval:def:22317
Title:	Vulnerability in Java SE 7u45 and JavaFX 2.2.45 component of Oracle Java SE (subcomponent: JavaFX)
Description:	Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5895	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment JavaFX
Definition Synopsis:
Determine if the version of JavaFX is less than 2.2.45 Determine if the version of JavaFX is less than 2.2.45 Determine if the version of JavaFX is less than 2.2.46 AND Determine if the version of JavaFX is less than 2.2.46 (JRE 1.7.0:update_6 and later) AND JavaFX 2.x is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22330

Oval ID:	oval:org.mitre.oval:def:22330
Title:	Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment)
Description:	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5898 and CVE-2014-0375.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-0403	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22349

Oval ID:	oval:org.mitre.oval:def:22349
Title:	Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment)
Description:	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2014-0410, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5902	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22363

Oval ID:	oval:org.mitre.oval:def:22363
Title:	Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment)
Description:	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-0375 and CVE-2014-0403.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5898	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22366

Oval ID:	oval:org.mitre.oval:def:22366
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5819	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22372

Oval ID:	oval:org.mitre.oval:def:22372
Title:	Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: CORBA)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that com.sun.corba.se and its sub-packages are not included on the restricted package list.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5896	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22377

Oval ID:	oval:org.mitre.oval:def:22377
Title:	Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment)
Description:	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect availability via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-5887	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22386

Oval ID:	oval:org.mitre.oval:def:22386
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013-5806.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5805	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22402

Oval ID:	oval:org.mitre.oval:def:22402
Title:	Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: JNDI)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to missing package access checks in the Naming / JNDI component, which allows attackers to escape the sandbox.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-0422	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 Determine if the version of Java Runtime Environment is less than 1.5.0:update_56 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:22415

Oval ID:	oval:org.mitre.oval:def:22415
Title:	RHSA-2014:0030: java-1.7.0-oracle security update (Critical)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0030-00 CVE-2013-5870 CVE-2013-5878 CVE-2013-5884 CVE-2013-5887 CVE-2013-5888 CVE-2013-5889 CVE-2013-5893 CVE-2013-5895 CVE-2013-5896 CVE-2013-5898 CVE-2013-5899 CVE-2013-5902 CVE-2013-5904 CVE-2013-5905 CVE-2013-5906 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0375 CVE-2014-0376 CVE-2014-0382 CVE-2014-0387 CVE-2014-0403 CVE-2014-0410 CVE-2014-0411 CVE-2014-0415 CVE-2014-0416 CVE-2014-0417 CVE-2014-0418 CVE-2014-0422 CVE-2014-0423 CVE-2014-0424 CVE-2014-0428	Version:	311
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section java-1.7.0-oracle-src is earlier than 1:1.7.0.51-1jpp.1.el6_5 AND java-1.7.0-oracle is earlier than 1:1.7.0.51-1jpp.1.el6_5 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.51-1jpp.1.el6_5 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.51-1jpp.1.el6_5 AND java-1.7.0-oracle-javafx is earlier than 1:1.7.0.51-1jpp.1.el6_5 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.51-1jpp.1.el6_5

Definition Id: oval:org.mitre.oval:def:22417

Oval ID:	oval:org.mitre.oval:def:22417
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5824	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22421

Oval ID:	oval:org.mitre.oval:def:22421
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality via unknown vectors.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5854	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22426

Oval ID:	oval:org.mitre.oval:def:22426
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5777	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22447

Oval ID:	oval:org.mitre.oval:def:22447
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5844	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22450

Oval ID:	oval:org.mitre.oval:def:22450
Title:	ELSA-2012:1385: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1385-00 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089	Version:	65
Platform(s):	Oracle Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 5.x rpm test java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.28.1.10.10.el5_8 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.28.1.10.10.el5_8 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.28.1.10.10.el5_8 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.28.1.10.10.el5_8 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.28.1.10.10.el5_8

Definition Id: oval:org.mitre.oval:def:22454

Oval ID:	oval:org.mitre.oval:def:22454
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5812	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22455

Oval ID:	oval:org.mitre.oval:def:22455
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u25 and earlier, and Java SE Embedded 7u25 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5838	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22463

Oval ID:	oval:org.mitre.oval:def:22463
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to BEANS.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5790	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22466

Oval ID:	oval:org.mitre.oval:def:22466
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5802	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22469

Oval ID:	oval:org.mitre.oval:def:22469
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to SCRIPTING.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5784	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22475

Oval ID:	oval:org.mitre.oval:def:22475
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5825	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22501

Oval ID:	oval:org.mitre.oval:def:22501
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5832	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22515

Oval ID:	oval:org.mitre.oval:def:22515
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5831	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22522

Oval ID:	oval:org.mitre.oval:def:22522
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5852	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22525

Oval ID:	oval:org.mitre.oval:def:22525
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5818	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22526

Oval ID:	oval:org.mitre.oval:def:22526
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5789	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22527

Oval ID:	oval:org.mitre.oval:def:22527
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to AWT.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5849	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22539

Oval ID:	oval:org.mitre.oval:def:22539
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5803	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22553

Oval ID:	oval:org.mitre.oval:def:22553
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5787	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22560

Oval ID:	oval:org.mitre.oval:def:22560
Title:	RHSA-2014:0135: java-1.6.0-ibm security update (Critical)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0135-00 CVE-2013-5878 CVE-2013-5884 CVE-2013-5887 CVE-2013-5888 CVE-2013-5889 CVE-2013-5896 CVE-2013-5898 CVE-2013-5899 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0375 CVE-2014-0376 CVE-2014-0387 CVE-2014-0403 CVE-2014-0410 CVE-2014-0411 CVE-2014-0415 CVE-2014-0416 CVE-2014-0417 CVE-2014-0422 CVE-2014-0423 CVE-2014-0424 CVE-2014-0428	Version:	207
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5	Product(s):	java-1.6.0-ibm
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section java-1.6.0-ibm is earlier than 1:1.6.0.15.1-1jpp.1.el5_10 AND java-1.6.0-ibm-accessibility is earlier than 1:1.6.0.15.1-1jpp.1.el5_10 AND java-1.6.0-ibm-demo is earlier than 1:1.6.0.15.1-1jpp.1.el5_10 AND java-1.6.0-ibm-devel is earlier than 1:1.6.0.15.1-1jpp.1.el5_10 AND java-1.6.0-ibm-javacomm is earlier than 1:1.6.0.15.1-1jpp.1.el5_10 AND java-1.6.0-ibm-jdbc is earlier than 1:1.6.0.15.1-1jpp.1.el5_10 AND java-1.6.0-ibm-plugin is earlier than 1:1.6.0.15.1-1jpp.1.el5_10 AND java-1.6.0-ibm-src is earlier than 1:1.6.0.15.1-1jpp.1.el5_10 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section java-1.6.0-ibm is earlier than 1:1.6.0.15.1-1jpp.1.el6_5 AND java-1.6.0-ibm-demo is earlier than 1:1.6.0.15.1-1jpp.1.el6_5 AND java-1.6.0-ibm-devel is earlier than 1:1.6.0.15.1-1jpp.1.el6_5 AND java-1.6.0-ibm-javacomm is earlier than 1:1.6.0.15.1-1jpp.1.el6_5 AND java-1.6.0-ibm-jdbc is earlier than 1:1.6.0.15.1-1jpp.1.el6_5 AND java-1.6.0-ibm-plugin is earlier than 1:1.6.0.15.1-1jpp.1.el6_5 AND java-1.6.0-ibm-src is earlier than 1:1.6.0.15.1-1jpp.1.el6_5

Definition Id: oval:org.mitre.oval:def:22567

Oval ID:	oval:org.mitre.oval:def:22567
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5782	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22570

Oval ID:	oval:org.mitre.oval:def:22570
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5850	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22571

Oval ID:	oval:org.mitre.oval:def:22571
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5830	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22577

Oval ID:	oval:org.mitre.oval:def:22577
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5810	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22580

Oval ID:	oval:org.mitre.oval:def:22580
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5823	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.08.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.08.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-COM version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.08.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.08.00

Definition Id: oval:org.mitre.oval:def:22603

Oval ID:	oval:org.mitre.oval:def:22603
Title:	ELSA-2013:0752: java-1.7.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0752-01 CVE-2013-0401 CVE-2013-1488 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1558 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2423 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 CVE-2013-2437	Version:	93
Platform(s):	Oracle Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 5.x rpm test java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.19-2.3.9.1.el5_9 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.19-2.3.9.1.el5_9 AND java-1.7.0-openjdk is earlier than 1:1.7.0.19-2.3.9.1.el5_9 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.19-2.3.9.1.el5_9 AND java-1.7.0-openjdk-devel is earlier than 1:1.7.0.19-2.3.9.1.el5_9

Definition Id: oval:org.mitre.oval:def:22761

Oval ID:	oval:org.mitre.oval:def:22761
Title:	ELSA-2012:1222: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder."
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1222-00 CVE-2012-0547 CVE-2012-1682	Version:	13
Platform(s):	Oracle Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 5.x rpm test java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.28.1.10.9.el5_8 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.28.1.10.9.el5_8 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.28.1.10.9.el5_8 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.28.1.10.9.el5_8 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.28.1.10.9.el5_8

Definition Id: oval:org.mitre.oval:def:23009

Oval ID:	oval:org.mitre.oval:def:23009
Title:	ELSA-2013:0603: java-1.7.0-openjdk security update (Important)
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0603-00 CVE-2013-0809 CVE-2013-1493	Version:	13
Platform(s):	Oracle Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 5.x rpm test java-1.7.0-openjdk-src is earlier than 1:1.7.0.9-2.3.8.0.el5_9 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.9-2.3.8.0.el5_9 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.9-2.3.8.0.el5_9 AND java-1.7.0-openjdk-devel is earlier than 1:1.7.0.9-2.3.8.0.el5_9 AND java-1.7.0-openjdk is earlier than 1:1.7.0.9-2.3.8.0.el5_9

Definition Id: oval:org.mitre.oval:def:23043

Oval ID:	oval:org.mitre.oval:def:23043
Title:	DEPRECATED: ELSA-2013:0275: java-1.7.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0275-01 CVE-2013-0169 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486	Version:	22
Platform(s):	Oracle Linux 6 Oracle Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test java-1.7.0-openjdk-devel is earlier than 1:1.7.0.9-2.3.7.1.el6_3 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.9-2.3.7.1.el6_3 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.9-2.3.7.1.el6_3 AND java-1.7.0-openjdk is earlier than 1:1.7.0.9-2.3.7.1.el6_3 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.9-2.3.7.1.el6_3 OR rpm test Oracle Linux 5.x AND rpm test java-1.7.0-openjdk-devel is earlier than 1:1.7.0.9-2.3.7.1.el5_9 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.9-2.3.7.1.el5_9 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.9-2.3.7.1.el5_9 AND java-1.7.0-openjdk is earlier than 1:1.7.0.9-2.3.7.1.el5_9 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.9-2.3.7.1.el5_9

Definition Id: oval:org.mitre.oval:def:23179

Oval ID:	oval:org.mitre.oval:def:23179
Title:	ELSA-2013:0602: java-1.7.0-openjdk security update (Critical)
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0602-01 CVE-2013-0809 CVE-2013-1493	Version:	13
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-openjdk-devel is earlier than 1:1.7.0.9-2.3.8.0.el6_4 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.9-2.3.8.0.el6_4 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.9-2.3.8.0.el6_4 AND java-1.7.0-openjdk is earlier than 1:1.7.0.9-2.3.8.0.el6_4 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.9-2.3.8.0.el6_4

Definition Id: oval:org.mitre.oval:def:23195

Oval ID:	oval:org.mitre.oval:def:23195
Title:	ELSA-2012:0734: java-1.6.0-sun security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:0734-02 CVE-2012-0551 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1721 CVE-2012-1722 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725	Version:	53
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-sun
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-sun-demo is earlier than 1:1.6.0.33-1jpp.1.el6_2 AND java-1.6.0-sun is earlier than 1:1.6.0.33-1jpp.1.el6_2 AND java-1.6.0-sun-src is earlier than 1:1.6.0.33-1jpp.1.el6_2 AND java-1.6.0-sun-jdbc is earlier than 1:1.6.0.33-1jpp.1.el6_2 AND java-1.6.0-sun-devel is earlier than 1:1.6.0.33-1jpp.1.el6_2 AND java-1.6.0-sun-plugin is earlier than 1:1.6.0.33-1jpp.1.el6_2

Definition Id: oval:org.mitre.oval:def:23216

Oval ID:	oval:org.mitre.oval:def:23216
Title:	ELSA-2013:0236: java-1.6.0-sun security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0236-01 CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0430 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0446 CVE-2013-0450 CVE-2013-1473 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1481	Version:	125
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-sun
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-sun-jdbc is earlier than 1:1.6.0.39-1jpp.1.el6_3 AND java-1.6.0-sun is earlier than 1:1.6.0.39-1jpp.1.el6_3 AND java-1.6.0-sun-plugin is earlier than 1:1.6.0.39-1jpp.1.el6_3 AND java-1.6.0-sun-devel is earlier than 1:1.6.0.39-1jpp.1.el6_3 AND java-1.6.0-sun-demo is earlier than 1:1.6.0.39-1jpp.1.el6_3 AND java-1.6.0-sun-src is earlier than 1:1.6.0.39-1jpp.1.el6_3

Definition Id: oval:org.mitre.oval:def:23223

Oval ID:	oval:org.mitre.oval:def:23223
Title:	ELSA-2012:1009: java-1.7.0-openjdk security and bug fix update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1009-01 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 CVE-2012-1726	Version:	45
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-openjdk-devel is earlier than 1:1.7.0.5-2.2.1.el6_3 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.5-2.2.1.el6_3 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.5-2.2.1.el6_3 AND java-1.7.0-openjdk is earlier than 1:1.7.0.5-2.2.1.el6_3 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.5-2.2.1.el6_3

Definition Id: oval:org.mitre.oval:def:23260

Oval ID:	oval:org.mitre.oval:def:23260
Title:	DEPRECATED: ELSA-2013:1505: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1505-00 CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850	Version:	110
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.65.1.11.14.el6_4 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.65.1.11.14.el6_4 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.65.1.11.14.el6_4 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.65.1.11.14.el6_4 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.65.1.11.14.el6_4 OR rpm test Oracle Linux 5.x AND rpm test java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.42.1.11.14.el5_10 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.42.1.11.14.el5_10 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.42.1.11.14.el5_10 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.42.1.11.14.el5_10 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.42.1.11.14.el5_10

Definition Id: oval:org.mitre.oval:def:23287

Oval ID:	oval:org.mitre.oval:def:23287
Title:	ELSA-2012:0322: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:0322-01 CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507	Version:	45
Platform(s):	Oracle Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 5.x rpm test java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.25.1.10.6.el5_8 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.25.1.10.6.el5_8 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.25.1.10.6.el5_8 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.25.1.10.6.el5_8 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.25.1.10.6.el5_8

Definition Id: oval:org.mitre.oval:def:23296

Oval ID:	oval:org.mitre.oval:def:23296
Title:	ELSA-2012:0730: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:0730-00 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725	Version:	41
Platform(s):	Oracle Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 5.x rpm test java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.27.1.10.8.el5_8 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.27.1.10.8.el5_8 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.27.1.10.8.el5_8 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.27.1.10.8.el5_8 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.27.1.10.8.el5_8

Definition Id: oval:org.mitre.oval:def:23321

Oval ID:	oval:org.mitre.oval:def:23321
Title:	ELSA-2013:0274: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0274-00 CVE-2013-0169 CVE-2013-1486	Version:	13
Platform(s):	Oracle Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 5.x rpm test java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.35.1.11.8.el5_9 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.35.1.11.8.el5_9 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.35.1.11.8.el5_9 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.35.1.11.8.el5_9 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.35.1.11.8.el5_9

Definition Id: oval:org.mitre.oval:def:23323

Oval ID:	oval:org.mitre.oval:def:23323
Title:	ELSA-2012:0514: java-1.6.0-ibm security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:0514-03 CVE-2011-3563 CVE-2011-5035 CVE-2012-0497 CVE-2012-0498 CVE-2012-0499 CVE-2012-0500 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507	Version:	53
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-ibm
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-ibm-jdbc is earlier than 1:1.6.0.10.1-1jpp.5.el6_2 AND java-1.6.0-ibm-demo is earlier than 1:1.6.0.10.1-1jpp.5.el6_2 AND java-1.6.0-ibm is earlier than 1:1.6.0.10.1-1jpp.5.el6_2 AND java-1.6.0-ibm-src is earlier than 1:1.6.0.10.1-1jpp.5.el6_2 AND java-1.6.0-ibm-devel is earlier than 1:1.6.0.10.1-1jpp.5.el6_2 AND java-1.6.0-ibm-javacomm is earlier than 1:1.6.0.10.1-1jpp.5.el6_2 AND java-1.6.0-ibm-plugin is earlier than 1:1.6.0.10.1-1jpp.5.el6_2

Definition Id: oval:org.mitre.oval:def:23377

Oval ID:	oval:org.mitre.oval:def:23377
Title:	ELSA-2013:0958: java-1.7.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0958-00 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473	Version:	121
Platform(s):	Oracle Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 5.x rpm test java-1.7.0-openjdk-demo is earlier than 1:1.7.0.25-2.3.10.4.el5_9 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.25-2.3.10.4.el5_9 AND java-1.7.0-openjdk is earlier than 1:1.7.0.25-2.3.10.4.el5_9 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.25-2.3.10.4.el5_9 AND java-1.7.0-openjdk-devel is earlier than 1:1.7.0.25-2.3.10.4.el5_9

Definition Id: oval:org.mitre.oval:def:23436

Oval ID:	oval:org.mitre.oval:def:23436
Title:	ELSA-2013:0604: java-1.6.0-openjdk security update (Important)
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0604-00 CVE-2013-0809 CVE-2013-1493	Version:	13
Platform(s):	Oracle Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 5.x rpm test java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.36.1.11.9.el5_9 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.36.1.11.9.el5_9 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.36.1.11.9.el5_9 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.36.1.11.9.el5_9 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.36.1.11.9.el5_9

Definition Id: oval:org.mitre.oval:def:23455

Oval ID:	oval:org.mitre.oval:def:23455
Title:	DEPRECATED: ELSA-2013:0165: java-1.7.0-openjdk security update (Important)
Description:	Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary Class references using the findClass method, and (2) using the Reflection API with recursion in a way that bypasses a security check by the java.lang.invoke.MethodHandles.Lookup.checkSecurityManager method due to the inability of the sun.reflect.Reflection.getCallerClass method to skip frames related to the new reflection API, as exploited in the wild in January 2013, as demonstrated by Blackhole and Nuclear Pack, and a different vulnerability than CVE-2012-4681 and CVE-2012-3174. NOTE: some parties have mapped the recursive Reflection API issue to CVE-2012-3174, but CVE-2012-3174 is for a different vulnerability whose details are not public as of 20130114. CVE-2013-0422 covers both the JMX/MBean and Reflection API issues. NOTE: it was originally reported that Java 6 was also vulnerable, but the reporter has retracted this claim, stating that Java 6 is not exploitable because the relevant code is called in a way that does not bypass security checks. NOTE: as of 20130114, a reliable third party has claimed that the findClass/MBeanInstantiator vector was not fixed in Oracle Java 7 Update 11. If there is still a vulnerable condition, then a separate CVE identifier might be created for the unfixed issue.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0165-01 CVE-2012-3174 CVE-2013-0422	Version:	14
Platform(s):	Oracle Linux 6 Oracle Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test java-1.7.0-openjdk-devel is earlier than 1:1.7.0.9-2.3.4.1.el6_3 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.9-2.3.4.1.el6_3 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.9-2.3.4.1.el6_3 AND java-1.7.0-openjdk is earlier than 1:1.7.0.9-2.3.4.1.el6_3 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.9-2.3.4.1.el6_3 OR rpm test Oracle Linux 5.x AND rpm test java-1.7.0-openjdk-devel is earlier than 1:1.7.0.9-2.3.4.el5_9.1 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.9-2.3.4.el5_9.1 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.9-2.3.4.el5_9.1 AND java-1.7.0-openjdk is earlier than 1:1.7.0.9-2.3.4.el5_9.1 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.9-2.3.4.el5_9.1

Definition Id: oval:org.mitre.oval:def:23480

Oval ID:	oval:org.mitre.oval:def:23480
Title:	ELSA-2014:0027: java-1.7.0-openjdk security update (Important)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0027-00 CVE-2013-5878 CVE-2013-5884 CVE-2013-5893 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428	Version:	61
Platform(s):	Oracle Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 5.x rpm test java-1.7.0-openjdk is earlier than 1:1.7.0.51-2.4.4.1.el5_10 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.51-2.4.4.1.el5_10 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.51-2.4.4.1.el5_10 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.51-2.4.4.1.el5_10 AND java-1.7.0-openjdk-devel is earlier than 1:1.7.0.51-2.4.4.1.el5_10

Definition Id: oval:org.mitre.oval:def:23484

Oval ID:	oval:org.mitre.oval:def:23484
Title:	ELSA-2013:0532: java-1.7.0-oracle security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0532-01 CVE-2013-0169 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486 CVE-2013-1487	Version:	25
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-oracle is earlier than 1:1.7.0.15-1jpp.1.el6_3 AND java-1.7.0-oracle-src is earlier than 1:1.7.0.15-1jpp.1.el6_3 AND java-1.7.0-oracle-javafx is earlier than 1:1.7.0.15-1jpp.1.el6_3 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.15-1jpp.1.el6_3 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.15-1jpp.1.el6_3 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.15-1jpp.1.el6_3

Definition Id: oval:org.mitre.oval:def:23489

Oval ID:	oval:org.mitre.oval:def:23489
Title:	DEPRECATED: ELSA-2013:0587: openssl security update (Moderate)
Description:	The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0587-01 CVE-2012-4929 CVE-2013-0166 CVE-2013-0169	Version:	18
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	openssl
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test openssl-devel is earlier than 0:1.0.0-27.el6_4.2 AND openssl-static is earlier than 0:1.0.0-27.el6_4.2 AND openssl-perl is earlier than 0:1.0.0-27.el6_4.2 AND openssl is earlier than 0:1.0.0-27.el6_4.2 OR rpm test Oracle Linux 5.x AND rpm test openssl-devel is earlier than 0:0.9.8e-26.el5_9.1 AND openssl-perl is earlier than 0:0.9.8e-26.el5_9.1 AND openssl is earlier than 0:0.9.8e-26.el5_9.1

Definition Id: oval:org.mitre.oval:def:23493

Oval ID:	oval:org.mitre.oval:def:23493
Title:	DEPRECATED: ELSA-2013:0770: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to bypassing the Java sandbox using "method handle intrinsic frames."
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0770-01 CVE-2013-0401 CVE-2013-1488 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1558 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431	Version:	86
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.61.1.11.11.el6_4 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.61.1.11.11.el6_4 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.61.1.11.11.el6_4 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.61.1.11.11.el6_4 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.61.1.11.11.el6_4 OR rpm test Oracle Linux 5.x AND rpm test java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.40.1.11.11.el5_9 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.40.1.11.11.el5_9 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.40.1.11.11.el5_9 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.40.1.11.11.el5_9 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.40.1.11.11.el5_9

Definition Id: oval:org.mitre.oval:def:23552

Oval ID:	oval:org.mitre.oval:def:23552
Title:	ELSA-2013:0626: java-1.7.0-ibm security update (Critical)
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0626-02 CVE-2012-1541 CVE-2012-3174 CVE-2012-3213 CVE-2012-3342 CVE-2012-5085 CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 CVE-2013-0422 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0431 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0437 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0444 CVE-2013-0445 CVE-2013-0446 CVE-2013-0449 CVE-2013-0450 CVE-2013-0809 CVE-2013-1473 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486 CVE-2013-1487 CVE-2013-1493	Version:	169
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-ibm
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-ibm-devel is earlier than 1:1.7.0.4.0-1jpp.2.el6_4 AND java-1.7.0-ibm-src is earlier than 1:1.7.0.4.0-1jpp.2.el6_4 AND java-1.7.0-ibm-demo is earlier than 1:1.7.0.4.0-1jpp.2.el6_4 AND java-1.7.0-ibm is earlier than 1:1.7.0.4.0-1jpp.2.el6_4 AND java-1.7.0-ibm-plugin is earlier than 1:1.7.0.4.0-1jpp.2.el6_4 AND java-1.7.0-ibm-jdbc is earlier than 1:1.7.0.4.0-1jpp.2.el6_4

Definition Id: oval:org.mitre.oval:def:23554

Oval ID:	oval:org.mitre.oval:def:23554
Title:	DEPRECATED: ELSA-2013:1014: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1014-00 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2459 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473	Version:	106
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.62.1.11.11.90.el6_4 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.62.1.11.11.90.el6_4 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.62.1.11.11.90.el6_4 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.62.1.11.11.90.el6_4 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.62.1.11.11.90.el6_4 OR rpm test Oracle Linux 5.x AND rpm test java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.41.1.11.11.90.el5_9 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.41.1.11.11.90.el5_9 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.41.1.11.11.90.el5_9 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.41.1.11.11.90.el5_9 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.41.1.11.11.90.el5_9

Definition Id: oval:org.mitre.oval:def:23559

Oval ID:	oval:org.mitre.oval:def:23559
Title:	ELSA-2013:0165: java-1.7.0-openjdk security update (Important)
Description:	Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary Class references using the findClass method, and (2) using the Reflection API with recursion in a way that bypasses a security check by the java.lang.invoke.MethodHandles.Lookup.checkSecurityManager method due to the inability of the sun.reflect.Reflection.getCallerClass method to skip frames related to the new reflection API, as exploited in the wild in January 2013, as demonstrated by Blackhole and Nuclear Pack, and a different vulnerability than CVE-2012-4681 and CVE-2012-3174. NOTE: some parties have mapped the recursive Reflection API issue to CVE-2012-3174, but CVE-2012-3174 is for a different vulnerability whose details are not public as of 20130114. CVE-2013-0422 covers both the JMX/MBean and Reflection API issues. NOTE: it was originally reported that Java 6 was also vulnerable, but the reporter has retracted this claim, stating that Java 6 is not exploitable because the relevant code is called in a way that does not bypass security checks. NOTE: as of 20130114, a reliable third party has claimed that the findClass/MBeanInstantiator vector was not fixed in Oracle Java 7 Update 11. If there is still a vulnerable condition, then a separate CVE identifier might be created for the unfixed issue.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0165-01 CVE-2012-3174 CVE-2013-0422	Version:	13
Platform(s):	Oracle Linux 6 Oracle Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test java-1.7.0-openjdk-devel is earlier than 1:1.7.0.9-2.3.4.1.el6_3 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.9-2.3.4.1.el6_3 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.9-2.3.4.1.el6_3 AND java-1.7.0-openjdk is earlier than 1:1.7.0.9-2.3.4.1.el6_3 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.9-2.3.4.1.el6_3 OR rpm test Oracle Linux 5.x AND rpm test java-1.7.0-openjdk-devel is earlier than 1:1.7.0.9-2.3.4.el5_9.1 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.9-2.3.4.el5_9.1 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.9-2.3.4.el5_9.1 AND java-1.7.0-openjdk is earlier than 1:1.7.0.9-2.3.4.el5_9.1 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.9-2.3.4.el5_9.1

Definition Id: oval:org.mitre.oval:def:23587

Oval ID:	oval:org.mitre.oval:def:23587
Title:	ELSA-2013:1447: java-1.7.0-openjdk security update (Important)
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1447-00 CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5800 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5838 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851	Version:	121
Platform(s):	Oracle Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 5.x rpm test java-1.7.0-openjdk-demo is earlier than 1:1.7.0.45-2.4.3.1.el5_10 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.45-2.4.3.1.el5_10 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.45-2.4.3.1.el5_10 AND java-1.7.0-openjdk-devel is earlier than 1:1.7.0.45-2.4.3.1.el5_10 AND java-1.7.0-openjdk is earlier than 1:1.7.0.45-2.4.3.1.el5_10

Definition Id: oval:org.mitre.oval:def:23612

Oval ID:	oval:org.mitre.oval:def:23612
Title:	ELSA-2012:0729: java-1.6.0-openjdk security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:0729-01 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725	Version:	41
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.48.1.11.3.el6_2 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.48.1.11.3.el6_2 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.48.1.11.3.el6_2 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.48.1.11.3.el6_2 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.48.1.11.3.el6_2

Definition Id: oval:org.mitre.oval:def:23622

Oval ID:	oval:org.mitre.oval:def:23622
Title:	ELSA-2013:0855: java-1.5.0-ibm security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2394 and CVE-2013-1491.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0855-01 CVE-2013-0169 CVE-2013-0401 CVE-2013-1491 CVE-2013-1537 CVE-2013-1557 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2394 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2424 CVE-2013-2429 CVE-2013-2430 CVE-2013-2432	Version:	69
Platform(s):	Oracle Linux 6	Product(s):	java-1.5.0-ibm
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.5.0-ibm-plugin is earlier than 1:1.5.0.16.2-1jpp.1.el6_4 AND java-1.5.0-ibm is earlier than 1:1.5.0.16.2-1jpp.1.el6_4 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.16.2-1jpp.1.el6_4 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.16.2-1jpp.1.el6_4 AND java-1.5.0-ibm-devel is earlier than 1:1.5.0.16.2-1jpp.1.el6_4 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.16.2-1jpp.1.el6_4 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.16.2-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:23638

Oval ID:	oval:org.mitre.oval:def:23638
Title:	ELSA-2012:0139: java-1.6.0-sun security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:0139-01 CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0498 CVE-2012-0499 CVE-2012-0500 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507	Version:	53
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-sun
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-sun-jdbc is earlier than 1:1.6.0.31-1jpp.1.el6_2 AND java-1.6.0-sun is earlier than 1:1.6.0.31-1jpp.1.el6_2 AND java-1.6.0-sun-plugin is earlier than 1:1.6.0.31-1jpp.1.el6_2 AND java-1.6.0-sun-devel is earlier than 1:1.6.0.31-1jpp.1.el6_2 AND java-1.6.0-sun-demo is earlier than 1:1.6.0.31-1jpp.1.el6_2 AND java-1.6.0-sun-src is earlier than 1:1.6.0.31-1jpp.1.el6_2

Definition Id: oval:org.mitre.oval:def:23641

Oval ID:	oval:org.mitre.oval:def:23641
Title:	DEPRECATED: ELSA-2014:0097: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0097-00 CVE-2013-5878 CVE-2013-5884 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428	Version:	58
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
rpm test Oracle Linux 5.x AND rpm test java-1.6.0-openjdk is earlier than 1:1.6.0.0-3.1.13.1.el5_10 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-3.1.13.1.el5_10 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-3.1.13.1.el5_10 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-3.1.13.1.el5_10 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-3.1.13.1.el5_10 OR rpm test Oracle Linux 6.x AND rpm test java-1.6.0-openjdk is earlier than 1:1.6.0.0-3.1.13.1.el6_5 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-3.1.13.1.el6_5 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-3.1.13.1.el6_5 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-3.1.13.1.el6_5 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-3.1.13.1.el6_5

Definition Id: oval:org.mitre.oval:def:23648

Oval ID:	oval:org.mitre.oval:def:23648
Title:	ELSA-2013:0823: java-1.6.0-ibm security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0823-01 CVE-2013-0170 CVE-2013-0401 CVE-2013-1491 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1563 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2394 CVE-2013-2417 CVE-2013-2418 CVE-2013-2419 CVE-2013-2420 CVE-2013-2422 CVE-2013-2424 CVE-2013-2429 CVE-2013-2430 CVE-2013-2432 CVE-2013-2433 CVE-2013-2435 CVE-2013-2440	Version:	97
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-ibm
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-ibm is earlier than 1:1.6.0.13.2-1jpp.1.el6_4 AND java-1.6.0-ibm-devel is earlier than 1:1.6.0.13.2-1jpp.1.el6_4 AND java-1.6.0-ibm-plugin is earlier than 1:1.6.0.13.2-1jpp.1.el6_4 AND java-1.6.0-ibm-src is earlier than 1:1.6.0.13.2-1jpp.1.el6_4 AND java-1.6.0-ibm-javacomm is earlier than 1:1.6.0.13.2-1jpp.1.el6_4 AND java-1.6.0-ibm-demo is earlier than 1:1.6.0.13.2-1jpp.1.el6_4 AND java-1.6.0-ibm-jdbc is earlier than 1:1.6.0.13.2-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:23650

Oval ID:	oval:org.mitre.oval:def:23650
Title:	ELSA-2013:0758: java-1.6.0-sun security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0758-02 CVE-2013-0401 CVE-2013-1491 CVE-2013-1518 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1558 CVE-2013-1563 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2394 CVE-2013-2417 CVE-2013-2418 CVE-2013-2419 CVE-2013-2420 CVE-2013-2422 CVE-2013-2424 CVE-2013-2429 CVE-2013-2430 CVE-2013-2432 CVE-2013-2433 CVE-2013-2435 CVE-2013-2439 CVE-2013-2440	Version:	105
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-sun
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-sun-demo is earlier than 1:1.6.0.45-1jpp.1.el6 AND java-1.6.0-sun is earlier than 1:1.6.0.45-1jpp.1.el6 AND java-1.6.0-sun-src is earlier than 1:1.6.0.45-1jpp.1.el6 AND java-1.6.0-sun-jdbc is earlier than 1:1.6.0.45-1jpp.1.el6 AND java-1.6.0-sun-devel is earlier than 1:1.6.0.45-1jpp.1.el6 AND java-1.6.0-sun-plugin is earlier than 1:1.6.0.45-1jpp.1.el6

Definition Id: oval:org.mitre.oval:def:23673

Oval ID:	oval:org.mitre.oval:def:23673
Title:	ELSA-2013:0625: java-1.6.0-ibm security update (Critical)
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0625-02 CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 CVE-2012-5085 CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0446 CVE-2013-0450 CVE-2013-0809 CVE-2013-1473 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1481 CVE-2013-1486 CVE-2013-1487 CVE-2013-1493	Version:	137
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-ibm
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-ibm-devel is earlier than 1:1.6.0.13.0-1jpp.3.el6_4 AND java-1.6.0-ibm-src is earlier than 1:1.6.0.13.0-1jpp.3.el6_4 AND java-1.6.0-ibm-javacomm is earlier than 1:1.6.0.13.0-1jpp.3.el6_4 AND java-1.6.0-ibm-plugin is earlier than 1:1.6.0.13.0-1jpp.3.el6_4 AND java-1.6.0-ibm-jdbc is earlier than 1:1.6.0.13.0-1jpp.3.el6_4 AND java-1.6.0-ibm is earlier than 1:1.6.0.13.0-1jpp.3.el6_4 AND java-1.6.0-ibm-demo is earlier than 1:1.6.0.13.0-1jpp.3.el6_4

Definition Id: oval:org.mitre.oval:def:23688

Oval ID:	oval:org.mitre.oval:def:23688
Title:	ELSA-2012:1238: java-1.6.0-ibm security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1238-01 CVE-2012-0551 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1721 CVE-2012-1722 CVE-2012-1725	Version:	41
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-ibm
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-ibm-devel is earlier than 1:1.6.0.11.0-1jpp.1.el6_3 AND java-1.6.0-ibm-src is earlier than 1:1.6.0.11.0-1jpp.1.el6_3 AND java-1.6.0-ibm-javacomm is earlier than 1:1.6.0.11.0-1jpp.1.el6_3 AND java-1.6.0-ibm-plugin is earlier than 1:1.6.0.11.0-1jpp.1.el6_3 AND java-1.6.0-ibm-jdbc is earlier than 1:1.6.0.11.0-1jpp.1.el6_3 AND java-1.6.0-ibm is earlier than 1:1.6.0.11.0-1jpp.1.el6_3 AND java-1.6.0-ibm-demo is earlier than 1:1.6.0.11.0-1jpp.1.el6_3

Definition Id: oval:org.mitre.oval:def:23695

Oval ID:	oval:org.mitre.oval:def:23695
Title:	USN-2124-1 -- openjdk-6 vulnerabilities
Description:	Several security issues were fixed in OpenJDK 6.
Family:	unix	Class:	patch
Reference(s):	USN-2124-1 CVE-2014-0411 CVE-2013-5878 CVE-2013-5907 CVE-2014-0373 CVE-2014-0422 CVE-2014-0428 CVE-2013-5884 CVE-2014-0368 CVE-2013-5896 CVE-2013-5910 CVE-2014-0376 CVE-2014-0416 CVE-2014-0423	Version:	5
Platform(s):	Ubuntu 12.04 Ubuntu 10.04	Product(s):	openjdk-6
Definition Synopsis:
Ubuntu 12.04 release section Ubuntu 12.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.12.04.1 AND icedtea-6-jre-jamvm DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.12.04.1 AND openjdk-6-jre DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.12.04.1 AND openjdk-6-jre-headless DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.12.04.1 AND openjdk-6-jre-lib DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.12.04.1 AND openjdk-6-jre-zero DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.12.04.1 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.10.04.1 AND openjdk-6-jre DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.10.04.1 AND openjdk-6-jre-headless DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.10.04.1 AND openjdk-6-jre-lib DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.10.04.1 AND openjdk-6-jre-zero DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.10.04.1

Definition Id: oval:org.mitre.oval:def:23720

Oval ID:	oval:org.mitre.oval:def:23720
Title:	ELSA-2012:0135: java-1.6.0-openjdk security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:0135-01 CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507	Version:	45
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.43.1.10.6.el6_2 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.43.1.10.6.el6_2 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.43.1.10.6.el6_2 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.43.1.10.6.el6_2 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.43.1.10.6.el6_2

Definition Id: oval:org.mitre.oval:def:23740

Oval ID:	oval:org.mitre.oval:def:23740
Title:	ELSA-2012:1391: java-1.7.0-oracle security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1391-01 CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4416 CVE-2012-5067 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 CVE-2012-5088 CVE-2012-5089	Version:	113
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-oracle is earlier than 1:1.7.0.9-1jpp.3.el6_3 AND java-1.7.0-oracle-src is earlier than 1:1.7.0.9-1jpp.3.el6_3 AND java-1.7.0-oracle-javafx is earlier than 1:1.7.0.9-1jpp.3.el6_3 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.9-1jpp.3.el6_3 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.9-1jpp.3.el6_3 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.9-1jpp.3.el6_3

Definition Id: oval:org.mitre.oval:def:23748

Oval ID:	oval:org.mitre.oval:def:23748
Title:	ELSA-2013:1509: java-1.5.0-ibm security update (Important)
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to AWT.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1509-01 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5790 CVE-2013-5797 CVE-2013-5801 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5840 CVE-2013-5842 CVE-2013-5843 CVE-2013-5849	Version:	89
Platform(s):	Oracle Linux 6	Product(s):	java-1.5.0-ibm
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.5.0-ibm-plugin is earlier than 1:1.5.0.16.4-1jpp.1.el6_4 AND java-1.5.0-ibm-devel is earlier than 1:1.5.0.16.4-1jpp.1.el6_4 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.16.4-1jpp.1.el6_4 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.16.4-1jpp.1.el6_4 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.16.4-1jpp.1.el6_4 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.16.4-1jpp.1.el6_4 AND java-1.5.0-ibm is earlier than 1:1.5.0.16.4-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:23749

Oval ID:	oval:org.mitre.oval:def:23749
Title:	ELSA-2012:0508: java-1.5.0-ibm security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:0508-03 CVE-2011-3389 CVE-2011-3557 CVE-2011-3560 CVE-2011-3563 CVE-2012-0498 CVE-2012-0499 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507	Version:	53
Platform(s):	Oracle Linux 6	Product(s):	java-1.5.0-ibm
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.5.0-ibm-plugin is earlier than 1:1.5.0.13.1-1jpp.2.el6_2 AND java-1.5.0-ibm is earlier than 1:1.5.0.13.1-1jpp.2.el6_2 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.13.1-1jpp.2.el6_2 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.13.1-1jpp.2.el6_2 AND java-1.5.0-ibm-devel is earlier than 1:1.5.0.13.1-1jpp.2.el6_2 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.13.1-1jpp.2.el6_2 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.13.1-1jpp.2.el6_2

Definition Id: oval:org.mitre.oval:def:23755

Oval ID:	oval:org.mitre.oval:def:23755
Title:	ELSA-2013:0275: java-1.7.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0275-01 CVE-2013-0169 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486	Version:	21
Platform(s):	Oracle Linux 6 Oracle Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test java-1.7.0-openjdk-devel is earlier than 1:1.7.0.9-2.3.7.1.el6_3 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.9-2.3.7.1.el6_3 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.9-2.3.7.1.el6_3 AND java-1.7.0-openjdk is earlier than 1:1.7.0.9-2.3.7.1.el6_3 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.9-2.3.7.1.el6_3 OR rpm test Oracle Linux 5.x AND rpm test java-1.7.0-openjdk-devel is earlier than 1:1.7.0.9-2.3.7.1.el5_9 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.9-2.3.7.1.el5_9 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.9-2.3.7.1.el5_9 AND java-1.7.0-openjdk is earlier than 1:1.7.0.9-2.3.7.1.el5_9 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.9-2.3.7.1.el5_9

Definition Id: oval:org.mitre.oval:def:23756

Oval ID:	oval:org.mitre.oval:def:23756
Title:	ELSA-2013:0963: java-1.7.0-oracle security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2400.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0963-01 CVE-2013-1500 CVE-2013-1571 CVE-2013-2400 CVE-2013-2407 CVE-2013-2412 CVE-2013-2437 CVE-2013-2442 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2462 CVE-2013-2463 CVE-2013-2464 CVE-2013-2465 CVE-2013-2466 CVE-2013-2468 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3744	Version:	157
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-oracle-javafx is earlier than 1:1.7.0.25-1jpp.1.el6_4 AND java-1.7.0-oracle-src is earlier than 1:1.7.0.25-1jpp.1.el6_4 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.25-1jpp.1.el6_4 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.25-1jpp.1.el6_4 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.25-1jpp.1.el6_4 AND java-1.7.0-oracle is earlier than 1:1.7.0.25-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:23780

Oval ID:	oval:org.mitre.oval:def:23780
Title:	ELSA-2012:1384: java-1.6.0-openjdk security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1384-01 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089	Version:	65
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.50.1.11.5.el6_3 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.50.1.11.5.el6_3 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.50.1.11.5.el6_3 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.50.1.11.5.el6_3 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.50.1.11.5.el6_3

Definition Id: oval:org.mitre.oval:def:23797

Oval ID:	oval:org.mitre.oval:def:23797
Title:	ELSA-2012:1289: java-1.7.0-ibm security update (Critical)
Description:	Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1289-01 CVE-2012-0547 CVE-2012-0551 CVE-2012-1682 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1719 CVE-2012-1721 CVE-2012-1722 CVE-2012-1725 CVE-2012-1726 CVE-2012-3136 CVE-2012-4681	Version:	57
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-ibm
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-ibm-devel is earlier than 1:1.7.0.2.0-1jpp.3.el6_3 AND java-1.7.0-ibm-src is earlier than 1:1.7.0.2.0-1jpp.3.el6_3 AND java-1.7.0-ibm-demo is earlier than 1:1.7.0.2.0-1jpp.3.el6_3 AND java-1.7.0-ibm is earlier than 1:1.7.0.2.0-1jpp.3.el6_3 AND java-1.7.0-ibm-plugin is earlier than 1:1.7.0.2.0-1jpp.3.el6_3 AND java-1.7.0-ibm-jdbc is earlier than 1:1.7.0.2.0-1jpp.3.el6_3

Definition Id: oval:org.mitre.oval:def:23803

Oval ID:	oval:org.mitre.oval:def:23803
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1485	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_14 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:23805

Oval ID:	oval:org.mitre.oval:def:23805
Title:	ELSA-2012:1221: java-1.6.0-openjdk security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder."
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1221-01 CVE-2012-0547 CVE-2012-1682	Version:	13
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.49.1.11.4.el6_3 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.49.1.11.4.el6_3 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.49.1.11.4.el6_3 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.49.1.11.4.el6_3 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.49.1.11.4.el6_3

Definition Id: oval:org.mitre.oval:def:23807

Oval ID:	oval:org.mitre.oval:def:23807
Title:	ELSA-2013:0757: java-1.7.0-oracle security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0757-02 CVE-2013-0401 CVE-2013-0402 CVE-2013-1488 CVE-2013-1491 CVE-2013-1518 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1558 CVE-2013-1561 CVE-2013-1563 CVE-2013-1564 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2394 CVE-2013-2414 CVE-2013-2415 CVE-2013-2416 CVE-2013-2417 CVE-2013-2418 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2423 CVE-2013-2424 CVE-2013-2425 CVE-2013-2426 CVE-2013-2427 CVE-2013-2428 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 CVE-2013-2432 CVE-2013-2433 CVE-2013-2434 CVE-2013-2435 CVE-2013-2436 CVE-2013-2438 CVE-2013-2439 CVE-2013-2440	Version:	173
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-oracle-javafx is earlier than 1:1.7.0.21-1jpp.1.el6 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.21-1jpp.1.el6 AND java-1.7.0-oracle-src is earlier than 1:1.7.0.21-1jpp.1.el6 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.21-1jpp.1.el6 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.21-1jpp.1.el6 AND java-1.7.0-oracle is earlier than 1:1.7.0.21-1jpp.1.el6

Definition Id: oval:org.mitre.oval:def:23813

Oval ID:	oval:org.mitre.oval:def:23813
Title:	ELSA-2013:1507: java-1.7.0-ibm security update (Critical)
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1507-01 CVE-2013-3829 CVE-2013-4041 CVE-2013-5372 CVE-2013-5375 CVE-2013-5456 CVE-2013-5457 CVE-2013-5458 CVE-2013-5772 CVE-2013-5774 CVE-2013-5776 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5787 CVE-2013-5788 CVE-2013-5789 CVE-2013-5790 CVE-2013-5797 CVE-2013-5800 CVE-2013-5801 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5812 CVE-2013-5814 CVE-2013-5817 CVE-2013-5818 CVE-2013-5819 CVE-2013-5820 CVE-2013-5823 CVE-2013-5824 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5831 CVE-2013-5832 CVE-2013-5838 CVE-2013-5840 CVE-2013-5842 CVE-2013-5843 CVE-2013-5848 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851	Version:	189
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-ibm
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-ibm-devel is earlier than 1:1.7.0.6.0-1jpp.1.el6_4 AND java-1.7.0-ibm is earlier than 1:1.7.0.6.0-1jpp.1.el6_4 AND java-1.7.0-ibm-demo is earlier than 1:1.7.0.6.0-1jpp.1.el6_4 AND java-1.7.0-ibm-plugin is earlier than 1:1.7.0.6.0-1jpp.1.el6_4 AND java-1.7.0-ibm-jdbc is earlier than 1:1.7.0.6.0-1jpp.1.el6_4 AND java-1.7.0-ibm-src is earlier than 1:1.7.0.6.0-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:23824

Oval ID:	oval:org.mitre.oval:def:23824
Title:	ELSA-2012:1245: java-1.5.0-ibm security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1245-01 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1725	Version:	29
Platform(s):	Oracle Linux 6	Product(s):	java-1.5.0-ibm
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.5.0-ibm-devel is earlier than 1:1.5.0.14.0-1jpp.1.el6_3 AND java-1.5.0-ibm is earlier than 1:1.5.0.14.0-1jpp.1.el6_3 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.14.0-1jpp.1.el6_3 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.14.0-1jpp.1.el6_3 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.14.0-1jpp.1.el6_3 AND java-1.5.0-ibm-plugin is earlier than 1:1.5.0.14.0-1jpp.1.el6_3 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.14.0-1jpp.1.el6_3

Definition Id: oval:org.mitre.oval:def:23844

Oval ID:	oval:org.mitre.oval:def:23844
Title:	ELSA-2012:1019: java-1.7.0-oracle security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1019-01 CVE-2012-0551 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1721 CVE-2012-1722 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 CVE-2012-1726	Version:	57
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-oracle is earlier than 1:1.7.0.5-1jpp.1.el6 AND java-1.7.0-oracle-src is earlier than 1:1.7.0.5-1jpp.1.el6 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.5-1jpp.1.el6 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.5-1jpp.1.el6 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.5-1jpp.1.el6

Definition Id: oval:org.mitre.oval:def:23866

Oval ID:	oval:org.mitre.oval:def:23866
Title:	ELSA-2012:1392: java-1.6.0-sun security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1392-01 CVE-2012-0547 CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089	Version:	93
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-sun
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-sun-jdbc is earlier than 1:1.6.0.37-1jpp.1.el6_3 AND java-1.6.0-sun is earlier than 1:1.6.0.37-1jpp.1.el6_3 AND java-1.6.0-sun-plugin is earlier than 1:1.6.0.37-1jpp.1.el6_3 AND java-1.6.0-sun-devel is earlier than 1:1.6.0.37-1jpp.1.el6_3 AND java-1.6.0-sun-src is earlier than 1:1.6.0.37-1jpp.1.el6_3 AND java-1.6.0-sun-demo is earlier than 1:1.6.0.37-1jpp.1.el6_3

Definition Id: oval:org.mitre.oval:def:23876

Oval ID:	oval:org.mitre.oval:def:23876
Title:	ELSA-2013:0624: java-1.5.0-ibm security update (Critical)
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0624-02 CVE-2012-5085 CVE-2013-0409 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0440 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0450 CVE-2013-0809 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1481 CVE-2013-1486 CVE-2013-1493	Version:	93
Platform(s):	Oracle Linux 6	Product(s):	java-1.5.0-ibm
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.5.0-ibm-devel is earlier than 1:1.5.0.16.0-1jpp.1.el6_4 AND java-1.5.0-ibm is earlier than 1:1.5.0.16.0-1jpp.1.el6_4 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.16.0-1jpp.1.el6_4 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.16.0-1jpp.1.el6_4 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.16.0-1jpp.1.el6_4 AND java-1.5.0-ibm-plugin is earlier than 1:1.5.0.16.0-1jpp.1.el6_4 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.16.0-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:23877

Oval ID:	oval:org.mitre.oval:def:23877
Title:	ELSA-2013:0156: java-1.7.0-oracle security update (Critical)
Description:	Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary Class references using the findClass method, and (2) using the Reflection API with recursion in a way that bypasses a security check by the java.lang.invoke.MethodHandles.Lookup.checkSecurityManager method due to the inability of the sun.reflect.Reflection.getCallerClass method to skip frames related to the new reflection API, as exploited in the wild in January 2013, as demonstrated by Blackhole and Nuclear Pack, and a different vulnerability than CVE-2012-4681 and CVE-2012-3174. NOTE: some parties have mapped the recursive Reflection API issue to CVE-2012-3174, but CVE-2012-3174 is for a different vulnerability whose details are not public as of 20130114. CVE-2013-0422 covers both the JMX/MBean and Reflection API issues. NOTE: it was originally reported that Java 6 was also vulnerable, but the reporter has retracted this claim, stating that Java 6 is not exploitable because the relevant code is called in a way that does not bypass security checks. NOTE: as of 20130114, a reliable third party has claimed that the findClass/MBeanInstantiator vector was not fixed in Oracle Java 7 Update 11. If there is still a vulnerable condition, then a separate CVE identifier might be created for the unfixed issue.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0156-01 CVE-2012-3174 CVE-2013-0422	Version:	13
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-oracle is earlier than 1:1.7.0.11-1jpp.3.el6_3 AND java-1.7.0-oracle-src is earlier than 1:1.7.0.11-1jpp.3.el6_3 AND java-1.7.0-oracle-javafx is earlier than 1:1.7.0.11-1jpp.3.el6_3 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.11-1jpp.3.el6_3 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.11-1jpp.3.el6_3 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.11-1jpp.3.el6_3

Definition Id: oval:org.mitre.oval:def:23883

Oval ID:	oval:org.mitre.oval:def:23883
Title:	ELSA-2014:0026: java-1.7.0-openjdk security update (Critical)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0026-00 CVE-2013-5878 CVE-2013-5884 CVE-2013-5893 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428	Version:	61
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-openjdk is earlier than 1:1.7.0.51-2.4.4.1.el6_5 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.51-2.4.4.1.el6_5 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.51-2.4.4.1.el6_5 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.51-2.4.4.1.el6_5 AND java-1.7.0-openjdk-devel is earlier than 1:1.7.0.51-2.4.4.1.el6_5

Definition Id: oval:org.mitre.oval:def:23887

Oval ID:	oval:org.mitre.oval:def:23887
Title:	ELSA-2013:0957: java-1.7.0-openjdk security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0957-00 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473	Version:	121
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-openjdk-demo is earlier than 1:1.7.0.25-2.3.10.3.el6_4 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.25-2.3.10.3.el6_4 AND java-1.7.0-openjdk is earlier than 1:1.7.0.25-2.3.10.3.el6_4 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.25-2.3.10.3.el6_4 AND java-1.7.0-openjdk-devel is earlier than 1:1.7.0.25-2.3.10.3.el6_4

Definition Id: oval:org.mitre.oval:def:23891

Oval ID:	oval:org.mitre.oval:def:23891
Title:	ELSA-2013:0273: java-1.6.0-openjdk security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0273-01 CVE-2013-0169 CVE-2013-1486	Version:	13
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.56.1.11.8.el6_3 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.56.1.11.8.el6_3 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.56.1.11.8.el6_3 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.56.1.11.8.el6_3 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.56.1.11.8.el6_3

Definition Id: oval:org.mitre.oval:def:23901

Oval ID:	oval:org.mitre.oval:def:23901
Title:	ELSA-2013:0822: java-1.7.0-ibm security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0822-01 CVE-2013-0169 CVE-2013-0401 CVE-2013-1488 CVE-2013-1491 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1558 CVE-2013-1563 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2394 CVE-2013-2415 CVE-2013-2416 CVE-2013-2417 CVE-2013-2418 CVE-2013-2419 CVE-2013-2420 CVE-2013-2422 CVE-2013-2423 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2432 CVE-2013-2433 CVE-2013-2434 CVE-2013-2435 CVE-2013-2436 CVE-2013-2438 CVE-2013-2440	Version:	133
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-ibm
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-ibm-devel is earlier than 1:1.7.0.4.2-1jpp.1.el6_4 AND java-1.7.0-ibm-src is earlier than 1:1.7.0.4.2-1jpp.1.el6_4 AND java-1.7.0-ibm-demo is earlier than 1:1.7.0.4.2-1jpp.1.el6_4 AND java-1.7.0-ibm is earlier than 1:1.7.0.4.2-1jpp.1.el6_4 AND java-1.7.0-ibm-plugin is earlier than 1:1.7.0.4.2-1jpp.1.el6_4 AND java-1.7.0-ibm-jdbc is earlier than 1:1.7.0.4.2-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:23907

Oval ID:	oval:org.mitre.oval:def:23907
Title:	ELSA-2012:1386: java-1.7.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1386-02 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 CVE-2012-5088 CVE-2012-5089	Version:	85
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-openjdk-devel is earlier than 1:1.7.0.9-2.3.3.el6_3.1 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.9-2.3.3.el6_3.1 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.9-2.3.3.el6_3.1 AND java-1.7.0-openjdk is earlier than 1:1.7.0.9-2.3.3.el6_3.1 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.9-2.3.3.el6_3.1

Definition Id: oval:org.mitre.oval:def:23909

Oval ID:	oval:org.mitre.oval:def:23909
Title:	ELSA-2013:0587: openssl security update (Moderate)
Description:	The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0587-01 CVE-2012-4929 CVE-2013-0166 CVE-2013-0169	Version:	17
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	openssl
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test openssl-devel is earlier than 0:1.0.0-27.el6_4.2 AND openssl-static is earlier than 0:1.0.0-27.el6_4.2 AND openssl-perl is earlier than 0:1.0.0-27.el6_4.2 AND openssl is earlier than 0:1.0.0-27.el6_4.2 OR rpm test Oracle Linux 5.x AND rpm test openssl-devel is earlier than 0:0.9.8e-26.el5_9.1 AND openssl-perl is earlier than 0:0.9.8e-26.el5_9.1 AND openssl is earlier than 0:0.9.8e-26.el5_9.1

Definition Id: oval:org.mitre.oval:def:23913

Oval ID:	oval:org.mitre.oval:def:23913
Title:	ELSA-2013:0531: java-1.6.0-sun security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0531-01 CVE-2013-0169 CVE-2013-1486 CVE-2013-1487	Version:	17
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-sun
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-sun-jdbc is earlier than 1:1.6.0.41-1jpp.1.el6_3 AND java-1.6.0-sun is earlier than 1:1.6.0.41-1jpp.1.el6_3 AND java-1.6.0-sun-plugin is earlier than 1:1.6.0.41-1jpp.1.el6_3 AND java-1.6.0-sun-devel is earlier than 1:1.6.0.41-1jpp.1.el6_3 AND java-1.6.0-sun-src is earlier than 1:1.6.0.41-1jpp.1.el6_3 AND java-1.6.0-sun-demo is earlier than 1:1.6.0.41-1jpp.1.el6_3

Definition Id: oval:org.mitre.oval:def:23949

Oval ID:	oval:org.mitre.oval:def:23949
Title:	ELSA-2013:1505: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1505-00 CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850	Version:	109
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.65.1.11.14.el6_4 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.65.1.11.14.el6_4 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.65.1.11.14.el6_4 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.65.1.11.14.el6_4 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.65.1.11.14.el6_4 OR rpm test Oracle Linux 5.x AND rpm test java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.42.1.11.14.el5_10 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.42.1.11.14.el5_10 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.42.1.11.14.el5_10 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.42.1.11.14.el5_10 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.42.1.11.14.el5_10

Definition Id: oval:org.mitre.oval:def:23953

Oval ID:	oval:org.mitre.oval:def:23953
Title:	ELSA-2012:1223: java-1.7.0-openjdk security update (Important)
Description:	Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1223-01 CVE-2012-0547 CVE-2012-1682 CVE-2012-3136 CVE-2012-4681	Version:	21
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-openjdk-devel is earlier than 1:1.7.0.5-2.2.1.el6_3.3 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.5-2.2.1.el6_3.3 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.5-2.2.1.el6_3.3 AND java-1.7.0-openjdk is earlier than 1:1.7.0.5-2.2.1.el6_3.3 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.5-2.2.1.el6_3.3

Definition Id: oval:org.mitre.oval:def:23954

Oval ID:	oval:org.mitre.oval:def:23954
Title:	ELSA-2013:1451: java-1.7.0-openjdk security update (Critical)
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1451-00 CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5800 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5838 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851	Version:	121
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-openjdk-demo is earlier than 1:1.7.0.45-2.4.3.2.el6_4 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.45-2.4.3.2.el6_4 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.45-2.4.3.2.el6_4 AND java-1.7.0-openjdk-devel is earlier than 1:1.7.0.45-2.4.3.2.el6_4 AND java-1.7.0-openjdk is earlier than 1:1.7.0.45-2.4.3.2.el6_4

Definition Id: oval:org.mitre.oval:def:23960

Oval ID:	oval:org.mitre.oval:def:23960
Title:	ELSA-2012:1225: java-1.7.0-oracle security update (Critical)
Description:	Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1225-01 CVE-2012-0547 CVE-2012-1682 CVE-2012-3136 CVE-2012-4681	Version:	21
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-oracle is earlier than 1:1.7.0.7-1jpp.5.el6_3 AND java-1.7.0-oracle-src is earlier than 1:1.7.0.7-1jpp.5.el6_3 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.7-1jpp.5.el6_3 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.7-1jpp.5.el6_3 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.7-1jpp.5.el6_3

Definition Id: oval:org.mitre.oval:def:23975

Oval ID:	oval:org.mitre.oval:def:23975
Title:	ELSA-2013:0601: java-1.6.0-sun security update (Critical)
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0601-02 CVE-2013-0809 CVE-2013-1493	Version:	13
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-sun
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-sun-jdbc is earlier than 1:1.6.0.43-1jpp.1.el6_4 AND java-1.6.0-sun is earlier than 1:1.6.0.43-1jpp.1.el6_4 AND java-1.6.0-sun-plugin is earlier than 1:1.6.0.43-1jpp.1.el6_4 AND java-1.6.0-sun-devel is earlier than 1:1.6.0.43-1jpp.1.el6_4 AND java-1.6.0-sun-demo is earlier than 1:1.6.0.43-1jpp.1.el6_4 AND java-1.6.0-sun-src is earlier than 1:1.6.0.43-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:24006

Oval ID:	oval:org.mitre.oval:def:24006
Title:	ELSA-2013:0751: java-1.7.0-openjdk security update (Critical)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-1488 and CVE-2013-2426. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "type checks" and "method handle binding" involving Wrapper.convert.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0751-01 CVE-2013-0401 CVE-2013-1488 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1558 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2423 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 CVE-2013-2436	Version:	93
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-openjdk-devel is earlier than 1:1.7.0.19-2.3.9.1.el6_4 AND java-1.7.0-openjdk-demo is earlier than 1:1.7.0.19-2.3.9.1.el6_4 AND java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.19-2.3.9.1.el6_4 AND java-1.7.0-openjdk is earlier than 1:1.7.0.19-2.3.9.1.el6_4 AND java-1.7.0-openjdk-src is earlier than 1:1.7.0.19-2.3.9.1.el6_4

Definition Id: oval:org.mitre.oval:def:24011

Oval ID:	oval:org.mitre.oval:def:24011
Title:	ELSA-2013:1508: java-1.6.0-ibm security update (Critical)
Description:	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1508-04 CVE-2013-3829 CVE-2013-4041 CVE-2013-5372 CVE-2013-5375 CVE-2013-5457 CVE-2013-5772 CVE-2013-5774 CVE-2013-5776 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5787 CVE-2013-5789 CVE-2013-5797 CVE-2013-5801 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5812 CVE-2013-5814 CVE-2013-5817 CVE-2013-5818 CVE-2013-5819 CVE-2013-5820 CVE-2013-5823 CVE-2013-5824 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5831 CVE-2013-5832 CVE-2013-5840 CVE-2013-5842 CVE-2013-5843 CVE-2013-5848 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851	Version:	161
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-ibm
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-ibm-jdbc is earlier than 1:1.6.0.15.0-1jpp.1.el6_4 AND java-1.6.0-ibm-demo is earlier than 1:1.6.0.15.0-1jpp.1.el6_4 AND java-1.6.0-ibm-src is earlier than 1:1.6.0.15.0-1jpp.1.el6_4 AND java-1.6.0-ibm-plugin is earlier than 1:1.6.0.15.0-1jpp.1.el6_4 AND java-1.6.0-ibm-devel is earlier than 1:1.6.0.15.0-1jpp.1.el6_4 AND java-1.6.0-ibm-javacomm is earlier than 1:1.6.0.15.0-1jpp.1.el6_4 AND java-1.6.0-ibm is earlier than 1:1.6.0.15.0-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:24037

Oval ID:	oval:org.mitre.oval:def:24037
Title:	ELSA-2014:0135: java-1.6.0-ibm security update (Critical)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0135-00 CVE-2013-5878 CVE-2013-5884 CVE-2013-5887 CVE-2013-5888 CVE-2013-5889 CVE-2013-5896 CVE-2013-5898 CVE-2013-5899 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0375 CVE-2014-0376 CVE-2014-0387 CVE-2014-0403 CVE-2014-0410 CVE-2014-0411 CVE-2014-0415 CVE-2014-0416 CVE-2014-0417 CVE-2014-0422 CVE-2014-0423 CVE-2014-0424 CVE-2014-0428	Version:	105
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-ibm
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-ibm-plugin is earlier than 1:1.6.0.15.1-1jpp.1.el6_5 AND java-1.6.0-ibm is earlier than 1:1.6.0.15.1-1jpp.1.el6_5 AND java-1.6.0-ibm-demo is earlier than 1:1.6.0.15.1-1jpp.1.el6_5 AND java-1.6.0-ibm-jdbc is earlier than 1:1.6.0.15.1-1jpp.1.el6_5 AND java-1.6.0-ibm-devel is earlier than 1:1.6.0.15.1-1jpp.1.el6_5 AND java-1.6.0-ibm-javacomm is earlier than 1:1.6.0.15.1-1jpp.1.el6_5 AND java-1.6.0-ibm-src is earlier than 1:1.6.0.15.1-1jpp.1.el6_5

Definition Id: oval:org.mitre.oval:def:24043

Oval ID:	oval:org.mitre.oval:def:24043
Title:	ELSA-2013:1014: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1014-00 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2459 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473	Version:	105
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.62.1.11.11.90.el6_4 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.62.1.11.11.90.el6_4 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.62.1.11.11.90.el6_4 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.62.1.11.11.90.el6_4 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.62.1.11.11.90.el6_4 OR rpm test Oracle Linux 5.x AND rpm test java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.41.1.11.11.90.el5_9 AND java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.41.1.11.11.90.el5_9 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.41.1.11.11.90.el5_9 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.41.1.11.11.90.el5_9 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.41.1.11.11.90.el5_9

Definition Id: oval:org.mitre.oval:def:24051

Oval ID:	oval:org.mitre.oval:def:24051
Title:	ELSA-2013:0770: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to bypassing the Java sandbox using "method handle intrinsic frames."
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0770-01 CVE-2013-0401 CVE-2013-1488 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1558 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431	Version:	85
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.61.1.11.11.el6_4 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.61.1.11.11.el6_4 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.61.1.11.11.el6_4 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.61.1.11.11.el6_4 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.61.1.11.11.el6_4 OR rpm test Oracle Linux 5.x AND rpm test java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.40.1.11.11.el5_9 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.40.1.11.11.el5_9 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.40.1.11.11.el5_9 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.40.1.11.11.el5_9 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.40.1.11.11.el5_9

Definition Id: oval:org.mitre.oval:def:24070

Oval ID:	oval:org.mitre.oval:def:24070
Title:	ELSA-2013:0605: java-1.6.0-openjdk security update (Critical)
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0605-02 CVE-2013-0809 CVE-2013-1493	Version:	13
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.57.1.11.9.el6_4 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.57.1.11.9.el6_4 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.57.1.11.9.el6_4 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.57.1.11.9.el6_4 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.57.1.11.9.el6_4

Definition Id: oval:org.mitre.oval:def:24072

Oval ID:	oval:org.mitre.oval:def:24072
Title:	ELSA-2013:0600: java-1.7.0-oracle security update (Critical)
Description:	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0600-02 CVE-2013-0809 CVE-2013-1493	Version:	13
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-oracle is earlier than 1:1.7.0.17-1jpp.1.el6_4 AND java-1.7.0-oracle-src is earlier than 1:1.7.0.17-1jpp.1.el6_4 AND java-1.7.0-oracle-javafx is earlier than 1:1.7.0.17-1jpp.1.el6_4 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.17-1jpp.1.el6_4 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.17-1jpp.1.el6_4 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.17-1jpp.1.el6_4

Definition Id: oval:org.mitre.oval:def:24132

Oval ID:	oval:org.mitre.oval:def:24132
Title:	ELSA-2014:0134: java-1.7.0-ibm security update (Critical)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0134-00 CVE-2013-5878 CVE-2013-5884 CVE-2013-5887 CVE-2013-5888 CVE-2013-5889 CVE-2013-5896 CVE-2013-5898 CVE-2013-5899 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0375 CVE-2014-0376 CVE-2014-0387 CVE-2014-0403 CVE-2014-0410 CVE-2014-0411 CVE-2014-0415 CVE-2014-0416 CVE-2014-0417 CVE-2014-0422 CVE-2014-0423 CVE-2014-0424 CVE-2014-0428	Version:	105
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-ibm
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-ibm-devel is earlier than 1:1.7.0.6.1-1jpp.1.el6_5 AND java-1.7.0-ibm-src is earlier than 1:1.7.0.6.1-1jpp.1.el6_5 AND java-1.7.0-ibm-demo is earlier than 1:1.7.0.6.1-1jpp.1.el6_5 AND java-1.7.0-ibm-jdbc is earlier than 1:1.7.0.6.1-1jpp.1.el6_5 AND java-1.7.0-ibm-plugin is earlier than 1:1.7.0.6.1-1jpp.1.el6_5 AND java-1.7.0-ibm is earlier than 1:1.7.0.6.1-1jpp.1.el6_5

Definition Id: oval:org.mitre.oval:def:24141

Oval ID:	oval:org.mitre.oval:def:24141
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1486	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.5.0:update_41 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_40 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_39 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_13 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_14 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:24172

Oval ID:	oval:org.mitre.oval:def:24172
Title:	ELSA-2014:0030: java-1.7.0-oracle security update (Critical)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0030-00 CVE-2013-5870 CVE-2013-5878 CVE-2013-5884 CVE-2013-5887 CVE-2013-5888 CVE-2013-5889 CVE-2013-5893 CVE-2013-5895 CVE-2013-5896 CVE-2013-5898 CVE-2013-5899 CVE-2013-5902 CVE-2013-5904 CVE-2013-5905 CVE-2013-5906 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0375 CVE-2014-0376 CVE-2014-0382 CVE-2014-0387 CVE-2014-0403 CVE-2014-0410 CVE-2014-0411 CVE-2014-0415 CVE-2014-0416 CVE-2014-0417 CVE-2014-0418 CVE-2014-0422 CVE-2014-0423 CVE-2014-0424 CVE-2014-0428	Version:	141
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-oracle
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.7.0-oracle-src is earlier than 1:1.7.0.51-1jpp.1.el6_5 AND java-1.7.0-oracle is earlier than 1:1.7.0.51-1jpp.1.el6_5 AND java-1.7.0-oracle-plugin is earlier than 1:1.7.0.51-1jpp.1.el6_5 AND java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.51-1jpp.1.el6_5 AND java-1.7.0-oracle-javafx is earlier than 1:1.7.0.51-1jpp.1.el6_5 AND java-1.7.0-oracle-devel is earlier than 1:1.7.0.51-1jpp.1.el6_5

Definition Id: oval:org.mitre.oval:def:24180

Oval ID:	oval:org.mitre.oval:def:24180
Title:	ELSA-2014:0097: java-1.6.0-openjdk security update (Important)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0097-00 CVE-2013-5878 CVE-2013-5884 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428	Version:	57
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
rpm test Oracle Linux 5.x AND rpm test java-1.6.0-openjdk is earlier than 1:1.6.0.0-3.1.13.1.el5_10 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-3.1.13.1.el5_10 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-3.1.13.1.el5_10 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-3.1.13.1.el5_10 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-3.1.13.1.el5_10 OR rpm test Oracle Linux 6.x AND rpm test java-1.6.0-openjdk is earlier than 1:1.6.0.0-3.1.13.1.el6_5 AND java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-3.1.13.1.el6_5 AND java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-3.1.13.1.el6_5 AND java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-3.1.13.1.el6_5 AND java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-3.1.13.1.el6_5

Definition Id: oval:org.mitre.oval:def:24188

Oval ID:	oval:org.mitre.oval:def:24188
Title:	ELSA-2014:0136: java-1.5.0-ibm security update (Important)
Description:	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0136-00 CVE-2013-5907 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0417 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428	Version:	45
Platform(s):	Oracle Linux 6	Product(s):	java-1.5.0-ibm
Definition Synopsis:
Oracle Linux 6.x rpm test java-1.5.0-ibm-plugin is earlier than 1:1.5.0.16.5-1jpp.1.el6_5 AND java-1.5.0-ibm is earlier than 1:1.5.0.16.5-1jpp.1.el6_5 AND java-1.5.0-ibm-demo is earlier than 1:1.5.0.16.5-1jpp.1.el6_5 AND java-1.5.0-ibm-devel is earlier than 1:1.5.0.16.5-1jpp.1.el6_5 AND java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.16.5-1jpp.1.el6_5 AND java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.16.5-1jpp.1.el6_5 AND java-1.5.0-ibm-src is earlier than 1:1.5.0.16.5-1jpp.1.el6_5

Definition Id: oval:org.mitre.oval:def:24250

Oval ID:	oval:org.mitre.oval:def:24250
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1484	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.7.0:update_14 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:24269

Oval ID:	oval:org.mitre.oval:def:24269
Title:	Unspecified vulnerability in Oracle Java SE 6u65 and Java SE 7u45, when running on Firefox, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment
Description:	Unspecified vulnerability in Oracle Java SE 6u65 and Java SE 7u45, when running on Firefox, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-0387	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 Determine if the version of Java Runtime Environment is less than 1.6.0:update_66 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 Determine if the version of Java Runtime Environment is less than 1.7.0:update_46 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:24275

Oval ID:	oval:org.mitre.oval:def:24275
Title:	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the the Security component does not properly handle null XML namespace (xmlns) attributes during XML document canonicalization, which allows attackers to escape the sandbox.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5878	Version:	8
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.11 AND HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk60.JDK60 version is less than 1.6.0.22.00 AND Jdk60.JDK60-COM version is less than 1.6.0.22.00 AND Jdk60.JDK60-IPF32 version is less than 1.6.0.22.00 AND Jdk60.JDK60-IPF64 version is less than 1.6.0.22.00 AND Jdk60.JDK60-PNV2 version is less than 1.6.0.22.00 AND Jdk60.JDK60-PWV2 version is less than 1.6.0.22.00 AND Jdk60.JDK60-PA20 version is less than 1.6.0.22.00 AND Jdk60.JDK60-PA20W version is less than 1.6.0.22.00 AND Jre60.JRE60-PNV2 version is less than 1.6.0.22.00 AND Jre60.JRE60-PNV2-H version is less than 1.6.0.22.00 AND Jre60.JRE60-PWV2 version is less than 1.6.0.22.00 AND Jre60.JRE60-PWV2-H version is less than 1.6.0.22.00 AND Jre60.JRE60-COM version is less than 1.6.0.22.00 AND Jre60.JRE60-COM-DOC version is less than 1.6.0.22.00 AND Jre60.JRE60-PA20 version is less than 1.6.0.22.00 AND Jre60.JRE60-PA20-HS version is less than 1.6.0.22.00 AND Jre60.JRE60-PA20W version is less than 1.6.0.22.00 AND Jre60.JRE60-PA20W-HS version is less than 1.6.0.22.00 AND Jre60.JRE60-IPF32 version is less than 1.6.0.22.00 AND Jre60.JRE60-IPF32-HS version is less than 1.6.0.22.00 AND Jre60.JRE60-IPF64 version is less than 1.6.0.22.00 AND Jre60.JRE60-IPF64-HS version is less than 1.6.0.22.00

Definition Id: oval:org.mitre.oval:def:24405

Oval ID:	oval:org.mitre.oval:def:24405
Title:	Vulnerability in the TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products
Description:	The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0169	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.4.2:update_42 and is greater than or equal to 1.4.0 Determine if the version of Java Runtime Environment is less than 1.4.2:update_42 AND Java SE Runtime Environment 4 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.5.0:update_41 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update_40 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_39 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_13 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_14 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:24406

Oval ID:	oval:org.mitre.oval:def:24406
Title:	Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment
Description:	Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1487	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than or equal to 1.6.0:update_39 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_39 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_13 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_14 AND Java SE Runtime Environment 7 is installed

Definition Id: oval:org.mitre.oval:def:24481

Oval ID:	oval:org.mitre.oval:def:24481
Title:	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-5870	Version:	8
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP-UX B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.09.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.09.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.09.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.09.00 AND Jre70.JRE70-COM version is less than 1.7.0.09.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.09.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.09.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.09.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.09.00

Definition Id: oval:org.mitre.oval:def:24653

Oval ID:	oval:org.mitre.oval:def:24653
Title:	USN-2124-2 -- openjdk-6 regression
Description:	USN-2124-1 introduced a regression in OpenJDK 6.
Family:	unix	Class:	patch
Reference(s):	USN-2124-2 CVE-2014-0411 CVE-2013-5878 CVE-2013-5907 CVE-2014-0373 CVE-2014-0422 CVE-2014-0428 CVE-2013-5884 CVE-2014-0368 CVE-2013-5896 CVE-2013-5910 CVE-2014-0376 CVE-2014-0416 CVE-2014-0423	Version:	5
Platform(s):	Ubuntu 12.04 Ubuntu 10.04	Product(s):	openjdk-6
Definition Synopsis:
Ubuntu 12.04 release section Ubuntu 12.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.12.04.3 AND icedtea-6-jre-jamvm DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.12.04.3 AND openjdk-6-jre DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.12.04.3 AND openjdk-6-jre-headless DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.12.04.3 AND openjdk-6-jre-lib DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.12.04.3 AND openjdk-6-jre-zero DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.12.04.3 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed Packages match section icedtea-6-jre-cacao DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.10.04.2 AND openjdk-6-jre DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.10.04.2 AND openjdk-6-jre-headless DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.10.04.2 AND openjdk-6-jre-lib DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.10.04.2 AND openjdk-6-jre-zero DPKG is earlier than 0:6b30-1.13.1-1ubuntu2~0.10.04.2

Definition Id: oval:org.mitre.oval:def:24938

Oval ID:	oval:org.mitre.oval:def:24938
Title:	OpenSSL vulnerability before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d, allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks
Description:	The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0169	Version:	4
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2	Product(s):	OpenSSL
Definition Synopsis:
Check vulnerable OpenSSL Check vulnerable versions of OpenSSL Check if the version of OpenSSL 1.0.0 before 1.0.0k AND Check if the version of OpenSSL 1.0.1 before 1.0.1d AND Check if the version of OpenSSL 0.9.8 before 0.9.8y AND OpenSSL is installed OR Check vulnerable OpenSSL (32_bit) Check vulnerable versions of OpenSSL (32_bit) Check if the version of OpenSSL 1.0.0 before 1.0.0k (32_bit) AND Check if the version of OpenSSL 1.0.1 before 1.0.1d (32_bit) AND Check if the version of OpenSSL 0.9.8 before 0.9.8y (32_bit) AND OpenSSL (32_bit) is installed AND Check if the version of ssleay32.dll 1.0.0 before 1.0.0k ProgramFilesDir AND Check if the version of ssleay32.dll 1.0.0 before 1.0.0k ProgramFilesDir x86 AND Check if the version of ssleay32.dll 1.0.0 before 1.0.0k under Sytem32 and SysWOW64 AND Check if the version of ssleay32.dll 1.0.1 before 1.0.1d ProgramFilesDir AND Check if the version of ssleay32.dll 1.0.1 before 1.0.1d ProgramFilesDir x86 AND Check if the version of ssleay32.dll 1.0.1 before 1.0.1d under Sytem32 and SysWOW64 AND Check if the version of ssleay32.dll 0.9.8 before 0.9.8y ProgramFilesDir AND Check if the version of ssleay32.dll 0.9.8 before 0.9.8y ProgramFilesDir x86 AND Check if the version of ssleay32.dll 0.9.8 before 0.9.8y under Sytem32 and SysWOW64

Definition Id: oval:org.mitre.oval:def:25042

Oval ID:	oval:org.mitre.oval:def:25042
Title:	SUSE-SU-2013:1808-1 -- Security update for OpenJDK 1.6
Description:	OpenJDK 1.6 was updated to the new Icedtea release 1.12.7, which includes many fixes for bugs and security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1808-1 CVE-2013-3829 CVE-2013-5780 CVE-2013-5772 CVE-2013-5814 CVE-2013-5790 CVE-2013-5849 CVE-2013-5802 CVE-2013-5851 CVE-2013-5809 CVE-2013-5817 CVE-2013-5783 CVE-2013-5782 CVE-2013-5778 CVE-2013-5803 CVE-2013-5840 CVE-2013-5825 CVE-2013-5842 CVE-2013-5774 CVE-2013-5804 CVE-2013-5797 CVE-2013-5850 CVE-2013-5829 CVE-2013-5830 CVE-2013-4002 CVE-2013-5784 CVE-2013-5820 CVE-2013-5823	Version:	3
Platform(s):	SUSE Linux Enterprise Desktop 11	Product(s):	OpenJDK 1.6
Definition Synopsis:
SUSE Linux Enterprise Desktop 11.x is installed Packages match section java-1_6_0-openjdk RPM is earlier than 0:1.6.0.0_b27.1.12.7-0.2.1 AND java-1_6_0-openjdk-demo RPM is earlier than 0:1.6.0.0_b27.1.12.7-0.2.1 AND java-1_6_0-openjdk-devel RPM is earlier than 0:1.6.0.0_b27.1.12.7-0.2.1

Definition Id: oval:org.mitre.oval:def:25093

Oval ID:	oval:org.mitre.oval:def:25093
Title:	SUSE-SU-2013:0835-1 -- Security update for IBM Java
Description:	IBM Java 1.6.0 has been updated to SR13-FP2 fixing bugs and security issues. [http://www.ibm.com/developerworks/java/jdk/alerts/)(http:// www.ibm.com/developerworks/java/jdk/alerts/)
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0835-1 CVE-2013-2422 CVE-2013-1491 CVE-2013-2435 CVE-2013-2420 CVE-2013-2432 CVE-2013-1569 CVE-2013-2384 CVE-2013-2383 CVE-2013-1557 CVE-2013-1537 CVE-2013-2440 CVE-2013-2429 CVE-2013-2430 CVE-2013-1563 CVE-2013-2394 CVE-2013-0401 CVE-2013-2424 CVE-2013-2419 CVE-2013-2417 CVE-2013-2418 CVE-2013-1540 CVE-2013-2433	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10	Product(s):	IBM Java
Definition Synopsis:
SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_6_0-ibm RPM is earlier than 0:1.6.0_sr13.2-0.3.1 AND java-1_6_0-ibm-fonts RPM is earlier than 0:1.6.0_sr13.2-0.3.1 AND java-1_6_0-ibm-jdbc RPM is earlier than 0:1.6.0_sr13.2-0.3.1 AND java-1_6_0-ibm-plugin RPM is earlier than 0:1.6.0_sr13.2-0.3.1 AND java-1_6_0-ibm-alsa RPM is earlier than 0:1.6.0_sr13.2-0.3.1 AND SUSE Linux Enterprise Server 10 release section SUSE Linux Enterprise Server 10 is installed Packages match section java-1_6_0-ibm RPM is earlier than 0:1.6.0_sr13.2-0.8.1 AND java-1_6_0-ibm-devel RPM is earlier than 0:1.6.0_sr13.2-0.8.1 AND java-1_6_0-ibm-fonts RPM is earlier than 0:1.6.0_sr13.2-0.8.1 AND java-1_6_0-ibm-jdbc RPM is earlier than 0:1.6.0_sr13.2-0.8.1 AND java-1_6_0-ibm-plugin RPM is earlier than 0:1.6.0_sr13.2-0.8.1 AND java-1_6_0-ibm-32bit RPM is earlier than 0:1.6.0_sr13.2-0.8.1 AND java-1_6_0-ibm-devel-32bit RPM is earlier than 0:1.6.0_sr13.2-0.8.1 AND java-1_6_0-ibm-alsa-32bit RPM is earlier than 0:1.6.0_sr13.2-0.8.1 AND java-1_6_0-ibm-plugin-32bit RPM is earlier than 0:1.6.0_sr13.2-0.8.1 AND java-1_6_0-ibm-alsa RPM is earlier than 0:1.6.0_sr13.2-0.8.1

Definition Id: oval:org.mitre.oval:def:25236

Oval ID:	oval:org.mitre.oval:def:25236
Title:	SUSE-SU-2013:0701-2 -- Security update for java-1_6_0-ibm
Description:	IBM Java 6 was updated to SR13 FP1, fixing bugs and security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0701-2 CVE-2013-0485 CVE-2013-0809 CVE-2013-1493 CVE-2013-0169	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Desktop 10	Product(s):	java-1_6_0-ibm
Definition Synopsis:
SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_6_0-ibm RPM is earlier than 0:1.6.0_sr13.1-0.9.1 AND java-1_6_0-ibm-fonts RPM is earlier than 0:1.6.0_sr13.1-0.9.1 AND java-1_6_0-ibm-jdbc RPM is earlier than 0:1.6.0_sr13.1-0.9.1 AND java-1_6_0-ibm-plugin RPM is earlier than 0:1.6.0_sr13.1-0.9.1 AND java-1_6_0-ibm-alsa RPM is earlier than 0:1.6.0_sr13.1-0.9.1 AND SUSE Linux Enterprise Server 10 and SUSE Linux Enterprise Desktop 10 release section Operation system section SUSE Linux Enterprise Server 10 is installed AND SUSE Linux Enterprise Desktop 10 is installed Packages match section java-1_5_0-ibm RPM is earlier than 0:1.5.0_sr16.1-0.5.1 AND java-1_5_0-ibm-devel RPM is earlier than 0:1.5.0_sr16.1-0.5.1 AND java-1_5_0-ibm-fonts RPM is earlier than 0:1.5.0_sr16.1-0.5.1 AND java-1_5_0-ibm-32bit RPM is earlier than 0:1.5.0_sr16.1-0.5.1 AND java-1_5_0-ibm-devel-32bit RPM is earlier than 0:1.5.0_sr16.1-0.5.1 AND java-1_5_0-ibm-jdbc RPM is earlier than 0:1.5.0_sr16.1-0.5.1 AND java-1_5_0-ibm-plugin RPM is earlier than 0:1.5.0_sr16.1-0.5.1 AND java-1_5_0-ibm-alsa-32bit RPM is earlier than 0:1.5.0_sr16.1-0.5.1 AND java-1_5_0-ibm-alsa RPM is earlier than 0:1.5.0_sr16.1-0.5.1 AND SUSE Linux Enterprise Server 10 release section SUSE Linux Enterprise Server 10 is installed Packages match section java-1_6_0-ibm RPM is earlier than 0:1.6.0_sr13.1-0.14.1 AND java-1_6_0-ibm-devel RPM is earlier than 0:1.6.0_sr13.1-0.14.1 AND java-1_6_0-ibm-fonts RPM is earlier than 0:1.6.0_sr13.1-0.14.1 AND java-1_6_0-ibm-jdbc RPM is earlier than 0:1.6.0_sr13.1-0.14.1 AND java-1_6_0-ibm-plugin RPM is earlier than 0:1.6.0_sr13.1-0.14.1 AND java-1_6_0-ibm-32bit RPM is earlier than 0:1.6.0_sr13.1-0.14.1 AND java-1_6_0-ibm-devel-32bit RPM is earlier than 0:1.6.0_sr13.1-0.14.1 AND java-1_6_0-ibm-alsa-32bit RPM is earlier than 0:1.6.0_sr13.1-0.14.1 AND java-1_6_0-ibm-plugin-32bit RPM is earlier than 0:1.6.0_sr13.1-0.14.1 AND java-1_6_0-ibm-alsa RPM is earlier than 0:1.6.0_sr13.1-0.14.1 AND SUSE Linux Enterprise Desktop 10 release section SUSE Linux Enterprise Desktop 10 is installed Packages match section java-1_5_0-ibm-demo RPM is earlier than 0:1.5.0_sr16.1-0.5.1 AND java-1_5_0-ibm-src RPM is earlier than 0:1.5.0_sr16.1-0.5.1

Definition Id: oval:org.mitre.oval:def:25245

Oval ID:	oval:org.mitre.oval:def:25245
Title:	SUSE-SU-2014:0266-3 -- Security update for IBM Java 6
Description:	IBM Java 6 was updated to version SR15-FP1 which received security and bug fixes. More information at: http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_Ja nuary_14_2014_CPU <http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_J anuary_14_2014_CPU>
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0266-3 CVE-2014-0428 CVE-2014-0422 CVE-2013-5907 CVE-2014-0417 CVE-2014-0373 CVE-2014-0423 CVE-2014-0376 CVE-2014-0416 CVE-2014-0368 CVE-2014-0411 CVE-2014-0415 CVE-2014-0410 CVE-2013-5889 CVE-2014-0387 CVE-2014-0424 CVE-2013-5878 CVE-2014-0375 CVE-2014-0403 CVE-2013-5910 CVE-2013-5884 CVE-2013-5896 CVE-2013-5899 CVE-2013-5887 CVE-2013-5888 CVE-2013-5898	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10	Product(s):	IBM Java 6
Definition Synopsis:
SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_6_0-ibm RPM is earlier than 0:1.6.0_sr15.1-0.6.1 AND java-1_6_0-ibm-fonts RPM is earlier than 0:1.6.0_sr15.1-0.6.1 AND java-1_6_0-ibm-jdbc RPM is earlier than 0:1.6.0_sr15.1-0.6.1 AND java-1_6_0-ibm-plugin RPM is earlier than 0:1.6.0_sr15.1-0.6.1 AND java-1_6_0-ibm-alsa RPM is earlier than 0:1.6.0_sr15.1-0.6.1 AND SUSE Linux Enterprise Server 10 release section SUSE Linux Enterprise Server 10 is installed Packages match section java-1_5_0-ibm RPM is earlier than 0:1.5.0_sr16.5-0.6.1 AND java-1_5_0-ibm-devel RPM is earlier than 0:1.5.0_sr16.5-0.6.1 AND java-1_5_0-ibm-fonts RPM is earlier than 0:1.5.0_sr16.5-0.6.1 AND java-1_6_0-ibm RPM is earlier than 0:1.6.0_sr15.1-0.15.1 AND java-1_6_0-ibm-devel RPM is earlier than 0:1.6.0_sr15.1-0.15.1 AND java-1_6_0-ibm-fonts RPM is earlier than 0:1.6.0_sr15.1-0.15.1 AND java-1_6_0-ibm-jdbc RPM is earlier than 0:1.6.0_sr15.1-0.15.1 AND java-1_5_0-ibm-32bit RPM is earlier than 0:1.5.0_sr16.5-0.6.1 AND java-1_5_0-ibm-devel-32bit RPM is earlier than 0:1.5.0_sr16.5-0.6.1 AND java-1_6_0-ibm-32bit RPM is earlier than 0:1.6.0_sr15.1-0.15.1 AND java-1_6_0-ibm-devel-32bit RPM is earlier than 0:1.6.0_sr15.1-0.15.1 AND java-1_6_0-ibm-plugin RPM is earlier than 0:1.6.0_sr15.1-0.15.1 AND java-1_5_0-ibm-alsa-32bit RPM is earlier than 0:1.5.0_sr16.5-0.6.1 AND java-1_6_0-ibm-alsa-32bit RPM is earlier than 0:1.6.0_sr15.1-0.15.1 AND java-1_6_0-ibm-plugin-32bit RPM is earlier than 0:1.6.0_sr15.1-0.15.1 AND java-1_5_0-ibm-alsa RPM is earlier than 0:1.5.0_sr16.5-0.6.1 AND java-1_5_0-ibm-jdbc RPM is earlier than 0:1.5.0_sr16.5-0.6.1 AND java-1_5_0-ibm-plugin RPM is earlier than 0:1.5.0_sr16.5-0.6.1 AND java-1_6_0-ibm-alsa RPM is earlier than 0:1.6.0_sr15.1-0.15.1

Definition Id: oval:org.mitre.oval:def:25263

Oval ID:	oval:org.mitre.oval:def:25263
Title:	SUSE-SU-2013:1263-1 -- Security update for java-1_5_0-ibm
Description:	IBM Java 1.5.0 has been updated to SR16-FP3 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/> Also the following bug has been fixed: * add Europe/Busingen to tzmappings (bnc#817062) * mark files in jre/bin and bin/ as executable (bnc#823034)
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1263-1 CVE-2013-3009 CVE-2013-3011 CVE-2013-3012 CVE-2013-4002 CVE-2013-2469 CVE-2013-2465 CVE-2013-2464 CVE-2013-2463 CVE-2013-2473 CVE-2013-2472 CVE-2013-2471 CVE-2013-2470 CVE-2013-2459 CVE-2013-3743 CVE-2013-2448 CVE-2013-2454 CVE-2013-2456 CVE-2013-2457 CVE-2013-2455 CVE-2013-2443 CVE-2013-2447 CVE-2013-2444 CVE-2013-2452 CVE-2013-2446 CVE-2013-2450 CVE-2013-1571 CVE-2013-1500	Version:	3
Platform(s):	SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Desktop 10	Product(s):	java-1_5_0-ibm
Definition Synopsis:
SUSE Linux Enterprise Server 10 and SUSE Linux Enterprise Desktop 10 release section Operation system section SUSE Linux Enterprise Server 10 is installed AND SUSE Linux Enterprise Desktop 10 is installed Packages match section java-1_5_0-ibm RPM is earlier than 0:1.5.0_sr16.3-0.5.1 AND java-1_5_0-ibm-devel RPM is earlier than 0:1.5.0_sr16.3-0.5.1 AND java-1_5_0-ibm-fonts RPM is earlier than 0:1.5.0_sr16.3-0.5.1 AND java-1_5_0-ibm-32bit RPM is earlier than 0:1.5.0_sr16.3-0.5.1 AND java-1_5_0-ibm-devel-32bit RPM is earlier than 0:1.5.0_sr16.3-0.5.1 AND java-1_5_0-ibm-jdbc RPM is earlier than 0:1.5.0_sr16.3-0.5.1 AND java-1_5_0-ibm-plugin RPM is earlier than 0:1.5.0_sr16.3-0.5.1 AND java-1_5_0-ibm-alsa-32bit RPM is earlier than 0:1.5.0_sr16.3-0.5.1 AND java-1_5_0-ibm-alsa RPM is earlier than 0:1.5.0_sr16.3-0.5.1 AND SUSE Linux Enterprise Desktop 10 release section SUSE Linux Enterprise Desktop 10 is installed Packages match section java-1_5_0-ibm-demo RPM is earlier than 0:1.5.0_sr16.3-0.5.1 AND java-1_5_0-ibm-src RPM is earlier than 0:1.5.0_sr16.3-0.5.1

Definition Id: oval:org.mitre.oval:def:25287

Oval ID:	oval:org.mitre.oval:def:25287
Title:	SUSE-SU-2013:1669-1 -- Security update for IBM Java 5
Description:	IBM Java 5 SR16-FP4 has been released which fixes lots of bugs and security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1669-1 CVE-2013-4041 CVE-2013-5375 CVE-2013-5372 CVE-2013-5843 CVE-2013-5829 CVE-2013-5842 CVE-2013-5782 CVE-2013-5809 CVE-2013-5814 CVE-2013-5802 CVE-2013-5783 CVE-2013-3829 CVE-2013-4002 CVE-2013-5774 CVE-2013-5840 CVE-2013-5801 CVE-2013-5778 CVE-2013-5790 CVE-2013-5780 CVE-2013-5797	Version:	3
Platform(s):	SUSE Linux Enterprise Server 10	Product(s):	IBM Java 5
Definition Synopsis:
SUSE Linux Enterprise Server 10 is installed Packages match section java-1_5_0-ibm RPM is earlier than 0:1.5.0_sr16.4-0.5.1 AND java-1_5_0-ibm-devel RPM is earlier than 0:1.5.0_sr16.4-0.5.1 AND java-1_5_0-ibm-fonts RPM is earlier than 0:1.5.0_sr16.4-0.5.1 AND java-1_5_0-ibm-32bit RPM is earlier than 0:1.5.0_sr16.4-0.5.1 AND java-1_5_0-ibm-devel-32bit RPM is earlier than 0:1.5.0_sr16.4-0.5.1 AND java-1_5_0-ibm-alsa-32bit RPM is earlier than 0:1.5.0_sr16.4-0.5.1 AND java-1_5_0-ibm-alsa RPM is earlier than 0:1.5.0_sr16.4-0.5.1 AND java-1_5_0-ibm-jdbc RPM is earlier than 0:1.5.0_sr16.4-0.5.1 AND java-1_5_0-ibm-plugin RPM is earlier than 0:1.5.0_sr16.4-0.5.1

Definition Id: oval:org.mitre.oval:def:25326

Oval ID:	oval:org.mitre.oval:def:25326
Title:	SUSE-SU-2014:0246-1 -- Security update for IBM Java
Description:	This update contains the Oracle January 14 2014 CPU for java-1_7_0-ibm. Find more information at: http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_Ja nuary_14_2014_CPU <http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_J anuary_14_2014_CPU>
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0246-1 CVE-2014-0428 CVE-2014-0422 CVE-2013-5907 CVE-2014-0415 CVE-2014-0410 CVE-2013-5889 CVE-2014-0417 CVE-2014-0387 CVE-2014-0424 CVE-2013-5878 CVE-2014-0373 CVE-2014-0375 CVE-2014-0403 CVE-2014-0423 CVE-2014-0376 CVE-2013-5910 CVE-2013-5884 CVE-2013-5896 CVE-2013-5899 CVE-2014-0416 CVE-2013-5887 CVE-2014-0368 CVE-2013-5888 CVE-2013-5898 CVE-2014-0411	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	IBM Java
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_7_0-ibm RPM is earlier than 0:1.7.0_sr6.1-0.8.1 AND java-1_7_0-ibm-jdbc RPM is earlier than 0:1.7.0_sr6.1-0.8.1 AND java-1_7_0-ibm-alsa RPM is earlier than 0:1.7.0_sr6.1-0.8.1 AND java-1_7_0-ibm-plugin RPM is earlier than 0:1.7.0_sr6.1-0.8.1

Definition Id: oval:org.mitre.oval:def:25365

Oval ID:	oval:org.mitre.oval:def:25365
Title:	SUSE-SU-2014:0266-2 -- Security update for IBM Java 6
Description:	IBM Java 6 was updated to version SR15-FP1 which received security and bug fixes. More information at: http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_Ja nuary_14_2014_CPU <http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_J anuary_14_2014_CPU>
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0266-2 CVE-2014-0428 CVE-2014-0422 CVE-2013-5907 CVE-2014-0417 CVE-2014-0373 CVE-2014-0423 CVE-2014-0376 CVE-2014-0416 CVE-2014-0368 CVE-2014-0411 CVE-2014-0415 CVE-2014-0410 CVE-2013-5889 CVE-2014-0387 CVE-2014-0424 CVE-2013-5878 CVE-2014-0375 CVE-2014-0403 CVE-2013-5910 CVE-2013-5884 CVE-2013-5896 CVE-2013-5899 CVE-2013-5887 CVE-2013-5888 CVE-2013-5898	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	IBM Java 6
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_6_0-ibm RPM is earlier than 0:1.6.0_sr15.1-0.6.1 AND java-1_6_0-ibm-fonts RPM is earlier than 0:1.6.0_sr15.1-0.6.1 AND java-1_6_0-ibm-jdbc RPM is earlier than 0:1.6.0_sr15.1-0.6.1 AND java-1_7_0-ibm RPM is earlier than 0:1.7.0_sr6.1-0.8.1 AND java-1_7_0-ibm-jdbc RPM is earlier than 0:1.7.0_sr6.1-0.8.1 AND java-1_6_0-ibm-plugin RPM is earlier than 0:1.6.0_sr15.1-0.6.1 AND java-1_7_0-ibm-alsa RPM is earlier than 0:1.7.0_sr6.1-0.8.1 AND java-1_7_0-ibm-plugin RPM is earlier than 0:1.7.0_sr6.1-0.8.1 AND java-1_6_0-ibm-alsa RPM is earlier than 0:1.6.0_sr15.1-0.6.1

Definition Id: oval:org.mitre.oval:def:25455

Oval ID:	oval:org.mitre.oval:def:25455
Title:	SUSE-SU-2014:0215-1 -- Security update for openjdk
Description:	This openjdk update fixes several security issues. For a complete list of fixed vulnerabilities and their description please refer to: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014-J anuary/025800.html <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014- January/025800.html>
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0215-1 CVE-2013-5878 CVE-2013-5884 CVE-2013-5893 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428	Version:	3
Platform(s):	SUSE Linux Enterprise Desktop 11	Product(s):	openjdk
Definition Synopsis:
SUSE Linux Enterprise Desktop 11.x is installed Packages match section java-1_7_0-openjdk RPM is earlier than 0:1.7.0.6-0.23.1 AND java-1_7_0-openjdk-demo RPM is earlier than 0:1.7.0.6-0.23.1 AND java-1_7_0-openjdk-devel RPM is earlier than 0:1.7.0.6-0.23.1

Definition Id: oval:org.mitre.oval:def:25563

Oval ID:	oval:org.mitre.oval:def:25563
Title:	SUSE-SU-2013:0835-2 -- Security update for Java 1.5.0
Description:	IBM Java 1.5.0 has been updated to SR13-FP2 which fixes several bugs and security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0835-2 CVE-2013-2422 CVE-2013-1491 CVE-2013-2435 CVE-2013-2420 CVE-2013-2432 CVE-2013-1569 CVE-2013-2384 CVE-2013-2383 CVE-2013-1557 CVE-2013-1537 CVE-2013-2440 CVE-2013-2429 CVE-2013-2430 CVE-2013-1563 CVE-2013-2394 CVE-2013-0401 CVE-2013-2424 CVE-2013-2419 CVE-2013-2417 CVE-2013-2418 CVE-2013-1540 CVE-2013-2433	Version:	3
Platform(s):	SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Desktop 10	Product(s):	Java 1.5.0
Definition Synopsis:
SUSE Linux Enterprise Server 10 and SUSE Linux Enterprise Desktop 10 release section Operation system section SUSE Linux Enterprise Server 10 is installed AND SUSE Linux Enterprise Desktop 10 is installed Packages match section java-1_5_0-ibm RPM is earlier than 0:1.5.0_sr16.2-0.5.1 AND java-1_5_0-ibm-devel RPM is earlier than 0:1.5.0_sr16.2-0.5.1 AND java-1_5_0-ibm-fonts RPM is earlier than 0:1.5.0_sr16.2-0.5.1 AND java-1_5_0-ibm-32bit RPM is earlier than 0:1.5.0_sr16.2-0.5.1 AND java-1_5_0-ibm-devel-32bit RPM is earlier than 0:1.5.0_sr16.2-0.5.1 AND java-1_5_0-ibm-jdbc RPM is earlier than 0:1.5.0_sr16.2-0.5.1 AND java-1_5_0-ibm-plugin RPM is earlier than 0:1.5.0_sr16.2-0.5.1 AND java-1_5_0-ibm-alsa-32bit RPM is earlier than 0:1.5.0_sr16.2-0.5.1 AND java-1_5_0-ibm-alsa RPM is earlier than 0:1.5.0_sr16.2-0.5.1 AND SUSE Linux Enterprise Desktop 10 release section SUSE Linux Enterprise Desktop 10 is installed Packages match section java-1_5_0-ibm-demo RPM is earlier than 0:1.5.0_sr16.2-0.5.1 AND java-1_5_0-ibm-src RPM is earlier than 0:1.5.0_sr16.2-0.5.1

Definition Id: oval:org.mitre.oval:def:25575

Oval ID:	oval:org.mitre.oval:def:25575
Title:	SUSE-SU-2014:0266-1 -- Security update for IBM Java 6
Description:	IBM Java 6 was updated to version SR15-FP1 which received security and bugfixes.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0266-1 CVE-2014-0428 CVE-2014-0422 CVE-2013-5907 CVE-2014-0415 CVE-2014-0410 CVE-2013-5889 CVE-2014-0417 CVE-2014-0387 CVE-2014-0424 CVE-2013-5878 CVE-2014-0373 CVE-2014-0375 CVE-2014-0403 CVE-2014-0423 CVE-2014-0376 CVE-2013-5910 CVE-2013-5884 CVE-2013-5896 CVE-2013-5899 CVE-2014-0416 CVE-2013-5887 CVE-2014-0368 CVE-2013-5888 CVE-2013-5898 CVE-2014-0411	Version:	3
Platform(s):	SUSE Linux Enterprise Server 10	Product(s):	IBM Java 6
Definition Synopsis:
SUSE Linux Enterprise Server 10 is installed Packages match section java-1_5_0-ibm RPM is earlier than 0:1.5.0_sr16.5-0.6.1 AND java-1_5_0-ibm-devel RPM is earlier than 0:1.5.0_sr16.5-0.6.1 AND java-1_5_0-ibm-fonts RPM is earlier than 0:1.5.0_sr16.5-0.6.1 AND java-1_6_0-ibm RPM is earlier than 0:1.6.0_sr15.1-0.5.1 AND java-1_6_0-ibm-devel RPM is earlier than 0:1.6.0_sr15.1-0.5.1 AND java-1_6_0-ibm-fonts RPM is earlier than 0:1.6.0_sr15.1-0.5.1 AND java-1_6_0-ibm-jdbc RPM is earlier than 0:1.6.0_sr15.1-0.5.1 AND java-1_5_0-ibm-32bit RPM is earlier than 0:1.5.0_sr16.5-0.6.1 AND java-1_5_0-ibm-devel-32bit RPM is earlier than 0:1.5.0_sr16.5-0.6.1 AND java-1_6_0-ibm-32bit RPM is earlier than 0:1.6.0_sr15.1-0.5.1 AND java-1_6_0-ibm-devel-32bit RPM is earlier than 0:1.6.0_sr15.1-0.5.1 AND java-1_6_0-ibm-plugin RPM is earlier than 0:1.6.0_sr15.1-0.5.1 AND java-1_5_0-ibm-alsa-32bit RPM is earlier than 0:1.5.0_sr16.5-0.6.1 AND java-1_6_0-ibm-alsa-32bit RPM is earlier than 0:1.6.0_sr15.1-0.5.1 AND java-1_6_0-ibm-plugin-32bit RPM is earlier than 0:1.6.0_sr15.1-0.5.1 AND java-1_5_0-ibm-alsa RPM is earlier than 0:1.5.0_sr16.5-0.6.1 AND java-1_5_0-ibm-jdbc RPM is earlier than 0:1.5.0_sr16.5-0.6.1 AND java-1_5_0-ibm-plugin RPM is earlier than 0:1.5.0_sr16.5-0.6.1 AND java-1_6_0-ibm-alsa RPM is earlier than 0:1.6.0_sr15.1-0.5.1

Definition Id: oval:org.mitre.oval:def:25636

Oval ID:	oval:org.mitre.oval:def:25636
Title:	SUSE-SU-2013:1255-3 -- Security update for IBM Java 1.6.0
Description:	IBM Java 1.6.0 was updated to SR14 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/> Also the following bugs have been fixed: * add Europe/Busingen to tzmappings (bnc#817062) * mark files in jre/bin and bin/ as executable (bnc#823034)
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1255-3 CVE-2013-3009 CVE-2013-3011 CVE-2013-3012 CVE-2013-4002 CVE-2013-2468 CVE-2013-2469 CVE-2013-2465 CVE-2013-2464 CVE-2013-2463 CVE-2013-2473 CVE-2013-2472 CVE-2013-2471 CVE-2013-2470 CVE-2013-2459 CVE-2013-2466 CVE-2013-3743 CVE-2013-2448 CVE-2013-2442 CVE-2013-2407 CVE-2013-2454 CVE-2013-2456 CVE-2013-2453 CVE-2013-2457 CVE-2013-2455 CVE-2013-2412 CVE-2013-2443 CVE-2013-2447 CVE-2013-2437 CVE-2013-2444 CVE-2013-2452 CVE-2013-2446 CVE-2013-2450 CVE-2013-1571 CVE-2013-2451 CVE-2013-1500	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	IBM Java 1.6.0
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_6_0-ibm RPM is earlier than 0:1.6.0_sr14.0-0.3.1 AND java-1_6_0-ibm-fonts RPM is earlier than 0:1.6.0_sr14.0-0.3.1 AND java-1_6_0-ibm-jdbc RPM is earlier than 0:1.6.0_sr14.0-0.3.1 AND java-1_6_0-ibm-plugin RPM is earlier than 0:1.6.0_sr14.0-0.3.1 AND java-1_6_0-ibm-alsa RPM is earlier than 0:1.6.0_sr14.0-0.3.1

Definition Id: oval:org.mitre.oval:def:25638

Oval ID:	oval:org.mitre.oval:def:25638
Title:	SUSE-SU-2013:1305-1 -- Security update for IBM Java 1.6.0
Description:	IBM Java 1.6.0 has been updated to SR14 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/> Also the following bugs have been fixed: * add Europe/Busingen to tzmappings (bnc#817062) * mark files in jre/bin and bin/ as executable (bnc#823034) * check if installed qa_filelist is not empty (bnc#831936)
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1305-1 CVE-2013-3009 CVE-2013-3011 CVE-2013-3012 CVE-2013-4002 CVE-2013-2468 CVE-2013-2469 CVE-2013-2465 CVE-2013-2464 CVE-2013-2463 CVE-2013-2473 CVE-2013-2472 CVE-2013-2471 CVE-2013-2470 CVE-2013-2459 CVE-2013-2466 CVE-2013-3743 CVE-2013-2448 CVE-2013-2442 CVE-2013-2407 CVE-2013-2454 CVE-2013-2456 CVE-2013-2453 CVE-2013-2457 CVE-2013-2455 CVE-2013-2412 CVE-2013-2443 CVE-2013-2447 CVE-2013-2437 CVE-2013-2444 CVE-2013-2452 CVE-2013-2446 CVE-2013-2450 CVE-2013-1571 CVE-2013-2451 CVE-2013-1500	Version:	3
Platform(s):	SUSE Linux Enterprise Server 10	Product(s):	IBM Java 1.6.0
Definition Synopsis:
SUSE Linux Enterprise Server 10 is installed Packages match section java-1_6_0-ibm RPM is earlier than 0:1.6.0_sr14.0-0.6.6.1 AND java-1_6_0-ibm-devel RPM is earlier than 0:1.6.0_sr14.0-0.6.6.1 AND java-1_6_0-ibm-fonts RPM is earlier than 0:1.6.0_sr14.0-0.6.6.1 AND java-1_6_0-ibm-jdbc RPM is earlier than 0:1.6.0_sr14.0-0.6.6.1 AND java-1_6_0-ibm-32bit RPM is earlier than 0:1.6.0_sr14.0-0.6.6.1 AND java-1_6_0-ibm-devel-32bit RPM is earlier than 0:1.6.0_sr14.0-0.6.6.1 AND java-1_6_0-ibm-plugin RPM is earlier than 0:1.6.0_sr14.0-0.6.6.1 AND java-1_6_0-ibm-alsa-32bit RPM is earlier than 0:1.6.0_sr14.0-0.6.6.1 AND java-1_6_0-ibm-plugin-32bit RPM is earlier than 0:1.6.0_sr14.0-0.6.6.1 AND java-1_6_0-ibm-alsa RPM is earlier than 0:1.6.0_sr14.0-0.6.6.1

Definition Id: oval:org.mitre.oval:def:25669

Oval ID:	oval:org.mitre.oval:def:25669
Title:	SUSE-SU-2013:0871-2 -- Security update for IBM Java
Description:	IBM Java 1.7.0 has been updated to SR4-FP2 which fixes bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/>
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0871-2 CVE-2013-2422 CVE-2013-1491 CVE-2013-2435 CVE-2013-2420 CVE-2013-2432 CVE-2013-1569 CVE-2013-2384 CVE-2013-2383 CVE-2013-1557 CVE-2013-1537 CVE-2013-2440 CVE-2013-2429 CVE-2013-2430 CVE-2013-1563 CVE-2013-2394 CVE-2013-0401 CVE-2013-2424 CVE-2013-2419 CVE-2013-2417 CVE-2013-2418 CVE-2013-1540 CVE-2013-2433	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	IBM Java
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_7_0-ibm RPM is earlier than 0:1.7.0_sr4.2-0.6.1 AND java-1_7_0-ibm-jdbc RPM is earlier than 0:1.7.0_sr4.2-0.6.1 AND java-1_7_0-ibm-alsa RPM is earlier than 0:1.7.0_sr4.2-0.6.1 AND java-1_7_0-ibm-plugin RPM is earlier than 0:1.7.0_sr4.2-0.6.1

Definition Id: oval:org.mitre.oval:def:25719

Oval ID:	oval:org.mitre.oval:def:25719
Title:	SUSE-SU-2013:1666-1 -- Security update for OpenJDK 7
Description:	This release updates our OpenJDK 7 support in the 2.4.x series with a number of security fixes and synchronises it with upstream development. The security issues fixed (a long list) can be found in the following link: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-O ctober/025087.html <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013- October/025087.html>
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1666-1 CVE-2013-3829 CVE-2013-5780 CVE-2013-5772 CVE-2013-5814 CVE-2013-5790 CVE-2013-5849 CVE-2013-5802 CVE-2013-5851 CVE-2013-5809 CVE-2013-5817 CVE-2013-5783 CVE-2013-5782 CVE-2013-5778 CVE-2013-5803 CVE-2013-5840 CVE-2013-5825 CVE-2013-5842 CVE-2013-5774 CVE-2013-5804 CVE-2013-5797 CVE-2013-5850 CVE-2013-5829 CVE-2013-5830 CVE-2013-4002 CVE-2013-5784 CVE-2013-5820 CVE-2013-5805 CVE-2013-5806 CVE-2013-5823 CVE-2013-5800	Version:	3
Platform(s):	SUSE Linux Enterprise Desktop 11	Product(s):	OpenJDK 7
Definition Synopsis:
SUSE Linux Enterprise Desktop 11.x is installed Packages match section java-1_7_0-openjdk RPM is earlier than 0:1.7.0.6-0.21.1 AND java-1_7_0-openjdk-demo RPM is earlier than 0:1.7.0.6-0.21.1 AND java-1_7_0-openjdk-devel RPM is earlier than 0:1.7.0.6-0.21.1

Definition Id: oval:org.mitre.oval:def:25723

Oval ID:	oval:org.mitre.oval:def:25723
Title:	SUSE-SU-2013:1255-2 -- Security update for java-1_6_0-ibm
Description:	IBM Java 1.6.0 has been updated to SR14 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/> Also the following bugs have been fixed: * add Europe/Busingen to tzmappings (bnc#817062) * mark files in jre/bin and bin/ as executable (bnc#823034)
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1255-2 CVE-2013-3009 CVE-2013-3011 CVE-2013-3012 CVE-2013-4002 CVE-2013-2468 CVE-2013-2469 CVE-2013-2465 CVE-2013-2464 CVE-2013-2463 CVE-2013-2473 CVE-2013-2472 CVE-2013-2471 CVE-2013-2470 CVE-2013-2459 CVE-2013-2466 CVE-2013-3743 CVE-2013-2448 CVE-2013-2442 CVE-2013-2407 CVE-2013-2454 CVE-2013-2456 CVE-2013-2453 CVE-2013-2457 CVE-2013-2455 CVE-2013-2412 CVE-2013-2443 CVE-2013-2447 CVE-2013-2437 CVE-2013-2444 CVE-2013-2452 CVE-2013-2446 CVE-2013-2450 CVE-2013-1571 CVE-2013-2451 CVE-2013-1500	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	java-1_6_0-ibm
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_6_0-ibm RPM is earlier than 0:1.6.0_sr14.0-0.3.1 AND java-1_6_0-ibm-fonts RPM is earlier than 0:1.6.0_sr14.0-0.3.1 AND java-1_6_0-ibm-jdbc RPM is earlier than 0:1.6.0_sr14.0-0.3.1 AND java-1_6_0-ibm-plugin RPM is earlier than 0:1.6.0_sr14.0-0.3.1 AND java-1_6_0-ibm-alsa RPM is earlier than 0:1.6.0_sr14.0-0.3.1

Definition Id: oval:org.mitre.oval:def:25758

Oval ID:	oval:org.mitre.oval:def:25758
Title:	SUSE-SU-2013:1257-1 -- Security update for java-1_7_0-ibm
Description:	IBM Java 1.7.0 has been updated to SR5 to fix bugs and security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1257-1 CVE-2013-3006 CVE-2013-3007 CVE-2013-3008 CVE-2013-3009 CVE-2013-3010 CVE-2013-3011 CVE-2013-3012 CVE-2013-4002 CVE-2013-2468 CVE-2013-2469 CVE-2013-2465 CVE-2013-2464 CVE-2013-2463 CVE-2013-2473 CVE-2013-2472 CVE-2013-2471 CVE-2013-2470 CVE-2013-2459 CVE-2013-2466 CVE-2013-2462 CVE-2013-2460 CVE-2013-3743 CVE-2013-2448 CVE-2013-2442 CVE-2013-2407 CVE-2013-2454 CVE-2013-2458 CVE-2013-3744 CVE-2013-2400 CVE-2013-2456 CVE-2013-2453 CVE-2013-2457 CVE-2013-2455 CVE-2013-2412 CVE-2013-2443 CVE-2013-2447 CVE-2013-2437 CVE-2013-2444 CVE-2013-2452 CVE-2013-2446 CVE-2013-2450 CVE-2013-1571 CVE-2013-2449 CVE-2013-2451 CVE-2013-1500	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	java-1_7_0-ibm
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_7_0-ibm RPM is earlier than 0:1.7.0_sr5.0-0.5.1 AND java-1_7_0-ibm-jdbc RPM is earlier than 0:1.7.0_sr5.0-0.5.1 AND java-1_7_0-ibm-alsa RPM is earlier than 0:1.7.0_sr5.0-0.5.1 AND java-1_7_0-ibm-plugin RPM is earlier than 0:1.7.0_sr5.0-0.5.1

Definition Id: oval:org.mitre.oval:def:25772

Oval ID:	oval:org.mitre.oval:def:25772
Title:	SUSE-SU-2013:1263-2 -- Security update for java-1_5_0-ibm
Description:	IBM Java 1.5.0 was updated to SR16-FP3 to fix bugs and security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1263-2 CVE-2013-3009 CVE-2013-3011 CVE-2013-3012 CVE-2013-4002 CVE-2013-2469 CVE-2013-2465 CVE-2013-2464 CVE-2013-2463 CVE-2013-2473 CVE-2013-2472 CVE-2013-2471 CVE-2013-2470 CVE-2013-2459 CVE-2013-3743 CVE-2013-2448 CVE-2013-2454 CVE-2013-2456 CVE-2013-2457 CVE-2013-2455 CVE-2013-2443 CVE-2013-2447 CVE-2013-2444 CVE-2013-2452 CVE-2013-2446 CVE-2013-2450 CVE-2013-1571 CVE-2013-1500	Version:	3
Platform(s):	SUSE Linux Enterprise Server 10	Product(s):	java-1_5_0-ibm
Definition Synopsis:
SUSE Linux Enterprise Server 10 is installed Packages match section java-1_5_0-ibm RPM is earlier than 0:1.5.0_sr16.3-0.5.1 AND java-1_5_0-ibm-devel RPM is earlier than 0:1.5.0_sr16.3-0.5.1 AND java-1_5_0-ibm-fonts RPM is earlier than 0:1.5.0_sr16.3-0.5.1 AND java-1_5_0-ibm-32bit RPM is earlier than 0:1.5.0_sr16.3-0.5.1 AND java-1_5_0-ibm-devel-32bit RPM is earlier than 0:1.5.0_sr16.3-0.5.1 AND java-1_5_0-ibm-alsa-32bit RPM is earlier than 0:1.5.0_sr16.3-0.5.1 AND java-1_5_0-ibm-alsa RPM is earlier than 0:1.5.0_sr16.3-0.5.1 AND java-1_5_0-ibm-jdbc RPM is earlier than 0:1.5.0_sr16.3-0.5.1 AND java-1_5_0-ibm-plugin RPM is earlier than 0:1.5.0_sr16.3-0.5.1

Definition Id: oval:org.mitre.oval:def:25782

Oval ID:	oval:org.mitre.oval:def:25782
Title:	SUSE-SU-2013:1254-1 -- Security update for java-1_7_0-openjdk
Description:	This update to icedtea-2.4.1 fixes various security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1254-1 CVE-2013-2407 CVE-2013-2445 CVE-2013-2451 CVE-2013-2450 CVE-2013-2446 CVE-2013-2452 CVE-2013-1500 CVE-2013-2444 CVE-2013-2447 CVE-2013-2443 CVE-2013-2412 CVE-2013-2449 CVE-2013-2448 CVE-2013-2455 CVE-2013-2457 CVE-2013-2453 CVE-2013-2456 CVE-2013-2459 CVE-2013-2458 CVE-2013-2454 CVE-2013-2460 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-1571 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2461	Version:	3
Platform(s):	SUSE Linux Enterprise Desktop 11	Product(s):	java-1_7_0-openjdk
Definition Synopsis:
SUSE Linux Enterprise Desktop 11.x is installed Packages match section java-1_7_0-openjdk RPM is earlier than 0:1.7.0.6-0.19.2 AND java-1_7_0-openjdk-demo RPM is earlier than 0:1.7.0.6-0.19.2 AND java-1_7_0-openjdk-devel RPM is earlier than 0:1.7.0.6-0.19.2

Definition Id: oval:org.mitre.oval:def:25783

Oval ID:	oval:org.mitre.oval:def:25783
Title:	SUSE-SU-2013:1293-2 -- Security update for IBM Java 1.4.2
Description:	IBM Java 1.4.2 has been updated to SR13-FP18 to fix bugs and security issues: CVE-2013-3009, CVE-2013-3011, CVE-2013-3012, CVE-2013-2469, CVE-2013-2465, CVE-2013-2464, CVE-2013-2463, CVE-2013-2473, CVE-2013-2472, CVE-2013-2471, CVE-2013-2470, CVE-2013-2459, CVE-2013-2456, CVE-2013-2447, CVE-2013-2452, CVE-2013-2446, CVE-2013-2450, CVE-2013-1500 Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/> Also following bug has been fixed: * mark files in jre/bin and bin/ as executable (bnc#823034)
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1293-2 CVE-2013-3009 CVE-2013-3011 CVE-2013-3012 CVE-2013-2469 CVE-2013-2465 CVE-2013-2464 CVE-2013-2463 CVE-2013-2473 CVE-2013-2472 CVE-2013-2471 CVE-2013-2470 CVE-2013-2459 CVE-2013-2456 CVE-2013-2447 CVE-2013-2452 CVE-2013-2446 CVE-2013-2450 CVE-2013-1500	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10	Product(s):	IBM Java 1.4.2
Definition Synopsis:
SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_4_2-ibm RPM is earlier than 0:1.4.2_sr13.18-0.4.1 AND java-1_4_2-ibm-jdbc RPM is earlier than 0:1.4.2_sr13.18-0.4.1 AND java-1_4_2-ibm-plugin RPM is earlier than 0:1.4.2_sr13.18-0.4.1 AND SUSE Linux Enterprise Server 10 release section SUSE Linux Enterprise Server 10 is installed Packages match section java-1_4_2-ibm RPM is earlier than 0:1.4.2_sr13.18-0.7.1 AND java-1_4_2-ibm-devel RPM is earlier than 0:1.4.2_sr13.18-0.7.1 AND java-1_4_2-ibm-jdbc RPM is earlier than 0:1.4.2_sr13.18-0.7.1 AND java-1_4_2-ibm-plugin RPM is earlier than 0:1.4.2_sr13.18-0.7.1

Definition Id: oval:org.mitre.oval:def:25791

Oval ID:	oval:org.mitre.oval:def:25791
Title:	SUSE-SU-2013:0871-1 -- Security update for IBM Java 1.7.0
Description:	IBM Java 1.7.0 has been updated to SR4-FP2 which fixes several bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/>
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0871-1 CVE-2013-2422 CVE-2013-1491 CVE-2013-2435 CVE-2013-2420 CVE-2013-2432 CVE-2013-1569 CVE-2013-2384 CVE-2013-2383 CVE-2013-1557 CVE-2013-1537 CVE-2013-2440 CVE-2013-2429 CVE-2013-2430 CVE-2013-1563 CVE-2013-2394 CVE-2013-0401 CVE-2013-2424 CVE-2013-2419 CVE-2013-2417 CVE-2013-2418 CVE-2013-1540 CVE-2013-2433	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	IBM Java 1.7.0
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_7_0-ibm RPM is earlier than 0:1.7.0_sr4.2-0.6.1 AND java-1_7_0-ibm-jdbc RPM is earlier than 0:1.7.0_sr4.2-0.6.1 AND java-1_7_0-ibm-alsa RPM is earlier than 0:1.7.0_sr4.2-0.6.1 AND java-1_7_0-ibm-plugin RPM is earlier than 0:1.7.0_sr4.2-0.6.1

Definition Id: oval:org.mitre.oval:def:25811

Oval ID:	oval:org.mitre.oval:def:25811
Title:	SUSE-SU-2013:0701-1 -- Security update for java-1_7_0-ibm
Description:	IBM Java 7 was updated to SR4-FP1, fixing bugs and security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0701-1 CVE-2013-0485 CVE-2013-0809 CVE-2013-1493 CVE-2013-0169	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	java-1_7_0-ibm
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_7_0-ibm RPM is earlier than 0:1.7.0_sr4.1-0.5.1 AND java-1_7_0-ibm-jdbc RPM is earlier than 0:1.7.0_sr4.1-0.5.1 AND java-1_7_0-ibm-plugin RPM is earlier than 0:1.7.0_sr4.1-0.5.1 AND java-1_7_0-ibm-alsa RPM is earlier than 0:1.7.0_sr4.1-0.5.1

Definition Id: oval:org.mitre.oval:def:25834

Oval ID:	oval:org.mitre.oval:def:25834
Title:	SUSE-SU-2013:1264-1 -- Security update for java-1_4_2-ibm
Description:	IBM Java 1.4.2 has been updated to SR13-FP18 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/> Also the following bug has been fixed: * mark files in jre/bin and bin/ as executable (bnc#823034)
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1264-1 CVE-2013-3009 CVE-2013-3011 CVE-2013-3012 CVE-2013-2469 CVE-2013-2465 CVE-2013-2464 CVE-2013-2463 CVE-2013-2473 CVE-2013-2472 CVE-2013-2471 CVE-2013-2470 CVE-2013-2459 CVE-2013-2456 CVE-2013-2447 CVE-2013-2452 CVE-2013-2446 CVE-2013-2450 CVE-2013-1500	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10	Product(s):	java-1_4_2-ibm
Definition Synopsis:
SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_4_2-ibm RPM is earlier than 0:1.4.2_sr13.18-0.4.1 AND java-1_4_2-ibm-jdbc RPM is earlier than 0:1.4.2_sr13.18-0.4.1 AND java-1_4_2-ibm-plugin RPM is earlier than 0:1.4.2_sr13.18-0.4.1 AND SUSE Linux Enterprise Server 10 release section SUSE Linux Enterprise Server 10 is installed Packages match section java-1_4_2-ibm RPM is earlier than 0:1.4.2_sr13.18-0.7.1 AND java-1_4_2-ibm-devel RPM is earlier than 0:1.4.2_sr13.18-0.7.1 AND java-1_4_2-ibm-jdbc RPM is earlier than 0:1.4.2_sr13.18-0.7.1 AND java-1_4_2-ibm-plugin RPM is earlier than 0:1.4.2_sr13.18-0.7.1

Definition Id: oval:org.mitre.oval:def:25853

Oval ID:	oval:org.mitre.oval:def:25853
Title:	SUSE-SU-2013:1256-1 -- Security update for java-1_7_0-ibm
Description:	IBM Java 1.7.0 has been updated to SR5 to fix bugs and security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1256-1 CVE-2013-3006 CVE-2013-3007 CVE-2013-3008 CVE-2013-3009 CVE-2013-3010 CVE-2013-3011 CVE-2013-3012 CVE-2013-4002 CVE-2013-2468 CVE-2013-2469 CVE-2013-2465 CVE-2013-2464 CVE-2013-2463 CVE-2013-2473 CVE-2013-2472 CVE-2013-2471 CVE-2013-2470 CVE-2013-2459 CVE-2013-2466 CVE-2013-2462 CVE-2013-2460 CVE-2013-3743 CVE-2013-2448 CVE-2013-2442 CVE-2013-2407 CVE-2013-2454 CVE-2013-2458 CVE-2013-3744 CVE-2013-2400 CVE-2013-2456 CVE-2013-2453 CVE-2013-2457	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	java-1_7_0-ibm
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_7_0-ibm RPM is earlier than 0:1.7.0_sr5.0-0.5.1 AND java-1_7_0-ibm-jdbc RPM is earlier than 0:1.7.0_sr5.0-0.5.1 AND java-1_7_0-ibm-alsa RPM is earlier than 0:1.7.0_sr5.0-0.5.1 AND java-1_7_0-ibm-plugin RPM is earlier than 0:1.7.0_sr5.0-0.5.1

Definition Id: oval:org.mitre.oval:def:25872

Oval ID:	oval:org.mitre.oval:def:25872
Title:	SUSE-SU-2013:0710-1 -- Security update for IBM Java
Description:	IBM Java 1.4.2 has been updated to SR13 FP16 which fixes bugs and security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0710-1 CVE-2013-0485 CVE-2013-0809 CVE-2013-1493	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10	Product(s):	IBM Java
Definition Synopsis:
SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_4_2-ibm RPM is earlier than 0:1.4.2_sr13.16-0.2.1 AND java-1_4_2-ibm-jdbc RPM is earlier than 0:1.4.2_sr13.16-0.2.1 AND java-1_4_2-ibm-plugin RPM is earlier than 0:1.4.2_sr13.16-0.2.1 AND SUSE Linux Enterprise Server 10 release section SUSE Linux Enterprise Server 10 is installed Packages match section java-1_4_2-ibm RPM is earlier than 0:1.4.2_sr13.16-0.5.1 AND java-1_4_2-ibm-devel RPM is earlier than 0:1.4.2_sr13.16-0.5.1 AND java-1_4_2-ibm-jdbc RPM is earlier than 0:1.4.2_sr13.16-0.5.1 AND java-1_4_2-ibm-plugin RPM is earlier than 0:1.4.2_sr13.16-0.5.1

Definition Id: oval:org.mitre.oval:def:25883

Oval ID:	oval:org.mitre.oval:def:25883
Title:	SUSE-SU-2013:0814-1 -- Security update for java-1_6_0-openjdk
Description:	java-1_6_0-openjdk has been updated to version Icedtea6-1.12.5 which fixes several security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0814-1 CVE-2013-1518 CVE-2013-2417 CVE-2013-2419 CVE-2013-1537 CVE-2013-1557 CVE-2013-2415 CVE-2013-2431 CVE-2013-2383 CVE-2013-2384 CVE-2013-1569 CVE-2013-2424 CVE-2013-2420 CVE-2013-2430 CVE-2013-2429 CVE-2013-2426 CVE-2013-0401 CVE-2013-2421 CVE-2013-1488 CVE-2013-2422	Version:	3
Platform(s):	SUSE Linux Enterprise Desktop 11	Product(s):	java-1_6_0-openjdk
Definition Synopsis:
SUSE Linux Enterprise Desktop 11.x is installed Packages match section java-1_6_0-openjdk RPM is earlier than 0:1.6.0.0_b27.1.12.5-0.2.1 AND java-1_6_0-openjdk-demo RPM is earlier than 0:1.6.0.0_b27.1.12.5-0.2.1 AND java-1_6_0-openjdk-devel RPM is earlier than 0:1.6.0.0_b27.1.12.5-0.2.1

Definition Id: oval:org.mitre.oval:def:25894

Oval ID:	oval:org.mitre.oval:def:25894
Title:	SUSE-SU-2013:0440-1 -- Security update for Java
Description:	IBM Java 7 was updated to SR4, fixing various critical security issues and bugs.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0440-1 CVE-2013-1487 CVE-2013-1486 CVE-2013-1478 CVE-2013-0445 CVE-2013-1480 CVE-2013-0441 CVE-2013-1476 CVE-2012-1541 CVE-2013-0446 CVE-2012-3342 CVE-2013-0442 CVE-2013-0450 CVE-2013-0425 CVE-2013-0426 CVE-2013-0428 CVE-2012-3213 CVE-2013-0419 CVE-2013-0423 CVE-2013-0351 CVE-2013-0432 CVE-2013-1473 CVE-2013-0435 CVE-2013-0434 CVE-2013-0409 CVE-2013-0427 CVE-2013-0433 CVE-2013-0424 CVE-2013-0440 CVE-2013-0438 CVE-2013-0443 CVE-2013-1484 CVE-2013-1485 CVE-2013-0437 CVE-2013-0444 CVE-2013-0449 CVE-2013-0431 CVE-2013-0422 CVE-2012-3174	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	Java
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_7_0-ibm RPM is earlier than 0:1.7.0_sr4.0-0.6.1 AND java-1_7_0-ibm-jdbc RPM is earlier than 0:1.7.0_sr4.0-0.6.1 AND java-1_7_0-ibm-plugin RPM is earlier than 0:1.7.0_sr4.0-0.6.1 AND java-1_7_0-ibm-alsa RPM is earlier than 0:1.7.0_sr4.0-0.6.1

Definition Id: oval:org.mitre.oval:def:25907

Oval ID:	oval:org.mitre.oval:def:25907
Title:	SUSE-SU-2013:1255-1 -- Security update for java-1_6_0-ibm
Description:	IBM Java 1.6.0 has been updated to SR14 to fix bugs and security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1255-1 CVE-2013-3009 CVE-2013-3011 CVE-2013-3012 CVE-2013-4002 CVE-2013-2468 CVE-2013-2469 CVE-2013-2465 CVE-2013-2464 CVE-2013-2463 CVE-2013-2473 CVE-2013-2472 CVE-2013-2471 CVE-2013-2470 CVE-2013-2459 CVE-2013-2466 CVE-2013-3743 CVE-2013-2448 CVE-2013-2442 CVE-2013-2407 CVE-2013-2454 CVE-2013-2456 CVE-2013-2453 CVE-2013-2457 CVE-2013-2455 CVE-2013-2412 CVE-2013-2443 CVE-2013-2447 CVE-2013-2437 CVE-2013-2444 CVE-2013-2452 CVE-2013-2446 CVE-2013-2450 CVE-2013-1571 CVE-2013-2451 CVE-2013-1500	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10	Product(s):	java-1_6_0-ibm
Definition Synopsis:
SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_6_0-ibm RPM is earlier than 0:1.6.0_sr14.0-0.3.1 AND java-1_6_0-ibm-fonts RPM is earlier than 0:1.6.0_sr14.0-0.3.1 AND java-1_6_0-ibm-jdbc RPM is earlier than 0:1.6.0_sr14.0-0.3.1 AND java-1_6_0-ibm-plugin RPM is earlier than 0:1.6.0_sr14.0-0.3.1 AND java-1_6_0-ibm-alsa RPM is earlier than 0:1.6.0_sr14.0-0.3.1 AND SUSE Linux Enterprise Server 10 release section SUSE Linux Enterprise Server 10 is installed Packages match section java-1_6_0-ibm RPM is earlier than 0:1.6.0_sr14.0-0.11.1 AND java-1_6_0-ibm-devel RPM is earlier than 0:1.6.0_sr14.0-0.11.1 AND java-1_6_0-ibm-fonts RPM is earlier than 0:1.6.0_sr14.0-0.11.1 AND java-1_6_0-ibm-jdbc RPM is earlier than 0:1.6.0_sr14.0-0.11.1 AND java-1_6_0-ibm-plugin RPM is earlier than 0:1.6.0_sr14.0-0.11.1 AND java-1_6_0-ibm-32bit RPM is earlier than 0:1.6.0_sr14.0-0.11.1 AND java-1_6_0-ibm-devel-32bit RPM is earlier than 0:1.6.0_sr14.0-0.11.1 AND java-1_6_0-ibm-alsa-32bit RPM is earlier than 0:1.6.0_sr14.0-0.11.1 AND java-1_6_0-ibm-plugin-32bit RPM is earlier than 0:1.6.0_sr14.0-0.11.1 AND java-1_6_0-ibm-alsa RPM is earlier than 0:1.6.0_sr14.0-0.11.1

Definition Id: oval:org.mitre.oval:def:25934

Oval ID:	oval:org.mitre.oval:def:25934
Title:	SUSE-SU-2013:0434-1 -- Security update for Java
Description:	This release of Icedtea6-1.12.4 fixes the following two issues that allowed a remote attacker to execute arbitrary code remotely by providing crafted images to the affected code.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0434-1 CVE-2013-0809 CVE-2013-1493	Version:	3
Platform(s):	SUSE Linux Enterprise Desktop 11	Product(s):	Java
Definition Synopsis:
SUSE Linux Enterprise Desktop 11.x is installed Packages match section java-1_6_0-openjdk RPM is earlier than 0:1.6.0.0_b27.1.12.4-0.2.1 AND java-1_6_0-openjdk-demo RPM is earlier than 0:1.6.0.0_b27.1.12.4-0.2.1 AND java-1_6_0-openjdk-devel RPM is earlier than 0:1.6.0.0_b27.1.12.4-0.2.1

Definition Id: oval:org.mitre.oval:def:25952

Oval ID:	oval:org.mitre.oval:def:25952
Title:	SUSE-SU-2013:1238-1 -- Security update for java-1_6_0-openjdk
Description:	java-1_6_0-openjdk has been updated to Icedtea6-1.12.6 version.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1238-1 CVE-2013-2407 CVE-2013-2445 CVE-2013-2451 CVE-2013-2450 CVE-2013-2446 CVE-2013-2452 CVE-2013-1500 CVE-2013-2444 CVE-2013-2447 CVE-2013-2443 CVE-2013-2412 CVE-2013-2448 CVE-2013-2455 CVE-2013-2457 CVE-2013-2453 CVE-2013-2456 CVE-2013-2459 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-1571 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2461	Version:	3
Platform(s):	SUSE Linux Enterprise Desktop 11	Product(s):	java-1_6_0-openjdk
Definition Synopsis:
SUSE Linux Enterprise Desktop 11.x is installed Packages match section java-1_6_0-openjdk RPM is earlier than 0:1.6.0.0_b27.1.12.6-0.2.1 AND java-1_6_0-openjdk-demo RPM is earlier than 0:1.6.0.0_b27.1.12.6-0.2.1 AND java-1_6_0-openjdk-devel RPM is earlier than 0:1.6.0.0_b27.1.12.6-0.2.1

Definition Id: oval:org.mitre.oval:def:25988

Oval ID:	oval:org.mitre.oval:def:25988
Title:	SUSE-SU-2013:0934-1 -- Security update for Java 1.4.2
Description:	IBM Java 1.4.2 has been updated to SR13-FP17 fixing bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/>
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0934-1 CVE-2013-1491 CVE-2013-2420 CVE-2013-2432 CVE-2013-1569 CVE-2013-2384 CVE-2013-2383 CVE-2013-1557 CVE-2013-1537 CVE-2013-2429 CVE-2013-2430 CVE-2013-2394 CVE-2013-2419 CVE-2013-2417	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10	Product(s):	Java 1.4.2
Definition Synopsis:
SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_4_2-ibm RPM is earlier than 0:1.4.2_sr13.17-0.2.1 AND java-1_4_2-ibm-jdbc RPM is earlier than 0:1.4.2_sr13.17-0.2.1 AND java-1_4_2-ibm-plugin RPM is earlier than 0:1.4.2_sr13.17-0.2.1 AND SUSE Linux Enterprise Server 10 release section SUSE Linux Enterprise Server 10 is installed Packages match section java-1_4_2-ibm RPM is earlier than 0:1.4.2_sr13.17-0.5.1 AND java-1_4_2-ibm-devel RPM is earlier than 0:1.4.2_sr13.17-0.5.1 AND java-1_4_2-ibm-jdbc RPM is earlier than 0:1.4.2_sr13.17-0.5.1 AND java-1_4_2-ibm-plugin RPM is earlier than 0:1.4.2_sr13.17-0.5.1

Definition Id: oval:org.mitre.oval:def:26021

Oval ID:	oval:org.mitre.oval:def:26021
Title:	SUSE-SU-2013:0835-3 -- Security update for IBM Java
Description:	IBM Java 1.6.0 has been updated to SR13-FP2 which fixes bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/>
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0835-3 CVE-2013-2422 CVE-2013-1491 CVE-2013-2435 CVE-2013-2420 CVE-2013-2432 CVE-2013-1569 CVE-2013-2384 CVE-2013-2383 CVE-2013-1557 CVE-2013-1537 CVE-2013-2440 CVE-2013-2429 CVE-2013-2430 CVE-2013-1563 CVE-2013-2394 CVE-2013-0401 CVE-2013-2424 CVE-2013-2419 CVE-2013-2417 CVE-2013-2418 CVE-2013-1540 CVE-2013-2433	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	IBM Java
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section java-1_6_0-ibm RPM is earlier than 0:1.6.0_sr13.2-0.3.1 AND java-1_6_0-ibm-fonts RPM is earlier than 0:1.6.0_sr13.2-0.3.1 AND java-1_6_0-ibm-jdbc RPM is earlier than 0:1.6.0_sr13.2-0.3.1 AND java-1_6_0-ibm-plugin RPM is earlier than 0:1.6.0_sr13.2-0.3.1 AND java-1_6_0-ibm-alsa RPM is earlier than 0:1.6.0_sr13.2-0.3.1

Definition Id: oval:org.mitre.oval:def:26214

Oval ID:	oval:org.mitre.oval:def:26214
Title:	SUSE-SU-2013:0328-1 -- Security update for Java
Description:	java-1_6_0-openjdk has been updated to IcedTea 1.12.3 (bnc#804654) which contains security and bugfixes: * Security fixes o S8006446: Restrict MBeanServer access (CVE-2013-1486) o S8006777: Improve TLS handling of invalid messages Lucky 13 (CVE-2013-0169) o S8007688: Blacklist known bad certificate (issued by DigiCert) * Backports o S8007393: Possible race condition after JDK-6664509 o S8007611: logging behavior in applet changed * Bug fixes o PR1319: Support GIF lib v5.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0328-1 CVE-2013-1486 CVE-2013-0169	Version:	3
Platform(s):	SUSE Linux Enterprise Desktop 11	Product(s):	Java
Definition Synopsis:
SUSE Linux Enterprise Desktop 11.x is installed Packages match section java-1_6_0-openjdk RPM is earlier than 0:1.6.0.0_b27.1.12.3-0.2.1 AND java-1_6_0-openjdk-demo RPM is earlier than 0:1.6.0.0_b27.1.12.3-0.2.1 AND java-1_6_0-openjdk-devel RPM is earlier than 0:1.6.0.0_b27.1.12.3-0.2.1

Definition Id: oval:org.mitre.oval:def:26692

Oval ID:	oval:org.mitre.oval:def:26692
Title:	DEPRECATED: ELSA-2013-0604 -- java-1.6.0-openjdk security update (important)
Description:	[ 1:1.6.0.0-1.36.1.11.9.0.1.el5_9] - Add oracle-enterprise.patch [1:1.6.0.0-1.36.1.11.9] - Updated to icedtea6 1.11.9 - Resolves: rhbz#917176
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0604 CVE-2013-1493 CVE-2013-0809	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 5.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-1.36.1.11.9.0.1.el5_9 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-1.36.1.11.9.0.1.el5_9 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-1.36.1.11.9.0.1.el5_9 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-1.36.1.11.9.0.1.el5_9 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-1.36.1.11.9.0.1.el5_9

Definition Id: oval:org.mitre.oval:def:26825

Oval ID:	oval:org.mitre.oval:def:26825
Title:	DEPRECATED: ELSA-2014-0407 -- java-1.7.0-openjdk security update (Important)
Description:	The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application or applet, could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine. (CVE-2014-0429) Multiple flaws were discovered in the Hotspot and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to trigger Java Virtual Machine memory corruption and possibly bypass Java sandbox restrictions. (CVE-2014-0456, CVE-2014-2397, CVE-2014-2421) Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-0457, CVE-2014-0455, CVE-2014-0461) Multiple improper permission check issues were discovered in the AWT, JAX-WS, JAXB, Libraries, Security, Sound, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-2412, CVE-2014-0451, CVE-2014-0458, CVE-2014-2423, CVE-2014-0452, CVE-2014-2414, CVE-2014-2402, CVE-2014-0446, CVE-2014-2413, CVE-2014-0454, CVE-2014-2427, CVE-2014-0459) Multiple flaws were identified in the Java Naming and Directory Interface (JNDI) DNS client. These flaws could make it easier for a remote attacker to perform DNS spoofing attacks. (CVE-2014-0460) It was discovered that the JAXP component did not properly prevent access to arbitrary files when a SecurityManager was present. This flaw could cause a Java application using JAXP to leak sensitive information, or affect application availability. (CVE-2014-2403) It was discovered that the Security component in OpenJDK could leak some timing information when performing PKCS#1 unpadding. This could possibly lead to the disclosure of some information that was meant to be protected by encryption. (CVE-2014-0453) It was discovered that the fix for CVE-2013-5797 did not properly resolve input sanitization flaws in javadoc. When javadoc documentation was generated from an untrusted Java source code and hosted on a domain not controlled by the code author, these issues could make it easier to perform cross-site scripting (XSS) attacks. (CVE-2014-2398) An insecure temporary file use flaw was found in the way the unpack200 utility created log files. A local attacker could possibly use this flaw to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running unpack200. (CVE-2014-1876) All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0407 CVE-2014-0429 CVE-2014-0446 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0454 CVE-2014-0455 CVE-2014-0456 CVE-2014-0457 CVE-2014-0458 CVE-2014-0459 CVE-2014-0460 CVE-2014-0461 CVE-2014-1876 CVE-2014-2397 CVE-2014-2398 CVE-2014-2402 CVE-2014-2403 CVE-2014-2412 CVE-2014-2413 CVE-2014-2414 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 CVE-2013-5797	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 5.x Packages match section java-1.7.0-openjdk RPM is earlier than 0:1.7.0.55-2.4.7.1.0.1.el5_10 AND java-1.7.0-openjdk-demo RPM is earlier than 0:1.7.0.55-2.4.7.1.0.1.el5_10 AND java-1.7.0-openjdk-devel RPM is earlier than 0:1.7.0.55-2.4.7.1.0.1.el5_10 AND java-1.7.0-openjdk-javadoc RPM is earlier than 0:1.7.0.55-2.4.7.1.0.1.el5_10 AND java-1.7.0-openjdk-src RPM is earlier than 0:1.7.0.55-2.4.7.1.0.1.el5_10

Definition Id: oval:org.mitre.oval:def:26920

Oval ID:	oval:org.mitre.oval:def:26920
Title:	DEPRECATED: ELSA-2014-0408 -- java-1.6.0-openjdk security and bug fix update (Important)
Description:	The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application or applet, could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine. (CVE-2014-0429) Multiple flaws were discovered in the Hotspot and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to trigger Java Virtual Machine memory corruption and possibly bypass Java sandbox restrictions. (CVE-2014-0456, CVE-2014-2397, CVE-2014-2421) Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-0457, CVE-2014-0461) Multiple improper permission check issues were discovered in the AWT, JAX-WS, JAXB, Libraries, and Sound components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-2412, CVE-2014-0451, CVE-2014-0458, CVE-2014-2423, CVE-2014-0452, CVE-2014-2414, CVE-2014-0446, CVE-2014-2427) Multiple flaws were identified in the Java Naming and Directory Interface (JNDI) DNS client. These flaws could make it easier for a remote attacker to perform DNS spoofing attacks. (CVE-2014-0460) It was discovered that the JAXP component did not properly prevent access to arbitrary files when a SecurityManager was present. This flaw could cause a Java application using JAXP to leak sensitive information, or affect application availability. (CVE-2014-2403) It was discovered that the Security component in OpenJDK could leak some timing information when performing PKCS#1 unpadding. This could possibly lead to the disclosure of some information that was meant to be protected by encryption. (CVE-2014-0453) It was discovered that the fix for CVE-2013-5797 did not properly resolve input sanitization flaws in javadoc. When javadoc documentation was generated from an untrusted Java source code and hosted on a domain not controlled by the code author, these issues could make it easier to perform cross-site scripting (XSS) attacks. (CVE-2014-2398) An insecure temporary file use flaw was found in the way the unpack200 utility created log files. A local attacker could possibly use this flaw to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running unpack200. (CVE-2014-1876) This update also fixes the following bug: * The OpenJDK update to IcedTea version 1.13 introduced a regression related to the handling of the jdk_version_info variable. This variable was not properly zeroed out before being passed to the Java Virtual Machine, resulting in a memory leak in the java.lang.ref.Finalizer class. This update fixes this issue, and memory leaks no longer occur. (BZ#1085373) All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0408 CVE-2014-0429 CVE-2014-0446 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0456 CVE-2014-0457 CVE-2014-0458 CVE-2014-0460 CVE-2014-0461 CVE-2014-1876 CVE-2014-2397 CVE-2014-2398 CVE-2014-2403 CVE-2014-2412 CVE-2014-2414 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 CVE-2013-5797	Version:	4
Platform(s):	Oracle Linux 6 Oracle Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 6 release section Oracle Linux 6.x Packages match section java-1.6.0-openjdk RPM is earlier than 0:1.6.0.0-5.1.13.3.el6_5 AND java-1.6.0-openjdk-demo RPM is earlier than 0:1.6.0.0-5.1.13.3.el6_5 AND java-1.6.0-openjdk-devel RPM is earlier than 0:1.6.0.0-5.1.13.3.el6_5 AND java-1.6.0-openjdk-javadoc RPM is earlier than 0:1.6.0.0-5.1.13.3.el6_5 AND java-1.6.0-openjdk-src RPM is earlier than 0:1.6.0.0-5.1.13.3.el6_5 AND Oracle Linux 5 release section Oracle Linux 5.x Packages match section java-1.6.0-openjdk RPM is earlier than 0:1.6.0.0-5.1.13.3.0.1.el5_10 AND java-1.6.0-openjdk-demo RPM is earlier than 0:1.6.0.0-5.1.13.3.0.1.el5_10 AND java-1.6.0-openjdk-devel RPM is earlier than 0:1.6.0.0-5.1.13.3.0.1.el5_10 AND java-1.6.0-openjdk-javadoc RPM is earlier than 0:1.6.0.0-5.1.13.3.0.1.el5_10 AND java-1.6.0-openjdk-src RPM is earlier than 0:1.6.0.0-5.1.13.3.0.1.el5_10

Definition Id: oval:org.mitre.oval:def:26987

Oval ID:	oval:org.mitre.oval:def:26987
Title:	DEPRECATED: ELSA-2014-0406 -- java-1.7.0-openjdk security update (Critical)
Description:	The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application or applet, could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine. (CVE-2014-0429) Multiple flaws were discovered in the Hotspot and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to trigger Java Virtual Machine memory corruption and possibly bypass Java sandbox restrictions. (CVE-2014-0456, CVE-2014-2397, CVE-2014-2421) Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-0457, CVE-2014-0455, CVE-2014-0461) Multiple improper permission check issues were discovered in the AWT, JAX-WS, JAXB, Libraries, Security, Sound, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-2412, CVE-2014-0451, CVE-2014-0458, CVE-2014-2423, CVE-2014-0452, CVE-2014-2414, CVE-2014-2402, CVE-2014-0446, CVE-2014-2413, CVE-2014-0454, CVE-2014-2427, CVE-2014-0459) Multiple flaws were identified in the Java Naming and Directory Interface (JNDI) DNS client. These flaws could make it easier for a remote attacker to perform DNS spoofing attacks. (CVE-2014-0460) It was discovered that the JAXP component did not properly prevent access to arbitrary files when a SecurityManager was present. This flaw could cause a Java application using JAXP to leak sensitive information, or affect application availability. (CVE-2014-2403) It was discovered that the Security component in OpenJDK could leak some timing information when performing PKCS#1 unpadding. This could possibly lead to the disclosure of some information that was meant to be protected by encryption. (CVE-2014-0453) It was discovered that the fix for CVE-2013-5797 did not properly resolve input sanitization flaws in javadoc. When javadoc documentation was generated from an untrusted Java source code and hosted on a domain not controlled by the code author, these issues could make it easier to perform cross-site scripting (XSS) attacks. (CVE-2014-2398) An insecure temporary file use flaw was found in the way the unpack200 utility created log files. A local attacker could possibly use this flaw to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running unpack200. (CVE-2014-1876) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0406 CVE-2014-0429 CVE-2014-0446 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0454 CVE-2014-0455 CVE-2014-0456 CVE-2014-0457 CVE-2014-0458 CVE-2014-0459 CVE-2014-0460 CVE-2014-0461 CVE-2014-1876 CVE-2014-2397 CVE-2014-2398 CVE-2014-2402 CVE-2014-2403 CVE-2014-2412 CVE-2014-2413 CVE-2014-2414 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 CVE-2013-5797	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 6.x Packages match section java-1.7.0-openjdk RPM is earlier than 0:1.7.0.55-2.4.7.1.0.1.el6_5 AND java-1.7.0-openjdk-demo RPM is earlier than 0:1.7.0.55-2.4.7.1.0.1.el6_5 AND java-1.7.0-openjdk-devel RPM is earlier than 0:1.7.0.55-2.4.7.1.0.1.el6_5 AND java-1.7.0-openjdk-javadoc RPM is earlier than 0:1.7.0.55-2.4.7.1.0.1.el6_5 AND java-1.7.0-openjdk-src RPM is earlier than 0:1.7.0.55-2.4.7.1.0.1.el6_5

Definition Id: oval:org.mitre.oval:def:27040

Oval ID:	oval:org.mitre.oval:def:27040
Title:	DEPRECATED: ELSA-2013-1505 -- java-1.6.0-openjdk security update (important)
Description:	[1:1.6.0.0-1.68.1.11.14] - updated to icedtea6-1.11.14.tar.gz - added and applied 1.11.14-fixes.patch, patch10 to fix build issues - adapted patch8 java-1.6.0-openjdk-timezone-id.patch - Resolves: rhbz#1017618 [1:1.6.0.1-1.67.1.13.0] - reverted previous update - Resolves: rhbz#1017618 [1:1.6.0.1-1.66.1.13.0] - updated to icedtea 1.13 - updated to openjdk-6-src-b28-04_oct_2013 - added --disable-lcms2 configure switch to fix tck - removed upstreamed patch7,java-1.6.0-openjdk-jstack.patch - added patch7 1.13_fixes.patch to fix 1.13 build issues - adapted patch0 java-1.6.0-openjdk-optflags.patch - adapted patch3 java-1.6.0-openjdk-java-access-bridge-security.patch - adapted patch8 java-1.6.0-openjdk-timezone-id.patch - removed useless runtests parts - included also java.security.old files - Resolves: rhbz#1017618
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-1505 CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-1.42.1.11.14.0.1.el5_10 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-1.42.1.11.14.0.1.el5_10 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-1.42.1.11.14.0.1.el5_10 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-1.42.1.11.14.0.1.el5_10 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-1.42.1.11.14.0.1.el5_10 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-1.65.1.11.14.el6_4 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-1.65.1.11.14.el6_4 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-1.65.1.11.14.el6_4 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-1.65.1.11.14.el6_4 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-1.65.1.11.14.el6_4

Definition Id: oval:org.mitre.oval:def:27075

Oval ID:	oval:org.mitre.oval:def:27075
Title:	DEPRECATED: ELSA-2013-1014 -- java-1.6.0-openjdk security update (important)
Description:	[1:1.6.0.0-1.62.1.11.11.90] - updated to icedtea6-1.11.11.90.tar.gz - removed upstreamed patch9 jaxp-backport-factoryfinder.patch - removed upstreamed patch10 fixToFontSecurityFix.patch. - modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz#973129
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-1014 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2459 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-1.41.1.11.11.90.0.1.el5_9 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-1.41.1.11.11.90.0.1.el5_9 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-1.41.1.11.11.90.0.1.el5_9 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-1.41.1.11.11.90.0.1.el5_9 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-1.41.1.11.11.90.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-1.62.1.11.11.90.el6_4 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-1.62.1.11.11.90.el6_4 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-1.62.1.11.11.90.el6_4 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-1.62.1.11.11.90.el6_4 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-1.62.1.11.11.90.el6_4

Definition Id: oval:org.mitre.oval:def:27081

Oval ID:	oval:org.mitre.oval:def:27081
Title:	DEPRECATED: ELSA-2014-0027 -- java-1.7.0-openjdk security update (important)
Description:	[1.7.0.51-2.4.4.1.0.1.el5_10] - Add oracle-enterprise.patch - Fix DISTRO_NAME to 'Enterprise Linux' [1.7.0.51-2.4.4.1.el5] - updated to security icedtea 2.4.4 - icedtea_version set to 2.4.4 - updatever bumped to 51 - release reset to 1 - build requires: java-devel >= 1:1.6.0 changed java7-devel - Resolves: rhbz#1050192
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0027 CVE-2013-5878 CVE-2013-5884 CVE-2013-5893 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 5.x Packages match section java-1.7.0-openjdk is earlier than 0:1.7.0.51-2.4.4.1.0.1.el5_10 AND java-1.7.0-openjdk-demo is earlier than 0:1.7.0.51-2.4.4.1.0.1.el5_10 AND java-1.7.0-openjdk-devel is earlier than 0:1.7.0.51-2.4.4.1.0.1.el5_10 AND java-1.7.0-openjdk-javadoc is earlier than 0:1.7.0.51-2.4.4.1.0.1.el5_10 AND java-1.7.0-openjdk-src is earlier than 0:1.7.0.51-2.4.4.1.0.1.el5_10

Definition Id: oval:org.mitre.oval:def:27193

Oval ID:	oval:org.mitre.oval:def:27193
Title:	DEPRECATED: ELSA-2013-1447 -- java-1.7.0-openjdk security update (important)
Description:	[1.7.0.45-2.4.3.1.0.1.el5_10] - Add oracle-enterprise.patch - Fix DISTRO_NAME to 'Enterprise Linux' [1.7.0.45-2.4.3.1.el5] - Updated to icedtea 2.4.3 - Resolves: rhbz#1017623 [1.7.0.45-2.4.3.0.el5] - fixed and updated tapset - removed bootstrap - source 11 redeclared to 1111 - added source12: TestCryptoLevel.java - removed upstreamed patch103 java-1.7.0-openjdk-arm-fixes.patch - removed unnecessary patch112 java-1.7.0-openjdk-doNotUseDisabledEcc.patch - added patch120: java-1.7.0-openjdk-freetype-check-fix.patch - fixed nss - cleaned sources - Resolves: rhbz#1017623 [1.7.0.25-2.4.1.4.el5] - updated to icedtea 2.4.1 - improoved handling of patch111 - nss-config-2.patch - backported uniquesuffix from 6.5 - Resolves: rhbz#978421
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-1447 CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5800 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5838 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 5.x Packages match section java-1.7.0-openjdk is earlier than 0:1.7.0.45-2.4.3.1.0.1.el5_10 AND java-1.7.0-openjdk-demo is earlier than 0:1.7.0.45-2.4.3.1.0.1.el5_10 AND java-1.7.0-openjdk-devel is earlier than 0:1.7.0.45-2.4.3.1.0.1.el5_10 AND java-1.7.0-openjdk-javadoc is earlier than 0:1.7.0.45-2.4.3.1.0.1.el5_10 AND java-1.7.0-openjdk-src is earlier than 0:1.7.0.45-2.4.3.1.0.1.el5_10

Definition Id: oval:org.mitre.oval:def:27206

Oval ID:	oval:org.mitre.oval:def:27206
Title:	DEPRECATED: ELSA-2014-0026 -- java-1.7.0-openjdk security update (critical)
Description:	[1.7.0.51-2.4.4.1.0.1.el6_5] - Update DISTRO_NAME in specfile [1.7.0.51-2.4.4.1.el6] - restored java7 provides - bumped release (builds exists) - Resolves: rhbz#1050935 [1.7.0.51-2.4.4.0.el6] - updated to security icedtea 2.4.4 - icedtea_version set to 2.4.4 - updatever bumped to 51 - release reset to 0 - sync with fedora - added and applied patch411 1029588.patch (rh 1029588) - added aand applied patch410, 1015432 (rh 1015432) - Resolves: rhbz#1050935
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0026 CVE-2013-5878 CVE-2013-5884 CVE-2013-5893 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 6.x Packages match section java-1.7.0-openjdk is earlier than 0:1.7.0.51-2.4.4.1.0.1.el6_5 AND java-1.7.0-openjdk-demo is earlier than 0:1.7.0.51-2.4.4.1.0.1.el6_5 AND java-1.7.0-openjdk-devel is earlier than 0:1.7.0.51-2.4.4.1.0.1.el6_5 AND java-1.7.0-openjdk-javadoc is earlier than 0:1.7.0.51-2.4.4.1.0.1.el6_5 AND java-1.7.0-openjdk-src is earlier than 0:1.7.0.51-2.4.4.1.0.1.el6_5

Definition Id: oval:org.mitre.oval:def:27291

Oval ID:	oval:org.mitre.oval:def:27291
Title:	DEPRECATED: ELSA-2013-0957 -- java-1.7.0-openjdk security update (critical)
Description:	[1.7.0.25-2.3.10.3.0.1.el6_4] - Update DISTRO_NAME in specfile [1.7.0.25-2.3.10.3.el6] - removed upstreamed patch1000 MBeanFix.patch - updated to newer IcedTea7-forest 2.3.10 with 8010118 fix - Resolves: rhbz#973119 [1.7.0.25-2.3.10.2.el6] - added patch1000 MBeanFix.patch to fix regressions caused by security patches - Resolves: rhbz#973119 [1.7.0.25-2.3.10.1.el6] - build bumped to 25 - Resolves: rhbz#973119 [1.7.0.19-2.3.10.0.el6] - Updated to latest IcedTea7-forest 2.3.10 - patch 107 renamed to 500 for cosmetic purposes - improved handling of patch111 - nss-config-2.patch - removed patch 117, java-1.7.0-openjdk-nss-multiplePKCS11libraryInitialisationNnonCritical.patch duplicated with patch 108 (java-1.7.0-openjdk-nss-icedtea-e9c857dcb964) - Added client/server directories so they can be owned - Added fix for RH857717, owned /etc/.java/ and /etc/.java/.systemPrefs - Resolves: rhbz#973119
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0957 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 6.x Packages match section java-1.7.0-openjdk is earlier than 0:1.7.0.25-2.3.10.3.0.1.el6_4 AND java-1.7.0-openjdk-demo is earlier than 0:1.7.0.25-2.3.10.3.0.1.el6_4 AND java-1.7.0-openjdk-devel is earlier than 0:1.7.0.25-2.3.10.3.0.1.el6_4 AND java-1.7.0-openjdk-javadoc is earlier than 0:1.7.0.25-2.3.10.3.0.1.el6_4 AND java-1.7.0-openjdk-src is earlier than 0:1.7.0.25-2.3.10.3.0.1.el6_4

Definition Id: oval:org.mitre.oval:def:27328

Oval ID:	oval:org.mitre.oval:def:27328
Title:	DEPRECATED: ELSA-2013-0274 -- java-1.6.0-openjdk security update (important)
Description:	[ 1:1.6.0.0-1.35.1.11.8.0.1.el5_9] - Add oracle-enterprise.patch [1:1.6.0.0-1.35.1.11.8] - Rebuild with updated source tarball - Resolves: rhbz#911522 [1:1.6.0.0-1.34.1.11.8] - Updated to icedtea6 1.11.8 - Removed patch9 7201064.patch - Removed patch10 8005615.patch - Removed not-applied patch 6664509.patch - Removed mauve as deadly outdated and run on QA - jtreg kept, useless, but valid - Rewritten java-1.6.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz#911522
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0274 CVE-2013-0169 CVE-2013-1486	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 5.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-1.35.1.11.8.0.1.el5_9 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-1.35.1.11.8.0.1.el5_9 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-1.35.1.11.8.0.1.el5_9 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-1.35.1.11.8.0.1.el5_9 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-1.35.1.11.8.0.1.el5_9

Definition Id: oval:org.mitre.oval:def:27330

Oval ID:	oval:org.mitre.oval:def:27330
Title:	DEPRECATED: ELSA-2012-1009 -- java-1.7.0-openjdk security and bug fix update (important)
Description:	[1.7.0.5-2.2.1.0.1.el6] - Modify DISTRO_NAME for Oracle [1.7.0.5-2.2.1.el6] - Updated priority to be > 17000 and to depend on buildver variable - Variable buildver increased to 5 as it should be - Resolves: rhbz#828759 [1.7.0.3-2.2.1.el6] - Used newly prepared tarball with security fixes - Bump to icedtea7-forest-2.2.1 - _mandir/man1/jcmd-name.1 added to alternatives - Updated rhino.patch - Updated java-1.7.0-openjdk-java-access-bridge-security.patch - Modified partially upstreamed patch302 - systemtap.patch - Temporarly disabled patch102 - java-1.7.0-openjdk-size_t.patch - Removed already upstreamed patches 104,108,109,301,110: - java-1.7.0-openjdk-arm-ftbfs.patch - java-1.7.0-openjdk-system-zlib.patch - java-1.7.0-openjdk-remove-mimpure-opt.patch - systemtap-alloc-size-workaround.patch - java-1.7.0-fix-gio-detection.patch - Access gnome bridge jar forced to be 644 - Added patch303 - java-1.7.0-openjdk-jstack.patch which resolved RH804632 for openjdk6 - Resolves: rhbz#828759
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-1009 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 CVE-2012-1726	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 6.x Packages match section java-1.7.0-openjdk is earlier than 0:1.7.0.5-2.2.1.0.1.el6_3 AND java-1.7.0-openjdk-demo is earlier than 0:1.7.0.5-2.2.1.0.1.el6_3 AND java-1.7.0-openjdk-devel is earlier than 0:1.7.0.5-2.2.1.0.1.el6_3 AND java-1.7.0-openjdk-javadoc is earlier than 0:1.7.0.5-2.2.1.0.1.el6_3 AND java-1.7.0-openjdk-src is earlier than 0:1.7.0.5-2.2.1.0.1.el6_3

Definition Id: oval:org.mitre.oval:def:27353

Oval ID:	oval:org.mitre.oval:def:27353
Title:	DEPRECATED: ELSA-2013-0770 -- java-1.6.0-openjdk security update (important)
Description:	[1:1.6.0.0-1.61.1.11.11] - added and applied (temporally) patch10 fixToFontSecurityFix.patch. - fixing regression in fonts introduced by one security patch. - Resolves: rhbz#950386 [1:1.6.0.0-1.60.1.11.11] - added and applied (temporally) one more patch to xalan/xerces privileges - patch9 jaxp-backport-factoryfinder.patch - will be upstreamed - Resolves: rhbz#950386 [1:1.6.0.0-1.59.1.11.11] - Updated to icedtea6 1.11.11 - fixed xalan/xerxes privledges - removed patch 8 - removingOfAarch64.patch.patch - fixed upstream - Resolves: rhbz#950386 [1:1.6.0.0-1.58.1.11.10] - Updated to icedtea6 1.11.10 - rewritten java-1.6.0-openjdk-java-access-bridge-security.patch - excluded aarch64.patch - by patch 8 - removingOfAarch64.patch.patch - Resolves: rhbz#950386
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0770 CVE-2013-2420 CVE-2013-2422 CVE-2013-2429 CVE-2013-2431 CVE-2013-1537 CVE-2013-2419 CVE-2013-2421 CVE-2013-2424 CVE-2013-2426 CVE-2013-2430 CVE-2013-0401 CVE-2013-1518 CVE-2013-2383 CVE-2013-1488 CVE-2013-1558 CVE-2013-1569 CVE-2013-2417 CVE-2013-1557 CVE-2013-2384 CVE-2013-2415	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-1.40.1.11.11.0.1.el5_9 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-1.40.1.11.11.0.1.el5_9 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-1.40.1.11.11.0.1.el5_9 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-1.40.1.11.11.0.1.el5_9 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-1.40.1.11.11.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-1.61.1.11.11.el6_4 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-1.61.1.11.11.el6_4 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-1.61.1.11.11.el6_4 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-1.61.1.11.11.el6_4 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-1.61.1.11.11.el6_4

Definition Id: oval:org.mitre.oval:def:27408

Oval ID:	oval:org.mitre.oval:def:27408
Title:	DEPRECATED: ELSA-2014-0097 -- java-1.6.0-openjdk security update (important)
Description:	[1:1.6.0.1-3.1.13.0] - updated to icedtea 1.13.1 - http://blog.fuseyism.com/index.php/2014/01/23/security-icedtea-1-12-8-1-13-1-for-openjdk-6-released/ - updated to jdk6, b30, 21_jan_2014 - https://openjdk6.java.net/OpenJDK6-B30-Changes.html - adapted patch7 1.13_fixes.patch - pre 2011 changelog moved to (till now wrong) pre-2009-spec-changelog (rh1043611) - added --disable-system-lcms to configure options to pass build - adapted patch3 java-1.6.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz#1050190
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0097 CVE-2013-5878 CVE-2013-5884 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-3.1.13.1.0.1.el5_10 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-3.1.13.1.0.1.el5_10 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-3.1.13.1.0.1.el5_10 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-3.1.13.1.0.1.el5_10 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-3.1.13.1.0.1.el5_10 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-3.1.13.1.el6_5 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-3.1.13.1.el6_5 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-3.1.13.1.el6_5 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-3.1.13.1.el6_5 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-3.1.13.1.el6_5

Definition Id: oval:org.mitre.oval:def:27449

Oval ID:	oval:org.mitre.oval:def:27449
Title:	DEPRECATED: ELSA-2013-0165 -- java-1.7.0-openjdk security update (important)
Description:	[1.7.0.9-2.3.4.1.0.1.el6_3] - Update DISTRO_NAME in specfile [1.7.0.9-2.3.4.1.el6] - Rewerted to IcedTea 2.3.4 - rewerted patch105: java-1.7.0-openjdk-disable-system-lcms.patch - removed jxmd and idlj to alternatives - make NOT executed with DISABLE_INTREE_EC=true and UNLIMITED_CRYPTO=true - re-applied patch302 and restored systemtap.patch - buildver set to 9 - icedtea_version set to 2.3.4 - unapplied patch112 java-1.7.openjdk-doNotUseDisabledEcc.patch - restored tmp-patches source tarball - removed /lib/security/US_export_policy.jar and lib/security/local_policy.jar - java-1.7.0-openjdk-java-access-bridge-security.patch's path moved from java.security-linux back to java.security - Resolves: rhbz#895033 [1.7.0.11-2.4.0.1.el6] - Rewritten patch105: java-1.7.0-openjdk-disable-system-lcms.patch - Added jxmd and idlj to alternatives - make executed with DISABLE_INTREE_EC=true and UNLIMITED_CRYPTO=true - Unapplied patch302 and deleted systemtap.patch - buildver increased to 11 - icedtea_version set to 2.4.0 - Added and applied patch112 java-1.7.openjdk-doNotUseDisabledEcc.patch - removed tmp-patches source tarball - Added /lib/security/US_export_policy.jar and lib/security/local_policy.jar - Resolves: rhbz#895033
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0165 CVE-2012-3174 CVE-2013-0422	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section java-1.7.0-openjdk is earlier than 0:1.7.0.9-2.3.4.0.1.el5_9.1 AND java-1.7.0-openjdk-demo is earlier than 0:1.7.0.9-2.3.4.0.1.el5_9.1 AND java-1.7.0-openjdk-devel is earlier than 0:1.7.0.9-2.3.4.0.1.el5_9.1 AND java-1.7.0-openjdk-javadoc is earlier than 0:1.7.0.9-2.3.4.0.1.el5_9.1 AND java-1.7.0-openjdk-src is earlier than 0:1.7.0.9-2.3.4.0.1.el5_9.1 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section java-1.7.0-openjdk is earlier than 0:1.7.0.9-2.3.4.1.0.1.el6_3 AND java-1.7.0-openjdk-demo is earlier than 0:1.7.0.9-2.3.4.1.0.1.el6_3 AND java-1.7.0-openjdk-devel is earlier than 0:1.7.0.9-2.3.4.1.0.1.el6_3 AND java-1.7.0-openjdk-javadoc is earlier than 0:1.7.0.9-2.3.4.1.0.1.el6_3 AND java-1.7.0-openjdk-src is earlier than 0:1.7.0.9-2.3.4.1.0.1.el6_3

Definition Id: oval:org.mitre.oval:def:27478

Oval ID:	oval:org.mitre.oval:def:27478
Title:	DEPRECATED: ELSA-2013-0752 -- java-1.7.0-openjdk security update (important)
Description:	[1.7.0.19-2.3.9.1.0.1.el5_9] - Add oracle-enterprise.patch - Fix DISTRO_NAME to "Enterprise Linux"
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0752 CVE-2013-0401 CVE-2013-1488 CVE-2013-1558 CVE-2013-2417 CVE-2013-2419 CVE-2013-2436 CVE-2013-2420 CVE-2013-2422 CVE-2013-1557 CVE-2013-2384 CVE-2013-2429 CVE-2013-1569 CVE-2013-2430 CVE-2013-1537 CVE-2013-1518 CVE-2013-2415 CVE-2013-2426 CVE-2013-2423 CVE-2013-2424 CVE-2013-2431 CVE-2013-2383 CVE-2013-2421	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 5.x Packages match section java-1.7.0-openjdk is earlier than 0:1.7.0.19-2.3.9.1.0.1.el5_9 AND java-1.7.0-openjdk-demo is earlier than 0:1.7.0.19-2.3.9.1.0.1.el5_9 AND java-1.7.0-openjdk-devel is earlier than 0:1.7.0.19-2.3.9.1.0.1.el5_9 AND java-1.7.0-openjdk-javadoc is earlier than 0:1.7.0.19-2.3.9.1.0.1.el5_9 AND java-1.7.0-openjdk-src is earlier than 0:1.7.0.19-2.3.9.1.0.1.el5_9

Definition Id: oval:org.mitre.oval:def:27485

Oval ID:	oval:org.mitre.oval:def:27485
Title:	DEPRECATED: ELSA-2013-1451 -- java-1.7.0-openjdk security update (critical)
Description:	[1.7.0.45-2.4.3.2.0.1.el6] - Update DISTRO_NAME in specfile
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-1451 CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5800 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5838 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 6.x Packages match section java-1.7.0-openjdk is earlier than 0:1.7.0.45-2.4.3.2.0.1.el6_4 AND java-1.7.0-openjdk-demo is earlier than 0:1.7.0.45-2.4.3.2.0.1.el6_4 AND java-1.7.0-openjdk-devel is earlier than 0:1.7.0.45-2.4.3.2.0.1.el6_4 AND java-1.7.0-openjdk-javadoc is earlier than 0:1.7.0.45-2.4.3.2.0.1.el6_4 AND java-1.7.0-openjdk-src is earlier than 0:1.7.0.45-2.4.3.2.0.1.el6_4

Definition Id: oval:org.mitre.oval:def:27551

Oval ID:	oval:org.mitre.oval:def:27551
Title:	DEPRECATED: ELSA-2013-0275 -- java-1.7.0-openjdk security update (important)
Description:	[1.7.0.9-2.3.7.1.0.2.el6_3] - Increase release number and rebuild. [1.7.0.9-2.3.7.1.0.1.el6_3] - Update DISTRO_NAME in specfile [1.7.0.9-2.3.7.1.el6_3] - Updated main source tarball - Resolves: rhbz#911529 [1.7.0.9-2.3.7.0.el6_3] - Removed patch1000 sec-2013-02-01-8005615.patch - Removed patch1001 sec-2013-02-01-8005615-sync_with_jdk7u.patch - Removed patch1010 sec-2013-02-01-7201064.patch - Removed testing - mauve was outdated and - jtreg was icedtea relict - Updated to icedtea 2.3.7 - Added java -Xshare:dump to post (see 513605) fo jitarchs - Resolves: rhbz#911529
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0275 CVE-2013-1485 CVE-2013-1484 CVE-2013-1486 CVE-2013-0169	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section java-1.7.0-openjdk is earlier than 0:1.7.0.9-2.3.7.1.0.1.el5_9 AND java-1.7.0-openjdk-demo is earlier than 0:1.7.0.9-2.3.7.1.0.1.el5_9 AND java-1.7.0-openjdk-devel is earlier than 0:1.7.0.9-2.3.7.1.0.1.el5_9 AND java-1.7.0-openjdk-javadoc is earlier than 0:1.7.0.9-2.3.7.1.0.1.el5_9 AND java-1.7.0-openjdk-src is earlier than 0:1.7.0.9-2.3.7.1.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section java-1.7.0-openjdk is earlier than 0:1.7.0.9-2.3.7.1.0.2.el6_3 AND java-1.7.0-openjdk-demo is earlier than 0:1.7.0.9-2.3.7.1.0.2.el6_3 AND java-1.7.0-openjdk-devel is earlier than 0:1.7.0.9-2.3.7.1.0.2.el6_3 AND java-1.7.0-openjdk-javadoc is earlier than 0:1.7.0.9-2.3.7.1.0.2.el6_3 AND java-1.7.0-openjdk-src is earlier than 0:1.7.0.9-2.3.7.1.0.2.el6_3

Definition Id: oval:org.mitre.oval:def:27569

Oval ID:	oval:org.mitre.oval:def:27569
Title:	DEPRECATED: ELSA-2013-0605 -- java-1.6.0-openjdk security update (critical)
Description:	[1:1.6.0.0-1.57.1.11.9] - Updated to icedtea6 1.11.9 - Resolves: rhbz#917179
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0605 CVE-2013-1493 CVE-2013-0809	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 6.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-1.57.1.11.9.el6_4 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-1.57.1.11.9.el6_4 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-1.57.1.11.9.el6_4 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-1.57.1.11.9.el6_4 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-1.57.1.11.9.el6_4

Definition Id: oval:org.mitre.oval:def:27572

Oval ID:	oval:org.mitre.oval:def:27572
Title:	DEPRECATED: ELSA-2013-0603 -- java-1.7.0-openjdk security update (important)
Description:	[1.7.0.9-2.3.8.0.0.1.el5_9] - Add oracle-enterprise.patch - Fix DISTRO_NAME to 'Enterprise Linux' [1.7.0.9-2.3.8.0.el5_9] - Updated to icedtea7-forest-2.3 - Resolves: rhbz#917181
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0603 CVE-2013-0809 CVE-2013-1493	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 5.x Packages match section java-1.7.0-openjdk is earlier than 0:1.7.0.9-2.3.8.0.0.1.el5_9 AND java-1.7.0-openjdk-demo is earlier than 0:1.7.0.9-2.3.8.0.0.1.el5_9 AND java-1.7.0-openjdk-devel is earlier than 0:1.7.0.9-2.3.8.0.0.1.el5_9 AND java-1.7.0-openjdk-javadoc is earlier than 0:1.7.0.9-2.3.8.0.0.1.el5_9 AND java-1.7.0-openjdk-src is earlier than 0:1.7.0.9-2.3.8.0.0.1.el5_9

Definition Id: oval:org.mitre.oval:def:27578

Oval ID:	oval:org.mitre.oval:def:27578
Title:	DEPRECATED: ELSA-2013-0273 -- java-1.6.0-openjdk security update (critical)
Description:	[1:1.6.0.0-1.56.1.11.8] - Rebuild with updated sources - Resolves: rhbz#911524 [1:1.6.0.0-1.55.1.11.8] - Updated to icedtea6 1.11.8 - Removed patch9 7201064.patch - Removed patch10 8005615.patch - Removed not-applied patch 6664509.patch - Removed mauve as deadly outdated and run on QA - jtreg kept, useless, but working - Resolves: rhbz#911524
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0273 CVE-2013-0169 CVE-2013-1486	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 6.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-1.56.1.11.8.el6_3 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-1.56.1.11.8.el6_3 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-1.56.1.11.8.el6_3 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-1.56.1.11.8.el6_3 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-1.56.1.11.8.el6_3

Definition Id: oval:org.mitre.oval:def:27582

Oval ID:	oval:org.mitre.oval:def:27582
Title:	DEPRECATED: ELSA-2013-0958 -- java-1.7.0-openjdk security update (important)
Description:	[1.7.0.25-2.3.10.4.0.1.el5_9] - Add oracle-enterprise.patch - Fix DISTRO_NAME to 'Enterprise Linux' [1.7.0.25-2.3.10.4.el5] - updated to newer IcedTea7-forest 2.3.10 with 8010118 fix - removed upstreamed patch1000 MBeanFix.patch - Resolves: rhbz#973117 [1.7.0.25-2.3.10.3.el5] - reverted fix for license files owning - Resolves: rhbz#973117 [1.7.0.25-2.3.10.2.el5] - added patch1000 MBeanFix.patch to fix regressions caused by security patches - Resolves: rhbz#973117 [1.7.0.25-2.3.10.1.el6] - build bumped to 25 - Resolves: rhbz#973117 [1.7.0.19-2.3.10.0.el5] - Updated to latest IcedTea7-forest 2.3.10 - patch 107 renamed to 500 for cosmetic purposes - Added fix for RH857717, owned /etc/.java/ and /etc/.java/.systemPrefs - Resolves: rhbz#973117 [1.7.0.19-2.3.10.0.el5] - Updated to latest IcedTea7-forest 2.3.10 - Resolves: rhbz#973117
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0958 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 5.x Packages match section java-1.7.0-openjdk is earlier than 0:1.7.0.25-2.3.10.4.0.1.el5_9 AND java-1.7.0-openjdk-demo is earlier than 0:1.7.0.25-2.3.10.4.0.1.el5_9 AND java-1.7.0-openjdk-devel is earlier than 0:1.7.0.25-2.3.10.4.0.1.el5_9 AND java-1.7.0-openjdk-javadoc is earlier than 0:1.7.0.25-2.3.10.4.0.1.el5_9 AND java-1.7.0-openjdk-src is earlier than 0:1.7.0.25-2.3.10.4.0.1.el5_9

Definition Id: oval:org.mitre.oval:def:27591

Oval ID:	oval:org.mitre.oval:def:27591
Title:	DEPRECATED: ELSA-2012-0730 -- java-1.6.0-openjdk security update (important)
Description:	[1.6.0.0-1.27.1.10.8.0.1.el5_8] - Add oracle-enterprise.patch [1:1.6.0.0-1.27.1.10.8] - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages added also to package.definition - Resolves: rhbz#828749 [1:1.6.0.0-1.26.1.10.8] - Updated to IcedTea6 1.10.8 - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages added to patch - Resolves: rhbz#828749
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-0730 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 5.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-1.27.1.10.8.0.1.el5_8 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-1.27.1.10.8.0.1.el5_8 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-1.27.1.10.8.0.1.el5_8 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-1.27.1.10.8.0.1.el5_8 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-1.27.1.10.8.0.1.el5_8

Definition Id: oval:org.mitre.oval:def:27593

Oval ID:	oval:org.mitre.oval:def:27593
Title:	DEPRECATED: ELSA-2013-0602 -- java-1.7.0-openjdk security update (critical)
Description:	[1.7.0.9-2.3.8.0.0.1.el6_4] - Update DISTRO_NAME in specfile [1.7.0.9-2.3.8.0el6] - Revert to rhel 6.3 version of spec file - Revert to icedtea7 2.3.8 forest - Resolves: rhbz#917183 [1.7.0.11-2.4.0.pre5.el6] - Update to latest snapshot of icedtea7 2.4 forest - Resolves: rhbz#917183 [1.7.0.9-2.4.0.pre4.3.el6] - Updated to icedtea 2.4.0.pre4, - Rewritten (again) patch3 java-1.7.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz#911530 [1.7.0.9-2.4.0.pre3.3.el6] - Updated to icedtea 2.4.0.pre3, updated! - Rewritten patch3 java-1.7.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz#911530 [1.7.0.9-2.4.0.pre2.3.el6] - Removed testing - mauve was outdated and - jtreg was icedtea relict - Updated to icedtea 2.4.0.pre2, updated? - Added java -Xshare:dump to post (see 513605) fo jitarchs - Resolves: rhbz#911530 [1.7.0.11-2.4.0.2.el6] - Unapplied but kept (for 2.3revert) patch110, java-1.7.0-openjdk-nss-icedtea-e9c857dcb964.patch - Added and applied patch113: java-1.7.0-openjdk-aes-update_reset.patch - Added and applied patch114: java-1.7.0-openjdk-nss-tck.patch - Added and applied patch115: java-1.7.0-openjdk-nss-split_results.patch - NSS enabled by default - enable_nss set to 1 - rewritten patch109 - java-1.7.0-openjdk-nss-config-1.patch - rewritten patch111 - java-1.7.0-openjdk-nss-config-2.patch - Resolves: rhbz#831734 [1.7.0.11-2.4.0.1.el6] - Rewritten patch105: java-1.7.0-openjdk-disable-system-lcms.patch - Added jxmd and idlj to alternatives - make executed with DISABLE_INTREE_EC=true and UNLIMITED_CRYPTO=true - Unapplied patch302 and deleted systemtap.patch - buildver increased to 11 - icedtea_version set to 2.4.0 - Added and applied patch112 java-1.7.openjdk-doNotUseDisabledEcc.patch - removed tmp-patches source tarball - Added /lib/security/US_export_policy.jar and lib/security/local_policy.jar - Disabled nss - enable_nss set to 0 - Resolves: rhbz#895034
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0602 CVE-2013-0809 CVE-2013-1493	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 6.x Packages match section java-1.7.0-openjdk is earlier than 0:1.7.0.9-2.3.8.0.0.1.el6_4 AND java-1.7.0-openjdk-demo is earlier than 0:1.7.0.9-2.3.8.0.0.1.el6_4 AND java-1.7.0-openjdk-devel is earlier than 0:1.7.0.9-2.3.8.0.0.1.el6_4 AND java-1.7.0-openjdk-javadoc is earlier than 0:1.7.0.9-2.3.8.0.0.1.el6_4 AND java-1.7.0-openjdk-src is earlier than 0:1.7.0.9-2.3.8.0.0.1.el6_4

Definition Id: oval:org.mitre.oval:def:27605

Oval ID:	oval:org.mitre.oval:def:27605
Title:	DEPRECATED: ELSA-2013-0587 -- openssl security update (moderate)
Description:	[1.0.0-27.2] - fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589) - fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052) - enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB environment variable is set (fixes CVE-2012-4929 #857051) - use __secure_getenv() everywhere instead of getenv() (#839735)
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0587 CVE-2013-0166 CVE-2012-4929 CVE-2013-0169	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	openssl
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section openssl is earlier than 0:0.9.8e-26.el5_9.1 AND openssl-devel is earlier than 0:0.9.8e-26.el5_9.1 AND openssl-perl is earlier than 0:0.9.8e-26.el5_9.1 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section openssl is earlier than 0:1.0.0-27.el6_4.2 AND openssl-devel is earlier than 0:1.0.0-27.el6_4.2 AND openssl-perl is earlier than 0:1.0.0-27.el6_4.2 AND openssl-static is earlier than 0:1.0.0-27.el6_4.2

Definition Id: oval:org.mitre.oval:def:27661

Oval ID:	oval:org.mitre.oval:def:27661
Title:	DEPRECATED: ELSA-2013-0751 -- java-1.7.0-openjdk security update (critical)
Description:	[1.7.0.19-2.3.9.1.0.1.el6_4] - Update DISTRO_NAME in specfile
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0751 CVE-2013-1557 CVE-2013-2424 CVE-2013-2436 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2426 CVE-2013-1558 CVE-2013-2430 CVE-2013-0401 CVE-2013-1488 CVE-2013-2384 CVE-2013-2422 CVE-2013-2431 CVE-2013-1569 CVE-2013-2415 CVE-2013-2423 CVE-2013-2429 CVE-2013-1537 CVE-2013-2417 CVE-2013-1518 CVE-2013-2383	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 6.x Packages match section java-1.7.0-openjdk is earlier than 0:1.7.0.19-2.3.9.1.0.1.el6_4 AND java-1.7.0-openjdk-demo is earlier than 0:1.7.0.19-2.3.9.1.0.1.el6_4 AND java-1.7.0-openjdk-devel is earlier than 0:1.7.0.19-2.3.9.1.0.1.el6_4 AND java-1.7.0-openjdk-javadoc is earlier than 0:1.7.0.19-2.3.9.1.0.1.el6_4 AND java-1.7.0-openjdk-src is earlier than 0:1.7.0.19-2.3.9.1.0.1.el6_4

Definition Id: oval:org.mitre.oval:def:27683

Oval ID:	oval:org.mitre.oval:def:27683
Title:	DEPRECATED: ELSA-2012-1223 -- java-1.7.0-openjdk security update (important)
Description:	[1.7.0.5-2.2.1.0.1.el6_3.3] - Modify DISTRO_NAME for Oracle [1.7.0.5-2.2.1.el6.3] - Removed patch 304 java-1.7.0-openjdk-beans-isPackageAccessible.patch - Applied upstream patches for same issue: patch 1001 sec-webrevs-openjdk7-29_aug_2012-7162473.patch patch 1002 sec-webrevs-openjdk7-29_aug_2012-7162476.patch patch 1003 sec-webrevs-openjdk7-29_aug_2012-7163201.patch patch 1004 sec-webrevs-openjdk7-29_aug_2012-7194567.patch patch 1005 sec-webrevs-openjdk7-29_aug_2012-78e01a6ca8d3.patch - Resolves: rhbz#852299 [1.7.0.5-2.2.1.1.el6] - Added patch 304 java-1.7.0-openjdk-beans-isPackageAccessible.patch to fix vulnerability until it is fixed in upstream sources. - Resolves: rhbz#852299
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-1223 CVE-2012-0547 CVE-2012-1682 CVE-2012-3136 CVE-2012-4681	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 6.x Packages match section java-1.7.0-openjdk is earlier than 0:1.7.0.5-2.2.1.0.1.el6_3.3 AND java-1.7.0-openjdk-demo is earlier than 0:1.7.0.5-2.2.1.0.1.el6_3.3 AND java-1.7.0-openjdk-devel is earlier than 0:1.7.0.5-2.2.1.0.1.el6_3.3 AND java-1.7.0-openjdk-javadoc is earlier than 0:1.7.0.5-2.2.1.0.1.el6_3.3 AND java-1.7.0-openjdk-src is earlier than 0:1.7.0.5-2.2.1.0.1.el6_3.3

Definition Id: oval:org.mitre.oval:def:27709

Oval ID:	oval:org.mitre.oval:def:27709
Title:	DEPRECATED: ELSA-2012-1386 -- java-1.7.0-openjdk security update (important)
Description:	[1.7.0.9-2.3.3.0.1.el6_3.1] - Update DISTRO_NAME in specfile [1.7.0.9-2.3.3.el6.1] - Changed permissions of sa-jdi.jar to correct 644 - Resolves: rhbz#865050 [1.7.0.9-2.3.3.el6] - Updated to 2.3.3 - Updated java-1.7.0-openjdk-java-access-bridge-security.patch - Resolves rhbz#s 856124, 865346, 865348, 865350, 865352, 865354, 865357, 865359, 865363, 865365, 865370, 865428, 865471, 865434, 865511, 865514, 865519, 865531, 865541, 865568 [1.7.0.5-2.3.2.el6.1] - Cleanup before security release - Updated to latest IcedTea7-forest 2.3 - Resolves: rhbz#852299 [1.7.0.5-2.2.1.1.el6.4] - Cleanup before security release - Removed patches: patch 1001 sec-webrevs-openjdk7-29_aug_2012-7162473.patch patch 1002 sec-webrevs-openjdk7-29_aug_2012-7162476.patch patch 1003 sec-webrevs-openjdk7-29_aug_2012-7163201.patch patch 1004 sec-webrevs-openjdk7-29_aug_2012-7194567.patch patch 1005 sec-webrevs-openjdk7-29_aug_2012-78e01a6ca8d3.patch - Resolves: rhbz#852299
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-1386 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089 CVE-2012-5070 CVE-2012-5074 CVE-2012-5076 CVE-2012-5087 CVE-2012-5088	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	java-1.7.0-openjdk
Definition Synopsis:
Oracle Linux 6.x Packages match section java-1.7.0-openjdk is earlier than 0:1.7.0.9-2.3.3.0.1.el6_3.1 AND java-1.7.0-openjdk-demo is earlier than 0:1.7.0.9-2.3.3.0.1.el6_3.1 AND java-1.7.0-openjdk-devel is earlier than 0:1.7.0.9-2.3.3.0.1.el6_3.1 AND java-1.7.0-openjdk-javadoc is earlier than 0:1.7.0.9-2.3.3.0.1.el6_3.1 AND java-1.7.0-openjdk-src is earlier than 0:1.7.0.9-2.3.3.0.1.el6_3.1

Definition Id: oval:org.mitre.oval:def:27766

Oval ID:	oval:org.mitre.oval:def:27766
Title:	DEPRECATED: ELSA-2012-0729 -- java-1.6.0-openjdk security update (critical)
Description:	[1:1.6.0.0-1.48.1.11.3] - Access gnome bridge jar is forced to have 644 permissions - Resolves: rhbz#828751 [1:1.6.0.0-1.47.1.11.3] - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages added also to package.definition - Resolves: rhbz#828751 [1:1.6.0.0-1.46.1.11.3] - Sync with 6.3: - Bump to IcedTea6 1.11.3 - With removed patch8 - java-1.6.0-openjdk-jirafix_2820_2821.patch - Including patch7 - java-1.6.0-openjdk-jstack.patch - Including patch3, java-1.6.0-openjdk-java-access-bridge-security.patch modification - Resolves: rhbz#828751
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-0729 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 6.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-1.48.1.11.3.el6_2 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-1.48.1.11.3.el6_2 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-1.48.1.11.3.el6_2 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-1.48.1.11.3.el6_2 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-1.48.1.11.3.el6_2

Definition Id: oval:org.mitre.oval:def:27767

Oval ID:	oval:org.mitre.oval:def:27767
Title:	DEPRECATED: ELSA-2012-0322 -- java-1.6.0-openjdk security update (important)
Description:	[1.6.0.0-1.25.1.10.6.0.1.el5_8] - Add oracle-enterprise.patch [1:1.6.0.0-1.25.1.10.6] - Updated to IcedTea6 1.10.6 - Resolves: rhbz#787142 - Security fixes - S7082299: Fix in AtomicReferenceArray - S7088367: Fix issues in java sound - S7110683: Issues with some KeyboardFocusManager method - S7110687: Issues with TimeZone class - S7110700: Enhance exception throwing mechanism in ObjectStreamClass - S7110704: Issues with some method in corba - S7112642: Incorrect checking for graphics rendering object - S7118283: Better input parameter checking in zip file processing - S7126960: Add property to limit number of request headers to the HTTP Server - Bug fixes - RH580478: Desktop files should not use hardcoded path - Removed and deleted upstreamed patch7 - name-rmi-fix.patch - Removed and deleted upstreamed Hugepages patches: - Source100: 7034464-hugepage.patch - Source101: 7037939-hugepage.patch - Source102: 7043564-hugepage.patch
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-0322 CVE-2011-3563 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2011-3571 CVE-2011-5035 CVE-2012-0507	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 5.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-1.25.1.10.6.0.1.el5_8 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-1.25.1.10.6.0.1.el5_8 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-1.25.1.10.6.0.1.el5_8 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-1.25.1.10.6.0.1.el5_8 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-1.25.1.10.6.0.1.el5_8

Definition Id: oval:org.mitre.oval:def:27774

Oval ID:	oval:org.mitre.oval:def:27774
Title:	DEPRECATED: ELSA-2012-1221 -- java-1.6.0-openjdk security update (critical)
Description:	[1:1.6.0.0-1.49.1.11.4] - Updated to latest IedTea6 1.11.4 - Resolves: rhbz#853345 [1:1.6.0.0-1.48.1.11.3] - Access gnome bridge jar is forced to have 644 permissions - Resolves: rhbz#828752 [1:1.6.0.0-1.47.1.11.3] - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages added also to package.definition - Resolves: rhbz#828752 [1:1.6.0.0-1.46.1.11.3] - Updated to IcedTea6 1.11.3 - Removed upstreamed patch8 - java-1.6.0-openjdk-jirafix_2820_2821.patch - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages added to patch - Resolves: rhbz#828752
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-1221 CVE-2012-0547 CVE-2012-1682	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 6.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-1.49.1.11.4.el6_3 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-1.49.1.11.4.el6_3 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-1.49.1.11.4.el6_3 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-1.49.1.11.4.el6_3 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-1.49.1.11.4.el6_3

Definition Id: oval:org.mitre.oval:def:27790

Oval ID:	oval:org.mitre.oval:def:27790
Title:	DEPRECATED: ELSA-2012-1222 -- java-1.6.0-openjdk security update (important)
Description:	[1.6.0.0-1.28.1.10.9.0.1.el5_8] - Add oracle-enterprise.patch [1:1.6.0.0-1.28.1.10.9] - Updated to latest IcedTea6 1.10.9 - Resolves: rhbz#846709 - Resolves: rhbz#853114 [1:1.6.0.0-1.27.1.10.8] - Access gnome bridge jar is forced to have 644 permissions - Resolves: rhbz#828749
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-1222 CVE-2012-0547 CVE-2012-1682	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 5.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-1.28.1.10.9.0.1.el5_8 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-1.28.1.10.9.0.1.el5_8 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-1.28.1.10.9.0.1.el5_8 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-1.28.1.10.9.0.1.el5_8 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-1.28.1.10.9.0.1.el5_8

Definition Id: oval:org.mitre.oval:def:27804

Oval ID:	oval:org.mitre.oval:def:27804
Title:	DEPRECATED: ELSA-2012-1384 -- java-1.6.0-openjdk security update (critical)
Description:	[1:1.6.0.0-1.50.1.11.5] - Changed permissions of sa-jdi.jar to correct 644 - Resolves: rhbz#865045 [1:1.6.0.0-1.49.1.11.5] - Updated to IcedTea6 1.11.5 - Resolves rhbz#s 856124, 865346, 865348, 865350, 865352, 865354, 865357, 865359, 865363, 865365, 865370, 865428, 865471, 865434, 865511, 865514, 865519, 865531, 865541, 865568
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-1384 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 6.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-1.50.1.11.5.el6_3 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-1.50.1.11.5.el6_3 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-1.50.1.11.5.el6_3 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-1.50.1.11.5.el6_3 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-1.50.1.11.5.el6_3

Definition Id: oval:org.mitre.oval:def:27810

Oval ID:	oval:org.mitre.oval:def:27810
Title:	DEPRECATED: ELSA-2012-1385 -- java-1.6.0-openjdk security update (important)
Description:	[1:1.6.0.0-1.28.1.10.10.0.1.el5_8] - Add oracle-enterprise.patch [1:1.6.0.0-1.28.1.10.10] - Updated to IcedTea6 1.10.10 - Resolves rhbz#s 856124, 865346, 865348, 865350, 865352, 865354, 865357, 865359, 865363, 865365, 865370, 865428, 865471, 865434, 865511, 865514, 865519, 865531, 865541, 865568
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-1385 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 5.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-1.28.1.10.10.0.1.el5_8 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-1.28.1.10.10.0.1.el5_8 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-1.28.1.10.10.0.1.el5_8 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-1.28.1.10.10.0.1.el5_8 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-1.28.1.10.10.0.1.el5_8

Definition Id: oval:org.mitre.oval:def:27922

Oval ID:	oval:org.mitre.oval:def:27922
Title:	DEPRECATED: ELSA-2012-0135 -- java-1.6.0-openjdk security update (critical)
Description:	[1:1.6.0.0-1.43.1.10.6] - Updated to IcedTea6 1.10.6 - Resolves: rhbz#787144 - Security fixes - S7082299: Fix in AtomicReferenceArray - S7088367: Fix issues in java sound - S7110683: Issues with some KeyboardFocusManager method - S7110687: Issues with TimeZone class - S7110700: Enhance exception throwing mechanism in ObjectStreamClass - S7110704: Issues with some method in corba - S7112642: Incorrect checking for graphics rendering object - S7118283: Better input parameter checking in zip file processing - S7126960: Add property to limit number of request headers to the HTTP Server - Bug fixes - RH580478: Desktop files should not use hardcoded path - Removed upstreamed patch7 - java-1.6.0-openjdk-6_2-Z-rmi-fix.patch
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-0135 CVE-2011-3563 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2011-3571 CVE-2011-5035 CVE-2012-0507	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	java-1.6.0-openjdk
Definition Synopsis:
Oracle Linux 6.x Packages match section java-1.6.0-openjdk is earlier than 0:1.6.0.0-1.43.1.10.6.el6_2 AND java-1.6.0-openjdk-demo is earlier than 0:1.6.0.0-1.43.1.10.6.el6_2 AND java-1.6.0-openjdk-devel is earlier than 0:1.6.0.0-1.43.1.10.6.el6_2 AND java-1.6.0-openjdk-javadoc is earlier than 0:1.6.0.0-1.43.1.10.6.el6_2 AND java-1.6.0-openjdk-src is earlier than 0:1.6.0.0-1.43.1.10.6.el6_2

CPE : Common Platform Enumeration

Type	Description	Count
Application	Openssl cpe:2.3:a:openssl:openssl:1.0.1u:::::::* cpe:2.3:a:openssl:openssl:1.0.1t:::::::* cpe:2.3:a:openssl:openssl:1.0.1s:::::::* cpe:2.3:a:openssl:openssl:1.0.1r:::::::* cpe:2.3:a:openssl:openssl:1.0.1q:::::::* cpe:2.3:a:openssl:openssl:1.0.1o:::::::* cpe:2.3:a:openssl:openssl:1.0.1n:::::::* cpe:2.3:a:openssl:openssl:1.0.1m:::::::* cpe:2.3:a:openssl:openssl:1.0.1l:::::::* cpe:2.3:a:openssl:openssl:1.0.1k:::::::* cpe:2.3:a:openssl:openssl:1.0.1j:::::::* cpe:2.3:a:openssl:openssl:1.0.1i:::::::* cpe:2.3:a:openssl:openssl:1.0.1h:::::::* cpe:2.3:a:openssl:openssl:1.0.1g:::::::* cpe:2.3:a:openssl:openssl:1.0.1f:::::::* cpe:2.3:a:openssl:openssl:1.0.1e:::::::* cpe:2.3:a:openssl:openssl:1.0.1d:::::::* cpe:2.3:a:openssl:openssl:1.0.1c:::::::* cpe:2.3:a:openssl:openssl:1.0.0s:::::::* cpe:2.3:a:openssl:openssl:1.0.0r:::::::* cpe:2.3:a:openssl:openssl:1.0.0q:::::::* cpe:2.3:a:openssl:openssl:1.0.0p:::::::* cpe:2.3:a:openssl:openssl:1.0.0o:::::::* cpe:2.3:a:openssl:openssl:1.0.0n:::::::* cpe:2.3:a:openssl:openssl:1.0.0m:::::::* cpe:2.3:a:openssl:openssl:1.0.0l:::::::* cpe:2.3:a:openssl:openssl:1.0.0k:::::::* cpe:2.3:a:openssl:openssl:1.0.0j:::::::* cpe:2.3:a:openssl:openssl:1.0.0i:::::::* cpe:2.3:a:openssl:openssl:1.0.0h:::::::* cpe:2.3:a:openssl:openssl:1.0.0g:::::::* cpe:2.3:a:openssl:openssl:1.0.0f:::::::* cpe:2.3:a:openssl:openssl:1.0.0e:::::::* cpe:2.3:a:openssl:openssl:1.0.0d:::::::* cpe:2.3:a:openssl:openssl:1.0.0c:::::::* cpe:2.3:a:openssl:openssl:1.0.0b:::::::* cpe:2.3:a:openssl:openssl:1.0.0a:::::::* cpe:2.3:a:openssl:openssl:1.0.0:beta3:::::: cpe:2.3:a:openssl:openssl:1.0.0:beta2:::::: cpe:2.3:a:openssl:openssl:1.0.0:beta5:::::: cpe:2.3:a:openssl:openssl:1.0.0:beta4:::::: cpe:2.3:a:openssl:openssl:1.0.0:beta1:::::: cpe:2.3:a:openssl:openssl:1.0.0:-:::::: cpe:2.3:a:openssl:openssl:1.0::openvms::::: cpe:2.3:a:openssl:openssl:0.9.8zg:::::::* cpe:2.3:a:openssl:openssl:0.9.8zf:::::::* cpe:2.3:a:openssl:openssl:0.9.8ze:::::::* cpe:2.3:a:openssl:openssl:0.9.8zc:::::::* cpe:2.3:a:openssl:openssl:0.9.8zb:::::::* cpe:2.3:a:openssl:openssl:0.9.8za:::::::* cpe:2.3:a:openssl:openssl:0.9.8z:::::::* cpe:2.3:a:openssl:openssl:0.9.8y:::::::* cpe:2.3:a:openssl:openssl:0.9.8x:::::::* cpe:2.3:a:openssl:openssl:0.9.8w:::::::* cpe:2.3:a:openssl:openssl:0.9.8v:::::::* cpe:2.3:a:openssl:openssl:0.9.8u:::::::* cpe:2.3:a:openssl:openssl:0.9.8t:::::::* cpe:2.3:a:openssl:openssl:0.9.8s:::::::* cpe:2.3:a:openssl:openssl:0.9.8r:::::::* cpe:2.3:a:openssl:openssl:0.9.8q:::::::* cpe:2.3:a:openssl:openssl:0.9.8p:::::::* cpe:2.3:a:openssl:openssl:0.9.8o:::::::* cpe:2.3:a:openssl:openssl:0.9.8n:::::::* cpe:2.3:a:openssl:openssl:0.9.8m:-:::::: cpe:2.3:a:openssl:openssl:0.9.8m:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.8l:::::::* cpe:2.3:a:openssl:openssl:0.9.8k:::::::* cpe:2.3:a:openssl:openssl:0.9.8j:::::::* cpe:2.3:a:openssl:openssl:0.9.8i:::::::* cpe:2.3:a:openssl:openssl:0.9.8h:::::::* cpe:2.3:a:openssl:openssl:0.9.8g-9:::::::* cpe:2.3:a:openssl:openssl:0.9.8g:::::::* cpe:2.3:a:openssl:openssl:0.9.8g::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.8g::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.8f:::::::* cpe:2.3:a:openssl:openssl:0.9.8f::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.8f::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.8f::::::x86: cpe:2.3:a:openssl:openssl:0.9.8e:::::::* cpe:2.3:a:openssl:openssl:0.9.8e::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.8e::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.8e::::::x86: cpe:2.3:a:openssl:openssl:0.9.8d:::::::* cpe:2.3:a:openssl:openssl:0.9.8d::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.8d::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.8d::::::x86: cpe:2.3:a:openssl:openssl:0.9.8c-1:::::::* cpe:2.3:a:openssl:openssl:0.9.8c:::::::* cpe:2.3:a:openssl:openssl:0.9.8c::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.8c::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.8c::::::x86: cpe:2.3:a:openssl:openssl:0.9.8b:::::::* cpe:2.3:a:openssl:openssl:0.9.8b::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.8b::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.8b::::::x86: cpe:2.3:a:openssl:openssl:0.9.8a:::::::* cpe:2.3:a:openssl:openssl:0.9.8a::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.8a::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.8a::::::x86: cpe:2.3:a:openssl:openssl:0.9.8:-:::::: cpe:2.3:a:openssl:openssl:0.9.8::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.8::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.8:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.8:beta2:::::: cpe:2.3:a:openssl:openssl:0.9.8:beta3:::::: cpe:2.3:a:openssl:openssl:0.9.8:beta4:::::: cpe:2.3:a:openssl:openssl:0.9.8:beta5:::::: cpe:2.3:a:openssl:openssl:0.9.8:beta6:::::: cpe:2.3:a:openssl:openssl:0.9.8::::::x86: cpe:2.3:a:openssl:openssl:0.9.7m:::::::* cpe:2.3:a:openssl:openssl:0.9.7m::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7m::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7m::::::x86: cpe:2.3:a:openssl:openssl:0.9.7l:::::::* cpe:2.3:a:openssl:openssl:0.9.7l::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7l::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7l::::::x86: cpe:2.3:a:openssl:openssl:0.9.7k:::::::* cpe:2.3:a:openssl:openssl:0.9.7k::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7k::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7k::::::x86: cpe:2.3:a:openssl:openssl:0.9.7j:::::::* cpe:2.3:a:openssl:openssl:0.9.7j::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7j::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7j::::::x86: cpe:2.3:a:openssl:openssl:0.9.7i:::::::* cpe:2.3:a:openssl:openssl:0.9.7i::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7i::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7i::::::x86: cpe:2.3:a:openssl:openssl:0.9.7h:::::::* cpe:2.3:a:openssl:openssl:0.9.7h::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7h::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7h::::::x86: cpe:2.3:a:openssl:openssl:0.9.7g:::::::* cpe:2.3:a:openssl:openssl:0.9.7g::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7g::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7g::::::x86: cpe:2.3:a:openssl:openssl:0.9.7f:::::::* cpe:2.3:a:openssl:openssl:0.9.7f::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7f::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7f::::::x86: cpe:2.3:a:openssl:openssl:0.9.7e:::::::* cpe:2.3:a:openssl:openssl:0.9.7e::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7e::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7e::::::x86: cpe:2.3:a:openssl:openssl:0.9.7d:::::::* cpe:2.3:a:openssl:openssl:0.9.7d::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7d::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7d::::::x86: cpe:2.3:a:openssl:openssl:0.9.7c:::::::* cpe:2.3:a:openssl:openssl:0.9.7c::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7c::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7c::::::x86: cpe:2.3:a:openssl:openssl:0.9.7b:::::::* cpe:2.3:a:openssl:openssl:0.9.7b::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7b::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7b::::::x86: cpe:2.3:a:openssl:openssl:0.9.7a:::::::* cpe:2.3:a:openssl:openssl:0.9.7a::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7a::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7a::::::x86: cpe:2.3:a:openssl:openssl:0.9.7:beta3:::::: cpe:2.3:a:openssl:openssl:0.9.7:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.7:-:::::: cpe:2.3:a:openssl:openssl:0.9.7:beta5:::::: cpe:2.3:a:openssl:openssl:0.9.7:beta6:::::: cpe:2.3:a:openssl:openssl:0.9.7:beta4:::::: cpe:2.3:a:openssl:openssl:0.9.7:beta2:::::: cpe:2.3:a:openssl:openssl:0.9.7:beta2:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta4:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta1:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta5:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta3:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.7::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7:beta6:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta5:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta4:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta6:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta1:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta3:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta2:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.7::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7::::::x86: cpe:2.3:a:openssl:openssl:0.9.7:beta1:::::x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta2:::::x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta3:::::x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta4:::::x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta5:::::x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta6:::::x86:* cpe:2.3:a:openssl:openssl:0.9.6m:::::::* cpe:2.3:a:openssl:openssl:0.9.6m::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6m::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6m::::::x86: cpe:2.3:a:openssl:openssl:0.9.6l:::::::* cpe:2.3:a:openssl:openssl:0.9.6l::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6l::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6l::::::x86: cpe:2.3:a:openssl:openssl:0.9.6k:::::::* cpe:2.3:a:openssl:openssl:0.9.6k::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6k::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6k::::::x86: cpe:2.3:a:openssl:openssl:0.9.6j:::::::* cpe:2.3:a:openssl:openssl:0.9.6j::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6j::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6j::::::x86: cpe:2.3:a:openssl:openssl:0.9.6i:::::::* cpe:2.3:a:openssl:openssl:0.9.6i::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6i::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6i::::::x86: cpe:2.3:a:openssl:openssl:0.9.6h:::::::* cpe:2.3:a:openssl:openssl:0.9.6h:bogus:::::: cpe:2.3:a:openssl:openssl:0.9.6h::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6h::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6h::::::x86: cpe:2.3:a:openssl:openssl:0.9.6g:::::::* cpe:2.3:a:openssl:openssl:0.9.6g::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6g::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6g::::::x86: cpe:2.3:a:openssl:openssl:0.9.6f:::::::* cpe:2.3:a:openssl:openssl:0.9.6f::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6f::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6f::::::x86: cpe:2.3:a:openssl:openssl:0.9.6e:::::::* cpe:2.3:a:openssl:openssl:0.9.6e::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6e::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6e::::::x86: cpe:2.3:a:openssl:openssl:0.9.6d:-:::::: cpe:2.3:a:openssl:openssl:0.9.6d::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6d::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6d::::::x86: cpe:2.3:a:openssl:openssl:0.9.6c:::::::* cpe:2.3:a:openssl:openssl:0.9.6c::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6c::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6c::::::x86: cpe:2.3:a:openssl:openssl:0.9.6b:::::::* cpe:2.3:a:openssl:openssl:0.9.6b::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6b::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6b::::::x86: cpe:2.3:a:openssl:openssl:0.9.6a:-:::::: cpe:2.3:a:openssl:openssl:0.9.6a:beta2:::::: cpe:2.3:a:openssl:openssl:0.9.6a:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.6a:beta3:::::: cpe:2.3:a:openssl:openssl:0.9.6a:beta2:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.6a::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6a:beta3:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.6a:beta1:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.6a:beta1:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.6a:beta2:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.6a:beta3:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.6a::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6a::::::x86: cpe:2.3:a:openssl:openssl:0.9.6a:beta1:::::x86:* cpe:2.3:a:openssl:openssl:0.9.6a:beta2:::::x86:* cpe:2.3:a:openssl:openssl:0.9.6a:beta3:::::x86:* cpe:2.3:a:openssl:openssl:0.9.6:beta2:::::: cpe:2.3:a:openssl:openssl:0.9.6:-:::::: cpe:2.3:a:openssl:openssl:0.9.6:beta3:::::: cpe:2.3:a:openssl:openssl:0.9.6:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.6:beta2:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.6::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6:beta1:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.6:beta3:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.6:beta1:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.6:beta3:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.6:beta2:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.6::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6::::::x86: cpe:2.3:a:openssl:openssl:0.9.6:beta1:::::x86:* cpe:2.3:a:openssl:openssl:0.9.6:beta2:::::x86:* cpe:2.3:a:openssl:openssl:0.9.6:beta3:::::x86:* cpe:2.3:a:openssl:openssl:0.9.5a:beta2:::::: cpe:2.3:a:openssl:openssl:0.9.5a:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.5a:-:::::: cpe:2.3:a:openssl:openssl:0.9.5a:beta2:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.5a::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.5a:beta1:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.5a::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.5a:beta1:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.5a:beta2:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.5a::::::x86: cpe:2.3:a:openssl:openssl:0.9.5a:beta1:::::x86:* cpe:2.3:a:openssl:openssl:0.9.5a:beta2:::::x86:* cpe:2.3:a:openssl:openssl:0.9.5:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.5:-:::::: cpe:2.3:a:openssl:openssl:0.9.5:beta2:::::: cpe:2.3:a:openssl:openssl:0.9.5:beta2:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.5:beta1:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.5::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.5:beta1:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.5:beta2:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.5::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.5::::::x86: cpe:2.3:a:openssl:openssl:0.9.5:beta1:::::x86:* cpe:2.3:a:openssl:openssl:0.9.5:beta2:::::x86:* cpe:2.3:a:openssl:openssl:0.9.4:::::::* cpe:2.3:a:openssl:openssl:0.9.4::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.4::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.4::::::x86: cpe:2.3:a:openssl:openssl:0.9.3a:::::::* cpe:2.3:a:openssl:openssl:0.9.3a::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.3a::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.3a::::::x86: cpe:2.3:a:openssl:openssl:0.9.3:-:::::: cpe:2.3:a:openssl:openssl:0.9.3::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.3::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.3::::::x86: cpe:2.3:a:openssl:openssl:0.9.2b:::::::* cpe:2.3:a:openssl:openssl:0.9.2b::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.2b::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.2b::::::x86: cpe:2.3:a:openssl:openssl:0.9.1c:::::::* cpe:2.3:a:openssl:openssl:0.9.1c::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.1c::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.1c::::::x86: cpe:2.3:a:openssl:openssl:0.9.1b:::::::* cpe:2.3:a:openssl:openssl:0.9.0b:::::::* cpe:2.3:a:openssl:openssl:::::::: cpe:2.3:a:openssl:openssl:::openvms:::::* cpe:2.3:a:openssl:openssl:-:::::::*	319
Application	Oracle Glassfish Server cpe:2.3:a:oracle:glassfish_server:3.1.1:::::::* cpe:2.3:a:oracle:glassfish_server:3.0.1:::::::* cpe:2.3:a:oracle:glassfish_server:3.0.1::::open_source::: cpe:2.3:a:oracle:glassfish_server:3.0:::::::* cpe:2.3:a:oracle:glassfish_server:2.1.1:::::::* cpe:2.3:a:oracle:glassfish_server:2.1:::::::* cpe:2.3:a:oracle:glassfish_server:2.0:::::::* cpe:2.3:a:oracle:glassfish_server:1.0:ur1_po1:::::: cpe:2.3:a:oracle:glassfish_server:1.0:::::::* cpe:2.3:a:oracle:glassfish_server:1.0:ur1::::::	10
Application	Oracle Javafx cpe:2.3:a:oracle:javafx:2.2.7:::::::* cpe:2.3:a:oracle:javafx:2.2.5:::::::* cpe:2.3:a:oracle:javafx:2.2.45:::::::* cpe:2.3:a:oracle:javafx:2.2.4:::::::* cpe:2.3:a:oracle:javafx:2.2.3:::::::* cpe:2.3:a:oracle:javafx:2.2.21:::::::* cpe:2.3:a:oracle:javafx:2.2:::::::* cpe:2.3:a:oracle:javafx:2.1:::::::* cpe:2.3:a:oracle:javafx:2.0.3:::::::* cpe:2.3:a:oracle:javafx:2.0.2:::::::* cpe:2.3:a:oracle:javafx:2.0:::::::* cpe:2.3:a:oracle:javafx:1.3.1:::::::* cpe:2.3:a:oracle:javafx:1.3.0:::::::* cpe:2.3:a:oracle:javafx:1.2.3:::::::* cpe:2.3:a:oracle:javafx:1.2.2:::::::* cpe:2.3:a:oracle:javafx:1.2:::::::*	16
Application	Oracle Jdk cpe:2.3:a:oracle:jdk:1.7.0:update4:::::: cpe:2.3:a:oracle:jdk:1.7.0:-:::::: cpe:2.3:a:oracle:jdk:1.7.0:update1:::::: cpe:2.3:a:oracle:jdk:1.7.0:update2:::::: cpe:2.3:a:oracle:jdk:1.7.0:update3:::::: cpe:2.3:a:oracle:jdk:1.7.0:update5:::::: cpe:2.3:a:oracle:jdk:1.7.0:update7:::::: cpe:2.3:a:oracle:jdk:1.7.0:update6:::::: cpe:2.3:a:oracle:jdk:1.7.0:update11:::::: cpe:2.3:a:oracle:jdk:1.7.0:update9:::::: cpe:2.3:a:oracle:jdk:1.7.0:update10:::::: cpe:2.3:a:oracle:jdk:1.7.0:update13:::::: cpe:2.3:a:oracle:jdk:1.7.0:update15:::::: cpe:2.3:a:oracle:jdk:1.7.0:update17:::::: cpe:2.3:a:oracle:jdk:1.7.0:update21:::::: cpe:2.3:a:oracle:jdk:1.7.0:update25:::::: cpe:2.3:a:oracle:jdk:1.7.0:update10:~~~windows~~:::::* cpe:2.3:a:oracle:jdk:1.7.0:update11:~~~windows~~:::::* cpe:2.3:a:oracle:jdk:1.7.0:update121:::::: cpe:2.3:a:oracle:jdk:1.7.0:update10_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update11_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update17_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update17_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update21_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update25_b33:::::: cpe:2.3:a:oracle:jdk:1.7.0:update25_b34:::::: cpe:2.3:a:oracle:jdk:1.7.0:update25_b35:::::: cpe:2.3:a:oracle:jdk:1.7.0:update40:::::: cpe:2.3:a:oracle:jdk:1.7.0:update45:::::: cpe:2.3:a:oracle:jdk:1.7.0:update45_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update45_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update45_b33:::::: cpe:2.3:a:oracle:jdk:1.7.0:update45_b34:::::: cpe:2.3:a:oracle:jdk:1.7.0:update51:::::: cpe:2.3:a:oracle:jdk:1.7.0:update7_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update9_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update9_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update10::::windows::* cpe:2.3:a:oracle:jdk:1.7.0:update11::::windows::* cpe:2.3:a:oracle:jdk:1.7.0:update241:::::: cpe:2.3:a:oracle:jdk:1.7.0:update251:::::: cpe:2.3:a:oracle:jdk:1.7.0:update60:::::: cpe:2.3:a:oracle:jdk:1.7.0:update67:::::: cpe:2.3:a:oracle:jdk:1.7.0:update72:::::: cpe:2.3:a:oracle:jdk:1.7.0:update71:::::: cpe:2.3:a:oracle:jdk:1.7.0:update75:::::: cpe:2.3:a:oracle:jdk:1.7.0:update101:::::: cpe:2.3:a:oracle:jdk:1.7.0:update111:::::: cpe:2.3:a:oracle:jdk:1.7.0:update141:::::: cpe:2.3:a:oracle:jdk:1.7.0:update151:::::: cpe:2.3:a:oracle:jdk:1.7.0:update131:::::: cpe:2.3:a:oracle:jdk:1.7.0:update201:::::: cpe:2.3:a:oracle:jdk:1.7.0:update191:::::: cpe:2.3:a:oracle:jdk:1.7.0:update161:::::: cpe:2.3:a:oracle:jdk:1.7.0:update171:::::: cpe:2.3:a:oracle:jdk:1.7.0:update181:::::: cpe:2.3:a:oracle:jdk:1.7.0:update211:::::: cpe:2.3:a:oracle:jdk:1.7.0:update221:::::: cpe:2.3:a:oracle:jdk:1.7.0:update231:::::: cpe:2.3:a:oracle:jdk:1.7.0:update271:::::: cpe:2.3:a:oracle:jdk:1.7.0:update321:::::: cpe:2.3:a:oracle:jdk:1.7.0:update331:::::: cpe:2.3:a:oracle:jdk:1.7.0:update301:::::: cpe:2.3:a:oracle:jdk:1.7.0:update291:::::: cpe:2.3:a:oracle:jdk:1.7.0:update261:::::: cpe:2.3:a:oracle:jdk:1.7.0:update99:::::: cpe:2.3:a:oracle:jdk:1.7.0:update97:::::: cpe:2.3:a:oracle:jdk:1.7.0:update95:::::: cpe:2.3:a:oracle:jdk:1.7.0:update91:::::: cpe:2.3:a:oracle:jdk:1.7.0:update85:::::: cpe:2.3:a:oracle:jdk:1.7.0:update80:::::: cpe:2.3:a:oracle:jdk:1.7.0:update76:::::: cpe:2.3:a:oracle:jdk:1.7.0:update343:::::: cpe:2.3:a:oracle:jdk:1.7.0:update191_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update191_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update201_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update211_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update211_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update221_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update221_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update221_b34:::::: cpe:2.3:a:oracle:jdk:1.7.0:update221_b35:::::: cpe:2.3:a:oracle:jdk:1.7.0:update231_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update241_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update271_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update281:::::: cpe:2.3:a:oracle:jdk:1.7.0:update281_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update281_b33:::::: cpe:2.3:a:oracle:jdk:1.7.0:update291_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update291_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update301_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update311_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update321_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update341:::::: cpe:2.3:a:oracle:jdk:1.7.0:update341_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update343_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update51_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update51_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update51_b33:::::: cpe:2.3:a:oracle:jdk:1.7.0:update55:::::: cpe:2.3:a:oracle:jdk:1.7.0:update55_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update55_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update55_b33:::::: cpe:2.3:a:oracle:jdk:1.7.0:update55_b35:::::: cpe:2.3:a:oracle:jdk:1.7.0:update60_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update60_b33:::::: cpe:2.3:a:oracle:jdk:1.7.0:update65:::::: cpe:2.3:a:oracle:jdk:1.7.0:update65_b33:::::: cpe:2.3:a:oracle:jdk:1.7.0:update67_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update67_b34:::::: cpe:2.3:a:oracle:jdk:1.7.0:update72_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update72_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update72_b33:::::: cpe:2.3:a:oracle:jdk:1.7.0:update76_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update76_b33:::::: cpe:2.3:a:oracle:jdk:1.7.0:update76_b34:::::: cpe:2.3:a:oracle:jdk:1.7.0:update76_b35:::::: cpe:2.3:a:oracle:jdk:1.7.0:update76_b36:::::: cpe:2.3:a:oracle:jdk:1.7.0:update76_b37:::::: cpe:2.3:a:oracle:jdk:1.7.0:update76_b38:::::: cpe:2.3:a:oracle:jdk:1.7.0:update79:::::: cpe:2.3:a:oracle:jdk:1.7.0:update80_b33:::::: cpe:2.3:a:oracle:jdk:1.7.0:update80_b35:::::: cpe:2.3:a:oracle:jdk:1.7.0:update85_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update85_b33:::::: cpe:2.3:a:oracle:jdk:1.7.0:update85_b34:::::: cpe:2.3:a:oracle:jdk:1.7.0:update91_b17:::::: cpe:2.3:a:oracle:jdk:1.7.0:update91_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update91_b33:::::: cpe:2.3:a:oracle:jdk:1.7.0:update95_b13:::::: cpe:2.3:a:oracle:jdk:1.7.0:update95_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update95_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update97_b31:::::: cpe:2.3:a:oracle:jdk:1.7.0:update97_b32:::::: cpe:2.3:a:oracle:jdk:1.7.0:update97_b33:::::: cpe:2.3:a:oracle:jdk:1.7.0:update99_b31:::::: cpe:2.3:a:oracle:jdk:1.7:update_131:::::: cpe:2.3:a:oracle:jdk:1.6.0:update19:::::: cpe:2.3:a:oracle:jdk:1.6.0:update131:::::: cpe:2.3:a:oracle:jdk:1.6.0:::::::* cpe:2.3:a:oracle:jdk:1.6.0:-:::::: cpe:2.3:a:oracle:jdk:1.6.0:update201:::::: cpe:2.3:a:oracle:jdk:1.6.0:update191:::::: cpe:2.3:a:oracle:jdk:1.6.0:update181:::::: cpe:2.3:a:oracle:jdk:1.6.0:update171:::::: cpe:2.3:a:oracle:jdk:1.6.0:update161:::::: cpe:2.3:a:oracle:jdk:1.6.0:update151:::::: cpe:2.3:a:oracle:jdk:1.6.0:update141:::::: cpe:2.3:a:oracle:jdk:1.6.0:update121:::::: cpe:2.3:a:oracle:jdk:1.6.0:update115:::::: cpe:2.3:a:oracle:jdk:1.6.0:update113:::::: cpe:2.3:a:oracle:jdk:1.6.0:update111:::::: cpe:2.3:a:oracle:jdk:1.6.0:update105:::::: cpe:2.3:a:oracle:jdk:1.6.0:update101:::::: cpe:2.3:a:oracle:jdk:1.6.0:update95:::::: cpe:2.3:a:oracle:jdk:1.6.0:update91:::::: cpe:2.3:a:oracle:jdk:1.6.0:update85:::::: cpe:2.3:a:oracle:jdk:1.6.0:update81:::::: cpe:2.3:a:oracle:jdk:1.6.0:update75:::::: cpe:2.3:a:oracle:jdk:1.6.0:update71:::::: cpe:2.3:a:oracle:jdk:1.6.0:update65:::::: cpe:2.3:a:oracle:jdk:1.6.0:update32:::::: cpe:2.3:a:oracle:jdk:1.6.0:update31:::::: cpe:2.3:a:oracle:jdk:1.6.0:update23:::::: cpe:2.3:a:oracle:jdk:1.6.0:update22:::::: cpe:2.3:a:oracle:jdk:1.6.0:update29:::::: cpe:2.3:a:oracle:jdk:1.6.0:update33:::::: cpe:2.3:a:oracle:jdk:1.6.0:update25:::::: cpe:2.3:a:oracle:jdk:1.6.0:update24:::::: cpe:2.3:a:oracle:jdk:1.6.0:update27:::::: cpe:2.3:a:oracle:jdk:1.6.0:update43:::::: cpe:2.3:a:oracle:jdk:1.6.0:update45:::::: cpe:2.3:a:oracle:jdk:1.6.0:update51:::::: cpe:2.3:a:oracle:jdk:1.6.0:update30:::::: cpe:2.3:a:oracle:jdk:1.6.0:update34:::::: cpe:2.3:a:oracle:jdk:1.6.0:update39:::::: cpe:2.3:a:oracle:jdk:1.6.0:update41:::::: cpe:2.3:a:oracle:jdk:1.6.0:update38:::::: cpe:2.3:a:oracle:jdk:1.6.0:update37:::::: cpe:2.3:a:oracle:jdk:1.6.0:update35:::::: cpe:2.3:a:oracle:jdk:1.6.0:update26:::::: cpe:2.3:a:oracle:jdk:1.6.0:update60:::::: cpe:2.3:a:oracle:jdk:1.6.0:update10:::::: cpe:2.3:a:oracle:jdk:1.6.0:update1:::::: cpe:2.3:a:oracle:jdk:1.6.0:update2:::::: cpe:2.3:a:oracle:jdk:1.6.0:update3:::::: cpe:2.3:a:oracle:jdk:1.6.0:update4:::::: cpe:2.3:a:oracle:jdk:1.6.0:update11:::::: cpe:2.3:a:oracle:jdk:1.6.0:update12:::::: cpe:2.3:a:oracle:jdk:1.6.0:update13:::::: cpe:2.3:a:oracle:jdk:1.6.0:update14:::::: cpe:2.3:a:oracle:jdk:1.6.0:update5:::::: cpe:2.3:a:oracle:jdk:1.6.0:update6:::::: cpe:2.3:a:oracle:jdk:1.6.0:update7:::::: cpe:2.3:a:oracle:jdk:1.6.0:update15:::::: cpe:2.3:a:oracle:jdk:1.6.0:update16:::::: cpe:2.3:a:oracle:jdk:1.6.0:update17:::::: cpe:2.3:a:oracle:jdk:1.6.0:update18:::::: cpe:2.3:a:oracle:jdk:1.6.0:update20:::::: cpe:2.3:a:oracle:jdk:1.6.0:update21:::::: cpe:2.3:a:oracle:jdk:1.6.0:update8:::::: cpe:2.3:a:oracle:jdk:1.6.0:update9:::::: cpe:2.3:a:oracle:jdk:1.6.0:update32_b31:::::: cpe:2.3:a:oracle:jdk:1.6.0:update32_b32:::::: cpe:2.3:a:oracle:jdk:1.6.0:update33_b31:::::: cpe:2.3:a:oracle:jdk:1.6.0:update33_b32:::::: cpe:2.3:a:oracle:jdk:1.6.0:update33_b33:::::: cpe:2.3:a:oracle:jdk:1.6.0:update34_b31:::::: cpe:2.3:a:oracle:jdk:1.6.0:update34_b32:::::: cpe:2.3:a:oracle:jdk:1.6.0:update35_b31:::::: cpe:2.3:a:oracle:jdk:1.6.0:update35_b32:::::: cpe:2.3:a:oracle:jdk:1.6.0:update37_b31:::::: cpe:2.3:a:oracle:jdk:1.6.0:update37_b32:::::: cpe:2.3:a:oracle:jdk:1.6.0:update38_b31:::::: cpe:2.3:a:oracle:jdk:1.6.0:update43_b31:::::: cpe:2.3:a:oracle:jdk:1.6.0:update51_b31:::::: cpe:2.3:a:oracle:jdk:1.6.0:update51_b32:::::: cpe:2.3:a:oracle:jdk:1.6:update_141:::::: cpe:2.3:a:oracle:jdk:1.5.0:update_71:::::: cpe:2.3:a:oracle:jdk:1.5.0:update11:::::: cpe:2.3:a:oracle:jdk:1.5.0:-:::::: cpe:2.3:a:oracle:jdk:1.5.0:update1:::::: cpe:2.3:a:oracle:jdk:1.5.0:update10:::::: cpe:2.3:a:oracle:jdk:1.5.0:update12:::::: cpe:2.3:a:oracle:jdk:1.5.0:update13:::::: cpe:2.3:a:oracle:jdk:1.5.0:update14:::::: cpe:2.3:a:oracle:jdk:1.5.0:update15:::::: cpe:2.3:a:oracle:jdk:1.5.0:update16:::::: cpe:2.3:a:oracle:jdk:1.5.0:update17:::::: cpe:2.3:a:oracle:jdk:1.5.0:update18:::::: cpe:2.3:a:oracle:jdk:1.5.0:update19:::::: cpe:2.3:a:oracle:jdk:1.5.0:update2:::::: cpe:2.3:a:oracle:jdk:1.5.0:update3:::::: cpe:2.3:a:oracle:jdk:1.5.0:update4:::::: cpe:2.3:a:oracle:jdk:1.5.0:update5:::::: cpe:2.3:a:oracle:jdk:1.5.0:update6:::::: cpe:2.3:a:oracle:jdk:1.5.0:update7:::::: cpe:2.3:a:oracle:jdk:1.5.0:update8:::::: cpe:2.3:a:oracle:jdk:1.5.0:update9:::::: cpe:2.3:a:oracle:jdk:1.5.0:update75:::::: cpe:2.3:a:oracle:jdk:1.5.0:update65:::::: cpe:2.3:a:oracle:jdk:1.5.0:update61:::::: cpe:2.3:a:oracle:jdk:1.5.0:update55:::::: cpe:2.3:a:oracle:jdk:1.5.0:update38:::::: cpe:2.3:a:oracle:jdk:1.5.0:update36:::::: cpe:2.3:a:oracle:jdk:1.5.0:update40:::::: cpe:2.3:a:oracle:jdk:1.5.0:update41:::::: cpe:2.3:a:oracle:jdk:1.5.0:update45:::::: cpe:2.3:a:oracle:jdk:1.5.0:update51:::::: cpe:2.3:a:oracle:jdk:1.5.0:update39:::::: cpe:2.3:a:oracle:jdk:1.5.0:update20:::::: cpe:2.3:a:oracle:jdk:1.5.0:update21:::::: cpe:2.3:a:oracle:jdk:1.5.0:update22:::::: cpe:2.3:a:oracle:jdk:1.5.0:update23:::::: cpe:2.3:a:oracle:jdk:1.5.0:update24:::::: cpe:2.3:a:oracle:jdk:1.5.0:update25:::::: cpe:2.3:a:oracle:jdk:1.5.0:update26:::::: cpe:2.3:a:oracle:jdk:1.5.0:update27:::::: cpe:2.3:a:oracle:jdk:1.5.0:update28:::::: cpe:2.3:a:oracle:jdk:1.5.0:update29:::::: cpe:2.3:a:oracle:jdk:1.5.0:update30:::::: cpe:2.3:a:oracle:jdk:1.5.0:update31:::::: cpe:2.3:a:oracle:jdk:1.5.0:update32:::::: cpe:2.3:a:oracle:jdk:1.5.0:update33:::::: cpe:2.3:a:oracle:jdk:1.5.0:update34:::::: cpe:2.3:a:oracle:jdk:1.5.0:update35:::::: cpe:2.3:a:oracle:jdk:1.4.2_40:::::::* cpe:2.3:a:oracle:jdk:1.4.2_38:::::::* cpe:2.3:a:oracle:jdk::::::::	269
Application	Oracle Jre cpe:2.3:a:oracle:jre:1.7.0:update1:::::: cpe:2.3:a:oracle:jre:1.7.0:update2:::::: cpe:2.3:a:oracle:jre:1.7.0:-:::::: cpe:2.3:a:oracle:jre:1.7.0:update4:::::: cpe:2.3:a:oracle:jre:1.7.0:update3:::::: cpe:2.3:a:oracle:jre:1.7.0:update5:::::: cpe:2.3:a:oracle:jre:1.7.0:update7:::::: cpe:2.3:a:oracle:jre:1.7.0:update6:::::: cpe:2.3:a:oracle:jre:1.7.0:update11:::::: cpe:2.3:a:oracle:jre:1.7.0:update10:::::: cpe:2.3:a:oracle:jre:1.7.0:update9:::::: cpe:2.3:a:oracle:jre:1.7.0:update13:::::: cpe:2.3:a:oracle:jre:1.7.0:update15:::::: cpe:2.3:a:oracle:jre:1.7.0:update17:::::: cpe:2.3:a:oracle:jre:1.7.0:update21:::::: cpe:2.3:a:oracle:jre:1.7.0:update25:::::: cpe:2.3:a:oracle:jre:1.7.0:update11:~~~windows~~:::::* cpe:2.3:a:oracle:jre:1.7.0:update10:~~~windows~~:::::* cpe:2.3:a:oracle:jre:1.7.0:update_67:::::: cpe:2.3:a:oracle:jre:1.7.0:update_75:::::: cpe:2.3:a:oracle:jre:1.7.0:update_80:::::: cpe:2.3:a:oracle:jre:1.7.0:update_85:::::: cpe:2.3:a:oracle:jre:1.7.0:update121:::::: cpe:2.3:a:oracle:jre:1.7.0:update10_b31:::::: cpe:2.3:a:oracle:jre:1.7.0:update11_b32:::::: cpe:2.3:a:oracle:jre:1.7.0:update17_b31:::::: cpe:2.3:a:oracle:jre:1.7.0:update17_b32:::::: cpe:2.3:a:oracle:jre:1.7.0:update21_b31:::::: cpe:2.3:a:oracle:jre:1.7.0:update25_b33:::::: cpe:2.3:a:oracle:jre:1.7.0:update25_b34:::::: cpe:2.3:a:oracle:jre:1.7.0:update25_b35:::::: cpe:2.3:a:oracle:jre:1.7.0:update40:::::: cpe:2.3:a:oracle:jre:1.7.0:update45:::::: cpe:2.3:a:oracle:jre:1.7.0:update45_b31:::::: cpe:2.3:a:oracle:jre:1.7.0:update45_b32:::::: cpe:2.3:a:oracle:jre:1.7.0:update45_b33:::::: cpe:2.3:a:oracle:jre:1.7.0:update45_b34:::::: cpe:2.3:a:oracle:jre:1.7.0:update51:::::: cpe:2.3:a:oracle:jre:1.7.0:update7_b32:::::: cpe:2.3:a:oracle:jre:1.7.0:update9_b31:::::: cpe:2.3:a:oracle:jre:1.7.0:update9_b32:::::: cpe:2.3:a:oracle:jre:1.7.0:update_131:::::: cpe:2.3:a:oracle:jre:1.7.0:update10::::windows::* cpe:2.3:a:oracle:jre:1.7.0:update11::::windows::* cpe:2.3:a:oracle:jre:1.7.0:update_241:::::: cpe:2.3:a:oracle:jre:1.7.0:update301:::::: cpe:2.3:a:oracle:jre:1.7.0:update321:::::: cpe:2.3:a:oracle:jre:1.7.0:update331:::::: cpe:2.3:a:oracle:jre:1.7.0:update251:::::: cpe:2.3:a:oracle:jre:1.7.0:update231:::::: cpe:2.3:a:oracle:jre:1.7.0:update221:::::: cpe:2.3:a:oracle:jre:1.7.0:update211:::::: cpe:2.3:a:oracle:jre:1.7.0:update201:::::: cpe:2.3:a:oracle:jre:1.7.0:update191:::::: cpe:2.3:a:oracle:jre:1.7.0:update181:::::: cpe:2.3:a:oracle:jre:1.7.0:update171:::::: cpe:2.3:a:oracle:jre:1.7.0:update161:::::: cpe:2.3:a:oracle:jre:1.7.0:update151:::::: cpe:2.3:a:oracle:jre:1.7.0:update141:::::: cpe:2.3:a:oracle:jre:1.7.0:update111:::::: cpe:2.3:a:oracle:jre:1.7.0:update101:::::: cpe:2.3:a:oracle:jre:1.7.0:update99:::::: cpe:2.3:a:oracle:jre:1.7.0:update97:::::: cpe:2.3:a:oracle:jre:1.7.0:update95:::::: cpe:2.3:a:oracle:jre:1.7.0:update91:::::: cpe:2.3:a:oracle:jre:1.7.0:update76:::::: cpe:2.3:a:oracle:jre:1.7.0:update72:::::: cpe:2.3:a:oracle:jre:1.7.0:update71:::::: cpe:2.3:a:oracle:jre:1.7.0:update60:::::: cpe:2.3:a:oracle:jre:1.7.0:update343:::::: cpe:2.3:a:oracle:jre:1.7:update_131:::::: cpe:2.3:a:oracle:jre:1.6.0:update19:::::: cpe:2.3:a:oracle:jre:1.6.0:update_10:::::: cpe:2.3:a:oracle:jre:1.6.0:update_81:::::: cpe:2.3:a:oracle:jre:1.6.0:update_95:::::: cpe:2.3:a:oracle:jre:1.6.0:update_101:::::: cpe:2.3:a:oracle:jre:1.6.0:update131:::::: cpe:2.3:a:oracle:jre:1.6.0:update201:::::: cpe:2.3:a:oracle:jre:1.6.0:update191:::::: cpe:2.3:a:oracle:jre:1.6.0:update181:::::: cpe:2.3:a:oracle:jre:1.6.0:update171:::::: cpe:2.3:a:oracle:jre:1.6.0:update161:::::: cpe:2.3:a:oracle:jre:1.6.0:update151:::::: cpe:2.3:a:oracle:jre:1.6.0:update141:::::: cpe:2.3:a:oracle:jre:1.6.0:update121:::::: cpe:2.3:a:oracle:jre:1.6.0:update115:::::: cpe:2.3:a:oracle:jre:1.6.0:update113:::::: cpe:2.3:a:oracle:jre:1.6.0:update111:::::: cpe:2.3:a:oracle:jre:1.6.0:update105:::::: cpe:2.3:a:oracle:jre:1.6.0:update91:::::: cpe:2.3:a:oracle:jre:1.6.0:update85:::::: cpe:2.3:a:oracle:jre:1.6.0:update75:::::: cpe:2.3:a:oracle:jre:1.6.0:update71:::::: cpe:2.3:a:oracle:jre:1.6.0:update65:::::: cpe:2.3:a:oracle:jre:1.6.0:update45:::::: cpe:2.3:a:oracle:jre:1.6.0:update30:::::: cpe:2.3:a:oracle:jre:1.6.0:update33:::::: cpe:2.3:a:oracle:jre:1.6.0:update32:::::: cpe:2.3:a:oracle:jre:1.6.0:update24:::::: cpe:2.3:a:oracle:jre:1.6.0:update35:::::: cpe:2.3:a:oracle:jre:1.6.0:update25:::::: cpe:2.3:a:oracle:jre:1.6.0:update39:::::: cpe:2.3:a:oracle:jre:1.6.0:update51:::::: cpe:2.3:a:oracle:jre:1.6.0:update31:::::: cpe:2.3:a:oracle:jre:1.6.0:update22:::::: cpe:2.3:a:oracle:jre:1.6.0:update38:::::: cpe:2.3:a:oracle:jre:1.6.0:update37:::::: cpe:2.3:a:oracle:jre:1.6.0:update29:::::: cpe:2.3:a:oracle:jre:1.6.0:update27:::::: cpe:2.3:a:oracle:jre:1.6.0:update23:::::: cpe:2.3:a:oracle:jre:1.6.0:update41:::::: cpe:2.3:a:oracle:jre:1.6.0:update43:::::: cpe:2.3:a:oracle:jre:1.6.0:update34:::::: cpe:2.3:a:oracle:jre:1.6.0:update26:::::: cpe:2.3:a:oracle:jre:1.6.0:update60:::::: cpe:2.3:a:oracle:jre:1.6.0:-:::::: cpe:2.3:a:oracle:jre:1.6.0:update1:::::: cpe:2.3:a:oracle:jre:1.6.0:update10:::::: cpe:2.3:a:oracle:jre:1.6.0:update11:::::: cpe:2.3:a:oracle:jre:1.6.0:update12:::::: cpe:2.3:a:oracle:jre:1.6.0:update13:::::: cpe:2.3:a:oracle:jre:1.6.0:update14:::::: cpe:2.3:a:oracle:jre:1.6.0:update15:::::: cpe:2.3:a:oracle:jre:1.6.0:update16:::::: cpe:2.3:a:oracle:jre:1.6.0:update17:::::: cpe:2.3:a:oracle:jre:1.6.0:update18:::::: cpe:2.3:a:oracle:jre:1.6.0:update2:::::: cpe:2.3:a:oracle:jre:1.6.0:update20:::::: cpe:2.3:a:oracle:jre:1.6.0:update21:::::: cpe:2.3:a:oracle:jre:1.6.0:update3:::::: cpe:2.3:a:oracle:jre:1.6.0:update5:::::: cpe:2.3:a:oracle:jre:1.6.0:update4:::::: cpe:2.3:a:oracle:jre:1.6.0:update6:::::: cpe:2.3:a:oracle:jre:1.6.0:update7:::::: cpe:2.3:a:oracle:jre:1.6.0:update8:::::: cpe:2.3:a:oracle:jre:1.6.0:update9:::::: cpe:2.3:a:oracle:jre:1.6:update_141:::::: cpe:2.3:a:oracle:jre:1.5.0:update_71:::::: cpe:2.3:a:oracle:jre:1.5.0:update81:::::: cpe:2.3:a:oracle:jre:1.5.0:update75:::::: cpe:2.3:a:oracle:jre:1.5.0:update65:::::: cpe:2.3:a:oracle:jre:1.5.0:update61:::::: cpe:2.3:a:oracle:jre:1.5.0:update55:::::: cpe:2.3:a:oracle:jre:1.5.0:update38:::::: cpe:2.3:a:oracle:jre:1.5.0:update36:::::: cpe:2.3:a:oracle:jre:1.5.0:update40:::::: cpe:2.3:a:oracle:jre:1.5.0:update41:::::: cpe:2.3:a:oracle:jre:1.5.0:update45:::::: cpe:2.3:a:oracle:jre:1.5.0:update51:::::: cpe:2.3:a:oracle:jre:1.5.0:update39:::::: cpe:2.3:a:oracle:jre:1.5.0:update2:::::: cpe:2.3:a:oracle:jre:1.5.0:update3:::::: cpe:2.3:a:oracle:jre:1.5.0:update4:::::: cpe:2.3:a:oracle:jre:1.5.0:update5:::::: cpe:2.3:a:oracle:jre:1.5.0:update6:::::: cpe:2.3:a:oracle:jre:1.5.0:update7:::::: cpe:2.3:a:oracle:jre:1.5.0:update8:::::: cpe:2.3:a:oracle:jre:1.5.0:update9:::::: cpe:2.3:a:oracle:jre:1.5.0:update10:::::: cpe:2.3:a:oracle:jre:1.5.0:update11:::::: cpe:2.3:a:oracle:jre:1.5.0:update12:::::: cpe:2.3:a:oracle:jre:1.5.0:update13:::::: cpe:2.3:a:oracle:jre:1.5.0:update14:::::: cpe:2.3:a:oracle:jre:1.5.0:update15:::::: cpe:2.3:a:oracle:jre:1.5.0:update16:::::: cpe:2.3:a:oracle:jre:1.5.0:update17:::::: cpe:2.3:a:oracle:jre:1.5.0:update18:::::: cpe:2.3:a:oracle:jre:1.5.0:update19:::::: cpe:2.3:a:oracle:jre:1.5.0:update20:::::: cpe:2.3:a:oracle:jre:1.5.0:update21:::::: cpe:2.3:a:oracle:jre:1.5.0:update22:::::: cpe:2.3:a:oracle:jre:1.5.0:update23:::::: cpe:2.3:a:oracle:jre:1.5.0:update24:::::: cpe:2.3:a:oracle:jre:1.5.0:update25:::::: cpe:2.3:a:oracle:jre:1.5.0:update26:::::: cpe:2.3:a:oracle:jre:1.5.0:update27:::::: cpe:2.3:a:oracle:jre:1.5.0:update28:::::: cpe:2.3:a:oracle:jre:1.5.0:update29:::::: cpe:2.3:a:oracle:jre:1.5.0:update30:::::: cpe:2.3:a:oracle:jre:1.5.0:update31:::::: cpe:2.3:a:oracle:jre:1.5.0:update32:::::: cpe:2.3:a:oracle:jre:1.5.0:update33:::::: cpe:2.3:a:oracle:jre:1.5.0:update34:::::: cpe:2.3:a:oracle:jre:1.5.0:update35:::::: cpe:2.3:a:oracle:jre:1.5.0:-:::::: cpe:2.3:a:oracle:jre:1.5.0:update1:::::: cpe:2.3:a:oracle:jre:1.4.2_40:::::::* cpe:2.3:a:oracle:jre:1.4.2_38:::::::* cpe:2.3:a:oracle:jre::::::::	189
Application	Oracle Jrockit cpe:2.3:a:oracle:jrockit:r28.2.9:::::::* cpe:2.3:a:oracle:jrockit:r28.2.6:::::::* cpe:2.3:a:oracle:jrockit:r28.2.5:::::::* cpe:2.3:a:oracle:jrockit:r28.2.4:::::::* cpe:2.3:a:oracle:jrockit:r28.2.3:::::::* cpe:2.3:a:oracle:jrockit:r28.2.2:::::::* cpe:2.3:a:oracle:jrockit:r28.2.0:::::::* cpe:2.3:a:oracle:jrockit:r28.1.5:::::::* cpe:2.3:a:oracle:jrockit:r28.1.4:::::::* cpe:2.3:a:oracle:jrockit:r28.1.3:::::::* cpe:2.3:a:oracle:jrockit:r28.1.1:::::::* cpe:2.3:a:oracle:jrockit:r28.1.0:::::::* cpe:2.3:a:oracle:jrockit:r28.0.2:::::::* cpe:2.3:a:oracle:jrockit:r28.0.1:::::::* cpe:2.3:a:oracle:jrockit:r28.0.0:::::::* cpe:2.3:a:oracle:jrockit:r27.8.4:::::::* cpe:2.3:a:oracle:jrockit:r27.8.3:::::::* cpe:2.3:a:oracle:jrockit:r27.8.2:::::::* cpe:2.3:a:oracle:jrockit:r27.8.1:::::::* cpe:2.3:a:oracle:jrockit:r27.7.7:::::::* cpe:2.3:a:oracle:jrockit:r27.7.6:::::::* cpe:2.3:a:oracle:jrockit:r27.7.5:::::::* cpe:2.3:a:oracle:jrockit:r27.7.4:::::::* cpe:2.3:a:oracle:jrockit:r27.7.3:::::::* cpe:2.3:a:oracle:jrockit:r27.7.2:::::::* cpe:2.3:a:oracle:jrockit:r27.7.1:::::::* cpe:2.3:a:oracle:jrockit:r27.7.0:::::::* cpe:2.3:a:oracle:jrockit:r27.6.2:::::::* cpe:2.3:a:oracle:jrockit:r27.6.1:::::::* cpe:2.3:a:oracle:jrockit:r27.6.0:::::::* cpe:2.3:a:oracle:jrockit:r27.6:::::::* cpe:2.3:a:oracle:jrockit:r27.5:::::::* cpe:2.3:a:oracle:jrockit:r27.4:::::::* cpe:2.3:a:oracle:jrockit:r27.3.1:::::::* cpe:2.3:a:oracle:jrockit:r27.3:::::::* cpe:2.3:a:oracle:jrockit:r27.2:::::::* cpe:2.3:a:oracle:jrockit:r27.1:::::::* cpe:2.3:a:oracle:jrockit:r26.4:::::::* cpe:2.3:a:oracle:jrockit:r26.3:::::::* cpe:2.3:a:oracle:jrockit:r26.2:::::::* cpe:2.3:a:oracle:jrockit:r26.1:::::::* cpe:2.3:a:oracle:jrockit:r26.0:::::::*	42
Application	Oracle Openjdk cpe:2.3:a:oracle:openjdk:1.7.0:-:::::: cpe:2.3:a:oracle:openjdk:1.7.0:update2:::::: cpe:2.3:a:oracle:openjdk:1.7.0:update3:::::: cpe:2.3:a:oracle:openjdk:1.7.0:update4:::::: cpe:2.3:a:oracle:openjdk:1.7.0:update5:::::: cpe:2.3:a:oracle:openjdk:1.7.0:update6:::::: cpe:2.3:a:oracle:openjdk:1.7.0:update7:::::: cpe:2.3:a:oracle:openjdk:1.7.0:update9:::::: cpe:2.3:a:oracle:openjdk:1.7.0:update10:::::: cpe:2.3:a:oracle:openjdk:1.7.0:update11:::::: cpe:2.3:a:oracle:openjdk:1.7.0:update13:::::: cpe:2.3:a:oracle:openjdk:1.7.0:update1:::::: cpe:2.3:a:oracle:openjdk:1.7.0:::::::* cpe:2.3:a:oracle:openjdk:1.6.0:update34:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update35:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update37:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update38:::::: cpe:2.3:a:oracle:openjdk:1.6.0:-:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update2:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update3:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update4:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update5:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update6:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update7:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update11:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update12:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update13:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update14:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update15:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update16:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update17:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update18:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update19:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update20:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update21:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update22:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update23:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update24:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update25:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update26:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update27:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update29:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update30:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update31:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update32:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update33:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update1:::::: cpe:2.3:a:oracle:openjdk:1.6.0:update10::::::	48
Application	Polarssl cpe:2.3:a:polarssl:polarssl:1.1.4:::::::* cpe:2.3:a:polarssl:polarssl:1.1.3:::::::* cpe:2.3:a:polarssl:polarssl:1.1.2:::::::* cpe:2.3:a:polarssl:polarssl:1.1.1:::::::* cpe:2.3:a:polarssl:polarssl:1.1.0:::::::* cpe:2.3:a:polarssl:polarssl:1.1.0:rc1:::::: cpe:2.3:a:polarssl:polarssl:1.1.0:rc0:::::: cpe:2.3:a:polarssl:polarssl:1.0.0:::::::* cpe:2.3:a:polarssl:polarssl:0.99:pre4:::::: cpe:2.3:a:polarssl:polarssl:0.99:pre5:::::: cpe:2.3:a:polarssl:polarssl:0.99:pre1:::::: cpe:2.3:a:polarssl:polarssl:0.99:pre3:::::: cpe:2.3:a:polarssl:polarssl:0.14.3:::::::* cpe:2.3:a:polarssl:polarssl:0.14.2:::::::* cpe:2.3:a:polarssl:polarssl:0.14.0:::::::* cpe:2.3:a:polarssl:polarssl:0.13.1:::::::* cpe:2.3:a:polarssl:polarssl:0.12.1:::::::* cpe:2.3:a:polarssl:polarssl:0.12.0:::::::* cpe:2.3:a:polarssl:polarssl:0.11.1:::::::* cpe:2.3:a:polarssl:polarssl:0.11.0:::::::* cpe:2.3:a:polarssl:polarssl:0.10.1:::::::* cpe:2.3:a:polarssl:polarssl:0.10.0:::::::*	22
Application	Sun Jdk cpe:2.3:a:sun:jdk:1.6.0.210:update21:::::: cpe:2.3:a:sun:jdk:1.6.0.200:update20:::::: cpe:2.3:a:sun:jdk:1.6.0:update_4:::::: cpe:2.3:a:sun:jdk:1.6.0:update_18:::::: cpe:2.3:a:sun:jdk:1.6.0:update1:::::: cpe:2.3:a:sun:jdk:1.6.0:update1_b06:::::: cpe:2.3:a:sun:jdk:1.6.0:update2:::::: cpe:2.3:a:sun:jdk:1.6.0:update_14:::::: cpe:2.3:a:sun:jdk:1.6.0:update_10:::::: cpe:2.3:a:sun:jdk:1.6.0:update_7:::::: cpe:2.3:a:sun:jdk:1.6.0:update_17:::::: cpe:2.3:a:sun:jdk:1.6.0:update_13:::::: cpe:2.3:a:sun:jdk:1.6.0:update_6:::::: cpe:2.3:a:sun:jdk:1.6.0:update_20:::::: cpe:2.3:a:sun:jdk:1.6.0:update_5:::::: cpe:2.3:a:sun:jdk:1.6.0:update_16:::::: cpe:2.3:a:sun:jdk:1.6.0:update_3:::::: cpe:2.3:a:sun:jdk:1.6.0:update_19:::::: cpe:2.3:a:sun:jdk:1.6.0:update_15:::::: cpe:2.3:a:sun:jdk:1.6.0:update_21:::::: cpe:2.3:a:sun:jdk:1.6.0:update_12:::::: cpe:2.3:a:sun:jdk:1.6.0:update_11:::::: cpe:2.3:a:sun:jdk:1.6.0:-:::::: cpe:2.3:a:sun:jdk:1.6.0:update_20:x64:::::* cpe:2.3:a:sun:jdk:1.5.0:update25:::::: cpe:2.3:a:sun:jdk:1.5.0:update10:::::: cpe:2.3:a:sun:jdk:1.5.0:update5:::::: cpe:2.3:a:sun:jdk:1.5.0:update7:::::: cpe:2.3:a:sun:jdk:1.5.0:update6:::::: cpe:2.3:a:sun:jdk:1.5.0:update3:::::: cpe:2.3:a:sun:jdk:1.5.0:update16:::::: cpe:2.3:a:sun:jdk:1.5.0:update4:::::: cpe:2.3:a:sun:jdk:1.5.0:update17:::::: cpe:2.3:a:sun:jdk:1.5.0:update9:::::: cpe:2.3:a:sun:jdk:1.5.0:update19:::::: cpe:2.3:a:sun:jdk:1.5.0:update15:::::: cpe:2.3:a:sun:jdk:1.5.0:update21:::::: cpe:2.3:a:sun:jdk:1.5.0:update2:::::: cpe:2.3:a:sun:jdk:1.5.0:update12:::::: cpe:2.3:a:sun:jdk:1.5.0:update23:::::: cpe:2.3:a:sun:jdk:1.5.0:update8:::::: cpe:2.3:a:sun:jdk:1.5.0:update18:::::: cpe:2.3:a:sun:jdk:1.5.0:update11:::::: cpe:2.3:a:sun:jdk:1.5.0:update24:::::: cpe:2.3:a:sun:jdk:1.5.0:update22:::::: cpe:2.3:a:sun:jdk:1.5.0:update20:::::: cpe:2.3:a:sun:jdk:1.5.0:update14:::::: cpe:2.3:a:sun:jdk:1.5.0:update13:::::: cpe:2.3:a:sun:jdk:1.5.0:update1:::::: cpe:2.3:a:sun:jdk:1.5.0:update11_b03:::::: cpe:2.3:a:sun:jdk:1.5.0:update7_b03:::::: cpe:2.3:a:sun:jdk:1.5.0:update26:::::: cpe:2.3:a:sun:jdk:1.5.0:update27:::::: cpe:2.3:a:sun:jdk:1.5.0:update29:::::: cpe:2.3:a:sun:jdk:1.5.0:update33:::::: cpe:2.3:a:sun:jdk:1.5.0:update31:::::: cpe:2.3:a:sun:jdk:1.5.0:update28:::::: cpe:2.3:a:sun:jdk:1.5.0:-:::::: cpe:2.3:a:sun:jdk:1.5.0:update_1:::::: cpe:2.3:a:sun:jdk:1.5.0:update_16:::::: cpe:2.3:a:sun:jdk:1.5.0:update_10:::::: cpe:2.3:a:sun:jdk:1.5.0:update_4:::::: cpe:2.3:a:sun:jdk:1.5.0:update_9:::::: cpe:2.3:a:sun:jdk:1.5.0:update_14:::::: cpe:2.3:a:sun:jdk:1.5.0:update_20:::::: cpe:2.3:a:sun:jdk:1.5.0:update_21:::::: cpe:2.3:a:sun:jdk:1.5.0:update_7:::::: cpe:2.3:a:sun:jdk:1.5.0:update_18:::::: cpe:2.3:a:sun:jdk:1.5.0:update_6:::::: cpe:2.3:a:sun:jdk:1.5.0:update_12:::::: cpe:2.3:a:sun:jdk:1.5.0:update_2:::::: cpe:2.3:a:sun:jdk:1.5.0:update_13:::::: cpe:2.3:a:sun:jdk:1.5.0:update_3:::::: cpe:2.3:a:sun:jdk:1.5.0:update_15:::::: cpe:2.3:a:sun:jdk:1.5.0:update_17:::::: cpe:2.3:a:sun:jdk:1.5.0:update_19:::::: cpe:2.3:a:sun:jdk:1.5.0:update_5:::::: cpe:2.3:a:sun:jdk:1.5.0:update_22:::::: cpe:2.3:a:sun:jdk:1.5.0:update_8:::::: cpe:2.3:a:sun:jdk:1.5.0:update_11:::::: cpe:2.3:a:sun:jdk:1.5.0:update35:::::: cpe:2.3:a:sun:jdk:1.4.2_9:::::::* cpe:2.3:a:sun:jdk:1.4.2_8:::::::* cpe:2.3:a:sun:jdk:1.4.2_7:::::::* cpe:2.3:a:sun:jdk:1.4.2_6:::::::* cpe:2.3:a:sun:jdk:1.4.2_5:::::::* cpe:2.3:a:sun:jdk:1.4.2_4:::::::* cpe:2.3:a:sun:jdk:1.4.2_37:::::::* cpe:2.3:a:sun:jdk:1.4.2_36:::::::* cpe:2.3:a:sun:jdk:1.4.2_35:::::::* cpe:2.3:a:sun:jdk:1.4.2_34:::::::* cpe:2.3:a:sun:jdk:1.4.2_33:::::::* cpe:2.3:a:sun:jdk:1.4.2_32:::::::* cpe:2.3:a:sun:jdk:1.4.2_31:::::::* cpe:2.3:a:sun:jdk:1.4.2_30:::::::* cpe:2.3:a:sun:jdk:1.4.2_3:::::::* cpe:2.3:a:sun:jdk:1.4.2_29:::::::* cpe:2.3:a:sun:jdk:1.4.2_28:::::::* cpe:2.3:a:sun:jdk:1.4.2_27:::::::* cpe:2.3:a:sun:jdk:1.4.2_26:::::::* cpe:2.3:a:sun:jdk:1.4.2_25:::::::* cpe:2.3:a:sun:jdk:1.4.2_24:::::::* cpe:2.3:a:sun:jdk:1.4.2_24::solaris::::: cpe:2.3:a:sun:jdk:1.4.2_23:::::::* cpe:2.3:a:sun:jdk:1.4.2_22:::::::* cpe:2.3:a:sun:jdk:1.4.2_21:::::::* cpe:2.3:a:sun:jdk:1.4.2_20:::::::* cpe:2.3:a:sun:jdk:1.4.2_2:::::::* cpe:2.3:a:sun:jdk:1.4.2_19:::::::* cpe:2.3:a:sun:jdk:1.4.2_18:::::::* cpe:2.3:a:sun:jdk:1.4.2_17:::::::* cpe:2.3:a:sun:jdk:1.4.2_16:::::::* cpe:2.3:a:sun:jdk:1.4.2_15:::::::* cpe:2.3:a:sun:jdk:1.4.2_14:::::::* cpe:2.3:a:sun:jdk:1.4.2_13:::::::* cpe:2.3:a:sun:jdk:1.4.2_12:::::::* cpe:2.3:a:sun:jdk:1.4.2_11:::::::* cpe:2.3:a:sun:jdk:1.4.2_10:::::::* cpe:2.3:a:sun:jdk:1.4.2_1:::::::* cpe:2.3:a:sun:jdk:1.4.2_08::windows::::: cpe:2.3:a:sun:jdk:1.4.2_08::solaris::::: cpe:2.3:a:sun:jdk:1.4.2_08::linux::::: cpe:2.3:a:sun:jdk:1.4.2_05::windows::::: cpe:2.3:a:sun:jdk:1.4.2_05::linux::::: cpe:2.3:a:sun:jdk:1.4.2_05::solaris::::: cpe:2.3:a:sun:jdk:1.4.2_04::linux::::: cpe:2.3:a:sun:jdk:1.4.2_04::solaris::::: cpe:2.3:a:sun:jdk:1.4.2_04::windows::::: cpe:2.3:a:sun:jdk:1.4.2_03::windows::::: cpe:2.3:a:sun:jdk:1.4.2_03::linux::::: cpe:2.3:a:sun:jdk:1.4.2_03::solaris::::: cpe:2.3:a:sun:jdk:1.4.2_02::linux::::: cpe:2.3:a:sun:jdk:1.4.2_01::linux::::: cpe:2.3:a:sun:jdk:1.4.2:-:::::: cpe:2.3:a:sun:jdk:1.4.2::solaris::::: cpe:2.3:a:sun:jdk:1.4.2::windows::::: cpe:2.3:a:sun:jdk:1.4.2::linux::::: cpe:2.3:a:sun:jdk:1.4.1_07:::::::* cpe:2.3:a:sun:jdk:1.4.1_06:::::::* cpe:2.3:a:sun:jdk:1.4.1_05:::::::* cpe:2.3:a:sun:jdk:1.4.1_04:::::::* cpe:2.3:a:sun:jdk:1.4.1_03:::::::* cpe:2.3:a:sun:jdk:1.4.1_03::solaris::::: cpe:2.3:a:sun:jdk:1.4.1_03::windows::::: cpe:2.3:a:sun:jdk:1.4.1_03::linux::::: cpe:2.3:a:sun:jdk:1.4.1_02:::::::* cpe:2.3:a:sun:jdk:1.4.1_02::windows::::: cpe:2.3:a:sun:jdk:1.4.1_02::linux::::: cpe:2.3:a:sun:jdk:1.4.1_02::solaris::::: cpe:2.3:a:sun:jdk:1.4.1_01:::::::* cpe:2.3:a:sun:jdk:1.4.1_01::linux::::: cpe:2.3:a:sun:jdk:1.4.1_01::solaris::::: cpe:2.3:a:sun:jdk:1.4.1_01::windows::::: cpe:2.3:a:sun:jdk:1.4.1:::::::* cpe:2.3:a:sun:jdk:1.4.1::windows::::: cpe:2.3:a:sun:jdk:1.4.1::solaris::::: cpe:2.3:a:sun:jdk:1.4.1::linux::::: cpe:2.3:a:sun:jdk:1.4.0_4::solaris::::: cpe:2.3:a:sun:jdk:1.4.0_4::windows::::: cpe:2.3:a:sun:jdk:1.4.0_4::linux::::: cpe:2.3:a:sun:jdk:1.4.0_04:::::::* cpe:2.3:a:sun:jdk:1.4.0_03:::::::* cpe:2.3:a:sun:jdk:1.4.0_03::linux::::: cpe:2.3:a:sun:jdk:1.4.0_03::solaris::::: cpe:2.3:a:sun:jdk:1.4.0_03::windows::::: cpe:2.3:a:sun:jdk:1.4.0_02:::::::* cpe:2.3:a:sun:jdk:1.4.0_02::linux::::: cpe:2.3:a:sun:jdk:1.4.0_02::solaris::::: cpe:2.3:a:sun:jdk:1.4.0_02::windows::::: cpe:2.3:a:sun:jdk:1.4.0_01:::::::* cpe:2.3:a:sun:jdk:1.4.0_01::windows::::: cpe:2.3:a:sun:jdk:1.4.0:-:::::: cpe:2.3:a:sun:jdk:1.4::linux::::: cpe:2.3:a:sun:jdk:1.4::windows::::: cpe:2.3:a:sun:jdk:1.4::solaris::::: cpe:2.3:a:sun:jdk:1.3.1_28:::::::* cpe:2.3:a:sun:jdk:1.3.1_27:::::::* cpe:2.3:a:sun:jdk:1.3.1_26:::::::* cpe:2.3:a:sun:jdk:1.3.1_25:::::::* cpe:2.3:a:sun:jdk:1.3.1_24:::::::* cpe:2.3:a:sun:jdk:1.3.1_23:::::::* cpe:2.3:a:sun:jdk:1.3.1_22:::::::* cpe:2.3:a:sun:jdk:1.3.1_21:::::::* cpe:2.3:a:sun:jdk:1.3.1_20:::::::* cpe:2.3:a:sun:jdk:1.3.1_19:::::::* cpe:2.3:a:sun:jdk:1.3.1_18:::::::* cpe:2.3:a:sun:jdk:1.3.1_17:::::::* cpe:2.3:a:sun:jdk:1.3.1_16:::::::* cpe:2.3:a:sun:jdk:1.3.1_15:::::::* cpe:2.3:a:sun:jdk:1.3.1_15::linux::::: cpe:2.3:a:sun:jdk:1.3.1_15::solaris::::: cpe:2.3:a:sun:jdk:1.3.1_15::windows::::: cpe:2.3:a:sun:jdk:1.3.1_14:::::::* cpe:2.3:a:sun:jdk:1.3.1_14::solaris::::: cpe:2.3:a:sun:jdk:1.3.1_14::windows::::: cpe:2.3:a:sun:jdk:1.3.1_14::linux::::: cpe:2.3:a:sun:jdk:1.3.1_13:::::::* cpe:2.3:a:sun:jdk:1.3.1_13::windows::::: cpe:2.3:a:sun:jdk:1.3.1_13::solaris::::: cpe:2.3:a:sun:jdk:1.3.1_13::linux::::: cpe:2.3:a:sun:jdk:1.3.1_12:::::::* cpe:2.3:a:sun:jdk:1.3.1_12::solaris::::: cpe:2.3:a:sun:jdk:1.3.1_12::windows::::: cpe:2.3:a:sun:jdk:1.3.1_12::linux::::: cpe:2.3:a:sun:jdk:1.3.1_11:::::::* cpe:2.3:a:sun:jdk:1.3.1_11::linux::::: cpe:2.3:a:sun:jdk:1.3.1_11::windows::::: cpe:2.3:a:sun:jdk:1.3.1_11::solaris::::: cpe:2.3:a:sun:jdk:1.3.1_10:::::::* cpe:2.3:a:sun:jdk:1.3.1_10::linux::::: cpe:2.3:a:sun:jdk:1.3.1_10::solaris::::: cpe:2.3:a:sun:jdk:1.3.1_10::windows::::: cpe:2.3:a:sun:jdk:1.3.1_09:::::::* cpe:2.3:a:sun:jdk:1.3.1_09::solaris::::: cpe:2.3:a:sun:jdk:1.3.1_09::linux::::: cpe:2.3:a:sun:jdk:1.3.1_09::windows::::: cpe:2.3:a:sun:jdk:1.3.1_08:::::::* cpe:2.3:a:sun:jdk:1.3.1_08::solaris::::: cpe:2.3:a:sun:jdk:1.3.1_08::windows::::: cpe:2.3:a:sun:jdk:1.3.1_08::linux::::: cpe:2.3:a:sun:jdk:1.3.1_07:::::::* cpe:2.3:a:sun:jdk:1.3.1_07::windows::::: cpe:2.3:a:sun:jdk:1.3.1_07::solaris::::: cpe:2.3:a:sun:jdk:1.3.1_07::linux::::: cpe:2.3:a:sun:jdk:1.3.1_06:::::::* cpe:2.3:a:sun:jdk:1.3.1_06::windows::::: cpe:2.3:a:sun:jdk:1.3.1_06::solaris::::: cpe:2.3:a:sun:jdk:1.3.1_06::linux::::: cpe:2.3:a:sun:jdk:1.3.1_05:::::::* cpe:2.3:a:sun:jdk:1.3.1_05::linux::::: cpe:2.3:a:sun:jdk:1.3.1_05::windows::::: cpe:2.3:a:sun:jdk:1.3.1_05::solaris::::: cpe:2.3:a:sun:jdk:1.3.1_04:::::::* cpe:2.3:a:sun:jdk:1.3.1_04::windows::::: cpe:2.3:a:sun:jdk:1.3.1_03:::::::* cpe:2.3:a:sun:jdk:1.3.1_03::solaris::::: cpe:2.3:a:sun:jdk:1.3.1_03::windows::::: cpe:2.3:a:sun:jdk:1.3.1_03::linux::::: cpe:2.3:a:sun:jdk:1.3.1_02:::::::* cpe:2.3:a:sun:jdk:1.3.1_02::windows::::: cpe:2.3:a:sun:jdk:1.3.1_02::linux::::: cpe:2.3:a:sun:jdk:1.3.1_02::solaris::::: cpe:2.3:a:sun:jdk:1.3.1_01a:::::::* cpe:2.3:a:sun:jdk:1.3.1_01a::windows::::: cpe:2.3:a:sun:jdk:1.3.1_01:::::::* cpe:2.3:a:sun:jdk:1.3.1_01::linux::::: cpe:2.3:a:sun:jdk:1.3.1_01::solaris::::: cpe:2.3:a:sun:jdk:1.3.1:update19:::::: cpe:2.3:a:sun:jdk:1.3.1:update20:::::: cpe:2.3:a:sun:jdk:1.3.1:-:::::: cpe:2.3:a:sun:jdk:1.3.0_05:::::::* cpe:2.3:a:sun:jdk:1.3.0_05::linux::::: cpe:2.3:a:sun:jdk:1.3.0_05::windows::::: cpe:2.3:a:sun:jdk:1.3.0_05::solaris::::: cpe:2.3:a:sun:jdk:1.3.0_04:::::::* cpe:2.3:a:sun:jdk:1.3.0_03:::::::* cpe:2.3:a:sun:jdk:1.3.0_02:::::::* cpe:2.3:a:sun:jdk:1.3.0_02::windows::::: cpe:2.3:a:sun:jdk:1.3.0_02::solaris::::: cpe:2.3:a:sun:jdk:1.3.0_02::linux::::: cpe:2.3:a:sun:jdk:1.3.0_01:::::::* cpe:2.3:a:sun:jdk:1.3.0:::::::* cpe:2.3:a:sun:jdk:1.3_05::solaris::::: cpe:2.3:a:sun:jdk:1.3_02::solaris::::: cpe:2.3:a:sun:jdk:1.3::solaris::::: cpe:2.3:a:sun:jdk:1.2.2_12::windows::::: cpe:2.3:a:sun:jdk:1.2.2_11::linux::::: cpe:2.3:a:sun:jdk:1.2.2_11::windows::::: cpe:2.3:a:sun:jdk:1.2.2_11::solaris::::: cpe:2.3:a:sun:jdk:1.2.2_10::solaris::::: cpe:2.3:a:sun:jdk:1.2.2_10::windows::::: cpe:2.3:a:sun:jdk:1.2.2_10::linux::::: cpe:2.3:a:sun:jdk:1.2.2_07a::solaris::::: cpe:2.3:a:sun:jdk:1.2.2_07::windows::::: cpe:2.3:a:sun:jdk:1.2.2_07::linux::::: cpe:2.3:a:sun:jdk:1.2.2_07::solaris::::: cpe:2.3:a:sun:jdk:1.2.2:update4:::::: cpe:2.3:a:sun:jdk:1.2.2:update5:::::: cpe:2.3:a:sun:jdk:1.2.2::solaris::::: cpe:2.3:a:sun:jdk:1.2.1:update3:::::: cpe:2.3:a:sun:jdk:1.2.1:-:::::: cpe:2.3:a:sun:jdk:1.2.0:::::::* cpe:2.3:a:sun:jdk:1.1.8:update13:::::: cpe:2.3:a:sun:jdk:1.1.8:update14:::::: cpe:2.3:a:sun:jdk:1.1.8:update2:::::: cpe:2.3:a:sun:jdk:1.1.8:update8:::::: cpe:2.3:a:sun:jdk:1.1.8:update10:::::: cpe:2.3:a:sun:jdk:1.1.8:update7:::::: cpe:2.3:a:sun:jdk:1.1.7b:update5:::::: cpe:2.3:a:sun:jdk:1.1.7b:-:::::: cpe:2.3:a:sun:jdk:1.1.6:update7:::::: cpe:2.3:a:sun:jdk:1.1.6:-:::::: cpe:2.3:a:sun:jdk:1.1.0:::::::*	293
Application	Sun Jre cpe:2.3:a:sun:jre:1.6.0:update_4:::::: cpe:2.3:a:sun:jre:1.6.0:update_16:::::: cpe:2.3:a:sun:jre:1.6.0:update_14:::::: cpe:2.3:a:sun:jre:1.6.0:update_10:::::: cpe:2.3:a:sun:jre:1.6.0:update_20:::::: cpe:2.3:a:sun:jre:1.6.0:update_18:::::: cpe:2.3:a:sun:jre:1.6.0:update_11:::::: cpe:2.3:a:sun:jre:1.6.0:update_13:::::: cpe:2.3:a:sun:jre:1.6.0:update_6:::::: cpe:2.3:a:sun:jre:1.6.0:update_1:::::: cpe:2.3:a:sun:jre:1.6.0:update_17:::::: cpe:2.3:a:sun:jre:1.6.0:update_7:::::: cpe:2.3:a:sun:jre:1.6.0:update_12:::::: cpe:2.3:a:sun:jre:1.6.0:update_15:::::: cpe:2.3:a:sun:jre:1.6.0:update_3:::::: cpe:2.3:a:sun:jre:1.6.0:update_2:::::: cpe:2.3:a:sun:jre:1.6.0:update_21:::::: cpe:2.3:a:sun:jre:1.6.0:update_5:::::: cpe:2.3:a:sun:jre:1.6.0:update_19:::::: cpe:2.3:a:sun:jre:1.6.0:update_9:::::: cpe:2.3:a:sun:jre:1.6.0:-:::::: cpe:2.3:a:sun:jre:1.5.0:update16:::::: cpe:2.3:a:sun:jre:1.5.0:update17:::::: cpe:2.3:a:sun:jre:1.5.0:update15:::::: cpe:2.3:a:sun:jre:1.5.0:update22:::::: cpe:2.3:a:sun:jre:1.5.0:update12:::::: cpe:2.3:a:sun:jre:1.5.0:update10:::::: cpe:2.3:a:sun:jre:1.5.0:update6:::::: cpe:2.3:a:sun:jre:1.5.0:update13:::::: cpe:2.3:a:sun:jre:1.5.0:update14:::::: cpe:2.3:a:sun:jre:1.5.0:update24:::::: cpe:2.3:a:sun:jre:1.5.0:update11:::::: cpe:2.3:a:sun:jre:1.5.0:update18:::::: cpe:2.3:a:sun:jre:1.5.0:update8:::::: cpe:2.3:a:sun:jre:1.5.0:update1:::::: cpe:2.3:a:sun:jre:1.5.0:update9:::::: cpe:2.3:a:sun:jre:1.5.0:update21:::::: cpe:2.3:a:sun:jre:1.5.0:update20:::::: cpe:2.3:a:sun:jre:1.5.0:update3:::::: cpe:2.3:a:sun:jre:1.5.0:update25:::::: cpe:2.3:a:sun:jre:1.5.0:update4:::::: cpe:2.3:a:sun:jre:1.5.0:update5:::::: cpe:2.3:a:sun:jre:1.5.0:update2:::::: cpe:2.3:a:sun:jre:1.5.0:update7:::::: cpe:2.3:a:sun:jre:1.5.0:update23:::::: cpe:2.3:a:sun:jre:1.5.0:update19:::::: cpe:2.3:a:sun:jre:1.5.0:update27:::::: cpe:2.3:a:sun:jre:1.5.0:update26:::::: cpe:2.3:a:sun:jre:1.5.0:update28:::::: cpe:2.3:a:sun:jre:1.5.0:update31:::::: cpe:2.3:a:sun:jre:1.5.0:update33:::::: cpe:2.3:a:sun:jre:1.5.0:update29:::::: cpe:2.3:a:sun:jre:1.5.0:-:::::: cpe:2.3:a:sun:jre:1.5.0:update_6:::::: cpe:2.3:a:sun:jre:1.5.0:update_7:::::: cpe:2.3:a:sun:jre:1.5.0:update_15:::::: cpe:2.3:a:sun:jre:1.5.0:update_1:::::: cpe:2.3:a:sun:jre:1.5.0:update_3:::::: cpe:2.3:a:sun:jre:1.5.0:update_8:::::: cpe:2.3:a:sun:jre:1.5.0:update_17:::::: cpe:2.3:a:sun:jre:1.5.0:update_2:::::: cpe:2.3:a:sun:jre:1.5.0:update_18:::::: cpe:2.3:a:sun:jre:1.5.0:update_12:::::: cpe:2.3:a:sun:jre:1.5.0:update_9:::::: cpe:2.3:a:sun:jre:1.5.0:update_21:::::: cpe:2.3:a:sun:jre:1.5.0:update_19:::::: cpe:2.3:a:sun:jre:1.5.0:update_14:::::: cpe:2.3:a:sun:jre:1.5.0:update_16:::::: cpe:2.3:a:sun:jre:1.5.0:update_4:::::: cpe:2.3:a:sun:jre:1.5.0:update_13:::::: cpe:2.3:a:sun:jre:1.5.0:update_20:::::: cpe:2.3:a:sun:jre:1.5.0:update_5:::::: cpe:2.3:a:sun:jre:1.5.0:update_11:::::: cpe:2.3:a:sun:jre:1.5.0:update35:::::: cpe:2.3:a:sun:jre:1.4.2_9:::::::* cpe:2.3:a:sun:jre:1.4.2_8:::::::* cpe:2.3:a:sun:jre:1.4.2_7:::::::* cpe:2.3:a:sun:jre:1.4.2_6:::::::* cpe:2.3:a:sun:jre:1.4.2_5:::::::* cpe:2.3:a:sun:jre:1.4.2_4:::::::* cpe:2.3:a:sun:jre:1.4.2_37:::::::* cpe:2.3:a:sun:jre:1.4.2_36:::::::* cpe:2.3:a:sun:jre:1.4.2_35:::::::* cpe:2.3:a:sun:jre:1.4.2_34:::::::* cpe:2.3:a:sun:jre:1.4.2_33:::::::* cpe:2.3:a:sun:jre:1.4.2_32:::::::* cpe:2.3:a:sun:jre:1.4.2_31:::::::* cpe:2.3:a:sun:jre:1.4.2_30:::::::* cpe:2.3:a:sun:jre:1.4.2_3:::::::* cpe:2.3:a:sun:jre:1.4.2_29:::::::* cpe:2.3:a:sun:jre:1.4.2_28:::::::* cpe:2.3:a:sun:jre:1.4.2_27:::::::* cpe:2.3:a:sun:jre:1.4.2_26:::::::* cpe:2.3:a:sun:jre:1.4.2_25:::::::* cpe:2.3:a:sun:jre:1.4.2_24:::::::* cpe:2.3:a:sun:jre:1.4.2_23:::::::* cpe:2.3:a:sun:jre:1.4.2_22:::::::* cpe:2.3:a:sun:jre:1.4.2_21:::::::* cpe:2.3:a:sun:jre:1.4.2_20:::::::* cpe:2.3:a:sun:jre:1.4.2_2:::::::* cpe:2.3:a:sun:jre:1.4.2_19:::::::* cpe:2.3:a:sun:jre:1.4.2_18:::::::* cpe:2.3:a:sun:jre:1.4.2_17:::::::* cpe:2.3:a:sun:jre:1.4.2_16:::::::* cpe:2.3:a:sun:jre:1.4.2_15:::::::* cpe:2.3:a:sun:jre:1.4.2_14:::::::* cpe:2.3:a:sun:jre:1.4.2_13:::::::* cpe:2.3:a:sun:jre:1.4.2_12:::::::* cpe:2.3:a:sun:jre:1.4.2_11:::::::* cpe:2.3:a:sun:jre:1.4.2_10:::::::* cpe:2.3:a:sun:jre:1.4.2_1:::::::* cpe:2.3:a:sun:jre:1.4.2_09:::::::* cpe:2.3:a:sun:jre:1.4.2_08:::::::* cpe:2.3:a:sun:jre:1.4.2_07:::::::* cpe:2.3:a:sun:jre:1.4.2_06:::::::* cpe:2.3:a:sun:jre:1.4.2_05:::::::* cpe:2.3:a:sun:jre:1.4.2_04:::::::* cpe:2.3:a:sun:jre:1.4.2_03:::::::* cpe:2.3:a:sun:jre:1.4.2_02:::::::* cpe:2.3:a:sun:jre:1.4.2_01:::::::* cpe:2.3:a:sun:jre:1.4.2:update1:solaris:::::* cpe:2.3:a:sun:jre:1.4.2:update4:linux:::::* cpe:2.3:a:sun:jre:1.4.2::solaris::::: cpe:2.3:a:sun:jre:1.4.2:update2:linux:::::* cpe:2.3:a:sun:jre:1.4.2:update1:linux:::::* cpe:2.3:a:sun:jre:1.4.2:update1:windows:::::* cpe:2.3:a:sun:jre:1.4.2:update4:solaris:::::* cpe:2.3:a:sun:jre:1.4.2:update3:windows:::::* cpe:2.3:a:sun:jre:1.4.2:update2:solaris:::::* cpe:2.3:a:sun:jre:1.4.2:update5:windows:::::* cpe:2.3:a:sun:jre:1.4.2::linux::::: cpe:2.3:a:sun:jre:1.4.2:update5:linux:::::* cpe:2.3:a:sun:jre:1.4.2:update2:windows:::::* cpe:2.3:a:sun:jre:1.4.2:update3:linux:::::* cpe:2.3:a:sun:jre:1.4.2::windows::::: cpe:2.3:a:sun:jre:1.4.2:update3:solaris:::::* cpe:2.3:a:sun:jre:1.4.2:update4:windows:::::* cpe:2.3:a:sun:jre:1.4.2:update5:solaris:::::* cpe:2.3:a:sun:jre:1.4.2:update20:::::: cpe:2.3:a:sun:jre:1.4.2:update17:::::: cpe:2.3:a:sun:jre:1.4.2:update19:::::: cpe:2.3:a:sun:jre:1.4.2:update18:::::: cpe:2.3:a:sun:jre:1.4.2:update16:::::: cpe:2.3:a:sun:jre:1.4.2:update28:::::: cpe:2.3:a:sun:jre:1.4.2:-:::::: cpe:2.3:a:sun:jre:1.4.1_07::windows::::: cpe:2.3:a:sun:jre:1.4.1_07::solaris::::: cpe:2.3:a:sun:jre:1.4.1_07::linux::::: cpe:2.3:a:sun:jre:1.4.1_07:::::::* cpe:2.3:a:sun:jre:1.4.1_06::solaris::::: cpe:2.3:a:sun:jre:1.4.1_06:::::::* cpe:2.3:a:sun:jre:1.4.1_06::linux::::: cpe:2.3:a:sun:jre:1.4.1_06::windows::::: cpe:2.3:a:sun:jre:1.4.1_05::linux::::: cpe:2.3:a:sun:jre:1.4.1_05::windows::::: cpe:2.3:a:sun:jre:1.4.1_05:::::::* cpe:2.3:a:sun:jre:1.4.1_05::solaris::::: cpe:2.3:a:sun:jre:1.4.1_04:::::::* cpe:2.3:a:sun:jre:1.4.1_04::windows::::: cpe:2.3:a:sun:jre:1.4.1_04::linux::::: cpe:2.3:a:sun:jre:1.4.1_04::solaris::::: cpe:2.3:a:sun:jre:1.4.1_03::solaris::::: cpe:2.3:a:sun:jre:1.4.1_03:::::::* cpe:2.3:a:sun:jre:1.4.1_03::windows::::: cpe:2.3:a:sun:jre:1.4.1_03::linux::::: cpe:2.3:a:sun:jre:1.4.1_02::solaris::::: cpe:2.3:a:sun:jre:1.4.1_02::linux::::: cpe:2.3:a:sun:jre:1.4.1_02::windows::::: cpe:2.3:a:sun:jre:1.4.1_02:::::::* cpe:2.3:a:sun:jre:1.4.1_01::solaris::::: cpe:2.3:a:sun:jre:1.4.1_01::windows::::: cpe:2.3:a:sun:jre:1.4.1_01::linux::::: cpe:2.3:a:sun:jre:1.4.1_01:::::::* cpe:2.3:a:sun:jre:1.4.1:update3:::::: cpe:2.3:a:sun:jre:1.4.1::linux::::: cpe:2.3:a:sun:jre:1.4.1:update3:linux:::::* cpe:2.3:a:sun:jre:1.4.1:update3:solaris:::::* cpe:2.3:a:sun:jre:1.4.1::windows::::: cpe:2.3:a:sun:jre:1.4.1::solaris::::: cpe:2.3:a:sun:jre:1.4.1:update3:windows:::::* cpe:2.3:a:sun:jre:1.4.1:update2:::::: cpe:2.3:a:sun:jre:1.4.1:update4:::::: cpe:2.3:a:sun:jre:1.4.1:update1:::::: cpe:2.3:a:sun:jre:1.4.1:update7:::::: cpe:2.3:a:sun:jre:1.4.1:update6:::::: cpe:2.3:a:sun:jre:1.4.1:update5:::::: cpe:2.3:a:sun:jre:1.4.1:-:::::: cpe:2.3:a:sun:jre:1.4.0_04::solaris::::: cpe:2.3:a:sun:jre:1.4.0_04::windows::::: cpe:2.3:a:sun:jre:1.4.0_04::linux::::: cpe:2.3:a:sun:jre:1.4.0_04:::::::* cpe:2.3:a:sun:jre:1.4.0_03::solaris::::: cpe:2.3:a:sun:jre:1.4.0_03::linux::::: cpe:2.3:a:sun:jre:1.4.0_03::windows::::: cpe:2.3:a:sun:jre:1.4.0_03:::::::* cpe:2.3:a:sun:jre:1.4.0_02::linux::::: cpe:2.3:a:sun:jre:1.4.0_02::windows::::: cpe:2.3:a:sun:jre:1.4.0_02::solaris::::: cpe:2.3:a:sun:jre:1.4.0_02:::::::* cpe:2.3:a:sun:jre:1.4.0_01::solaris::::: cpe:2.3:a:sun:jre:1.4.0_01::windows::::: cpe:2.3:a:sun:jre:1.4.0_01::linux::::: cpe:2.3:a:sun:jre:1.4.0_01:::::::* cpe:2.3:a:sun:jre:1.4.0:::::::* cpe:2.3:a:sun:jre:1.4:::::::* cpe:2.3:a:sun:jre:1.4::linux::::: cpe:2.3:a:sun:jre:1.4::solaris::::: cpe:2.3:a:sun:jre:1.4::windows::::: cpe:2.3:a:sun:jre:1.3.1_9:::::::* cpe:2.3:a:sun:jre:1.3.1_8:::::::* cpe:2.3:a:sun:jre:1.3.1_7:::::::* cpe:2.3:a:sun:jre:1.3.1_6:::::::* cpe:2.3:a:sun:jre:1.3.1_5:::::::* cpe:2.3:a:sun:jre:1.3.1_4:::::::* cpe:2.3:a:sun:jre:1.3.1_3:::::::* cpe:2.3:a:sun:jre:1.3.1_28:::::::* cpe:2.3:a:sun:jre:1.3.1_27:::::::* cpe:2.3:a:sun:jre:1.3.1_26:::::::* cpe:2.3:a:sun:jre:1.3.1_25:::::::* cpe:2.3:a:sun:jre:1.3.1_24:::::::* cpe:2.3:a:sun:jre:1.3.1_23:::::::* cpe:2.3:a:sun:jre:1.3.1_22:::::::* cpe:2.3:a:sun:jre:1.3.1_21:::::::* cpe:2.3:a:sun:jre:1.3.1_20:::::::* cpe:2.3:a:sun:jre:1.3.1_2:::::::* cpe:2.3:a:sun:jre:1.3.1_19:::::::* cpe:2.3:a:sun:jre:1.3.1_18:::::::* cpe:2.3:a:sun:jre:1.3.1_17:::::::* cpe:2.3:a:sun:jre:1.3.1_16:::::::* cpe:2.3:a:sun:jre:1.3.1_15:::::::* cpe:2.3:a:sun:jre:1.3.1_14:::::::* cpe:2.3:a:sun:jre:1.3.1_13:::::::* cpe:2.3:a:sun:jre:1.3.1_12:::::::* cpe:2.3:a:sun:jre:1.3.1_11:::::::* cpe:2.3:a:sun:jre:1.3.1_10:::::::* cpe:2.3:a:sun:jre:1.3.1_1:::::::* cpe:2.3:a:sun:jre:1.3.1_09:::::::* cpe:2.3:a:sun:jre:1.3.1_09::linux::::: cpe:2.3:a:sun:jre:1.3.1_09::solaris::::: cpe:2.3:a:sun:jre:1.3.1_09::windows::::: cpe:2.3:a:sun:jre:1.3.1_08:::::::* cpe:2.3:a:sun:jre:1.3.1_07:::::::* cpe:2.3:a:sun:jre:1.3.1_07::solaris::::: cpe:2.3:a:sun:jre:1.3.1_07::linux::::: cpe:2.3:a:sun:jre:1.3.1_07::windows::::: cpe:2.3:a:sun:jre:1.3.1_06:::::::* cpe:2.3:a:sun:jre:1.3.1_06::solaris::::: cpe:2.3:a:sun:jre:1.3.1_06::linux::::: cpe:2.3:a:sun:jre:1.3.1_06::windows::::: cpe:2.3:a:sun:jre:1.3.1_05:::::::* cpe:2.3:a:sun:jre:1.3.1_05::linux::::: cpe:2.3:a:sun:jre:1.3.1_05::windows::::: cpe:2.3:a:sun:jre:1.3.1_05::solaris::::: cpe:2.3:a:sun:jre:1.3.1_04:::::::* cpe:2.3:a:sun:jre:1.3.1_03:::::::* cpe:2.3:a:sun:jre:1.3.1_03::windows::::: cpe:2.3:a:sun:jre:1.3.1_03::solaris::::: cpe:2.3:a:sun:jre:1.3.1_03::linux::::: cpe:2.3:a:sun:jre:1.3.1_02::solaris::::: cpe:2.3:a:sun:jre:1.3.1_02::windows::::: cpe:2.3:a:sun:jre:1.3.1_02::linux::::: cpe:2.3:a:sun:jre:1.3.1_02:::::::* cpe:2.3:a:sun:jre:1.3.1_01a:::::::* cpe:2.3:a:sun:jre:1.3.1_01:::::::* cpe:2.3:a:sun:jre:1.3.1:update2:::::: cpe:2.3:a:sun:jre:1.3.1:update1:::::: cpe:2.3:a:sun:jre:1.3.1:update16:::::: cpe:2.3:a:sun:jre:1.3.1:update18:::::: cpe:2.3:a:sun:jre:1.3.1:update20:::::: cpe:2.3:a:sun:jre:1.3.1:update19:::::: cpe:2.3:a:sun:jre:1.3.1:update1a:::::: cpe:2.3:a:sun:jre:1.3.1:update8:::::: cpe:2.3:a:sun:jre:1.3.1:update15:::::: cpe:2.3:a:sun:jre:1.3.1:update4:::::: cpe:2.3:a:sun:jre:1.3.1:update4:windows:::::* cpe:2.3:a:sun:jre:1.3.1::linux::::: cpe:2.3:a:sun:jre:1.3.1:update8:solaris:::::* cpe:2.3:a:sun:jre:1.3.1:update1a:windows:::::* cpe:2.3:a:sun:jre:1.3.1:update1:linux:::::* cpe:2.3:a:sun:jre:1.3.1:update4:solaris:::::* cpe:2.3:a:sun:jre:1.3.1:update8:windows:::::* cpe:2.3:a:sun:jre:1.3.1:update1:windows:::::* cpe:2.3:a:sun:jre:1.3.1:update1:solaris:::::* cpe:2.3:a:sun:jre:1.3.1:update8:linux:::::* cpe:2.3:a:sun:jre:1.3.1:update12:::::: cpe:2.3:a:sun:jre:1.3.1:update17:::::: cpe:2.3:a:sun:jre:1.3.1:-:::::: cpe:2.3:a:sun:jre:1.3.0:update5:::::: cpe:2.3:a:sun:jre:1.3.0:update4:::::: cpe:2.3:a:sun:jre:1.3.0:update1:::::: cpe:2.3:a:sun:jre:1.3.0:update3:::::: cpe:2.3:a:sun:jre:1.3.0:update2:::::: cpe:2.3:a:sun:jre:1.3.0:update4:windows:::::* cpe:2.3:a:sun:jre:1.3.0:update5:linux:::::* cpe:2.3:a:sun:jre:1.3.0:update5:solaris:::::* cpe:2.3:a:sun:jre:1.3.0:update3:linux:::::* cpe:2.3:a:sun:jre:1.3.0::windows::::: cpe:2.3:a:sun:jre:1.3.0:update4:linux:::::* cpe:2.3:a:sun:jre:1.3.0:update2:solaris:::::* cpe:2.3:a:sun:jre:1.3.0:update1:linux:::::* cpe:2.3:a:sun:jre:1.3.0::linux::::: cpe:2.3:a:sun:jre:1.3.0:update5:windows:::::* cpe:2.3:a:sun:jre:1.3.0:update2:linux:::::* cpe:2.3:a:sun:jre:1.3.0::solaris::::: cpe:2.3:a:sun:jre:1.3.0:update2:windows:::::* cpe:2.3:a:sun:jre:1.3.0:-:::::: cpe:2.3:a:sun:jre:1.2.2_07::solaris::::: cpe:2.3:a:sun:jre:1.2.2_012::solaris::::: cpe:2.3:a:sun:jre:1.2.2_011::solaris::::: cpe:2.3:a:sun:jre:1.2.2_011::linux::::: cpe:2.3:a:sun:jre:1.2.2_011::windows::::: cpe:2.3:a:sun:jre:1.2.2_007::linux::::: cpe:2.3:a:sun:jre:1.2.2_007::solaris::::: cpe:2.3:a:sun:jre:1.2.2_007::windows::::: cpe:2.3:a:sun:jre:1.2.2_006::linux::::: cpe:2.3:a:sun:jre:1.2.2_005::linux::::: cpe:2.3:a:sun:jre:1.2.2_004::linux::::: cpe:2.3:a:sun:jre:1.2.2_003::linux::::: cpe:2.3:a:sun:jre:1.2.2_003::linux_production::::: cpe:2.3:a:sun:jre:1.2.2::solaris::::: cpe:2.3:a:sun:jre:1.2.2:update10:linux:::::* cpe:2.3:a:sun:jre:1.2.2:update10:solaris:::::* cpe:2.3:a:sun:jre:1.2.2::windows::::: cpe:2.3:a:sun:jre:1.2.2:update10:windows:::::* cpe:2.3:a:sun:jre:1.2.2::linux_production::::: cpe:2.3:a:sun:jre:1.2.2:update10:::::: cpe:2.3:a:sun:jre:1.2:::::::* cpe:2.3:a:sun:jre:1.1.8:update13:::::: cpe:2.3:a:sun:jre:1.1.8:update7:::::: cpe:2.3:a:sun:jre:1.1.8:update8:::::: cpe:2.3:a:sun:jre:1.1.8:update14:::::: cpe:2.3:a:sun:jre:1.1:::::::*	332
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:13.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::* cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:12.04::::-::: cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::	5
Os	Redhat Enterprise Linux Desktop cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*	2
Os	Redhat Enterprise Linux Desktop Supplementary cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:::::::*	2
Os	Redhat Enterprise Linux Eus cpe:2.3:o:redhat:enterprise_linux_eus:6.4:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:6.3:::::::*	2
Os	Redhat Enterprise Linux Hpc Node Supplementary cpe:2.3:o:redhat:enterprise_linux_hpc_node_supplementary:6.0:::::::*	1
Os	Redhat Enterprise Linux Server cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*	2
Os	Redhat Enterprise Linux Server Aus cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*	1
Os	Redhat Enterprise Linux Server Supplementary cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:::::::*	2
Os	Redhat Enterprise Linux Server Supplementary Aus cpe:2.3:o:redhat:enterprise_linux_server_supplementary_aus:6.5:::::::*	1
Os	Redhat Enterprise Linux Server Supplementary Eus cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.5.z:::::::*	1
Os	Redhat Enterprise Linux Workstation cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*	2
Os	Redhat Enterprise Linux Workstation Supplementary cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:::::::*	1

SAINT Exploits

Description	Link
Java JAX-WS gmbal package sandbox breach	More info here
Java JAX-WS statistics.impl package sandbox breach	More info here
Oracle Java java.awt.image.ByteComponentRaster Overflow	More info here
Java SE AtomicReferenceArray Unsafe Security Bypass	More info here
Java Runtime Environment DriverManager doPrivileged block sandbox bypass	More info here
Oracle Java Runtime Hotspot Bytecode Verifier Type Confusion	More info here
Oracle Java Runtime Environment AWT storeImageArray Vulnerability	More info here
Java Runtime Environment Hotspot final field vulnerability	More info here
Java Runtime Environment java.awt.image.IntegerComponentRaster buffer overflow	More info here
Java Web Start initial heap size command injection	More info here
Java Runtime Environment Color Management memory overwrite	More info here
Oracle Java findMethod findClass Security Bypass	More info here
Java MBeanInstantiator.findClass and Recursive Reflection Sandbox Escape	More info here
Oracle Java Serviceability Subcomponent ProviderSkeleton Class Vulnerability	More info here

ExploitDB Exploits

id	Description
2013-09-03	Oracle Java lookUpByteBI - Heap Buffer Overflow
2013-08-19	Java storeImageArray() Invalid Array Indexing Vulnerability
2013-07-01	Java Applet ProviderSkeleton Insecure Invoke Method
2013-06-11	Java Applet Driver Manager Privileged toString() Remote Code Execution
2013-06-11	Java Web Start Double Quote Injection Remote Code Execution
2013-04-18	Java Web Start Launcher ActiveX Control - Memory Corruption
2013-03-29	Java CMM Remote Code Execution
2013-01-24	Java Applet AverageRangeStatisticImpl Remote Code Execution
2013-01-24	Java Applet Method Handle Remote Code Execution
2013-01-11	Java Applet JMX Remote Code Execution
2012-11-13	Java Applet JAX-WS Remote Code Execution
2012-07-11	Java Applet Field Bytecode Verifier Cache Remote Code Execution
2012-03-30	Java AtomicReferenceArray Type Violation Vulnerability
2012-01-03	PHP Hash Table Collision Proof Of Concept

OpenVAS Exploits

Date	Description
2012-12-13	Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1424-1 (java-1_6_0-openjdk) File : nvt/gb_suse_2012_1424_1.nasl
2012-12-13	Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1423-1 (java-1_6_0-openjdk) File : nvt/gb_suse_2012_1423_1.nasl
2012-12-13	Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1175-1 (java-1_6_0-openjdk) File : nvt/gb_suse_2012_1175_1.nasl
2012-12-13	Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:0828-1 (java-1_6_0-openjdk) File : nvt/gb_suse_2012_0828_1.nasl
2012-11-02	Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:169 (java-1.6.0-openjdk) File : nvt/gb_mandriva_MDVSA_2012_169.nasl
2012-10-29	Name : Ubuntu Update for openjdk-7 USN-1619-1 File : nvt/gb_ubuntu_USN_1619_1.nasl
2012-10-19	Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1384-01 File : nvt/gb_RHSA-2012_1384-01_java-1.6.0-openjdk.nasl
2012-10-19	Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1385-01 File : nvt/gb_RHSA-2012_1385-01_java-1.6.0-openjdk.nasl
2012-10-19	Name : RedHat Update for java-1.7.0-openjdk RHSA-2012:1386-01 File : nvt/gb_RHSA-2012_1386-01_java-1.7.0-openjdk.nasl
2012-10-19	Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 Oct (Windows) File : nvt/gb_oracle_java_se_mult_vuln01_oct12_win.nasl
2012-10-19	Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 oct12 (Windows) File : nvt/gb_oracle_java_se_mult_vuln02_oct12_win.nasl
2012-10-19	Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-03 oct12 (Windows) File : nvt/gb_oracle_java_se_mult_vuln03_oct12_win.nasl
2012-10-19	Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-04 oct12 (Windows) File : nvt/gb_oracle_java_se_mult_vuln04_oct12_win.nasl
2012-10-19	Name : CentOS Update for java CESA-2012:1386 centos6 File : nvt/gb_CESA-2012_1386_java_centos6.nasl
2012-10-19	Name : CentOS Update for java CESA-2012:1385 centos5 File : nvt/gb_CESA-2012_1385_java_centos5.nasl
2012-10-19	Name : CentOS Update for java CESA-2012:1384 centos6 File : nvt/gb_CESA-2012_1384_java_centos6.nasl
2012-10-19	Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-16346 File : nvt/gb_fedora_2012_16346_java-1.7.0-openjdk_fc17.nasl
2012-10-19	Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-16351 File : nvt/gb_fedora_2012_16351_java-1.6.0-openjdk_fc16.nasl
2012-10-19	Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-16351 File : nvt/gb_fedora_2012_16351_java-1.7.0-openjdk_fc16.nasl
2012-10-09	Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:150-1 (java-1.6.0-openjdk) File : nvt/gb_mandriva_MDVSA_2012_150_1.nasl
2012-09-22	Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-13127 File : nvt/gb_fedora_2012_13127_java-1.6.0-openjdk_fc16.nasl
2012-09-21	Name : Java for Mac OS X 10.6 Update 10 File : nvt/gb_macosx_java_10_6_upd_10.nasl
2012-09-06	Name : Ubuntu Update for icedtea-web USN-1505-2 File : nvt/gb_ubuntu_USN_1505_2.nasl
2012-09-04	Name : RedHat Update for java-1.7.0-openjdk RHSA-2012:1223-01 File : nvt/gb_RHSA-2012_1223-01_java-1.7.0-openjdk.nasl
2012-09-04	Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1222-01 File : nvt/gb_RHSA-2012_1222-01_java-1.6.0-openjdk.nasl
2012-09-04	Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1221-01 File : nvt/gb_RHSA-2012_1221-01_java-1.6.0-openjdk.nasl
2012-09-04	Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-13131 File : nvt/gb_fedora_2012_13131_java-1.7.0-openjdk_fc17.nasl
2012-09-04	Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-13138 File : nvt/gb_fedora_2012_13138_java-1.7.0-openjdk_fc16.nasl
2012-09-04	Name : CentOS Update for java CESA-2012:1223 centos6 File : nvt/gb_CESA-2012_1223_java_centos6.nasl
2012-09-04	Name : CentOS Update for java CESA-2012:1222 centos5 File : nvt/gb_CESA-2012_1222_java_centos5.nasl
2012-09-04	Name : CentOS Update for java CESA-2012:1221 centos6 File : nvt/gb_CESA-2012_1221_java_centos6.nasl
2012-09-04	Name : Ubuntu Update for openjdk-6 USN-1553-1 File : nvt/gb_ubuntu_USN_1553_1.nasl
2012-09-03	Name : Oracle Java SE JRE Multiple Remote Code Execution Vulnerabilities - (Windows) File : nvt/gb_oracle_java_se_jre_mult_code_exec_vuln_win.nasl
2012-09-03	Name : Oracle Java SE JRE AWT Component Unspecified Vulnerability - (Windows) File : nvt/gb_oracle_java_se_jre_awt_comp_unspecified_vuln_win.nasl
2012-08-31	Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries. File : nvt/gb_VMSA-2012-0013.nasl
2012-08-30	Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-9590 File : nvt/gb_fedora_2012_9590_java-1.7.0-openjdk_fc17.nasl
2012-08-30	Name : FreeBSD Ports: openjdk File : nvt/freebsd_openjdk.nasl
2012-08-30	Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-2595 File : nvt/gb_fedora_2012_2595_java-1.7.0-openjdk_fc17.nasl
2012-08-23	Name : Oracle Java SE Java Runtime Environment Multiple Unspecified Vulnerabilities(... File : nvt/gb_oracle_java_se_mult_unspecified_vuln02_aug12_win.nasl
2012-08-22	Name : Oracle Java SE Java Runtime Environment Multiple Unspecified Vulnerabilities(... File : nvt/gb_oracle_java_se_mult_unspecified_vuln01_aug12_win.nasl
2012-08-22	Name : Oracle Java SE Java Runtime Environment Multiple Unspecified Vulnerabilities ... File : nvt/gb_oracle_java_se_mult_unspecified_vuln_aug12_win.nasl
2012-08-22	Name : Oracle Java SE Java Runtime Environment Unspecified Vulnerability - (Windows) File : nvt/gb_oracle_java_se_unspecified_vuln_win.nasl
2012-08-22	Name : Oracle Java SE Java Runtime Environment Code Execution Vulnerability - (Windows) File : nvt/gb_oracle_java_se_code_exec_vuln_win.nasl
2012-08-10	Name : Debian Security Advisory DSA 2507-1 (openjdk-6) File : nvt/deb_2507_1.nasl
2012-08-03	Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:095 (java-1.6.0-openjdk) File : nvt/gb_mandriva_MDVSA_2012_095.nasl
2012-08-02	Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:0309-1 (java-1_6_0-openjdk) File : nvt/gb_suse_2012_0309_1.nasl
2012-07-30	Name : CentOS Update for java CESA-2012:0730 centos5 File : nvt/gb_CESA-2012_0730_java_centos5.nasl
2012-07-30	Name : CentOS Update for java CESA-2012:1009 centos6 File : nvt/gb_CESA-2012_1009_java_centos6.nasl
2012-07-30	Name : CentOS Update for java CESA-2012:0729 centos6 File : nvt/gb_CESA-2012_0729_java_centos6.nasl
2012-07-30	Name : CentOS Update for java CESA-2012:0135 centos6 File : nvt/gb_CESA-2012_0135_java_centos6.nasl
2012-07-16	Name : Ubuntu Update for openjdk-6 USN-1505-1 File : nvt/gb_ubuntu_USN_1505_1.nasl
2012-07-09	Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:0135-01 File : nvt/gb_RHSA-2012_0135-01_java-1.6.0-openjdk.nasl
2012-06-22	Name : RedHat Update for java-1.7.0-openjdk RHSA-2012:1009-01 File : nvt/gb_RHSA-2012_1009-01_java-1.7.0-openjdk.nasl
2012-06-19	Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-9545 File : nvt/gb_fedora_2012_9545_java-1.6.0-openjdk_fc16.nasl
2012-06-19	Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-9593 File : nvt/gb_fedora_2012_9593_java-1.7.0-openjdk_fc16.nasl
2012-06-19	Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-9541 File : nvt/gb_fedora_2012_9541_java-1.6.0-openjdk_fc15.nasl
2012-06-15	Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:0730-01 File : nvt/gb_RHSA-2012_0730-01_java-1.6.0-openjdk.nasl
2012-06-15	Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:0729-01 File : nvt/gb_RHSA-2012_0729-01_java-1.6.0-openjdk.nasl
2012-04-09	Name : Java Runtime Environment Multiple Vulnerabilities (MAC OS X) File : nvt/gb_jre_mult_vuln_macosx.nasl
2012-04-02	Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-1711 File : nvt/gb_fedora_2012_1711_java-1.6.0-openjdk_fc16.nasl
2012-04-02	Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-1690 File : nvt/gb_fedora_2012_1690_java-1.7.0-openjdk_fc16.nasl
2012-03-12	Name : Debian Security Advisory DSA 2420-1 (openjdk-6) File : nvt/deb_2420_1.nasl
2012-03-09	Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-1721 File : nvt/gb_fedora_2012_1721_java-1.6.0-openjdk_fc15.nasl
2012-03-09	Name : Ubuntu Update for openjdk-6 USN-1373-1 File : nvt/gb_ubuntu_USN_1373_1.nasl
2012-03-07	Name : Ubuntu Update for openjdk-6b18 USN-1373-2 File : nvt/gb_ubuntu_USN_1373_2.nasl
2012-02-27	Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:0322-01 File : nvt/gb_RHSA-2012_0322-01_java-1.6.0-openjdk.nasl
2012-02-21	Name : Oracle Java SE JDK Multiple Vulnerabilities - February 2012 (Windows - 03) File : nvt/gb_oracle_java_se_jdk_mult_vuln_feb12_win_03.nasl
2012-02-21	Name : Oracle Java SE JDK Multiple Vulnerabilities - February 2012 (Windows - 02) File : nvt/gb_oracle_java_se_jdk_mult_vuln_feb12_win_02.nasl
2012-02-21	Name : Oracle Java SE JDK Multiple Vulnerabilities - February 2012 (Windows - 01) File : nvt/gb_oracle_java_se_jdk_mult_vuln_feb12_win_01.nasl
2012-02-21	Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:021 (java-1.6.0-openjdk) File : nvt/gb_mandriva_MDVSA_2012_021.nasl
2012-02-21	Name : Oracle Java SE JRE Multiple Vulnerabilities - February 2012 (Windows - 03) File : nvt/gb_oracle_java_se_mult_vuln_feb12_win_03.nasl
2012-02-21	Name : Oracle Java SE JRE Multiple Vulnerabilities - February 2012 (Windows - 02) File : nvt/gb_oracle_java_se_mult_vuln_feb12_win_02.nasl
2012-02-21	Name : Oracle Java SE JRE Multiple Vulnerabilities - February 2012 (Windows - 01) File : nvt/gb_oracle_java_se_mult_vuln_feb12_win_01.nasl
2012-01-05	Name : Oracle GlassFish Server Hash Collision Denial of Service Vulnerability File : nvt/gb_glassfish_hash_collision_dos_vuln.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
78114	Oracle GlassFish Server Hash Collission Form Parameter Parsing Remote DoS Oracle GlassFish Server contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends multiple crafted parameters which trigger hash collisions, and will result in loss of availability for the program via CPU consumption.

Information Assurance Vulnerability Management (IAVM)

Date	Description
2014-02-27	IAVM : 2014-B-0019 - Multiple Vulnerabilities in Apache Tomcat Severity : Category I - VMSKEY : V0044527
2014-01-16	IAVM : 2014-A-0010 - Multiple Vulnerabilities in Oracle Java SE Severity : Category I - VMSKEY : V0043398
2013-10-17	IAVM : 2013-A-0191 - Multiple Vulnerabilities in Java for Mac OS X Severity : Category I - VMSKEY : V0040779
2013-10-17	IAVM : 2013-A-0200 - Multiple Vulnerabilities in Oracle Java Severity : Category I - VMSKEY : V0040783
2013-10-17	IAVM : 2013-A-0199 - Multiple Vulnerabilities in Oracle Fusion Middleware Severity : Category I - VMSKEY : V0040786
2013-09-19	IAVM : 2013-A-0181 - Multiple Vulnerabilities in Junos Pulse Secure Access Service (IVE) Severity : Category I - VMSKEY : V0040371
2013-09-19	IAVM : 2013-A-0180 - Multiple Vulnerabilities in Juniper Networks Junos Pulse Access Service Acces... Severity : Category I - VMSKEY : V0040372
2013-09-19	IAVM : 2013-A-0179 - Apple Mac OS X Security Update 2013-004 Severity : Category I - VMSKEY : V0040373
2013-04-11	IAVM : 2013-A-0077 - Multiple Vulnerabilities in OpenSSL Severity : Category I - VMSKEY : V0037605
2012-09-27	IAVM : 2012-A-0153 - Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity : Category I - VMSKEY : V0033884
2012-09-13	IAVM : 2012-A-0146 - Multiple Vulnerabilities in VMware vCenter Update Manager 4.1 Severity : Category I - VMSKEY : V0033792
2012-09-13	IAVM : 2012-A-0147 - Multiple Vulnerabilities in VMware vCenter Server 4.1 Severity : Category I - VMSKEY : V0033793
2012-09-13	IAVM : 2012-A-0148 - Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity : Category I - VMSKEY : V0033794

Snort® IPS/IDS

Date	Description
2019-05-21	Oracle Java privileged protection domain exploitation attempt RuleID : 49846 - Revision : 1 - Type : FILE-JAVA
2019-05-21	Oracle Java privileged protection domain exploitation attempt RuleID : 49845 - Revision : 1 - Type : FILE-JAVA
2019-03-26	Oracle Java ImagingLib buffer overflow attempt RuleID : 49256 - Revision : 1 - Type : FILE-JAVA
2019-03-26	Oracle Java ImagingLib buffer overflow attempt RuleID : 49255 - Revision : 2 - Type : FILE-JAVA
2019-03-12	Oracle Java JPEGImageWriter memory corruption attempt RuleID : 49117 - Revision : 1 - Type : FILE-JAVA
2019-03-12	Oracle Java JPEGImageWriter memory corruption attempt RuleID : 49116 - Revision : 1 - Type : FILE-JAVA
2018-04-05	limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45830 - Revision : 1 - Type : SERVER-OTHER
2018-01-17	limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45201 - Revision : 2 - Type : SERVER-OTHER
2018-01-17	limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45200 - Revision : 2 - Type : SERVER-OTHER
2018-01-17	limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45199 - Revision : 2 - Type : SERVER-OTHER
2016-07-28	Oracle Java RangeStatisticImpl sandbox breach attempt RuleID : 39355 - Revision : 1 - Type : FILE-JAVA
2016-07-28	Oracle Java RangeStatisticImpl sandbox breach attempt RuleID : 39354 - Revision : 1 - Type : FILE-JAVA
2016-04-26	Oracle Java Class Loader namespace sandbox bypass attempt RuleID : 38339 - Revision : 2 - Type : FILE-JAVA
2016-04-26	Oracle Java Class Loader namespace sandbox bypass attempt RuleID : 38338 - Revision : 2 - Type : FILE-JAVA
2016-03-24	Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt RuleID : 37821 - Revision : 1 - Type : FILE-JAVA
2016-03-24	Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt RuleID : 37820 - Revision : 1 - Type : FILE-JAVA
2016-03-24	Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt RuleID : 37819 - Revision : 1 - Type : FILE-JAVA
2016-03-24	Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt RuleID : 37818 - Revision : 1 - Type : FILE-JAVA
2016-03-22	Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 37805 - Revision : 3 - Type : FILE-JAVA
2016-03-22	Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 37804 - Revision : 4 - Type : FILE-JAVA
2016-03-22	Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 37803 - Revision : 2 - Type : FILE-JAVA
2016-03-22	Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 37802 - Revision : 2 - Type : FILE-JAVA
2015-09-08	Oracle Java VersionHelper loadClass sandbox bypass attempt RuleID : 35469 - Revision : 2 - Type : FILE-JAVA
2015-09-08	Oracle Java VersionHelper loadClass sandbox bypass attempt RuleID : 35468 - Revision : 3 - Type : FILE-JAVA
2015-09-08	Oracle Java VersionHelper loadClass sandbox bypass attempt RuleID : 35467 - Revision : 3 - Type : FILE-JAVA
2015-04-30	Nuclear exploit kit obfuscated file download RuleID : 33983 - Revision : 5 - Type : EXPLOIT-KIT
2015-04-30	Nuclear exploit kit landing page detected RuleID : 33982 - Revision : 3 - Type : EXPLOIT-KIT
2014-11-16	Oracle Java Web Start arbitrary command execution attempt RuleID : 31946 - Revision : 2 - Type : FILE-JAVA
2014-11-16	Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 31541 - Revision : 7 - Type : FILE-JAVA
2014-11-16	Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 31540 - Revision : 6 - Type : FILE-JAVA
2014-11-16	Oracle Java field bytecode verifier cache code execution attempt RuleID : 31512 - Revision : 3 - Type : FILE-JAVA
2014-11-16	Oracle Java field bytecode verifier cache code execution attempt RuleID : 31511 - Revision : 3 - Type : FILE-JAVA
2014-11-16	Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt RuleID : 31367 - Revision : 6 - Type : FILE-JAVA
2014-11-16	Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt RuleID : 31366 - Revision : 7 - Type : FILE-JAVA
2014-11-16	CottonCastle exploit kit decryption page outbound request RuleID : 31279 - Revision : 3 - Type : EXPLOIT-KIT
2014-11-16	CottonCastle exploit kit Oracle java outbound connection RuleID : 31278 - Revision : 2 - Type : EXPLOIT-KIT
2014-11-16	CottonCastle exploit kit Oracle Java outbound connection RuleID : 31277 - Revision : 2 - Type : EXPLOIT-KIT
2014-04-17	Oracle Java font rendering remote code execution attempt RuleID : 30218 - Revision : 3 - Type : FILE-JAVA
2014-04-17	Oracle Java font rendering remote code execution attempt RuleID : 30217 - Revision : 2 - Type : FILE-JAVA
2018-06-15	Hello/LightsOut exploit kit payload download attempt RuleID : 30003-community - Revision : 6 - Type : EXPLOIT-KIT
2014-04-03	Hello/LightsOut exploit kit payload download attempt RuleID : 30003 - Revision : 6 - Type : EXPLOIT-KIT
2014-03-29	Oracle Java java.util.concurrent.ConcurrentHashMap memory corruption attempt RuleID : 29972 - Revision : 2 - Type : FILE-JAVA
2014-03-29	Oracle Java java.util.concurrent.ConcurrentHashMap memory corruption attempt RuleID : 29971 - Revision : 2 - Type : FILE-JAVA
2014-03-29	Oracle Java java.util.concurrent.ConcurrentHashMap memory corruption attempt RuleID : 29970 - Revision : 2 - Type : FILE-JAVA
2014-03-29	Oracle Java java.util.concurrent.ConcurrentHashMap memory corruption attempt RuleID : 29969 - Revision : 2 - Type : FILE-JAVA
2014-03-06	Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt RuleID : 29606 - Revision : 4 - Type : FILE-JAVA
2014-03-06	Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt RuleID : 29605 - Revision : 3 - Type : FILE-JAVA
2014-03-01	Oracle Java ShortComponentRaster integer overflow attempt RuleID : 29491 - Revision : 4 - Type : FILE-JAVA
2014-03-01	Oracle Java ShortComponentRaster integer overflow attempt RuleID : 29490 - Revision : 4 - Type : FILE-JAVA
2014-02-21	Styx exploit kit eot outbound connection RuleID : 29453 - Revision : 2 - Type : EXPLOIT-KIT
2014-02-21	Styx exploit kit landing page request RuleID : 29452 - Revision : 2 - Type : EXPLOIT-KIT
2014-02-21	Styx exploit kit outbound jar request RuleID : 29451 - Revision : 2 - Type : EXPLOIT-KIT
2014-02-21	Styx exploit kit outbound connection attempt RuleID : 29450 - Revision : 2 - Type : EXPLOIT-KIT
2014-02-21	Styx exploit kit landing page RuleID : 29449 - Revision : 3 - Type : EXPLOIT-KIT
2014-02-21	Styx exploit kit landing page RuleID : 29448 - Revision : 2 - Type : EXPLOIT-KIT
2014-02-21	Styx exploit kit jar outbound connection RuleID : 29446 - Revision : 9 - Type : EXPLOIT-KIT
2014-02-21	Styx exploit kit fonts download page RuleID : 29445 - Revision : 2 - Type : EXPLOIT-KIT
2014-02-08	Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt RuleID : 29273 - Revision : 7 - Type : FILE-JAVA
2014-02-08	Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt RuleID : 29272 - Revision : 7 - Type : FILE-JAVA
2014-02-08	Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt RuleID : 29271 - Revision : 6 - Type : FILE-JAVA
2014-02-08	Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt RuleID : 29270 - Revision : 6 - Type : FILE-JAVA
2014-02-08	Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt RuleID : 29269 - Revision : 2 - Type : FILE-JAVA
2014-02-08	Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt RuleID : 29268 - Revision : 3 - Type : FILE-JAVA
2014-02-08	Oracle Java and JavaFX JPEGImageReader memory corruption attempt RuleID : 29219 - Revision : 2 - Type : FILE-JAVA
2014-02-08	Oracle Java and JavaFX JPEGImageReader memory corruption attempt RuleID : 29218 - Revision : 3 - Type : FILE-JAVA
2014-02-08	Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt RuleID : 29215 - Revision : 2 - Type : FILE-JAVA
2014-02-08	Oracle Java JPEGImageWriter memory corruption attempt RuleID : 29214 - Revision : 3 - Type : FILE-JAVA
2014-01-30	Stamp exploit kit PDF exploit retrieval attempt RuleID : 29131 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-30	Stamp exploit kit malicious payload download attempt RuleID : 29130 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-30	Stamp exploit kit jar exploit download - specific structure RuleID : 29129 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-30	Stamp exploit kit plugin detection page RuleID : 29128 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-16	Oracle Java ImagingLib buffer overflow attempt RuleID : 28927 - Revision : 3 - Type : FILE-JAVA
2014-01-16	Oracle Java ImagingLib buffer overflow attempt RuleID : 28926 - Revision : 3 - Type : FILE-JAVA
2014-01-16	Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt RuleID : 28916 - Revision : 6 - Type : FILE-JAVA
2014-01-16	Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt RuleID : 28915 - Revision : 7 - Type : FILE-JAVA
2014-01-11	Neutrino exploit kit initial outbound request - generic detection RuleID : 28911 - Revision : 3 - Type : EXPLOIT-KIT
2018-06-15	Goon/Infinity exploit kit payload download attempt RuleID : 28795-community - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Goon/Infinity exploit kit payload download attempt RuleID : 28795 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit landing page request RuleID : 28478 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit outbound pdf request RuleID : 28477 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit outbound request by Java - generic detection RuleID : 28476 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit outbound request - generic detection RuleID : 28475 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit outbound plugin detection response - generic detection RuleID : 28474 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit outbound request format RuleID : 28460 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit outbound request format RuleID : 28459 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit landing page RuleID : 28458 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit outbound request format RuleID : 28457 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit outbound request format RuleID : 28456 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit outbound request format RuleID : 28455 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Win.Trojan.Bspire variant connection RuleID : 28439 - Revision : 5 - Type : MALWARE-CNC
2014-01-10	Glazunov exploit kit zip file download RuleID : 28430-community - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Glazunov exploit kit zip file download RuleID : 28430 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Glazunov exploit kit outbound jnlp download attempt RuleID : 28429-community - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Glazunov exploit kit outbound jnlp download attempt RuleID : 28429 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Glazunov exploit kit landing page RuleID : 28428-community - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Glazunov exploit kit landing page RuleID : 28428 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Himan exploit kit payload - Oracle Java compromise RuleID : 28309 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Himan exploit kit landing page RuleID : 28307 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit outbound request format RuleID : 28304 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit outbound request format RuleID : 28298 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 28277 - Revision : 7 - Type : FILE-JAVA
2014-01-10	Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 28276 - Revision : 7 - Type : FILE-JAVA
2014-01-10	Neutrino exploit kit outbound request format RuleID : 28275 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit outbound request format RuleID : 28274 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit outbound request format RuleID : 28273 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit outbound request format RuleID : 28214 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java XML digital signature spoofing attempt RuleID : 28157 - Revision : 3 - Type : BROWSER-PLUGINS
2014-01-10	Neutrino exploit kit outbound request format RuleID : 28032 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit Oracle Java exploit download attempt RuleID : 28031 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - readme.dll RuleID : 27898 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - calc.dll RuleID : 27897 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - contacts.dll RuleID : 27896 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - info.dll RuleID : 27895 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - about.dll RuleID : 27894 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Teletubbies exploit kit payload download RuleID : 27885 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Teletubbies exploit kit exploit attempt for Oracle Java RuleID : 27883 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2/Darkleech exploit kit landing page request RuleID : 27865-community - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2/Darkleech exploit kit landing page request RuleID : 27865 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit malicious redirection attempt RuleID : 27815 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit landing page request RuleID : 27814 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit landing page with payload RuleID : 27813 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java ImagingLib buffer overflow attempt RuleID : 27787 - Revision : 4 - Type : FILE-JAVA
2014-01-10	Oracle Java ImagingLib buffer overflow attempt RuleID : 27786 - Revision : 3 - Type : FILE-JAVA
2014-01-10	Neutrino exploit kit outbound request format RuleID : 27785 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit Oracle Java exploit download attempt RuleID : 27784 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java ImagingLib buffer overflow attempt RuleID : 27765 - Revision : 4 - Type : FILE-JAVA
2014-01-10	Oracle Java ImagingLib buffer overflow attempt RuleID : 27764 - Revision : 3 - Type : FILE-JAVA
2014-01-10	Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 27751 - Revision : 7 - Type : FILE-JAVA
2014-01-10	Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 27750 - Revision : 7 - Type : FILE-JAVA
2014-01-10	Gong Da exploit kit possible jar download RuleID : 27706 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Gong Da exploit kit Java exploit requested RuleID : 27705 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Gong Da exploit kit Java exploit requested RuleID : 27704 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Gong Da exploit kit plugin detection RuleID : 27703 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Gong Da exploit kit landing page RuleID : 27702 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Gong Da Jar file download RuleID : 27701 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Kore exploit kit successful Java exploit RuleID : 27697 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Kore exploit kit landing page RuleID : 27696 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Kore exploit kit landing page RuleID : 27695 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 27692 - Revision : 9 - Type : FILE-JAVA
2014-01-10	Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 27691 - Revision : 9 - Type : FILE-JAVA
2014-01-10	Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 27677 - Revision : 8 - Type : FILE-JAVA
2014-01-10	Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 27676 - Revision : 9 - Type : FILE-JAVA
2014-01-10	Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 27675 - Revision : 8 - Type : FILE-JAVA
2014-01-10	Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 27674 - Revision : 9 - Type : FILE-JAVA
2014-01-10	Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 27673 - Revision : 8 - Type : FILE-JAVA
2014-01-10	Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 27672 - Revision : 9 - Type : FILE-JAVA
2014-01-10	Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 27622 - Revision : 10 - Type : FILE-JAVA
2014-01-10	Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 27621 - Revision : 10 - Type : FILE-JAVA
2014-01-10	iFramer toolkit injected iframe detected - specific structure RuleID : 27271 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java Applet ProviderSkeleton sandbox bypass attempt RuleID : 27191 - Revision : 6 - Type : FILE-JAVA
2014-01-10	Oracle Java Applet ProviderSkeleton sandbox bypass attempt RuleID : 27190 - Revision : 8 - Type : FILE-JAVA
2014-01-10	Oracle Java Applet ProviderSkeleton sandbox bypass attempt RuleID : 27189 - Revision : 7 - Type : FILE-JAVA
2014-01-10	Oracle Java Applet ProviderSkeleton sandbox bypass attempt RuleID : 27188 - Revision : 8 - Type : FILE-JAVA
2014-01-10	Private exploit kit outbound traffic RuleID : 27144-community - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Private exploit kit outbound traffic RuleID : 27144 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Private exploit kit landing page RuleID : 27143 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Private exploit kit landing page RuleID : 27142 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Private exploit kit landing page RuleID : 27141 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Private exploit kit numerically named exe file dowload RuleID : 27140 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt RuleID : 27113-community - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt RuleID : 27113 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Nailed exploit kit jmxbean remote code execution exploit download - autopwn RuleID : 27083 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java Applet disable security manager attempt RuleID : 27077 - Revision : 6 - Type : FILE-JAVA
2014-01-10	Oracle Java Applet disable security manager attempt RuleID : 27076 - Revision : 8 - Type : FILE-JAVA
2014-01-10	Blackhole exploit kit landing page retrieval RuleID : 27072 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page retrieval RuleID : 27071 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit JNLP request RuleID : 27070 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page - specific structure RuleID : 27067 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit plugin detection connection jovf RuleID : 27042-community - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit plugin detection connection jovf RuleID : 27042 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit plugin detection connection jlnp RuleID : 27041-community - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit plugin detection connection jlnp RuleID : 27041 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit plugin detection connection jorg RuleID : 27040-community - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit plugin detection connection jorg RuleID : 27040 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Oracle Javadoc generated frame replacement attempt RuleID : 26994 - Revision : 4 - Type : BROWSER-PLUGINS
2014-01-10	DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt RuleID : 26950-community - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt RuleID : 26950 - Revision : 10 - Type : EXPLOIT-KIT
2014-01-10	DotkaChef/Rmayana/DotCache exploit kit inbound java exploit download RuleID : 26948-community - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	DotkaChef/Rmayana/DotCache exploit kit inbound java exploit download RuleID : 26948 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	DotkaChef/Rmayana/DotCache exploit kit inbound java exploit download RuleID : 26947-community - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	DotkaChef/Rmayana/DotCache exploit kit inbound java exploit download RuleID : 26947 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Java Applet sql.DriverManager exploit attempt RuleID : 26901 - Revision : 7 - Type : BROWSER-PLUGINS
2014-01-10	Java Applet sql.DriverManager exploit attempt RuleID : 26900 - Revision : 5 - Type : BROWSER-PLUGINS
2014-01-10	Java Applet sql.DriverManager fakedriver exploit attempt RuleID : 26899 - Revision : 5 - Type : BROWSER-PLUGINS
2014-01-10	Java Applet sql.DriverManager fakedriver exploit attempt RuleID : 26898 - Revision : 5 - Type : BROWSER-PLUGINS
2014-01-10	Sweet Orange exploit kit landing page in.php base64 uri RuleID : 26834-community - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Sweet Orange exploit kit landing page in.php base64 uri RuleID : 26834 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Goon/Infinity/Redkit exploit kit short jar request RuleID : 26808 - Revision : 11 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit landing page RuleID : 26807 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit short JNLP request RuleID : 26806 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit encrypted binary download RuleID : 26805 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Sweet Orange exploit kit landing page RuleID : 26804 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java Web Start control launchapp embed access RuleID : 26767 - Revision : 6 - Type : BROWSER-PLUGINS
2014-01-10	Oracle Java Web Start control launchapp ActiveX clsid access RuleID : 26766 - Revision : 5 - Type : BROWSER-PLUGINS
2014-01-10	Oracle Java Web Start control launchapp ActiveX function call access RuleID : 26765 - Revision : 6 - Type : BROWSER-PLUGINS
2014-01-10	Oracle Java Web Start control launchapp ActiveX clsid access RuleID : 26764 - Revision : 5 - Type : BROWSER-PLUGINS
2014-01-10	Oracle Java font rendering remote code execution attempt RuleID : 26717 - Revision : 5 - Type : FILE-JAVA
2014-01-10	Oracle Java font rendering remote code execution attempt RuleID : 26716 - Revision : 6 - Type : FILE-JAVA
2014-01-10	Multiple exploit kit landing page - specific structure RuleID : 26653 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	iFramer injection - specific structure RuleID : 26617 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Impact/Stamp exploit kit landing page RuleID : 26600 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Impact/Stamp exploit kit landing page RuleID : 26599 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26552 - Revision : 4 - Type : FILE-JAVA
2014-01-10	Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26551 - Revision : 4 - Type : FILE-JAVA
2014-01-10	Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26550 - Revision : 5 - Type : FILE-JAVA
2014-01-10	Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26549 - Revision : 5 - Type : FILE-JAVA
2014-01-10	Multiple exploit kit successful redirection - jnlp bypass RuleID : 26541 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	iFramer injection - specific structure RuleID : 26540 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Sakura exploit kit pdf download detection RuleID : 26539 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Sakura exploit kit landing page received RuleID : 26538 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Sakura exploit kit jar download detection RuleID : 26537 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Stamp exploit kit landing page RuleID : 26536 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit landing page - specific structure RuleID : 26535 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Portable Executable downloaded with bad DOS stub RuleID : 26526-community - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Portable Executable downloaded with bad DOS stub RuleID : 26526 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit java payload detection RuleID : 26512 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Sakura exploit kit redirection structure RuleID : 26511 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit pdf payload detection RuleID : 26510 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit java payload detection RuleID : 26509 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - info.dll RuleID : 26508 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit landing page - specific structure RuleID : 26507 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit jar file redirection RuleID : 26506 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26500 - Revision : 4 - Type : FILE-JAVA
2014-01-10	Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26499 - Revision : 5 - Type : FILE-JAVA
2014-01-10	Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26487 - Revision : 4 - Type : FILE-JAVA
2014-01-10	Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26486 - Revision : 5 - Type : FILE-JAVA
2014-01-10	Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26485 - Revision : 5 - Type : FILE-JAVA
2014-01-10	Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26484 - Revision : 6 - Type : FILE-JAVA
2014-01-10	Blackholev2 exploit kit jar file downloaded RuleID : 26434 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit landing page RuleID : 26384 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit landing page RuleID : 26383 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit java exploit request RuleID : 26377 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit landing page redirection RuleID : 26351 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	TDS redirection - may lead to exploit kit RuleID : 26350 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit obfuscated portable executable RuleID : 26349 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit java exploit delivery RuleID : 26348 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit java exploit request RuleID : 26347 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit payload requested RuleID : 26346 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit landing page RuleID : 26345 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit landing page redirection RuleID : 26344 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Nuclear exploit kit landing page RuleID : 26343 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Nuclear exploit kit landing page - specific structure RuleID : 26342 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Nuclear exploit kit landing page RuleID : 26341 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page retrieval - ff.php RuleID : 26339 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	IFRAMEr injection detection - leads to exploit kit RuleID : 26338 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page - specific structure RuleID : 26337 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit redirection page RuleID : 26297 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit landing page RuleID : 26296 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Watering Hole Campaign applet download RuleID : 26294 - Revision : 5 - Type : FILE-OTHER
2014-01-10	Cool exploit kit malicious jar download RuleID : 26256 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit redirection page RuleID : 26254 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page RuleID : 26253 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Impact exploit kit landing page RuleID : 26252 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Sweet Orange exploit kit landing page RuleID : 26233 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Sweet Orange exploit kit landing page RuleID : 26232 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit MyApplet class retrieval RuleID : 26229 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit redirection page RuleID : 26228 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page retrieval RuleID : 26227 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Crimeboss exploit kit redirection attempt RuleID : 26226 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt RuleID : 26200 - Revision : 8 - Type : FILE-JAVA
2014-01-10	Oracle Java 2D ImagingLib LookupOp integer overflow attempt RuleID : 26199 - Revision : 8 - Type : FILE-JAVA
2014-01-10	Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt RuleID : 26198 - Revision : 8 - Type : FILE-JAVA
2014-01-10	Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt RuleID : 26197 - Revision : 7 - Type : FILE-JAVA
2014-01-10	Oracle Java 2D ImagingLib LookupOp integer overflow attempt RuleID : 26196 - Revision : 7 - Type : FILE-JAVA
2014-01-10	Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt RuleID : 26195 - Revision : 7 - Type : FILE-JAVA
2014-01-10	Oracle Java Gmbal package sandbox breach attempt RuleID : 26186 - Revision : 7 - Type : FILE-JAVA
2014-01-10	Oracle Java Gmbal package sandbox breach attempt RuleID : 26185 - Revision : 7 - Type : FILE-JAVA
2014-01-10	Neutrino exploit kit redirection page RuleID : 26100 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit redirection page RuleID : 26099 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit Java archive transfer RuleID : 26098 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit Java archive transfer RuleID : 26097 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit landing page RuleID : 26096 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Neutrino exploit kit landing page RuleID : 26095 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Sweet Orange exploit kit landing page RuleID : 26094 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit landing page RuleID : 26091 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit landing page RuleID : 26090 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit Portable Executable download RuleID : 26056 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit malicious class file download RuleID : 26055 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit malicious class file download RuleID : 26054 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit malicious class file download RuleID : 26053 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit malicious class file download RuleID : 26052 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit malicious jar file download RuleID : 26051 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit SWF file download RuleID : 26050 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit EOT file download RuleID : 26049 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit PDF exploit RuleID : 26048 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit redirection structure RuleID : 26047 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit landing page RuleID : 26046 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Crimeboss exploit kit - Java exploit download RuleID : 26039 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Crimeboss exploit kit - Java exploit download RuleID : 26038 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Crimeboss exploit kit - Java exploit download RuleID : 26037 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Crimeboss exploit kit - Java Exploit RuleID : 26036 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit iframe redirection attempt RuleID : 26033 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page RuleID : 26031 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Known malicious jar archive download attempt RuleID : 26030 - Revision : 3 - Type : FILE-OTHER
2014-01-10	Java user-agent request to svchost.jpg RuleID : 26025 - Revision : 3 - Type : INDICATOR-COMPROMISE
2014-01-10	Gong Da exploit kit redirection page received RuleID : 26013 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit landing page RuleID : 25989 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit landing page RuleID : 25988 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit three number PDF Request RuleID : 25972 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit redirection RuleID : 25971 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit Portable Executable download RuleID : 25968 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit malicious class file download RuleID : 25967 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit malicious class file download RuleID : 25966 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit malicious class file download RuleID : 25965 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit malicious class file download RuleID : 25964 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit SWF file download RuleID : 25963 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit EOT file download RuleID : 25962 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit former location - has been removed RuleID : 25960 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit malicious class file download RuleID : 25959 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit malicious class file download RuleID : 25958 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit malicious class file download RuleID : 25957 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit malicious class file download RuleID : 25956 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit malicious jar file download RuleID : 25955 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit SWF file download RuleID : 25954 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit landing page RuleID : 25953 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit landing page RuleID : 25952 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit EOT file download RuleID : 25951 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit PDF exploit RuleID : 25950 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit java exploit retrieval RuleID : 25862 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit java exploit retrieval RuleID : 25861 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit landing page RuleID : 25860 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit malicious jar file download RuleID : 25859 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit Java exploit download RuleID : 25858 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit PDF exploit RuleID : 25857 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java JMX class arbitrary code execution attempt RuleID : 25834 - Revision : 6 - Type : FILE-JAVA
2014-01-10	Oracle Java malicious class download attempt RuleID : 25833 - Revision : 6 - Type : FILE-JAVA
2014-01-10	Oracle Java JMX class arbitrary code execution attempt RuleID : 25832 - Revision : 7 - Type : FILE-JAVA
2014-01-10	Oracle Java JMX class arbitrary code execution attempt RuleID : 25831 - Revision : 5 - Type : FILE-JAVA
2014-01-10	Oracle Java malicious class download attempt RuleID : 25830 - Revision : 12 - Type : FILE-JAVA
2014-01-10	SSLv3 plaintext recovery attempt RuleID : 25828 - Revision : 4 - Type : SERVER-OTHER
2014-01-10	TLSv1.2 plaintext recovery attempt RuleID : 25827 - Revision : 4 - Type : SERVER-OTHER
2014-01-10	TLSv1.1 plaintext recovery attempt RuleID : 25826 - Revision : 4 - Type : SERVER-OTHER
2014-01-10	TLSv1.0 plaintext recovery attempt RuleID : 25825 - Revision : 4 - Type : SERVER-OTHER
2014-01-10	Fiesta exploit kit landing page detection - specific-structure RuleID : 25808 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Whitehole exploit kit landing page RuleID : 25806 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Whitehole exploit kit Java exploit retrieval RuleID : 25805 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Whitehole exploit kit malicious jar download attempt RuleID : 25804 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit 32-alpha jar request RuleID : 25798 - Revision : 10 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit redirection successful RuleID : 25611 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit EOT file download RuleID : 25598 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit EOT file download RuleID : 25597 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit EOT file download RuleID : 25596 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit java exploit retrieval RuleID : 25595 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit java exploit retrieval RuleID : 25594 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit java exploit retrieval RuleID : 25593 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page - specific structure RuleID : 25591 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page - specific structure RuleID : 25590 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Cool Exploit Kit SWF file download RuleID : 25576 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Cool Exploit Kit SWF file download RuleID : 25575 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Cool Exploit Kit SWF file download RuleID : 25574 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Cool Exploit Kit SWF file download RuleID : 25573 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page RuleID : 25569 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page retrieval RuleID : 25568 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Red Dot executable retrieval attempt RuleID : 25540 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Red Dot java retrieval attempt RuleID : 25539 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Red Dot landing page RuleID : 25538 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Multiple Exploit Kit Payload detection - setup.exe RuleID : 25526 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit java exploit retrieval RuleID : 25510 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit pdf exploit retrieval RuleID : 25509 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit java exploit retrieval RuleID : 25508 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit pdf exploit retrieval RuleID : 25507 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit EOT file download RuleID : 25506 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit EOT file download RuleID : 25505 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java JMX class arbitrary code execution attempt RuleID : 25473 - Revision : 6 - Type : FILE-JAVA
2014-01-10	Oracle Java JMX class arbitrary code execution attempt RuleID : 25472 - Revision : 12 - Type : FILE-JAVA
2014-01-10	Sweet Orange exploit kit obfuscated payload download RuleID : 25391 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Sweet Orange exploit kit landing page - specific structure RuleID : 25390 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Sweet Orange exploit kit landing page - specific structure RuleID : 25389 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit redirection successful RuleID : 25388 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - readme.exe RuleID : 25387 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - about.exe RuleID : 25386 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - calc.exe RuleID : 25385 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - contacts.exe RuleID : 25384 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - info.exe RuleID : 25383 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit malicious jar file dropped RuleID : 25382 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit java exploit retrieval RuleID : 25328 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit pdf exploit retrieval RuleID : 25327 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit java exploit retrieval RuleID : 25326 - Revision : 10 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit pdf exploit retrieval RuleID : 25325 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit landing page detected RuleID : 25324 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit EOT file download RuleID : 25323 - Revision : 10 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit EOT file download RuleID : 25322 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit malicious jar archive download RuleID : 25302 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	redirect to malicious java archive attempt RuleID : 25301 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit redirection attempt RuleID : 25255 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit portable executable download request RuleID : 25140 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit eot outbound connection RuleID : 25139 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit pdf outbound connection RuleID : 25138 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit jar outbound connection RuleID : 25137 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Styx exploit kit plugin detection connection RuleID : 25136 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Styx Exploit Kit outbound connection RuleID : 25135 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java field bytecode verifier cache code execution attempt RuleID : 25123 - Revision : 10 - Type : FILE-JAVA
2014-01-10	Oracle Java field bytecode verifier cache code execution attempt RuleID : 25122 - Revision : 9 - Type : FILE-JAVA
2014-01-10	Oracle Java field bytecode verifier cache code execution attempt RuleID : 25121 - Revision : 5 - Type : FILE-JAVA
2014-01-10	Cool exploit kit 32-bit font file download RuleID : 25056 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit 64-bit font file download RuleID : 25055 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Redkit outbound class retrieval RuleID : 25053 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit Java Exploit requested - 3 digit RuleID : 25052 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit landing page redirection RuleID : 25051 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit requesting payload RuleID : 25045 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Sweet Orange exploit kit landing page - specific structure RuleID : 25044 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit url structure detected RuleID : 25043 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Java User-Agent downloading Portable Executable - Possible exploit kit RuleID : 25042 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java Applet remote code execution attempt RuleID : 24993 - Revision : 9 - Type : FILE-JAVA
2014-01-10	Oracle Java Runtime true type font idef opcode heap buffer overflow attempt RuleID : 24915 - Revision : 8 - Type : FILE-JAVA
2014-01-10	Nuclear exploit kit landing page detected RuleID : 24888 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page in an email RuleID : 24865 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page - specific-structure RuleID : 24864 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page in an email RuleID : 24863 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page - specific-structure RuleID : 24862 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page in an email RuleID : 24861 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page - specific-structure RuleID : 24860 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Sibhost exploit kit outbound JAR download attempt RuleID : 24841 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Sweet Orange exploit kit landing page - JAR redirection RuleID : 24840 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Sweet Orange exploit kit landing page - specific structure RuleID : 24839 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Sweet Orange User-Agent - contype RuleID : 24838 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Sweet Orange initial landing page RuleID : 24837 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Possible malicious Jar download attempt - specific-structure RuleID : 24798-community - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Possible malicious Jar download attempt - specific-structure RuleID : 24798 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	KaiXin exploit kit Java Class download RuleID : 24793 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit 64-bit font file download RuleID : 24784 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit 32-bit font file download RuleID : 24783 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit outbound request RuleID : 24782 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit outbound request RuleID : 24781 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit - PDF Exploit RuleID : 24780 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit - PDF Exploit RuleID : 24779 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Cool exploit kit landing page - Title RuleID : 24778 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24770 - Revision : 6 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24769 - Revision : 8 - Type : FILE-JAVA
2014-01-10	Oracle Java Runtime true type font idef opcode heap buffer overflow attempt RuleID : 24701 - Revision : 12 - Type : FILE-JAVA
2014-01-10	KaiXin exploit kit attack vector attempt RuleID : 24670 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	KaiXin exploit kit attack vector attempt RuleID : 24669 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	KaiXin exploit kit attack vector attempt RuleID : 24668 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	KaiXin exploit kit attack vector attempt RuleID : 24667 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit redirection successful RuleID : 24638 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit redirection page - specific structure RuleID : 24637 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit redirection page - specific structure RuleID : 24636 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page download attempt RuleID : 24608 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page received - specific structure RuleID : 24593 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page download attempt RuleID : 24548 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page download attempt RuleID : 24547 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page download attempt RuleID : 24546 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackhole admin page outbound access attempt RuleID : 24544 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Blackhole admin page inbound access attempt RuleID : 24543 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit fallback executable download RuleID : 24501 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackhole - Cookie Set RuleID : 24475 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Crimeboss exploit kit outbound connection RuleID : 24234 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Crimeboss exploit kit outbound connection RuleID : 24233 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Crimeboss exploit kit outbound connection RuleID : 24232 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Crimeboss exploit kit redirection attempt RuleID : 24231 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page Received RuleID : 24228 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 - URI Structure RuleID : 24227 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page received RuleID : 24226 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java field bytecode verifier cache code execution attempt RuleID : 24202 - Revision : 10 - Type : FILE-JAVA
2014-01-10	Oracle Java field bytecode verifier cache code execution attempt RuleID : 24201 - Revision : 9 - Type : FILE-JAVA
2014-01-10	Blackhole possible email Landing to 8 chr folder RuleID : 24171 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24126 - Revision : 6 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24125 - Revision : 5 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24085 - Revision : 6 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24084 - Revision : 6 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24066 - Revision : 7 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24065 - Revision : 6 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24064 - Revision : 7 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24063 - Revision : 9 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24058 - Revision : 7 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24057 - Revision : 6 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24056 - Revision : 7 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24055 - Revision : 7 - Type : FILE-JAVA
2014-01-10	Blackhole exploit kit landing page with specific structure RuleID : 24054 - Revision : 10 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure RuleID : 24053 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24038 - Revision : 6 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24037 - Revision : 6 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24036 - Revision : 7 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24028 - Revision : 9 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24027 - Revision : 10 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24026 - Revision : 16 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24025 - Revision : 11 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24024 - Revision : 10 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24023 - Revision : 11 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24022 - Revision : 10 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24021 - Revision : 10 - Type : FILE-JAVA
2014-01-10	Oracle Java privileged protection domain exploitation attempt RuleID : 24020 - Revision : 9 - Type : FILE-JAVA
2014-01-10	Blackhole exploit kit landing page with specific structure - fewbgazr catch RuleID : 23962 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - hwehes RuleID : 23850 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole redirection attempt RuleID : 23849 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Blackhole redirection attempt RuleID : 23848 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackhole redirection page RuleID : 23797 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - Math.round catch RuleID : 23786 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - Math.floor catch RuleID : 23785 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page RuleID : 23781 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page request - tkr RuleID : 23622 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - prototype catch ... RuleID : 23619 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java Zip file directory record overflow attempt RuleID : 23560 - Revision : 8 - Type : FILE-JAVA
2014-01-10	Oracle Java field bytecode verifier cache code execution attempt RuleID : 23277 - Revision : 9 - Type : FILE-JAVA
2014-01-10	Oracle Java field bytecode verifier cache code execution attempt RuleID : 23276 - Revision : 9 - Type : FILE-JAVA
2014-01-10	Oracle Java field bytecode verifier cache code execution attempt RuleID : 23275 - Revision : 9 - Type : FILE-JAVA
2014-01-10	Oracle Java field bytecode verifier cache code execution attempt RuleID : 23274 - Revision : 9 - Type : FILE-JAVA
2014-01-10	Oracle Java field bytecode verifier cache code execution attempt RuleID : 23273 - Revision : 11 - Type : FILE-JAVA
2014-01-10	Oracle Java Zip file directory record overflow attempt RuleID : 23243 - Revision : 13 - Type : FILE-JAVA
2014-01-10	Redkit exploit kit landing page Received - applet and flowbit RuleID : 23225 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit landing page Requested - 8Digit.html RuleID : 23224 - Revision : 13 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit landing page Received - applet and code RuleID : 23223 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit landing page Received - applet and 5 digit jar attempt RuleID : 23222 - Revision : 10 - Type : EXPLOIT-KIT
2014-01-10	Redkit Jar File Naming Algorithm RuleID : 23221 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit Java Exploit Requested - 5 digit jar RuleID : 23220 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Redkit exploit kit Java Exploit request to .class file RuleID : 23219 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Redkit Repeated Exploit Request Pattern RuleID : 23218 - Revision : 11 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page download attempt RuleID : 23159 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - prototype catch RuleID : 23158 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Nuclear Pack exploit kit binary download RuleID : 23157 - Revision : 10 - Type : EXPLOIT-KIT
2014-01-10	Nuclear Pack exploit kit landing page RuleID : 23156 - Revision : 11 - Type : EXPLOIT-KIT
2014-01-10	Blackhole redirection attempt RuleID : 22949 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackhole Exploit Kit javascript service method RuleID : 22088 - Revision : 12 - Type : EXPLOIT-KIT
2014-01-10	Blackhole landing redirection page RuleID : 22041 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackhole suspected landing page RuleID : 22040 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackhole suspected landing page RuleID : 22039 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit landing page with specific structure - Loading RuleID : 21876 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Possible exploit kit post compromise activity - taskkill RuleID : 21875 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Possible exploit kit post compromise activity - StrReverse RuleID : 21874 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Java JRE sandbox breach attempt RuleID : 21869 - Revision : 8 - Type : FILE-OTHER
2014-01-10	Phoenix exploit kit post-compromise behavior RuleID : 21860 - Revision : 5 - Type : MALWARE-CNC
2014-01-10	Oracle Java JRE sandbox Atomic breach attempt RuleID : 21667 - Revision : 11 - Type : FILE-JAVA
2014-01-10	Oracle Java JRE sandbox Atomic breach attempt RuleID : 21666 - Revision : 11 - Type : FILE-JAVA
2014-01-10	Oracle Java JRE sandbox Atomic breach attempt RuleID : 21665 - Revision : 9 - Type : FILE-JAVA
2014-01-10	Oracle Java JRE sandbox Atomic breach attempt RuleID : 21664 - Revision : 9 - Type : FILE-JAVA
2014-01-10	Blackhole exploit kit landing page with specific structure - catch RuleID : 21661 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page Requested - /Index/index.php RuleID : 21660 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page Requested - /Home/index.php RuleID : 21659 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page RuleID : 21658 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page - specific structure RuleID : 21657 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - prototype catch RuleID : 21646-community - Revision : 16 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - prototype catch RuleID : 21646 - Revision : 16 - Type : EXPLOIT-KIT
2014-01-10	Phoenix exploit kit landing page RuleID : 21640 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - BBB RuleID : 21581 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific header RuleID : 21549 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific header RuleID : 21539 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - prototype catch RuleID : 21492-community - Revision : 22 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - prototype catch RuleID : 21492 - Revision : 22 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java Web Start arbitrary command execution attempt RuleID : 21481 - Revision : 14 - Type : FILE-JAVA
2014-01-10	Blackhole exploit kit JavaScript carat string splitting with hostile applet RuleID : 21438-community - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit JavaScript carat string splitting with hostile applet RuleID : 21438 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit URL - search.php?page= RuleID : 21348 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit URL - .php?page= RuleID : 21347 - Revision : 12 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit malicious jar download RuleID : 21346 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit malicious jar request RuleID : 21345 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit pdf download RuleID : 21344 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit pdf request RuleID : 21343 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit response RuleID : 21259 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit control panel access RuleID : 21141 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page RuleID : 21045 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page RuleID : 21044 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit post-compromise download attempt - .php?e= RuleID : 21043 - Revision : 10 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit post-compromise download attempt - .php?f= RuleID : 21042 - Revision : 11 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit URL - main.php?page= RuleID : 21041 - Revision : 12 - Type : EXPLOIT-KIT
2014-01-10	Oracle Java Applet remote code execution attempt RuleID : 20622 - Revision : 18 - Type : FILE-JAVA
2014-01-10	Oracle Java Web Start arbitrary command execution attempt RuleID : 16585 - Revision : 5 - Type : WEB-CLIENT

Nessus® Vulnerability Scanner

Date	Description
2018-09-27	Name : The remote Debian host is missing a security update. File : debian_DLA-1518.nasl - Type : ACT_GATHER_INFO
2016-11-21	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL93600123.nasl - Type : ACT_GATHER_INFO
2016-06-10	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL48802597.nasl - Type : ACT_GATHER_INFO
2016-03-04	Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-294.nasl - Type : ACT_GATHER_INFO
2016-03-04	Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_esx_VMSA-2013-0003_remote.nasl - Type : ACT_GATHER_INFO
2016-03-04	Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_esx_VMSA-2013-0009_remote.nasl - Type : ACT_GATHER_INFO
2016-03-04	Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_esx_VMSA-2013-0012_remote.nasl - Type : ACT_GATHER_INFO
2015-10-13	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL17381.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1489-1.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1489-2.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1490-1.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1256-1.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1669-1.nasl - Type : ACT_GATHER_INFO
2015-05-15	Name : The remote Debian host is missing a security update. File : debian_DLA-219.nasl - Type : ACT_GATHER_INFO
2015-03-17	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3187.nasl - Type : ACT_GATHER_INFO
2015-03-11	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2522-3.nasl - Type : ACT_GATHER_INFO
2015-03-09	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2522-2.nasl - Type : ACT_GATHER_INFO
2015-03-06	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2522-1.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_gnutls_20130924.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_nss_20140809.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_openssl_20130716.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_tomcat_20140522.nasl - Type : ACT_GATHER_INFO
2015-01-13	Name : The remote host has a library installed that is affected by an information di... File : tivoli_directory_svr_swg21638270.nasl - Type : ACT_GATHER_INFO
2014-12-22	Name : The remote device is affected by multiple vulnerabilities. File : juniper_space_jsa10627.nasl - Type : ACT_GATHER_INFO
2014-12-22	Name : The remote device is affected by multiple vulnerabilities. File : juniper_space_jsa10659.nasl - Type : ACT_GATHER_INFO
2014-12-05	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_compat-openssl097g-141202.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0007.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0008.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1080.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1332.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-0636.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1455.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1456.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1793.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0414.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0416.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0982.nasl - Type : ACT_GATHER_INFO
2014-11-06	Name : The remote host has a version of Java installed that is affected by multiple ... File : macosx_java_2014-001.nasl - Type : ACT_GATHER_INFO
2014-10-10	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL14190.nasl - Type : ACT_GATHER_INFO
2014-10-10	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15630.nasl - Type : ACT_GATHER_INFO
2014-10-10	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15637.nasl - Type : ACT_GATHER_INFO
2014-08-22	Name : The remote host is affected by multiple vulnerabilities. File : juniper_nsm_jsa10642.nasl - Type : ACT_GATHER_INFO
2014-08-11	Name : The remote backup service is affected by multiple vulnerabilities. File : ibm_tsm_server_5_5_x.nasl - Type : ACT_GATHER_INFO
2014-08-11	Name : The remote backup service is affected by multiple vulnerabilities. File : ibm_tsm_server_6_1_x.nasl - Type : ACT_GATHER_INFO
2014-08-11	Name : The remote backup service is affected by multiple vulnerabilities. File : ibm_tsm_server_6_2_6_0.nasl - Type : ACT_GATHER_INFO
2014-08-11	Name : The remote backup service is affected by an information disclosure vulnerabil... File : ibm_tsm_server_6_3_4_200.nasl - Type : ACT_GATHER_INFO
2014-07-30	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0675.nasl - Type : ACT_GATHER_INFO
2014-07-30	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0685.nasl - Type : ACT_GATHER_INFO
2014-07-30	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0705.nasl - Type : ACT_GATHER_INFO
2014-07-28	Name : The remote AIX host has a version of Java SDK installed that is potentially a... File : aix_java_jan2014_advisory.nasl - Type : ACT_GATHER_INFO
2014-07-24	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0675.nasl - Type : ACT_GATHER_INFO
2014-07-24	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0685.nasl - Type : ACT_GATHER_INFO
2014-07-22	Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_jrockit_cpu_apr_2012.nasl - Type : ACT_GATHER_INFO
2014-07-18	Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_jrockit_cpu_oct_2012.nasl - Type : ACT_GATHER_INFO
2014-07-14	Name : The remote mail server is affected by an information disclosure vulnerability. File : ipswitch_imail_12_3.nasl - Type : ACT_GATHER_INFO
2014-06-30	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201406-32.nasl - Type : ACT_GATHER_INFO
2014-06-18	Name : The remote database server is affected by multiple vulnerabilities. File : db2_101fp3a.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-136.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-368.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-592.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-601.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-749.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-754.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-755.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-153.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-154.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-164.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-198.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-230.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-402.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-410.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-426.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-47.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-622.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-847.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-95.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-96.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_4_java-1_6_0-openjdk-120222.nasl - Type : ACT_GATHER_INFO
2014-06-06	Name : The version of IBM Tivoli Directory Server is affected by a frame injection v... File : tivoli_directory_svr_63025.nasl - Type : ACT_GATHER_INFO
2014-06-03	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-140514.nasl - Type : ACT_GATHER_INFO
2014-06-01	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-140515.nasl - Type : ACT_GATHER_INFO
2014-05-29	Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_8_5_5_2.nasl - Type : ACT_GATHER_INFO
2014-05-19	Name : The remote Windows host has a service installed that is affected by multiple ... File : websphere_mq_7503.nasl - Type : ACT_GATHER_INFO
2014-05-19	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-100.nasl - Type : ACT_GATHER_INFO
2014-05-12	Name : The remote server is affected by multiple vulnerabilities. File : domino_9_0_1_fp1.nasl - Type : ACT_GATHER_INFO
2014-05-12	Name : The remote host has software installed that is affected by multiple vulnerabi... File : lotus_domino_9_0_1_fp1.nasl - Type : ACT_GATHER_INFO
2014-05-12	Name : The remote host has software installed that is affected by multiple vulnerabi... File : lotus_notes_9_0_1_fp1.nasl - Type : ACT_GATHER_INFO
2014-04-23	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-326.nasl - Type : ACT_GATHER_INFO
2014-04-23	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-327.nasl - Type : ACT_GATHER_INFO
2014-04-18	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0407.nasl - Type : ACT_GATHER_INFO
2014-04-17	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0406.nasl - Type : ACT_GATHER_INFO
2014-04-17	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0407.nasl - Type : ACT_GATHER_INFO
2014-04-17	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0408.nasl - Type : ACT_GATHER_INFO
2014-04-17	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0406.nasl - Type : ACT_GATHER_INFO
2014-04-17	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0408.nasl - Type : ACT_GATHER_INFO
2014-04-17	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0406.nasl - Type : ACT_GATHER_INFO
2014-04-17	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0407.nasl - Type : ACT_GATHER_INFO
2014-04-17	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0408.nasl - Type : ACT_GATHER_INFO
2014-04-17	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140416_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-04-17	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140416_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-04-17	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140416_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-04-16	Name : The remote AIX host is running a vulnerable version of OpenSSL. File : aix_openssl_advisory5.nasl - Type : ACT_GATHER_INFO
2014-04-08	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2124-2.nasl - Type : ACT_GATHER_INFO
2014-02-28	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2124-1.nasl - Type : ACT_GATHER_INFO
2014-02-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-140213.nasl - Type : ACT_GATHER_INFO
2014-02-25	Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_6_0_39.nasl - Type : ACT_GATHER_INFO
2014-02-20	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-042.nasl - Type : ACT_GATHER_INFO
2014-02-18	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-140206.nasl - Type : ACT_GATHER_INFO
2014-02-11	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-openjdk-140205.nasl - Type : ACT_GATHER_INFO
2014-02-05	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-280.nasl - Type : ACT_GATHER_INFO
2014-02-05	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-283.nasl - Type : ACT_GATHER_INFO
2014-02-05	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0134.nasl - Type : ACT_GATHER_INFO
2014-02-05	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0135.nasl - Type : ACT_GATHER_INFO
2014-02-05	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0136.nasl - Type : ACT_GATHER_INFO
2014-01-28	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0097.nasl - Type : ACT_GATHER_INFO
2014-01-28	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0097.nasl - Type : ACT_GATHER_INFO
2014-01-28	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0097.nasl - Type : ACT_GATHER_INFO
2014-01-28	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140127_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-01-27	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201401-30.nasl - Type : ACT_GATHER_INFO
2014-01-24	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2089-1.nasl - Type : ACT_GATHER_INFO
2014-01-21	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-011.nasl - Type : ACT_GATHER_INFO
2014-01-20	Name : The remote VMware ESXi 5.1 host is affected by multiple vulnerabilities. File : vmware_esxi_5_1_build_1483097_remote.nasl - Type : ACT_GATHER_INFO
2014-01-20	Name : The remote application server is potentially affected by multiple vulnerabili... File : websphere_7_0_0_31.nasl - Type : ACT_GATHER_INFO
2014-01-20	Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_8_0_0_8.nasl - Type : ACT_GATHER_INFO
2014-01-16	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0026.nasl - Type : ACT_GATHER_INFO
2014-01-16	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0027.nasl - Type : ACT_GATHER_INFO
2014-01-16	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0026.nasl - Type : ACT_GATHER_INFO
2014-01-16	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0027.nasl - Type : ACT_GATHER_INFO
2014-01-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0030.nasl - Type : ACT_GATHER_INFO
2014-01-16	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140115_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-01-16	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140115_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-01-15	Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_java_cpu_jan_2014.nasl - Type : ACT_GATHER_INFO
2014-01-15	Name : The remote Unix host contains a programming platform that is potentially affe... File : oracle_java_cpu_jan_2014_unix.nasl - Type : ACT_GATHER_INFO
2014-01-15	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0026.nasl - Type : ACT_GATHER_INFO
2014-01-15	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0027.nasl - Type : ACT_GATHER_INFO
2014-01-08	Name : The remote server is affected by multiple vulnerabilities. File : domino_9_0_1.nasl - Type : ACT_GATHER_INFO
2014-01-08	Name : The remote host has software installed that is affected by multiple vulnerabi... File : lotus_domino_9_0_1.nasl - Type : ACT_GATHER_INFO
2013-12-18	Name : The remote database server is affected by multiple vulnerabilities. File : db2_97fp9.nasl - Type : ACT_GATHER_INFO
2013-12-03	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201312-03.nasl - Type : ACT_GATHER_INFO
2013-12-03	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-131129.nasl - Type : ACT_GATHER_INFO
2013-11-22	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2033-1.nasl - Type : ACT_GATHER_INFO
2013-11-21	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-131119.nasl - Type : ACT_GATHER_INFO
2013-11-20	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-267.nasl - Type : ACT_GATHER_INFO
2013-11-19	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-131114.nasl - Type : ACT_GATHER_INFO
2013-11-14	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-235.nasl - Type : ACT_GATHER_INFO
2013-11-14	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-246.nasl - Type : ACT_GATHER_INFO
2013-11-13	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-openjdk-131104.nasl - Type : ACT_GATHER_INFO
2013-11-13	Name : The remote VMware ESXi 5.0 host is affected by multiple security vulnerabilit... File : vmware_esxi_5_0_build_1311177_remote.nasl - Type : ACT_GATHER_INFO
2013-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1507.nasl - Type : ACT_GATHER_INFO
2013-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1508.nasl - Type : ACT_GATHER_INFO
2013-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1509.nasl - Type : ACT_GATHER_INFO
2013-11-06	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1505.nasl - Type : ACT_GATHER_INFO
2013-11-06	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1505.nasl - Type : ACT_GATHER_INFO
2013-11-06	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1505.nasl - Type : ACT_GATHER_INFO
2013-11-06	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131105_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-11-04	Name : The remote server is affected by multiple vulnerabilities. File : domino_8_5_3fp5.nasl - Type : ACT_GATHER_INFO
2013-11-04	Name : The remote host has software installed that is affected by multiple vulnerabi... File : lotus_domino_8_5_3_fp5.nasl - Type : ACT_GATHER_INFO
2013-11-04	Name : The remote host has software installed that is affected by multiple vulnerabi... File : lotus_notes_8_5_3_fp5.nasl - Type : ACT_GATHER_INFO
2013-10-25	Name : The remote host has a virtualization management application installed that is... File : vmware_vcenter_vmsa-2013-0012.nasl - Type : ACT_GATHER_INFO
2013-10-24	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1451.nasl - Type : ACT_GATHER_INFO
2013-10-24	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131022_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-10-23	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1447.nasl - Type : ACT_GATHER_INFO
2013-10-23	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1451.nasl - Type : ACT_GATHER_INFO
2013-10-23	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1451.nasl - Type : ACT_GATHER_INFO
2013-10-22	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1447.nasl - Type : ACT_GATHER_INFO
2013-10-22	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1447.nasl - Type : ACT_GATHER_INFO
2013-10-22	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131021_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-10-18	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201310-10.nasl - Type : ACT_GATHER_INFO
2013-10-18	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1440.nasl - Type : ACT_GATHER_INFO
2013-10-17	Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_java_cpu_oct_2013.nasl - Type : ACT_GATHER_INFO
2013-10-17	Name : The remote Unix host contains a programming platform that is potentially affe... File : oracle_java_cpu_oct_2013_unix.nasl - Type : ACT_GATHER_INFO
2013-10-16	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update17.nasl - Type : ACT_GATHER_INFO
2013-10-16	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_2013-005.nasl - Type : ACT_GATHER_INFO
2013-10-16	Name : The remote database server is affected by multiple vulnerabilities. File : oracle_rdbms_cpu_oct_2013.nasl - Type : ACT_GATHER_INFO
2013-09-20	Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_6_1_0_47.nasl - Type : ACT_GATHER_INFO
2013-09-19	Name : The remote device is missing a vendor-supplied security patch. File : junos_pulse_jsa10591.nasl - Type : ACT_GATHER_INFO
2013-09-13	Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_8_5.nasl - Type : ACT_GATHER_INFO
2013-09-13	Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_SecUpd2013-004.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-119.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-136.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-137.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-43.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-88.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-151.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-156.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-162.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-163.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-167.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-168.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-171.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-183.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-185.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-204.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-207.nasl - Type : ACT_GATHER_INFO
2013-08-23	Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_8_0_0_7.nasl - Type : ACT_GATHER_INFO
2013-08-12	Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_jrockit_cpu_jul_2013.nasl - Type : ACT_GATHER_INFO
2013-08-05	Name : The remote Fedora host is missing one or more security updates. File : fedora_2013-13479.nasl - Type : ACT_GATHER_INFO
2013-08-02	Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2013-0009.nasl - Type : ACT_GATHER_INFO
2013-07-28	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2727.nasl - Type : ACT_GATHER_INFO
2013-07-28	Name : The remote Fedora host is missing one or more security updates. File : fedora_2013-13523.nasl - Type : ACT_GATHER_INFO
2013-07-28	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-130723.nasl - Type : ACT_GATHER_INFO
2013-07-26	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-130723.nasl - Type : ACT_GATHER_INFO
2013-07-26	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-130723.nasl - Type : ACT_GATHER_INFO
2013-07-26	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-openjdk-130719.nasl - Type : ACT_GATHER_INFO
2013-07-24	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-130718.nasl - Type : ACT_GATHER_INFO
2013-07-24	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1908-1.nasl - Type : ACT_GATHER_INFO
2013-07-23	Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_8_5_5.nasl - Type : ACT_GATHER_INFO
2013-07-19	Name : The remote application server is potentially affected by multiple vulnerabili... File : websphere_7_0_0_29.nasl - Type : ACT_GATHER_INFO
2013-07-17	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1081.nasl - Type : ACT_GATHER_INFO
2013-07-17	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1907-1.nasl - Type : ACT_GATHER_INFO
2013-07-17	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1907-2.nasl - Type : ACT_GATHER_INFO
2013-07-16	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2722.nasl - Type : ACT_GATHER_INFO
2013-07-16	Name : The remote device is missing a vendor-supplied security patch. File : juniper_jsa10575.nasl - Type : ACT_GATHER_INFO
2013-07-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1059.nasl - Type : ACT_GATHER_INFO
2013-07-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1060.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0135.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0322.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0729.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0730.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1009.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1221.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1222.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1223.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1384.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1385.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1386.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0165.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0245.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0246.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0247.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0273.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0274.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0275.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0587.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0602.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0603.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0604.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0605.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0751.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0752.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0770.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0957.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0958.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1014.nasl - Type : ACT_GATHER_INFO
2013-07-10	Name : The remote host has a library installed that is affected by an information di... File : ibm_gskit_swg21638270.nasl - Type : ACT_GATHER_INFO
2013-07-05	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1014.nasl - Type : ACT_GATHER_INFO
2013-07-05	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1014.nasl - Type : ACT_GATHER_INFO
2013-07-05	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130703_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-06-28	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-183.nasl - Type : ACT_GATHER_INFO
2013-06-24	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-0833.nasl - Type : ACT_GATHER_INFO
2013-06-21	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0957.nasl - Type : ACT_GATHER_INFO
2013-06-21	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0958.nasl - Type : ACT_GATHER_INFO
2013-06-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0963.nasl - Type : ACT_GATHER_INFO
2013-06-21	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130620_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-06-21	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130620_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-06-20	Name : The remote Unix host contains a programming platform that is potentially affe... File : oracle_java_cpu_jun_2013_unix.nasl - Type : ACT_GATHER_INFO
2013-06-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0957.nasl - Type : ACT_GATHER_INFO
2013-06-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0958.nasl - Type : ACT_GATHER_INFO
2013-06-19	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update16.nasl - Type : ACT_GATHER_INFO
2013-06-19	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_2013-004.nasl - Type : ACT_GATHER_INFO
2013-06-19	Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_java_cpu_jun_2013.nasl - Type : ACT_GATHER_INFO
2013-06-17	Name : The remote host has an update manager installed that is affected by multiple ... File : vmware_vcenter_update_mgr_vmsa-2012-0013.nasl - Type : ACT_GATHER_INFO
2013-06-11	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-130529.nasl - Type : ACT_GATHER_INFO
2013-06-11	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-130529.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote web server contains an application that is affected by multiple vu... File : splunk_503.nasl - Type : ACT_GATHER_INFO
2013-06-05	Name : The remote host has a virtualization management application installed that is... File : vmware_vcenter_vmsa-2012-0013.nasl - Type : ACT_GATHER_INFO
2013-05-28	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-130517.nasl - Type : ACT_GATHER_INFO
2013-05-23	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0855.nasl - Type : ACT_GATHER_INFO
2013-05-22	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-130512.nasl - Type : ACT_GATHER_INFO
2013-05-15	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0822.nasl - Type : ACT_GATHER_INFO
2013-05-15	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0823.nasl - Type : ACT_GATHER_INFO
2013-05-10	Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_8_0_0_6.nasl - Type : ACT_GATHER_INFO
2013-05-10	Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_8_5_0_2.nasl - Type : ACT_GATHER_INFO
2013-05-08	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1819-1.nasl - Type : ACT_GATHER_INFO
2013-05-07	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-161.nasl - Type : ACT_GATHER_INFO
2013-04-30	Name : The remote host is affected by multiple vulnerabilities. File : ibm_tem_8_2_1372.nasl - Type : ACT_GATHER_INFO
2013-04-26	Name : The remote Fedora host is missing a security update. File : fedora_2013-6368.nasl - Type : ACT_GATHER_INFO
2013-04-26	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130424_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-04-25	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0770.nasl - Type : ACT_GATHER_INFO
2013-04-25	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0770.nasl - Type : ACT_GATHER_INFO
2013-04-24	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-130415.nasl - Type : ACT_GATHER_INFO
2013-04-24	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-130416.nasl - Type : ACT_GATHER_INFO
2013-04-24	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-8543.nasl - Type : ACT_GATHER_INFO
2013-04-24	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_5_0-ibm-8542.nasl - Type : ACT_GATHER_INFO
2013-04-24	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_6_0-ibm-8544.nasl - Type : ACT_GATHER_INFO
2013-04-24	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1806-1.nasl - Type : ACT_GATHER_INFO
2013-04-20	Name : The remote Fedora host is missing a security update. File : fedora_2013-5922.nasl - Type : ACT_GATHER_INFO
2013-04-20	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-050.nasl - Type : ACT_GATHER_INFO
2013-04-20	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-052.nasl - Type : ACT_GATHER_INFO
2013-04-20	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-095.nasl - Type : ACT_GATHER_INFO
2013-04-19	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0751.nasl - Type : ACT_GATHER_INFO
2013-04-19	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0757.nasl - Type : ACT_GATHER_INFO
2013-04-19	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0758.nasl - Type : ACT_GATHER_INFO
2013-04-19	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-130415.nasl - Type : ACT_GATHER_INFO
2013-04-18	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0752.nasl - Type : ACT_GATHER_INFO
2013-04-18	Name : The remote Fedora host is missing a security update. File : fedora_2013-5958.nasl - Type : ACT_GATHER_INFO
2013-04-18	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0751.nasl - Type : ACT_GATHER_INFO
2013-04-18	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0752.nasl - Type : ACT_GATHER_INFO
2013-04-18	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130417_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-04-18	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130417_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-04-17	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update15.nasl - Type : ACT_GATHER_INFO
2013-04-17	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_2013-003.nasl - Type : ACT_GATHER_INFO
2013-04-17	Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_java_cpu_apr_2013.nasl - Type : ACT_GATHER_INFO
2013-04-17	Name : The remote Unix host contains a programming platform that is potentially affe... File : oracle_java_cpu_apr_2013_unix.nasl - Type : ACT_GATHER_INFO
2013-04-08	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_69bfc8529bd011e2a7be8c705af55518.nasl - Type : ACT_GATHER_INFO
2013-04-03	Name : The remote Fedora host is missing a security update. File : fedora_2013-4403.nasl - Type : ACT_GATHER_INFO
2013-03-28	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-130325.nasl - Type : ACT_GATHER_INFO
2013-03-28	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-8517.nasl - Type : ACT_GATHER_INFO
2013-03-26	Name : The remote Windows host contains a program that is affected by multiple vulne... File : stunnel_4_55.nasl - Type : ACT_GATHER_INFO
2013-03-26	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1732-3.nasl - Type : ACT_GATHER_INFO
2013-03-17	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-130312.nasl - Type : ACT_GATHER_INFO
2013-03-17	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_5_0-ibm-8483.nasl - Type : ACT_GATHER_INFO
2013-03-15	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_6_0-ibm-8495.nasl - Type : ACT_GATHER_INFO
2013-03-14	Name : The remote Fedora host is missing a security update. File : fedora_2013-3468.nasl - Type : ACT_GATHER_INFO
2013-03-14	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-130306.nasl - Type : ACT_GATHER_INFO
2013-03-14	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-8481.nasl - Type : ACT_GATHER_INFO
2013-03-13	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-130307.nasl - Type : ACT_GATHER_INFO
2013-03-13	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-130306.nasl - Type : ACT_GATHER_INFO
2013-03-12	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0624.nasl - Type : ACT_GATHER_INFO
2013-03-12	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0625.nasl - Type : ACT_GATHER_INFO
2013-03-12	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0626.nasl - Type : ACT_GATHER_INFO
2013-03-10	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0602.nasl - Type : ACT_GATHER_INFO
2013-03-10	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0605.nasl - Type : ACT_GATHER_INFO
2013-03-08	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0603.nasl - Type : ACT_GATHER_INFO
2013-03-08	Name : The remote Fedora host is missing a security update. File : fedora_2013-2793.nasl - Type : ACT_GATHER_INFO
2013-03-08	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130306_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-03-08	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130306_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-03-08	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130306_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-03-08	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130306_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-03-08	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1755-2.nasl - Type : ACT_GATHER_INFO
2013-03-07	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0587.nasl - Type : ACT_GATHER_INFO
2013-03-07	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0604.nasl - Type : ACT_GATHER_INFO
2013-03-07	Name : The remote Fedora host is missing a security update. File : fedora_2013-3467.nasl - Type : ACT_GATHER_INFO
2013-03-07	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0600.nasl - Type : ACT_GATHER_INFO
2013-03-07	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0601.nasl - Type : ACT_GATHER_INFO
2013-03-07	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0602.nasl - Type : ACT_GATHER_INFO
2013-03-07	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0603.nasl - Type : ACT_GATHER_INFO
2013-03-07	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0604.nasl - Type : ACT_GATHER_INFO
2013-03-07	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0605.nasl - Type : ACT_GATHER_INFO
2013-03-06	Name : The remote host contains a runtime environment that can allow code execution. File : oracle_java5_update41.nasl - Type : ACT_GATHER_INFO
2013-03-06	Name : The remote host contains a runtime environment that can allow code execution. File : oracle_java5_update41_unix.nasl - Type : ACT_GATHER_INFO
2013-03-06	Name : The remote host contains a runtime environment that can allow code execution. File : oracle_java6_update43.nasl - Type : ACT_GATHER_INFO
2013-03-06	Name : The remote host contains a runtime environment that can allow code execution. File : oracle_java6_update43_unix.nasl - Type : ACT_GATHER_INFO
2013-03-06	Name : The remote host contains a runtime environment that can allow code execution. File : oracle_java7_update17.nasl - Type : ACT_GATHER_INFO
2013-03-06	Name : The remote host contains a runtime environment that can allow code execution. File : oracle_java7_update17_unix.nasl - Type : ACT_GATHER_INFO
2013-03-06	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1755-1.nasl - Type : ACT_GATHER_INFO
2013-03-05	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update14.nasl - Type : ACT_GATHER_INFO
2013-03-05	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_2013-002.nasl - Type : ACT_GATHER_INFO
2013-03-05	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0587.nasl - Type : ACT_GATHER_INFO
2013-03-05	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130304_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-03-04	Name : The remote Fedora host is missing a security update. File : fedora_2013-2834.nasl - Type : ACT_GATHER_INFO
2013-03-01	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1732-2.nasl - Type : ACT_GATHER_INFO
2013-02-27	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0274.nasl - Type : ACT_GATHER_INFO
2013-02-24	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-014.nasl - Type : ACT_GATHER_INFO
2013-02-24	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-130221.nasl - Type : ACT_GATHER_INFO
2013-02-22	Name : The remote host contains a runtime environment that contains methods that can... File : oracle_java6_update35_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22	Name : The remote host contains a programming platform that is potentially affected ... File : oracle_java7_update11_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22	Name : The remote Unix host contains a programming platform that is affected by mult... File : oracle_java7_update6_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22	Name : The remote Unix host contains a programming platform that is affected by mult... File : oracle_java_cpu_feb_2012_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22	Name : The remote Unix host contains a programming platform that is potentially affe... File : oracle_java_cpu_feb_2013_1_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22	Name : The remote Unix host contains a programming platform that is potentially affe... File : oracle_java_cpu_feb_2013_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22	Name : The remote Unix host contains a programming platform that is affected by mult... File : oracle_java_cpu_jun_2012_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22	Name : The remote Unix host contains a programming platform that is affected by mult... File : oracle_java_cpu_oct_2012_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1732-1.nasl - Type : ACT_GATHER_INFO
2013-02-22	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1735-1.nasl - Type : ACT_GATHER_INFO
2013-02-21	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0273.nasl - Type : ACT_GATHER_INFO
2013-02-21	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0275.nasl - Type : ACT_GATHER_INFO
2013-02-21	Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_java_cpu_feb_2013_1.nasl - Type : ACT_GATHER_INFO
2013-02-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0273.nasl - Type : ACT_GATHER_INFO
2013-02-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0274.nasl - Type : ACT_GATHER_INFO
2013-02-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0275.nasl - Type : ACT_GATHER_INFO
2013-02-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0531.nasl - Type : ACT_GATHER_INFO
2013-02-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0532.nasl - Type : ACT_GATHER_INFO
2013-02-20	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update13.nasl - Type : ACT_GATHER_INFO
2013-02-20	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_2013-001.nasl - Type : ACT_GATHER_INFO
2013-02-15	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1724-1.nasl - Type : ACT_GATHER_INFO
2013-02-14	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2621.nasl - Type : ACT_GATHER_INFO
2013-02-14	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2622.nasl - Type : ACT_GATHER_INFO
2013-02-13	Name : The remote service may be affected by an information disclosure vulnerability. File : openssl_1_0_1e.nasl - Type : ACT_GATHER_INFO
2013-02-13	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130205_jdk_1_6_0_on_SL_5_0.nasl - Type : ACT_GATHER_INFO
2013-02-11	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2013-040-01.nasl - Type : ACT_GATHER_INFO
2013-02-11	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0245.nasl - Type : ACT_GATHER_INFO
2013-02-11	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0247.nasl - Type : ACT_GATHER_INFO
2013-02-10	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0246.nasl - Type : ACT_GATHER_INFO
2013-02-10	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0245.nasl - Type : ACT_GATHER_INFO
2013-02-10	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0246.nasl - Type : ACT_GATHER_INFO
2013-02-10	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0247.nasl - Type : ACT_GATHER_INFO
2013-02-10	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130208_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-02-10	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130208_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-02-10	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130208_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-02-09	Name : The remote host may be affected by multiple vulnerabilities. File : openssl_0_9_8y.nasl - Type : ACT_GATHER_INFO
2013-02-09	Name : The remote host may be affected by multiple vulnerabilities. File : openssl_1_0_0k.nasl - Type : ACT_GATHER_INFO
2013-02-09	Name : The remote host may be affected by multiple vulnerabilities. File : openssl_1_0_1d.nasl - Type : ACT_GATHER_INFO
2013-02-07	Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_00b0d8cd709711e298d9003067c2616f.nasl - Type : ACT_GATHER_INFO
2013-02-05	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update12.nasl - Type : ACT_GATHER_INFO
2013-02-05	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0236.nasl - Type : ACT_GATHER_INFO
2013-02-05	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0237.nasl - Type : ACT_GATHER_INFO
2013-02-04	Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_java_cpu_feb_2013.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-120529.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-120907.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-121113.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-120427.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-120907.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-121126.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-120615.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-120905.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-121023.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-120919.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-121113.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0702.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1243.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1485.nasl - Type : ACT_GATHER_INFO
2013-01-17	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0165.nasl - Type : ACT_GATHER_INFO
2013-01-17	Name : The remote Fedora host is missing a security update. File : fedora_2013-0853.nasl - Type : ACT_GATHER_INFO
2013-01-17	Name : The remote Fedora host is missing a security update. File : fedora_2013-0868.nasl - Type : ACT_GATHER_INFO
2013-01-17	Name : The remote Fedora host is missing a security update. File : fedora_2013-0888.nasl - Type : ACT_GATHER_INFO
2013-01-17	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_d5e0317e5e4511e2a113c48508086173.nasl - Type : ACT_GATHER_INFO
2013-01-17	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0165.nasl - Type : ACT_GATHER_INFO
2013-01-17	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130116_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-01-17	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1693-1.nasl - Type : ACT_GATHER_INFO
2013-01-15	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0156.nasl - Type : ACT_GATHER_INFO
2013-01-14	Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_java7_update11.nasl - Type : ACT_GATHER_INFO
2012-11-29	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_6_0-ibm-8383.nasl - Type : ACT_GATHER_INFO
2012-11-19	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-8366.nasl - Type : ACT_GATHER_INFO
2012-11-19	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_5_0-ibm-8362.nasl - Type : ACT_GATHER_INFO
2012-11-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1465.nasl - Type : ACT_GATHER_INFO
2012-11-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1466.nasl - Type : ACT_GATHER_INFO
2012-11-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1467.nasl - Type : ACT_GATHER_INFO
2012-11-02	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-169.nasl - Type : ACT_GATHER_INFO
2012-10-31	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20121018_java_1_6_0_sun_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-10-26	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1619-1.nasl - Type : ACT_GATHER_INFO
2012-10-22	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20121017_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-10-19	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1385.nasl - Type : ACT_GATHER_INFO
2012-10-19	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1391.nasl - Type : ACT_GATHER_INFO
2012-10-19	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1392.nasl - Type : ACT_GATHER_INFO
2012-10-18	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1384.nasl - Type : ACT_GATHER_INFO
2012-10-18	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1386.nasl - Type : ACT_GATHER_INFO
2012-10-18	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1384.nasl - Type : ACT_GATHER_INFO
2012-10-18	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1385.nasl - Type : ACT_GATHER_INFO
2012-10-18	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1386.nasl - Type : ACT_GATHER_INFO
2012-10-18	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20121017_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-10-18	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20121017_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-10-17	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update11.nasl - Type : ACT_GATHER_INFO
2012-10-17	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_2012-006.nasl - Type : ACT_GATHER_INFO
2012-10-17	Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_java_cpu_oct_2012.nasl - Type : ACT_GATHER_INFO
2012-10-06	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-150.nasl - Type : ACT_GATHER_INFO
2012-09-19	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1289.nasl - Type : ACT_GATHER_INFO
2012-09-18	Name : The remote Fedora host is missing a security update. File : fedora_2012-13100.nasl - Type : ACT_GATHER_INFO
2012-09-13	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120904_java_1_6_0_sun_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-09-10	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1245.nasl - Type : ACT_GATHER_INFO
2012-09-07	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1238.nasl - Type : ACT_GATHER_INFO
2012-09-06	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1223.nasl - Type : ACT_GATHER_INFO
2012-09-06	Name : The remote host has a version of Java that contains methods that can aid in f... File : macosx_java_10_6_update10.nasl - Type : ACT_GATHER_INFO
2012-09-06	Name : The remote host has a version of Java that contains methods that can aid in f... File : macosx_java_2012-005.nasl - Type : ACT_GATHER_INFO
2012-09-05	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120903_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-09-05	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120903_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-09-05	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120903_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-09-04	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1221.nasl - Type : ACT_GATHER_INFO
2012-09-04	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1222.nasl - Type : ACT_GATHER_INFO
2012-09-04	Name : The remote Fedora host is missing a security update. File : fedora_2012-13131.nasl - Type : ACT_GATHER_INFO
2012-09-04	Name : The remote Fedora host is missing a security update. File : fedora_2012-13138.nasl - Type : ACT_GATHER_INFO
2012-09-04	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1221.nasl - Type : ACT_GATHER_INFO
2012-09-04	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1222.nasl - Type : ACT_GATHER_INFO
2012-09-04	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1223.nasl - Type : ACT_GATHER_INFO
2012-09-04	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1225.nasl - Type : ACT_GATHER_INFO
2012-09-04	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1553-1.nasl - Type : ACT_GATHER_INFO
2012-08-31	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_16846d1ef1de11e18bd80022156e8794.nasl - Type : ACT_GATHER_INFO
2012-08-31	Name : The remote host contains a runtime environment that contains methods that can... File : oracle_java6_update35.nasl - Type : ACT_GATHER_INFO
2012-08-30	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1505-2.nasl - Type : ACT_GATHER_INFO
2012-08-27	Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_java7_update6.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120214_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120216_java_1_6_0_sun_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120221_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120613_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120613_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120613_java_1_6_0_sun_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-07-13	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1505-1.nasl - Type : ACT_GATHER_INFO
2012-07-11	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1009.nasl - Type : ACT_GATHER_INFO
2012-07-05	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2507.nasl - Type : ACT_GATHER_INFO
2012-06-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1009.nasl - Type : ACT_GATHER_INFO
2012-06-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1019.nasl - Type : ACT_GATHER_INFO
2012-06-19	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-095.nasl - Type : ACT_GATHER_INFO
2012-06-18	Name : The remote Fedora host is missing a security update. File : fedora_2012-9541.nasl - Type : ACT_GATHER_INFO
2012-06-18	Name : The remote Fedora host is missing a security update. File : fedora_2012-9545.nasl - Type : ACT_GATHER_INFO
2012-06-18	Name : The remote Fedora host is missing a security update. File : fedora_2012-9590.nasl - Type : ACT_GATHER_INFO
2012-06-18	Name : The remote Fedora host is missing a security update. File : fedora_2012-9593.nasl - Type : ACT_GATHER_INFO
2012-06-14	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0729.nasl - Type : ACT_GATHER_INFO
2012-06-14	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0730.nasl - Type : ACT_GATHER_INFO
2012-06-14	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0729.nasl - Type : ACT_GATHER_INFO
2012-06-14	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0730.nasl - Type : ACT_GATHER_INFO
2012-06-14	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0734.nasl - Type : ACT_GATHER_INFO
2012-06-14	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-8151.nasl - Type : ACT_GATHER_INFO
2012-06-13	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update9.nasl - Type : ACT_GATHER_INFO
2012-06-13	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_7_2012-004.nasl - Type : ACT_GATHER_INFO
2012-06-13	Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_java_cpu_jun_2012.nasl - Type : ACT_GATHER_INFO
2012-04-25	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0514.nasl - Type : ACT_GATHER_INFO
2012-04-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0508.nasl - Type : ACT_GATHER_INFO
2012-04-05	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update7.nasl - Type : ACT_GATHER_INFO
2012-04-05	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_7_2012-001.nasl - Type : ACT_GATHER_INFO
2012-03-01	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1373-2.nasl - Type : ACT_GATHER_INFO
2012-02-29	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2420.nasl - Type : ACT_GATHER_INFO
2012-02-29	Name : The remote Fedora host is missing a security update. File : fedora_2012-2595.nasl - Type : ACT_GATHER_INFO
2012-02-28	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-120220.nasl - Type : ACT_GATHER_INFO
2012-02-27	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1373-1.nasl - Type : ACT_GATHER_INFO
2012-02-22	Name : The remote Fedora host is missing a security update. File : fedora_2012-1721.nasl - Type : ACT_GATHER_INFO
2012-02-22	Name : The remote web server is affected by a denial of service vulnerability. File : glassfish_cve-2011-5035.nasl - Type : ACT_GATHER_INFO
2012-02-22	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0322.nasl - Type : ACT_GATHER_INFO
2012-02-20	Name : The remote Fedora host is missing a security update. File : fedora_2012-1711.nasl - Type : ACT_GATHER_INFO
2012-02-20	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-021.nasl - Type : ACT_GATHER_INFO
2012-02-17	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0139.nasl - Type : ACT_GATHER_INFO
2012-02-16	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0135.nasl - Type : ACT_GATHER_INFO
2012-02-16	Name : The remote Fedora host is missing a security update. File : fedora_2012-1690.nasl - Type : ACT_GATHER_INFO
2012-02-15	Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_java_cpu_feb_2012.nasl - Type : ACT_GATHER_INFO
2012-02-15	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0135.nasl - Type : ACT_GATHER_INFO
2009-01-19	Name : The remote host is missing Sun Security Patch number 128640-30 File : solaris10_128640.nasl - Type : ACT_GATHER_INFO
2009-01-19	Name : The remote host is missing Sun Security Patch number 128641-30 File : solaris10_x86_128641.nasl - Type : ACT_GATHER_INFO
2009-01-19	Name : The remote host is missing Sun Security Patch number 128640-30 File : solaris9_128640.nasl - Type : ACT_GATHER_INFO
2009-01-19	Name : The remote host is missing Sun Security Patch number 128641-30 File : solaris9_x86_128641.nasl - Type : ACT_GATHER_INFO
2007-10-18	Name : The remote host is missing Sun Security Patch number 124672-20 File : solaris8_124672.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote host is missing Sun Security Patch number 124672-20 File : solaris10_124672.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote host is missing Sun Security Patch number 124673-20 File : solaris10_x86_124673.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote host is missing Sun Security Patch number 124672-20 File : solaris9_124672.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote host is missing Sun Security Patch number 124673-20 File : solaris9_x86_124673.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:38:06	Multiple Updates
2014-01-27 05:18:19	First insertion

Global Informations

Type	Count
CWE ID(s)	9
Oval ID(s)	752
CPE ID(s)	1562
Saint Exploit(s)	14
osvdb(s)	1
ExploitDB Exploit(s)	14
Openvas Exploit(s)	74
IAVM(s)	13
Snort® Rule(s)	556
Nessus® Exploit(s)	523

	Related
10	CVE-2014-0428
10	CVE-2014-0422
10	CVE-2014-0415
10	CVE-2014-0410
10	CVE-2013-5907
10	CVE-2013-5843
10	CVE-2013-5842
10	CVE-2013-5830
10	CVE-2013-5829
10	CVE-2013-5824
10	CVE-2013-5817
10	CVE-2013-5814
10	CVE-2013-5809
10	CVE-2013-5789
10	CVE-2013-5788
10	CVE-2013-5787
10	CVE-2013-5782
10	CVE-2013-2473
10	CVE-2013-2472
10	CVE-2013-2471
10	CVE-2013-2470
10	CVE-2013-2469
10	CVE-2013-2468
10	CVE-2013-2466
10	CVE-2013-2465
10	CVE-2013-2464
10	CVE-2013-2463
10	CVE-2013-2459
10	CVE-2013-2440
10	CVE-2013-2435
10	CVE-2013-2434
10	CVE-2013-2432
10	CVE-2013-2431
10	CVE-2013-2428
10	CVE-2013-2427
10	CVE-2013-2425
10	CVE-2013-2422
10	CVE-2013-2420
10	CVE-2013-2414
10	CVE-2013-2384
10	CVE-2013-2383
10	CVE-2013-1569
10	CVE-2013-1558
10	CVE-2013-1557
10	CVE-2013-1537
10	CVE-2013-1518
10	CVE-2013-1493
10	CVE-2013-1491
10	CVE-2013-1488
10	CVE-2013-1487
10	CVE-2013-1486
10	CVE-2013-1484
10	CVE-2013-1481
10	CVE-2013-1479
10	CVE-2013-0809
10	CVE-2013-0446
10	CVE-2013-0445
10	CVE-2013-0437
10	CVE-2013-0422
10	CVE-2013-0402
10	CVE-2013-0401
10	CVE-2012-5088
10	CVE-2012-5087
10	CVE-2012-5086
10	CVE-2012-5083
10	CVE-2012-5076
10	CVE-2012-4681
10	CVE-2012-3342
10	CVE-2012-3213
10	CVE-2012-3174
10	CVE-2012-3143
10	CVE-2012-3136
10	CVE-2012-1725
10	CVE-2012-1723
10	CVE-2012-1722
10	CVE-2012-1721
10	CVE-2012-1716
10	CVE-2012-1713
10	CVE-2012-1682
10	CVE-2012-1541
10	CVE-2012-1533
10	CVE-2012-1532
10	CVE-2012-1531
10	CVE-2012-0507
10	CVE-2012-0500
10	CVE-2012-0499
10	CVE-2012-0498
10	CVE-2012-0497
9.3	CVE-2014-0417
9.3	CVE-2014-0408
9.3	CVE-2014-0385
9.3	CVE-2013-5893
9.3	CVE-2013-5889
9.3	CVE-2013-5850
9.3	CVE-2013-5846
9.3	CVE-2013-5844
9.3	CVE-2013-5838
9.3	CVE-2013-5832
9.3	CVE-2013-5810
9.3	CVE-2013-5806
9.3	CVE-2013-5805
9.3	CVE-2013-5777
9.3	CVE-2013-3743
9.3	CVE-2013-2462
9.3	CVE-2013-2460
9.3	CVE-2013-2436
9.3	CVE-2013-2426
9.3	CVE-2013-2421
9.3	CVE-2012-0504
7.8	CVE-2013-2445
7.6	CVE-2014-0387
7.6	CVE-2013-5852
7.6	CVE-2013-2448
7.6	CVE-2013-2430
7.6	CVE-2013-2429
7.6	CVE-2013-2394
7.6	CVE-2013-1563
7.6	CVE-2013-0423
7.6	CVE-2013-0419
7.6	CVE-2012-5089
7.6	CVE-2012-5084
7.5	CVE-2014-0424
7.5	CVE-2014-0373
7.5	CVE-2013-5878
7.5	CVE-2013-5802
7.5	CVE-2013-5775
7.5	CVE-2013-2461
7.5	CVE-2013-2442
7.5	CVE-2013-0351
7.5	CVE-2012-5068
7.5	CVE-2012-3159
7.5	CVE-2012-1711
7.5	CVE-2012-0505
7.5	CVE-2012-0503
6.9	CVE-2013-2467
6.9	CVE-2013-2439
6.9	CVE-2013-0430
6.8	CVE-2013-5904
6.8	CVE-2013-5870
6.4	CVE-2013-5812
6.4	CVE-2013-5804
6.4	CVE-2013-5783
6.4	CVE-2013-3829
6.4	CVE-2013-2407
6.4	CVE-2012-5074
6.4	CVE-2012-5071
6.4	CVE-2012-4416
6.4	CVE-2012-1726
6.4	CVE-2012-0502
6.4	CVE-2011-3563
5.8	CVE-2014-0403
5.8	CVE-2014-0375
5.8	CVE-2013-2458
5.8	CVE-2013-2454
5.8	CVE-2012-5069
5.5	CVE-2014-0423
5.1	CVE-2014-0418
5.1	CVE-2013-5906
5.1	CVE-2013-5905
5.1	CVE-2013-5902
5	CVE-2014-0416
5	CVE-2014-0376
5	CVE-2014-0368
5	CVE-2013-5910
5	CVE-2013-5899
5	CVE-2013-5896
5	CVE-2013-5895
5	CVE-2013-5887
5	CVE-2013-5851
5	CVE-2013-5848
5	CVE-2013-5840
5	CVE-2013-5831
5	CVE-2013-5825
5	CVE-2013-5823
5	CVE-2013-5820
5	CVE-2013-5819
5	CVE-2013-5818
5	CVE-2013-5801
5	CVE-2013-5778
5	CVE-2013-5776
5	CVE-2013-5774
5	CVE-2013-3744
5	CVE-2013-2457
5	CVE-2013-2456
5	CVE-2013-2455
5	CVE-2013-2453
5	CVE-2013-2452
5	CVE-2013-2450
5	CVE-2013-2447
5	CVE-2013-2446
5	CVE-2013-2444
5	CVE-2013-2443
5	CVE-2013-2438
5	CVE-2013-2437
5	CVE-2013-2424
5	CVE-2013-2419
5	CVE-2013-2417
5	CVE-2013-2412
5	CVE-2013-2400
5	CVE-2013-1564
5	CVE-2013-1561
5	CVE-2013-1485
5	CVE-2013-1473
5	CVE-2013-0449
5	CVE-2013-0448
5	CVE-2013-0409
5	CVE-2012-5081
5	CVE-2012-5079
5	CVE-2012-5075
5	CVE-2012-5073
5	CVE-2012-5072
5	CVE-2012-5070
5	CVE-2012-5067
5	CVE-2012-1724
5	CVE-2012-1719
5	CVE-2012-1718
5	CVE-2012-0501
5	CVE-2011-5035
4.6	CVE-2013-5888
4.6	CVE-2013-2418
4.3	CVE-2014-0382
4.3	CVE-2013-5849
4.3	CVE-2013-5800
4.3	CVE-2013-5790
4.3	CVE-2013-5784
4.3	CVE-2013-5780
4.3	CVE-2013-2449
4.3	CVE-2013-2433
4.3	CVE-2013-2423
4.3	CVE-2013-2416
4.3	CVE-2013-1571
4.3	CVE-2013-1540
4.3	CVE-2013-0438
4.3	CVE-2012-0506
4	CVE-2014-0411
4	CVE-2013-5898
3.7	CVE-2013-2451
3.6	CVE-2013-1500
3.5	CVE-2013-5797
2.6	CVE-2013-5854
2.6	CVE-2013-5803
2.6	CVE-2013-5772
2.6	CVE-2013-0169
2.6	CVE-2012-5077
2.6	CVE-2012-3216
2.1	CVE-2013-2415
2.1	CVE-2012-1717
0	CVE-2012-5085
0	CVE-2012-0547
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 249 more Alert(s)